Hi Eric, Am Dienstag, 13. Juni 2023, 05:02:16 CEST schrieb Eric Biggers: > Hi Heiko, > > On Mon, Jun 12, 2023 at 11:04:38PM +0200, Heiko Stuebner wrote: > > From: Heiko Stuebner <heiko.stuebner@xxxxxxxx> > > > > This was originally part of my vector crypto series, but was part > > of a separate openssl merge request implementing GCM ghash as using > > non-vector extensions. > > > > As that pull-request > > https://github.com/openssl/openssl/pull/20078 > > got merged recently into openssl, we could also check if this could > > go into the kernel as well and provide a base for further accelerated > > cryptographic support. > > I'm still a bit skeptical of the usefulness of a standalone "ghash" > implementation, when in practice it will only be used as part of "gcm(aes)". > Directly implementing "gcm(aes)" (instead of relying on crypto/gcm.c to compose > "ghash" and "ctr(aes)") also allows some performance optimizations. > > I asked about this on v4 > (https://lore.kernel.org/linux-crypto/ZCSG71bRuTzVutdm@xxxxxxxxx/), > but I didn't receive a response. > > Any thoughts on this? somehow I always seem to overlook this when adapting the series :-( I guess for me the main gcm was always a stepping stone to get started and extend later. This is my first rodeo with crypto stuff in the kernel, so this looks like a manageable chunk and as can be seen by the discussion we had about licensing brings enough topics on its own :-) . Heiko
