On Tue, Sep 07, 2010 at 10:34:25AM -0400, Miloslav Trmac wrote: > - Don't use a FD for associated data that is limited to 16? bytes > > - Don't use file descriptors for input data at all, if it makes the interface so complex. Calling into the kernel for 16 bytes of crypto is a braindead idea to start with. To preve3nt idiots like you from abusing it we should simply limit any userlevel crypto API to: a) hardware crypto that is not directly user space accesible b) page size or larger data -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
