# APIs Source: [https://docs.qualcomm.com/doc/80-70014-11/topic/interfaces.html](https://docs.qualcomm.com/doc/80-70014-11/topic/interfaces.html) The security APIs offer the ability to interface with the Linux kernel and the device’s hardware. They also facilitate various software services that can be executed in a trusted execution environment. ## User space APIs These are functions that the Linux OS accesses to interact with the kernel. Users with full access to the proprietary software shipped with Qualcomm Linux can view these APIs. If you have access, see [User space APIs](https://docs.qualcomm.com/bundle/resource/topics/80-70014-11A/user-space-apis.html). ## Interfaces exposed for PKCS#11 See [PKCS11 Cryptographic Token Interface Usage Guide](http://docs.oasis-open.org/pkcs11/pkcs11-ug/v2.40/pkcs11-ug-v2.40.html) and [PKCS #11 Cryptographic Token Interface Base Specification Version 2.40 (oasis-open.org)](http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html). ## Kernel APIs These are functions that allow the Qualcomm Linux software to interact with the device hardware. **Crypto APIs** The `qcrypto.ko` driver is located on the device at /lib/modules/<version>/kernel/drivers/crypto/qce. Both kernel-level and user-level APIs can access the crypto engine. For the APIs, see the kernel crypto documentation at `Documentation/crypto/`. The following algorithms are supported: - RFC 4309 (CCCM(AES)) - CCM (AES) - Authenc (HMAC (SHA-256), CBC (AES)) - Authenc (HMAC (SHA-256), CBC (DES3\_EDE)) - Authenc (HMAC (SHA-256), CBC (DES)) - Authenc (HMAC (SHA-1), CBC (DES3\_EDE)) - Authenc (HMAC (SHA-1), CBC (DES)) - HMAC (SHA-256) - HMAC (SHA-1) - SHA-256 - SHA-1 - CBC (DES3\_EDE) - ECB (DES3\_EDE) - CBC (DES) - ECB (DES) - XTS (AES) - CTR (AES) - CBC (AES) - ECB (AES) For more information on the Qualcomm crypto core, see [Cryptography](https://docs.qualcomm.com/bundle/publicresource/topics/80-70014-11/crypto-core.html). For more details on crypto APIs, see [https://www.kernel.org/doc/html/v6.6/crypto/index.html](https://www.kernel.org/doc/html/v6.6/crypto/index.html). **Hardware random generator APIs** The Qualcomm Linux platform supports a true random number generator using the `qcom-rng` Linux driver. The random number generated from `qcom-rng` uses Kernel crypto for the random number generator API. In user space, a random number can be accessed at `/dev/hwrng`. For more information on the hardware random number generator, see the kernel documentation at Documentation/hw\_random.txt. For PRNG APIs, see [https://www.kernel.org/doc/Documentation/hw_random.txt](https://www.kernel.org/doc/Documentation/hw_random.txt). ## Qualcomm TEE APIs Qualcomm TEE provides a collection of APIs that offer services to secure applications. These services include heap management, logging, secure file system access, listener interactions, and cryptography and hashing functions. Users with full access to the proprietary software shipped with Qualcomm Linux can view these APIs. If you have access, see [Qualcomm Linux Security Guide - Addendum → Qualcomm TEE APIs](https://docs.qualcomm.com/bundle/resource/topics/80-70014-11A/trusted-execution-environment-apis.html). Last Published: Aug 06, 2024 [Previous Topic Architecture](https://docs.qualcomm.com/bundle/publicresource/80-70014-11/topics/architecture.md) [Next Topic Develop](https://docs.qualcomm.com/bundle/publicresource/80-70014-11/topics/develop_lru.md)