Rafael J. Wysocki wrote:
> First, you need to generate the RSA key pair using suspend-keygen and save
> the output file as /etc/suspend.key (or something else pointed to by
> the "RSA key file =" configuration parameter of suspend). This file
> contains the public modulus (n), public exponent (e) and
> Blowfish-encrypted private exponent (d) of the RSA key pair.
>
> Then, the suspend utility will load the contents of this file, generate a
> random session key (k) and initialization vector (i) for the image
> encryption and use (n, e) to encrypt these values with RSA. The encrypted
> k, i as well as the contents of the RSA key file will be saved in the
> image header.
>
> The resume utility will read n, e and (encrypted) d as well as (encrypted)
> k, i from the image header. Then it will ask the user for a passphrase
> and will try to decrypt d using it. Next, it will use (n, e, d) to
> decrypt k, i needed for decrypting the image.
what interface will those tools use? can I replace them with my own
code, e.g. that uses smart cards instead of an encrypted public key
on a disk?
Andreas
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
