Hi Herbert. On Thu, Nov 22, 2007 at 04:47:58PM +0800, Herbert Xu (herbert@xxxxxxxxxxxxxxxxxxx) wrote: > This series of patches introduces IV generators which can be > accessed through the givcrypt operation on block ciphers (other > than crypto_blkcipher which should not be used for new code). > > The givcrypt operation is identical to encrypt except that the > IV is generated by the algorithm instead of given by the user. > > Algorithms can either provide their own IV generator or (as > most will do) use the default IV generators provided by the > system. If no IV generator is specified by the system, then > chainiv will be used for synchronous algorithms and eseqiv will > be used for asynchronous algorithms. > > Counter mode algorithms (which include some stream ciphers) must > choose something other than the default to ensure uniqueness for > the IV. Idea and implementation look very good, I have couple of comments on patches and one generic comment here: you absolutely have to write at least bits of documentation for this new interfaces, how they behave and who and how should use it :) -- Evgeniy Polyakov - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
