On Fri, May 30, 2008 at 06:58:30PM -0500, Kim Phillips wrote:
>
> + /* get random IV */
> + get_random_bytes(req->giv, crypto_aead_ivsize(authenc));
Sorry but this is unworkable given our current RNG infrastructure.
Draining 16 bytes for every packet is going to make /dev/random
unuseable
Hi Herbert,
We re-work part of the user space API. I would like to run it by you for
comment:
The Linux CryptoAPI User Interface behaves as follow:
1. User access via file descriptor /dev/crypto
2. Each opened file dscriptor represents a tfm
3. Algorithm and properties are set via an I/O control
From: Herbert Xu <[EMAIL PROTECTED]>
Date: Mon, 2 Jun 2008 20:41:07 +1000
> On Mon, Jun 02, 2008 at 11:33:09AM +0200, Adrian-Ken Rueegsegger wrote:
> > This patch fixes the usage of RIPEMD-160 in xfrm_algo which in turn
> > allows hmac(rmd160) to be used as authentication mechanism in IPsec
> > ES
