Re: [PATCH 0/2] crypto: omap-sha1-md5: OMAP3 SHA1 & MD5 driver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



----- Original message -----
> Hi:
> 
> OK so you did answer my question :)
> 
> Dmitry Kasatkin <dmitry.kasatkin@xxxxxxxxx> wrote:
> > 
> > Interesting case with hmac.
> > 
> > return crypto_shash_init(&desc.shash) ?:
> > crypto_shash_update(&desc.shash, ipad, bs) ?:
> > crypto_shash_export(&desc.shash, ipad) ?:
> > crypto_shash_init(&desc.shash) ?:
> > crypto_shash_update(&desc.shash, opad, bs) ?:
> > crypto_shash_export(&desc.shash, opad);
> > 
> > Basically it does not call final.
> > Then call init again.
> > 
> > hw has certain limitation that it requires to process last block with 
> > some bit set.
> > WHen update is called there is no possibility to know that no more 
> > update() will come.
> > So possible last block is stored and then hashed out from the final.
> > 
> > I see that above code will not work with the driver.
> > I wonder how intermediate export/import could be done with omap hw.
> > 
> > But if it's not possible, then why not to have hmac(sha1) as just sw.
> > Anyway hmac should not process as huge amount of data as hash itself.
> > 
> > What is your opinion/advice?
> 
> A sha1-only driver is not very useful since the biggest potential
> user IPsec uses hmac(sha1).
> 
> Is the omap hw documentation available publicly?
> 
> Thanks,
> -- 
> Visit Openswan at http://www.openswan.org/
> Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto"
> in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at   http://vger.kernel.org/majordomo-info.html
> 
 
Hi.

Sha1 only is also very useful. We calcluate hashes of all binaries for integrity verification. We do not need hmac there.

But in general it is possible do add algo hmac(sha1) to the driver and implement it internally without import/export.

I have to check on documentation publicity.

Br,
Dmitry
��.n��������+%������w��{.n�����{���{ay�ʇڙ���f���h������_�(�階�ݢj"��������G����?���&��


[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux