Tadeusz Struk <tadeusz.struk@xxxxxxxxx> wrote: > I think the coupling of an algorithm to its key is the problem here. > Usually an algorithm should be able to work with any (valid) key. A key stored in hardware and used through that hardware won't necessarily support all crypto operations - it may be restricted to just signing or just encrypting for example. > The solution to this can be implemented on the crypto API. > If the TMP driver would register its supported algorithms on the crypto API > and in the setkey function it would check if a key is a real key or this > "something" (probably a ptr to TMP dev instance?) then in the first > case it would fallback to an implementation that takes a key data. > In the second case it can do its thing whatever it is. >From what Herbert has said, he won't go for that since the TPM keys are restricted in the operations one can use the key for. I think the crypto API is what we use when the key data is available to us in the kernel - but it should be driven through the asymmetric key API. You ask the asymmetric key API to verify a key, say, then that will switch to the TPM driver or to the software public key implementation. The latter will then load the appropriate crypto layer akcipher algorithm (eg. RSA) and use that - where the akcipher implementation will either be a software one or will get offloaded to some hardware that can do it - but that doesn't itself securely hold the key. David -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html