Re: Linux CryptoAPI Userspace API proposal | |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] | |
On Thu, May 15, 2008 at 01:16:03PM -0700, Loc Ho wrote:
>
> Linux Crypto User Space Interface Requirement:
>
> 1. Support crypto and hashing/digest
> 2. Flexible to support compression in the future
> 3. Flexible to support PKA (public key acceleration) in the future
I think extensibility as you've noted is really important.
As the crypto API is really an algorithm API, please make this
interface generic enough so that adding new (potentially non-crypto)
operations is easy.
> 4. A file descriptor per algorithms
> 5. Key and algorithm attributes provided by user space application
> (caller)
I would say that a file descriptor per tfm would make more sense.
> 8. Support cancel a pending operation for user space caller
We don't need to be able to cancel a specific operation. The
ability to free a tfm and thereby flushing all requests associated
with it should be enough.
> 3. The type of algorithm, key, and other attributes are selected via IO
> control call. This will be a single call.
Being a single call doesn't matter too much here because this is
the slow path.
> 5. Interface for per operation (such as encrypt, decrypt, compress, PKA,
> and hashing)
It might be useful to consider an interface that allowed in-place
operations.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
[Home] [Kernel] [Gnu Classpath] [Gnu Crypto] [DM Crypt] [Netfilter] [Bugtraq] [Network Security Reading]