RE: [PATCH v6 1/6] cryptodev: add EDDSA asymmetric crypto algorithm

DPDK patches and discussions
 help / color / mirror / Atom feed

From: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
To: "Kusztal, ArkadiuszX" <arkadiuszx.kusztal@intel.com>,
	"dev@dpdk.org" <dev@dpdk.org>, Akhil Goyal <gakhil@marvell.com>,
	Fan Zhang <fanzhang.oss@gmail.com>
Cc: Anoob Joseph <anoobj@marvell.com>,
	"Richardson, Bruce" <bruce.richardson@intel.com>,
	Jerin Jacob <jerinj@marvell.com>, "Ji, Kai" <kai.ji@intel.com>,
	"jack.bond-preston@foss.arm.com" <jack.bond-preston@foss.arm.com>,
	"Marchand, David" <david.marchand@redhat.com>,
	"hemant.agrawal@nxp.com" <hemant.agrawal@nxp.com>,
	"De Lara Guarch, Pablo" <pablo.de.lara.guarch@intel.com>,
	"Trahe, Fiona" <fiona.trahe@intel.com>,
	"Doherty, Declan" <declan.doherty@intel.com>,
	"matan@nvidia.com" <matan@nvidia.com>,
	"ruifeng.wang@arm.com" <ruifeng.wang@arm.com>
Subject: RE: [PATCH v6 1/6] cryptodev: add EDDSA asymmetric crypto algorithm
Date: Tue, 8 Oct 2024 09:31:40 +0000	[thread overview]
Message-ID: <CO1PR18MB4714CD2CD365B26598FB9A31CB7E2@CO1PR18MB4714.namprd18.prod.outlook.com> (raw)
In-Reply-To: <PH0PR11MB50139DED233CA956337A99089F7E2@PH0PR11MB5013.namprd11.prod.outlook.com>

> Acked-by: Arkadiusz Kusztal <arkadiuszx. kusztal@ intel. com

Thanks Arkadiusz.

> > Hi Gowrishankar,
> >
> > I like the idea of adding EdDSA, but I have several comments.
> >
<cut>
> > > +/**
> > > + * EdDSA operation params
> > > + */
> > > +struct rte_crypto_eddsa_op_param {
> > > +	enum rte_crypto_asym_op_type op_type;
> > > +	/**< Signature generation or verification */
> > > +
> > > +	rte_crypto_param message;
> > > +	/**< Input message digest to be signed or verified */
> > HashEdDSA will require a message digest; pure EdDSA will require the
> > message itself. For HW it will be more complicated.

Do you mean some hardware may not have HashEdDSA support ?
If so, I think it can be addressed as an operation capability in EdDSA xform itself as proposed in another patch:
https://patches.dpdk.org/project/dpdk/patch/20241004181255.916-1-gmuthukrishn@marvell.com/

> > > +
> > > +	rte_crypto_param context;
> > > +	/**< Context value for the sign op.
> > > +	 *   Must not be empty for Ed25519ctx instance.
> > > +	 */
> > > +
> > > +	enum rte_crypto_edward_instance instance;
> > > +	/**< Type of Edwards curve. */
> > All instances are using the same curve, where they differ is the way
> > of handling input message.
> > And I think this should be a session variable -> new xform for the EdDSA.

Based on prehash and context string, these instances are listed in RFC.
A context string per operation helps ensure each signature is uniquely tied to its specific context, thereby preventing reuse of signatures across different contexts or operations.
Prehashing adds additional security by ensuring new prehash is computed from the message.
Therefor it is more appropriate to treat both of these as operational variables.

Thanks,
Gowrishankar
> > > +
> > > +	rte_crypto_uint sign;
> > > +	/**< Edward curve signature
> > > +	 *     output : for signature generation
> > > +	 *     input  : for signature verification
> > > +	 */
> > > +};
> > > +
> > >  /**
> > >   * Structure for EC point multiplication operation param
> > >   */
> > > @@ -720,6 +766,7 @@ struct rte_crypto_asym_op {
> > >  		struct rte_crypto_ecdsa_op_param ecdsa;
> > >  		struct rte_crypto_ecpm_op_param ecpm;
> > >  		struct rte_crypto_sm2_op_param sm2;
> > > +		struct rte_crypto_eddsa_op_param eddsa;
> > >  	};
> > >  	uint16_t flags;
> > >  	/**<
> > > --
> > > 2.21.0

next prev parent reply	other threads:[~2024-10-08  9:31 UTC|newest]

Thread overview: 47+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-11-29 16:10 [PATCH v1 1/3] " Gowrishankar Muthukrishnan
2023-11-29 16:10 ` [PATCH v1 2/3] crypto/openssl: add EDDSA support Gowrishankar Muthukrishnan
2023-11-29 16:10 ` [PATCH v1 3/3] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-09-05 13:36 ` [PATCH v2 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Gowrishankar Muthukrishnan
2024-09-05 13:39 ` Gowrishankar Muthukrishnan
2024-09-05 13:39   ` [PATCH v2 2/6] crypto/openssl: support EDDSA Gowrishankar Muthukrishnan
2024-09-09  9:56     ` Jack Bond-Preston
2024-09-05 13:39   ` [PATCH v2 3/6] crypto/cnxk: " Gowrishankar Muthukrishnan
2024-09-20 13:09     ` [PATCH v3 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Gowrishankar Muthukrishnan
2024-09-20 13:09       ` [PATCH v3 2/6] crypto/openssl: support EDDSA Gowrishankar Muthukrishnan
2024-09-20 14:36         ` Akhil Goyal
2024-09-20 13:09       ` [PATCH v3 3/6] crypto/cnxk: " Gowrishankar Muthukrishnan
2024-09-20 13:09       ` [PATCH v3 4/6] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-09-20 13:09       ` [PATCH v3 5/6] examples/fips_validation: support EDDSA Gowrishankar Muthukrishnan
2024-09-20 13:09       ` [PATCH v3 6/6] app/crypto-perf: " Gowrishankar Muthukrishnan
2024-10-03  6:42         ` Akhil Goyal
2024-10-03 17:56       ` [PATCH v4 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Gowrishankar Muthukrishnan
2024-10-03 17:56         ` [PATCH v4 2/6] crypto/openssl: support EDDSA Gowrishankar Muthukrishnan
2024-10-03 17:56         ` [PATCH v4 3/6] crypto/cnxk: " Gowrishankar Muthukrishnan
2024-10-03 17:56         ` [PATCH v4 4/6] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-10-03 17:56         ` [PATCH v4 5/6] examples/fips_validation: support EDDSA Gowrishankar Muthukrishnan
2024-10-03 17:56         ` [PATCH v4 6/6] app/crypto-perf: " Gowrishankar Muthukrishnan
2024-10-04  5:30         ` [PATCH v5 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Gowrishankar Muthukrishnan
2024-10-04  5:30           ` [PATCH v5 2/6] crypto/openssl: support EDDSA Gowrishankar Muthukrishnan
2024-10-04  5:30           ` [PATCH v5 3/6] crypto/cnxk: " Gowrishankar Muthukrishnan
2024-10-04  5:30           ` [PATCH v5 4/6] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-10-04  5:30           ` [PATCH v5 5/6] examples/fips_validation: support EDDSA Gowrishankar Muthukrishnan
2024-10-04  5:30           ` [PATCH v5 6/6] app/crypto-perf: " Gowrishankar Muthukrishnan
2024-10-04  8:26           ` [PATCH v6 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Gowrishankar Muthukrishnan
2024-10-04  8:26             ` [PATCH v6 2/6] crypto/openssl: support EDDSA Gowrishankar Muthukrishnan
2024-10-07  9:50               ` Ji, Kai
2024-10-07 16:27               ` Kusztal, ArkadiuszX
2024-10-04  8:26             ` [PATCH v6 3/6] crypto/cnxk: " Gowrishankar Muthukrishnan
2024-10-04  8:26             ` [PATCH v6 4/6] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-10-04  8:26             ` [PATCH v6 5/6] examples/fips_validation: support EDDSA Gowrishankar Muthukrishnan
2024-10-04 16:19               ` Dooley, Brian
2024-10-04  8:26             ` [PATCH v6 6/6] app/crypto-perf: " Gowrishankar Muthukrishnan
2024-10-04 16:20               ` Dooley, Brian
2024-10-07 16:03             ` [PATCH v6 1/6] cryptodev: add EDDSA asymmetric crypto algorithm Kusztal, ArkadiuszX
2024-10-08  7:40               ` Kusztal, ArkadiuszX
2024-10-08  9:31                 ` Gowrishankar Muthukrishnan [this message]
2024-10-08 11:37                   ` Kusztal, ArkadiuszX
2024-10-09  3:43                     ` Gowrishankar Muthukrishnan
2024-10-09 19:43                     ` Akhil Goyal
2024-09-05 13:39   ` [PATCH v2 4/6] test/crypto: add asymmetric EDDSA test cases Gowrishankar Muthukrishnan
2024-09-05 13:39   ` [PATCH v2 5/6] examples/fips_validation: support EDDSA Gowrishankar Muthukrishnan
2024-09-05 13:39   ` [PATCH v2 6/6] app/crypto-perf: " Gowrishankar Muthukrishnan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CO1PR18MB4714CD2CD365B26598FB9A31CB7E2@CO1PR18MB4714.namprd18.prod.outlook.com \
    --to=gmuthukrishn@marvell.com \
    --cc=anoobj@marvell.com \
    --cc=arkadiuszx.kusztal@intel.com \
    --cc=bruce.richardson@intel.com \
    --cc=david.marchand@redhat.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=fanzhang.oss@gmail.com \
    --cc=fiona.trahe@intel.com \
    --cc=gakhil@marvell.com \
    --cc=hemant.agrawal@nxp.com \
    --cc=jack.bond-preston@foss.arm.com \
    --cc=jerinj@marvell.com \
    --cc=kai.ji@intel.com \
    --cc=matan@nvidia.com \
    --cc=pablo.de.lara.guarch@intel.com \
    --cc=ruifeng.wang@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).