From: Sebastian Siewior Subject: Re: Problem with key sizes Date: Mon, 19 Mar 2007 20:07:10 +0100 Message-ID: <20070319190710.GA5148@Chamillionaire.breakpoint.cc> References: <20070316152347.GE13744@Chamillionaire.breakpoint.cc> <20070317202853.GA7454@Chamillionaire.breakpoint.cc> <1174314339.7212.20.camel@localhost.localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Cc: Herbert Xu , linux-crypto@vger.kernel.org To: Jan Glauber Return-path: Received: from Chamillionaire.breakpoint.cc ([85.10.199.196]:46730 "EHLO Chamillionaire.breakpoint.cc" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751782AbXCSTHM (ORCPT ); Mon, 19 Mar 2007 15:07:12 -0400 Content-Disposition: inline In-Reply-To: <1174314339.7212.20.camel@localhost.localdomain> Sender: linux-crypto-owner@vger.kernel.org List-Id: linux-crypto.vger.kernel.org * Jan Glauber | 2007-03-19 15:25:39 [+0100]: >Having fall back support for unsupported parts of an algorithm sounds like >the right thing to me. In include/linux/crypto.h I found: > >/* > * Set this bit if and only if the algorithm requires another algorithm of > * the same type to handle corner cases. > */ >#define CRYPTO_ALG_NEED_FALLBACK 0x00000100 > >which is currently not used but looks like someone has thought of implementing >that kind of fallback method? This is not totally true. padlock-sha makes uses of that flag and something forbids that padlock-sha gets itself back as fall back. I did not find out where and how does it check for hat flag, but it does. >OTOH, if aes and padlock are the only two cornercases it may be easier to >implement the fallback manually. Are there other algorithms / hardware accelerators >that would benefit from a generic fallback method? I wouldn't consider s390'aes and Geode'aes as corner cases because they never claimed to supported those key sizes. A good example of a corner case is padlock-sha.c I guess. They support sha1 & sha256 on hardware as long as the data is not larger than one page. On the other hand they maybe different interpretation of a corner case and whether an algorithm like aes, that is standardized for 128, 192 and 256 bits, has to support all of them or may support just a subset. We need definitely some sort of fall back method, the question is just if the driver should implement it or the API if the driver already knows that it can't be handled at all. And I would like to find out how the flag gets actually checked :) >Cheers, >Jan -- Regards Sebastian Siewior