From: Andy Lutomirski Subject: Re: [PATCH 0/2] Add TLS record layer encryption module Date: Thu, 31 Jul 2014 12:59:45 -0700 Message-ID: <53DAA031.30405@amacapital.net> References: <1406626353-23309-1-git-send-email-cristian.stoica@freescale.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: davem@davemloft.net, linux-kernel@vger.kernel.org To: Cristian Stoica , herbert@gondor.apana.org.au, linux-crypto@vger.kernel.org Return-path: Received: from mail-pa0-f53.google.com ([209.85.220.53]:33143 "EHLO mail-pa0-f53.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750709AbaGaT7t (ORCPT ); Thu, 31 Jul 2014 15:59:49 -0400 Received: by mail-pa0-f53.google.com with SMTP id rd3so4285601pab.12 for ; Thu, 31 Jul 2014 12:59:49 -0700 (PDT) In-Reply-To: <1406626353-23309-1-git-send-email-cristian.stoica@freescale.com> Sender: linux-crypto-owner@vger.kernel.org List-ID: On 07/29/2014 02:32 AM, Cristian Stoica wrote: > Hi all, > > This set of patches introduces support for TLS 1.0 record layer > encryption/decryption with a corresponding algorithm called > tls10(hmac(),cbc()). > > Similarly to authenc.c on which it is based, this module mixes the base > algorithms in software to produce an algorithm that does record layer > encryption and decryption for TLS1.0. > Any combination of hw and sw base algorithms is possible, but the purpose > is to take advantage of hardware acceleration for TLS record layer offloading > when hardware acceleration is present. What is this used for? AF_ALG? I find it hard to believe that the kernel will ever want to use this internally. --Andy