From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9B971A04F5; Fri, 20 Dec 2019 17:05:57 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 03E6D1F1C; Fri, 20 Dec 2019 17:05:57 +0100 (CET) Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by dpdk.org (Postfix) with ESMTP id 8E2E11C01 for ; Fri, 20 Dec 2019 17:05:55 +0100 (CET) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga106.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Dec 2019 08:05:54 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,336,1571727600"; d="scan'208";a="248729088" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by fmsmga002.fm.intel.com with ESMTP; 20 Dec 2019 08:05:53 -0800 Received: from fmsmsx158.amr.corp.intel.com (10.18.116.75) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.439.0; Fri, 20 Dec 2019 08:05:53 -0800 Received: from FMSEDG002.ED.cps.intel.com (10.1.192.134) by fmsmsx158.amr.corp.intel.com (10.18.116.75) with Microsoft SMTP Server (TLS) id 14.3.439.0; Fri, 20 Dec 2019 08:05:53 -0800 Received: from NAM04-SN1-obe.outbound.protection.outlook.com (104.47.44.51) by edgegateway.intel.com (192.55.55.69) with Microsoft SMTP Server (TLS) id 14.3.439.0; Fri, 20 Dec 2019 08:05:53 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=g41O6cdUZ0YrQMEXgJ3HL28ShJ9oghXPSXms8GLgoQR6pqgIFx0Wp9rUb/PxTs4Qa8TDSD1YxEzmtXxTVDOlR7bsGCBe6m30Z2KxzTCNrZpeX4hot5IF9l+bhST+QIqAHKr2akrmkBsmRmS+ZW26kW7vtI0f4AbvRZppm7eKldPfzDDFraaWxpM8Aq68hWg1PqHLGiuIuc8dfJNavJkvFLzbnV9b5tBMDMPMX+oBJadsqfVQ6A0PyRJ7oiy/tWeUBotu2D23Ik0NrWZHbJMLnD+lk4T+iXtEuwzBVCSrKh7wmOa0nD/8kR9qTm62K2JQm66CDD0q8dk5hpiHEMo0SA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=36zhXFtt1xgL3IeqCtZFMoruFpJor0IA4+GuXjJ39DQ=; b=GEBvUd49YvkDwtmyZQSAM6VcZNyp0ZbFuo8WULcmn9uTF1SEY1h9Jv5rUAO2FH8vX8TXkLtmZCNaYYTkvTum81JBltU9dvsR34BvOSPvZEfjLrv7d5LNe1b2EEhFQ62TmSbVfyi8eWXNRH7BKAPEzKYL9SD3ndWo3dxEuBo7TNfPh/tR/fxy9K5oRa9AjNFQhMPn9DlCG0aYzPHtHwADeJkZrXX2lQogAKvKSqZmvmVy7BLrbAgyJjJAtFfQnoWgKY9FAfA3RgFEyt5Jvm2zqb1DOuMa050p8wyC7v92S6DiLiqO+iOI1hxNBD4/lJDIxqoE3YAq8D5DSs+NRu7xJg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=36zhXFtt1xgL3IeqCtZFMoruFpJor0IA4+GuXjJ39DQ=; b=UDvOzWDd82OJUDgEXQuX0D4Chfd5ygi4H7+jZQEHY+IyQFSySxsbxNf76AUyRaE+WL3GtmCp96jJLc0SfBpCcymxTxMk+4RKKALhsav3yZKiNXl+lzB3KA40FaSLdkUNNSLjMZzmlNjO40SNoSjcZMTvNOYCCkVSYdJ3VcmeIvE= Received: from BYAPR11MB3831.namprd11.prod.outlook.com (20.178.239.150) by BYAPR11MB3752.namprd11.prod.outlook.com (20.178.238.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2559.16; Fri, 20 Dec 2019 16:05:51 +0000 Received: from BYAPR11MB3831.namprd11.prod.outlook.com ([fe80::1c20:8633:26e1:e586]) by BYAPR11MB3831.namprd11.prod.outlook.com ([fe80::1c20:8633:26e1:e586%6]) with mapi id 15.20.2538.022; Fri, 20 Dec 2019 16:05:51 +0000 From: "Kusztal, ArkadiuszX" To: Anoob Joseph , Akhil Goyal , "Doherty, Declan" , "De Lara Guarch, Pablo" CC: Ayuj Verma , "Trahe, Fiona" , Jerin Jacob , Narayana Prasad , Shally Verma , Ankur Dwivedi , Sunila Sahu , "dev@dpdk.org" Thread-Topic: [PATCH 1/4] lib/crypto: add support for ECDSA Thread-Index: AQHVq2F/ClDDEhFhTkSJKuDq6QguHqfDOErw Date: Fri, 20 Dec 2019 16:05:51 +0000 Message-ID: References: <1575546206-2478-1-git-send-email-anoobj@marvell.com> <1575546206-2478-2-git-send-email-anoobj@marvell.com> In-Reply-To: <1575546206-2478-2-git-send-email-anoobj@marvell.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-reaction: no-action dlp-version: 11.2.0.6 dlp-product: dlpe-windows x-ctpclassification: CTP_NT x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZDUzNzc5YTktOWM1OS00YjA1LTg0YmItNTVmOWI0OTA0MzE2IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiSVV4ZnpaSjNqSXlCOXdSZGpoYTZGcXlsVm50T05tUlwvYVJ4N1lNSFpRaTdpd0dUS04rNmtNUWxYTzlrYkN0VTAifQ== authentication-results: spf=none (sender IP is ) smtp.mailfrom=arkadiuszx.kusztal@intel.com; x-originating-ip: [192.198.151.36] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 5256ec12-e5b2-401a-6e40-08d785667c4f x-ms-traffictypediagnostic: BYAPR11MB3752: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:5797; x-forefront-prvs: 025796F161 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(39860400002)(396003)(376002)(346002)(366004)(199004)(189003)(316002)(71200400001)(55016002)(9686003)(8676002)(54906003)(2906002)(81156014)(33656002)(81166006)(6636002)(110136005)(8936002)(4326008)(5660300002)(7696005)(966005)(6506007)(52536014)(26005)(66946007)(186003)(86362001)(76116006)(66476007)(66556008)(478600001)(66446008)(64756008); DIR:OUT; SFP:1102; SCL:1; SRVR:BYAPR11MB3752; H:BYAPR11MB3831.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 5yr8GUbxXIFvI23Ajx+RcVhSty2UmxJDvYfN7JkxaC7QXgvYWUj/tio8G+5SXRNb95S1PwbBv8P1z5ZBKf0yQH+AbRJuds8eD5ra7ZPHRcq5gS4KAH49AGRhIcLfuGLSHeYCjkO5c/ajB/5IajfMwtyFR0cyAJDbTtl5c8DGMB/2Jza6q932V3Ufo0GosiNiWqlrIilRRxh6+qjUlavHVpfyFGIfUbXfbx0FhA9sV9wNk39SWLqpCDiHwnAjNjgYhjN+rRTyUGo05xXxTu7m3J/tefo92o/9DwFT7UV1uMW00zSb3QdSxEQD9APpcBarIPd6VqYiTxj9W+4u/ICPpv4DhiSUKTLvrwjm4jcJq5E8uZQ5x+P4SY0H4nLsg9wnT2rHAIgGDnzU/b4GP6neW23oxPIePcP1z0ZHxT2QZ0AzdA2OnGNh/ai4FgbI3iSy61s8EzHb1PMXNkP8Kj5NgPaEvu6c4T3X4j6a9UFHbtE= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: 5256ec12-e5b2-401a-6e40-08d785667c4f X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Dec 2019 16:05:51.2954 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 1MmnC7BUu3dumQj81QNg7/j5ArSpxJ/cDYjh8xUqRTfcPp5k9ya7vk6l27ADu3uhfxQn/Uy0KUJ91T9e39MjuUW1Bi1wXumXoT0S9Vb26J0= X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3752 X-OriginatorOrg: intel.com Subject: Re: [dpdk-dev] [PATCH 1/4] lib/crypto: add support for ECDSA X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Hi Anoob, Few suggestions inline. > ; > [Asymmetric] > -RSA =3D > -DSA =3D > -Modular Exponentiation =3D > -Modular Inversion =3D > -Diffie-hellman =3D > \ No newline at end of file > +RSA =3D > +DSA =3D > +Modular Exponentiation =3D > +Modular Inversion =3D > +Diffie-hellman =3D > +ECDSA =3D > diff --git a/lib/librte_cryptodev/rte_crypto_asym.h > b/lib/librte_cryptodev/rte_crypto_asym.h > index 0d34ce8..dd5e6e3 100644 > --- a/lib/librte_cryptodev/rte_crypto_asym.h > +++ b/lib/librte_cryptodev/rte_crypto_asym.h > @@ -81,6 +81,10 @@ enum rte_crypto_asym_xform_type { > /**< Modular Exponentiation > * Perform Modular Exponentiation b^e mod n > */ > + RTE_CRYPTO_ASYM_XFORM_ECDSA, > + /**< Elliptic Curve Digital Signature Algorithm > + * Perform Signature Generation and Verification. > + */ > RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END > /**< End of list */ > }; > @@ -319,6 +323,46 @@ struct rte_crypto_dsa_xform { }; >=20 > /** > + * TLS named curves > + * https://www.iana.org/assignments/tls-parameters/ > + * tls-parameters.xhtml#tls-parameters-8 > + * secp192r1 =3D 19, > + * secp224r1 =3D 21, > + * secp256r1 =3D 23, > + * secp384r1 =3D 24, > + * secp521r1 =3D 25, > + */ > +enum rte_crypto_ec_group { > + RTE_CRYPTO_EC_GROUP_UNKNOWN =3D 0, > + RTE_CRYPTO_EC_GROUP_NISTP192 =3D 19, > + RTE_CRYPTO_EC_GROUP_NISTP224 =3D 21, > + RTE_CRYPTO_EC_GROUP_NISTP256 =3D 23, > + RTE_CRYPTO_EC_GROUP_NISTP384 =3D 24, > + RTE_CRYPTO_EC_GROUP_NISTP521 =3D 25, > +}; [Arek] Since in comment we use SECG naming maybe enum should follow to avoi= d confusion? > + > +/** > + * Structure for elliptic curve point > + */ > +struct rte_crypto_ec_point { > + rte_crypto_param x; > + /**< X coordinate */ > + rte_crypto_param y; > + /**< Y coordinate */ > +}; > + > +/** > + * Asymmetric elliptic curve transform data > + * > + * Structure describing all EC based xform params > + * > + */ > +struct rte_crypto_ec_xform { > + enum rte_crypto_ec_group curve_id; > + /**< Pre-defined ec groups */ > +}; > + > +/** > * Operations params for modular operations: > * exponentiation and multiplicative inverse > * > @@ -372,6 +416,11 @@ struct rte_crypto_asym_xform { >=20 > struct rte_crypto_dsa_xform dsa; > /**< DSA xform parameters */ > + > + struct rte_crypto_ec_xform ec; > + /**< EC xform parameters, used by elliptic curve based > + * operations. > + */ > }; > }; >=20 > @@ -516,6 +565,39 @@ struct rte_crypto_dsa_op_param { }; >=20 > /** > + * ECDSA operation params > + */ > +struct rte_crypto_ecdsa_op_param { > + enum rte_crypto_asym_op_type op_type; > + /**< Signature generation or verification */ > + > + rte_crypto_param pkey; > + /**< Private key of the signer for signature generation */ [Arek] - for DSA we have private key in xform, why this inconsistency? > + > + struct rte_crypto_ec_point q; > + /**< Public key of the signer for verification */ > + > + rte_crypto_param message; > + /**< Input message to be signed or verified */ [Arek] - This I expect should be message digest instead of message itself? > + > + rte_crypto_param k; > + /**< The ECDSA per-message secret number, which is an integer > + * in the interval (1, n-1) > + */ [Arek] - If pmd can generate 'k' internally we could do something like: 'if k.data =3D=3D NULL =3D> PMD will generate 'k' internally, k.data remain= s untouched.' Another option is to provide user with some callback function to generate C= SRN which could be useful for RSA PSS, OAEP as well (we already discussed t= hat internally in Intel, I will elaborate on this bit more in different thr= ead). > + > + rte_crypto_param r; > + /**< r component of elliptic curve signature > + * output : for signature generation > + * input : for signature verification > + */ > + rte_crypto_param s; > + /**< s component of elliptic curve signature > + * output : for signature generation > + * input : for signature verification > + */ [Arek] - Do we want to add any constraints like 'this field should be big e= nough to hold...' > +}; > + > +/** > * Asymmetric Cryptographic Operation. > * > * Structure describing asymmetric crypto operation params. > @@ -537,6 +619,7 @@ struct rte_crypto_asym_op { > struct rte_crypto_mod_op_param modinv; > struct rte_crypto_dh_op_param dh; > struct rte_crypto_dsa_op_param dsa; > + struct rte_crypto_ecdsa_op_param ecdsa; > }; > }; >=20 > diff --git a/lib/librte_cryptodev/rte_cryptodev.c > b/lib/librte_cryptodev/rte_cryptodev.c > index 89aa2ed..0d6babb 100644 > --- a/lib/librte_cryptodev/rte_cryptodev.c > +++ b/lib/librte_cryptodev/rte_cryptodev.c > @@ -173,6 +173,7 @@ const char *rte_crypto_asym_xform_strings[] =3D { > [RTE_CRYPTO_ASYM_XFORM_MODINV] =3D "modinv", > [RTE_CRYPTO_ASYM_XFORM_DH] =3D "dh", > [RTE_CRYPTO_ASYM_XFORM_DSA] =3D "dsa", > + [RTE_CRYPTO_ASYM_XFORM_ECDSA] =3D "ecdsa", > }; >=20 > /** > -- > 2.7.4 Regards, Arek