Chinh Nguyen wrote:
Looking at the source http://lxr.linux.no/source/net/xfrm/xfrm_algo.c,
it seems to confirm that this is true. In fact, sha-384 and sha-512 are
not supported at this time and sha-256 is truncated to 96-bit.
That's normal.
HMAC usage in IPsec specifies that we only use 96
Evgeniy Polyakov wrote:
2. ocf
http://ocf-linux.sourceforge.net/
Please note that much more recent code is now at:
git clone http://hifn.xelerance.com/scm/klips/
There is one remaining bug that has been hard to reproduce which
seems to be at the IPsec layer, but the OCF and hardware drivers
u are prematurely optomizing.
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson,Xelerance Corporation, Ottawa, ON|net architect[
] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another
t; like CBC hardcoded is unnecessary and unscalable.
Well, there are not that many general notions of modes, so doesn't
make this too scalable. I still don't know why anyone would use ECB
mode in practice.
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewall
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Are you sure that you want to have generic CBC code?
For many algorithms, there are optomizations that one can do when one is
in CBC mode.
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson
a cipher that has a 1-byte block size.
Herbert> Thanks for the patch. However, I won't apply this because
Herbert> it will soon become redundant once I add parameterised
Herbert> algorithms.
What does that mean?
- --
] ON HUMILITY: to err is human. To moo,
anged it to CBC mode, and fixed the code in crypto.c to deal with a
cipher that has a 1-byte block size.
commit 940e136dd89fd58d0b02e540167f2d29c68bdbb6
Author: Michael Richardson <[EMAIL PROTECTED]>
Date: Sat Jun 10 11:28:15 2006 -0400
include support for null cipher --- block size o
ifn/:01:08.0/./power/state
/sys/bus/pci/drivers/hifn/:01:08.0/./uevent
5) Most of the drivers are now in subdirectories. That's the only way to make
both static and module builds work, when patched into the kernel source tree.
- --
] ON HUMILITY: to err is human. To moo, b
ee, instead do:
cg-tag dm_ocf_2.6.15<- keep track in case you want to
come back
cg-branch-chg ocf ...#ocf_v2.6.16
cg-fetch ocf
# or maybe, you want to hack origin.
cg-switch -f -r ocf master
# "master" i
of the old tree)
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson,Xelerance Corporation, Ottawa, ON|net architect[
] [EMAIL PROTECTED] http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux u
10 matches
Mail list logo
