Folks...

I noticed something about the opencrypto rijndael support this morning. 
  If you look at rijndael128_setkey() in xform.c, it allocates 2 
rijndael_ctx's.  One for encrypt and one for decrypt.

However, if you look at rijndael.c (either the old opencrypto one I 
obsoleted this morning, or the new one in crypto/rijndael/rijndael.c), 
note that it always creates an encryption key (creation of an 
encryption key is necessary for creation of the decryption key).

As such, it seems totally unnecessary to allocate 2 rijndael_ctx's, 
since the ctx will always contain both keys if the "encrypt" argument 
to rijndael_set_key() is 0.

I'm tempted to just nuke that "encrypt" argument in any case.

Comments?  Did I miss anything?

         -- Jason R. Thorpe <thorpej@wasabisystems.com>