origin: http://lwn.net/Articles/99175/
From:
Michal Ludvig
To:
CryptoAPI List
Subject:
[PATCH] /dev/crypto for Linux
Date:
Tue, 24 Aug 2004 23:37:27 +0200
Cc:
linux-kernel@vger.kernel.org, James Morris
Hi all,
attached is a driver for OpenBSD-like /dev/crypto device (aka CryptoDev)
that makes a way for userspace processes to access ciphers provided by
in-kernel CryptoAPI modules.
How does it work?
Process opens /dev/crypto and with a set of ioctl() commands does what
it wants to. I.e. obtains a crypto session, does the {enc,dec}ryption
and finally closes the session. The sessions are bound to "struct file"
of the open /dev/crypto and thus are automatically removed even if the
process dies unexpectedly.
What is it good for?
One can build really light-weigth programs with crypto support that
don't need any external libraries (e.g. OpenSSL) or built-in algorithms.
Easier testing of new CryptoAPI ciphers (later also hashes and maybe
asymmetric ciphers as well).
Once, maybe, userspace access to crypto accelerators through kernel
drivers.
etc :-)
For more info about /dev/crypto usage, demo programs and OpenSSL patch
see http://www.logix.cz/michal/devel/cryptodev/