On Wed, 2009-01-14 at 14:53 +0800, Herbert Xu wrote: > On Wed, Jan 14, 2009 at 02:44:08PM +0800, Huang Ying wrote: > > Because: > > > > 1. if use %s, you can only request cryptd(<driver name>), not > > cryptd(<alg name>), because generated new algorithm instance has > > algorithm name: <alg name> and driver name cryptd(<driver name>). > > This is intentional. For the purposes we talked about we should > be requesting cryptd(<driver name>), as otherwise you may end up > with someone else's AES algorithm as the base.
Current cryptd works well for AES-NI implementation. But how about somebody want cryptd(cbc(aes)), and don't care about the driver. > > 2. Generated cryptd-ed algorithm will have the same algorithm name and > > higher priority, but some user may not want to use cryptd-ed > > version. > > The priority shouldn't be an issue in our case since the AES-NI > algorithm should register itself as an ablkcipher with an even > higher priority. Yes, not an issue for AES-NI case until now. But, for example there is no aes-ni, if someone request cryptd(cbc(aes-asm)), other user will get cryptd(cbc(aes-asm)) instead of cbc(aes-asm) when request cbc(aes), is this a good behavior? Best Regards, Huang Ying
signature.asc
Description: This is a digitally signed message part
