Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp13752411pxu;
        Mon, 4 Jan 2021 03:34:15 -0800 (PST)
X-Google-Smtp-Source: ABdhPJxUGfpmTmkeyljTGT054pjgoeAKDXaAoZ5H5PiLxaSKrYVmQUw1ASIAEVfrx23CzpbL0a/9
X-Received: by 2002:aa7:c547:: with SMTP id s7mr17578519edr.240.1609760055793;
        Mon, 04 Jan 2021 03:34:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1609760055; cv=none;
        d=google.com; s=arc-20160816;
        b=NLpeG9ZFjmDXYJd3icVsiSOpPy1M9Ds6giJgdLZMg4kCMl6xJPDQk2UF6dPOYrqETz
         zmbuwXhf2g6SFBJGDTyZgYudSamS5Omz1uOs87ZvnPTMi1D0LJzqsQYvmMkLXI8/FGTk
         i1bopPZl1F/mUdcaNSFFMJesSROL4NYGd5c5bwj0GPfoX4HJY0DoTv0B0FTobUb8MoEy
         /74PvPgGo71QRjA9eSikJwIjPjLt2dFt1LC/QU6emMb/wC16s/S/+xhVn36CN7MIkeC5
         DhJQgp4GfSsxXONbnikPQKVVb9BB04vPCkdulZl4P/H1BhGq4DAYOrAxEWMAbwjc5vuw
         1+TA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:user-agent:in-reply-to:content-disposition
         :mime-version:references:message-id:subject:cc:to:from:date;
        bh=9SgU5hheY30vp+JEPv0DYLmfGKGHMnTsZnrltcK7ufg=;
        b=nyL33fARkBBMPS5mMeCc6Qx9hdvfhWp3jCCg7DhJB6Q6aKNqVNhcru0wRkCUuyb9Fe
         1fsEI1ALnzgLb1idjJMUwHHUrbt8Av+mnPftTtlL6s82VEn8BfB6J8n+i/bcLPYkrKW2
         +J1a3+rKWAGHmdG56MYXpXUFPLX5FVyF+aAYvC83V7MluCfcGgSPjU2kxRSSuNWUZ2C+
         jS8N6dHnii/CO8DkaGhAp6sKDXPnJGf55wFRLNr5sP9Uv80n7VjkJbQocP2KTdr+NEgU
         /Dsly/zAE2oJqjgoUwl6tn66SI+n5WklGgA8/rvzBij1ZNx6VxO+9r5GiVe9QSsA+ZJ3
         Y6RQ==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id n14si30849020edq.574.2021.01.04.03.33.54;
        Mon, 04 Jan 2021 03:34:15 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726234AbhADLcn (ORCPT <rfc822;beexploring@gmail.com>
        + 99 others); Mon, 4 Jan 2021 06:32:43 -0500
Received: from helcar.hmeau.com ([216.24.177.18]:49760 "EHLO fornost.hmeau.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726148AbhADLcm (ORCPT <rfc822;linux-crypto@vger.kernel.org>);
        Mon, 4 Jan 2021 06:32:42 -0500
Received: from gwarestrin.arnor.me.apana.org.au ([192.168.103.7])
        by fornost.hmeau.com with smtp (Exim 4.92 #5 (Debian))
        id 1kwO5U-0005wX-Ds; Mon, 04 Jan 2021 22:31:49 +1100
Received: by gwarestrin.arnor.me.apana.org.au (sSMTP sendmail emulation); Mon, 04 Jan 2021 22:31:48 +1100
Date:   Mon, 4 Jan 2021 22:31:48 +1100
From:   Herbert Xu <herbert@gondor.apana.org.au>
To:     "Reshetova, Elena" <elena.reshetova@intel.com>
Cc:     Daniele Alessandrelli <daniele.alessandrelli@linux.intel.com>,
        "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        "devicetree@vger.kernel.org" <devicetree@vger.kernel.org>,
        Rob Herring <robh+dt@kernel.org>,
        "Alessandrelli, Daniele" <daniele.alessandrelli@intel.com>,
        Mark Gross <mgross@linux.intel.com>,
        "Khurana, Prabhjot" <prabhjot.khurana@intel.com>
Subject: Re: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver
Message-ID: <20210104113148.GA20575@gondor.apana.org.au>
References: <20201217172101.381772-1-daniele.alessandrelli@linux.intel.com>
 <CY4PR1101MB2326ED0E6C23D1D868D53365E7D20@CY4PR1101MB2326.namprd11.prod.outlook.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CY4PR1101MB2326ED0E6C23D1D868D53365E7D20@CY4PR1101MB2326.namprd11.prod.outlook.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Mon, Jan 04, 2021 at 08:04:15AM +0000, Reshetova, Elena wrote:
> > 2. The OCS ECC HW does not support the NIST P-192 curve. We were planning to
> >    add SW fallback for P-192 in the driver, but the Intel Crypto team
> >    (which, internally, has to approve any code involving cryptography)
> >    advised against it, because they consider P-192 weak. As a result, the
> >    driver is not passing crypto self-tests. Is there any possible solution
> >    to this? Is it reasonable to change the self-tests to only test the
> >    curves actually supported by the tested driver? (not fully sure how to do
> >    that).
> 
> An additional reason against the P-192 SW fallback is the fact that it can 
> potentially trigger unsafe behavior which is not even "visible" to the end user
> of the ECC functionality. If I request (by my developer mistake) a P-192 
> weaker curve from ECC Keem Bay HW driver, it is much safer to return a
> "not supported" error that proceed behind my back with a SW code
> implementation making me believe that I am actually getting a HW-backed up
> functionality (since I don't think there is a way for me to check that I am using
> SW fallback). 

Sorry, but if you break the Crypto API requirement then your driver
isn't getting merged.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt