Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Steffen Klassert <steffen.klassert <at> secunet.com>
Subject: [RFC] [PATCH 0/7] IPsec: convert to ahash
Newsgroups: gmane.linux.kernel.cryptoapi
Date: Thursday 16th July 2009 11:15:48 UTC (over 8 years ago)
This patchset converts IPsec over to the new ahash interface.
The pachset applies to cryptodev-2.6. I was able to test the synchronous
codepaths, the asynchronous ones are untested.

I'm still somewhat unhappy with the ahash version of authenc, but I decided
to post anyway as a base for discussion.

Since the calls to the hash algorithms can now return asynchronous, I'd
like
to avoid multiple calls to the hash update functions. I'd rather like to do
all the hashing with one call to crypto_ahash_digest(). As it is, this
requires chaining of all the involved scatterlists. Since we still can't
use
sg_chain() to chain up the lists, I added an additional scatterlist entry
to
the scatterlist of the assoc data (esp) to be able to chain later in the
crypto layer. To keep compatibility I set the termination bit at the first
entry and remove it later in authenc. In fact to rely on this additional
entry and just to remove the termintation bit later makes me a bit nervous
and I'm not sure whether this is acceptable, so better ideas are very
welcome.

Steffen

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
 
CD: 3ms