Re: [V1 0/4] User API for KPP

[Rodolfo Giometti <giometti@enneenne.com>]

On 16/09/25 06:10, Herbert Xu wrote:
> On Mon, Sep 15, 2025 at 05:47:56PM +0200, Rodolfo Giometti wrote:
>>
>> The main purpose of using this implementation is to be able to use the
>> kernel's trusted keys as private keys. Trusted keys are protected by a TPM
>> or other hardware device, and being able to generate private keys that can
>> only be (de)encapsulated within them is (IMHO) a very useful and secure
>> mechanism for storing a private key.
> 
> If the issue is key management then you should be working with
> David Howell on creating an interface that sits on top of the
> keyring subsystem.
> 
> The Crypto API doesn't care about keys.

No, the problem concerns the use of the Linux keyring (specifically, trusted 
keys and other hardware-managed keys) with cryptographic algorithms.

 From a security standpoint, AF_ALG and keyctl's trusted keys are a perfect 
match to manage secure encryption and decryption, so why not do the same with 
KPP operations (or other cryptographic operations)?

I know there might be issues with allowing user space to use this interface, but:

1) I think this mechanism can get its best when implemented in hardware, and

2) (hey!) we're developers who know what they're doing! :)

This patch series is just a sample of the improvements I'd like to make on this 
front. Please tell me if you don't intend to add these mechanisms to the kernel 
at all, or if I have any chances, so I can decide whether to proceed or stop here.

Ciao,

Rodolfo

-- 
GNU/Linux Solutions                  e-mail: giometti@enneenne.com
Linux Device Driver                          giometti@linux.it
Embedded Systems                     phone:  +39 349 2432127
UNIX programming