[v7,1/3] cryptodev: add ec points to sm2 op
Checks
Commit Message
In the case when PMD cannot support the full process of the SM2,
but elliptic curve computation only, additional fields
are needed to handle such a case.
Points C1, kP therefore were added to the SM2 crypto operation struct.
Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
---
doc/guides/rel_notes/release_24_11.rst | 3 ++
lib/cryptodev/rte_crypto_asym.h | 56 +++++++++++++++++++-------
2 files changed, 45 insertions(+), 14 deletions(-)
@@ -406,6 +406,9 @@ ABI Changes
added new structure ``rte_node_xstats`` to ``rte_node_register`` and
added ``xstat_off`` to ``rte_node``.
+* cryptodev: The ``rte_crypto_sm2_op_param`` struct member to hold ciphertext
+ is changed to union data type. This change is to support partial SM2 calculation.
+
Known Issues
------------
@@ -646,6 +646,8 @@ enum rte_crypto_sm2_op_capa {
/**< Random number generator supported in SM2 ops. */
RTE_CRYPTO_SM2_PH,
/**< Prehash message before crypto op. */
+ RTE_CRYPTO_SM2_PARTIAL,
+ /**< Calculate elliptic curve points only. */
};
/**
@@ -673,20 +675,46 @@ struct rte_crypto_sm2_op_param {
* will be overwritten by the PMD with the decrypted length.
*/
- rte_crypto_param cipher;
- /**<
- * Pointer to input data
- * - to be decrypted for SM2 private decrypt.
- *
- * Pointer to output data
- * - for SM2 public encrypt.
- * In this case the underlying array should have been allocated
- * with enough memory to hold ciphertext output (at least X bytes
- * for prime field curve of N bytes and for message M bytes,
- * where X = (C1 || C2 || C3) and computed based on SM2 RFC as
- * C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will
- * be overwritten by the PMD with the encrypted length.
- */
+ union {
+ rte_crypto_param cipher;
+ /**<
+ * Pointer to input data
+ * - to be decrypted for SM2 private decrypt.
+ *
+ * Pointer to output data
+ * - for SM2 public encrypt.
+ * In this case the underlying array should have been allocated
+ * with enough memory to hold ciphertext output (at least X bytes
+ * for prime field curve of N bytes and for message M bytes,
+ * where X = (C1 || C2 || C3) and computed based on SM2 RFC as
+ * C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will
+ * be overwritten by the PMD with the encrypted length.
+ */
+ struct {
+ struct rte_crypto_ec_point c1;
+ /**<
+ * This field is used only when PMD does not support the full
+ * process of the SM2 encryption/decryption, but the elliptic
+ * curve part only.
+ *
+ * In the case of encryption, it is an output - point C1 = (x1,y1).
+ * In the case of decryption, if is an input - point C1 = (x1,y1).
+ *
+ * Must be used along with the RTE_CRYPTO_SM2_PARTIAL flag.
+ */
+ struct rte_crypto_ec_point kp;
+ /**<
+ * This field is used only when PMD does not support the full
+ * process of the SM2 encryption/decryption, but the elliptic
+ * curve part only.
+ *
+ * It is an output in the encryption case, it is a point
+ * [k]P = (x2,y2).
+ *
+ * Must be used along with the RTE_CRYPTO_SM2_PARTIAL flag.
+ */
+ };
+ };
rte_crypto_uint id;
/**< The SM2 id used by signer and verifier. */