From: Dominik Paulus <dominik@d-paulus.de>
To: linux-crypto@vger.kernel.org, herbert@gondor.apana.org.au,
davem@davemloft.net
Cc: tobias.polzer@fau.de, linux-kernel@i4.cs.fau.de
Subject: Re: crypto: GCM API usage
Date: Mon, 16 Sep 2013 20:34:11 +0200 [thread overview]
Message-ID: <20130916183411.GC3380@d-paulus.de> (raw)
In-Reply-To: <65abe254e199230984fd6a15dec39a76.squirrel@faumail.uni-erlangen.de>
Hi,
On Mon, Sep 16, 2013 at 12:58:40PM +0200, dominik.d.paulus@studium.uni-erlangen.de wrote:
> We are currently trying to add encryption support to the usbip kernel
> driver. Unfortunately, there is almost no documentation for the kernel
> crypto API. So far, we couldn't figure out how to use the GCM encryption
> mode in the kernel. There seems to be infrastructure for IV generation
> in place (e.g. seqiv.c, the geniv stuff and the RFC 4106 implementation),
> but no code directly using it.
>
> What's the recommended way to use the IV generators with a "high-level"
> API?
Sorry, that mail probably got a bit too short. To explain our problem a bit
more: We are currently using a 64-bit counter to generate IVs. As the
keys are randomly generated for each session and thus never reused,
that's probably a not too bad idea (if it is, please tell us why ;)),
assuming this counter is never going to overflow. We pass the IVs
directly to aead_request_set_crypt for each message. This currently
works quite fine.
However, we would expect that IV generation is at least partially handled
by the crypto API. As I said, there seems to be infrastructure for that,
that abstracts the sequence number quite nicely. The seqiv generator
seems to provide a high-level interface to the AEAD crypto, including an
abstraction for the sequence number generation. However, due to the lack
of documentation and/or reference code using the API, we couldn't find
out how to use it yet.
Any help on this would be appreciated. If we feel competent enough to do
so after finishing this project, we would also volunteer to extend the
introduction in Documentation/crypto/api-intro.txt a bit.
Regards,
Tobias Polzer and Dominik Paulus
next prev parent reply other threads:[~2013-09-16 18:44 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-16 10:58 crypto: GCM API usage dominik.d.paulus
2013-09-16 18:34 ` Dominik Paulus [this message]
2013-09-19 20:33 ` Marcelo Cerri
2013-10-03 6:03 ` tobias.polzer
2013-10-03 12:10 ` Marcelo Cerri
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130916183411.GC3380@d-paulus.de \
--to=dominik@d-paulus.de \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@i4.cs.fau.de \
--cc=tobias.polzer@fau.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox