[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150522082708.GA3507@gondor.apana.org.au>
Date: Fri, 22 May 2015 16:27:08 +0800
From: Herbert Xu <herbert@...dor.apana.org.au>
To: Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
netdev@...r.kernel.org, "David S. Miller" <davem@...emloft.net>,
Johannes Berg <johannes@...solutions.net>,
Marcel Holtmann <marcel@...tmann.org>,
Steffen Klassert <steffen.klassert@...unet.com>,
Stephan Mueller <smueller@...onox.de>
Subject: [v2 PATCH 0/13] crypto: Convert all AEAD users to new interface
Hi:
This is the second version of the series. The first four patches
make the new IV generators use aead_register_instance instead of
the obsolete crypto_register_instance.
I've also added two more conversions for tcrypt and algif_aead.
Original description:
This series of patches convert all in-tree AEAD users that I
could find to the new single SG list interface. For IPsec it
also adopts the new explicit IV generator scheme.
To recap, the old AEAD interface takes an associated data (AD)
SG list in addition to the plain/cipher text SG list(s). That
forces the underlying AEAD algorithm implementors to try to stitch
those two lists together where possible in order to maximise the
contiguous chunk of memory passed to the ICV/hash function. Things
get even more hairy for IPsec as it has a third piece of memory,
the generated IV (giv) that needs to be hashed. One look at the
nasty things authenc does for example is enough to make anyone
puke :)
In fact the interface is just getting in our way because for the
main user IPsec the data is naturally contiguous as the protocol
was designed with this in mind.
So the new AEAD interface gets rid of the separate AD SG list
and instead simply requires the AD to be at the head of the src
and dst SG lists. There is further provision for optional space
between the AD and the plain/cipher text for ease of implementation.
The conversion of in-tree users is fairly straightforward. The
only non-trivial bit is IPsec as I'm taking this opportunity to
move the IV generation knowledge into IPsec as that's where it
belongs since we may in future wish to support different generation
schemes for a single algorithm.
Cheers,
--
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists