From: Herbert Xu Subject: Re: [PATCH 0/2] crypto: omap-sha1-md5: OMAP3 SHA1 & MD5 driver Date: Tue, 13 Apr 2010 16:59:21 +0800 Message-ID: <20100413085921.GA8988@gondor.apana.org.au> References: <1270744533.1666.9.camel@Nokia-N900> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: linux-crypto@vger.kernel.org To: Dmitry.Kasatkin@nokia.com Return-path: Received: from ringil.hengli.com.au ([216.59.3.182]:36105 "EHLO arnor.apana.org.au" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751848Ab0DMI7Y (ORCPT ); Tue, 13 Apr 2010 04:59:24 -0400 Content-Disposition: inline In-Reply-To: <1270744533.1666.9.camel@Nokia-N900> Sender: linux-crypto-owner@vger.kernel.org List-ID: On Thu, Apr 08, 2010 at 06:35:33PM +0200, Dmitry.Kasatkin@nokia.com wrote: > > Sha1 only is also very useful. We calcluate hashes of all binaries for integrity verification. We do not need hmac there. But do we do that in the Linux kernel? Of course it would be useful if we had a user-space API, but that is still on the TODO list. > But in general it is possible do add algo hmac(sha1) to the driver and implement it internally without import/export. No we don't want to add hmac to every single driver that does sha1. So this would not be a good precedent. In any case, some form of import/export must be possible (maybe not in our current format) because our API requires the ability to perform a partial update and postpone the finalisation indefinitely. If you couldn't import/export, that would imply that the hardware must have infinite memory. > I have to check on documentation publicity. Thanks! -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt