[PATCH 2/2 v2] talitos: Freescale integrated security engine (SEC) driver
Herbert Xu
herbert at gondor.apana.org.au
Thu Jun 5 15:22:24 EST 2008
On Fri, May 30, 2008 at 06:58:30PM -0500, Kim Phillips wrote:
>
> + /* get random IV */
> + get_random_bytes(req->giv, crypto_aead_ivsize(authenc));
Sorry but this is unworkable given our current RNG infrastructure.
Draining 16 bytes for every packet is going to make /dev/random
unuseable (if it wasn't already :).
Perhaps just use eseqiv (it should be pretty cheap sinec it just
tacks on an extra block to the encryption) for now until we have
a PRNG?
We'll need to extend eseqiv to support AEAD first though. Perhaps
change it so that it can be called as a library by AEAD algorithms?
Thanks,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Linuxppc-dev
mailing list