From patchwork Fri May 20 05:54:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 111505 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id A93DEA0503; Fri, 20 May 2022 09:04:43 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id C23B342BD5; Fri, 20 May 2022 09:03:24 +0200 (CEST) Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by mails.dpdk.org (Postfix) with ESMTP id 6B43A42BC5 for ; Fri, 20 May 2022 09:03:23 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1653030203; x=1684566203; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=RUH2ZWYLwzKjAfPgykjsu2CE+4n3A/8GO9UJr1i4wU4=; b=PeE9ewS0p4o6Cv+SGb1u0ngPJOMSd886LkPmn0vSBv7F3+qHrK0dsPI5 xHVuU05XB9iaFDwcPkuRJ3QQVJywKyRXFYhjqem/Hjlkkj+DNCOLaVAIk 25O3xwSpSm+kmrD64JLSTlGcIwmHKByhP+ZGJMWWl4DuPiI0nPzO2f/LX /WJmEHGr2YiHthXgcExcv/DJz2mAEt0YycpMSqsJI8Lbf+bhwWc0dbz99 hTZhPC4OE94jj8iFt0o7wYwB4vvuw7a3oK8vq9amNjxjs2H99liwjYxQw bQT50dpB9YybmVeVUMKCNWkT3nWEZNMURH+69euDY0DlOw/CfIjiMNXb9 g==; X-IronPort-AV: E=McAfee;i="6400,9594,10352"; a="333140391" X-IronPort-AV: E=Sophos;i="5.91,238,1647327600"; d="scan'208";a="333140391" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 May 2022 00:03:23 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.91,238,1647327600"; d="scan'208";a="599058393" Received: from silpixa00399302.ir.intel.com ([10.237.214.136]) by orsmga008.jf.intel.com with ESMTP; 20 May 2022 00:03:21 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, anoobj@marvell.com, roy.fan.zhang@intel.com, Arek Kusztal Subject: [PATCH 21/40] cryptodev: add public key verify option Date: Fri, 20 May 2022 06:54:26 +0100 Message-Id: <20220520055445.40063-22-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20220520055445.40063-1-arkadiuszx.kusztal@intel.com> References: <20220520055445.40063-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org - Added key exchange public key verify option. For some elliptic curves public point in DH exchange needs to be checked, if it lays on the curve. Modular exponentiation needs certain checks as well, though mathematically much easier. This commit adds verify option to asym_op operations. Signed-off-by: Arek Kusztal --- lib/cryptodev/rte_crypto_asym.h | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index 09edf2ac3d..73ff9ff815 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -110,8 +110,10 @@ enum rte_crypto_asym_ke_type { /**< Private Key generation operation */ RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE, /**< Public Key generation operation */ - RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE + RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE, /**< Shared Secret compute operation */ + RTE_CRYPTO_ASYM_OP_DH_KEY_VERIFY + /**< Public Key Verification */ }; /** @@ -397,6 +399,10 @@ struct rte_crypto_dh_op_param { * For ECDH it is a point on the curve. * Output for RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE * Input for RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE + * + * VERIFY option can be used only for elliptic curve + * point validation, for FFDH (DH) it is user's reponsibility + * to check the public key accordingly. */ union { rte_crypto_uint shared_secret;