Re: Did the in-kernel Camellia or CMAC crypto implementation break?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:

> Interesting.  Could you outline how this new interface would work?

I'll write up an API doc for my code as I have it working and post that.

> And have you looked whether the aead interface could fit into your
> model?

Do you mean use the aead API rather than inventing my own?  Looking at aead.h,
there aren't enough bits in it as it stands:

	struct aead_alg {
		int (*setkey)(struct crypto_aead *tfm, const u8 *key,
			      unsigned int keylen);
		int (*setauthsize)(struct crypto_aead *tfm, unsigned int authsize);
		int (*encrypt)(struct aead_request *req);
		int (*decrypt)(struct aead_request *req);
		int (*init)(struct crypto_aead *tfm);
		void (*exit)(struct crypto_aead *tfm);

		unsigned int ivsize;
		unsigned int maxauthsize;
		unsigned int chunksize;

		struct crypto_alg base;
	};

In krb5, for encryption, there are two keys, not one, and no IV to be passed
in.  The code I have will insert a confounder and a checksum, which must have
space allowed for it.

David




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux