From: Daniele Alessandrelli <daniele.alessandrelli@linux.intel.com>
To: linux-crypto@vger.kernel.org,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>
Cc: devicetree@vger.kernel.org, Rob Herring <robh+dt@kernel.org>,
Daniele Alessandrelli <daniele.alessandrelli@intel.com>,
Mark Gross <mgross@linux.intel.com>,
Prabhjot Khurana <prabhjot.khurana@intel.com>,
Elena Reshetova <elena.reshetova@intel.com>
Subject: [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver
Date: Thu, 17 Dec 2020 17:20:55 +0000 [thread overview]
Message-ID: <20201217172101.381772-1-daniele.alessandrelli@linux.intel.com> (raw)
Hi,
I'm posting this patch series as RFC since there are a few open points on
which I'd like to have the opinion of the crypto maintainers and the rest of
kernel community.
The patch series adds the Intel Keem Bay OCS ECC crypto driver, which
enables hardware-accelerated ECDH on the Intel Keem Bay SoC.
The open points are the followings:
1. The OCS ECC HW supports the NIST P-384 curve, which, however, is not
supported by Linux ECDH software implementation ('crypto/ecdh.c').
Support for P-384 is added to the driver anyway by reserving a curve id
for P-384 in 'include/crypto/ecdh.h' and defining the cure parameters in
'drivers/crypto/keembay/ocs-ecc-curve-defs.h'. Is this reasonable?
2. The OCS ECC HW does not support the NIST P-192 curve. We were planning to
add SW fallback for P-192 in the driver, but the Intel Crypto team
(which, internally, has to approve any code involving cryptography)
advised against it, because they consider P-192 weak. As a result, the
driver is not passing crypto self-tests. Is there any possible solution
to this? Is it reasonable to change the self-tests to only test the
curves actually supported by the tested driver? (not fully sure how to do
that).
3. Another request from our crypto team was to make private key generation
optional in the driver, since they advice against automatic key
generation. As a result, the driver passes the P-256 self test only when
CONFIG_CRYPTO_DEV_KEEMBAY_OCS_ECDH_GEN_PRIV_KEY_SUPPORT=y. Is that
acceptable?
Daniele Alessandrelli (2):
crypto: ecc - Move ecc.h to include/crypto/internal
crypto: ecc - Export additional helper functions
Prabhjot Khurana (4):
crypto: engine - Add KPP Support to Crypto Engine
crypto: ecdh - Add Curve ID for NIST P-384
dt-bindings: crypto: Add Keem Bay ECC bindings
crypto: keembay-ocs-ecc - Add Keem Bay OCS ECC Driver
Documentation/crypto/crypto_engine.rst | 4 +
.../crypto/intel,keembay-ocs-ecc.yaml | 47 +
MAINTAINERS | 11 +
crypto/crypto_engine.c | 27 +
crypto/ecc.c | 18 +-
crypto/ecdh.c | 2 +-
crypto/ecrdsa.c | 2 +-
crypto/ecrdsa_defs.h | 2 +-
drivers/crypto/keembay/Kconfig | 31 +
drivers/crypto/keembay/Makefile | 2 +
drivers/crypto/keembay/keembay-ocs-ecc.c | 1003 +++++++++++++++++
drivers/crypto/keembay/ocs-ecc-curve-defs.h | 68 ++
include/crypto/ecdh.h | 1 +
include/crypto/engine.h | 5 +
{crypto => include/crypto/internal}/ecc.h | 44 +
15 files changed, 1257 insertions(+), 10 deletions(-)
create mode 100644 Documentation/devicetree/bindings/crypto/intel,keembay-ocs-ecc.yaml
create mode 100644 drivers/crypto/keembay/keembay-ocs-ecc.c
create mode 100644 drivers/crypto/keembay/ocs-ecc-curve-defs.h
rename {crypto => include/crypto/internal}/ecc.h (87%)
base-commit: 90cc8cf2d1ab87d708ebc311ac104ccbbefad9fc
--
2.26.2
next reply other threads:[~2020-12-17 17:23 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-17 17:20 Daniele Alessandrelli [this message]
2020-12-17 17:20 ` [RFC PATCH 1/6] crypto: engine - Add KPP Support to Crypto Engine Daniele Alessandrelli
2020-12-17 17:20 ` [RFC PATCH 2/6] crypto: ecc - Move ecc.h to include/crypto/internal Daniele Alessandrelli
2020-12-17 17:20 ` [RFC PATCH 3/6] crypto: ecc - Export additional helper functions Daniele Alessandrelli
2020-12-17 17:20 ` [RFC PATCH 4/6] crypto: ecdh - Add Curve ID for NIST P-384 Daniele Alessandrelli
2020-12-17 17:21 ` [RFC PATCH 5/6] dt-bindings: crypto: Add Keem Bay ECC bindings Daniele Alessandrelli
2020-12-21 22:52 ` Rob Herring
2020-12-17 17:21 ` [RFC PATCH 6/6] crypto: keembay-ocs-ecc - Add Keem Bay OCS ECC Driver Daniele Alessandrelli
2021-01-04 8:04 ` [RFC PATCH 0/6] Keem Bay OCS ECC crypto driver Reshetova, Elena
2021-01-04 11:31 ` Herbert Xu
2021-01-04 14:40 ` Reshetova, Elena
2021-01-14 10:25 ` Reshetova, Elena
2021-01-14 18:26 ` Ard Biesheuvel
2021-01-18 11:55 ` Reshetova, Elena
2021-01-18 12:09 ` Ard Biesheuvel
2021-01-19 10:47 ` Reshetova, Elena
2021-01-20 19:00 ` Alessandrelli, Daniele
2021-01-21 9:52 ` Ard Biesheuvel
2021-01-21 16:13 ` Alessandrelli, Daniele
2021-01-21 20:02 ` Herbert Xu
2021-01-22 12:07 ` Alessandrelli, Daniele
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201217172101.381772-1-daniele.alessandrelli@linux.intel.com \
--to=daniele.alessandrelli@linux.intel.com \
--cc=daniele.alessandrelli@intel.com \
--cc=davem@davemloft.net \
--cc=devicetree@vger.kernel.org \
--cc=elena.reshetova@intel.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=mgross@linux.intel.com \
--cc=prabhjot.khurana@intel.com \
--cc=robh+dt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).