Linux-Crypto Archive on
 help / color / Atom feed
From: "Juan Pablo Nariño Mendoza" <>
To: Stephan Mueller <>
Subject: Re: AEAD Question
Date: Thu, 27 Oct 2016 10:05:39 +0200
Message-ID: <> (raw)
In-Reply-To: <>

Hello Stephan
Thank you for your fast answer

My idea is to do zero copy encryption and the cipher I am using is

The layout of my buffer is

espHeader(AD) || IV || plaintext || Integrity (TAG)

As I see it, the SGs do point to the same buffer, but they do not overlap

Below, some parts of my code

// Prepare data


// Put plaintext in cipherText + espHdr + ivLen
// put esp header info in ciphertext

req_p = aead_givcrypt_alloc(aead_p,GFP_KERNEL);


However, when I get the callback, the associated data has been
overwritten (first 8 bytes of the cipherText buffer), and the
integrity is wrong. The IV and the encryption are correct. What I am
doing wrong? Thank you again


2016-10-26 18:32 GMT+02:00 Stephan Mueller <>:
> Am Mittwoch, 26. Oktober 2016, 18:17:14 CEST schrieb Juan Pablo Nariño
> Mendoza:
> Hi Juan,
>> Sorry in advance for making what shall be a basic question for this
>> list, but I have really ran out of ideas.
>> Can someone explain me please, how does the memory layout and sg lists
>> work for the IPSec case, with generated IV case?
>> As I understand, it is like this (ascii art)
>> AD | IV Space | Plain Text | Auth Tag
>>  ^                   ^
>> asg              sg
> The memory layout is correct when using the RFC4106 cipher.
> How you partition your physical memory with the SGL is your choice as long as
> your data in the SGL is lined up as you mentioned above.
>> But I am having the AD overwritten, and the AUTH tag and encryption is
>> not correct? Could someone please point me in the right direction?
>> Thank you again
> Maybe the src and dst SGL somehow partially overlap?
>> Regards
>> Juan
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
>> the body of a message to
>> More majordomo info at
> Ciao
> Stephan

  reply index

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-10-26 16:17 Juan Pablo Nariño Mendoza
2016-10-26 16:32 ` Stephan Mueller
2016-10-27  8:05   ` Juan Pablo Nariño Mendoza [this message]
2019-07-22 12:55 AEAD question Pascal Van Leeuwen
2019-07-22 16:22 ` Eric Biggers
2019-07-22 22:26   ` Pascal Van Leeuwen
2019-08-06  9:20     ` Pascal Van Leeuwen
2019-08-09  2:57       ` Herbert Xu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='' \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Crypto Archive on

Archives are clonable:
	git clone --mirror linux-crypto/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-crypto linux-crypto/ \
	public-inbox-index linux-crypto

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone