From: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Subject: using 3des with ipsec transport mode
Date: Thu, 2 Jul 2015 15:53:00 +0200
Message-ID: <20150702135300.GG22958@oracle.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
To: linux-crypto@vger.kernel.org
Content-Disposition: inline
Sender: linux-crypto-owner@vger.kernel.org


I was trying to follow the example for IPsec transport mode at 
http://www.ipsec-howto.org/x304.html with a 4.1 kernel,
and I find that using 3des_cbc does not work - packets get dropped
at the receiver after decryption: e.g., for a ping, the decrypted 
packet has a mangled icmp header, and is dropped for a bad checksum
in icmp_rcv.

Odd thing here is that the icmp payload was never mangled
on my watch, and esp_input does correctly figure out the ULP of
the payload after decrypt, so there is some pattern to this.

Using blowfish instead of 3des works on 4.1, so I suspect the bug
is specific to the encrypt/decrypt method.

FWIW I tried the 3des instructions from ipsec-howto.org with 
2.6.39 kernels, and it still fails (but so did blowfish, so 
something got better along the way).

Has anyone else noticed this behavior for 3des?

--Sowmini