Review of AEAD Encryption API Project; concluding December 5, 2008

Nicolas Williams Nicolas.Williams at
Mon Dec 1 16:58:41 EST 2008

On Mon, Dec 01, 2008 at 04:56:17PM -0500, Sam Hartman wrote:
> >>>>> "Nicolas" == Nicolas Williams <Nicolas.Williams at> writes:
>     Nicolas> On Mon, Dec 01, 2008 at 04:01:02PM -0500, Sam Hartman
>     Nicolas> wrote: That's not the problem.  The problem is that in
>     Nicolas> that example there are two large chunks of data that will
>     Nicolas> be directly placed into different destinations.
>     >> If you know where the header and trailer are, then don't use
>     >> the stream cryptotype.
>     Nicolas> I'm not sure I follow.
> Use the first calling pattern for decrypt: pass in a header buffer,
>  multiple data buffers and a trailer buffer.  Stream is only for when
>  you don't want to decompose the structure; look at decrypt_stream in aead.con
>  the mskrb-integ-crypto-iov branch in opengrok.

Oh!  OK, I see what I misunderstood.  Thanks.

More information about the krbdev mailing list