Here Comes libkcapi To Easily Use The Kernel Crypto API In User-Space
Stephan Mueller has announced the first release of libkcapi, a user-space library for tapping the Linux kernel's crypto API in an easy-to-use fashion.
The libkcapi library allows for using the kernel's low-level Netlink interface in an easy manner for accessing the cryptography APIs. The library passes all of its calls onto the kernel Netlink interface and returning the results to the consumer of the user-space library. The library does support use by unprivileged processes.
Right now libkcapi can be used by symmetric ciphers and message digests / keyed message digsets while kernel patches are forthcoming to allow the library to be used by AEAD ciphers and random number generators from user-space.
Developers looking to better tap the kernel crypto interfaces from an unprivileged user-space can learn more via the libkcapi announcement.
The libkcapi library allows for using the kernel's low-level Netlink interface in an easy manner for accessing the cryptography APIs. The library passes all of its calls onto the kernel Netlink interface and returning the results to the consumer of the user-space library. The library does support use by unprivileged processes.
Right now libkcapi can be used by symmetric ciphers and message digests / keyed message digsets while kernel patches are forthcoming to allow the library to be used by AEAD ciphers and random number generators from user-space.
Developers looking to better tap the kernel crypto interfaces from an unprivileged user-space can learn more via the libkcapi announcement.
Add A Comment