there is a layer "built in" for exactly the purpose you propose http://source.android.com/tech/security/index.html
describes the entire area in elaborate detail On Oct 13, 1:08 am, tilak <tangudu.ti...@gmail.com> wrote: > Hi Crypto friends, > > We are designing a new hardware crypto module with DES,SHA ,MD5 and > AES to off load processor.The task is to use the hardware acceleration > instead of using default software implementations in kernel. > > Splitting my task into two parts > > Part-1:Hardware crypto acceleration for userspace applications like > openssl > > Part-1:Hardware crypto acceleration for userspace applications like > openssl > In this part, I would like to integrate my low level crypto driver > hardware acceleration code in /dev/crypto module and would like to > load it as openssl engine. > > 1)Are there any draw backs in my approach? > 2)Are there any other better methods that can be implemented here > instead of the above approach? > 3)My main aim is that all the user applications should use my hardware > acceleration?Will the above /dev/crypto approach solve my purpose? > > Part-2:Hardware crypto acceleration for Ipsec > I am not clear how to implement this part? > > 1)In this part,I understood from blogs that the native IPsec stack in > kernel uses Kernel Crypto API. > Am I right? > > 2)If I am right,Is it recommendable to hack Kernel Crypto API to use > our hardware acceleration code? > > 3)I heard about openswan,strongswan,racoon and isakmpd IPsec > stack.would replace the native IPsec stack in kernel? Am i right? > If I am wrong, I hope the above (openswan,strongswan,racoon and > isakmpd IPsec stack) would use the native IPSec stack? > If I am right,Can I hack any of the above IPsec stacks to implement my > hardware acceleration code? > > 4)What is the best way to off load processor and make IPsec to use my > hardware acceleration code? > > Happy Crypting > > Tilak -- unsubscribe: android-kernel+unsubscr...@googlegroups.com website: http://groups.google.com/group/android-kernel
