From ad1c16ec19dddb272d6e4fd8b1a368444fff08c3 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 29 Jul 2010 02:28:33 +0200 Subject: updated --- README | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'README') diff --git a/README b/README index 8e80fcb..aacd304 100644 --- a/README +++ b/README @@ -1,8 +1,7 @@ -This is the linux-cryptodev [newapi] branch. Here a new API is being -designed. The ioctl() API is in ncr.h and the userspace in ncrypto.h. +This is the linux-cryptodev NCR branch. The ioctl() API is in ncr.h. For the new API to fully operate, root must load a system key (constant -per system) using the setkey program. After this stage the new API should +per system) using the ncr-setkey program. After this stage the new API should be fully operational. Example: $ dd if=/dev/urandom of=/boot/key count=1 bs=16 $ chmod 600 /boot/key @@ -15,11 +14,8 @@ keys will not be possible. -The old OpenBSD API via /dev/crypto device driver is still supported. +A compatibility API using OpenBSD's interface via /dev/crypto device driver +is supported. -It was initially written for linux 2.6.8 by Michal Ludvig. Compatibility -fixes for *BSD cryptodev as well as porting to 2.6.27 blkcipher API -by Nikos Mavrogiannopoulos. Initial blkcipher async API porting by -Michael Weiser. Maintained by Nikos Mavrogiannopoulos (nmav [at] gnutls [dot] org) -- cgit From 047bd90807930f589df5aae1a632a831fca976bb Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 29 Jul 2010 09:14:09 +0200 Subject: updated README. --- README | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'README') diff --git a/README b/README index aacd304..cc49177 100644 --- a/README +++ b/README @@ -1,3 +1,5 @@ +=== NCR API === + This is the linux-cryptodev NCR branch. The ioctl() API is in ncr.h. For the new API to fully operate, root must load a system key (constant @@ -8,14 +10,21 @@ $ chmod 600 /boot/key $ userspace/ncr-setkey /boot/key The main concept of the new API is disallow userspace applications -access to cryptographic keys. Operations should be possible (such -as encryption/decryption/signing/verifying), but raw access to the -keys will not be possible. +access to cryptographic keys. Operations are possible (such as +encryption/decryption/signing/verifying), but raw access to the +keys is not be possible. +=== OpenBSD crypto compatibility === A compatibility API using OpenBSD's interface via /dev/crypto device driver -is supported. +is supported. This enables access to kernel space cipher implementations +and hardware accelerators. + + + +For questions and suggestions please use the mailing lists at: +http://home.gna.org/cryptodev-linux/lists.html Maintained by Nikos Mavrogiannopoulos (nmav [at] gnutls [dot] org) -- cgit