Initial additions to have PK encryption/decryption. Separated operations

on keys to read/write to prevent overwriting a key while using it. Several other cleanups.
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-07-12 12:57:11 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-07-12 12:59:56 +0200
commit: 4f7b10f59b97b45d42577c4d6d33958d9565aef7 (patch)
tree: 0f78a952c73985d7e2d852f90f7319a52db785de /README
parent: 8d2faf007636a936a5346426f6fe5c251a1255bb (diff)
download: cryptodev-linux-4f7b10f59b97b45d42577c4d6d33958d9565aef7.tar.gz
cryptodev-linux-4f7b10f59b97b45d42577c4d6d33958d9565aef7.tar.xz
cryptodev-linux-4f7b10f59b97b45d42577c4d6d33958d9565aef7.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/README b/README
index d32b28a..8e80fcb 100644
--- a/README
+++ b/README
@@ -3,7 +3,10 @@ designed. The ioctl() API is in ncr.h and the userspace in ncrypto.h.
 
 For the new API to fully operate, root must load a system key (constant
 per system) using the setkey program. After this stage the new API should
-be fully operational. 
+be fully operational. Example:
+$ dd if=/dev/urandom of=/boot/key count=1 bs=16
+$ chmod 600 /boot/key
+$ userspace/ncr-setkey /boot/key
 
 The main concept of the new API is disallow userspace applications
 access to cryptographic keys. Operations should be possible (such
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-07-12 12:57:11 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-07-12 12:59:56 +0200
commit	4f7b10f59b97b45d42577c4d6d33958d9565aef7 (patch)
tree	0f78a952c73985d7e2d852f90f7319a52db785de /README
parent	8d2faf007636a936a5346426f6fe5c251a1255bb (diff)
download	cryptodev-linux-4f7b10f59b97b45d42577c4d6d33958d9565aef7.tar.gz cryptodev-linux-4f7b10f59b97b45d42577c4d6d33958d9565aef7.tar.xz cryptodev-linux-4f7b10f59b97b45d42577c4d6d33958d9565aef7.zip