Added KEY_WRAPPING flag that allows a key to be used for wrapping other keys.

Only superuser can enable this flag. Prevent short keys to wrap longer ones. Added initial stuff for supporting wrapping of private and public keys.
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-08-19 18:20:26 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-08-19 18:20:26 +0200
commit: 5507ea6f51bd227ce4af661d550ad4d4de80674b (patch)
tree: 324958e4792047c42f9cc41041c5e0c7c0843103 /ncr.h
parent: a7befd9b8fba6f6d777f7d8436154dc62f1fa652 (diff)
download: cryptodev-linux-5507ea6f51bd227ce4af661d550ad4d4de80674b.tar.gz
cryptodev-linux-5507ea6f51bd227ce4af661d550ad4d4de80674b.tar.xz
cryptodev-linux-5507ea6f51bd227ce4af661d550ad4d4de80674b.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/ncr.h b/ncr.h
index a377824..cddde07 100644
--- a/ncr.h
+++ b/ncr.h
@@ -70,6 +70,10 @@ typedef int ncr_key_t;
  */
 #define NCR_KEY_FLAG_DECRYPT (1<<2)
 #define NCR_KEY_FLAG_SIGN (1<<3)
+/* This flag can only be set by administrator, to prevent
+ * adversaries exporting wrappable keys with random ones.
+ */
+#define NCR_KEY_FLAG_WRAPPING (1<<4)
 
 struct ncr_key_generate_params_st {
 	ncr_algorithm_t algorithm; /* just a cipher algorithm when
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-08-19 18:20:26 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-08-19 18:20:26 +0200
commit	5507ea6f51bd227ce4af661d550ad4d4de80674b (patch)
tree	324958e4792047c42f9cc41041c5e0c7c0843103 /ncr.h
parent	a7befd9b8fba6f6d777f7d8436154dc62f1fa652 (diff)
download	cryptodev-linux-5507ea6f51bd227ce4af661d550ad4d4de80674b.tar.gz cryptodev-linux-5507ea6f51bd227ce4af661d550ad4d4de80674b.tar.xz cryptodev-linux-5507ea6f51bd227ce4af661d550ad4d4de80674b.zip