lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Jan 2010 13:22:17 +0800 From: Li Yewang <lyw@...fujitsu.com> To: David Miller <davem@...emloft.net> CC: herbert@...dor.apana.org.au, netdev@...r.kernel.org Subject: Re: [PATCH][XFRM] Use the simple name when adding SAD with ip xfrm state Sorry, I am new to crypto. I searched the soucre code in the directory of /crypto, and found that, all cryptos use shortname, for example: crypto/xcbc.c static struct crypto_template crypto_xcbc_tmpl = { .name = "xcbc", .create = xcbc_create, .free = shash_free_instance, .module = THIS_MODULE, }; The name such as rfc3686(ctr(aes)) only used by "ip xfrm state" command to set SAD. David Miller wrote: > From: Li Yewang <lyw@...fujitsu.com> > Date: Tue, 19 Jan 2010 16:25:22 +0800 > >> >> Herbert Xu wrote: >>> Li Yewang <lyw@...fujitsu.com> wrote: >>>> The encryption name such as "rfc3686(ctr(aes))" is too complex. >>>> I think simple name is better for user when using "ip xfrm state ..." command. >>>> >>>> >>>> Signed-off-by: Li Yewang <lyw@...fujitsu.com> >>> Nack. If we want to support simple names such as these, they >>> should be done in the crypto layer. Otherwise every crypto user >>> that wants this would have to reinvent it. >> But user sets SAD for ipsec with "ip xfrm state ..." must use the name such as "rfc3686(ctr(aes))". >> Is that reasonable? Maybe user can not remember this complex name. >> >> There are some simple names for other encryptions, >> such as "cbc(blowfish)", you can use "ip xfrm state ... enc blowfish ...". > > You're not reading what Herbert is saying. > > He's fine with the shorter name, he just wants you to implement > is in the crypto layer core instead of the XFRM specific code. > > That way all crypto users will benefit from the shorter naming. > > > -- Regards Li Yewang -------------------------------------------------- Li Yewang Development Dept.I Nanjing Fujitsu Nanda Software Tech. Co., Ltd.(FNST) 8/F., Civil Defense Building, No.189 Guangzhou Road, Nanjing, 210029, China TEL: +86+25-86630566-888 COINS: 79955-888 FAX: +86+25-83317685 MAIL: lyw@...fujitsu.com -------------------------------------------------- -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists