Computer Disk Encryption Security Software: Overview The Solaris Cryptographic Framework provides cryptographic services to users and applications through commands, a user-level programming interface, a kernel programming interface, and user-level and kernel-level frameworks. The Solaris Cryptographic Framework provides these cryptographic services to applications and kernel modules in a manner seamless to the end user, and brings direct cryptographic services, like encryption and decryption for files, to the end user.

---

1.0 Overview

The Solaris Cryptographic Framework provides cryptographic services to users and applications through commands, a user-level programming interface, a kernel programming interface, and user-level and kernel-level frameworks. The Solaris Cryptographic Framework provides these cryptographic services to applications and kernel modules in a manner seamless to the end user, and brings direct cryptographic services, like encryption and decryption for files, to the end user.

The user-level framework is responsible for providing cryptographic services to consumer applications and the end-user commands. The kernel-level framework provides cryptographic services to kernel modules and device drivers. Both frameworks give developers and users access to software-optimized cryptographic algorithms.

The programming interfaces are front-ends to each of the frameworks. A library or a kernel module that provides cryptographic services can be plugged into one of the frameworks by the system administrator, making the plug-in's cryptographic services available to applications or kernel modules. This flexibility allows the system administrator to plug in different cryptographic algorithm implementations or hardwareaccelerated cryptographic providers.

2.0 Framework Architecture

This section provides an overview of the Solaris Cryptographic Framework's architecture. The following diagram illustrates this architecture and the interrelationships between its many components and the Solaris Operating System (OS).

This architectural illustration makes use of the following conventions:

• Each software component is shown as a rectangle.


• Rectangle size does not indicate the size or complexity of the feature.
• Public (documented) programmatic interfaces appear as labeled bars on the top or bottom of the component. Bars at the top of a software module represent the APIs. Bars at the bottom represent the service provider interface (SPI).
• Plug-ins are represented as rectangles plugged into SPIs. These can be replaced or added to a framework. Third parties can only write such components if a public framework provider interface exists.
• Arrows indicate general (not literal) flow of control.
• Circles represent a Solaris process sometimes called a daemon.