Le Wed, 09 Jul 2008 15:31:30 -0400, Mike Tancsa <[EMAIL PROTECTED]> a écrit :
> Without the module loaded, I can do something simple like > glxsb0: detached > glxsb0: <AMD Geode LX Security Block > (AES-128-CBC,RNG)> mem 0xa0000000-0xa0003fff irq 10 at device 1.2 on > pci0 # sh s > The result of line 1: Invalid argument. > The result of line 2: Invalid argument. > > What is the proper AES encryption to use for > IPSEC ? Why is there a difference in syntax > ? I've found, i think. The Geode handles only AES with a 128 bits key. When setkey/ipsec opens a crypto session, the driver returns an error (EINVAL) if the key length is != 128. So setkey fails. There is no way to tell to the crypto framework that we can do only AES with 128 bits keys. It is a problem in this case. I don't have any solution, I can just add a BUG section in the man page for this case. Thank you for the report. Regards. _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
