On Tue, Jun 02, 2009 at 07:28:15PM +1000, Herbert Xu wrote: > On Tue, Jun 02, 2009 at 11:21:51AM +0200, Steffen Klassert wrote: > > > > The reason for the wrap work is to have a possibility to choose a > > certain version of an algorithm as the system default. The advantage > > e.g. for pcrypt is that we can turn over the whole system to pcrypt, > > or we can choose for pcrypt by the algorithm name if we want to use > > it just for a subset of transforms. In particular we have a possibility > > to use pcrypt without touching other subsystems (like networking) and > > userspace tools for now. > > Yes but what you're creating is a user-space API. IMHO we don't > want to have ad-hoc APIs such as this scattered around the place. > pcrypt is certainly not the only algorithm that needs to be able > to decide whether it should serve as the system default. Hm, I have not considered this as an user-space API. It just adds the possibility to wrap an arbitrary crypto template arround a given aead type algorithm, similar than aead_geniv wraps a IV generator template arround a nivaead type algorithm. The thing that connects this to user-space is the authenc patch by adding the possibility to set a wrapper name with a module parameter. This is probaply such an ad-hoc API that you want to avoid, right? > > So what I suggest is that you make pcrypt take a higher priority > for now, so that it always is the default once instantiated. > After all if you instantiate it then you probably want to use it > as the default. Yes, in fact the instantiating is my problem. E.g. esp asks for an authenc(...,...) algorithm, so the crypto manager tries to instantiate a template with name authenc. If I don't want to touch the network subsystem I can't change the name to pcrypt(authenc(...,...)) easy. So one solution was to add a default wrapper template arround authenc that will be instantiated along with authenc. I'm not insisting on that wap work. I just want to have a easy possibility to instantiate pcrypt on the users choice for now, at best without the need to touch other subsystems. -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
