On Thu, May 24, 2018 at 05:08:41PM -0500, Denis Kenzior wrote: > Actually for the use case we have, speed is something pretty low on the > priority list; not having to deal with userspace crypto library dependencies > was a goal in and of itself. Each one has its own issues and you can never > support just one. Using AF_ALG has been rather... liberating. Which is probably why Eric used the word, "laziness". You might use a different word, but the decisoin was one that was more driven by convenience than kernel security.... Also, if speed isn't a worry, why not just a single software-only implementation of SHA1, and be done with it? It's what I did in e2fsprogs for e4crypt. - Ted