DPDK patches and discussions
 help / color / mirror / Atom feed
* [RFC PATCH] cryptodev: add sm2 key exchange and encryption for HW
@ 2023-12-28 16:19 Arkadiusz Kusztal
  2024-01-04 13:37 ` [EXT] " Gowrishankar Muthukrishnan
  0 siblings, 1 reply; 3+ messages in thread
From: Arkadiusz Kusztal @ 2023-12-28 16:19 UTC (permalink / raw)
  To: dev; +Cc: gakhil, kai.ji, ciara.power, Arkadiusz Kusztal

This commit adds comments for the proposal of addition of SM2
algorithm key exchange and encryption/decryption operation.

Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
---
 lib/cryptodev/rte_crypto_asym.h | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index 39d3da3952..6911a14dbd 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -639,6 +639,10 @@ struct rte_crypto_asym_xform {
 struct rte_crypto_sm2_op_param {
 	enum rte_crypto_asym_op_type op_type;
 	/**< Signature generation or verification. */
+	/*
+	 * For key exchange operation, new struct should be created.
+	 * Doing that, the current struct could be split into signature and encryption.
+	 */
 
 	enum rte_crypto_auth_algorithm hash;
 	/**< Hash algorithm used in EC op. */
@@ -672,6 +676,18 @@ struct rte_crypto_sm2_op_param {
 	 * C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will
 	 * be overwritten by the PMD with the encrypted length.
 	 */
+	/* SM2 encryption algorithm relies on certain cryptographic functions,
+	 * that HW devices not necesseraly need to implement.
+	 * When C1 is a elliptic curve point, C2 and C3 need additional
+	 * operation like KDF and Hash. The question here is: should only
+	 * elliptic curve output parameters (namely C1 and PB) be returned to the user,
+	 * or should encryption be, in this case, computed within the PMD using
+	 * software methods, or should both option be available?
+	 */
+	/* Similar applies to the key exchange in the HW. The second phase of KE, most likely,
+	 * will go as far as to obtain xU,yU(xV,xV), where SW can easily calculate SA.
+	 * Should then both options be available?
+	 */
 
 	rte_crypto_uint id;
 	/**< The SM2 id used by signer and verifier. */
-- 
2.13.6


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2024-01-24 17:41 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-12-28 16:19 [RFC PATCH] cryptodev: add sm2 key exchange and encryption for HW Arkadiusz Kusztal
2024-01-04 13:37 ` [EXT] " Gowrishankar Muthukrishnan
2024-01-24 17:41   ` Kusztal, ArkadiuszX

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).