| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 16 Jul 2009 13:15:48 +0200 From: Steffen Klassert <steffen.klassert@...unet.com> To: Herbert Xu <herbert@...dor.apana.org.au> Cc: linux-crypto@...r.kernel.org, netdev@...r.kernel.org Subject: [RFC] [PATCH 0/7] IPsec: convert to ahash This patchset converts IPsec over to the new ahash interface. The pachset applies to cryptodev-2.6. I was able to test the synchronous codepaths, the asynchronous ones are untested. I'm still somewhat unhappy with the ahash version of authenc, but I decided to post anyway as a base for discussion. Since the calls to the hash algorithms can now return asynchronous, I'd like to avoid multiple calls to the hash update functions. I'd rather like to do all the hashing with one call to crypto_ahash_digest(). As it is, this requires chaining of all the involved scatterlists. Since we still can't use sg_chain() to chain up the lists, I added an additional scatterlist entry to the scatterlist of the assoc data (esp) to be able to chain later in the crypto layer. To keep compatibility I set the termination bit at the first entry and remove it later in authenc. In fact to rely on this additional entry and just to remove the termintation bit later makes me a bit nervous and I'm not sure whether this is acceptable, so better ideas are very welcome. Steffen -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists