diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-12 12:57:11 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-07-12 12:59:56 +0200 |
commit | 4f7b10f59b97b45d42577c4d6d33958d9565aef7 (patch) | |
tree | 0f78a952c73985d7e2d852f90f7319a52db785de /README | |
parent | 8d2faf007636a936a5346426f6fe5c251a1255bb (diff) | |
download | cryptodev-linux-4f7b10f59b97b45d42577c4d6d33958d9565aef7.tar.gz cryptodev-linux-4f7b10f59b97b45d42577c4d6d33958d9565aef7.tar.xz cryptodev-linux-4f7b10f59b97b45d42577c4d6d33958d9565aef7.zip |
Initial additions to have PK encryption/decryption. Separated operations
on keys to read/write to prevent overwriting a key while using it. Several
other cleanups.
Diffstat (limited to 'README')
-rw-r--r-- | README | 5 |
1 files changed, 4 insertions, 1 deletions
@@ -3,7 +3,10 @@ designed. The ioctl() API is in ncr.h and the userspace in ncrypto.h. For the new API to fully operate, root must load a system key (constant per system) using the setkey program. After this stage the new API should -be fully operational. +be fully operational. Example: +$ dd if=/dev/urandom of=/boot/key count=1 bs=16 +$ chmod 600 /boot/key +$ userspace/ncr-setkey /boot/key The main concept of the new API is disallow userspace applications access to cryptographic keys. Operations should be possible (such |