From: Ingo Oeser <[EMAIL PROTECTED]>
Date: Tue, 6 Sep 2005 16:57:41 +0200
> I'm just asking myself, why is AES-256 not announced by the IPsec framework?
> The kernel crypto-API seems to support a keysize of 256.
> Or is the blocksize (of 256 bits) meant by AES-256?
>
> I'm a bit lost on this one.
The in-kernel AES implementation supports 128-bit to 256-bit keys.
Advertising plain "aes", which the kernel does do, should be
sufficient for that shouldn't it?
It even advertises this range of acceptable key sizes:
.name = "aes",
.uinfo = {
.encr = {
.blockbits = 128,
.defkeybits = 128,
}
},
.desc = {
.sadb_alg_id = SADB_X_EALG_AESCBC,
.sadb_alg_ivlen = 8,
.sadb_alg_minbits = 128,
.sadb_alg_maxbits = 256
}
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
