From: Theo de Raadt (deraadtcvs.openbsd.org)
Date: Tue Aug 03 2004 - 11:21:09 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> could anyone please explain (or give some links) why the "unusual"
> semantics of /dev/crypto usage was chosen?
>
> I don't really understand why it is necessary to first open the device and
> obtain a file descriptor and then issue an ioctl(CRIOGET) to get another
> one for the actual crypto operations.

Lack of cloning device nodes.

> Why is this approach better that
> opening the device everytime it is needed?

Oh, that would be very silly and not work. Most crypto hardware
devices maintain state.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]