Re: Crypto Update for 2.6.38

From: Herbert Xu
Date: Thu Jan 06 2011 - 22:04:05 EST


On Thu, Jan 06, 2011 at 09:39:28PM -0500, Pavel Roskin wrote:
>
> By the way, is it a good idea to use setsockopt() this way? Some keys
> may be large. And if AEAD is supported, will it use setsockopt() for
> the unencrypted authenticated data?

For large keys (i.e., asymmetric key crypto) the kernel keyring API
would be the obvious way of passing them around.

For AEAD the AD would be passed around through send/splice.

Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/