From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
To: "Kusztal, ArkadiuszX" <arkadiuszx.kusztal@intel.com>,
"dev@dpdk.org" <dev@dpdk.org>, Akhil Goyal <gakhil@marvell.com>,
Fan Zhang <fanzhang.oss@gmail.com>
Cc: Anoob Joseph <anoobj@marvell.com>,
"Richardson, Bruce" <bruce.richardson@intel.com>,
Jerin Jacob <jerinj@marvell.com>, "Ji, Kai" <kai.ji@intel.com>,
"jack.bond-preston@foss.arm.com" <jack.bond-preston@foss.arm.com>,
"Marchand, David" <david.marchand@redhat.com>,
"hemant.agrawal@nxp.com" <hemant.agrawal@nxp.com>,
"De Lara Guarch, Pablo" <pablo.de.lara.guarch@intel.com>,
"Trahe, Fiona" <fiona.trahe@intel.com>,
"Doherty, Declan" <declan.doherty@intel.com>,
"matan@nvidia.com" <matan@nvidia.com>,
"ruifeng.wang@arm.com" <ruifeng.wang@arm.com>
Subject: RE: [PATCH v6 1/6] cryptodev: add EDDSA asymmetric crypto algorithm
Date: Wed, 9 Oct 2024 03:43:22 +0000 [thread overview]
Message-ID: <CO1PR18MB4714BFB502C2C5619267ED21CB7F2@CO1PR18MB4714.namprd18.prod.outlook.com> (raw)
In-Reply-To: <PH0PR11MB501303EFE8A9B008D39130399F7E2@PH0PR11MB5013.namprd11.prod.outlook.com>
> > > > > +/**
> > > > > + * EdDSA operation params
> > > > > + */
> > > > > +struct rte_crypto_eddsa_op_param {
> > > > > + enum rte_crypto_asym_op_type op_type;
> > > > > + /**< Signature generation or verification */
> > > > > +
> > > > > + rte_crypto_param message;
> > > > > + /**< Input message digest to be signed or verified */
> > > > HashEdDSA will require a message digest; pure EdDSA will require
> > > > the message itself. For HW it will be more complicated.
> >
> > Do you mean some hardware may not have HashEdDSA support ?
> Not in full. For example: ECDSA in QAT and Octeon accepts a digest, not a
> message. So it does not support the full process, but EdDSA is more
> complicated than that because of the two hash rounds, similar to the SM2.
>
> For now we have only OpenSSL PMD that supports it, and it accepts a
> message not a digest, so this should be changed to "message to be signed".
>
Ack.
<cut>
> > > > All instances are using the same curve, where they differ is the
> > > > way of handling input message.
> > > > And I think this should be a session variable -> new xform for the EdDSA.
> >
> > Based on prehash and context string, these instances are listed in RFC.
> > A context string per operation helps ensure each signature is uniquely
> > tied to its specific context, thereby preventing reuse of signatures
> > across different contexts or operations.
> > Prehashing adds additional security by ensuring new prehash is
> > computed from the message.
> > Therefor it is more appropriate to treat both of these as operational
> variables.
>
> Different 'instance' are basically different algorithms.
>
> About the 'context' I am not sure, as not any major protocol specifies its usage
> (TLS and IKEv2 forbids PH though), But from RFC8032, it looks like it was
> defined to be used per protocol basis, or some subprotocol routine. But about
> this I am not sure.
>
> Yet, EdDSA should not be delayed really; it is basically a network standard for
> quite a time.
> These changes may be discussed later.
>
Sure Arkadiusz.
Regards,
Gowrishankar
next prev parent reply other threads:[~2024-10-09 3:43 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-29 16:10 [PATCH v1 1/3] " Gowrishankar Muthukrishnan
2023-11-29 16:10 ` [PATCH v1 2/3] crypto/openssl: add EDDSA support Gowrishankar Muthukrishnan
2023-11-29 16:10 ` [PATCH v1 3/3] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-09-05 13:36 ` [PATCH v2 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Gowrishankar Muthukrishnan
2024-09-05 13:39 ` Gowrishankar Muthukrishnan
2024-09-05 13:39 ` [PATCH v2 2/6] crypto/openssl: support EDDSA Gowrishankar Muthukrishnan
2024-09-09 9:56 ` Jack Bond-Preston
2024-09-05 13:39 ` [PATCH v2 3/6] crypto/cnxk: " Gowrishankar Muthukrishnan
2024-09-20 13:09 ` [PATCH v3 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Gowrishankar Muthukrishnan
2024-09-20 13:09 ` [PATCH v3 2/6] crypto/openssl: support EDDSA Gowrishankar Muthukrishnan
2024-09-20 14:36 ` Akhil Goyal
2024-09-20 13:09 ` [PATCH v3 3/6] crypto/cnxk: " Gowrishankar Muthukrishnan
2024-09-20 13:09 ` [PATCH v3 4/6] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-09-20 13:09 ` [PATCH v3 5/6] examples/fips_validation: support EDDSA Gowrishankar Muthukrishnan
2024-09-20 13:09 ` [PATCH v3 6/6] app/crypto-perf: " Gowrishankar Muthukrishnan
2024-10-03 6:42 ` Akhil Goyal
2024-10-03 17:56 ` [PATCH v4 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Gowrishankar Muthukrishnan
2024-10-03 17:56 ` [PATCH v4 2/6] crypto/openssl: support EDDSA Gowrishankar Muthukrishnan
2024-10-03 17:56 ` [PATCH v4 3/6] crypto/cnxk: " Gowrishankar Muthukrishnan
2024-10-03 17:56 ` [PATCH v4 4/6] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-10-03 17:56 ` [PATCH v4 5/6] examples/fips_validation: support EDDSA Gowrishankar Muthukrishnan
2024-10-03 17:56 ` [PATCH v4 6/6] app/crypto-perf: " Gowrishankar Muthukrishnan
2024-10-04 5:30 ` [PATCH v5 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Gowrishankar Muthukrishnan
2024-10-04 5:30 ` [PATCH v5 2/6] crypto/openssl: support EDDSA Gowrishankar Muthukrishnan
2024-10-04 5:30 ` [PATCH v5 3/6] crypto/cnxk: " Gowrishankar Muthukrishnan
2024-10-04 5:30 ` [PATCH v5 4/6] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-10-04 5:30 ` [PATCH v5 5/6] examples/fips_validation: support EDDSA Gowrishankar Muthukrishnan
2024-10-04 5:30 ` [PATCH v5 6/6] app/crypto-perf: " Gowrishankar Muthukrishnan
2024-10-04 8:26 ` [PATCH v6 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Gowrishankar Muthukrishnan
2024-10-04 8:26 ` [PATCH v6 2/6] crypto/openssl: support EDDSA Gowrishankar Muthukrishnan
2024-10-07 9:50 ` Ji, Kai
2024-10-07 16:27 ` Kusztal, ArkadiuszX
2024-10-04 8:26 ` [PATCH v6 3/6] crypto/cnxk: " Gowrishankar Muthukrishnan
2024-10-04 8:26 ` [PATCH v6 4/6] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-10-04 8:26 ` [PATCH v6 5/6] examples/fips_validation: support EDDSA Gowrishankar Muthukrishnan
2024-10-04 16:19 ` Dooley, Brian
2024-10-04 8:26 ` [PATCH v6 6/6] app/crypto-perf: " Gowrishankar Muthukrishnan
2024-10-04 16:20 ` Dooley, Brian
2024-10-07 16:03 ` [PATCH v6 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Kusztal, ArkadiuszX
2024-10-08 7:40 ` Kusztal, ArkadiuszX
2024-10-08 9:31 ` Gowrishankar Muthukrishnan
2024-10-08 11:37 ` Kusztal, ArkadiuszX
2024-10-09 3:43 ` Gowrishankar Muthukrishnan [this message]
2024-10-09 19:43 ` Akhil Goyal
2024-09-05 13:39 ` [PATCH v2 4/6] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-09-05 13:39 ` [PATCH v2 5/6] examples/fips_validation: support EDDSA Gowrishankar Muthukrishnan
2024-09-05 13:39 ` [PATCH v2 6/6] app/crypto-perf: " Gowrishankar Muthukrishnan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CO1PR18MB4714BFB502C2C5619267ED21CB7F2@CO1PR18MB4714.namprd18.prod.outlook.com \
--to=gmuthukrishn@marvell.com \
--cc=anoobj@marvell.com \
--cc=arkadiuszx.kusztal@intel.com \
--cc=bruce.richardson@intel.com \
--cc=david.marchand@redhat.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=fanzhang.oss@gmail.com \
--cc=fiona.trahe@intel.com \
--cc=gakhil@marvell.com \
--cc=hemant.agrawal@nxp.com \
--cc=jack.bond-preston@foss.arm.com \
--cc=jerinj@marvell.com \
--cc=kai.ji@intel.com \
--cc=matan@nvidia.com \
--cc=pablo.de.lara.guarch@intel.com \
--cc=ruifeng.wang@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).