Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp2017138pxv;
        Sat, 24 Jul 2021 02:43:02 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzuPQKzWcvH4u4m/sJNquT/8K0mvcTyO1Li8Z7MdWfEUHvIbNSGYZ1h5I70PuiwiOUVwKvu
X-Received: by 2002:a92:3207:: with SMTP id z7mr6262389ile.288.1627119782625;
        Sat, 24 Jul 2021 02:43:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1627119782; cv=none;
        d=google.com; s=arc-20160816;
        b=bt0AZply5HPBQf4Oplgyr+VC3GHwxk/2+3XpyqWxfQ+iFpxVgbzD+W6bpjYzErFeyg
         lom6eeSwwJSzf398/7Q4XdgTwaBifuH3LQQLfUTso4bFBBwE1gVYh39bPUI8xKaRDTXN
         J9ddK+w4KhztZGlxIvk5pZccXIWZsUxLmmf6x0W9b+AxRXxwULLyeSgvRnOJc28u5dzK
         7DOzszes/OZp9w+JyABaNdlVWRtl9xIhAqkED5ITe2U1kfr3hEL3tHen+J4tRLkmfcHB
         06dKSI+jFKmAhhI7opfZ63hdebO4xySlrbiWyIuBszkQ4sHK7C1anhAdY2u0DhKjC5R+
         5Ifg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:cc:to:subject
         :message-id:date:from:in-reply-to:references:mime-version
         :dkim-signature;
        bh=7tYxS44DZXuUv9URTnjvq6oxZimO6tOjzUCMqYf4ByY=;
        b=sEjS1epx/eWYuiN8CWUBIMJQfMqPZb7MFexSM+2XnUlBnMgO/+egYo0X9Ql0rklT0f
         hLSzIts4K2YNSlyH2CbujaL0JjEtk1Th1o4ISu14V68XrIMj3Y+r/6cg8WS13mcQJ7rV
         ZFCxNvYriHw2ETr14IoGDbK0P+LtH+NivxyJZKvBHUuULRwpGzJoiK9TKPXBa2va6pKL
         2PEsoEIU3Aiif5REpMjYfN/HOOYJnFIlFYl2lCYBTDPYnQgWvDe4R33BgrE2QsHCK3pV
         589hTbZt1Z3bKL4iPkIpamdQsfmzXkW0u5bmZVGuIfGBrX8v3y0vvRBWc4DEoWehZWTQ
         vMBA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@benyossef-com.20150623.gappssmtp.com header.s=20150623 header.b=fS94OPaO;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id q41si33883327jav.74.2021.07.24.02.42.34;
        Sat, 24 Jul 2021 02:43:02 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@benyossef-com.20150623.gappssmtp.com header.s=20150623 header.b=fS94OPaO;
       spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S234970AbhGXJCA (ORCPT <rfc822;ujwal.kundur.foss@gmail.com>
        + 99 others); Sat, 24 Jul 2021 05:02:00 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37838 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S234867AbhGXJCA (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Sat, 24 Jul 2021 05:02:00 -0400
Received: from mail-yb1-xb2f.google.com (mail-yb1-xb2f.google.com [IPv6:2607:f8b0:4864:20::b2f])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61689C061575
        for <linux-crypto@vger.kernel.org>; Sat, 24 Jul 2021 02:42:32 -0700 (PDT)
Received: by mail-yb1-xb2f.google.com with SMTP id x192so6284894ybe.0
        for <linux-crypto@vger.kernel.org>; Sat, 24 Jul 2021 02:42:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=benyossef-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc:content-transfer-encoding;
        bh=7tYxS44DZXuUv9URTnjvq6oxZimO6tOjzUCMqYf4ByY=;
        b=fS94OPaO2ncoYyCIikIVmo/sZkwMtFLOXKzOsUeLanL8BITBYDCV1YILRWwTMksCkw
         TfoQNU6Cr0HCQzEoJgYcZQiyjuzNCY5xLT7Bo51gwX9+i2KqkyHTklQpzbSv1luio/LY
         NQtmI9nstTxQPLbOFLSkcNs0l3uw6EwEcNxz5egdnGmmeOiP7JqTUOfmaTDXRo3KJpaE
         TnoVUJnu628/L2ObJezJNRlL9ZoU5LPwCId7ZRWYbAYUFU2yInkLA2wbPzn9W6HmXyYw
         0q1AWGIlnEHpHfybo9xJpQGZl/MNwyAMbsUq5G1LIp95dUFGNrNkYyNYNcsrz0vWd6R1
         VWJQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc:content-transfer-encoding;
        bh=7tYxS44DZXuUv9URTnjvq6oxZimO6tOjzUCMqYf4ByY=;
        b=bTn5J6tTZ+QhmXLv9/Bbv6QfhfXhPGZRoc//4pzQTBty4Zi707FZ16rncS0xR9CSYT
         5ufXEZZNAkCMzeTiIARw83KyalsLoCzUo1Zwn5w1b1puhia8o6dhYK2A+gW4LG6wkoK8
         Tjc3vUEag4jPTQqeTwnO38VHcg3VbHZ6kFsAvJ00J61QgBqgUUUEgNj4RxTOUK2HQ+l2
         9YJi2VL3ROIfu/3z5JgYV+PWl7ap/p3KdPxi9aRVYzVyh9U+XY+aZBBngraCy8M5AIHr
         Oxr1ejZUXLTPc42BR5dXashFTmbLtDEJmJ0qXoR4uhsyxt+n0bVnCZtHpitDczzYOQvs
         Se2g==
X-Gm-Message-State: AOAM5324sNcITSFoIv8oGdAZDv7MXxIh2YN+RPVDly+Hr8xXdd1JF4/i
        q6iEoDTuyb2B/ZDUDS2tyKuqIC5RXzMpQ6JNSgOM4Q==
X-Received: by 2002:a5b:7c4:: with SMTP id t4mr11530643ybq.509.1627119750875;
 Sat, 24 Jul 2021 02:42:30 -0700 (PDT)
MIME-Version: 1.0
References: <f04c8f1d-db85-c9e1-1717-4ca98b7c8c35@linaro.org> <YPrsScKf/YlKmNfU@gmail.com>
In-Reply-To: <YPrsScKf/YlKmNfU@gmail.com>
From:   Gilad Ben-Yossef <gilad@benyossef.com>
Date:   Sat, 24 Jul 2021 12:42:20 +0300
Message-ID: <CAOtvUMfwbBr44qOCma4RaH_RoC35x00N=O1Ejaxc+5EPGY8rUw@mail.gmail.com>
Subject: Re: Extending CRYPTO_ALG_OPTIONAL_KEY for cipher algorithms
To:     Eric Biggers <ebiggers@kernel.org>
Cc:     Thara Gopinath <thara.gopinath@linaro.org>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        Linux Crypto Mailing List <linux-crypto@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Fri, Jul 23, 2021 at 7:20 PM Eric Biggers <ebiggers@kernel.org> wrote:
>
> On Fri, Jul 23, 2021 at 06:13:50AM -0400, Thara Gopinath wrote:
> > Hi
> >
> > I have a requirement where the keys for the crypto cipher algorithms ar=
e
> > already programmed in the h/w pipes/channels and thus the ->encrypt()
> > and ->decrypt() can be called without set_key being called first.
> > I see that CRYPTO_ALG_OPTIONAL_KEY has been added to take care of
> > such requirements for CRC-32. My question is can the usage of this flag
> > be extended for cipher and other crypto algorithms as well. Can setting=
 of
> > this flag indicate that the algorithm can be used without calling set_k=
ey
> > first and then the individual drivers can handle cases where
> > both h/w keys and s/w keys need to be supported.
>
> CRYPTO_ALG_OPTIONAL_KEY isn't meant for this use case, but rather for alg=
orithms
> that have both keyed and unkeyed versions such as BLAKE2b and BLAKE2s, an=
d also
> for algorithms where the "key" isn't actually a key but rather is an init=
ial
> value that has a default value, such as CRC-32 and xxHash.
>
> It appears that that the case you're asking about is handled by using a
> different algorithm name, e.g. see the "paes" algorithms in
> drivers/crypto/ccree/cc_cipher.c.

Yeap, seems like another use case for "protected keys" like CryptoCell
and the IBM mainframe.
I gave a talk about this you might find useful -
https://www.youtube.com/watch?v=3DGbcpwUBFGDw

Feel free to contact me if you have questions.

Cheers,
Gilad

--=20
Gilad Ben-Yossef
Chief Coffee Drinker

values of =CE=B2 will give rise to dom!