From: Steffen Klassert <steffen.klassert@secunet.com>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: David Miller <davem@davemloft.net>, linux-crypto@vger.kernel.org
Subject: Re: [RFC] [PATCH 2/5] aead: Add generic aead wrapper interface
Date: Wed, 3 Jun 2009 11:32:16 +0200 [thread overview]
Message-ID: <20090603093216.GK20366@secunet.com> (raw)
In-Reply-To: <20090602092815.GA26832@gondor.apana.org.au>
On Tue, Jun 02, 2009 at 07:28:15PM +1000, Herbert Xu wrote:
> On Tue, Jun 02, 2009 at 11:21:51AM +0200, Steffen Klassert wrote:
> >
> > The reason for the wrap work is to have a possibility to choose a
> > certain version of an algorithm as the system default. The advantage
> > e.g. for pcrypt is that we can turn over the whole system to pcrypt,
> > or we can choose for pcrypt by the algorithm name if we want to use
> > it just for a subset of transforms. In particular we have a possibility
> > to use pcrypt without touching other subsystems (like networking) and
> > userspace tools for now.
>
> Yes but what you're creating is a user-space API. IMHO we don't
> want to have ad-hoc APIs such as this scattered around the place.
> pcrypt is certainly not the only algorithm that needs to be able
> to decide whether it should serve as the system default.
Hm, I have not considered this as an user-space API. It just adds the
possibility to wrap an arbitrary crypto template arround a given aead
type algorithm, similar than aead_geniv wraps a IV generator template
arround a nivaead type algorithm.
The thing that connects this to user-space is the authenc patch by
adding the possibility to set a wrapper name with a module parameter.
This is probaply such an ad-hoc API that you want to avoid, right?
>
> So what I suggest is that you make pcrypt take a higher priority
> for now, so that it always is the default once instantiated.
> After all if you instantiate it then you probably want to use it
> as the default.
Yes, in fact the instantiating is my problem. E.g. esp asks for an
authenc(...,...) algorithm, so the crypto manager tries to instantiate
a template with name authenc. If I don't want to touch the network
subsystem I can't change the name to pcrypt(authenc(...,...)) easy.
So one solution was to add a default wrapper template arround authenc
that will be instantiated along with authenc.
I'm not insisting on that wap work. I just want to have a easy possibility
to instantiate pcrypt on the users choice for now, at best without the
need to touch other subsystems.
next prev parent reply other threads:[~2009-06-03 9:29 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-05-13 13:06 [RFC] [PATCH 0/5] Parallel IPsec v3 Steffen Klassert
2009-05-13 13:07 ` [RFC] [PATCH 1/5] padata: generic interface for parallel processing Steffen Klassert
2009-05-13 13:08 ` [RFC] [PATCH 2/5] aead: Add generic aead wrapper interface Steffen Klassert
2009-06-02 3:45 ` Herbert Xu
2009-06-02 3:50 ` Herbert Xu
2009-06-02 9:21 ` Steffen Klassert
2009-06-02 9:28 ` Herbert Xu
2009-06-03 9:32 ` Steffen Klassert [this message]
2009-06-03 9:40 ` Herbert Xu
2009-06-03 11:23 ` Steffen Klassert
2009-06-03 11:59 ` Herbert Xu
2009-06-03 12:14 ` Steffen Klassert
2009-06-03 12:14 ` Herbert Xu
2009-06-05 9:20 ` Steffen Klassert
2009-06-05 9:20 ` Herbert Xu
2009-06-05 9:34 ` Steffen Klassert
2009-06-08 5:28 ` Herbert Xu
2009-06-08 6:45 ` Steffen Klassert
2009-06-25 6:51 ` Herbert Xu
2009-06-29 11:04 ` Steffen Klassert
2009-06-29 11:59 ` Herbert Xu
2009-06-29 13:52 ` Steffen Klassert
2009-06-29 13:55 ` [PATCH 1/2] padata: generic interface for parallel processing Steffen Klassert
2009-06-29 13:57 ` [PATCH 2/2] pcrypt: Add pcrypt crypto parallelization wrapper Steffen Klassert
2009-08-19 7:15 ` [RFC] [PATCH 2/5] aead: Add generic aead wrapper interface Steffen Klassert
2009-08-31 5:58 ` Herbert Xu
2009-08-31 8:45 ` Steffen Klassert
2009-05-13 13:08 ` [RFC] [PATCH 3/5] pcrypt: Add pcrypt crypto parallelization wrapper Steffen Klassert
2009-05-13 13:09 ` [RFC] [PATCH 4/5] eseqiv: Add support for aead algorithms Steffen Klassert
2009-05-13 13:10 ` [RFC] [PATCH 5/5] authenc: Add support for the pcrypt aead wrapper Steffen Klassert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090603093216.GK20366@secunet.com \
--to=steffen.klassert@secunet.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.