From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 940EAA0548; Tue, 31 May 2022 07:13:21 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 77F7942B85; Tue, 31 May 2022 07:12:51 +0200 (CEST) Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by mails.dpdk.org (Postfix) with ESMTP id 747E242B70 for ; Tue, 31 May 2022 07:12:49 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1653973969; x=1685509969; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=9iWeqxK8lPJBGNSZqCbi+yqA26tMNyFJ6nXOINLDjkA=; b=MwLXSMi7LUKowRWEEIPjZa/hdgzHr/dGKZuW6t+/e3CS98qKxaDFaBiI xXbkch5TKJ9rPJP03BrTvNSd/CXwkZb7hV6rK+6IjvHjrV9rtXq9RL4nk Gme3cQP9rDl+04b4IrOUG83YS2sv+vAZui+tOcNl2Ovjksi9+WraPc68H 7gYxxTDevSbwlb2PpCLbtTOkjecpPTQbbUM2fkGOfCzHJPNeymxWUbxdt Jk3/7xkm7qlsPkWNXyNesN5yKOKqn5dOXzR1RQqapVe3j4KdlOMdR87Ao SxGHqg0EbJ6MZCrd/iJB4rHzQuuMZXmOXQd0vMdLfFWQ3Et3mpVKWAB5B Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10363"; a="338181308" X-IronPort-AV: E=Sophos;i="5.91,264,1647327600"; d="scan'208";a="338181308" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 May 2022 22:12:49 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.91,264,1647327600"; d="scan'208";a="576220526" Received: from silpixa00399302.ir.intel.com ([10.237.214.136]) by orsmga007.jf.intel.com with ESMTP; 30 May 2022 22:12:47 -0700 From: Arek Kusztal To: dev@dpdk.org Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, Arek Kusztal Subject: [PATCH v4 07/12] cryptodev: add public key verify option Date: Tue, 31 May 2022 05:04:34 +0100 Message-Id: <20220531040439.15862-8-arkadiuszx.kusztal@intel.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20220531040439.15862-1-arkadiuszx.kusztal@intel.com> References: <20220531040439.15862-1-arkadiuszx.kusztal@intel.com> X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org - Added key exchange public key verify option. For some elliptic curves public point in DH exchange needs to be checked, if it lays on the curve. Modular exponentiation needs certain checks as well, though mathematically much easier. This commit adds verify option to asym_op operations. Signed-off-by: Arek Kusztal --- lib/cryptodev/rte_crypto_asym.h | 11 ++++++++--- lib/cryptodev/rte_cryptodev.c | 3 ++- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h index f61a2ddce8..ae3ca31a89 100644 --- a/lib/cryptodev/rte_crypto_asym.h +++ b/lib/cryptodev/rte_crypto_asym.h @@ -130,8 +130,12 @@ enum rte_crypto_asym_ke_type { /**< Private Key generation operation */ RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE, /**< Public Key generation operation */ - RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE + RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE, /**< Shared Secret compute operation */ + RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY + /**< Public Key Verification - can be used for + * elliptic curve point validation. + */ }; /** @@ -455,8 +459,9 @@ struct rte_crypto_ecdh_op_param { * Output - generated public key when ke_type is * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE. * - * Input - peer's public key when ke_type is - * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE. + * Input - peer's public key, when ke_type is one of: + * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE, + * RTE_CRYPTO_ASYM_KE_EC_PUBLIC_KEY_VERIFY. */ struct rte_crypto_ec_point shared_secret; /**< diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c index cc614b0f72..42f3221052 100644 --- a/lib/cryptodev/rte_cryptodev.c +++ b/lib/cryptodev/rte_cryptodev.c @@ -186,7 +186,8 @@ const char *rte_crypto_asym_op_strings[] = { const char *rte_crypto_asym_ke_strings[] = { [RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE] = "priv_key_generate", [RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE] = "pub_key_generate", - [RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE] = "sharedsecret_compute" + [RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE] = "sharedsecret_compute", + [RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY] = "pub_ec_key_verify" }; /** -- 2.13.6