Re: akcipher use

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Donnerstag, 25. Juni 2015, 12:19:32 schrieb Tadeusz Struk:

Hi Tadeusz,

> On 06/25/2015 04:58 AM, Stephan Mueller wrote:

> > 
> > - how would a hardware implementation offering only a hybrid asym cipher
> > implementation (i.e. a full signature mechanism or bulk data encryption
> > mechanism) be usable via that API?
> 
> Usually the HW offers acceleration for encryption primitives.
> To support the encryption schemes we can introduce templates for instance
> pkcs1_v15(rsa) or oaep(rsa) as it was proposed by Horia Geanta.

Ok, in this case, it would mean that rsa would point to the software 
implementation and oaep(rsa) would point to the hardware. Would I be correct?

> 
> > - currently I only see one user in the kernel for asym ciphers: the module
> > signing mechanism. Do you expect more to come? Or am I missing others?
> > 
> > - If no, then it sounds like that the akcipher API is a means to make asym
> > ciphers implemented in hardware and only accessible from supervisor state
> > available. I would assume that the majority of the users that may be
> > interested in that kind of support resides in user space. Is the intention
> > to develop an AF_ALG interface (note, I personally already thought about
> > that subject for some time now)?
> 
> Yes, that's the main use case for this. We want to be able to accelerate SSL
> handshakes.

Are you currently working on an AF_ALG interface?

-- 
Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux