* Evgeniy Polyakov | 2007-10-01 16:48:22 [+0400]:
Hello Evgeniy,
>optimisations. It also refuses to register 'ecb(des)' with min and max
>keylen set to the same number, so right now des and 3des are removed.
I don't know if I understood you correctly but keep this in mind:
min and max key size is only important for the output in /proc/crypto.
If you register an algorithm like AES which is specified for 128, 192
and 256 bit keys you have to provide all three sizes within one
algorithm. If you post some code that is not working I could take a
look.
After a quick look I can tell:
- CBC is not working because when you call hifn_setup_session() from
hifn_setup_crypto() you don't use the IV supplied by the crypto API
(tcrypt) but set the IV to NULL and its length to zero. You should use
something like req->base.data, 16 :)
- The code looks like you are going to remove
hifn_encrypt_aes_ecb_{16,24,32} and set the appropriate
ACRYPTO_TYPE_AES_??? depending on ctx->current_key_len. Good.
- You need a software queue in case your HW queue is full and you receive
a requests which you may not drop. Currently you don't consider
CRYPTO_TFM_REQ_MAY_BACKLOG (it is fine if you can process all requests
no mater what).
- You may want to call
crypto_ablkcipher_set_flags(cipher, CRYPTO_TFM_RES_BAD_KEY_LEN);
in hifn_setkey() if the key size is wrong (you may want to move the
check for 16/24/32 from hifn_setup_session() to hifn_setkey()).
Anyway, it looks fine from what I can say :)
> Evgeniy Polyakov
Sebastian
-
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
