On Thu, Apr 08, 2010 at 06:35:33PM +0200, dmitry.kasat...@nokia.com wrote: > > Sha1 only is also very useful. We calcluate hashes of all binaries for > integrity verification. We do not need hmac there.
But do we do that in the Linux kernel? Of course it would be useful if we had a user-space API, but that is still on the TODO list. > But in general it is possible do add algo hmac(sha1) to the driver and > implement it internally without import/export. No we don't want to add hmac to every single driver that does sha1. So this would not be a good precedent. In any case, some form of import/export must be possible (maybe not in our current format) because our API requires the ability to perform a partial update and postpone the finalisation indefinitely. If you couldn't import/export, that would imply that the hardware must have infinite memory. > I have to check on documentation publicity. Thanks! -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herb...@gondor.apana.org.au> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
