Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp2017138pxv; Sat, 24 Jul 2021 02:43:02 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzuPQKzWcvH4u4m/sJNquT/8K0mvcTyO1Li8Z7MdWfEUHvIbNSGYZ1h5I70PuiwiOUVwKvu X-Received: by 2002:a92:3207:: with SMTP id z7mr6262389ile.288.1627119782625; Sat, 24 Jul 2021 02:43:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1627119782; cv=none; d=google.com; s=arc-20160816; b=bt0AZply5HPBQf4Oplgyr+VC3GHwxk/2+3XpyqWxfQ+iFpxVgbzD+W6bpjYzErFeyg lom6eeSwwJSzf398/7Q4XdgTwaBifuH3LQQLfUTso4bFBBwE1gVYh39bPUI8xKaRDTXN J9ddK+w4KhztZGlxIvk5pZccXIWZsUxLmmf6x0W9b+AxRXxwULLyeSgvRnOJc28u5dzK 7DOzszes/OZp9w+JyABaNdlVWRtl9xIhAqkED5ITe2U1kfr3hEL3tHen+J4tRLkmfcHB 06dKSI+jFKmAhhI7opfZ63hdebO4xySlrbiWyIuBszkQ4sHK7C1anhAdY2u0DhKjC5R+ 5Ifg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=7tYxS44DZXuUv9URTnjvq6oxZimO6tOjzUCMqYf4ByY=; b=sEjS1epx/eWYuiN8CWUBIMJQfMqPZb7MFexSM+2XnUlBnMgO/+egYo0X9Ql0rklT0f hLSzIts4K2YNSlyH2CbujaL0JjEtk1Th1o4ISu14V68XrIMj3Y+r/6cg8WS13mcQJ7rV ZFCxNvYriHw2ETr14IoGDbK0P+LtH+NivxyJZKvBHUuULRwpGzJoiK9TKPXBa2va6pKL 2PEsoEIU3Aiif5REpMjYfN/HOOYJnFIlFYl2lCYBTDPYnQgWvDe4R33BgrE2QsHCK3pV 589hTbZt1Z3bKL4iPkIpamdQsfmzXkW0u5bmZVGuIfGBrX8v3y0vvRBWc4DEoWehZWTQ vMBA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@benyossef-com.20150623.gappssmtp.com header.s=20150623 header.b=fS94OPaO; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q41si33883327jav.74.2021.07.24.02.42.34; Sat, 24 Jul 2021 02:43:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@benyossef-com.20150623.gappssmtp.com header.s=20150623 header.b=fS94OPaO; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234970AbhGXJCA (ORCPT + 99 others); Sat, 24 Jul 2021 05:02:00 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37838 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234867AbhGXJCA (ORCPT ); Sat, 24 Jul 2021 05:02:00 -0400 Received: from mail-yb1-xb2f.google.com (mail-yb1-xb2f.google.com [IPv6:2607:f8b0:4864:20::b2f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61689C061575 for ; Sat, 24 Jul 2021 02:42:32 -0700 (PDT) Received: by mail-yb1-xb2f.google.com with SMTP id x192so6284894ybe.0 for ; Sat, 24 Jul 2021 02:42:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=benyossef-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=7tYxS44DZXuUv9URTnjvq6oxZimO6tOjzUCMqYf4ByY=; b=fS94OPaO2ncoYyCIikIVmo/sZkwMtFLOXKzOsUeLanL8BITBYDCV1YILRWwTMksCkw TfoQNU6Cr0HCQzEoJgYcZQiyjuzNCY5xLT7Bo51gwX9+i2KqkyHTklQpzbSv1luio/LY NQtmI9nstTxQPLbOFLSkcNs0l3uw6EwEcNxz5egdnGmmeOiP7JqTUOfmaTDXRo3KJpaE TnoVUJnu628/L2ObJezJNRlL9ZoU5LPwCId7ZRWYbAYUFU2yInkLA2wbPzn9W6HmXyYw 0q1AWGIlnEHpHfybo9xJpQGZl/MNwyAMbsUq5G1LIp95dUFGNrNkYyNYNcsrz0vWd6R1 VWJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=7tYxS44DZXuUv9URTnjvq6oxZimO6tOjzUCMqYf4ByY=; b=bTn5J6tTZ+QhmXLv9/Bbv6QfhfXhPGZRoc//4pzQTBty4Zi707FZ16rncS0xR9CSYT 5ufXEZZNAkCMzeTiIARw83KyalsLoCzUo1Zwn5w1b1puhia8o6dhYK2A+gW4LG6wkoK8 Tjc3vUEag4jPTQqeTwnO38VHcg3VbHZ6kFsAvJ00J61QgBqgUUUEgNj4RxTOUK2HQ+l2 9YJi2VL3ROIfu/3z5JgYV+PWl7ap/p3KdPxi9aRVYzVyh9U+XY+aZBBngraCy8M5AIHr Oxr1ejZUXLTPc42BR5dXashFTmbLtDEJmJ0qXoR4uhsyxt+n0bVnCZtHpitDczzYOQvs Se2g== X-Gm-Message-State: AOAM5324sNcITSFoIv8oGdAZDv7MXxIh2YN+RPVDly+Hr8xXdd1JF4/i q6iEoDTuyb2B/ZDUDS2tyKuqIC5RXzMpQ6JNSgOM4Q== X-Received: by 2002:a5b:7c4:: with SMTP id t4mr11530643ybq.509.1627119750875; Sat, 24 Jul 2021 02:42:30 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Gilad Ben-Yossef Date: Sat, 24 Jul 2021 12:42:20 +0300 Message-ID: Subject: Re: Extending CRYPTO_ALG_OPTIONAL_KEY for cipher algorithms To: Eric Biggers Cc: Thara Gopinath , Herbert Xu , Linux Crypto Mailing List Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, Jul 23, 2021 at 7:20 PM Eric Biggers wrote: > > On Fri, Jul 23, 2021 at 06:13:50AM -0400, Thara Gopinath wrote: > > Hi > > > > I have a requirement where the keys for the crypto cipher algorithms ar= e > > already programmed in the h/w pipes/channels and thus the ->encrypt() > > and ->decrypt() can be called without set_key being called first. > > I see that CRYPTO_ALG_OPTIONAL_KEY has been added to take care of > > such requirements for CRC-32. My question is can the usage of this flag > > be extended for cipher and other crypto algorithms as well. Can setting= of > > this flag indicate that the algorithm can be used without calling set_k= ey > > first and then the individual drivers can handle cases where > > both h/w keys and s/w keys need to be supported. > > CRYPTO_ALG_OPTIONAL_KEY isn't meant for this use case, but rather for alg= orithms > that have both keyed and unkeyed versions such as BLAKE2b and BLAKE2s, an= d also > for algorithms where the "key" isn't actually a key but rather is an init= ial > value that has a default value, such as CRC-32 and xxHash. > > It appears that that the case you're asking about is handled by using a > different algorithm name, e.g. see the "paes" algorithms in > drivers/crypto/ccree/cc_cipher.c. Yeap, seems like another use case for "protected keys" like CryptoCell and the IBM mainframe. I gave a talk about this you might find useful - https://www.youtube.com/watch?v=3DGbcpwUBFGDw Feel free to contact me if you have questions. Cheers, Gilad --=20 Gilad Ben-Yossef Chief Coffee Drinker values of =CE=B2 will give rise to dom!