On Fri, 12 Jan 2007, Thor Lancelot Simon wrote:
> I certainly don't think so.  I work with a lot of cryptographic hardware,
> and there are basically two kinds: hardware that acts like separate
> peripheral devices, that interfaces across the bus, needs a hardware
> driver, etc; and hardware that just basically is special-purpose
> instructions on the CPU you already have.  By your reasoning, we should
> have separate "providers" for every piece of code in the system that
> has multiple implementations tuned for specific processors in an
> arch/ subdirectory.

Still, ACE is especially efficient because you can point it at buffers, 
let it do the work for n blocks and handle the IVs. So, from the 
crypto/opencrypto view a fast implementation would be at the level of 
swcr_encdec() in cryptosoft.c, which is called by swcr_process. So, not 
making a separate "provider" for opencrypto would be kinda like putting 
two (or more) providers in cryptosoft. Each one with its own potential 
kludges.

BTW, thanks for the good food for thought :).

-- Daniel