Re: Is akcipher ready for userspace?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, May 10, 2024 at 03:14:34PM +0200, Marek Behún wrote:
> Hello Herbert,
> 
> back in 2019 you wrote that akcipher is still in a state of flux and
> not ready to be exposed to userspace via AF_ALG [1].
> 
> Has this changed since then?
> 
> I am asking because I am implementing another driver [2] for a device
> which allows for signing messages with an ECDSA private key securely
> stored inside the device, and Greg asks again [3] for this to be
> exposed to userspace via a dedicated kernel API, instead of
> debugfs.
> 
> Back in 2019 when we needed this for the turris-mox-rwtm driver, I
> implemented it via debugfs because akcipher was not ready.

No I don't think akcipher is quite ready yet, given that the
recent change to kernel pointers from SG lists is still
incomplete.

However, akcipher algorithms are already partially exposed to
user-space through the keyring subsystem.

Cheers,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux