Announcement

Collapse
No announcement yet.

Linux's Crypto API Is Adopting Some Aspects Of Zinc, Opening Door To Mainline WireGuard

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux's Crypto API Is Adopting Some Aspects Of Zinc, Opening Door To Mainline WireGuard

    Phoronix: Linux's Crypto API Is Adopting Some Aspects Of Zinc, Opening Door To Mainline WireGuard

    Mainlining of the WireGuard secure VPN tunnel was being held up by its use of the new "Zinc" crypto API developed in conjunction with this network tech. But with obstacles in getting Zinc merged, WireGuard was going to be resorting to targeting the existing kernel crypto interfaces. Instead, however, it turns out the upstream Linux crypto developers were interested and willing to incorporate some elements of Zinc into the existing kernel crypto implementation...

    http://www.phoronix.com/scan.php?pag...oing-Some-Zinc

  • #2
    I wait for Wiregard TAP support, because it's only TUN support for now.
    Developer of Ultracopier/Supercopier and of the game CatchChallenger

    Comment


    • #3
      Originally posted by alpha_one_x86 View Post
      I wait for Wiregard TAP support, because it's only TUN support for now.
      I wouldn't think it would be possible to make it operate as a TAP device?

      Comment


      • #4
        To have play with TUN and TAP, it's easy option to do.
        Developer of Ultracopier/Supercopier and of the game CatchChallenger

        Comment


        • #5
          Reading Ard Biesheuvel's comments, wireguard will hit the 5.6 merge window.

          Comment


          • #6
            Originally posted by alpha_one_x86 View Post
            I wait for Wiregard TAP support, because it's only TUN support for now.
            You can wait then forever, wireguard is TUN (aka layer 3) only by design. It should be possible to layer a layer 2 in 3 protocol on top of wireguard if you really need layer 2 support.

            From the white paper:
            [...]
            Similarly opinionated, WireGuard is layer 3-only; as explained below in section 2, this is the cleanest approach for ensuring authenticity and attributability of the packets. The authors believe that layer 3 is the correct way for bridging multiple IP networks, and the imposition of this onto WireGuard allows for many simplifications, resulting in a cleaner and more easily implemented protocol.
            [...]

            Comment

            Working...
            X