* [dpdk-dev] [PATCH v4 01/11] cryptodev: change RSA API comments about primes
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
@ 2019-07-17 12:51 ` Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 02/11] cryptodev: add cipher field to RSA op Arek Kusztal
` (11 subsequent siblings)
12 siblings, 0 replies; 17+ messages in thread
From: Arek Kusztal @ 2019-07-17 12:51 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, fiona.trahe, shallyv, damianx.nowak, Arek Kusztal
RSA modulus cannot be prime as its security basing on integer
factorization.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
lib/librte_cryptodev/rte_crypto_asym.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/librte_cryptodev/rte_crypto_asym.h b/lib/librte_cryptodev/rte_crypto_asym.h
index 8672f21..02ec304 100644
--- a/lib/librte_cryptodev/rte_crypto_asym.h
+++ b/lib/librte_cryptodev/rte_crypto_asym.h
@@ -199,8 +199,8 @@ struct rte_crypto_rsa_priv_key_qt {
*/
struct rte_crypto_rsa_xform {
rte_crypto_param n;
- /**< n - Prime modulus
- * Prime modulus data of RSA operation in Octet-string network
+ /**< n - Modulus
+ * Modulus data of RSA operation in Octet-string network
* byte order format.
*/
@@ -409,7 +409,7 @@ struct rte_crypto_rsa_op_param {
* over-written with generated signature.
*
* Length of the signature data will be equal to the
- * RSA prime modulus length.
+ * RSA modulus length.
*/
enum rte_crypto_rsa_padding_type pad;
--
2.1.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* [dpdk-dev] [PATCH v4 02/11] cryptodev: add cipher field to RSA op
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 01/11] cryptodev: change RSA API comments about primes Arek Kusztal
@ 2019-07-17 12:51 ` Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 03/11] crypto/openssl: add cipher field to openssl RSA implementation Arek Kusztal
` (10 subsequent siblings)
12 siblings, 0 replies; 17+ messages in thread
From: Arek Kusztal @ 2019-07-17 12:51 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, fiona.trahe, shallyv, damianx.nowak, Arek Kusztal
Asymmetric nature of RSA algorithm suggest to use
additional field for output. In place operations
still can be done by setting cipher and message pointers
with the same memory address.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
lib/librte_cryptodev/rte_crypto_asym.h | 26 +++++++++++++++++++++++++-
1 file changed, 25 insertions(+), 1 deletion(-)
diff --git a/lib/librte_cryptodev/rte_crypto_asym.h b/lib/librte_cryptodev/rte_crypto_asym.h
index 02ec304..ab305a6 100644
--- a/lib/librte_cryptodev/rte_crypto_asym.h
+++ b/lib/librte_cryptodev/rte_crypto_asym.h
@@ -397,9 +397,33 @@ struct rte_crypto_rsa_op_param {
/**<
* Pointer to data
* - to be encrypted for RSA public encrypt.
- * - to be decrypted for RSA private decrypt.
* - to be signed for RSA sign generation.
* - to be authenticated for RSA sign verification.
+ *
+ * Octet-string network byte order format.
+ *
+ * This field is an input to RTE_CRYPTO_ASYM_OP_ENCRYPT
+ * operation, and output to RTE_CRYPTO_ASYM_OP_DECRYPT operation.
+ *
+ * When RTE_CRYPTO_ASYM_OP_DECRYPT op_type used underlying array
+ * should have been allocated with enough memory to hold plaintext
+ * output (bigger or equal to RSA key size).
+ */
+
+
+ rte_crypto_param cipher;
+ /**<
+ * Pointer to data
+ * - to be decrypted for RSA private decrypt.
+ *
+ * Octet-string network byte order format.
+ *
+ * This field is an input to RTE_CRYPTO_ASYM_OP_DECRYPT
+ * operation, and output to RTE_CRYPTO_ASYM_OP_ENCRYPT operation.
+ *
+ * When RTE_CRYPTO_ASYM_OP_ENCRYPT op_type used underlying array
+ * should have been allocated with enough memory to hold cipher
+ * output (bigger or equal to RSA key size).
*/
rte_crypto_param sign;
--
2.1.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* [dpdk-dev] [PATCH v4 03/11] crypto/openssl: add cipher field to openssl RSA implementation
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 01/11] cryptodev: change RSA API comments about primes Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 02/11] cryptodev: add cipher field to RSA op Arek Kusztal
@ 2019-07-17 12:51 ` Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 04/11] test: add cipher field to RSA test Arek Kusztal
` (9 subsequent siblings)
12 siblings, 0 replies; 17+ messages in thread
From: Arek Kusztal @ 2019-07-17 12:51 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, fiona.trahe, shallyv, damianx.nowak, Arek Kusztal
This commit adds cipher field to openssl pmd to comfort to
API change.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 7c8bf0d..71ae320 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1867,19 +1867,19 @@ process_openssl_rsa_op(struct rte_crypto_op *cop,
case RTE_CRYPTO_ASYM_OP_ENCRYPT:
ret = RSA_public_encrypt(op->rsa.message.length,
op->rsa.message.data,
- op->rsa.message.data,
+ op->rsa.cipher.data,
rsa,
pad);
if (ret > 0)
- op->rsa.message.length = ret;
+ op->rsa.cipher.length = ret;
OPENSSL_LOG(DEBUG,
"length of encrypted text %d\n", ret);
break;
case RTE_CRYPTO_ASYM_OP_DECRYPT:
- ret = RSA_private_decrypt(op->rsa.message.length,
- op->rsa.message.data,
+ ret = RSA_private_decrypt(op->rsa.cipher.length,
+ op->rsa.cipher.data,
op->rsa.message.data,
rsa,
pad);
--
2.1.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* [dpdk-dev] [PATCH v4 04/11] test: add cipher field to RSA test
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
` (2 preceding siblings ...)
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 03/11] crypto/openssl: add cipher field to openssl RSA implementation Arek Kusztal
@ 2019-07-17 12:51 ` Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 05/11] cryptodev: add information about message format when signing with RSA Arek Kusztal
` (8 subsequent siblings)
12 siblings, 0 replies; 17+ messages in thread
From: Arek Kusztal @ 2019-07-17 12:51 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, fiona.trahe, shallyv, damianx.nowak, Arek Kusztal
This patch adds cipher field to RSA test cases
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
app/test/test_cryptodev_asym.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 4dee164..8391545 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -164,6 +164,7 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_op *op, *result_op;
struct rte_crypto_asym_op *asym_op;
+ uint8_t cipher_buf[TEST_DATA_SIZE] = {0};
int ret, status = TEST_SUCCESS;
/* Set up crypto op data structure */
@@ -180,6 +181,8 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
asym_op->rsa.message.data = rsaplaintext.data;
+ asym_op->rsa.cipher.data = cipher_buf;
+ asym_op->rsa.cipher.length = 0;
asym_op->rsa.message.length = rsaplaintext.len;
asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;
--
2.1.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* [dpdk-dev] [PATCH v4 05/11] cryptodev: add information about message format when signing with RSA
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
` (3 preceding siblings ...)
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 04/11] test: add cipher field to RSA test Arek Kusztal
@ 2019-07-17 12:51 ` Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 06/11] cryptodev: remove RSA PKCS1 BT0 padding Arek Kusztal
` (7 subsequent siblings)
12 siblings, 0 replies; 17+ messages in thread
From: Arek Kusztal @ 2019-07-17 12:51 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, fiona.trahe, shallyv, damianx.nowak, Arek Kusztal
This patch adds information about format of the message should have
before sending it to the signing operation when using RSA algorithm.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
lib/librte_cryptodev/rte_crypto_asym.h | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/lib/librte_cryptodev/rte_crypto_asym.h b/lib/librte_cryptodev/rte_crypto_asym.h
index ab305a6..4a86610 100644
--- a/lib/librte_cryptodev/rte_crypto_asym.h
+++ b/lib/librte_cryptodev/rte_crypto_asym.h
@@ -408,9 +408,17 @@ struct rte_crypto_rsa_op_param {
* When RTE_CRYPTO_ASYM_OP_DECRYPT op_type used underlying array
* should have been allocated with enough memory to hold plaintext
* output (bigger or equal to RSA key size).
+ *
+ * When RTE_CRYPTO_ASYM_OP_SIGN op_type used and following padding
+ * type:
+ * - padding PKCS1_5:
+ * data provided should contain `algorithmIdentifier` in DER encoded
+ * format concatenated with message digest (as per spec rfc8017 9.2)
+ * - padding PSS
+ * data provided should contain message digest of the message
+ * to be signed
*/
-
rte_crypto_param cipher;
/**<
* Pointer to data
--
2.1.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* [dpdk-dev] [PATCH v4 06/11] cryptodev: remove RSA PKCS1 BT0 padding
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
` (4 preceding siblings ...)
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 05/11] cryptodev: add information about message format when signing with RSA Arek Kusztal
@ 2019-07-17 12:51 ` Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 07/11] openssl: remove RSA PKCS1_5 " Arek Kusztal
` (6 subsequent siblings)
12 siblings, 0 replies; 17+ messages in thread
From: Arek Kusztal @ 2019-07-17 12:51 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, fiona.trahe, shallyv, damianx.nowak, Arek Kusztal
BT0 block type padding after rfc2313 has been discontinued.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
lib/librte_cryptodev/rte_crypto_asym.h | 14 +++-----------
1 file changed, 3 insertions(+), 11 deletions(-)
diff --git a/lib/librte_cryptodev/rte_crypto_asym.h b/lib/librte_cryptodev/rte_crypto_asym.h
index 4a86610..5e05de5 100644
--- a/lib/librte_cryptodev/rte_crypto_asym.h
+++ b/lib/librte_cryptodev/rte_crypto_asym.h
@@ -112,17 +112,9 @@ enum rte_crypto_asym_op_type {
enum rte_crypto_rsa_padding_type {
RTE_CRYPTO_RSA_PADDING_NONE = 0,
/**< RSA no padding scheme */
- RTE_CRYPTO_RSA_PKCS1_V1_5_BT0,
- /**< RSA PKCS#1 V1.5 Block Type 0 padding scheme
- * as described in rfc2313
- */
- RTE_CRYPTO_RSA_PKCS1_V1_5_BT1,
- /**< RSA PKCS#1 V1.5 Block Type 01 padding scheme
- * as described in rfc2313
- */
- RTE_CRYPTO_RSA_PKCS1_V1_5_BT2,
- /**< RSA PKCS#1 V1.5 Block Type 02 padding scheme
- * as described in rfc2313
+ RTE_CRYPTO_RSA_PADDING_PKCS1_5,
+ /**< RSA PKCS#1 PKCS1-v1_5 padding scheme. For signatures block type 01,
+ * for encryption block type 02 are used.
*/
RTE_CRYPTO_RSA_PADDING_OAEP,
/**< RSA PKCS#1 OAEP padding scheme */
--
2.1.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* [dpdk-dev] [PATCH v4 07/11] openssl: remove RSA PKCS1_5 BT0 padding
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
` (5 preceding siblings ...)
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 06/11] cryptodev: remove RSA PKCS1 BT0 padding Arek Kusztal
@ 2019-07-17 12:51 ` Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 08/11] test: remove RSA PKCS1_5 BT0 padding from test cases Arek Kusztal
` (5 subsequent siblings)
12 siblings, 0 replies; 17+ messages in thread
From: Arek Kusztal @ 2019-07-17 12:51 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, fiona.trahe, shallyv, damianx.nowak, Arek Kusztal
This patch removes RSA PKCS1_5 BT0 padding from openssl PMD.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 71ae320..2f55528 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1848,9 +1848,7 @@ process_openssl_rsa_op(struct rte_crypto_op *cop,
cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
switch (pad) {
- case RTE_CRYPTO_RSA_PKCS1_V1_5_BT0:
- case RTE_CRYPTO_RSA_PKCS1_V1_5_BT1:
- case RTE_CRYPTO_RSA_PKCS1_V1_5_BT2:
+ case RTE_CRYPTO_RSA_PADDING_PKCS1_5:
pad = RSA_PKCS1_PADDING;
break;
case RTE_CRYPTO_RSA_PADDING_NONE:
--
2.1.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* [dpdk-dev] [PATCH v4 08/11] test: remove RSA PKCS1_5 BT0 padding from test cases
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
` (6 preceding siblings ...)
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 07/11] openssl: remove RSA PKCS1_5 " Arek Kusztal
@ 2019-07-17 12:51 ` Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 09/11] cryptodev: add RSA padding none description Arek Kusztal
` (4 subsequent siblings)
12 siblings, 0 replies; 17+ messages in thread
From: Arek Kusztal @ 2019-07-17 12:51 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, fiona.trahe, shallyv, damianx.nowak, Arek Kusztal
This patch removes RSA PKCS1_5 BT0 padding from test cases
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
app/test/test_cryptodev_asym.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 8391545..0e1277b 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -93,7 +93,7 @@ queue_ops_rsa_sign_verify(struct rte_cryptodev_asym_session *sess)
asym_op->rsa.message.data = rsaplaintext.data;
asym_op->rsa.message.length = rsaplaintext.len;
asym_op->rsa.sign.data = output_buf;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1;
+ asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
@@ -125,7 +125,7 @@ queue_ops_rsa_sign_verify(struct rte_cryptodev_asym_session *sess)
/* Verify sign */
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT1;
+ asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -184,7 +184,7 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
asym_op->rsa.cipher.data = cipher_buf;
asym_op->rsa.cipher.length = 0;
asym_op->rsa.message.length = rsaplaintext.len;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;
+ asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
@@ -215,7 +215,7 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
/* Use the resulted output as decryption Input vector*/
asym_op = result_op->asym;
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PKCS1_V1_5_BT2;
+ asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
--
2.1.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* [dpdk-dev] [PATCH v4 09/11] cryptodev: add RSA padding none description
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
` (7 preceding siblings ...)
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 08/11] test: remove RSA PKCS1_5 BT0 padding from test cases Arek Kusztal
@ 2019-07-17 12:51 ` Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 10/11] test: add pkcs1_5 padding simulation Arek Kusztal
` (3 subsequent siblings)
12 siblings, 0 replies; 17+ messages in thread
From: Arek Kusztal @ 2019-07-17 12:51 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, fiona.trahe, shallyv, damianx.nowak, Arek Kusztal
This patch adds RSA padding none description.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
lib/librte_cryptodev/rte_crypto_asym.h | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/lib/librte_cryptodev/rte_crypto_asym.h b/lib/librte_cryptodev/rte_crypto_asym.h
index 5e05de5..a021c5b 100644
--- a/lib/librte_cryptodev/rte_crypto_asym.h
+++ b/lib/librte_cryptodev/rte_crypto_asym.h
@@ -90,7 +90,10 @@ enum rte_crypto_asym_xform_type {
*/
enum rte_crypto_asym_op_type {
RTE_CRYPTO_ASYM_OP_ENCRYPT,
- /**< Asymmetric Encrypt operation */
+ /**< RSA no padding scheme.
+ * In this case user is responsible for provision and verification
+ * of padding.
+ */
RTE_CRYPTO_ASYM_OP_DECRYPT,
/**< Asymmetric Decrypt operation */
RTE_CRYPTO_ASYM_OP_SIGN,
@@ -409,6 +412,11 @@ struct rte_crypto_rsa_op_param {
* - padding PSS
* data provided should contain message digest of the message
* to be signed
+ *
+ * When padding field is set to RTE_CRYPTO_RSA_PADDING_NONE
+ * and RTE_CRYPTO_ASYM_OP_DECRYPT op_type used returned data size
+ * will be equal to the size of RSA key in bytes. All leading
+ * zeroes will be preserved.
*/
rte_crypto_param cipher;
--
2.1.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* [dpdk-dev] [PATCH v4 10/11] test: add pkcs1_5 padding simulation
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
` (8 preceding siblings ...)
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 09/11] cryptodev: add RSA padding none description Arek Kusztal
@ 2019-07-17 12:51 ` Arek Kusztal
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 11/11] test: add RSA PKCS1_5 padding case when no padding selected Arek Kusztal
` (2 subsequent siblings)
12 siblings, 0 replies; 17+ messages in thread
From: Arek Kusztal @ 2019-07-17 12:51 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, fiona.trahe, shallyv, damianx.nowak, Arek Kusztal
This patch adds function to simulate pkcs1_5 padding, it serves nothing
else than example. It provides no security and should not be used in
security context.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
app/test/test_cryptodev_asym_util.h | 54 +++++++++++++++++++++++++++++++++++++
1 file changed, 54 insertions(+)
diff --git a/app/test/test_cryptodev_asym_util.h b/app/test/test_cryptodev_asym_util.h
index b3d9fb4..f984166 100644
--- a/app/test/test_cryptodev_asym_util.h
+++ b/app/test/test_cryptodev_asym_util.h
@@ -1,10 +1,64 @@
/* SPDX-License-Identifier: BSD-3-Clause
* Copyright(c) 2018 Cavium Networks
+ * Copyright (c) 2019 Intel Corporation
*/
#ifndef TEST_CRYPTODEV_ASYM_TEST_UTIL_H__
#define TEST_CRYPTODEV_ASYM_TEST_UTIL_H__
+/*
+ * Two functions below simulate pkcs 1.5 padding and serves only as an example,
+ * both offer no security.
+ */
+static inline int rsa_simulate_pkcs1_5_padding(int op, uint8_t *p,
+ int key_size, const uint8_t *src, int len) {
+
+ int ps_len;
+
+ if (len > key_size - 11)
+ return -1;
+ ps_len = key_size - len - 3;
+
+ *(p++) = 0;
+ *(p++) = op ? 1 : 2;
+ if (op) {
+ while (ps_len--)
+ *(p++) = 0xFF;
+ } else {
+ while (ps_len--) {
+ *p = (uint8_t)rand();
+ *p ^= !(*p);
+ p++;
+ }
+ }
+
+ *(p++) = 0;
+ memcpy(p, src, len);
+
+ return 0;
+}
+
+static inline int rsa_simulate_strip_pkcs1_5_padding(uint8_t *src,
+ int key_size) {
+ uint8_t tmp[key_size], *orig_src = src;
+ int i = 1;
+ ++src;
+ while (*(src) && i < key_size) {
+ ++i;
+ ++src;
+ }
+ if (i == key_size)
+ return -1;
+
+ ++i;
+ ++src;
+
+ memcpy(tmp, src, key_size - i);
+ memcpy(orig_src, tmp, key_size - i);
+ return key_size - i;
+}
+
+
/* Below Apis compare resulted buffer to original test vector */
static inline int rsa_verify(struct rsa_test_data *rsa_param,
--
2.1.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* [dpdk-dev] [PATCH v4 11/11] test: add RSA PKCS1_5 padding case when no padding selected
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
` (9 preceding siblings ...)
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 10/11] test: add pkcs1_5 padding simulation Arek Kusztal
@ 2019-07-17 12:51 ` Arek Kusztal
2019-07-17 16:00 ` [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Trahe, Fiona
2019-07-18 8:57 ` Nowak, DamianX
12 siblings, 0 replies; 17+ messages in thread
From: Arek Kusztal @ 2019-07-17 12:51 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, fiona.trahe, shallyv, damianx.nowak, Arek Kusztal
This patch adds an example how to use padding none option with RSA.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
app/test/test_cryptodev_asym.c | 46 +++++++++++++++++++++++++++++++++---------
1 file changed, 37 insertions(+), 9 deletions(-)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 0e1277b..fa5ddab 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -157,13 +157,15 @@ queue_ops_rsa_sign_verify(struct rte_cryptodev_asym_session *sess)
}
static int
-queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
+queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess,
+ enum rte_crypto_rsa_padding_type padding)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *op_mpool = ts_params->op_mpool;
uint8_t dev_id = ts_params->valid_devs[0];
struct rte_crypto_op *op, *result_op;
struct rte_crypto_asym_op *asym_op;
+ uint8_t input_buf[TEST_DATA_SIZE] = {0};
uint8_t cipher_buf[TEST_DATA_SIZE] = {0};
int ret, status = TEST_SUCCESS;
@@ -180,11 +182,19 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
/* Compute encryption on the test vector */
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_ENCRYPT;
- asym_op->rsa.message.data = rsaplaintext.data;
asym_op->rsa.cipher.data = cipher_buf;
asym_op->rsa.cipher.length = 0;
- asym_op->rsa.message.length = rsaplaintext.len;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
+ asym_op->rsa.pad = padding;
+
+ if (padding == RTE_CRYPTO_RSA_PADDING_NONE) {
+ rsa_simulate_pkcs1_5_padding(0, input_buf, rsa_xform.rsa.n.length,
+ rsaplaintext.data, rsaplaintext.len);
+ asym_op->rsa.message.length = rsa_xform.rsa.n.length;
+ asym_op->rsa.message.data = input_buf;
+ } else if (padding == RTE_CRYPTO_RSA_PADDING_PKCS1_5) {
+ asym_op->rsa.message.data = rsaplaintext.data;
+ asym_op->rsa.message.length = rsaplaintext.len;
+ }
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
@@ -215,7 +225,7 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
/* Use the resulted output as decryption Input vector*/
asym_op = result_op->asym;
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
+ asym_op->rsa.pad = padding;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -233,6 +243,13 @@ queue_ops_rsa_enc_dec(struct rte_cryptodev_asym_session *sess)
goto error_exit;
}
status = TEST_SUCCESS;
+
+ if (padding == RTE_CRYPTO_RSA_PADDING_NONE) {
+ result_op->asym->rsa.message.length =
+ rsa_simulate_strip_pkcs1_5_padding(result_op->asym->rsa.message.data,
+ rsa_xform.rsa.n.length);
+ }
+
ret = rsa_verify(&rsaplaintext, result_op);
if (ret)
status = TEST_FAILED;
@@ -562,7 +579,7 @@ test_rsa_sign_verify(void)
}
static int
-test_rsa_enc_dec(void)
+test_rsa_enc_dec(enum rte_crypto_rsa_padding_type padding)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct rte_mempool *sess_mpool = ts_params->session_mpool;
@@ -597,7 +614,7 @@ test_rsa_enc_dec(void)
goto error_exit;
}
- status = queue_ops_rsa_enc_dec(sess);
+ status = queue_ops_rsa_enc_dec(sess, padding);
error_exit:
@@ -610,6 +627,16 @@ test_rsa_enc_dec(void)
}
static int
+test_rsa_enc_dec_padding_none(void) {
+ return test_rsa_enc_dec(RTE_CRYPTO_RSA_PADDING_NONE);
+}
+
+static int
+test_rsa_enc_dec_padding_pkcs_1(void) {
+ return test_rsa_enc_dec(RTE_CRYPTO_RSA_PADDING_PKCS1_5);
+}
+
+static int
test_rsa_sign_verify_crt(void)
{
struct crypto_testsuite_params *ts_params = &testsuite_params;
@@ -692,7 +719,7 @@ test_rsa_enc_dec_crt(void)
status = TEST_FAILED;
goto error_exit;
}
- status = queue_ops_rsa_enc_dec(sess);
+ status = queue_ops_rsa_enc_dec(sess, RTE_CRYPTO_RSA_PADDING_PKCS1_5);
error_exit:
@@ -1767,7 +1794,8 @@ static struct unit_test_suite cryptodev_openssl_asym_testsuite = {
TEST_CASE_ST(ut_setup, ut_teardown, test_capability),
TEST_CASE_ST(ut_setup, ut_teardown, test_dsa),
TEST_CASE_ST(ut_setup, ut_teardown, test_dh_keygenration),
- TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec),
+ TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_padding_none),
+ TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_padding_pkcs_1),
TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_sign_verify),
TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_enc_dec_crt),
TEST_CASE_ST(ut_setup, ut_teardown, test_rsa_sign_verify_crt),
--
2.1.0
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
` (10 preceding siblings ...)
2019-07-17 12:51 ` [dpdk-dev] [PATCH v4 11/11] test: add RSA PKCS1_5 padding case when no padding selected Arek Kusztal
@ 2019-07-17 16:00 ` Trahe, Fiona
2019-07-18 8:57 ` Nowak, DamianX
12 siblings, 0 replies; 17+ messages in thread
From: Trahe, Fiona @ 2019-07-17 16:00 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev
Cc: akhil.goyal, shallyv, Nowak, DamianX, Trahe, Fiona
> -----Original Message-----
> From: Kusztal, ArkadiuszX
> Sent: Wednesday, July 17, 2019 1:51 PM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Trahe, Fiona <fiona.trahe@intel.com>; shallyv@marvell.com; Nowak,
> DamianX <damianx.nowak@intel.com>; Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto
>
> Split into smaller commits, in order from least disputable ones.
> Open things beside this:
> 1. Creating padding struct
> 2. Padding parameters (seedlen, optional label etc)
> 3. Leading zeroes questions.
> 4. Random number requirements.
> 5. Capabilities.
> 6. Verify signature field when none padding.
>
> v4:
> - change API comments from length -> array allocation
> to avoid ambiguity
>
> v3:
> - split into smaller patches
> - removed padding struct changes
> - rebased against patches from CRT patches from Ayuj Verma
>
> v2:
> - Field for singature verification when padding none selected was added
> - Removed details from RFC
> - Simplified padding struct
> - Added padding none test case
>
> This patchset depends on following patches:
> [1]
> test/crypto: move rsa enqueue/dequeue into separate functions
> (http://patchwork.dpdk.org/patch/56342/)
> [2]
> test/crypto: add tests for RSA key type CRT
> (http://patchwork.dpdk.org/patch/56343/)
>
> Arek Kusztal (11):
> cryptodev: change RSA API comments about primes
> cryptodev: add cipher field to RSA op
> crypto/openssl: add cipher field to openssl RSA implementation
> test: add cipher field to RSA test
> cryptodev: add information about message format when signing with RSA
> cryptodev: remove RSA PKCS1 BT0 padding
> openssl: remove RSA PKCS1_5 BT0 padding
> test: remove RSA PKCS1_5 BT0 padding from test cases
> cryptodev: add RSA padding none description
> test: add pkcs1_5 padding simulation
> test: add RSA PKCS1_5 padding case when no padding selected
>
> app/test/test_cryptodev_asym.c | 53 ++++++++++++++++++++------
> app/test/test_cryptodev_asym_util.h | 54 +++++++++++++++++++++++++++
> drivers/crypto/openssl/rte_openssl_pmd.c | 12 +++---
> lib/librte_cryptodev/rte_crypto_asym.h | 64 ++++++++++++++++++++++++--------
> 4 files changed, 149 insertions(+), 34 deletions(-)
>
> --
> 2.1.0
Series-acked-by: Fiona Trahe <fiona.trahe@intel.com>
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto
2019-07-17 12:51 [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Arek Kusztal
` (11 preceding siblings ...)
2019-07-17 16:00 ` [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto Trahe, Fiona
@ 2019-07-18 8:57 ` Nowak, DamianX
2019-07-18 10:52 ` Shally Verma
12 siblings, 1 reply; 17+ messages in thread
From: Nowak, DamianX @ 2019-07-18 8:57 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev; +Cc: akhil.goyal, Trahe, Fiona, shallyv
> -----Original Message-----
> From: Kusztal, ArkadiuszX
> Sent: Wednesday, July 17, 2019 14:51
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Trahe, Fiona <fiona.trahe@intel.com>;
> shallyv@marvell.com; Nowak, DamianX <damianx.nowak@intel.com>;
> Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric
> crypto
>
> Split into smaller commits, in order from least disputable ones.
> Open things beside this:
> 1. Creating padding struct
> 2. Padding parameters (seedlen, optional label etc) 3. Leading zeroes
> questions.
> 4. Random number requirements.
> 5. Capabilities.
> 6. Verify signature field when none padding.
>
> v4:
> - change API comments from length -> array allocation to avoid ambiguity
>
> v3:
> - split into smaller patches
> - removed padding struct changes
> - rebased against patches from CRT patches from Ayuj Verma
>
> v2:
> - Field for singature verification when padding none selected was added
> - Removed details from RFC
> - Simplified padding struct
> - Added padding none test case
>
> This patchset depends on following patches:
> [1]
> test/crypto: move rsa enqueue/dequeue into separate functions
> (http://patchwork.dpdk.org/patch/56342/)
> [2]
> test/crypto: add tests for RSA key type CRT
> (http://patchwork.dpdk.org/patch/56343/)
>
> Arek Kusztal (11):
> cryptodev: change RSA API comments about primes
> cryptodev: add cipher field to RSA op
> crypto/openssl: add cipher field to openssl RSA implementation
> test: add cipher field to RSA test
> cryptodev: add information about message format when signing with RSA
> cryptodev: remove RSA PKCS1 BT0 padding
> openssl: remove RSA PKCS1_5 BT0 padding
> test: remove RSA PKCS1_5 BT0 padding from test cases
> cryptodev: add RSA padding none description
> test: add pkcs1_5 padding simulation
> test: add RSA PKCS1_5 padding case when no padding selected
>
> app/test/test_cryptodev_asym.c | 53 ++++++++++++++++++++------
> app/test/test_cryptodev_asym_util.h | 54
> +++++++++++++++++++++++++++
> drivers/crypto/openssl/rte_openssl_pmd.c | 12 +++---
> lib/librte_cryptodev/rte_crypto_asym.h | 64
> ++++++++++++++++++++++++--------
> 4 files changed, 149 insertions(+), 34 deletions(-)
>
> --
> 2.1.0
Series-acked-by: Damian Nowak <damianx.nowak@intel.com>
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto
2019-07-18 8:57 ` Nowak, DamianX
@ 2019-07-18 10:52 ` Shally Verma
2019-07-18 13:09 ` Kusztal, ArkadiuszX
0 siblings, 1 reply; 17+ messages in thread
From: Shally Verma @ 2019-07-18 10:52 UTC (permalink / raw)
To: Nowak, DamianX, Kusztal, ArkadiuszX, dev; +Cc: akhil.goyal, Trahe, Fiona
> -----Original Message-----
> From: Nowak, DamianX <damianx.nowak@intel.com>
> Sent: Thursday, July 18, 2019 2:28 PM
> To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Trahe, Fiona <fiona.trahe@intel.com>; Shally
> Verma <shallyv@marvell.com>
> Subject: [EXT] RE: [PATCH v4 00/11] Rework API for RSA algorithm in
> asymmetric crypto
>
> External Email
>
> ----------------------------------------------------------------------
> > -----Original Message-----
> > From: Kusztal, ArkadiuszX
> > Sent: Wednesday, July 17, 2019 14:51
> > To: dev@dpdk.org
> > Cc: akhil.goyal@nxp.com; Trahe, Fiona <fiona.trahe@intel.com>;
> > shallyv@marvell.com; Nowak, DamianX <damianx.nowak@intel.com>;
> > Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> > Subject: [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric
> > crypto
> >
> > Split into smaller commits, in order from least disputable ones.
> > Open things beside this:
> > 1. Creating padding struct
> > 2. Padding parameters (seedlen, optional label etc) 3. Leading zeroes
> > questions.
> > 4. Random number requirements.
> > 5. Capabilities.
> > 6. Verify signature field when none padding.
> >
> > v4:
> > - change API comments from length -> array allocation to avoid
> > ambiguity
> >
> > v3:
> > - split into smaller patches
> > - removed padding struct changes
> > - rebased against patches from CRT patches from Ayuj Verma
> >
> > v2:
> > - Field for singature verification when padding none selected was
> > added
> > - Removed details from RFC
> > - Simplified padding struct
> > - Added padding none test case
> >
> > This patchset depends on following patches:
> > [1]
> > test/crypto: move rsa enqueue/dequeue into separate functions
> > (http://patchwork.dpdk.org/patch/56342/)
> > [2]
> > test/crypto: add tests for RSA key type CRT
> > (http://patchwork.dpdk.org/patch/56343/)
> >
> > Arek Kusztal (11):
> > cryptodev: change RSA API comments about primes
> > cryptodev: add cipher field to RSA op
> > crypto/openssl: add cipher field to openssl RSA implementation
> > test: add cipher field to RSA test
> > cryptodev: add information about message format when signing with RSA
> > cryptodev: remove RSA PKCS1 BT0 padding
> > openssl: remove RSA PKCS1_5 BT0 padding
> > test: remove RSA PKCS1_5 BT0 padding from test cases
> > cryptodev: add RSA padding none description
> > test: add pkcs1_5 padding simulation
> > test: add RSA PKCS1_5 padding case when no padding selected
> >
> > app/test/test_cryptodev_asym.c | 53 ++++++++++++++++++++------
> > app/test/test_cryptodev_asym_util.h | 54
> > +++++++++++++++++++++++++++
> > drivers/crypto/openssl/rte_openssl_pmd.c | 12 +++---
> > lib/librte_cryptodev/rte_crypto_asym.h | 64
> > ++++++++++++++++++++++++--------
> > 4 files changed, 149 insertions(+), 34 deletions(-)
> >
> > --
> > 2.1.0
>
> Series-acked-by: Damian Nowak <damianx.nowak@intel.com>
I had ack'd some. But others which are Nack'd , we need more time for them.
So, from my end, which are Ack'd good to go but other need to wait.
Thanks
Shally
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto
2019-07-18 10:52 ` Shally Verma
@ 2019-07-18 13:09 ` Kusztal, ArkadiuszX
2019-07-18 13:18 ` Shally Verma
0 siblings, 1 reply; 17+ messages in thread
From: Kusztal, ArkadiuszX @ 2019-07-18 13:09 UTC (permalink / raw)
To: Shally Verma, Nowak, DamianX, dev; +Cc: akhil.goyal, Trahe, Fiona
> > >
> > > Split into smaller commits, in order from least disputable ones.
> > > Open things beside this:
> > > 1. Creating padding struct
> > > 2. Padding parameters (seedlen, optional label etc) 3. Leading
> > > zeroes questions.
> > > 4. Random number requirements.
> > > 5. Capabilities.
> > > 6. Verify signature field when none padding.
> > >
> > > v4:
> > > - change API comments from length -> array allocation to avoid
> > > ambiguity
> > >
> > > v3:
> > > - split into smaller patches
> > > - removed padding struct changes
> > > - rebased against patches from CRT patches from Ayuj Verma
> > >
> > > v2:
> > > - Field for singature verification when padding none selected was
> > > added
> > > - Removed details from RFC
> > > - Simplified padding struct
> > > - Added padding none test case
> > >
> > > This patchset depends on following patches:
> > > [1]
> > > test/crypto: move rsa enqueue/dequeue into separate functions
> > > (http://patchwork.dpdk.org/patch/56342/)
> > > [2]
> > > test/crypto: add tests for RSA key type CRT
> > > (http://patchwork.dpdk.org/patch/56343/)
> > >
> > > Arek Kusztal (11):
> > > cryptodev: change RSA API comments about primes
> > > cryptodev: add cipher field to RSA op
> > > crypto/openssl: add cipher field to openssl RSA implementation
> > > test: add cipher field to RSA test
> > > cryptodev: add information about message format when signing with
> RSA
> > > cryptodev: remove RSA PKCS1 BT0 padding
> > > openssl: remove RSA PKCS1_5 BT0 padding
> > > test: remove RSA PKCS1_5 BT0 padding from test cases
> > > cryptodev: add RSA padding none description
> > > test: add pkcs1_5 padding simulation
> > > test: add RSA PKCS1_5 padding case when no padding selected
> > >
> > > app/test/test_cryptodev_asym.c | 53 ++++++++++++++++++++------
> > > app/test/test_cryptodev_asym_util.h | 54
> > > +++++++++++++++++++++++++++
> > > drivers/crypto/openssl/rte_openssl_pmd.c | 12 +++---
> > > lib/librte_cryptodev/rte_crypto_asym.h | 64
> > > ++++++++++++++++++++++++--------
> > > 4 files changed, 149 insertions(+), 34 deletions(-)
> > >
> > > --
> > > 2.1.0
> >
> > Series-acked-by: Damian Nowak <damianx.nowak@intel.com>
> I had ack'd some. But others which are Nack'd , we need more time for them.
> So, from my end, which are Ack'd good to go but other need to wait.
As I generally agree that we need far more time to get all things done, I would like to know what is current situation:
We should apply
1) Cipher field
2) Remove BT0
We should still discuss (possibly 19.11)
1) Signature input format
2) None padding
Is this correct?
>
> Thanks
> Shally
^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [dpdk-dev] [PATCH v4 00/11] Rework API for RSA algorithm in asymmetric crypto
2019-07-18 13:09 ` Kusztal, ArkadiuszX
@ 2019-07-18 13:18 ` Shally Verma
0 siblings, 0 replies; 17+ messages in thread
From: Shally Verma @ 2019-07-18 13:18 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, Nowak, DamianX, dev; +Cc: akhil.goyal, Trahe, Fiona
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Thursday, July 18, 2019 6:39 PM
> To: Shally Verma <shallyv@marvell.com>; Nowak, DamianX
> <damianx.nowak@intel.com>; dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Trahe, Fiona <fiona.trahe@intel.com>
> Subject: [EXT] RE: [PATCH v4 00/11] Rework API for RSA algorithm in
> asymmetric crypto
>
> External Email
>
> ----------------------------------------------------------------------
> > > >
> > > > Split into smaller commits, in order from least disputable ones.
> > > > Open things beside this:
> > > > 1. Creating padding struct
> > > > 2. Padding parameters (seedlen, optional label etc) 3. Leading
> > > > zeroes questions.
> > > > 4. Random number requirements.
> > > > 5. Capabilities.
> > > > 6. Verify signature field when none padding.
> > > >
> > > > v4:
> > > > - change API comments from length -> array allocation to avoid
> > > > ambiguity
> > > >
> > > > v3:
> > > > - split into smaller patches
> > > > - removed padding struct changes
> > > > - rebased against patches from CRT patches from Ayuj Verma
> > > >
> > > > v2:
> > > > - Field for singature verification when padding none selected was
> > > > added
> > > > - Removed details from RFC
> > > > - Simplified padding struct
> > > > - Added padding none test case
> > > >
> > > > This patchset depends on following patches:
> > > > [1]
> > > > test/crypto: move rsa enqueue/dequeue into separate functions
> > > > (http://patchwork.dpdk.org/patch/56342/)
> > > > [2]
> > > > test/crypto: add tests for RSA key type CRT
> > > > (http://patchwork.dpdk.org/patch/56343/)
> > > >
> > > > Arek Kusztal (11):
> > > > cryptodev: change RSA API comments about primes
> > > > cryptodev: add cipher field to RSA op
> > > > crypto/openssl: add cipher field to openssl RSA implementation
> > > > test: add cipher field to RSA test
> > > > cryptodev: add information about message format when signing
> > > > with
> > RSA
> > > > cryptodev: remove RSA PKCS1 BT0 padding
> > > > openssl: remove RSA PKCS1_5 BT0 padding
> > > > test: remove RSA PKCS1_5 BT0 padding from test cases
> > > > cryptodev: add RSA padding none description
> > > > test: add pkcs1_5 padding simulation
> > > > test: add RSA PKCS1_5 padding case when no padding selected
> > > >
> > > > app/test/test_cryptodev_asym.c | 53 ++++++++++++++++++++--
> ----
> > > > app/test/test_cryptodev_asym_util.h | 54
> > > > +++++++++++++++++++++++++++
> > > > drivers/crypto/openssl/rte_openssl_pmd.c | 12 +++---
> > > > lib/librte_cryptodev/rte_crypto_asym.h | 64
> > > > ++++++++++++++++++++++++--------
> > > > 4 files changed, 149 insertions(+), 34 deletions(-)
> > > >
> > > > --
> > > > 2.1.0
> > >
> > > Series-acked-by: Damian Nowak <damianx.nowak@intel.com>
> > I had ack'd some. But others which are Nack'd , we need more time for
> them.
> > So, from my end, which are Ack'd good to go but other need to wait.
>
> As I generally agree that we need far more time to get all things done, I
> would like to know what is current situation:
>
> We should apply
> 1) Cipher field
I assume I acked it with some improvement requirement on description. Let me know if I did not.
> 2) Remove BT0
>
> We should still discuss (possibly 19.11)
> 1) Signature input format
> 2) None padding
>
[Shally] Yes but sorry I don't recall if it covers all patches I Nack'd . I , specifically, Acked some ,which are good to go.
> Is this correct?
>
>
>
> >
> > Thanks
> > Shally
^ permalink raw reply [flat|nested] 17+ messages in thread