Does Linux Kernel Support RSA Encryption/Decryption?

4
votes

I'm currently working on a prototype. I need RSA Encryption at the Linux Kernel level,although from my research, it seems that the Linux Kernel only supports signature verification. When I look through the code in rsa.c and rsa_helper.c, it seems that there is a rsa global struct that is set to static that has function pointers with variable names: encrypt and decrypt.

Also, there is not a lot of documentation on the asymmetric API. The tcrypto.c does not even test any of the asymmetric crypto API. This seems to be a huge limitation. I am aware that asymmetric encryption is not as fast as symmetric encryption, but I need it for my prototype.

Hopefully,I will not need to roll my own RSA encryption/decryption routines, because this would be a major set back.

1
cryptographylinuxrsaapikernel
Have you checked the kconfig? It has options for enabling RSA in the Crypto API. - forest
@forest Nvm, I see it. - Gary Drocella
Have you checked kernel.org/doc/html/v4.10/crypto/api-akcipher.html? - Lie Ryan
Yes, I did see that. It doesn't seem to give a lot of information, though. For example, crypto_alloc_akcipher parameters are alg_name, type, and mask. It doesn't really go into great detail of the values of those parameters to pass. I guess I'll just have to do some digging in the source code. - Gary Drocella
If you just want to write a program that supports RSA, you don't need to call into the kernel to do that. It would be completely fine to use a library that implements RSA. - forest

1 Answers

3
votes

Yes, the Linux Kernel supports RSA Encryption/Decryption.

Thanks to some comments I decided to dig a little bit deeper into the Kernel Source. This page is sort of helpful. It unfortunately doesn't require any code samples.

If you would like some code samples, then you can take a look at testmgr.c under the crypto directory. It contains a comprehensive list of supported algorithms in the code.