userspace-if.rst (0ea8a56de21be24cb79abb03dee79aabcd60a316) | userspace-if.rst (77ebdabe8de7c02f43c6de3357f79ff96f9f0579) |
---|---|
1User Space Interface 2==================== 3 4Introduction 5------------ 6 7The concepts of the kernel crypto API visible to kernel space is fully 8applicable to the user space interface as well. Therefore, the kernel --- 282 unchanged lines hidden (view full) --- 291Again, the operation is very similar to the other APIs. During 292initialization, the struct sockaddr data structure must be filled as 293follows: 294 295:: 296 297 struct sockaddr_alg sa = { 298 .salg_family = AF_ALG, | 1User Space Interface 2==================== 3 4Introduction 5------------ 6 7The concepts of the kernel crypto API visible to kernel space is fully 8applicable to the user space interface as well. Therefore, the kernel --- 282 unchanged lines hidden (view full) --- 291Again, the operation is very similar to the other APIs. During 292initialization, the struct sockaddr data structure must be filled as 293follows: 294 295:: 296 297 struct sockaddr_alg sa = { 298 .salg_family = AF_ALG, |
299 .salg_type = "rng", /* this selects the symmetric cipher */ 300 .salg_name = "drbg_nopr_sha256" /* this is the cipher name */ | 299 .salg_type = "rng", /* this selects the random number generator */ 300 .salg_name = "drbg_nopr_sha256" /* this is the RNG name */ |
301 }; 302 303 304Depending on the RNG type, the RNG must be seeded. The seed is provided 305using the setsockopt interface to set the key. For example, the 306ansi_cprng requires a seed. The DRBGs do not require a seed, but may be | 301 }; 302 303 304Depending on the RNG type, the RNG must be seeded. The seed is provided 305using the setsockopt interface to set the key. For example, the 306ansi_cprng requires a seed. The DRBGs do not require a seed, but may be |
307seeded. | 307seeded. The seed is also known as a *Personalization String* in NIST SP 800-90A 308standard. |
308 309Using the read()/recvmsg() system calls, random numbers can be obtained. 310The kernel generates at most 128 bytes in one call. If user space 311requires more data, multiple calls to read()/recvmsg() must be made. 312 313WARNING: The user space caller may invoke the initially mentioned accept 314system call multiple times. In this case, the returned file descriptors 315have the same state. 316 | 309 310Using the read()/recvmsg() system calls, random numbers can be obtained. 311The kernel generates at most 128 bytes in one call. If user space 312requires more data, multiple calls to read()/recvmsg() must be made. 313 314WARNING: The user space caller may invoke the initially mentioned accept 315system call multiple times. In this case, the returned file descriptors 316have the same state. 317 |
318Following CAVP testing interfaces are enabled when kernel is built with 319CRYPTO_USER_API_RNG_CAVP option: 320 321- the concatenation of *Entropy* and *Nonce* can be provided to the RNG via 322 ALG_SET_DRBG_ENTROPY setsockopt interface. Setting the entropy requires 323 CAP_SYS_ADMIN permission. 324 325- *Additional Data* can be provided using the send()/sendmsg() system calls, 326 but only after the entropy has been set. 327 |
|
317Zero-Copy Interface 318------------------- 319 320In addition to the send/write/read/recv system call family, the AF_ALG 321interface can be accessed with the zero-copy interface of 322splice/vmsplice. As the name indicates, the kernel tries to avoid a copy 323operation into kernel space. 324 --- 47 unchanged lines hidden (view full) --- 372 - the RNG cipher type to provide the seed 373 374- ALG_SET_AEAD_AUTHSIZE -- Setting the authentication tag size for 375 AEAD ciphers. For a encryption operation, the authentication tag of 376 the given size will be generated. For a decryption operation, the 377 provided ciphertext is assumed to contain an authentication tag of 378 the given size (see section about AEAD memory layout below). 379 | 328Zero-Copy Interface 329------------------- 330 331In addition to the send/write/read/recv system call family, the AF_ALG 332interface can be accessed with the zero-copy interface of 333splice/vmsplice. As the name indicates, the kernel tries to avoid a copy 334operation into kernel space. 335 --- 47 unchanged lines hidden (view full) --- 383 - the RNG cipher type to provide the seed 384 385- ALG_SET_AEAD_AUTHSIZE -- Setting the authentication tag size for 386 AEAD ciphers. For a encryption operation, the authentication tag of 387 the given size will be generated. For a decryption operation, the 388 provided ciphertext is assumed to contain an authentication tag of 389 the given size (see section about AEAD memory layout below). 390 |
391- ALG_SET_DRBG_ENTROPY -- Setting the entropy of the random number generator. 392 This option is applicable to RNG cipher type only. 393 |
|
380User space API example 381---------------------- 382 383Please see [1] for libkcapi which provides an easy-to-use wrapper around 384the aforementioned Netlink kernel interface. [1] also contains a test 385application that invokes all libkcapi API calls. 386 387[1] https://www.chronox.de/libkcapi.html | 394User space API example 395---------------------- 396 397Please see [1] for libkcapi which provides an easy-to-use wrapper around 398the aforementioned Netlink kernel interface. [1] also contains a test 399application that invokes all libkcapi API calls. 400 401[1] https://www.chronox.de/libkcapi.html |