Received: by 2002:a05:6358:bb9e:b0:b9:5105:a5b4 with SMTP id df30csp4328310rwb; Tue, 6 Sep 2022 06:08:08 -0700 (PDT) X-Google-Smtp-Source: AA6agR4rMQ4KhTP6R+fYtW1xe0VEesBwafo9p3x0j2T4xzm3UFHs8k2nobh2/ss2jGDAhH5/U20C X-Received: by 2002:a05:6402:3408:b0:43c:2dd3:d86b with SMTP id k8-20020a056402340800b0043c2dd3d86bmr47969640edc.108.1662469687876; Tue, 06 Sep 2022 06:08:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1662469687; cv=none; d=google.com; s=arc-20160816; b=UWPIXTkh/J5HjspNxpCfJlpHsevTYjSTxBIHDq7ifFzfQCgyZ+UxHn0MMCxljqzkGz 399dqHiyK2hcUay2ESgbHfPZlF7EjEdJEo4ACoH9qAgrSJrKw0N35ZkHJGnHwXuAh0my HnIxb94uYfwm/EymvKccOCGQXV6TvVmo7QrPDU5zxnVPp1wGZtwIeER8OlEqJUZoleZt XGYK84dYXnEBuEnnQocfyjXLeNjtDR6rGJ3AJBP2dhXYQUhdt8uQJuddfSREIZaEoQEG t1DHhbDUvisMLEHTLiFyth/lqvbpBBU+hbYMrWmQ9ofxIehCuA3qH0ViWxIVU64y42Wu yWsg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :feedback-id:dkim-signature:dkim-signature; bh=LzrKfTcjNa2gAYtG7mObzCcMkmt+e+ZeVr16IOXkI9Q=; b=O5enLgvV9M/k/hsBIUDE3FDn7j4NPFXu0kiRI6wTtpkZfdP6wh0NTIYv2qvCLI5T4k +yH+YzguF9aTUAvce72V2DNBSMt14qgUTOXpHAopLlV19a3oRjaQXD4tB7WTV34CKQ43 ekNVaoEXb/lPWuKFVAq+G6tSGG5j6XYADHRHJmMPqtG9X8b0S+wDoXoNfA8X2kzBWNiR OuayCcDf3vkL/r0Qy4f0pmlXoeegFW8n6KYbVtqmMhcw4+LeW7defrLtdzW9A5pVtxW/ uY1wcbmsZlTOdLb5C1GZBvDc55SIbIshVLBG+DHT5PFU3GMlvF3iKvNFqUb2CRnJcZsU BQ+g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@benboeckel.net header.s=fm1 header.b=FB8R49Wv; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=DkC18CJJ; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id go10-20020a1709070d8a00b007317ce725aesi8130535ejc.976.2022.09.06.06.07.29; Tue, 06 Sep 2022 06:08:07 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@benboeckel.net header.s=fm1 header.b=FB8R49Wv; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=DkC18CJJ; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239873AbiIFNDy (ORCPT + 99 others); Tue, 6 Sep 2022 09:03:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60968 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232995AbiIFNDx (ORCPT ); Tue, 6 Sep 2022 09:03:53 -0400 Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 04EC8402F9; Tue, 6 Sep 2022 06:03:53 -0700 (PDT) Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 66B4E5C015C; Tue, 6 Sep 2022 09:03:52 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Tue, 06 Sep 2022 09:03:52 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=benboeckel.net; h=cc:cc:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm1; t=1662469432; x=1662555832; bh=Lz rKfTcjNa2gAYtG7mObzCcMkmt+e+ZeVr16IOXkI9Q=; b=FB8R49WvUzxUAY/QLO 0B9zWhxqPOcOOARwGkDoP+AV2rxDIvbksXX2HQ1MxlhDGOhAux7gNLeO3trSzct9 5eKepMsdR9areu1huPQnDzP+NlU3kSYTffVIjle2HNL7UFe3KGxtCwcwDGYWYpKu UA7DHyfluQWS0ZWm7oyFKt3Em9cOegvepxi5D5Omw9qxMHKQPcGeRxe/Cs5KMnXp xmA3xAz3SgmA9hlfxp5ALpUFmqkTYkyarKaJREMxAaJjEBvL1QSbRBdDVOguRwiI FwF8Gu0uK5BfwHx0M+01quZZV2IHxNO/m3jh7BUqbounFvtRvlZNg/dqm4E0zRuW alnQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1662469432; x=1662555832; bh=LzrKfTcjNa2gAYtG7mObzCcMkmt+ e+ZeVr16IOXkI9Q=; b=DkC18CJJBQMHbol50NFvQme1LFVGP4hVY/zkbPRqkZBs vDfLjOs/da6LoN/vFc0ZIxSjLidBprjIRhy9u//YxpAMAg2asob+CfpnPLeF+72f 5cRguktNnuRsDKqlBA8EL4UVofEboXA8Ekbnen02OEUsJI4r7mDgOXPaVpnk30lg HyCxNJBxwTKmYvwjVHkHzJmhSinzLF+XJrDIaeuz4m3VIeYsZbUU/sI56ckoyNJZ TsROQy5GU/41Jh4q8p4tOcI35jHWq12giheZa+V+zK85pxCEXDGTIhXNyv5TZsBL TGqJelhOm9207irqMoyJxKrBJ5JRMCOvNS0mj95euQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrvdelkedgieduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvfevuffkfhggtggujggfsehttdertddtreejnecuhfhrohhmpeeuvghn uceuohgvtghkvghluceomhgvsegsvghnsghovggtkhgvlhdrnhgvtheqnecuggftrfgrth htvghrnhepffelgeffveelkeffkeehiefgtdeluedvtdfghfdtvdefgfejheffudeuveek vddvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmh gvsegsvghnsghovggtkhgvlhdrnhgvth X-ME-Proxy: Feedback-ID: iffc1478b:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Tue, 6 Sep 2022 09:03:50 -0400 (EDT) Date: Tue, 6 Sep 2022 09:03:48 -0400 From: Ben Boeckel To: Pankaj Gupta Cc: jarkko@kernel.org, a.fatoum@pengutronix.de, Jason@zx2c4.com, jejb@linux.ibm.com, zohar@linux.ibm.com, dhowells@redhat.com, sumit.garg@linaro.org, david@sigma-star.at, michael@walle.cc, john.ernberg@actia.se, jmorris@namei.org, serge@hallyn.com, herbert@gondor.apana.org.au, davem@davemloft.net, j.luebbe@pengutronix.de, ebiggers@kernel.org, richard@nod.at, keyrings@vger.kernel.org, linux-crypto@vger.kernel.org, linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, sahil.malhotra@nxp.com, kshitiz.varshney@nxp.com, horia.geanta@nxp.com, V.Sethi@nxp.com Subject: Re: [RFC PATCH HBK: 6/8] KEYS: trusted: caam based black key Message-ID: References: <20220906065157.10662-1-pankaj.gupta@nxp.com> <20220906065157.10662-7-pankaj.gupta@nxp.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20220906065157.10662-7-pankaj.gupta@nxp.com> User-Agent: Mutt/2.2.6 (2022-06-05) X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_PASS,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Tue, Sep 06, 2022 at 12:21:55 +0530, Pankaj Gupta wrote: > - CAAM supports two types of black keys: What is a "black key"? > -- Plain key encrypted with ECB > -- Plain key encrypted with CCM > Note: Due to robustness, default encytption used for black key is CCM. ^^^^^^^^^^ "encryption" > - A black key blob is generated, and added to trusted key payload. Missing "the" before "trusted". --Ben