diff mbox series

[v5,07/12] cryptodev: add public key verify option

Message ID	20220601090249.86865-8-arkadiuszx.kusztal@intel.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Arek Kusztal <arkadiuszx.kusztal@intel.com> To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, Arek Kusztal <arkadiuszx.kusztal@intel.com> Subject: [PATCH v5 07/12] cryptodev: add public key verify option Date: Wed, 1 Jun 2022 10:02:44 +0100 Message-Id: <20220601090249.86865-8-arkadiuszx.kusztal@intel.com> In-Reply-To: <20220601090249.86865-1-arkadiuszx.kusztal@intel.com> References: <20220601090249.86865-1-arkadiuszx.kusztal@intel.com> Precedence: list Errors-To: dev-bounces@dpdk.org
Series	cryptodev: rsa, dh, ecdh changes \| [v5,00/12] cryptodev: rsa, dh, ecdh changes [v5,01/12] cryptodev: redefine ec group enum [v5,02/12] cryptodev: separate key exchange operation enum [v5,03/12] cryptodev: remove comment about using ephemeral key in dsa [v5,04/12] cryptodev: clarify usage of private key in dh [v5,05/12] cryptodev: move dh type from xform to dh op [v5,06/12] cryptodev: add elliptic curve diffie hellman [v5,07/12] cryptodev: add public key verify option [v5,08/12] cryptodev: add asym op flags [v5,09/12] cryptodev: clarify usage of rsa padding hash [v5,10/12] cryptodev: move RSA padding into separate struct [v5,11/12] cryptodev: clarify rsa verify with none padding [v5,12/12] cryptodev: add salt length and optional label

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK

Commit Message

Arkadiusz Kusztal June 1, 2022, 9:02 a.m. UTC

  - Added key exchange public key verify option.
For some elliptic curves public point in DH exchange
needs to be checked, if it lays on the curve.
Modular exponentiation needs certain checks as well, though
mathematically much easier.
This commit adds verify option to asym_op operations.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 lib/cryptodev/rte_crypto_asym.h | 11 ++++++++---
 lib/cryptodev/rte_cryptodev.c   |  3 ++-
 2 files changed, 10 insertions(+), 4 deletions(-)

diff mbox series

Patch

diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index f61a2ddce8..ae3ca31a89 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -130,8 +130,12 @@  enum rte_crypto_asym_ke_type {
 	/**< Private Key generation operation */
 	RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE,
 	/**< Public Key generation operation */
-	RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE
+	RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE,
 	/**< Shared Secret compute operation */
+	RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY
+	/**< Public Key Verification - can be used for
+	 * elliptic curve point validation.
+	 */
 };
 
 /**
@@ -455,8 +459,9 @@  struct rte_crypto_ecdh_op_param {
 	 * Output - generated public key when ke_type is
 	 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE.
 	 *
-	 * Input - peer's public key when ke_type is
-	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
+	 * Input - peer's public key, when ke_type is one of:
+	 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE,
+	 * RTE_CRYPTO_ASYM_KE_EC_PUBLIC_KEY_VERIFY.
 	 */
 	struct rte_crypto_ec_point shared_secret;
 	/**<
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
index cc614b0f72..42f3221052 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -186,7 +186,8 @@  const char *rte_crypto_asym_op_strings[] = {
 const char *rte_crypto_asym_ke_strings[] = {
 	[RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE] = "priv_key_generate",
 	[RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE] = "pub_key_generate",
-	[RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE] = "sharedsecret_compute"
+	[RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE] = "sharedsecret_compute",
+	[RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY] = "pub_ec_key_verify"
 };
 
 /**