1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ANSI_X3.4-1968"><title>User Space API General Remarks</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"><link rel="home" href="index.html" title="Linux Kernel Crypto API"><link rel="up" href="User.html" title="Chapter 4. User Space Interface"><link rel="prev" href="User.html" title="Chapter 4. User Space Interface"><link rel="next" href="ch04s03.html" title="In-place Cipher operation"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">User Space API General Remarks</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="User.html">Prev</a> </td><th width="60%" align="center">Chapter 4. User Space Interface</th><td width="20%" align="right"> <a accesskey="n" href="ch04s03.html">Next</a></td></tr></table><hr></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="idp1097347956"></a>User Space API General Remarks</h2></div></div></div><p> 2 The kernel crypto API is accessible from user space. Currently, 3 the following ciphers are accessible: 4 </p><div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; "><li class="listitem"><p>Message digest including keyed message digest (HMAC, CMAC)</p></li><li class="listitem"><p>Symmetric ciphers</p></li><li class="listitem"><p>AEAD ciphers</p></li><li class="listitem"><p>Random Number Generators</p></li></ul></div><p> 5 The interface is provided via socket type using the type AF_ALG. 6 In addition, the setsockopt option type is SOL_ALG. In case the 7 user space header files do not export these flags yet, use the 8 following macros: 9 </p><pre class="programlisting"> 10#ifndef AF_ALG 11#define AF_ALG 38 12#endif 13#ifndef SOL_ALG 14#define SOL_ALG 279 15#endif 16 </pre><p> 17 A cipher is accessed with the same name as done for the in-kernel 18 API calls. This includes the generic vs. unique naming schema for 19 ciphers as well as the enforcement of priorities for generic names. 20 </p><p> 21 To interact with the kernel crypto API, a socket must be 22 created by the user space application. User space invokes the cipher 23 operation with the send()/write() system call family. The result of the 24 cipher operation is obtained with the read()/recv() system call family. 25 </p><p> 26 The following API calls assume that the socket descriptor 27 is already opened by the user space application and discusses only 28 the kernel crypto API specific invocations. 29 </p><p> 30 To initialize the socket interface, the following sequence has to 31 be performed by the consumer: 32 </p><div class="orderedlist"><ol class="orderedlist" type="1"><li class="listitem"><p> 33 Create a socket of type AF_ALG with the struct sockaddr_alg 34 parameter specified below for the different cipher types. 35 </p></li><li class="listitem"><p> 36 Invoke bind with the socket descriptor 37 </p></li><li class="listitem"><p> 38 Invoke accept with the socket descriptor. The accept system call 39 returns a new file descriptor that is to be used to interact with 40 the particular cipher instance. When invoking send/write or recv/read 41 system calls to send data to the kernel or obtain data from the 42 kernel, the file descriptor returned by accept must be used. 43 </p></li></ol></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="User.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="User.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="ch04s03.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 4. User Space Interface </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> In-place Cipher operation</td></tr></table></div></body></html> 44