Many platforms that provide hardware acceleration ofAES encryption expose this to programs through an extension of theinstruction set architecture (ISA) of the various chipsets (e.g.AES instruction set forx86). With this sort of implementation, any program (kernel-mode oruser-space) may utilize these features directly.[2]Some platforms, such as the ARM KirkwoodSheevaPlug andAMD Geode processors, however, are not implemented as ISA extensions, and are only accessible through kernel-mode drivers. In order for user-mode applications that utilize encryption, such aswolfSSL,OpenSSL orGnuTLS, to take advantage of such acceleration, they must interface with the kernel.[3]
AF_ALG
Anetlink-based interface that adds anAF_ALG address family;[4] it was merged into version 2.6.38 of theLinux kernel mainline.[5][6] There was once a plugin toOpenSSL to support AF_ALG,[7] which has been submitted for merging.[8] In version 1.1.0, OpenSSL landed another patch for AF_ALG contributed by Intel.[9]wolfSSL can make use of AF_ALG and cryptodev[10]
