[2/4] crypto: clarify usage of random numbers in asym
Checks
Commit Message
This commit clarifies usage of random numbers in asymmetric
crypto API.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
lib/cryptodev/rte_crypto_asym.h | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
Comments
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Wednesday, February 2, 2022 6:50 AM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>;
> rbalu@marvell.com; Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH 2/4] crypto: clarify usage of random numbers in asym
>
> This commit clarifies usage of random numbers in asymmetric
> crypto API.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
@@ -33,6 +33,11 @@ extern "C" {
* These buffers can be used for both input to PMD and output from PMD. When
* used for output from PMD, application has to ensure the buffer is large
* enough to hold the target data.
+ *
+ * If an operation requires the PMD to generate a random number,
+ * and the device supports CSRNG, 'data' should be set to NULL.
+ * The crypto parameter in question will not be used by the PMD,
+ * as it is internally generated.
*/
typedef struct rte_crypto_param_t {
uint8_t *data;
@@ -549,7 +554,9 @@ struct rte_crypto_dsa_op_param {
/**< input message to be signed or verified */
rte_crypto_param k;
/**< Per-message secret number, which is an integer
- * in the interval (1, q-1)
+ * in the interval (1, q-1).
+ * If the random number is generated by the PMD,
+ * the 'rte_crypto_param.data' parameter should be set to NULL.
*/
rte_crypto_param r;
/**< dsa sign component 'r' value
@@ -589,7 +596,9 @@ struct rte_crypto_ecdsa_op_param {
rte_crypto_param k;
/**< The ECDSA per-message secret number, which is an integer
- * in the interval (1, n-1)
+ * in the interval (1, n-1).
+ * If the random number is generated by the PMD,
+ * the 'rte_crypto_param.data' parameter should be set to NULL.
*/
rte_crypto_param r;