Resolving the crypto duplicity...

Poul-Henning Kamp phk at
Thu Feb 5 00:46:04 PST 2004

In message <20040204160446.F96240 at>, Doug White writes:
>On Wed, 4 Feb 2004, Poul-Henning Kamp wrote:
>> I'm just using Rijndael/AES for illustration, the same issues apply
>> to various other algorithms.
>> Right now we have identical (apart from some trivial details) of the
>> AES algorithms in the kernel:
>> [1]	src/sys/crypto/rijndael/*
>> 	[ipsec, random and geom_bde options]
>> [2]	arc/sys/opencrypto/rijndael.?
>> 	[crypto]
>You'd have to go back to the original discussion, but I though that we
>decided to go with this to avoid complicating KAME imports.
>Just trying to inject some history into the discussion :)

I realize that, but for something as generic as specific cryptographic
algorithms, I do not think that is a valid argument for having two
implementations in the kernel, particularly not for a case like the
AES implementation which is line-for-line identical.

Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.

More information about the freebsd-arch mailing list