Review of AEAD Encryption API Project; concluding December 5, 2008

Sam Hartman hartmans at MIT.EDU
Mon Dec 1 16:56:17 EST 2008

>>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at> writes:

    Nicolas> On Mon, Dec 01, 2008 at 04:01:02PM -0500, Sam Hartman
    Nicolas> wrote: That's not the problem.  The problem is that in
    Nicolas> that example there are two large chunks of data that will
    Nicolas> be directly placed into different destinations.
    >> If you know where the header and trailer are, then don't use
    >> the stream cryptotype.

    Nicolas> I'm not sure I follow.

Use the first calling pattern for decrypt: pass in a header buffer,
 multiple data buffers and a trailer buffer.  Stream is only for when
 you don't want to decompose the structure; look at decrypt_stream in aead.con
 the mskrb-integ-crypto-iov branch in opengrok.

More information about the krbdev mailing list