Review of AEAD Encryption API Project; concluding December 5, 2008
hartmans at MIT.EDU
Mon Dec 1 16:56:17 EST 2008
>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at sun.com> writes:
Nicolas> On Mon, Dec 01, 2008 at 04:01:02PM -0500, Sam Hartman
Nicolas> wrote: That's not the problem. The problem is that in
Nicolas> that example there are two large chunks of data that will
Nicolas> be directly placed into different destinations.
>> If you know where the header and trailer are, then don't use
>> the stream cryptotype.
Nicolas> I'm not sure I follow.
Use the first calling pattern for decrypt: pass in a header buffer,
multiple data buffers and a trailer buffer. Stream is only for when
you don't want to decompose the structure; look at decrypt_stream in aead.con
the mskrb-integ-crypto-iov branch in opengrok.
More information about the krbdev