From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id AEE50A0548; Wed, 25 May 2022 07:48:41 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id A34C1400EF; Wed, 25 May 2022 07:48:41 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id D68DD400D6 for ; Wed, 25 May 2022 07:48:39 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 24OK8Ml7020546; Tue, 24 May 2022 22:48:39 -0700 Received: from nam11-co1-obe.outbound.protection.outlook.com (mail-co1nam11lp2172.outbound.protection.outlook.com [104.47.56.172]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3g93ty2ba5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 24 May 2022 22:48:38 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=N3jGOGRxwuQiXwl9h5q2+KTIzc2PRg42/xTbEsVtTw/RIIMud6m4W20FShKB0Er+GxqIgEye84HrWz19I0khiUhx4BR5n+GYJB0XfBp0i85yOlxvpWcmN/OG0qZVm1RYP92l5swy/C36pEqsXybw0hWVVyxl9t0rTrwuQeJ5jQBmz7h3HY0we+AT4BYPuItO49XrHQWE5EmyZ8sduA3ZT4+QPQ0z8t0hTnLp911daC0zrtpgO+wEPBWdYx69AQUPJcIUCz13RRoBTKhKGlcbx4suKTNxaehdYX22O2AHYELwKGPkcSofRkvK2fbqxBtFREv5YHFpKJe/zaPodvvniQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KGI84r9DwtPwHCttla8Iq9yA6oFAiDnn6jwpefj10V0=; b=ZxBv9HbnJswDb7Lk/+jJiptCKc6wjEs9lgn2ueEu+KVu6swy6KgTfcuqUdzoajP6mEF3e2c4cD6Y6pUrckJ4tsJ6npt2SAvGzMRn/6iWYzCjc3RGsBlUDnKfXqaJNK0KaPkAwpfR/dAad9QdUfu5kmnXvZOugRQVTOf55Kwxzc4Drg4Gngg/9pAEuhaHiOmneIl8eZHExoot6HrUN9gL9xImZHMaPOq0SEbUIqw+fSCMs6m82ZW2C13JVF7R1Yw3I/JCGcH1tOy+Q/s0GpcPNxQ+QpPcIIC5jVSnI2V92VbURROzJxyKvdQuAKBoJrAtGrPxIhHsbcw3vA5oiocP6A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KGI84r9DwtPwHCttla8Iq9yA6oFAiDnn6jwpefj10V0=; b=cW8eKHVnz0L2u7WOUJMBfy9NWtL8G3RmUblnqYvMG21JsoEXSfBx6Ic4X54xBPbZhUbSXNL6W6MSDdDBe5cYM1ZwwY1ysoD/+3TO1Plen38sdYZokHivI++RfNZ2J8TiJYNRorHxBbu5If6djAA5CzHifzwD34A2xLwq40VoObo= Received: from CO6PR18MB4484.namprd18.prod.outlook.com (2603:10b6:5:359::9) by MWHPR18MB1181.namprd18.prod.outlook.com (2603:10b6:320:29::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5273.23; Wed, 25 May 2022 05:48:35 +0000 Received: from CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::f154:453d:893:f6ce]) by CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::f154:453d:893:f6ce%7]) with mapi id 15.20.5293.013; Wed, 25 May 2022 05:48:35 +0000 From: Akhil Goyal To: "Kusztal, ArkadiuszX" , "dev@dpdk.org" , Kiran Kumar Kokkilagadda CC: Anoob Joseph , "Zhang, Roy Fan" Subject: RE: [EXT] [PATCH 30/40] cryptodev: reduce rsa struct to only necessary fields Thread-Topic: [EXT] [PATCH 30/40] cryptodev: reduce rsa struct to only necessary fields Thread-Index: AQHYbBfDvc1Ls6foMEuU3nvjaXahD60t/RGQgAAyFgCAAO40IA== Date: Wed, 25 May 2022 05:48:35 +0000 Message-ID: References: <20220520055445.40063-1-arkadiuszx.kusztal@intel.com> <20220520055445.40063-31-arkadiuszx.kusztal@intel.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 9ac2da52-8cde-4b6e-890d-08da3e1235b0 x-ms-traffictypediagnostic: MWHPR18MB1181:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: V2hxBuEE3+M4LK1hhzknfCytMoHjEd9a0UPMrEBrG/OM/8KY5A1MbDAzl1+0/zRL5/ZtDYA+hlTKDXRwq2KrrMOc5Mvgr9wCd4eqnOzxS6ho/HDfFjQaGeWBjgF3RkcJbGGApCaxyZc1I7MZoj1uJd0MfNHHUnkG1YGh+Ud5vgVPTMinC5FyG+ltNUCX668sK1aoyKe2iwt9M7CCUtTjoLWgjqlD/PzjpIrPfwO1qWCtfsOLNmHPuoW+j7hbWYRpv/L7bpcWBjTONn71zeEPVP44NJdxFF/7bsvrPEz1yH3GR/0TDiGEp5qANkY0rOtwH7MuDXFeh6EJg0NKsfzHZZPoHTQwaPQkzhb5u4tGptaaH8I77Upu57dQ/O55QAzBsT+rhnAS/8GsNwBQ/XZIqTtppMP6TT3IOx0CQnI6wMfxCMpZcatuRxvGl/XV8flB42fuGWexw0gxJ4KrNRkgPLhVSKOs8eD6h9k69DDTGmBvT+3C7MfhwGvs/yK3btjhqCutNQDBbnTdRtSSjfm9DpROXViUoLQP1HNAc0sRCKyrNsLZGGGpYpTChe5M44fUv/wHIzyvWw7Ph05MAmJ/l15zASlSAvUKM6zmbaMnrm1X5UdXzvzQyqGHDaEj6TZOGt9Z5rfKH/+alK6ST/r7k4G+UlaP/uAhrCTqS/e8HMwaeNFTE8VcXIgWkhivkJVHXddBgAPFWQcDw5dOkQv4tA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO6PR18MB4484.namprd18.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(7696005)(4326008)(66446008)(508600001)(110136005)(316002)(6636002)(33656002)(54906003)(66946007)(86362001)(9686003)(26005)(38070700005)(55016003)(38100700002)(76116006)(122000001)(66556008)(55236004)(64756008)(6506007)(71200400001)(8676002)(2906002)(66476007)(83380400001)(186003)(8936002)(52536014)(5660300002); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?N/NHiBS8xyLfuKz2QyPanDACq78ZWuOtvD6Gmn/3fPRiq/FOk3L9YHeoHrfX?= =?us-ascii?Q?+NR80DhJKEfW6iXmH9kJEy5Uc6R9rJqYlkS/+0WNZggzh0LVYXR6M1UGXGvF?= =?us-ascii?Q?AEFw6DM9jN2W3ZAy0uJoZYajZzh5vsZFCwiv7m4zqptFbsxaUdZ3Y1DI9HrV?= =?us-ascii?Q?5WXisx1eSMWESi5Xv9D4QJiFyfLDdCQO3ewXZ31X4AKoa7Tctdm+8Lyw6MOO?= =?us-ascii?Q?YfxKS5FnQdmSZz7UTRg+Ix8r+v4m6/EvIBVr3qHQaxqfd5gGBFl8mK92LJQe?= =?us-ascii?Q?6M9MgGuj1sfgzCiEGACjE/nbg5OIhfvBl7fToncSkLpoS4SJ5jR3UqRVQsuH?= =?us-ascii?Q?e5v0vJP1JFeGqVlZQmW86Vglyr/LlyovymjrcOG/mHP/rMmZxivjdS/FMr8R?= =?us-ascii?Q?NUNtjnH4DU9cxn9TPqziiSOf4jYui79Dv6VRkwwd8D/3opzBRd5AyFpM5RqC?= =?us-ascii?Q?nvHuOXMKYdGhA0WAWrRraKxAHDUlu53N7Qmkt6olyz32O4Eiq6P1+lyOF7UX?= =?us-ascii?Q?vKS6KldKb9zHOsX99d6uUyhOBguzJK/4lBPFo1PfyNCSH3Bksek4PLS/2Zrz?= =?us-ascii?Q?zwjYeCqpQFnHnZ/I5sVo+MOpy7sdznG97fPZA+HRPqIzAsjmk4zDhxUBINyA?= =?us-ascii?Q?Fur6sBueI8Ds3hlU0KgSRkhMyUI37vILhmYY3CgdJmKmzIMZCjVjj4ZBuY2a?= =?us-ascii?Q?UI9YyvwzREI/ZD0tzAO3FJv9F8L0mD7zmKfdeR6Ly/2P7biiAcU19L3MwPNM?= =?us-ascii?Q?vCsyptq90eIEpuqyPfLH9q4kj0B2BYviSOf89FrVkfhFYh3EFHQmf85KAiYj?= =?us-ascii?Q?u3lSCLZAVsq+w/qHHRxqufUIk27vS7vjxOgpfjgEJuQBeKM2VaVxKAYRHKFl?= =?us-ascii?Q?ITCSdlsVAV6SCyNTc16oQTeon9oGc45XEP5uQb57jtp+saGhpOMEl0jpA3k3?= =?us-ascii?Q?DYvFPYNy2ug3lYbAdYnGS7e0zjDwfHa53TuO3aUfnhcjDLNUa7M6YgfA7fCQ?= =?us-ascii?Q?xHnrelYUCD+frUjKo8Y9i5uPFwgxL9/7bCf51eXHgHID36K+BI7HIv78U4DU?= =?us-ascii?Q?f5jj8VHqfbB/LYNEzj/qPtlzw+juW1ZGZYl79dSfgENn6XdHwKAT/kD/KgTT?= =?us-ascii?Q?N1zK4ZmUogb89kcFIMdb5IhNlttciD4/kRwUC+aXCJzRspy/5lPebqDYTUcz?= =?us-ascii?Q?t1JYiwlYwk3z7Wbz0eC68KNZICQVIKzmJjyKG1xS/ofcXpWy7Tg3igByr9LN?= =?us-ascii?Q?/nAnOrGMT2X2n4xGciT5ES7NwpnRuWqAggGAKW9YQB341AhriLuETFOz4F5+?= =?us-ascii?Q?2jIyMI/zbnpsWJZrWAnIraHQBWq9VlGEC+oaN30iiIZinGH4SPAsSx4ADfQ5?= =?us-ascii?Q?nWI2pORYCRfkE2lomF9DgJrI80t/nrNH3rjis4WXf3plUpfYpGdL3PjH65ca?= =?us-ascii?Q?oU4irdYEP9Hd2GSqlddhDgSFYFotSkywkxmhLvPzxzzP88CWlbP2xZSCgvTD?= =?us-ascii?Q?WicRWnLnMQrX+DN1RBDYpxu70Nla4IoiCAZe//1M4GJeLav66NgAf0foUwdd?= =?us-ascii?Q?h8ZJPT06uVblNCMdFZjAxvTIClQvtW02YByvKR2sAnuGfwuCGNu0oOEqncRf?= =?us-ascii?Q?qiLVRjKgTBQ9EpS5btlYnN0WLCEWvL3xhO0MTcW+/BZfuD+767BKasMfIMRz?= =?us-ascii?Q?19rv4+ofpcpxX6rmCa+05rEvw58F9KyEau9/I0eHip5VIkx8o9X4T27/A5qO?= =?us-ascii?Q?N+0vKEgbjA=3D=3D?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: marvell.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO6PR18MB4484.namprd18.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9ac2da52-8cde-4b6e-890d-08da3e1235b0 X-MS-Exchange-CrossTenant-originalarrivaltime: 25 May 2022 05:48:35.6973 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: bsvCPoCpOguleWRKzIz8kUOgJ9tjNeYeXzLm3VbPknETegsAykmDug3uNLdVuHh2fGfby/D1Oud5WCBEnOSRSQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR18MB1181 X-Proofpoint-GUID: QrNwstmBheBiKOUGozvY-Wta_XI8Bzgn X-Proofpoint-ORIG-GUID: QrNwstmBheBiKOUGozvY-Wta_XI8Bzgn X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-05-25_01,2022-05-23_01,2022-02-23_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org > > > - reduced rsa struct to only necessary fields. > > > RSA operation is generally used with one input and one output. > > > One exception for this is signature verification, when RSA verify > > > called, both message and signature are inputs, but there is no rsa > > > output except for op status. > > > > I am not sure if this is the correct renaming of fields. > > > > You are changing the name of message -> input and Cipher and sign -> > > output/message union. Right? > > > > I believe this would impact the existing applications and Would create > confusion > > as the message was used for input and now it is In union with output. > [Arek] - Yes, this will impact current apps. And yes, message may be conf= using. > But main question, is there consensus for the Input - Output approach in = RSA? If > not I will drop it from v2. > If so, in case SIGNATURE_VERIFY and PADDING_NONE decrypted signature > should be placed in message or cipher with no further PMD involvement. ++Kiran >=20 > > > > The logic listed here is looking very complex. > > Please simplify it. Can you try adding comments in the description of s= truct > > Instead of individual fields. > > > > > > Signed-off-by: Arek Kusztal > > > --- > > > lib/cryptodev/rte_crypto_asym.h | 87 > > > +++++++++++++++++++++++---------------- > > > -- > > > 1 file changed, 50 insertions(+), 37 deletions(-) > > > > > > diff --git a/lib/cryptodev/rte_crypto_asym.h > > > b/lib/cryptodev/rte_crypto_asym.h index c864b8a115..37dd3b9d86 100644 > > > --- a/lib/cryptodev/rte_crypto_asym.h > > > +++ b/lib/cryptodev/rte_crypto_asym.h > > > @@ -362,53 +362,66 @@ struct rte_crypto_rsa_op_param { > > > enum rte_crypto_asym_op_type op_type; > > > /**< Type of RSA operation for transform */ > > > > > > - rte_crypto_param message; > > > + rte_crypto_param input; > > > /**< > > > - * Pointer to input data > > > - * - to be encrypted for RSA public encrypt. > > > - * - to be signed for RSA sign generation. > > > - * - to be authenticated for RSA sign verification. > > > + * When op_type =3D=3D RTE_CRYPTO_ASYM_OP_ENCRYPT: > > > + * If padding.type =3D RTE_CRYPTO_RSA_PADDING_NONE > > > + * input should only be used along with cryptographically > > > + * secure padding scheme. > > > + * If padding.type =3D RTE_CRYPTO_RSA_PADDING_PKCS1_5 > > > + * input shall be no longer than public modulus minus 11. > > > + * If padding.type =3D RTE_CRYPTO_RSA_PADDING_OAEP > > > + * input shall be no longer than public modulus - > > > + * 2 * len(hash) - 2. > > > + * When op_type =3D=3D RTE_CRYPTO_ASYM_OP_SIGN: > > > * > > > - * Pointer to output data > > > - * - for RSA private decrypt. > > > - * In this case the underlying array should have been > > > - * allocated with enough memory to hold plaintext output > > > - * (i.e. must be at least RSA key size). The message.length > > > - * field should be 0 and will be overwritten by the PMD > > > - * with the decrypted length. > > > + * If padding.type =3D RTE_CRYPTO_RSA_PADDING_NONE > > > + * input should only be used along with cryptographically > > > + * secure padding scheme. * > > > + * If padding.type =3D RTE_CRYPTO_RSA_PADDING_PKCS1_5 or > > > + * RTE_CRYPTO_RSA_PADDING_PSS > > > + * if the RTE_CRYPTO_RSA_FLAG_PT flag is set, input shall contain > > > + * the message to be signed, if this flag is not set, > > > + * input shall contain the digest of the message to be signed. > > > > Does it mean if padding.type =3D RTE_CRYPTO_RSA_PADDING_PKCS1_5 or > > RTE_CRYPTO_RSA_PADDING_PSS and if RTE_CRYPTO_RSA_FLAG_PT flag is > set > [Arek] - this one will be out, no one probably will come asking for this > functionality anyway. > > > > > * > > > - * All data is in Octet-string network byte order format. > > > - */ > > > - > > > - rte_crypto_param cipher; > > > - /**< > > > - * Pointer to input data > > > - * - to be decrypted for RSA private decrypt. > > > + * When op_type =3D=3D RTE_CRYPTO_ASYM_OP_DECRYPT: > > > * > > > - * Pointer to output data > > > - * - for RSA public encrypt. > > > - * In this case the underlying array should have been allocated > > > - * with enough memory to hold ciphertext output (i.e. must be > > > - * at least RSA key size). The cipher.length field should > > > - * be 0 and will be overwritten by the PMD with the encrypted lengt= h. > > > + * Input shall contain previously encrypted RSA message. > > > * > > > - * All data is in Octet-string network byte order format. > > > + * When op_type =3D=3D RTE_CRYPTO_ASYM_OP_VERIFY: > > > + * > > > + * Input shall contain signature to be verified > > > */ > > > - > > > - rte_crypto_param sign; > > > + union { > > > + rte_crypto_param output; > > > + rte_crypto_param message; > > > + }; > > > /**< > > > - * Pointer to input data > > > - * - to be verified for RSA public decrypt. > > > + * When op_type =3D=3D RTE_CRYPTO_ASYM_OP_ENCRYPT: > > > + * > > > + * Output shall contain encrypted data, output.length shall > > > + * be set to the length of encrypted data. > > > + * > > > + * When op_type =3D=3D > > > RTE_CRYPTO_ASYM_OP_DECRYPT/RTE_CRYPTO_ASYM_OP_SIGN: > > > * > > > - * Pointer to output data > > > - * - for RSA private encrypt. > > > - * In this case the underlying array should have been allocated > > > - * with enough memory to hold signature output (i.e. must be > > > - * at least RSA key size). The sign.length field should > > > - * be 0 and will be overwritten by the PMD with the signature lengt= h. > > > + * If padding.type =3D RTE_CRYPTO_RSA_PADDING_NONE > > > + * output shall contain decrypted/signed data, but all leading zero= s > > > + * shall be preserved. Therefore output.length should be > > > + * equal to the length of the modulus.. > > > + * For other types of padding, output should contain > > > + * decrypted data, and output.length shall be set to the length > > > + * of decrypted data. > > > * > > > - * All data is in Octet-string network byte order format. > > > + * When op_type =3D=3D RTE_CRYPTO_ASYM_OP_VERIFY: > > > + * > > > + * If padding.type =3D RTE_CRYPTO_RSA_PADDING_NONE > > > + * output shall contain the public key decrypted signature. > > > + * All leading zeroes shall be preserved. > > > + * > > > + * For other padding types, the message should be set with data for= the > > > + * signature to be compared with. > > > */ > > > + > > > struct rte_crypto_rsa_padding padding; > > > /**< RSA padding information */ > > > > > > -- > > > 2.13.6