diff options
Diffstat (limited to 'Documentation/crypto')
-rw-r--r-- | Documentation/crypto/api-intro.txt | 41 |
1 files changed, 16 insertions, 25 deletions
diff --git a/Documentation/crypto/api-intro.txt b/Documentation/crypto/api-intro.txt index a2ac6d294793..8b49302712a8 100644 --- a/Documentation/crypto/api-intro.txt +++ b/Documentation/crypto/api-intro.txt | |||
@@ -33,9 +33,16 @@ The idea is to make the user interface and algorithm registration API | |||
33 | very simple, while hiding the core logic from both. Many good ideas | 33 | very simple, while hiding the core logic from both. Many good ideas |
34 | from existing APIs such as Cryptoapi and Nettle have been adapted for this. | 34 | from existing APIs such as Cryptoapi and Nettle have been adapted for this. |
35 | 35 | ||
36 | The API currently supports three types of transforms: Ciphers, Digests and | 36 | The API currently supports five main types of transforms: AEAD (Authenticated |
37 | Compressors. The compression algorithms especially seem to be performing | 37 | Encryption with Associated Data), Block Ciphers, Ciphers, Compressors and |
38 | very well so far. | 38 | Hashes. |
39 | |||
40 | Please note that Block Ciphers is somewhat of a misnomer. It is in fact | ||
41 | meant to support all ciphers including stream ciphers. The difference | ||
42 | between Block Ciphers and Ciphers is that the latter operates on exactly | ||
43 | one block while the former can operate on an arbitrary amount of data, | ||
44 | subject to block size requirements (i.e., non-stream ciphers can only | ||
45 | process multiples of blocks). | ||
39 | 46 | ||
40 | Support for hardware crypto devices via an asynchronous interface is | 47 | Support for hardware crypto devices via an asynchronous interface is |
41 | under development. | 48 | under development. |
@@ -69,29 +76,12 @@ Here's an example of how to use the API: | |||
69 | Many real examples are available in the regression test module (tcrypt.c). | 76 | Many real examples are available in the regression test module (tcrypt.c). |
70 | 77 | ||
71 | 78 | ||
72 | CONFIGURATION NOTES | ||
73 | |||
74 | As Triple DES is part of the DES module, for those using modular builds, | ||
75 | add the following line to /etc/modprobe.conf: | ||
76 | |||
77 | alias des3_ede des | ||
78 | |||
79 | The Null algorithms reside in the crypto_null module, so these lines | ||
80 | should also be added: | ||
81 | |||
82 | alias cipher_null crypto_null | ||
83 | alias digest_null crypto_null | ||
84 | alias compress_null crypto_null | ||
85 | |||
86 | The SHA384 algorithm shares code within the SHA512 module, so you'll | ||
87 | also need: | ||
88 | alias sha384 sha512 | ||
89 | |||
90 | |||
91 | DEVELOPER NOTES | 79 | DEVELOPER NOTES |
92 | 80 | ||
93 | Transforms may only be allocated in user context, and cryptographic | 81 | Transforms may only be allocated in user context, and cryptographic |
94 | methods may only be called from softirq and user contexts. | 82 | methods may only be called from softirq and user contexts. For |
83 | transforms with a setkey method it too should only be called from | ||
84 | user context. | ||
95 | 85 | ||
96 | When using the API for ciphers, performance will be optimal if each | 86 | When using the API for ciphers, performance will be optimal if each |
97 | scatterlist contains data which is a multiple of the cipher's block | 87 | scatterlist contains data which is a multiple of the cipher's block |
@@ -130,8 +120,9 @@ might already be working on. | |||
130 | BUGS | 120 | BUGS |
131 | 121 | ||
132 | Send bug reports to: | 122 | Send bug reports to: |
133 | Herbert Xu <herbert@gondor.apana.org.au> | 123 | linux-crypto@vger.kernel.org |
134 | Cc: David S. Miller <davem@redhat.com> | 124 | Cc: Herbert Xu <herbert@gondor.apana.org.au>, |
125 | David S. Miller <davem@redhat.com> | ||
135 | 126 | ||
136 | 127 | ||
137 | FURTHER INFORMATION | 128 | FURTHER INFORMATION |