diff mbox series

[v2,03/14] cryptodev: separate key exchange operation enum

Message ID 20220525155324.9288-4-arkadiuszx.kusztal@intel.com (mailing list archive)
State Superseded
Delegated to: akhil goyal
Headers show
Series cryptodev: rsa, dh, ecdh changes | expand

Checks

Context Check Description
ci/checkpatch success coding style OK

Commit Message

Kusztal, ArkadiuszX May 25, 2022, 3:53 p.m. UTC
- Separated key exchange enum from asym op type.
Key exchange and asymmetric crypto operations like signatures,
encryption/decryption should not share same operation enum as
its use cases are unrelated and mutually exclusive.
Therefore op_type was separate into:
1) operation type
2) key exchange operation type

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 app/test/test_cryptodev_asym.c               | 11 +++----
 drivers/crypto/openssl/rte_openssl_pmd.c     | 10 +++----
 drivers/crypto/openssl/rte_openssl_pmd_ops.c | 12 ++++----
 lib/cryptodev/rte_crypto_asym.h              | 45 +++++++++++++++++-----------
 lib/cryptodev/rte_cryptodev.c                | 14 ++++++---
 5 files changed, 55 insertions(+), 37 deletions(-)

Comments

Akhil Goyal May 26, 2022, 10:57 a.m. UTC | #1
>  /**
> + * Asymmetric crypto key exchange operation type
> + */
> +enum rte_crypto_asym_ke_type {
> +	RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE,

Is it better to shorten it to 
RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE
RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE

> +	/**< Private Key generation operation */
> +	RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE,
> +	/**< Public Key generation operation */
> +	RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE
> +	/**< Shared Secret compute operation */
> +};
> +
> +/**
>   * Padding types for RSA signature.
>   */
>  enum rte_crypto_rsa_padding_type {
> @@ -238,7 +248,7 @@ struct rte_crypto_modinv_xform {
>   *
>   */
>  struct rte_crypto_dh_xform {
> -	enum rte_crypto_asym_op_type type;
> +	enum rte_crypto_asym_ke_type type;
>  	/**< Setup xform for key generate or shared secret compute */
>  	rte_crypto_uint p;
>  	/**< Prime modulus data */
> @@ -375,26 +385,27 @@ struct rte_crypto_rsa_op_param {
>  struct rte_crypto_dh_op_param {
>  	rte_crypto_uint pub_key;
>  	/**<
> -	 * Output generated public key when xform type is
> -	 * DH PUB_KEY_GENERATION.
> -	 * Input peer public key when xform type is DH
> -	 * SHARED_SECRET_COMPUTATION
> +	 * Output - generated public key, when xform type is

It is not xform type, Right?
It should be key exchange type.
Check at other places also.

> +	 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE.
>  	 *
> +	 * Input - peer's public key, when xform type is
> +	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
>  	 */
> 
>  	rte_crypto_uint priv_key;
>  	/**<
> -	 * Output generated private key if xform type is
> -	 * DH PRIVATE_KEY_GENERATION
> -	 * Input when xform type is DH SHARED_SECRET_COMPUTATION.
> +	 * Output - generated private key, when xform type is
> +	 * RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE.
>  	 *
> +	 * Input - private key, when xform type is one of:
> +	 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE,
> +	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
>  	 */
> 
>  	rte_crypto_uint shared_secret;
>  	/**<
> -	 * Output with calculated shared secret
> -	 * when dh xform set up with op type =
> SHARED_SECRET_COMPUTATION.
> -	 *
> +	 * Output - calculated shared secret when xform type is
> +	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
>  	 */
>  };
>
Kusztal, ArkadiuszX May 26, 2022, 11:06 a.m. UTC | #2
> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Thursday, May 26, 2022 12:58 PM
> To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>
> Subject: RE: [EXT] [PATCH v2 03/14] cryptodev: separate key exchange
> operation enum
> 
> >  /**
> > + * Asymmetric crypto key exchange operation type  */ enum
> > +rte_crypto_asym_ke_type {
> > +	RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE,
> 
> Is it better to shorten it to
> RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE
> RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE
+1, Actually I am not big fan of having asym everywhere too.
RTE_CRYPTO_KE_PRIV_KEY_GENERATE would be equally good.
> 
> > +	/**< Private Key generation operation */
> > +	RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE,
> > +	/**< Public Key generation operation */
> > +	RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE
> > +	/**< Shared Secret compute operation */ };
> > +
> > +/**
> >   * Padding types for RSA signature.
> >   */
> >  enum rte_crypto_rsa_padding_type {
> > @@ -238,7 +248,7 @@ struct rte_crypto_modinv_xform {
> >   *
> >   */
> >  struct rte_crypto_dh_xform {
> > -	enum rte_crypto_asym_op_type type;
> > +	enum rte_crypto_asym_ke_type type;
> >  	/**< Setup xform for key generate or shared secret compute */
> >  	rte_crypto_uint p;
> >  	/**< Prime modulus data */
> > @@ -375,26 +385,27 @@ struct rte_crypto_rsa_op_param {  struct
> > rte_crypto_dh_op_param {
> >  	rte_crypto_uint pub_key;
> >  	/**<
> > -	 * Output generated public key when xform type is
> > -	 * DH PUB_KEY_GENERATION.
> > -	 * Input peer public key when xform type is DH
> > -	 * SHARED_SECRET_COMPUTATION
> > +	 * Output - generated public key, when xform type is
> 
> It is not xform type, Right?
> It should be key exchange type.
Yes, I meant xform op_type. Will change, leter it will be overwritten by move dh op patch too.
> Check at other places also.
> 
> > +	 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE.
> >  	 *
> > +	 * Input - peer's public key, when xform type is
> > +	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
> >  	 */
> >
> >  	rte_crypto_uint priv_key;
> >  	/**<
> > -	 * Output generated private key if xform type is
> > -	 * DH PRIVATE_KEY_GENERATION
> > -	 * Input when xform type is DH SHARED_SECRET_COMPUTATION.
> > +	 * Output - generated private key, when xform type is
> > +	 * RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE.
> >  	 *
> > +	 * Input - private key, when xform type is one of:
> > +	 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE,
> > +	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
> >  	 */
> >
> >  	rte_crypto_uint shared_secret;
> >  	/**<
> > -	 * Output with calculated shared secret
> > -	 * when dh xform set up with op type =
> > SHARED_SECRET_COMPUTATION.
> > -	 *
> > +	 * Output - calculated shared secret when xform type is
> > +	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
> >  	 */
> >  };
> >
Akhil Goyal May 26, 2022, 11:09 a.m. UTC | #3
> > >  /**
> > > + * Asymmetric crypto key exchange operation type  */ enum
> > > +rte_crypto_asym_ke_type {
> > > +	RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE,
> >
> > Is it better to shorten it to
> > RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE
> > RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE
> +1, Actually I am not big fan of having asym everywhere too.
> RTE_CRYPTO_KE_PRIV_KEY_GENERATE would be equally good.

It is better to keep ASYM, or else people might relate with IKE

> >
> > > +	/**< Private Key generation operation */
> > > +	RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE,
> > > +	/**< Public Key generation operation */
> > > +	RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE
> > > +	/**< Shared Secret compute operation */ };
> > > +
> > > +/**
> > >   * Padding types for RSA signature.
> > >   */
> > >  enum rte_crypto_rsa_padding_type {
> > > @@ -238,7 +248,7 @@ struct rte_crypto_modinv_xform {
> > >   *
> > >   */
> > >  struct rte_crypto_dh_xform {
> > > -	enum rte_crypto_asym_op_type type;
> > > +	enum rte_crypto_asym_ke_type type;
> > >  	/**< Setup xform for key generate or shared secret compute */
> > >  	rte_crypto_uint p;
> > >  	/**< Prime modulus data */
> > > @@ -375,26 +385,27 @@ struct rte_crypto_rsa_op_param {  struct
> > > rte_crypto_dh_op_param {
> > >  	rte_crypto_uint pub_key;
> > >  	/**<
> > > -	 * Output generated public key when xform type is
> > > -	 * DH PUB_KEY_GENERATION.
> > > -	 * Input peer public key when xform type is DH
> > > -	 * SHARED_SECRET_COMPUTATION
> > > +	 * Output - generated public key, when xform type is
> >
> > It is not xform type, Right?
> > It should be key exchange type.
> Yes, I meant xform op_type. Will change, leter it will be overwritten by move dh
> op patch too.

OK
> > Check at other places also.
> >
> > > +	 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE.
> > >  	 *
> > > +	 * Input - peer's public key, when xform type is
> > > +	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
> > >  	 */
> > >
> > >  	rte_crypto_uint priv_key;
> > >  	/**<
> > > -	 * Output generated private key if xform type is
> > > -	 * DH PRIVATE_KEY_GENERATION
> > > -	 * Input when xform type is DH SHARED_SECRET_COMPUTATION.
> > > +	 * Output - generated private key, when xform type is
> > > +	 * RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE.
> > >  	 *
> > > +	 * Input - private key, when xform type is one of:
> > > +	 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE,
> > > +	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
> > >  	 */
> > >
> > >  	rte_crypto_uint shared_secret;
> > >  	/**<
> > > -	 * Output with calculated shared secret
> > > -	 * when dh xform set up with op type =
> > > SHARED_SECRET_COMPUTATION.
> > > -	 *
> > > +	 * Output - calculated shared secret when xform type is
> > > +	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
> > >  	 */
> > >  };
> > >
diff mbox series

Patch

diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 5aa9d65395..1b77aa2b6a 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -1062,7 +1062,7 @@  test_dh_gen_shared_sec(struct rte_crypto_asym_xform *xfrm)
 	asym_op = op->asym;
 
 	/* Setup a xform and op to generate private key only */
-	xform.dh.type = RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE;
+	xform.dh.type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;
 	xform.next = NULL;
 	asym_op->dh.priv_key.data = dh_test_params.priv_key.data;
 	asym_op->dh.priv_key.length = dh_test_params.priv_key.length;
@@ -1144,7 +1144,7 @@  test_dh_gen_priv_key(struct rte_crypto_asym_xform *xfrm)
 	asym_op = op->asym;
 
 	/* Setup a xform and op to generate private key only */
-	xform.dh.type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE;
+	xform.dh.type = RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE;
 	xform.next = NULL;
 	asym_op->dh.priv_key.data = output;
 	asym_op->dh.priv_key.length = sizeof(output);
@@ -1227,7 +1227,7 @@  test_dh_gen_pub_key(struct rte_crypto_asym_xform *xfrm)
 	 * using test private key
 	 *
 	 */
-	xform.dh.type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE;
+	xform.dh.type = RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE;
 	xform.next = NULL;
 
 	asym_op->dh.pub_key.data = output;
@@ -1317,9 +1317,10 @@  test_dh_gen_kp(struct rte_crypto_asym_xform *xfrm)
 	/* Setup a xform chain to generate
 	 * private key first followed by
 	 * public key
-	 */xform.dh.type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE;
+	 */
+	xform.dh.type = RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE;
 	pub_key_xform.xform_type = RTE_CRYPTO_ASYM_XFORM_DH;
-	pub_key_xform.dh.type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE;
+	pub_key_xform.dh.type = RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE;
 	xform.next = &pub_key_xform;
 
 	asym_op->dh.pub_key.data = out_pub_key;
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index d80e1052e2..2a3930df0a 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1697,7 +1697,7 @@  process_openssl_dh_op(struct rte_crypto_op *cop,
 	int ret = 0;
 
 	if (sess->u.dh.key_op &
-			(1 << RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE)) {
+			(1 << RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE)) {
 		/* compute shared secret using peer public key
 		 * and current private key
 		 * shared secret = peer_key ^ priv_key mod p
@@ -1754,9 +1754,9 @@  process_openssl_dh_op(struct rte_crypto_op *cop,
 	 * then first set DH with user provided private key
 	 */
 	if ((sess->u.dh.key_op &
-			(1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) &&
+			(1 << RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE)) &&
 			!(sess->u.dh.key_op &
-			(1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE))) {
+			(1 << RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE))) {
 		/* generate public key using user-provided private key
 		 * pub_key = g ^ priv_key mod p
 		 */
@@ -1790,7 +1790,7 @@  process_openssl_dh_op(struct rte_crypto_op *cop,
 		return 0;
 	}
 
-	if (sess->u.dh.key_op & (1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) {
+	if (sess->u.dh.key_op & (1 << RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE)) {
 		const BIGNUM *pub_key = NULL;
 
 		OPENSSL_LOG(DEBUG, "%s:%d update public key\n",
@@ -1805,7 +1805,7 @@  process_openssl_dh_op(struct rte_crypto_op *cop,
 	}
 
 	if (sess->u.dh.key_op &
-			(1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE)) {
+			(1 << RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE)) {
 		const BIGNUM *priv_key = NULL;
 
 		OPENSSL_LOG(DEBUG, "%s:%d updated priv key\n",
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 1cb07794bd..c975ef640a 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -533,10 +533,10 @@  static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {
 			.xform_capa = {
 				.xform_type = RTE_CRYPTO_ASYM_XFORM_DH,
 				.op_types =
-				((1<<RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) |
-				(1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE |
+				((1<<RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE) |
+				(1 << RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE |
 				(1 <<
-				RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE))),
+				RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE))),
 				{
 				.modlen = {
 				/* value 0 symbolizes no limit on min length */
@@ -1009,13 +1009,13 @@  static int openssl_set_asym_session_parameters(
 		asym_session->u.dh.key_op = (1 << xform->dh.type);
 
 		if (xform->dh.type ==
-			RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) {
+			RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE) {
 			/* check if next is pubkey */
 			if ((xform->next != NULL) &&
 				(xform->next->xform_type ==
 				RTE_CRYPTO_ASYM_XFORM_DH) &&
 				(xform->next->dh.type ==
-				RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)
+				RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE)
 				) {
 				/*
 				 * setup op as pub/priv key
@@ -1023,7 +1023,7 @@  static int openssl_set_asym_session_parameters(
 				 */
 				asym_session->u.dh.key_op |=
 				(1 <<
-				RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE);
+				RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE);
 			}
 		}
 		asym_session->u.dh.dh_key = dh;
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index 66ffb29743..2b427afa3f 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -33,6 +33,10 @@  struct rte_cryptodev_asym_session;
 extern const char *
 rte_crypto_asym_xform_strings[];
 
+/** asym key exchange operation type name strings */
+extern const char *
+rte_crypto_asym_ke_strings[];
+
 /** asym operations type name strings */
 extern const char *
 rte_crypto_asym_op_strings[];
@@ -124,16 +128,22 @@  enum rte_crypto_asym_op_type {
 	/**< Signature Generation operation */
 	RTE_CRYPTO_ASYM_OP_VERIFY,
 	/**< Signature Verification operation */
-	RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE,
-	/**< DH Private Key generation operation */
-	RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE,
-	/**< DH Public Key generation operation */
-	RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE,
-	/**< DH Shared Secret compute operation */
 	RTE_CRYPTO_ASYM_OP_LIST_END
 };
 
 /**
+ * Asymmetric crypto key exchange operation type
+ */
+enum rte_crypto_asym_ke_type {
+	RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE,
+	/**< Private Key generation operation */
+	RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE,
+	/**< Public Key generation operation */
+	RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE
+	/**< Shared Secret compute operation */
+};
+
+/**
  * Padding types for RSA signature.
  */
 enum rte_crypto_rsa_padding_type {
@@ -238,7 +248,7 @@  struct rte_crypto_modinv_xform {
  *
  */
 struct rte_crypto_dh_xform {
-	enum rte_crypto_asym_op_type type;
+	enum rte_crypto_asym_ke_type type;
 	/**< Setup xform for key generate or shared secret compute */
 	rte_crypto_uint p;
 	/**< Prime modulus data */
@@ -375,26 +385,27 @@  struct rte_crypto_rsa_op_param {
 struct rte_crypto_dh_op_param {
 	rte_crypto_uint pub_key;
 	/**<
-	 * Output generated public key when xform type is
-	 * DH PUB_KEY_GENERATION.
-	 * Input peer public key when xform type is DH
-	 * SHARED_SECRET_COMPUTATION
+	 * Output - generated public key, when xform type is
+	 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE.
 	 *
+	 * Input - peer's public key, when xform type is
+	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
 	 */
 
 	rte_crypto_uint priv_key;
 	/**<
-	 * Output generated private key if xform type is
-	 * DH PRIVATE_KEY_GENERATION
-	 * Input when xform type is DH SHARED_SECRET_COMPUTATION.
+	 * Output - generated private key, when xform type is
+	 * RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE.
 	 *
+	 * Input - private key, when xform type is one of:
+	 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE,
+	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
 	 */
 
 	rte_crypto_uint shared_secret;
 	/**<
-	 * Output with calculated shared secret
-	 * when dh xform set up with op type = SHARED_SECRET_COMPUTATION.
-	 *
+	 * Output - calculated shared secret when xform type is
+	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
 	 */
 };
 
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
index 691625bd04..af58f49d07 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -176,10 +176,16 @@  const char *rte_crypto_asym_op_strings[] = {
 	[RTE_CRYPTO_ASYM_OP_ENCRYPT]	= "encrypt",
 	[RTE_CRYPTO_ASYM_OP_DECRYPT]	= "decrypt",
 	[RTE_CRYPTO_ASYM_OP_SIGN]	= "sign",
-	[RTE_CRYPTO_ASYM_OP_VERIFY]	= "verify",
-	[RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE]	= "priv_key_generate",
-	[RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE] = "pub_key_generate",
-	[RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE] = "sharedsecret_compute",
+	[RTE_CRYPTO_ASYM_OP_VERIFY]	= "verify"
+};
+
+/**
+ * Asymmetric crypto key exchange operation strings identifiers.
+ */
+const char *rte_crypto_asym_ke_strings[] = {
+	[RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE] = "priv_key_generate",
+	[RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE] = "pub_key_generate",
+	[RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE] = "sharedsecret_compute"
 };
 
 /**