Hi Nikos, I'm looking at a possibility to add support for composite algorithms in cryptodev. Basically this means support for algorithms that do for example AES-CBC and HMAC(SHA1) in one call on platforms that support it.
One solution would be to add new algorithms in cryptodev_crypto_op_t and then adapt crypto_create_session to ask the kernel for a certain algorithm (like authenc(hmac(sha1),aes-cbc)). There are some issues here, one with the proliferation of non-standard algorithms and another with the way those algorithms would be handled by the kernel (order of applying authentication and encryption). Another solution may be to set both the crypto and the mac algorithm in the session (the same as in tests/cipher-aead.c) with an added new flag saying how the algorithms would be combined (authenticate then encrypt, encrypt then authenticate). This flag is missing in session_op but some of the *BSD distributions added some notes about deprecation of session_op in current form. Other solutions may exist but I don't see them now. How would you go about this problem so that it doesn't break compatibility with the BSD and also allows for new functionality? Thanks for your time, Cristian S. _______________________________________________ Cryptodev-linux-devel mailing list Cryptodev-linux-devel@gna.org https://mail.gna.org/listinfo/cryptodev-linux-devel
