On Fri, 12 Jan 2007, Thor Lancelot Simon wrote:
I certainly don't think so. I work with a lot of cryptographic hardware, and there are basically two kinds: hardware that acts like separate peripheral devices, that interfaces across the bus, needs a hardware driver, etc; and hardware that just basically is special-purpose instructions on the CPU you already have. By your reasoning, we should have separate "providers" for every piece of code in the system that has multiple implementations tuned for specific processors in an arch/ subdirectory.
Still, ACE is especially efficient because you can point it at buffers, let it do the work for n blocks and handle the IVs. So, from the crypto/opencrypto view a fast implementation would be at the level of swcr_encdec() in cryptosoft.c, which is called by swcr_process. So, not making a separate "provider" for opencrypto would be kinda like putting two (or more) providers in cryptosoft. Each one with its own potential kludges.
BTW, thanks for the good food for thought :). -- Daniel