How to Add More Algorithm in Cryptoapi in Linux

How can i add more algorithm in cryptoAPI in linux

Abhi, Kernel crypto API was created in 2002 for protocols, which requires cryptography inside the kernel (in the kernel mode, when you has no reliable way of using user-space crypto):

Although initially aimed at supporting IPSec, the API has been designed as a general-purpose facility, with potential applications including encrypted files, encrypted filesystems, strong filesystem integrity, the random character device (/dev/random), network filesystem security (for example, CIFS) and other kernel networking services requiring cryptography.

So, If you are working in the user-space and has no plans to move into kernel as new FS or new part of network stack, it is easier and more portable to use user-space library for crypto. User-space lib may use or not use kernel API for some ciphers, but likely it will use user-space implementation. There are a lot of such libs, e.g. openssl, Libgcrypt etc. Some huge frameworks, like Qt may include some popular crypto too.

To expand cryptoapi in kernel with new algo you should have this algo implemented and compiled for your kernel (either as module or as part of kernel binary). To find name of modules compiled for your kernel, try ls /lib/modules/*/*/arch/*/crypto/ /lib/modules/*/*/crypto/; then you can call for example modprobe aes_generic or modprobe aes-x86_64 to load additional crypto module in API.

After modprobe aes-x86_64 I have:

# cat /proc/crypto |grep aes
name         : aes
driver       : aes-asm
module       : aes_x86_64
name         : aes
driver       : aes-generic
module       : aes_generic

how to add an crypto algorithm to linux crypto api

You need to use the kernel Crypto API (but I dont recommend rolling out your own crypto algorithms). You register your crypto algorithm using this function call.

int crypto_register_alg(struct crypto_alg *alg);

But make sure you correctly filled the struct crypto_alg first.
struct crypto_alg Link holds info about your algorithm which also contain struct cipher_alg Link which in turn contain pointers to the encrypt and decrypt functions.

Cryptographic API vs manually implemented algorithm

MD5 is probably available everywhere. CRC32 is so simple (and not really cryptography) that you can just include or implement it directly in your application.

The Windows crypto API supports multiple providers and the default provider is probably fully implemented in user mode without switching to kernel mode for most things. The PRng and AES encryption might be implemented in hardware.

What is your goal? Speed? No backdoors? Obscure algorithms?

how to use CryptoAPI in the linux kernel 2.6

There are a couple of places in the kernel which use the crypto module: the eCryptfs file system (linux/fs/ecryptfs/) and the 802.11 wireless stack (linux/drivers/staging/rtl8187se/ieee80211/). Both of these use AES, but you may be able to extrapolate what you find there to MD5.

Linux Kernel Crypto API : skcipher algorithm name not found by crypto_alloc_skcipher

I managed to resolve the problem, it was stupid mistake because of the Init algorithm function that I confused with Init function module.