Re: Where has CRYPTO_TFM_MODE_nnn gone?

[Marc St-Jean <Marc_St-Jean@pmc-sierra.com>]

Herbert Xu wrote:
> Marc St-Jean <Marc_St-Jean@pmc-sierra.com> wrote:
>  >
>  > I'm porting a security engine driver from 2.6.18 to 2.6.21/22. I've 
> found
>  > that although 'cit_mode' is still in struct cipher_tfm, the definitions
>  > for CRYPTO_TFM_MODE_ECB and CRYPTO_TFM_MODE_CBC are gone!
> 
> Thanks for noticing it, I'll make sure that cit_mode disappears :)

No problem :) Looking at your patch I see that you've also dropped
cit_encrypt_iv/cit_decrypt_iv. That is likely related to my next question
regarding crypto_tfm_alg_ivsize().

In CBC mode we had a line of code copying cipher_desc.info to get the
initialization vector. Such as:
		/* Copy in IV */
		memcpy((u8*)(sa->crypt_iv), desc->info,
			crypto_tfm_alg_ivsize(tfm));

Now the only reference to the function I can find is in an IPsec comment
from include/net/esp.h. Any tips on getting the size?


>  > Our HW needs to know what mode to set up some SA flags. Any advice on
>  > how to best find this mode from a common cipher function which can 
> handle
>  > AES, DES and 3DES?
> 
> The block algorithm is now part of the name just like the cipher
> algorithm itself.  So if you're providing a block cipher you should
> register it as "cbc(aes)" (for example) instead of "aes" as you would've
> done previously.

And if we can support both I assume we must register multiple times?

> Check out drivers/crypto/padlock* for a good example.

Thanks, I have been looking at that code but unfortunately it supports
fewer cryptos/hashes so does not answer all my questions.

Marc