On Fri, 10 Jan 2003 latten@austin.ibm.com wrote:
> I am configuring IPSec and was wondering are there
> any plans to add AES to the crypto algorithms IPSec uses?
AES CBC is supported with 2.5.56 (specify 'rijndael-cbc' for setkey).
AES counter mode is not yet supported.
Also, for those wanting to use Blowfish, you'll need the patch below
against iputils-ss021109-try.
- James
-- James Morris <jmorris@intercode.com.au>diff -urN -X dontdif iputils/include-glibc/net/pfkeyv2.h iputils.w1/include-glibc/net/pfkeyv2.h --- iputils/include-glibc/net/pfkeyv2.h Sat Nov 9 13:45:52 2002 +++ iputils.w1/include-glibc/net/pfkeyv2.h Sat Jan 11 11:19:45 2003 @@ -17,7 +17,7 @@ /* private allocations - based on RFC2407/IANA assignment */ #define SADB_X_EALG_CAST128CBC 5 /*6*/ -#define SADB_X_EALG_BLOWFISHCBC 4 /*7*/ +#define SADB_X_EALG_BLOWFISHCBC 7 #define SADB_X_EALG_RIJNDAELCBC 12 #define SADB_X_EALG_AES 12
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Jan 15 2003 - 22:00:35 EST