forked from Minki/linux
246bbedb9a
This reverts commit 891104ed00
.
Current IPsec ESN implementation for authencesn(cbc(aes), hmac(sha))
(separate encryption and integrity algorithms) does not conform
to RFC4303.
ICV is generated by hashing the sequence
SPI, SeqNum-High, SeqNum-Low, IV, Payload
instead of
SPI, SeqNum-Low, IV, Payload, SeqNum-High.
Cc: <stable@vger.kernel.org> # 3.8, 3.7
Reported-by: Chaoxing Lin <Chaoxing.Lin@ultra-3eti.com>
Signed-off-by: Horia Geanta <horia.geanta@freescale.com>
Reviewed-by: Kim Phillips <kim.phillips@freescale.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
40 lines
935 B
C
40 lines
935 B
C
/*
|
|
* Copyright 2008-2011 Freescale Semiconductor, Inc.
|
|
*/
|
|
|
|
#ifndef CAAM_COMPAT_H
|
|
#define CAAM_COMPAT_H
|
|
|
|
#include <linux/kernel.h>
|
|
#include <linux/module.h>
|
|
#include <linux/mod_devicetable.h>
|
|
#include <linux/device.h>
|
|
#include <linux/interrupt.h>
|
|
#include <linux/crypto.h>
|
|
#include <linux/hash.h>
|
|
#include <linux/hw_random.h>
|
|
#include <linux/of_platform.h>
|
|
#include <linux/dma-mapping.h>
|
|
#include <linux/io.h>
|
|
#include <linux/spinlock.h>
|
|
#include <linux/rtnetlink.h>
|
|
#include <linux/in.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/types.h>
|
|
#include <linux/debugfs.h>
|
|
#include <linux/circ_buf.h>
|
|
#include <net/xfrm.h>
|
|
|
|
#include <crypto/algapi.h>
|
|
#include <crypto/aes.h>
|
|
#include <crypto/des.h>
|
|
#include <crypto/sha.h>
|
|
#include <crypto/md5.h>
|
|
#include <crypto/aead.h>
|
|
#include <crypto/authenc.h>
|
|
#include <crypto/scatterwalk.h>
|
|
#include <crypto/internal/skcipher.h>
|
|
#include <crypto/internal/hash.h>
|
|
|
|
#endif /* !defined(CAAM_COMPAT_H) */
|