This is the linux-cryptodev [newapi] branch. Here a new API is being
designed. The ioctl() API is in ncr.h and the userspace in ncrypto.h.

For the new API to fully operate, root must load a system key (constant
per system) using the setkey program. After this stage the new API should
be fully operational. Example:
$ dd if=/dev/urandom of=/boot/key count=1 bs=16
$ chmod 600 /boot/key
$ userspace/ncr-setkey /boot/key

The main concept of the new API is disallow userspace applications
access to cryptographic keys. Operations should be possible (such
as encryption/decryption/signing/verifying), but raw access to the
keys will not be possible.



The old OpenBSD API via /dev/crypto device driver is still supported.

It was initially written for linux 2.6.8 by Michal Ludvig. Compatibility
fixes for *BSD cryptodev as well as porting to 2.6.27 blkcipher API 
by Nikos Mavrogiannopoulos. Initial blkcipher async API porting by
Michael Weiser.

Maintained by Nikos Mavrogiannopoulos (nmav [at] gnutls [dot] org)