Kernel Interfaces

Kernel Configuration

Depending on the version of your kernel, some of the kernel interfaces the library depends on are not available. When using the respective library API functions, an error is returned during initialization of the cipher handle. The following interfaces are available:

Kernel Configuration

To use libkcapi, the following kernel options need to be enabled:

  • CONFIG_CRYPTO_USER enables the NETLINK_CRYPTO interface to allow obtaining information about the loaded ciphers. When compiled as module in older kernels (pre 3.18) the resulting crypto_user kernel module must be loaded manually.

  • CONFIG_CRYPTO_USER_API enables the core functionality of the user space interface handler.

  • CONFIG_CRYPTO_USER_API_HASH enables the "hash" interface (i.e. allows the use of all message digest and keyed message digest ciphers).

  • CONFIG_CRYPTO_USER_API_SKCIPHER enables the "skcipher" interface to use symmetric cipher algorithms.

  • CONFIG_CRYPTO_USER_API_AEAD enables the "aead" interface to use AEAD cipher algorithms. This support is currently discussed on LKML and therefore not present in the mainline kernel.

  • CONFIG_CRYPTO_USER_API_RNG enables the "rng" interface to use the random number generators.

  • CONFIG_CRYPTO_USER_API_AKCIPHER enables the "akcipher" interface to use the asymmetric ciphers. This support is currently discussed on LKML and therefore not present in the mainline kernel.

In addition, the following patch must be applied if a kernel less than 3.19-rc1 or the cryptodev-2.6 kernel tree is used: https://git.kernel.org/cgit/linux/kernel/git/herbert/cryptodev-2.6.git/commit/?id=5d4a5e770d97d87082067886e7097c920b338da5

In addition, the following patch must be applied if a kernel less than 3.19-rc1 or the cryptodev-2.6 kernel tree is used: https://git.kernel.org/cgit/linux/kernel/git/herbert/cryptodev-2.6.git/commit/?id=af8e80731a94ff9de9508b01d9e5d931d538dc6b

In addition, the following patch must be applied if a kernel less than 3.19-rc1 or the cryptodev-2.6 kernel tree is used: https://git.kernel.org/cgit/linux/kernel/git/herbert/cryptodev-2.6.git/commit/?id=25fb8638e919bc7431a73f2fb4a9713818ae2c9d