Re: [RFC ipsec-next] xfrm: make sha256 icv truncation length RFC-compliant

From: Nicolas Dichtel
Date: Thu May 22 2014 - 12:03:49 EST


Le 22/05/2014 17:10, Horia Geanta a Ãcrit :
From: Lei Xu <Lei.Xu@xxxxxxxxxxxxx>

Currently the sha256 icv truncation length is set to 96bit
while the length is defined as 128bit in RFC4868.
This may result in somer errors when working with other IPsec devices
with the standard truncation length.
Thus, change the sha256 truncation length from 96bit to 128bit.
The patch was already proposed, but it was kept as-is for userspace
compatibility.

See: https://lkml.org/lkml/2012/3/7/431

Regards,
Nicolas
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/