On Wed, Dec 24, 2014 at 09:54:33AM +0100, Stephan Mueller wrote: > > That is right, but isn't that the nature of AEAD ciphers in general? Even if > you are in the kernel, you need to have all scatter lists together for one > invocation of the AEAD cipher. It's actually only the nature of certain algorithms like CCM which requires the total length to start the operation. Most AEAD algorithms can be implemented in a way that allows piecemeal operation. However, as the only users of AEAD is IPsec, it's probably not worth adding more complexity for now. So let's proceed with your current solution. Thanks, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html