我正在尝试使用我的随机生成器,所以我决定给出库卡皮尝试一下。
这是我所做的:
$ wget http://www.chronox.de/libkcapi/libkcapi-0.13.0.tar.xz
$ tar xf libkcapi-0.13.0.tar.xz
$ cd libkcapi-0.13.0
$ cd lib
$ make
$ cd ../test
$ make
$ ./kcapi -x 3 -c sha1 -p 8c899bba
libkcapi - Error: Netlink error: cannot open netlink socket
libkcapi - Error: Netlink error: cannot open netlink socket
libkcapi - Error: NETLINK_CRYPTO: cannot obtain cipher information for sha1 (is required crypto_user.c patch missing? see documentation)
Allocation of hash sha1 failed
Failed to invoke testing
看看 strace 输出,我看到的是:
socket(AF_NETLINK, SOCK_RAW, NETLINK_CRYPTO) = -1 EPROTONOSUPPORT (Protocol not supported)
write(2, "libkcapi - Error: Netlink error:"..., 60libkcapi - Error: Netlink error: cannot open netlink socket
) = 60
socket(AF_NETLINK, SOCK_RAW, NETLINK_CRYPTO) = -1 EPROTONOSUPPORT (Protocol not supported)
write(2, "libkcapi - Error: Netlink error:"..., 60libkcapi - Error: Netlink error: cannot open netlink socket
) = 60
write(2, "libkcapi - Error: NETLINK_CRYPTO"..., 137libkcapi - Error: NETLINK_CRYPTO: cannot obtain cipher information for sha1 (is required crypto_user.c patch missing? see documentation)
正如顶级 README.md 文件中提到的:
内核接口以及该库可以被非特权进程使用。
我也尝试过使用,sudo但运气不佳。
作为参考,我正在使用:
$ uname -a
Linux macbookpro 4.9.0-3-amd64 #1 SMP Debian 4.9.30-2+deb9u2 (2017-06-26) x86_64 GNU/Linux
有谁知道如何libkcapi在 Linux 上使用 吗?
答案1
事实上,答案很简单。从文档中:
我需要以下内容:
- CONFIG_CRYPTO_USER
- CONFIG_CRYPTO_USER_API
- CONFIG_CRYPTO_USER_API_HASH
- CONFIG_CRYPTO_USER_API_SKCIPHER
- CONFIG_CRYPTO_USER_API_AEAD
- CONFIG_CRYPTO_USER_API_RNG
- (CONFIG_CRYPTO_USER_API_AKCIPHER) 不需要
然而,这是我使用默认 Debian 内核得到的结果:
% grep CONFIG_CRYPTO_USER /boot/config-4.9.0-3-amd64
# CONFIG_CRYPTO_USER is not set
CONFIG_CRYPTO_USER_API=m
CONFIG_CRYPTO_USER_API_HASH=m
CONFIG_CRYPTO_USER_API_SKCIPHER=m
# CONFIG_CRYPTO_USER_API_RNG is not set
CONFIG_CRYPTO_USER_API_AEAD=m
我已经举报了,让我们看看会发生什么: