devcrypto

Updated: May 06, 2022

Access cryptographic accelerators

Syntax:

 devcrypto [-D] [-o options] plugin

Runs on:

QNX Neutrino

Options:

-D
(Optional) Don't daemonize.
-o options
(Optional) Options to pass to the specified plugin as a string.
plugin
The name of the plugin DLL (for example, devcr-plugin.so).

Description:

The devcrypto service provides access to cryptographic accelerators via the device entry /dev/crypto.

The service daemonizes itself automatically.

The devcrypto receives commands from clients via ioctl(). Commands are sent using regular message passing functionality. Clients require a link to libdevcr-ioctl.so to intercept ioctl() calls and redirect them to devcrypto.

The ioctl() function provides the following crypto-related commands:

CIOCAUTHCRYPT
Handle AEAD ciphers such as AES-GCM.
CIOCCPHASH
Copy a digest state from one session to another to continue the digest operation.
CIOCCRYPT
Request a symmetric-key (or unkeyed hash) operation.
CIOCFSESSION
Finish a session for crypto operations.
CIOCGSESSION
Set up a session for symmetric crypto operations.
CRIOGET
Get a cloned file descriptor of /dev/crypto by calling open() (see open() in the C Library Reference). This isn't necessary in QNX Neutrino, but we've provided it for compatibility and portability.

For more information, see ioctl() in the C Library Reference.

For more information about devcrypto, see “Cryptography Support,” “The devcrypto plugin API (devcrypto_plugin.h),” and “The devcrypto I/O command API (cryptodev.h)” in the Security Developer's Guide.