[issue27744] Add AF_ALG (Linux Kernel crypto) to socket module
Christian Heimes
report at bugs.python.org
Fri Aug 12 06:21:30 EDT 2016
New submission from Christian Heimes:
Linux has a netlink-based user-space interface for Kernel cryptography. Kernel based crypto has a couple of advantages that are explained at http://www.chronox.de/libkcapi/html/ch01s02.html . The document doesn't mention that a crypto socket also supports splicing and sendfile. Files no longer have to be copied to user-space.
My experimental branch https://github.com/tiran/cpython/commits/feature/af_alg implements af_alg support. Example:
from socket import socket, AF_ALG, SOCK_SEQPACKET, SOL_ALG, ALG_SET_KEY
from binascii import hexlify
with socket(AF_ALG, SOCK_SEQPACKET, 0) as alg:
alg.bind(('hash', 'hmac(sha512)'))
alg.setsockopt(SOL_ALG, ALG_SET_KEY, b'key')
op, _ = alg.accept()
with open('/etc/passwd', 'rb') as f:
op.sendfile(f)
print(hexlify(op.recv(64)))
op.close()
----------
components: Extension Modules
messages: 272516
nosy: christian.heimes
priority: normal
severity: normal
status: open
title: Add AF_ALG (Linux Kernel crypto) to socket module
type: enhancement
versions: Python 3.6
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue27744>
_______________________________________
More information about the Python-bugs-list
mailing list