blob: cc49177774f7078ade99f4970fa629c64292cbb4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
=== NCR API ===
This is the linux-cryptodev NCR branch. The ioctl() API is in ncr.h.
For the new API to fully operate, root must load a system key (constant
per system) using the ncr-setkey program. After this stage the new API should
be fully operational. Example:
$ dd if=/dev/urandom of=/boot/key count=1 bs=16
$ chmod 600 /boot/key
$ userspace/ncr-setkey /boot/key
The main concept of the new API is disallow userspace applications
access to cryptographic keys. Operations are possible (such as
encryption/decryption/signing/verifying), but raw access to the
keys is not be possible.
=== OpenBSD crypto compatibility ===
A compatibility API using OpenBSD's interface via /dev/crypto device driver
is supported. This enables access to kernel space cipher implementations
and hardware accelerators.
For questions and suggestions please use the mailing lists at:
http://home.gna.org/cryptodev-linux/lists.html
Maintained by Nikos Mavrogiannopoulos (nmav [at] gnutls [dot] org)
|