Re: [PATCH CIFS] use CryptoAPI MD4/MD5

[Matt Mackall]

On Sat, Oct 04, 2003 at 11:51:57AM -0700, dean gaudet wrote:
> On Sat, 4 Oct 2003, Matt Mackall wrote:
> 
> > On Sat, Oct 04, 2003 at 11:00:01AM -0700, dean gaudet wrote:
> > > what about CryptoAPI is so expensive that you can't use a stack-based
> > > context?
> >
> > The alloc functions hide a bunch of module lookup details and the size
> > of the context structures vary from one alg to the next. They also
> > tend to hide block-sized buffers to deal with fragments. So it's a
> > little ugly but not insurmountable.
> 
> by "block-sized" you mean like 64 bytes for MD5 and SHA1, 16 bytes for
> AES, and so forth?  if so that's no biggie, those are already present
> in most simple library implementations of these algos.  but if "block"
> means 4096 bytes then, aiee.

Cipher-block-sized.
 
> if module lookup is expensive then perhaps a much better api would be one
> which yields a module handle -- and the module handle can be used in a
> much less expensive allocator to create contexts where they're required.
> it seems that the module handle could be a read-only structure and
> therefore shared without locking.

Indeed, I've proposed such an interface. 

> this CIFS patch alone replaces 89 lines with 250 lines of code!

My experience is that aside from the context allocation/locking
issues, the thing is otherwise pretty painless to work with.

-- 
Matt Mackall : http://www.selenic.com : of or relating to the moon
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/