+1.
- Garrett
Krishna Yenduri wrote:
> I am sponsoring the following self review case for myself. It only
> modifies consolidation private interfaces and the changes are minor.
>
>
> Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI
> This information is Copyright 2009 Sun Microsystems
> 1. Introduction
> 1.1. Project/Component Working Name:
> CRYPTO_HMAC_NO_UPDATE - A new KCF SPI flag
> 1.2. Name of Document Author/Supplier:
> Author: Krishna Yenduri
> 1.3 Date of This Document:
> 06 October, 2009
> 4. Technical Description
>
> 4.1 Overview
>
> This document describes changes to the Kernel Cryptographic Framework (KCF)
> SPI to support a new processor.
>
> The Interface taxonomy is Consolidation Private.
> The Release taxonomy is Patch/Micro.
>
> 4.2 Problem
>
> PSARC/2007/213 introduced a KCF flag, CRYPTO_HASH_NO_UPDATE, that is used
> by the n2cp driver on the Niagara 2 and the Victoria Falls processors to
> indicate that there is no hardware support for hash update operations
> and HMAC update operations.
>
> We believed at that time that one flag can cover both hash and
> HMAC operations. However, this will not be the case for the upcoming
> Rainbow Falls processor where the hardware can support hash update operations,
> but it can not support HMAC update operations.
>
> So, we need to use a separate flag for these two operations.
>
> 4.3 Solution
>
> The SPI changes are
>
> . Add a new flag, CRYPTO_HMAC_NO_UPDATE, to allow a provider to specify
> just the no HMAC update limitation. This flag is independent from the
> existing flag, CRYPTO_HASH_NO_UPDATE, which will now be used to specify
> just the no hash update limitation.
>
> . Discontinue the existing use of cm_max_key_length field in
> crypto_mech_info_t as a way to pass the maximum input data size a provider
> can digest.
>
> . Instead, the maximum input sizes are set by a provider in
> crypto_provider_ext_info_t by implementing the ext_info entry point in the
> co_provider_ops vector.
>
> So, these two new fields
> int ei_hash_max_input_len;
> int ei_hmac_max_input_len;
> } crypto_provider_ext_info_t;
>
> correspond to the CRYPTO_HASH_NO_UPDATE and CRYPTO_HMAC_NO_UPDATE flags
> respectively.
>
> The CRYPTO_HASH_NO_UPDATE flag is ON consolidation private and only n2cp
> implements it. So, there is no binary compatibility issue.
>
> 4.4 Bug/RFE Number(s): 6886360
>
> 4.5 Exported Interfaces
>
> +--------------------------------+---------------------------+--------------+
> | Interface | Classification | Comments |
> +--------------------------------+---------------------------+--------------+
> | | | |
> | spi.h | Consolidation | include file |
> | | Private | |
> | | | |
> | common.h | Consolidation | include file |
> | | Private | |
> | | | |
> +--------------------------------+---------------------------+--------------+
>
>
> 6. Resources and Schedule
> 6.4. Steering Committee requested information
> 6.4.1. Consolidation C-team Name:
> ON
> 6.5. ARC review type: Automatic
> 6.6. ARC Exposure: open
>
> _______________________________________________
> crypto-discuss mailing list
> crypto-discuss at opensolaris.org
> http://mail.opensolaris.org/mailman/listinfo/crypto-discuss
>
