Re: [RFC PATCH 2/8] crypto/krb5: Provide Kerberos 5 crypto through AEAD API

From: Herbert Xu
Date: Fri Jan 10 2025 - 05:43:01 EST

Next message: Suzuki K Poulose: "Re: [PATCH] coresight: catu: Fix number of pages while using 64k pages"
Previous message: Marc Kleine-Budde: "Re: [PATCH] docs: remove duplicate word"
In reply to: David Howells: "Re: [RFC PATCH 2/8] crypto/krb5: Provide Kerberos 5 crypto through AEAD API"
Next in thread: David Howells: "[RFC PATCH 3/8] crypto/krb5: Test manager data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jan 10, 2025 at 10:39:27AM +0000, David Howells wrote:
>
> Is it? That's entirely unclear. The algorithm should deal with inserting the
> checksum in the appropriate place. The caller should not need to know about
> that or where the checksum is or about extra bits of metadata that may need to
> be inserted (as I think the extra gssapi layer does for sunrpc).

The AEAD interface does not dictate where the authentication
tag is. Most algorithms put it at the end, but it really could
be anywhere.

Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: Suzuki K Poulose: "Re: [PATCH] coresight: catu: Fix number of pages while using 64k pages"
Previous message: Marc Kleine-Budde: "Re: [PATCH] docs: remove duplicate word"
In reply to: David Howells: "Re: [RFC PATCH 2/8] crypto/krb5: Provide Kerberos 5 crypto through AEAD API"
Next in thread: David Howells: "[RFC PATCH 3/8] crypto/krb5: Test manager data"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]