Am Montag, 14. August 2017, 08:26:22 CEST schrieb Marcel Holtmann: Hi Marcel, > > The first part is clearly where AF_ALG fits and keyctl does not. This is > > provided with the current patch set. As the keyctl API only handles, well, > > keys, access to the raw ciphers may not be possible through this API. And > > let us face it, a lot of user space code shall support many different > > OSes. Thus, if you have a crypto lib in user space who has its own key > > management (which is a core element of such libraries and thus cannot be > > put into an architecture-dependent code part), having only the keyctl API > > on Linux for accelerated asym support may not be helpful. > > That argument is just non-sense. How interesting. For example, what about NSS with its own key database? Ciao Stephan