From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 233A1A0471
	for <public@inbox.dpdk.org>; Fri, 16 Aug 2019 13:32:03 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id DB1DD1BEF7;
	Fri, 16 Aug 2019 13:32:01 +0200 (CEST)
Received: from mga12.intel.com (mga12.intel.com [192.55.52.136])
 by dpdk.org (Postfix) with ESMTP id 8D89D1D7
 for <dev@dpdk.org>; Fri, 16 Aug 2019 13:31:59 +0200 (CEST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga007.jf.intel.com ([10.7.209.58])
 by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 16 Aug 2019 04:31:58 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.64,393,1559545200"; 
 d="scan'208,217";a="168029032"
Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204])
 by orsmga007.jf.intel.com with ESMTP; 16 Aug 2019 04:31:58 -0700
Received: from fmsmsx154.amr.corp.intel.com (10.18.116.70) by
 FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Fri, 16 Aug 2019 04:31:57 -0700
Received: from HASMSX110.ger.corp.intel.com (10.184.198.28) by
 FMSMSX154.amr.corp.intel.com (10.18.116.70) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Fri, 16 Aug 2019 04:31:57 -0700
Received: from HASMSX109.ger.corp.intel.com ([169.254.3.38]) by
 HASMSX110.ger.corp.intel.com ([169.254.6.228]) with mapi id 14.03.0439.000;
 Fri, 16 Aug 2019 14:31:54 +0300
From: "Kusztal, ArkadiuszX" <arkadiuszx.kusztal@intel.com>
To: "Trahe, Fiona" <fiona.trahe@intel.com>, "akhil.goyal@nxp.com"
 <akhil.goyal@nxp.com>, "Verma, Shally" <Shally.Verma@cavium.com>, Ayuj Verma
 <ayverma@marvell.com>, Anoob Joseph <anoobj@marvell.com>
CC: "dev@dpdk.org" <dev@dpdk.org>
Thread-Topic: [RFC] RSA Digital Signature input
Thread-Index: AdVUHr24k+JFv/E2SoOwCdFAojKnyQ==
Date: Fri, 16 Aug 2019 11:31:53 +0000
Message-ID: <06EE24DD0B19E248B53F6DC8657831551B293A1A@hasmsx109.ger.corp.intel.com>
Accept-Language: pl-PL, en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-version: 11.2.0.6
dlp-reaction: no-action
x-originating-ip: [10.184.70.10]
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: [dpdk-dev] [RFC] RSA Digital Signature input
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Hi all,

This is a continuation of thread we have had before but it would be easier =
when new thread created.

Current RSA  signature test takes as an input plaintext:
        asym_op->rsa.message.data =3D rsaplaintext.data;
        asym_op->rsa.message.length =3D rsaplaintext.len;

But we do not specify what input data provide should have.

Openssl implementation does

        case RTE_CRYPTO_ASYM_OP_SIGN:

               ret =3D RSA_private_encrypt(op->rsa.message.length,
But this function does not handle algorithmIdentifier
https://www.openssl.org/docs/manmaster/man3/RSA_private_encrypt.html
Which means that algorithIdentifier should be encoded together with message=
 digest,

Assuming rsaplaintext is a message digest created by SHA1.
Openssl PMD example:

Our plaintext (digest):
uint8_t input_2[] =3D { 0xf8, 0xba, 0x1a, 0x55, 0xd0, 0x2f, 0x85, 0xae,
                  0x96, 0x7b, 0xb6, 0x2f, 0xb6, 0xcd, 0xa8, 0xeb,
                  0x7e, 0x78, 0xa0, 0x50 };
Digest with DER prepended.

(RFC 8107 9.2 notes. 1)

uint8_t input[] =3D { 0x30,  0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03=
, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14,

               0xf8, 0xba, 0x1a, 0x55, 0xd0, 0x2f, 0x85, 0xae,

               0x96, 0x7b, 0xb6, 0x2f, 0xb6, 0xcd, 0xa8, 0xeb,

               0x7e, 0x78, 0xa0, 0x50 };




With these params both openssl functions below will return the same signatu=
re (PKCS_1.5 is deterministic so it will be always the same)


RSA_private_encrypt( sizeof(input), input, op->rsa.sign.data, rsa, pad);
RSA_sign(NID_sha1, input_2, sizeof(input_2), output, (unsigned int*)&op->rs=
a.sign.length, rsa );

Neither of these functions support PSS, so for openssl most probable way fo=
r PSS would be something like:

-          RSA_padding_add_PKCS1_PSS

-          RSA_private_encrypt
And digest provided or created in openssl.

So the bottom line is:

        rte_crypto_param message;

        /**<

         * Pointer to input data

         * - to be encrypted for RSA public encrypt.

         * - to be signed for RSA sign generation.
What we should say here (is it message, is it digest, is it in case pkcs1_5=
 der + digest)?

Regards,
Arek