=== NCR API ===

This is the linux-cryptodev NCR branch. The ioctl() API is in ncr.h.

For the new API to fully operate, root must load a system key (constant
per system) using the ncr-setkey program. After this stage the new API should
be fully operational. Example:
$ dd if=/dev/urandom of=/boot/key count=1 bs=16
$ chmod 600 /boot/key
$ userspace/ncr-setkey /boot/key

The main concept of the new API is disallow userspace applications
access to cryptographic keys. Operations are possible (such as
encryption/decryption/signing/verifying), but raw access to the
keys is not be possible.


For questions and suggestions please use the mailing lists at:
http://home.gna.org/cryptodev-linux/lists.html


Maintained by Nikos Mavrogiannopoulos (nmav [at] gnutls [dot] org)
