From: Herbert Xu Subject: Re: Test AEAD/authenc algorithms from userspace Date: Wed, 21 Dec 2016 16:54:29 +0800 Message-ID: <20161221085429.GB29501@gondor.apana.org.au> References: <2943969.IiWKeGvEyD@tauon.atsec.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Stephan Mueller , linux-crypto@vger.kernel.org To: Harsh Jain Return-path: Received: from helcar.hengli.com.au ([209.40.204.226]:45071 "EHLO helcar.apana.org.au" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1755985AbcLURAE (ORCPT ); Wed, 21 Dec 2016 12:00:04 -0500 Content-Disposition: inline In-Reply-To: Sender: linux-crypto-owner@vger.kernel.org List-ID: On Mon, Dec 19, 2016 at 04:08:11PM +0530, Harsh Jain wrote: > Hi Herbert, > > TLS default mode of operation is MAC-then-Encrypt for Authenc algos. > Currently framework only supports EtM used in IPSec. User space > programs like openssl cannot use af-alg interface to encrypt/decrypt > in TLS mode. > Are we going to support Mac-then-Encrypt mode in future kernel releases? If someone finally adds TLS to the kernel then we'll likely do something about it. Otherwise you can just separate it out into two operations via af-alg. Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt