Hello Michael,
We have a minor issue if you use OpenSSL key module and then import
the keys into smartcard.
OpenSSL key module uses RSA_PKCS1_OAEP_PADDING, while the minimum
common ground for smartcards is support of RSA_PKCS1_PADDING.
Can you please consider modifying OpenSSL key module to use
On 10/14/07, Alon Bar-Lev <[EMAIL PROTECTED]> wrote:
> On 10/14/07, Michael Halcrow <[EMAIL PROTECTED]> wrote:
> > wake_up_process() is not doing what we want it to do when we want it
> > to do it. I'll have to investigate.
>
> Can you please consider notifying userspace of timeout?
> Something lik
On 10/15/07, Trevor Highland <[EMAIL PROTECTED]> wrote:
> Alon,
>
> The documentation you are looking for can be found in the kernel source with
> the following path Documentation/keys.txt. The keyutils package is an
> interface to the kernel key ring which stores keys. The keyring was
> designed
Alon,
The documentation you are looking for can be found in the kernel source with
the following path Documentation/keys.txt. The keyutils package is an
interface to the kernel key ring which stores keys. The keyring was
designed for keys that are cached for file systems and other os services.
I
* Alon Bar-Lev <[EMAIL PROTECTED]> wrote:
> In fact my test configuration uses eCryptfs over loop-aes over
> ext3... :)
same here :)
--
left blank, right bald
pgp3QY6svPFcj.pgp
Description: PGP signature
-
This SF.net ema
On 10/14/07, Michael Halcrow <[EMAIL PROTECTED]> wrote:
> wake_up_process() is not doing what we want it to do when we want it
> to do it. I'll have to investigate.
Can you please consider notifying userspace of timeout?
Something like SIGHUP to daemon?
Best Regards,
Alon Bar-Lev.
--
Hello Michael,
I asked this in the past but not got a reply regarding this... This is
part of my stupid questions...
If I understand correctly, whatever user put in key store he can read it.
So putting passphrase or any sensitive information in the key store is
very problematic.
I guess I miss
On 10/14/07, Michael Halcrow <[EMAIL PROTECTED]> wrote:
> > Are you thinking users will execute libraries from eCrypfs?
>
> Absolutely. I know of users who are mounting their entire root under
> eCryptfs.
This is strange!
loop-aes should be much better solution.
My installations use the following:
On 10/14/07, Trevor Highland <[EMAIL PROTECTED]> wrote:
> Hi Alon,
Hi!
> Do you have a problem with the way encryption/decryption of individual files
> is done?
Just asked implementation details... :)
fuse should be much simpler to maintain :)
I have not read (yet) the low level documentation o
Hi Alon,
You commented that decryption would be slow on decryption of individual
pages. This is not the case. Here is a brief description of the keys used
for encryption/decryption in eCryptfs.
1) When eCryptfs is mounted a session encryption key is loaded into the
kernel key ring. This key c
On Sun, Oct 14, 2007 at 07:46:31AM +0200, Alon Bar-Lev wrote:
> On 10/14/07, Michael Halcrow <[EMAIL PROTECTED]> wrote:
> > On Sun, Oct 14, 2007 at 01:52:05AM +0200, Alon Bar-Lev wrote:
> > > Just a minor question...
> > > Why not implement eCryptfs as fuse?
> >
> > 1. No shared memory mappings.
>
11 matches
Mail list logo
