On 09/23/2013 02:31 PM, Horia Geantă wrote: > Hi, > > CAAM crypto engine (drivers/crypto/caam/*) is capable of asymmetric > operations, like: modular exponentiation, RSA > sign/verify/encrypt/decrypt, (EC)DSA sign etc. > I would appreciate some design guidelines on how to harness these > capabilities, for crypto engines in general. > > 1. In-kernel interface for asymmetric crypto > Should crypto/asymmetric_keys/* be used, i.e. appended with modular > exponentiation, other asymmetric operations? The BSD's cryptodev supports the following operations which may help in that aspect (no elliptic curve operations present). I don't know if all of them worth the context switch. #define CRK_MOD_EXP 0 #define CRK_MOD_EXP_CRT 1 #define CRK_DSA_SIGN 2 #define CRK_DSA_VERIFY 3 #define CRK_DH_COMPUTE_KEY 4 #define CRK_MOD_ADD 5 #define CRK_MOD_ADDINV 6 #define CRK_MOD_SUB 7 #define CRK_MOD_MULT 8 #define CRK_MOD_MULTINV 9 #define CRK_MOD 10 > 2. User space interface > Should AF_ALG be expanded to provide access to this new asymmetric cypto > API? The API would allow user space applications to offload PKC operations in > HW. I'd be interested into adding this support into cryptodev-linux once present in kernel. regards, Nikos -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
