Re: [PATCH 0/14] crypto: aead - Phase oute seqniv

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Donnerstag, 9. Juli 2015, 12:19:53 schrieb Stephan Mueller:

Hi,

> Am Donnerstag, 9. Juli 2015, 07:13:30 schrieb Herbert Xu:
> 
> Hi Herbert,
> 
> >Hi:
> >
> >This series attempts to phase out the recently introduced seqniv
> >generator.  The reason is that the logic of seqniv should not be
> >implemented at the IV generator layer.  Having the IV skipping
> >logic in seqniv means that you cannot perform encryption without
> >doing IV generation.
> >
> >In fact moving the IV skipping logic out of seqniv and into the
> >underlying rfcXXXX (e.g., rfc4106) template allows optimisations
> >to be made as the underlying code can often skip the IV in a more
> >efficient manner.
> >
> >Unfortunately we've already begun the conversion process so this
> >series adds a new flag CRYPTO_ALG_AEAD_NEW to indicate whether
> >a given algorithm has been converted to the new interface where
> >IV skipping is done outside of the IV generator.  This flag can
> >be removed once the conversion is complete.
> 
> All GCM implementations available on recent Intel systems successfully
> tested (i.e NX and CAAM not tested).
> 
> Just to clarify: from a caller's perspective, using
> seqniv(rfc4106(gcm(aes))) is still the right invocation? Or shall I now use
> seqiv?

Actually, I found a problem that I have overlooked initally: rfc4106-gcm-aesni 
causes a problem. For encryption/decryption with the same tests for other 
rfc4106 implementations, I get an EINVAL.
> 
> >Cheers,
> 
> Ciao
> Stephan
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html


-- 
Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux