New submission from Christian Heimes: Linux has a netlink-based user-space interface for Kernel cryptography. Kernel based crypto has a couple of advantages that are explained at http://www.chronox.de/libkcapi/html/ch01s02.html . The document doesn't mention that a crypto socket also supports splicing and sendfile. Files no longer have to be copied to user-space.
My experimental branch https://github.com/tiran/cpython/commits/feature/af_alg implements af_alg support. Example: from socket import socket, AF_ALG, SOCK_SEQPACKET, SOL_ALG, ALG_SET_KEY from binascii import hexlify with socket(AF_ALG, SOCK_SEQPACKET, 0) as alg: alg.bind(('hash', 'hmac(sha512)')) alg.setsockopt(SOL_ALG, ALG_SET_KEY, b'key') op, _ = alg.accept() with open('/etc/passwd', 'rb') as f: op.sendfile(f) print(hexlify(op.recv(64))) op.close() ---------- components: Extension Modules messages: 272516 nosy: christian.heimes priority: normal severity: normal status: open title: Add AF_ALG (Linux Kernel crypto) to socket module type: enhancement versions: Python 3.6 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue27744> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
