Some crypto accelerators allow working with secure or hidden keys. This keys are not exposed to Linux nor main memory. To use them for a crypto operation they are referenced with a device specific id.
This patch adds a new flag, CRYPTO_TFM_REQ_REF_KEY. If this flag is set, crypto drivers should tread the key as specified via setkey as reference and not as regular key. Since we reuse the key data structure such a reference is limited by the key size of the chiper and is chip specific. TODO: If the cipher implementation or the driver does not support reference keys, we need a way to detect this an fail upon setkey. How should the driver indicate that it supports this feature? Signed-off-by: Richard Weinberger <rich...@nod.at> --- include/linux/crypto.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/linux/crypto.h b/include/linux/crypto.h index f2565a103158..737ea00e026b 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h @@ -121,6 +121,7 @@ #define CRYPTO_TFM_REQ_FORBID_WEAK_KEYS 0x00000100 #define CRYPTO_TFM_REQ_MAY_SLEEP 0x00000200 #define CRYPTO_TFM_REQ_MAY_BACKLOG 0x00000400 +#define CRYPTO_TFM_REQ_REF_KEY 0x00000800 #define CRYPTO_TFM_RES_WEAK_KEY 0x00100000 #define CRYPTO_TFM_RES_BAD_KEY_LEN 0x00200000 #define CRYPTO_TFM_RES_BAD_KEY_SCHED 0x00400000 -- 2.16.4
