Hi Roberto,
Not sure if you're following but I've been slowly working towards Kernel Crypto Sequoia backend:
https://gitlab.com/sequoia-pgp/sequoia/-/issues/1030 https://gitlab.com/sequoia-pgp/sequoia/-/tree/wiktor/add-kernel-crypto
And all was fine but we hit a major roadblock: it seems asymmetric operations are not available in user-space due to some patches not being upstreamed even though most of them look rather benign: https://github.com/smuellerDD/libkcapi/tree/master/kernel-patches/4.15-rc3/a...
Source: https://github.com/smuellerDD/libkcapi/issues/164#issuecomment-1633783571
Is this something you could help us / kcapi author with? The author says their patches were vetoed "because it was considered that it is not needed" and I think we've got a solid case here.
I'd do it myself but I think you're already deeply immersed in kernel development and it could go faster with you. If not, please do tell.
Thanks for help in advance!
Kind regards, Wiktor
On 28.04.2023 16:16, Roberto Sassu wrote:
Another point would be to avoid external dependencies, like a crypto library, and to use the kernel Crypto API instead (through socket(AF_ALG) in user space). Not the highest priority (as it would require to rewrite some parts of your library), but nice to have.