[dm-devel] [PATCH v11 1/4] crypto: essiv - create wrapper template for ESSIV generation
Ard Biesheuvel
ard.biesheuvel at linaro.org
Thu Aug 15 05:15:29 UTC 2019
On Thu, 15 Aug 2019 at 08:13, Herbert Xu <herbert at gondor.apana.org.au> wrote:
>
> On Thu, Aug 15, 2019 at 07:59:34AM +0300, Ard Biesheuvel wrote:
> >
> > So how do I ensure that the cipher and shash are actually loaded at
> > create() time, and that they are still loaded at TFM init time?
>
> If they're not available at TFM init then you just fail the init
> and therefore the TFM allocation. What is the problem?
>
> IOW the presence of the block cipher and unkeyed hash does not
> affect the creation of the instance object.
>
Right.
So what about checking that the cipher key size matches the shash
digest size, or that the cipher block size matches the skcipher IV
size? This all moves to the TFM init function?
Are there any existing templates that use this approach?
More information about the dm-devel
mailing list