Cryptography and Hash functions

[leongross]

As far as I see it there is support for some cryptographic operations like sha256 asm wrappers or single aes rounds, but there are no higher level Hash Digest or Encryption functionalities comparable to the crypto api.

Are there plans to implement such interfaces? I searched the Github Issues for keywords but did not find any regarding hashing or encryption.

[bjorn3]

As far as I see it there is support for some cryptographic operations like sha256 asm wrappers or single aes rounds,

These are part of the rust standard library and directly use the respective cpu instructions on x86/x86_64. They don't work on any other archs and don't work on older cpu's without those instructions. They probably shouldn't be directly used by your code.

Are there plans to implement such interfaces?

Wrappers around linux kernel interfaces are mostly implemented once needed for drivers. Is there a specific driver you want to implement that needs certain crypto operations or are you just curious. If the former you could try implementing it yourself or see if someone else is willing to implement it. If the later we will eventually get support for it. It may just take a while. In any case keeping this issue open as a reminder to implement it is fine I think.

[ojeda]

Indeed, the crypto API of the kernel should be used (with a suitable wrapper).

[leongross]

Is there a specific driver you want to implement that needs certain crypto operations or are you just curious

Yes I am implementing a kernel module that needs hashing functionality.

If the former you could try implementing it yourself or see if someone else is willing to implement it. If the later we will eventually get support for it

Is there any documentation on how to approach such kind of development? I have only seen the rust-out-of-tree-module project and the Documentation/rust. But from these it is not clear to me how to integrate C headers in the build process (which seems to be essential to me) and which structural necessities have to be fulfilled. A procedural guide for first-time contributors would be much appreciated and could assist engagement into the project!

[bjorn3]

I believe you have to add the respective C header to https://github.com/Rust-for-Linux/linux/blob/rust/rust/kernel/bindings_helper.h and then add a wrapper to the kernel rust crate. Rust-bindgen then automatically handles generating rust function declarations and type definitions from the C headers.

[ojeda]

Is there any documentation on how to approach such kind of development? I have only seen the rust-out-of-tree-module project and the Documentation/rust. But from these it is not clear to me how to integrate C headers in the build process (which seems to be essential to me) and which structural necessities have to be fulfilled. A procedural guide for first-time contributors would be much appreciated and could assist engagement into the project!

You need to create the necessary abstractions in the kernel crate, and then use those from your module. In other words, it is not that you call or integrate C headers from your Rust module, which I think is what you are thinking about (given you mention the out-of-tree one).

At the moment, the best approach is to take a look at how other abstractions are written and how other modules use those abstractions. Eventually, we can write a guide on that. However, what we can already do is expand a bit on the "Abstractions vs. bindings" section and put some links to the relevant files (e.g. like the one @bjorn3 just gave you). I will take a look at that for next round.

[cqs21]

My driver also needs some crypto API (AEAD and skcipher), and I'm working on it right now. Last week, I committed a version of scatterlist wrapper: cqs21/rust-for-linux@29fab3eb. How could I contribute it to the rust-next branch? PR or mailing lists?

[ojeda]

How could I contribute it to the rust-next branch? PR or mailing lists?

Please see https://rust-for-linux.com/contributing and https://rust-for-linux.com/branches.