The CryptoAPI is a kernel-space instruction set which can be used to encrypt nearly any arbitrary piece of data that the kernel manages. It's primarily used to encrypt filesystems and network connections, but through the use of an encrypting loopback device it realistically be used to encrypt anything that can be used with pipes (thus, nearly everything under Linux).
First, you must identify what version your Kernel is. You will also need the source for your kernel. You need to be sure that the source you are using is the source for the kernel you are running. If you are using something like Red Hat then you undoubtedly are running some custom patched kernel and will not be able to just download from the kernel archives what you need (for this reason, I personally just recommend recompiling your entire kernel).
After you identify your kernel version and have the source, you can obtain the CryptoAPI pacthes from here:
Once you've obtained the CryptoAPI source, you should unpack into someplace. For the sake of this document, let's assume you'll unpack it in /usr/src/cryptoapi.
$ cd /usr/src/cryptoapi
$ tar xvzf cryptoapi-0.1.0.tar.gz
Before we can compile any of the ciphers we need to patch our loop driver to support the encryption hooks. There are currently two loop patches distributed with the CryptoAPI. There is the loopiv patch, which includes minimal support needed for the CryptoAPI. And there is also the loop-jari patch which is distributed with loop-AES (which we will look at shortly), it includes support needed for CryptoAPI plus some additional bug fixes. We will be taking the minimalist approach and only worry about one patch, loop-iv(Initialization Vector), which provides the support for what we need. To do this go to the top level directory of the CryptoAPI sources and use the makefile to do the following:
$ make patchkernel KDIR=<kernel source dir> LOOP=iv
