From patchwork Wed Feb 2 06:50:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 106766 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C5C18A00C5; Wed, 2 Feb 2022 07:50:44 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 3A615411FE; Wed, 2 Feb 2022 07:50:41 +0100 (CET) Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mails.dpdk.org (Postfix) with ESMTP id 82820410FF for ; Wed, 2 Feb 2022 07:50:39 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643784639; x=1675320639; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=qHGoiA8QbRR4HYR5V0M9z9BN9pnQEkeTTZG2dvN96Yg=; b=k9L6zNhPP+wl8ANxAWV2HxkQTZneKheNFOSrsGavh4vY0y9SBz8zqUWo wkGt9vo73Gfac1IYXiLASHL0gjiACId9bT79Iv4xXGLJZ0EKJdkx5tSmF MlNl+TUe0uuxf11ozxnqF3yrEO40+q6tzETPWKT1OJsRLkfP31lsl8LmL qXcHXh5HnSrlFvqe/tFjvnxhW7pEbJ8q+P9iCaC4bBV2S1m8ST9Azc3FR EX/YmomH6SxG3AEYsxs/GoiIYrCUO7FHA/w2OKcnQ0yho8ijHNrCQ5e38 4CG1jryE2NB7Tt/hMzwp6FCqiIJga7id/A7vCNmUujE86KEY/dMvtDNdU A==; X-IronPort-AV: E=McAfee;i="6200,9189,10245"; a="235257324" X-IronPort-AV: E=Sophos;i="5.88,336,1635231600"; d="scan'208";a="235257324" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Feb 2022 22:50:39 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,336,1635231600"; d="scan'208";a="480007239" Received: from silpixa00400308.ir.intel.com ([10.237.214.95]) by orsmga003.jf.intel.com with ESMTP; 01 Feb 2022 22:50:37 -0800 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, rbalu@marvell.com, Arek Kusztal Subject: [PATCH 1/4] crypto: add dsa random number k Date: Wed, 2 Feb 2022 06:50:27 +0000 Message-Id: <20220202065030.23276-2-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220202065030.23276-1-arkadiuszx.kusztal@intel.com> References: <20220202065030.23276-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit adds random number 'k' to dsa op param struct. Signed-off-by: Arek Kusztal Acked-by: Fan Zhang --- lib/cryptodev/rte_crypto_asym.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index 9c866f553f..e0def3d9ab 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -547,6 +547,10 @@ struct rte_crypto_dsa_op_param { /**< Signature Generation or Verification */ rte_crypto_param message; /**< input message to be signed or verified */ + rte_crypto_param k; + /**< Per-message secret number, which is an integer + * in the interval (1, q-1) + */ rte_crypto_param r; /**< dsa sign component 'r' value * From patchwork Wed Feb 2 06:50:28 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 106767 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9FB2DA00C5; Wed, 2 Feb 2022 07:50:49 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 8C49541C26; Wed, 2 Feb 2022 07:50:43 +0100 (CET) Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mails.dpdk.org (Postfix) with ESMTP id B97F941C2E for ; Wed, 2 Feb 2022 07:50:41 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643784641; x=1675320641; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=AUN7YUv0wnqXVH8qawolweFEbpus5OVEjBgimAIiAS8=; b=C1SXinwDjOyUAku9YKjkpoPFrMP/f8sWoeM+ctFJw7Nl5BFq0/maZDKU 1jwq0SdEPIvtywBcilV2cGO7n/qwLVTUD8vi2qs0VlvPxhr4KLfuUTYBp qjUt3uc0O9gbbpcdGSVr4kDoVJ5xFHn5g2ZkekuIi+h3G/sT1FE9hh/zC TeI9GaG1wr75+u60ha1ND6F2zaX26pSNcMNhLzT/rnyMud7P/R+7AoZED i/M0JA8PZPtJYYy9011X23jH9ft1xZwW2n+Z/5Y8aOddi4ugtzA9dktnY eJKmiMoJHekX4AqvP8TM8va/x0yayzZba9Jo4kJ6fBHNQlZCJf3RyoCcd g==; X-IronPort-AV: E=McAfee;i="6200,9189,10245"; a="235257326" X-IronPort-AV: E=Sophos;i="5.88,336,1635231600"; d="scan'208";a="235257326" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Feb 2022 22:50:41 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,336,1635231600"; d="scan'208";a="480007250" Received: from silpixa00400308.ir.intel.com ([10.237.214.95]) by orsmga003.jf.intel.com with ESMTP; 01 Feb 2022 22:50:39 -0800 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, rbalu@marvell.com, Arek Kusztal Subject: [PATCH 2/4] crypto: clarify usage of random numbers in asym Date: Wed, 2 Feb 2022 06:50:28 +0000 Message-Id: <20220202065030.23276-3-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220202065030.23276-1-arkadiuszx.kusztal@intel.com> References: <20220202065030.23276-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit clarifies usage of random numbers in asymmetric crypto API. Signed-off-by: Arek Kusztal Acked-by: Fan Zhang --- lib/cryptodev/rte_crypto_asym.h | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index e0def3d9ab..58d47158de 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -33,6 +33,11 @@ extern "C" { * These buffers can be used for both input to PMD and output from PMD. When * used for output from PMD, application has to ensure the buffer is large * enough to hold the target data. + * + * If an operation requires the PMD to generate a random number, + * and the device supports CSRNG, 'data' should be set to NULL. + * The crypto parameter in question will not be used by the PMD, + * as it is internally generated. */ typedef struct rte_crypto_param_t { uint8_t *data; @@ -549,7 +554,9 @@ struct rte_crypto_dsa_op_param { /**< input message to be signed or verified */ rte_crypto_param k; /**< Per-message secret number, which is an integer - * in the interval (1, q-1) + * in the interval (1, q-1). + * If the random number is generated by the PMD, + * the 'rte_crypto_param.data' parameter should be set to NULL. */ rte_crypto_param r; /**< dsa sign component 'r' value @@ -589,7 +596,9 @@ struct rte_crypto_ecdsa_op_param { rte_crypto_param k; /**< The ECDSA per-message secret number, which is an integer - * in the interval (1, n-1) + * in the interval (1, n-1). + * If the random number is generated by the PMD, + * the 'rte_crypto_param.data' parameter should be set to NULL. */ rte_crypto_param r; From patchwork Wed Feb 2 06:50:29 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 106768 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id CAD0AA00C5; Wed, 2 Feb 2022 07:50:54 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 8C55B426D5; Wed, 2 Feb 2022 07:50:45 +0100 (CET) Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mails.dpdk.org (Postfix) with ESMTP id F383D426D2 for ; Wed, 2 Feb 2022 07:50:43 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643784644; x=1675320644; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=eRJfJ8fKInDIN1oELI6xc+ceo5GrqSTJnjueYZUP80g=; b=E218g7wnr119z1Le8VB0bCUblzKAqhbtKNLC9biSbnw7+PC5y3lAUgd7 1fcZGbVwOKNFLVb6/XWoc4i9WLqLWdTrn7lFXS3AKLpClk6QTiiblvhc4 jLXRubRckTsWrIX86DdT4sCDKsbpN4J2seKRD6F4YNvT4QLTAEFYXYvxE 0RhCKPpAW+My3ZRkL9OiZdNtLZ43ain+LB3CX0Zc4DT/HllFXVyzPYzRv uW63zLlCd7ib8Pj5gHv5ShdGh/tRrznXMgmtHdlqf1DMlSUPyGMOOb3/q 73A4jNZ+hWOmNH5X8o2Ngqxp9HtnZtFtQG+8cTWE/FZeDyvjuaAuuE1Xs g==; X-IronPort-AV: E=McAfee;i="6200,9189,10245"; a="235257329" X-IronPort-AV: E=Sophos;i="5.88,336,1635231600"; d="scan'208";a="235257329" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Feb 2022 22:50:43 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,336,1635231600"; d="scan'208";a="480007258" Received: from silpixa00400308.ir.intel.com ([10.237.214.95]) by orsmga003.jf.intel.com with ESMTP; 01 Feb 2022 22:50:42 -0800 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, rbalu@marvell.com, Arek Kusztal Subject: [PATCH 3/4] crypto: use rte macro instead of direct attribute Date: Wed, 2 Feb 2022 06:50:29 +0000 Message-Id: <20220202065030.23276-4-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220202065030.23276-1-arkadiuszx.kusztal@intel.com> References: <20220202065030.23276-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This commit replaces __extension__ attribute with RTE_STD_C11 in anonymous unions. Signed-off-by: Arek Kusztal Acked-by: Fan Zhang --- lib/cryptodev/rte_crypto_asym.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index 58d47158de..7bdc847702 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -222,7 +222,7 @@ struct rte_crypto_rsa_xform { enum rte_crypto_rsa_priv_key_type key_type; - __extension__ + RTE_STD_C11 union { rte_crypto_param d; /**< d - Private key exponent @@ -408,7 +408,7 @@ struct rte_crypto_asym_xform { enum rte_crypto_asym_xform_type xform_type; /**< Asymmetric crypto transform */ - __extension__ + RTE_STD_C11 union { struct rte_crypto_rsa_xform rsa; /**< RSA xform parameters */ @@ -642,7 +642,7 @@ struct rte_crypto_asym_op { /**< Session-less API crypto operation parameters */ }; - __extension__ + RTE_STD_C11 union { struct rte_crypto_rsa_op_param rsa; struct rte_crypto_mod_op_param modex; From patchwork Wed Feb 2 06:50:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arkadiusz Kusztal X-Patchwork-Id: 106769 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id E87F1A00C5; Wed, 2 Feb 2022 07:50:59 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 61E70411CE; Wed, 2 Feb 2022 07:50:48 +0100 (CET) Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mails.dpdk.org (Postfix) with ESMTP id EC8BB40DF4 for ; Wed, 2 Feb 2022 07:50:46 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1643784647; x=1675320647; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=3nVgCAF9K5+o+4UEvHsmkU39H5NhwXzltCZRq3npygA=; b=KS2eNul0upAk8a4vrJRMtyniLtV1yaBtI8/pbgQxXHjQPGaakR5BiH7y rC8NJyk8lQTv8rfbkpK2ypki4i5i7A7rJ1e81iv8gTzVBQ64exbEcJyAu dK6eAFakhz4b6fmKs8PsBzuau0BQZcOfaVc4D3nC+i50pKzTphvqL2S0I pq8LX+LZ0mZAR36BgKrjOtDcOTZUjTnPgtAHJBrqnjGPtOjQ47gNTAXVl XXU9+ZOgQqo7jRjmuc/sPfagm9Emmj90A+QpnU44g4QkWod9uzU72m4Ek OEZWb1PfeKk+R+zjj/xSrT+3WoSW7ow/Wt6T6oY2K+LzovPn3Lthmj6hi g==; X-IronPort-AV: E=McAfee;i="6200,9189,10245"; a="235257335" X-IronPort-AV: E=Sophos;i="5.88,336,1635231600"; d="scan'208";a="235257335" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Feb 2022 22:50:46 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,336,1635231600"; d="scan'208";a="480007264" Received: from silpixa00400308.ir.intel.com ([10.237.214.95]) by orsmga003.jf.intel.com with ESMTP; 01 Feb 2022 22:50:44 -0800 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, rbalu@marvell.com, Arek Kusztal Subject: [PATCH 4/4] crypto: reorganize endianness comments, add crypto uint Date: Wed, 2 Feb 2022 06:50:30 +0000 Message-Id: <20220202065030.23276-5-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20220202065030.23276-1-arkadiuszx.kusztal@intel.com> References: <20220202065030.23276-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org This patch adds crypto uint typedef so adding comment about byte-order becomes unnecessary. Additionally it reorganizes code that enums, externs and forward declarations are moved to the top of the header file. Signed-off-by: Arek Kusztal Acked-by: Fan Zhang --- lib/cryptodev/rte_crypto_asym.h | 356 +++++++++++++++------------------------- 1 file changed, 131 insertions(+), 225 deletions(-) diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index 7bdc847702..2eb0f001e3 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -27,26 +27,7 @@ extern "C" { #include "rte_crypto_sym.h" -/** - * Buffer to hold crypto params required for asym operations. - * - * These buffers can be used for both input to PMD and output from PMD. When - * used for output from PMD, application has to ensure the buffer is large - * enough to hold the target data. - * - * If an operation requires the PMD to generate a random number, - * and the device supports CSRNG, 'data' should be set to NULL. - * The crypto parameter in question will not be used by the PMD, - * as it is internally generated. - */ -typedef struct rte_crypto_param_t { - uint8_t *data; - /**< pointer to buffer holding data */ - rte_iova_t iova; - /**< IO address of data buffer */ - size_t length; - /**< length of data in bytes */ -} rte_crypto_param; +struct rte_cryptodev_asym_session; /** asym xform type name strings */ extern const char * @@ -57,6 +38,19 @@ extern const char * rte_crypto_asym_op_strings[]; /** + * TLS named curves + * https://tools.ietf.org/html/rfc8422 + */ +enum rte_crypto_ec_group { + RTE_CRYPTO_EC_GROUP_UNKNOWN = 0, + RTE_CRYPTO_EC_GROUP_SECP192R1 = 19, + RTE_CRYPTO_EC_GROUP_SECP224R1 = 21, + RTE_CRYPTO_EC_GROUP_SECP256R1 = 23, + RTE_CRYPTO_EC_GROUP_SECP384R1 = 24, + RTE_CRYPTO_EC_GROUP_SECP521R1 = 25, +}; + +/** * Asymmetric crypto transformation types. * Each xform type maps to one asymmetric algorithm * performing specific operation @@ -158,47 +152,54 @@ enum rte_crypto_rsa_priv_key_type { }; /** - * Structure describing RSA private key in quintuple format. - * See PKCS V1.5 RSA Cryptography Standard. + * Buffer to hold crypto params required for asym operations. + * + * These buffers can be used for both input to PMD and output from PMD. When + * used for output from PMD, application has to ensure the buffer is large + * enough to hold the target data. + * + * If an operation requires the PMD to generate a random number, + * and the device supports CSRNG, 'data' should be set to NULL. + * The crypto parameter in question will not be used by the PMD, + * as it is internally generated. */ -struct rte_crypto_rsa_priv_key_qt { - rte_crypto_param p; - /**< p - Private key component P - * Private key component of RSA parameter required for CRT method - * of private key operations in Octet-string network byte order - * format. - */ - - rte_crypto_param q; - /**< q - Private key component Q - * Private key component of RSA parameter required for CRT method - * of private key operations in Octet-string network byte order - * format. - */ +typedef struct rte_crypto_param_t { + uint8_t *data; + /**< pointer to buffer holding data */ + rte_iova_t iova; + /**< IO address of data buffer */ + size_t length; + /**< length of data in bytes */ +} rte_crypto_param; - rte_crypto_param dP; - /**< dP - Private CRT component - * Private CRT component of RSA parameter required for CRT method - * RSA private key operations in Octet-string network byte order - * format. - * dP = d mod ( p - 1 ) - */ +/** Unsigned big-integer in big-endian format */ +typedef rte_crypto_param rte_crypto_uint; - rte_crypto_param dQ; - /**< dQ - Private CRT component - * Private CRT component of RSA parameter required for CRT method - * RSA private key operations in Octet-string network byte order - * format. - * dQ = d mod ( q - 1 ) - */ +/** + * Structure for elliptic curve point + */ +struct rte_crypto_ec_point { + rte_crypto_param x; + /**< X coordinate */ + rte_crypto_param y; + /**< Y coordinate */ +}; - rte_crypto_param qInv; - /**< qInv - Private CRT component - * Private CRT component of RSA parameter required for CRT method - * RSA private key operations in Octet-string network byte order - * format. - * qInv = inv q mod p - */ +/** + * Structure describing RSA private key in quintuple format. + * See PKCS V1.5 RSA Cryptography Standard. + */ +struct rte_crypto_rsa_priv_key_qt { + rte_crypto_uint p; + /**< the first factor */ + rte_crypto_uint q; + /**< the second factor */ + rte_crypto_uint dP; + /**< the first factor's CRT exponent */ + rte_crypto_uint dQ; + /**< the second's factor's CRT exponent */ + rte_crypto_uint qInv; + /**< the CRT coefficient */ }; /** @@ -208,29 +209,17 @@ struct rte_crypto_rsa_priv_key_qt { * */ struct rte_crypto_rsa_xform { - rte_crypto_param n; - /**< n - Modulus - * Modulus data of RSA operation in Octet-string network - * byte order format. - */ - - rte_crypto_param e; - /**< e - Public key exponent - * Public key exponent used for RSA public key operations in Octet- - * string network byte order format. - */ + rte_crypto_uint n; + /**< the RSA modulus */ + rte_crypto_uint e; + /**< the RSA public exponent */ enum rte_crypto_rsa_priv_key_type key_type; RTE_STD_C11 union { - rte_crypto_param d; - /**< d - Private key exponent - * Private key exponent used for RSA - * private key operations in - * Octet-string network byte order format. - */ - + rte_crypto_uint d; + /**< the RSA private exponent */ struct rte_crypto_rsa_priv_key_qt qt; /**< qt - Private key in quintuple format */ }; @@ -243,20 +232,10 @@ struct rte_crypto_rsa_xform { * */ struct rte_crypto_modex_xform { - rte_crypto_param modulus; - /**< modulus - * Pointer to the modulus data for modexp transform operation - * in octet-string network byte order format - * - * In case this number is equal to zero the driver shall set - * the crypto op status field to RTE_CRYPTO_OP_STATUS_ERROR - */ - - rte_crypto_param exponent; - /**< exponent - * Exponent of the modexp transform operation in - * octet-string network byte order format - */ + rte_crypto_uint modulus; + /**< Modulus data for modexp transform operation */ + rte_crypto_uint exponent; + /**< Exponent of the modexp transform operation */ }; /** @@ -266,18 +245,8 @@ struct rte_crypto_modex_xform { * */ struct rte_crypto_modinv_xform { - rte_crypto_param modulus; - /**< - * Pointer to the modulus data for modular multiplicative inverse - * operation in octet-string network byte order format - * - * In case this number is equal to zero the driver shall set - * the crypto op status field to RTE_CRYPTO_OP_STATUS_ERROR - * - * This number shall be relatively prime to base - * in corresponding Modular Multiplicative Inverse - * rte_crypto_mod_op_param - */ + rte_crypto_uint modulus; + /**< Modulus data for modular multiplicative inverse operation */ }; /** @@ -289,19 +258,10 @@ struct rte_crypto_modinv_xform { struct rte_crypto_dh_xform { enum rte_crypto_asym_op_type type; /**< Setup xform for key generate or shared secret compute */ - - rte_crypto_param p; - /**< p : Prime modulus data - * DH prime modulus data in octet-string network byte order format. - * - */ - - rte_crypto_param g; - /**< g : Generator - * DH group generator data in octet-string network byte order - * format. - * - */ + rte_crypto_uint p; + /**< Prime modulus data */ + rte_crypto_uint g; + /**< DH Generator */ }; /** @@ -311,22 +271,13 @@ struct rte_crypto_dh_xform { * */ struct rte_crypto_dsa_xform { - rte_crypto_param p; - /**< p - Prime modulus - * Prime modulus data for DSA operation in Octet-string network byte - * order format. - */ - rte_crypto_param q; - /**< q : Order of the subgroup. - * Order of the subgroup data in Octet-string network byte order - * format. - * (p-1) % q = 0 - */ - rte_crypto_param g; - /**< g: Generator of the subgroup - * Generator data in Octet-string network byte order format. - */ - rte_crypto_param x; + rte_crypto_uint p; + /**< Prime modulus */ + rte_crypto_uint q; + /**< Order of the subgroup */ + rte_crypto_uint g; + /**< Generator of the subgroup */ + rte_crypto_uint x; /**< x: Private key of the signer in octet-string network * byte order format. * Used when app has pre-defined private key. @@ -337,29 +288,6 @@ struct rte_crypto_dsa_xform { }; /** - * TLS named curves - * https://tools.ietf.org/html/rfc8422 - */ -enum rte_crypto_ec_group { - RTE_CRYPTO_EC_GROUP_UNKNOWN = 0, - RTE_CRYPTO_EC_GROUP_SECP192R1 = 19, - RTE_CRYPTO_EC_GROUP_SECP224R1 = 21, - RTE_CRYPTO_EC_GROUP_SECP256R1 = 23, - RTE_CRYPTO_EC_GROUP_SECP384R1 = 24, - RTE_CRYPTO_EC_GROUP_SECP521R1 = 25, -}; - -/** - * Structure for elliptic curve point - */ -struct rte_crypto_ec_point { - rte_crypto_param x; - /**< X coordinate */ - rte_crypto_param y; - /**< Y coordinate */ -}; - -/** * Asymmetric elliptic curve transform data * * Structure describing all EC based xform params @@ -376,65 +304,13 @@ struct rte_crypto_ec_xform { * */ struct rte_crypto_mod_op_param { - rte_crypto_param base; - /**< - * Pointer to base of modular exponentiation/multiplicative - * inverse data in octet-string network byte order format - * - * In case Multiplicative Inverse is used this number shall - * be relatively prime to modulus in corresponding Modular - * Multiplicative Inverse rte_crypto_modinv_xform - */ - - rte_crypto_param result; - /**< - * Pointer to the result of modular exponentiation/multiplicative inverse - * data in octet-string network byte order format. - * - * This field shall be big enough to hold the result of Modular - * Exponentiation or Modular Multiplicative Inverse - * (bigger or equal to length of modulus) - */ + rte_crypto_uint base; + /** Base of modular exponentiation/multiplicative inverse */ + rte_crypto_uint result; + /** Result of modular exponentiation/multiplicative inverse */ }; /** - * Asymmetric crypto transform data - * - * Structure describing asym xforms. - */ -struct rte_crypto_asym_xform { - struct rte_crypto_asym_xform *next; - /**< Pointer to next xform to set up xform chain.*/ - enum rte_crypto_asym_xform_type xform_type; - /**< Asymmetric crypto transform */ - - RTE_STD_C11 - union { - struct rte_crypto_rsa_xform rsa; - /**< RSA xform parameters */ - - struct rte_crypto_modex_xform modex; - /**< Modular Exponentiation xform parameters */ - - struct rte_crypto_modinv_xform modinv; - /**< Modular Multiplicative Inverse xform parameters */ - - struct rte_crypto_dh_xform dh; - /**< DH xform parameters */ - - struct rte_crypto_dsa_xform dsa; - /**< DSA xform parameters */ - - struct rte_crypto_ec_xform ec; - /**< EC xform parameters, used by elliptic curve based - * operations. - */ - }; -}; - -struct rte_cryptodev_asym_session; - -/** * RSA operation params * */ @@ -515,30 +391,27 @@ struct rte_crypto_rsa_op_param { * @note: */ struct rte_crypto_dh_op_param { - rte_crypto_param pub_key; + rte_crypto_uint pub_key; /**< * Output generated public key when xform type is * DH PUB_KEY_GENERATION. * Input peer public key when xform type is DH * SHARED_SECRET_COMPUTATION - * pub_key is in octet-string network byte order format. * */ - rte_crypto_param priv_key; + rte_crypto_uint priv_key; /**< * Output generated private key if xform type is * DH PRIVATE_KEY_GENERATION * Input when xform type is DH SHARED_SECRET_COMPUTATION. - * priv_key is in octet-string network byte order format. * */ - rte_crypto_param shared_secret; + rte_crypto_uint shared_secret; /**< * Output with calculated shared secret * when dh xform set up with op type = SHARED_SECRET_COMPUTATION. - * shared_secret is an octet-string network byte order format. * */ }; @@ -552,28 +425,26 @@ struct rte_crypto_dsa_op_param { /**< Signature Generation or Verification */ rte_crypto_param message; /**< input message to be signed or verified */ - rte_crypto_param k; + rte_crypto_uint k; /**< Per-message secret number, which is an integer * in the interval (1, q-1). * If the random number is generated by the PMD, * the 'rte_crypto_param.data' parameter should be set to NULL. */ - rte_crypto_param r; + rte_crypto_uint r; /**< dsa sign component 'r' value * * output if op_type = sign generate, * input if op_type = sign verify */ - rte_crypto_param s; + rte_crypto_uint s; /**< dsa sign component 's' value * * output if op_type = sign generate, * input if op_type = sign verify */ - rte_crypto_param y; + rte_crypto_uint y; /**< y : Public key of the signer. - * Public key data of the signer in Octet-string network byte order - * format. * y = g^x mod p */ }; @@ -585,7 +456,7 @@ struct rte_crypto_ecdsa_op_param { enum rte_crypto_asym_op_type op_type; /**< Signature generation or verification */ - rte_crypto_param pkey; + rte_crypto_uint pkey; /**< Private key of the signer for signature generation */ struct rte_crypto_ec_point q; @@ -594,19 +465,19 @@ struct rte_crypto_ecdsa_op_param { rte_crypto_param message; /**< Input message digest to be signed or verified */ - rte_crypto_param k; + rte_crypto_uint k; /**< The ECDSA per-message secret number, which is an integer * in the interval (1, n-1). * If the random number is generated by the PMD, * the 'rte_crypto_param.data' parameter should be set to NULL. */ - rte_crypto_param r; + rte_crypto_uint r; /**< r component of elliptic curve signature * output : for signature generation * input : for signature verification */ - rte_crypto_param s; + rte_crypto_uint s; /**< s component of elliptic curve signature * output : for signature generation * input : for signature verification @@ -628,6 +499,41 @@ struct rte_crypto_ecpm_op_param { }; /** + * Asymmetric crypto transform data + * + * Structure describing asym xforms. + */ +struct rte_crypto_asym_xform { + struct rte_crypto_asym_xform *next; + /**< Pointer to next xform to set up xform chain.*/ + enum rte_crypto_asym_xform_type xform_type; + /**< Asymmetric crypto transform */ + + RTE_STD_C11 + union { + struct rte_crypto_rsa_xform rsa; + /**< RSA xform parameters */ + + struct rte_crypto_modex_xform modex; + /**< Modular Exponentiation xform parameters */ + + struct rte_crypto_modinv_xform modinv; + /**< Modular Multiplicative Inverse xform parameters */ + + struct rte_crypto_dh_xform dh; + /**< DH xform parameters */ + + struct rte_crypto_dsa_xform dsa; + /**< DSA xform parameters */ + + struct rte_crypto_ec_xform ec; + /**< EC xform parameters, used by elliptic curve based + * operations. + */ + }; +}; + +/** * Asymmetric Cryptographic Operation. * * Structure describing asymmetric crypto operation params.