Robert Connolly robert at
Fri Sep 15 21:29:55 PDT 2006

Hi. I just found this project:

The mail thread, about cryptodev, starts here:

This kernel patch adds a /dev/crypto device so packages can use the kernel's 
crypto api, rather than a library like openssl (or libcrypt from libc). This 
allow all applications to use the same standard crypto 
interface/library/module. The website has a patch for openssl.

Currently md5sum (from coreutils), passwd (from shadow), util-linux, openssh, 
and many others, each build in their own md5 library. If there were a 
vulnerability in md5 tommorrow we would have to investigate every installed 
package to check which are affected. Using a kernel module for all md5 hashes 
means only one module would need to be upgraded. This performs better, makes 
things easier to upgrade, and uses less storage space.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <>

More information about the hlfs-dev mailing list