Eric Biggers <ebiggers@xxxxxxxxxx> wrote: > It sounds like a lot of workarounds had to be implemented to fit these > protocols into the crypto_aead API. > > It also seems unlikely that there will be other implementations of these > protocols added to the kernel, besides the one you're adding in crypto/krb5/. > > Given that, providing this functionality as library functions instead would be > much simpler. Take a look at how crypto/kdf_sp800108.c works, for example. Yes. That's how I did my first implementation. I basically took the code from net/sunrpc/auth_gss/ and made it more generic. Herbert wants it done this way, however. :-/ David
