|| ||Steffen Klassert <firstname.lastname@example.org> |
|| ||Herbert Xu <email@example.com> |
|| ||[RFC] [PATCH 0/7] IPsec: convert to ahash |
|| ||Thu, 16 Jul 2009 13:15:48 +0200|
|| ||firstname.lastname@example.org, email@example.com|
|| ||Article, Thread
This patchset converts IPsec over to the new ahash interface.
The pachset applies to cryptodev-2.6. I was able to test the synchronous
codepaths, the asynchronous ones are untested.
I'm still somewhat unhappy with the ahash version of authenc, but I decided
to post anyway as a base for discussion.
Since the calls to the hash algorithms can now return asynchronous, I'd like
to avoid multiple calls to the hash update functions. I'd rather like to do
all the hashing with one call to crypto_ahash_digest(). As it is, this
requires chaining of all the involved scatterlists. Since we still can't use
sg_chain() to chain up the lists, I added an additional scatterlist entry to
the scatterlist of the assoc data (esp) to be able to chain later in the
crypto layer. To keep compatibility I set the termination bit at the first
entry and remove it later in authenc. In fact to rely on this additional
entry and just to remove the termintation bit later makes me a bit nervous
and I'm not sure whether this is acceptable, so better ideas are very welcome.
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to firstname.lastname@example.org
More majordomo info at http://vger.kernel.org/majordomo-info.html