Re: [Cryptodev-linux-devel] Combined mode support?
- Original Message - > From: "Nikos Mavrogiannopoulos" > To: "Tom St Denis" > Cc: cryptodev-linux-devel@gna.org > Sent: Thursday, 20 September, 2012 3:52:37 PM > Subject: Re: [Cryptodev-linux-devel] Combined mode support? > > On 09/20/2012 04:55 PM, Tom St Denis wrote: > > > I see that cryptodev supports AEAD mode with GCM but are there any > > plans to add AEAD support for generic cipher/hash modes? Some > > crypto hardware support these modes and it would be nice to have > > access to it via the userspace API. > > The current AEAD code supports that for TLS and SRTP encryption > (check > the example aes-sha1.c). The problem is that encryption with > authentication is performed very different on various protocols. Some modes are common though for instance the IPsec drivers use "authenc(cipher,hash)". But I agree it could be complicated. Tom ___ Cryptodev-linux-devel mailing list Cryptodev-linux-devel@gna.org https://mail.gna.org/listinfo/cryptodev-linux-devel
Re: [Cryptodev-linux-devel] Combined mode support?
On 09/20/2012 04:55 PM, Tom St Denis wrote: > I see that cryptodev supports AEAD mode with GCM but are there any plans to > add AEAD support for generic cipher/hash modes? Some crypto hardware support > these modes and it would be nice to have access to it via the userspace API. The current AEAD code supports that for TLS and SRTP encryption (check the example aes-sha1.c). The problem is that encryption with authentication is performed very different on various protocols. regards, Nikos ___ Cryptodev-linux-devel mailing list Cryptodev-linux-devel@gna.org https://mail.gna.org/listinfo/cryptodev-linux-devel
[Cryptodev-linux-devel] Combined mode support?
I see that cryptodev supports AEAD mode with GCM but are there any plans to add AEAD support for generic cipher/hash modes? Some crypto hardware support these modes and it would be nice to have access to it via the userspace API. At a first glance I was thinking we could add new entries to the ENUM for common modes like AES_CBC_HMAC_SHA1 that then get picked up and initialized accordingly in the ioctl routines. From there though the rest of your AEAD support should be the same as if we're running GCM or equivalent. Any ideas? Tom ___ Cryptodev-linux-devel mailing list Cryptodev-linux-devel@gna.org https://mail.gna.org/listinfo/cryptodev-linux-devel
