Subject: Re: FYI: this time, really about to import crypto framework
To: None <tech-kern@NetBSD.org>
From: Jonathan Stone <jonathan@DSG.Stanford.EDU>
Date: 07/25/2003 14:29:14
So, the bulk of the crypto framework has been committed. The NetBSD
opencode started as a naive port of the code by Angelos Keromytis and
others at OpenBSD; I then went through the diffs beetween that and Sam
Leffer's FreeBSD version line-by-line, merging in Sam's detailed
improvements where applicable.
There are still a couple of minor open issues (handle userspace
requests as uio vs iov?) which no-one has (yet) spoken on.
There's one more substantive issue: the FreeBSD opencrypto includes
what (at the time) were ``best-of-breed'' crypto implementations.
Those are the ones I've tested as part of opencrypto over the last few
months, so I also imported the FreeBSD crypto-transform code. Some
duplication may have occured (specificallyw ith rijndael and
cast128). Obviously, I'd like to resolve that ASAP, but it will
require some collaboration with the KAME team and any other users of
the extant crypto APIs.
The last item (which has been waiting on this import) is to test more
extensively on big-endian and strict-alignment machines. Reports
either way are encouraged.