origin: http://lwn.net/Articles/99175/
From: | Michal Ludvig <mludvig@suse.cz> | |
To: | CryptoAPI List <cryptoapi@lists.logix.cz> | |
Subject: | [PATCH] /dev/crypto for Linux | |
Date: | Tue, 24 Aug 2004 23:37:27 +0200 | |
Cc: | linux-kernel@vger.kernel.org, James Morris <jmorris@redhat.com> |
Hi all, attached is a driver for OpenBSD-like /dev/crypto device (aka CryptoDev) that makes a way for userspace processes to access ciphers provided by in-kernel CryptoAPI modules. How does it work? Process opens /dev/crypto and with a set of ioctl() commands does what it wants to. I.e. obtains a crypto session, does the {enc,dec}ryption and finally closes the session. The sessions are bound to "struct file" of the open /dev/crypto and thus are automatically removed even if the process dies unexpectedly. What is it good for? One can build really light-weigth programs with crypto support that don't need any external libraries (e.g. OpenSSL) or built-in algorithms. Easier testing of new CryptoAPI ciphers (later also hashes and maybe asymmetric ciphers as well). Once, maybe, userspace access to crypto accelerators through kernel drivers. etc :-) For more info about /dev/crypto usage, demo programs and OpenSSL patch see http://www.logix.cz/michal/devel/cryptodev/