Hello Genodians, we are still working to add hardware-based encryption to CBE. To this end, we have implemented a custom trust anchor and crypto engine. Generating a key, encrypting this key on behalf of cbe_init and decrypting it again on behalf of the vfs_cbe plugin works fine.
But then the vfs_cbe requests to have a all zero key encrypted which due to the ICV added by hardware black key handling fails. We cannot seam to find out where the request originates or why vfs_cbe would ever encrypt any key, let alone a key of all zeros. Any pointer or idea would by very welcome. Kind regards Stefan
OpenPGP_0x99A5F4B3D4E372A6.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Genode users mailing list [email protected] https://lists.genode.org/listinfo/users
