diff options
| -rw-r--r-- | README | 19 |
1 files changed, 15 insertions, 4 deletions
@@ -1,7 +1,18 @@ -This is a /dev/crypto device driver, equivalent to those in OpenBSD or -FreeBSD. The main idea is to access of existing ciphers in kernel space -from userspace, thus enabling re-use of a hardware implementation of a -cipher. +This is the linux-cryptodev [newapi] branch. Here a new API is being +designed. The ioctl() API is in ncr.h and the userspace in ncrypto.h. + +For the new API to fully operate, root must load a system key (constant +per system) using the setkey program. After this stage the new API should +be fully operational. + +The main concept of the new API is disallow userspace applications +access to cryptographic keys. Operations should be possible (such +as encryption/decryption/signing/verifying), but raw access to the +keys will not be possible. + + + +The old OpenBSD API via /dev/crypto device driver is still supported. It was initially written for linux 2.6.8 by Michal Ludvig. Compatibility fixes for *BSD cryptodev as well as porting to 2.6.27 blkcipher API |