Hi!
> > I think that adding the PK logic into suspend is an overkill...
> > Best to support only symmetric operations, and load symmetric key from
> > a file/handle as losetup does.
>
> The image is always encrypted with symmetric algo. If RSA is used
> (optional) then the key for the symmetric encryption is random and the
> PK is used to safely store the key in the header of the image; the
> random key is encrypted with RSA and stored in the header, RSA private
> key is (encrypted using the password at installation time) is also
> stored in the header.
> At resume the password is used to unlock the private key which is then
> used to decrypt the random key.
> IOW we don't use RSA to encrypt the whole image ;)
(Can I put this into README?)
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures)
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Suspend-devel mailing list
Suspend-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/suspend-devel
