An interface to the zxcrypt driver, as bound to a single block device with a zxcrypt superblock. zxcrypt devices are encrypted, and before their plaintext contents can be accessed, they must be unsealed with a key. This protocol allows the caller to make requests to unseal the device (by providing the appropriate key) and to seal the device (rendering its contents inaccessible).


We require simple layout to use the simple C bindings, and simple layout requires that we have non-maximal length bounds, so give some excessively large key length here so we can use the simple layout.