Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Linux Crypto API and linux/crypto.h - Documentation

I want to write a C program which makes use of the linux crypto-api for digital signatures. Unfortunately I cannot find good documentation about the linux api and the functions defined in linux/crypto.h (googling doesn't help, man pages for those functions don't exist). So now I wonder if anyone here can help me with a good link, a book would also be appreciated.

2nd short question: All the time within this crypto stuff the term "tfm" comes up, as in a struct crypto_tfm or in functions, but I can't find out what tfm actually means.

like image 556
butchy Avatar asked Mar 01 '11 09:03

butchy


2 Answers

The Linux crypto-API is an internal kernel API used for things such as IPsec and dm-crypt. It's not directly usable by user-mode applications. If you want to use it in a kernel driver, read the headers, and look at these files: http://lxr.linux.no/linux+v2.6.37/Documentation/crypto

In general, anything under the linux/ directory should not be used by ordinary applications directly. Anything in there you're allowed to use is re-exported under a sys/ include somewhere, and if it's a function it'll come with a manual page as well. Kernel functions are designed with the assumption that you will read the kernel source code (since you're working on the kernel, right?) and so the API details are documented primarily in the header and source files themselves.

Finally, "tfm" stands for "transformation".

like image 192
bdonlan Avatar answered Oct 19 '22 16:10

bdonlan


This might be enlightening http://thesweeheng.files.wordpress.com/2007/11/6451.pdf. It explains some of the details regarding the design of the kernel crypto api.

like image 22
ddub Avatar answered Oct 19 '22 17:10

ddub