Linux cryptographic layer development
 help / color / mirror / Atom feed
From: Stephan Mueller <smueller@chronox.de>
To: Gadre Nayan <gadrenayan@gmail.com>
Cc: linux-crypto@vger.kernel.org
Subject: Re: Decrypting data in RX path
Date: Mon, 16 May 2016 14:32:44 +0200	[thread overview]
Message-ID: <6061728.aByMvLa2kt@tauon.atsec.com> (raw)
In-Reply-To: <CAKJ7aR5v5LmgZ5XAv8+9mAtksdSu=LJz=oK9AmHO2t4bDiqSzw@mail.gmail.com>

Am Montag, 16. Mai 2016, 17:24:12 schrieb Gadre Nayan:

Hi Gadre,

> Hi,
> 
> I am able to encrypt data using the asynchronous kernel crypto API's.
> I can observe the encrypted data on the protocol analyzer.
> 
> I wanted to decry-pt the data now on the receiver side, So I have
> following questions.
> 
> 1. What is the best place to decrypt the data, in kernel space (module
> (pre-routing hook) or driver) OR user space using (maybe using raw
> sockets or after socket recv).

This is a very broad question and cannot be answered without knowning the 
context.
> 
> What precautions should be taken in terms of locking while using
> crypto api's in kernel space in RX path (Softirq context) --> Can
> someone point to existing sample in kernel where decryption is done in
> RX path.

net/ipv4/esp4.c:esp_input for rx and esp_output for tx.
> 
> 
> 2. If I encrypt data in kernel space can I decrypt it in User-space
> using same encryption methods and Keys.

Sure, if you have the keys and all information about the used crypto.
> 
> Thanks.
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html


Ciao
Stephan

  parent reply	other threads:[~2016-05-16 12:40 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-05-16 11:54 Decrypting data in RX path Gadre Nayan
2016-05-16 12:04 ` Catalin Vasile
2016-05-16 12:11   ` Gadre Nayan
2016-05-16 12:32 ` Stephan Mueller [this message]
2016-05-16 14:40   ` Gadre Nayan
2016-05-18  7:01     ` Catalin Vasile
2016-05-18 10:57       ` Stephan Mueller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=6061728.aByMvLa2kt@tauon.atsec.com \
    --to=smueller@chronox.de \
    --cc=gadrenayan@gmail.com \
    --cc=linux-crypto@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox