On Fri, Nov 16, 2007 at 02:11:10PM +0300, Evgeniy Polyakov wrote:
>
> That's a question - should it copy IV back or not?
> Currently it is not required by crypto users.

Well currently we have exactly one crypto user of ablkcipher
in the tree, and that's tcrypt :)

However, looking at the sync crypto users it would seem that
chaining while not popular is used by at least RXKAD.  So I'd
like to preserve this functionality.  Although in light of the
fact that on DMA devices touching the encrypted result to copy
the IV may be expensive, we could make it conditional on a flag
inside the request, i.e., something like

        CRYPTO_TFM_REQ_COPY_IV

But the point is that this is something that has to be done by
the algorithm since only it knows in general what/where the IV
is.  So if the algorithm doesn't do that then the user can't
easily work around this.

Actually on second thought why don't we change the interface
for ablkcipher so that we allow the IV to be returned by either
copying it to req->info or replacing the req->info pointer?

That way if the destination is linear and lowmem at the end we
can just return a pointer to it without touching the data at all.

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
-
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to