Hi, [Catalin Vasile] What do you mean by "using same encryption methods" ? What I meant was, in the module If I use "cbc(aes)" With say 16 blocks of data to be encrypted with 16 bytes of iv-data and so on, are there user space Api's to use in decryption which will take such arguments, otherwise data won't be decrypted properly ? On Mon, May 16, 2016 at 5:34 PM, Catalin Vasile <cata.vasile@xxxxxxx> wrote: > Inline comments. > > ________________________________________ > From: linux-crypto-owner@xxxxxxxxxxxxxxx <linux-crypto-owner@xxxxxxxxxxxxxxx> on behalf of Gadre Nayan <gadrenayan@xxxxxxxxx> > Sent: Monday, May 16, 2016 2:54 PM > To: linux-crypto@xxxxxxxxxxxxxxx > Subject: Decrypting data in RX path > > Hi, > > I am able to encrypt data using the asynchronous kernel crypto API's. > I can observe the encrypted data on the protocol analyzer. > > I wanted to decry-pt the data now on the receiver side, So I have > following questions. > > 1. What is the best place to decrypt the data, in kernel space (module > (pre-routing hook) or driver) OR user space using (maybe using raw > sockets or after socket recv). > > What precautions should be taken in terms of locking while using > crypto api's in kernel space in RX path (Softirq context) --> Can > someone point to existing sample in kernel where decryption is done in > RX path. > [Catalin Vasile] Look into net/ipv6/esp6.c. It's related to IPsec. > > 2. If I encrypt data in kernel space can I decrypt it in User-space > using same encryption methods and Keys. > [Catalin Vasile] What do you mean by "using same encryption methods" ? > > Thanks. > -- > To unsubscribe from this list: send the line "unsubscribe linux-crypto" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html