Show openSUSE:Leap:15.2:FactoryCandidates / libkcapi

Overview Repositories Revisions Requests Users Attributes Meta

Linux Kernel Crypto API User Space Interface Library

libkcapi allows user-space to access the Linux kernel crypto API.

libkcapi uses this Netlink interface and exports easy to use APIs so that a developer does not need to consider the low-level Netlink interface handling.

The library does not implement any cipher algorithms. All consumer requests are sent to the kernel for processing. Results from the kernel crypto API are returned to the consumer via the library API.

The kernel interface and therefore this library can be used by unprivileged processes.

The focus during the development of this library is put on speed. This library does not perform any memcpy for processing the cryptographic data! The library uses scatter / gather lists to eliminate the need for moving data around in memory.

Developed at security
Sources inherited from project openSUSE:Factory
4 derived packages
Derived Packages
security

openSUSE:Factory:Rings:1-MinimalX

SUSE:ALP:Source:Standard:0.1

security:tls:staging
Cancel
Download package
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Leap:15.2:FactoryCandidates/libkcapi && cd $_
Create Badge

Build Results
RPM Lint

Refresh

Source Files

Filename	Size	Changed
libkcapi-1.2.0.tar.xz	0000318948 311 KB	over 3 years ago
libkcapi-1.2.0.tar.xz.asc	0000000488 488 Bytes	over 3 years ago
libkcapi.changes	0000011543 11.3 KB	over 3 years ago
libkcapi.keyring	0000003541 3.46 KB	over 4 years ago
libkcapi.spec	0000006941 6.78 KB	over 3 years ago

Revision 7 (latest revision is 9)

Dominique Leuenberger (dimstar_suse) accepted request 831601 from

Marcus Meissner (msmeissn) over 3 years ago (revision 7)

- update to 1.2.0:
 * enhancement: kcapi-hasher: add madvise and 64 bit support by Brandur Simonsen
 * fix: fix clang warnding in KDF implementation by Khem Raj
 * fix: fix inverted logic in kcapi-main test logic reported by Ondrej Mosnáček
 * fix: return error when iteration count is zero for PBKDF as reported by
   Guido Vranken
 * enhancement: add function kcapi_cipher_stream_update_last to indicate the
   last block of a symmetric cipher stream operation
 * disable XTS multithreaded tests as it triggers a race discussed in
   https://github.com/smuellerDD/libkcapi/issues/92. The conclusion is
   the following: xts(aes) doesn't support chaining requests like for other
   ciphers such as CBC (at least as implemented in the kernel Crypto API).
   That can be seen in `crypto/testmgr.h` - the ciphers that are expected to
   return IVs usable for chaining have the `.iv_out` entries filled in in their
   test vectors (and those that don't support it do not). One can see that only
   CTR and CBC test vectors have them, not XTS.
   Looking again at how XTS is defined, it seems one could implement
   transparent chaining by simply decrypting the final tweak using the tweak
   key and return it as the output IV... but I believe this has never been
   mandated nor implemented in the Crypto API (likely because of the overhead
   of the final tweak decryption, which would be pointless if you're not going
   to use the output IV - and there is currently no way to signal to the driver
   that you are going to need it).
 * disable AIO parallel tests due to undefined behavior (forwarded request 830821 from dirkmueller)

Places

Linux Kernel Crypto API User Space Interface Library

Edit Package libkcapi

Source Files

Revision 7 (latest revision is 9)

Comments 0

Places