On Thu, Jun 04, 2015 at 05:34:39PM +0200, Marek Vasut wrote:
Is this really a valid way to go about crypto -- introduce all kinds
of obscure nuances into the API which are driver specific at best ?
So what do you suggest?
--
Email: Herbert Xu herb...@gondor.apana.org.au
Home Page:
On Thursday, June 04, 2015 at 05:24:00 AM, Herbert Xu wrote:
On Wed, Jun 03, 2015 at 03:02:13PM -0500, Jay Monkman wrote:
That would be one use, but a more likely use would be to prevent
access to the keys. A system could write keys to the key slots in
the bootloader or in a TrustZone
On Wed, Jun 03, 2015 at 03:02:13PM -0500, Jay Monkman wrote:
That would be one use, but a more likely use would be to prevent
access to the keys. A system could write keys to the key slots in
the bootloader or in a TrustZone secure world. Then those keys could
be used for crypto operations in
On 05/28/2015 08:32 PM, Herbert Xu wrote:
On Fri, May 29, 2015 at 03:29:59AM +0200, Marek Vasut wrote:
On Friday, May 29, 2015 at 03:23:59 AM, Herbert Xu wrote:
On Fri, May 29, 2015 at 03:00:35AM +0200, Marek Vasut wrote:
My understanding (!) is that everyone should be able to use this key to
On Tue, Jun 02, 2015 at 01:57:28PM -0500, Jay Monkman wrote:
I have another question. The DCP (and other crypto accelerators on
other SOCs) supports key slots - basically write only RAM that's
used to store keys so they can be used for encrypt/decrypt
operations. DCP supports 4 key slots,
On Mon, Jun 01, 2015 at 03:24:03PM +0200, Marek Vasut wrote:
On Friday, May 29, 2015 at 03:30:18 PM, Herbert Xu wrote:
On Fri, May 29, 2015 at 03:02:59PM +0200, Marek Vasut wrote:
This does look somewhat hacky to me. Wouldn't it make more sense to
add a CRYPTO_TFM_REQ flag ?
What are
On Friday, May 29, 2015 at 03:32:11 AM, Herbert Xu wrote:
On Fri, May 29, 2015 at 03:29:59AM +0200, Marek Vasut wrote:
On Friday, May 29, 2015 at 03:23:59 AM, Herbert Xu wrote:
On Fri, May 29, 2015 at 03:00:35AM +0200, Marek Vasut wrote:
My understanding (!) is that everyone should be
On Fri, May 29, 2015 at 03:02:59PM +0200, Marek Vasut wrote:
This does look somewhat hacky to me. Wouldn't it make more sense to
add a CRYPTO_TFM_REQ flag ?
What are you going to do when you have more than one hard-coded
key? A flag is a non-starter.
Cheers,
--
Email: Herbert Xu
On Thursday, May 28, 2015 at 06:01:56 PM, Jay Monkman wrote:
Marek,
Hi,
note that this discussion should really happen on the linux-crypto ML.
Moving the discussion to ML.
I have a question about the proper way to implement a feature. The DCP
has the ability to read a key for
On Fri, May 29, 2015 at 03:00:35AM +0200, Marek Vasut wrote:
My understanding (!) is that everyone should be able to use this key to
encrypt/decrypt their data using the AES128 engine in the DCP.
If that's the case just make it the key you use if setkey has never
been called.
Cheers,
--
On Friday, May 29, 2015 at 02:45:16 AM, Herbert Xu wrote:
On Fri, May 29, 2015 at 02:40:54AM +0200, Marek Vasut wrote:
On Friday, May 29, 2015 at 02:37:00 AM, Herbert Xu wrote:
On Thu, May 28, 2015 at 11:01:56AM -0500, Jay Monkman wrote:
Marek,
I have a question about the proper
On Friday, May 29, 2015 at 03:23:59 AM, Herbert Xu wrote:
On Fri, May 29, 2015 at 03:00:35AM +0200, Marek Vasut wrote:
My understanding (!) is that everyone should be able to use this key to
encrypt/decrypt their data using the AES128 engine in the DCP.
If that's the case just make it the
On Fri, May 29, 2015 at 03:29:59AM +0200, Marek Vasut wrote:
On Friday, May 29, 2015 at 03:23:59 AM, Herbert Xu wrote:
On Fri, May 29, 2015 at 03:00:35AM +0200, Marek Vasut wrote:
My understanding (!) is that everyone should be able to use this key to
encrypt/decrypt their data using the
On Fri, May 29, 2015 at 02:40:54AM +0200, Marek Vasut wrote:
On Friday, May 29, 2015 at 02:37:00 AM, Herbert Xu wrote:
On Thu, May 28, 2015 at 11:01:56AM -0500, Jay Monkman wrote:
Marek,
I have a question about the proper way to implement a feature. The
DCP has the ability to read
On Friday, May 29, 2015 at 02:37:00 AM, Herbert Xu wrote:
On Thu, May 28, 2015 at 11:01:56AM -0500, Jay Monkman wrote:
Marek,
I have a question about the proper way to implement a feature. The
DCP has the ability to read a key for encryption/decryption from on
chip fuses. The current
15 matches
Mail list logo
