Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp13653314pxu; Mon, 4 Jan 2021 00:10:40 -0800 (PST) X-Google-Smtp-Source: ABdhPJyQlTGisLNZJxyz1Ca1mQJ2qBGX660TeErh85pjFitOmvmPT3+bVkUdWL6uhh170CD0eeIV X-Received: by 2002:aa7:d7d2:: with SMTP id e18mr70888015eds.256.1609747840498; Mon, 04 Jan 2021 00:10:40 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1609747840; cv=pass; d=google.com; s=arc-20160816; b=Hz6QVA0RQKm76PWBirEQ6pl3Or+Z9rJ3GCH7USo/6tW/Mnm2HEGps1lT4zp8rkCqnM CEpE9iM/fTmrc0gKYHaf+vgFdd70uwp1e6QGmSLAlwuJs982iCz52mbP/cl70wC/wlzC JIiZKm5lNPd9z1qAJ7L/g1b+XxXC+yTzKEkB7Vx6SpXQGITGzng2kI3HS9YtMF/1f6Rc EQyMyO+kle/hNkAQ7VUsVdfV2fBHCy8vwOjthzPSEMlqagntnBcX9cawusz6+31W3f3N xN5tZELCtZCneTP34Q60S0uWpsd9zQurb16nklJaAK6hRsCvHleMATp86u6L9XtWbf4Q vk1A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :dlp-reaction:dlp-product:dlp-version:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:cc:to:from:dkim-signature:ironport-sdr :ironport-sdr; bh=8ah9r3NDeTZWjpFvkO6zLT8ZqYNLseZE++V9l1CZ2sw=; b=Zcg8MZBf++BMpjVlVUYlQrCYSP6Nj7qKOhj9WZAzC2Zh+ORkoiO+hm/7c4yfcd5Vxy 0jl5qYCS6qHT0sPgeE3F1xqLTHtPdYWtkGkpMOIzLqgHfmr/BEb2HBXurj4o5/D9N1x0 02/9ZRAEdHJP5h1t2xhJPY7jqvzYf0sDsS3hyPsDCwOcnU8ah0Ln9LRbdvhupxz2YcnC NoSxi8tWhM43MSj34Kh2BTQrAwOWXY+smaeutpwr/+8R+dyQ38F0SXnjZ7iRVaLYiktK b0iW2tfV5etM+byeCMVXeO9oAa6HRDO4f9OakTcdeDVAzxMiu4DkUExQf2A75WcC2v8+ RqcQ== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b="MjYAkrP/"; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bm26si31564698edb.528.2021.01.04.00.10.17; Mon, 04 Jan 2021 00:10:40 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b="MjYAkrP/"; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726163AbhADIFE (ORCPT + 99 others); Mon, 4 Jan 2021 03:05:04 -0500 Received: from mga06.intel.com ([134.134.136.31]:4637 "EHLO mga06.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725468AbhADIFE (ORCPT ); Mon, 4 Jan 2021 03:05:04 -0500 IronPort-SDR: f0wMwpFiyLGs/1f6T3oB59Ylz7ckoOPz6f1zhY1h98ZXICDjeYpxRZ4LmNcJoXq2YPigx0FRn3 XD20cT22bMRA== X-IronPort-AV: E=McAfee;i="6000,8403,9853"; a="238474407" X-IronPort-AV: E=Sophos;i="5.78,473,1599548400"; d="scan'208";a="238474407" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Jan 2021 00:04:21 -0800 IronPort-SDR: BQL9JcsWXMeCYIF4OOE6YtIUf/9eZn9LkOgt3rCihTPCOVYyOhMQXjsv0zmkGUkR7qica5y0ix ygG9205LNWsA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.78,473,1599548400"; d="scan'208";a="461854161" Received: from orsmsx605.amr.corp.intel.com ([10.22.229.18]) by fmsmga001.fm.intel.com with ESMTP; 04 Jan 2021 00:04:21 -0800 Received: from orsmsx602.amr.corp.intel.com (10.22.229.15) by ORSMSX605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Mon, 4 Jan 2021 00:04:20 -0800 Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5 via Frontend Transport; Mon, 4 Jan 2021 00:04:17 -0800 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (104.47.36.55) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.1713.5; Mon, 4 Jan 2021 00:04:16 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=JaotO5nSQdnS0j1uP0u3E83I/NyWq78vcPFdYxeegZlJcFUEiS6vwt7nChebm0t9sDtb0Zg5IQ7GJs7mmyq3UnyVQSzwOzb3Sf4I5s8FCmJhPawON54Uae2xNAUV9notUMf2CGyis77sdTpO9m2y0Opc/52GrlrO9KTgg/cA30MMDC6/u/4Sp1/ildfNF30nFf6QBfrpBmsoaVG0iUe+S+ziT9jOV/QKkOo+M6Swx+1jilPWz/yuDZd7biK4jerUD+EjMfb51+3UDRqxEjnZwnPTXlvzF5ovy3F1XCvzhlXRiPJt0lR4vtcrCeHUQ2zwBkuaM55vPNkUUrTPeryk6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8ah9r3NDeTZWjpFvkO6zLT8ZqYNLseZE++V9l1CZ2sw=; b=HDQcH4Di1Ob7qpFsxQmWNO8VWyot6pwZMUm42qosuIQXGWHq31fpm3TkHXotaaNzj5a7toRe4r/M7ANHV1kQiAQNLlFu3lxsJPZXqftxvvUQaB3TKSfIwuyuZvyCa5VHoQjMJKlngtQ6cFZXsZ8FEVXPDV1wymMQsOODhZo9KBazPxQ9qQGggDUmPPQnLWe/sACcZ4qJnaGCgtFKiPRU9AGxoMF7WmJMrZ3+nqnnyhS54c3Wv9L5bZBzbQradFuy3QcfS3PobNQ9laDWypt5Qm6SsXz7NfMqZUNXwUoi5YWHI4YylPdcWuSoMIFAKbMa1D7zuf/i9k0+Wc3/DsMkJg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8ah9r3NDeTZWjpFvkO6zLT8ZqYNLseZE++V9l1CZ2sw=; b=MjYAkrP/ZeODSQPZ6HePVgSpfxUo57v+Ct8D7OOT+4DbXBVRiXSzxzs4B/qoR01xm3v5i38xFM7FypaBu5i8jqLjDiKh3DxZdS/Er5pdjc2vngIMF99Ap3gQunCAft78DFhN+4jd5lUGX2X/sDqRWkmu9cuW/T5TG8/tn1bGZck= Received: from CY4PR1101MB2326.namprd11.prod.outlook.com (2603:10b6:903:b3::23) by CY4PR11MB0008.namprd11.prod.outlook.com (2603:10b6:910:76::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3721.23; Mon, 4 Jan 2021 08:04:15 +0000 Received: from CY4PR1101MB2326.namprd11.prod.outlook.com ([fe80::b127:6209:1930:3b93]) by CY4PR1101MB2326.namprd11.prod.outlook.com ([fe80::b127:6209:1930:3b93%3]) with mapi id 15.20.3721.024; Mon, 4 Jan 2021 08:04:15 +0000 From: "Reshetova, Elena" To: Daniele Alessandrelli , "linux-crypto@vger.kernel.org" , Herbert Xu , "David S. Miller" CC: "devicetree@vger.kernel.org" , Rob Herring , "Alessandrelli, Daniele" , Mark Gross , "Khurana, Prabhjot" Subject: RE: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver Thread-Topic: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver Thread-Index: AQHW1JkZ8lMRowq1QUyYZqNdBK9VvaoXNMxw Date: Mon, 4 Jan 2021 08:04:15 +0000 Message-ID: References: <20201217172101.381772-1-daniele.alessandrelli@linux.intel.com> In-Reply-To: <20201217172101.381772-1-daniele.alessandrelli@linux.intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: linux.intel.com; dkim=none (message not signed) header.d=none;linux.intel.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [82.203.237.209] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 51eff534-fa24-4b6b-4988-08d8b0875482 x-ms-traffictypediagnostic: CY4PR11MB0008: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8882; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: RczXEE8Pg3AeJsRiBxt+95EaatNDSiuWx3EYMbSmt8fk28l2Gj9DER15ttnWhClZXC9aWuVe/U3ZZ12X2C+NqGIzOhAhIlIaSYBYQUHVfiP5BrDGGYjU9P22TRv7YbHtt/A7fqsQLJ26cLM5NgYFCH4IHJ0iAXNf8f2PORuQ5wYZIDcL7jtuyWHfQp+XWPo6EbXBZUa7xIVzrbFFsfnWsh974+bM4FzrnSmrizDkDQt9WcCeiAZCWcUE6nhmQS6xTztdKtxV+e/09a52Wd4kYngPrUJtkRuK0J/pzHbUuaIcaqClvG2KrECIvQhiohLA1wOO4crn8isXUBlOfce3uxo15/AMaO/MhH5GMOuKqrQA0QiGe9BjMHQTSvEFVDNNq0+mohTflhMGAuS2sdetww== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR1101MB2326.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(136003)(366004)(376002)(346002)(39860400002)(8936002)(186003)(9686003)(7696005)(316002)(55016002)(52536014)(66556008)(5660300002)(66476007)(76116006)(66946007)(64756008)(66446008)(33656002)(86362001)(6506007)(2906002)(4326008)(83380400001)(71200400001)(26005)(8676002)(110136005)(54906003)(478600001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?g/P4becq3uVQYas2DDva8lQ7T4MQ90wNnYfHzqVcmeRxSTJjtPuDHhSF1ZiM?= =?us-ascii?Q?0Za9pu9doGMXG5vVxXwnnx9ZTOl97xy0Q+bQHg13fu5i5x1tZGTnCO6MWtRi?= =?us-ascii?Q?1yVzMhzrwfpNLi4R128YnG9IxggkgGWMeyd7PAvg76o8mB5cohYBLVqcoe2+?= =?us-ascii?Q?GVZWkZmuVboEGH9vXkSYIVE+b0+2jHN0LbQ7QfvJUjYCRfsR0uuM3v1d4dYd?= =?us-ascii?Q?OlLGhOqVSlUO2Uk72xNgfdV+6c9xlotStb2k6+t7jG9WJkGqHqGAc/ZHms03?= =?us-ascii?Q?oPOVCee3KytELbAfcp8xA1Hqfi9SQot4Z0cOpOR7hhX+rYKEpdxEsILPWT09?= =?us-ascii?Q?SyiCbMsk02H506nbgRuXzfMUazssRRk5RwrWvPHw+hmC8NeV3BNE0lhKninX?= =?us-ascii?Q?1G7rL4tl576F3401Myn86KO6jDji6Wp5n6xUNi8wtP4iODR3kPS6FvrxvrBi?= =?us-ascii?Q?eWHHCzUdLSGInGo6oKNbuuKY5rh+Zmsw3jEm0hIFd9hbSAsEZJ5IxZaKDzJv?= =?us-ascii?Q?lN5jQ9xu/8GCiCA00f9ejDC/GbYu+/R4p+cDUY/1bOfwXHC1LvzhzrCSQXMa?= =?us-ascii?Q?SMm1glV5n5LlY2tAeRXrUEXkYRzh8U8+uKG+bkmj8ScWbEVwIERsqRVAx/Ip?= =?us-ascii?Q?4NlhGgPVKgL5Tu3xWXXPCHYghdgnlQDyxwP+78feJ/eZCKis0ttrrFFrYgOq?= =?us-ascii?Q?2TldRrB3XCmIZHR7pbHslhLubDgDYKkQhPyiHUC5DD1aQAhpl7uKEKK0v7JP?= =?us-ascii?Q?cX/p8/OW0HF6YuZm51uj96x/NEPrCbyLyOLmxyRSle7u2pTJTGta1hwcuwEf?= =?us-ascii?Q?H6U/9ix6ldpYXvMErjvjmHJ2KwRS2YZFFc254LnEICyAfLpnnmTLw5gCNuGa?= =?us-ascii?Q?0YCGyEQ0I1M7nl3k4VlcWRYqtLmQde/kmOnRF90wyKWI+fDsaSYhQB1AoZyI?= =?us-ascii?Q?hzAAA0LPc3UpEsxpVuGJRtXZzr4ZNWCnCHJgp9N6UEM=3D?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CY4PR1101MB2326.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 51eff534-fa24-4b6b-4988-08d8b0875482 X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Jan 2021 08:04:15.6483 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: XSPcbf4CqIteC8SScgNdFudD181oDLOiMLTzEswR9pcZJxEcPlE5cBjJODyGeZ9BDpA2+ld6keIwK/tcIkcE3sLK7QhmLOVs1WAB809sct8= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR11MB0008 X-OriginatorOrg: intel.com Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org > 2. The OCS ECC HW does not support the NIST P-192 curve. We were planning= to > add SW fallback for P-192 in the driver, but the Intel Crypto team > (which, internally, has to approve any code involving cryptography) > advised against it, because they consider P-192 weak. As a result, the > driver is not passing crypto self-tests. Is there any possible solutio= n > to this? Is it reasonable to change the self-tests to only test the > curves actually supported by the tested driver? (not fully sure how to= do > that). An additional reason against the P-192 SW fallback is the fact that it can= =20 potentially trigger unsafe behavior which is not even "visible" to the end = user of the ECC functionality. If I request (by my developer mistake) a P-192=20 weaker curve from ECC Keem Bay HW driver, it is much safer to return a "not supported" error that proceed behind my back with a SW code implementation making me believe that I am actually getting a HW-backed up functionality (since I don't think there is a way for me to check that I am= using SW fallback).=20 Best Regards, Elena=20