Revert "crypto: caam - add IPsec ESN support"
authorHoria Geanta <horia.geanta@freescale.com>
Wed, 20 Mar 2013 14:31:58 +0000 (16:31 +0200)
committerHerbert Xu <herbert@gondor.apana.org.au>
Thu, 21 Mar 2013 09:36:03 +0000 (17:36 +0800)
commit246bbedb9aaf27e2207501d93a869023a439fce5
treec63c3a43a262f3bbb15dfe5696bd2a17bd03b610
parent991155bacb91c988c45586525771758ddadd44ce
Revert "crypto: caam - add IPsec ESN support"

This reverts commit 891104ed008e8646c7860fe5bc70b0aac55dcc6c.

Current IPsec ESN implementation for authencesn(cbc(aes), hmac(sha))
(separate encryption and integrity algorithms) does not conform
to RFC4303.

ICV is generated by hashing the sequence
SPI, SeqNum-High, SeqNum-Low, IV, Payload
instead of
SPI, SeqNum-Low, IV, Payload, SeqNum-High.

Cc: <stable@vger.kernel.org> # 3.8, 3.7
Reported-by: Chaoxing Lin <Chaoxing.Lin@ultra-3eti.com>
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Reviewed-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
drivers/crypto/caam/caamalg.c
drivers/crypto/caam/compat.h