robert at linuxfromscratch.org
Fri Sep 15 21:29:55 PDT 2006
Hi. I just found this project:
The kernel.org mail thread, about cryptodev, starts here:
This kernel patch adds a /dev/crypto device so packages can use the kernel's
crypto api, rather than a library like openssl (or libcrypt from libc). This
allow all applications to use the same standard crypto
interface/library/module. The website has a patch for openssl.
Currently md5sum (from coreutils), passwd (from shadow), util-linux, openssh,
and many others, each build in their own md5 library. If there were a
vulnerability in md5 tommorrow we would have to investigate every installed
package to check which are affected. Using a kernel module for all md5 hashes
means only one module would need to be upgraded. This performs better, makes
things easier to upgrade, and uses less storage space.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the hlfs-dev