[OpenAFS-devel] Re: [GSoC 2010] Encrypted storage
Simon Wilkinson
sxw@inf.ed.ac.uk
Thu, 25 Mar 2010 09:52:45 +0000
On 24 Mar 2010, at 19:59, Andrew Deason wrote:
>=20
> Simon or someone else can feel free to correct me... but you need to =
be
> doing this in the kernel[0], which rules out OpenSSL (as I understand
> it). The only feasible options I remember being discussed were =
Heimdal's
> hcrypto or something in-tree like Marcus' k5ssl.
As I posted here in October last year, OpenAFS's long term crypto plans =
centre around Heimdal's libhcrypto. libhcrypto supports an EVP style =
interface, which means it will be relatively straightforward to replace =
it with OpenSSL for userspace applications, and should be possible to =
replace it with native kernel crypto operations on platforms where those =
are available. We don't have any interest in maintaining our own crypto =
library - so we're unlikely to import the crypto portions of k5ssl, and =
we wouldn't want GSoC code targetted against this.
> [0] It is technically possible to do the encryption in user-space, if
> you call out to a userspace binary like we do for afsdb lookups. In =
the
> long run, that approach becomes infeasible...
You definitely wouldn't want to do the block ciphering in userspace - =
the amount of data being thrown across the kernel/userspace boundary =
would be insane. It is possible, however, that we might want to do the =
public key encryption of the per-file-key in a userspace callout.
Cheers,
Simon.