1.\" $OpenBSD: crypto.4,v 1.4 2002/09/12 07:15:03 deraadt Exp $ 2.\" 3.\" Copyright (c) 2001 Theo de Raadt 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. The name of the author may not be used to endorse or promote products 15.\" derived from this software without specific prior written permission. 16.\" 17.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 19.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 20.\" DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, 21.\" INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 22.\" (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 23.\" SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 25.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 26.\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27.\" POSSIBILITY OF SUCH DAMAGE. 28.\" 29.\" $FreeBSD$ 30.\" 31.Dd August 1, 2007 32.Dt CRYPTO 4 33.Os 34.Sh NAME 35.Nm crypto , 36.Nm cryptodev 37.Nd hardware crypto access driver 38.Sh SYNOPSIS 39.Cd device crypto 40.Cd device cryptodev 41.Sh DESCRIPTION 42The 43.Nm 44driver provides a device-independent framework to support 45cryptographic operations in the kernel. 46The 47.Nm cryptodev 48driver provides userland applications access to this support 49through the 50.Pa /dev/crypto 51device. 52This node primarily operates in an 53.Xr ioctl 2 54based model, permitting a variety of applications to query device capabilities, 55submit transactions, and get results. 56.Pp 57If 58.Ar count 59given in the specification, and is greater than 0, a maximum of one 60.Nm 61device is created. 62.Pp 63The following 64.Xr ioctl 2 65calls apply only to the 66.Nm 67devices: 68.Bl -tag -width ".Dv CIOCGSESSION" 69.It Dv CIOCGSESSION 70Setup a new crypto session for a new type of operation. 71.It Dv CIOCFSESSION 72Free a previously established session. 73.It Dv CIOCCRYPT 74Perform a crypto operation against a previously setup session. 75.El 76.Sh FEATURES 77Depending on hardware being present, the following symmetric and 78asymmetric cryptographic features are potentially available from 79.Pa /dev/crypto : 80.Pp 81.Bl -tag -width ".Dv CRYPTO_RIPEMD160_HMAC" -offset indent -compact 82.It Dv CRYPTO_DES_CBC 83.It Dv CRYPTO_3DES_CBC 84.It Dv CRYPTO_BLF_CBC 85.It Dv CRYPTO_CAST_CBC 86.It Dv CRYPTO_SKIPJACK_CBC 87.It Dv CRYPTO_MD5_HMAC 88.It Dv CRYPTO_SHA1_HMAC 89.It Dv CRYPTO_RIPEMD160_HMAC 90.It Dv CRYPTO_MD5_KPDK 91.It Dv CRYPTO_SHA1_KPDK 92.It Dv CRYPTO_AES_CBC 93.It Dv CRYPTO_ARC4 94.It Dv CRYPTO_MD5 95.It Dv CRYPTO_SHA1 96.It Dv CRK_MOD_EXP 97.It Dv CRK_MOD_EXP_CRT 98.It Dv CRK_DSA_SIGN 99.It Dv CRK_DSA_VERIFY 100.It Dv CRK_DH_COMPUTE_KEY 101.El 102.Sh FILES 103.Bl -tag -width ".Pa /dev/crypto" -compact 104.It Pa /dev/crypto 105crypto access device 106.El 107.Sh SEE ALSO 108.Xr hifn 4 , 109.Xr ipsec 4 , 110.Xr padlock 4 , 111.Xr safe 4 , 112.Xr ubsec 4 , 113.Xr geli 8 , 114.Xr crypto 9 115.Sh HISTORY 116The 117.Nm 118driver first appeared in 119.Ox 3.0 . 120The 121.Nm 122driver was imported to 123.Fx 5.0 . 124