From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 37CF5A0C54; Fri, 3 Sep 2021 17:17:38 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id EA04E410D7; Fri, 3 Sep 2021 17:17:37 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 6CF1C40E78 for ; Fri, 3 Sep 2021 17:17:36 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 183A4oVp011762; Fri, 3 Sep 2021 08:17:29 -0700 Received: from nam04-mw2-obe.outbound.protection.outlook.com (mail-mw2nam08lp2169.outbound.protection.outlook.com [104.47.73.169]) by mx0a-0016f401.pphosted.com with ESMTP id 3auhmw93c2-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 03 Sep 2021 08:17:29 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NmzpJq7Zbbqcb47k+Nh+bZu8fc8PilKIw6bMqtoDnzvzuff6v55ASLP/62ZPkL7l1E+iun6q9Bdx0UO9XDaff7V46WSldpesHqpR/oPwo1c/jjGexzmLc1Mvlf6NY2AR1WLIA/pgfhi4/AMd/N5EPzVH4huucAba9VpfGYOGoex005HhZjDQ/yVJBNe35huXD0kxg0LPWBLGX/yqD787MNcmhEHpOo7zEmCgrPDuqjhFjKL9jkrO/C65UKZNZSU0hmMU/J+4mESeJnSqBFGKmC3d8Y8YIt8/b35MXZGz29S+huzDB9ILYXI4paEQQDkSR5lzI2/bxMEARqVcEyp9Fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=F3p0LIQUwC8rRJQpCSDt/gaxEdjJOS8MRe4z0UEvqOI=; b=aa2AMjhqkzUT/vgUxiphzMXIathi6TCXSoRCGgJUKi9Wirq4PdKyVzL2DcmUN55bmU2EgvE5qekxdGUlsCU946H0SRvseplzSG7cQOuHVscIONhEKK+/gRVH3cOm7bzxBfwCUjFHlnRjXdgj2bzWZ2UZkdHESctoNu4ruXopHigY60xHbGgN00IyEEhiItH7tPzp9TiDBT2dNPY2psANMjdu8zJZcA/S+zIU5++u9Po0iAaUrox9zozouQPX3RC/4lEVCNQFU95xeA/gNpkZyklEnpXDLxm+OraSHMbMlhTIRO9sZisYb3MuE6aYs13iqdHNwUpUgStKWn0zKDnLrw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=F3p0LIQUwC8rRJQpCSDt/gaxEdjJOS8MRe4z0UEvqOI=; b=jjIDUuv5cn+jShIs4i+lY1hsZpPWLnM0AE6syjJ5GIYCF2k8G2Hf0IX25JYMVgairGqR0ysSy2qAWo/6lGjKV8CEUYMwIT5NAwob8uZMK1Fa0ZV13HiY7TLmhLhj+jD+SmGhKrvLWSmG8ZH8sZc96SgP78uDcfTHwLraKK2V1zc= Received: from CO6PR18MB4484.namprd18.prod.outlook.com (2603:10b6:5:359::9) by CO1PR18MB4777.namprd18.prod.outlook.com (2603:10b6:303:ec::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4478.17; Fri, 3 Sep 2021 15:17:28 +0000 Received: from CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::411f:5b87:321e:de29]) by CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::411f:5b87:321e:de29%3]) with mapi id 15.20.4478.024; Fri, 3 Sep 2021 15:17:28 +0000 From: Akhil Goyal To: "Kusztal, ArkadiuszX" , "dev@dpdk.org" CC: "thomas@monjalon.net" , "david.marchand@redhat.com" , "hemant.agrawal@nxp.com" , Anoob Joseph , "De Lara Guarch, Pablo" , "Trahe, Fiona" , "Doherty, Declan" , "matan@nvidia.com" , "g.singh@nxp.com" , "Zhang, Roy Fan" , "jianjay.zhou@huawei.com" , "asomalap@amd.com" , "ruifeng.wang@arm.com" Thread-Topic: [dpdk-dev] [PATCH 2/4] cryptodev: promote asym APIs to stable Thread-Index: AQHXhjfP1lRPiGsRlE2s0PBtQGfGuKuMYLAAgAY/KnA= Date: Fri, 3 Sep 2021 15:17:27 +0000 Message-ID: References: <20210731181327.660296-1-gakhil@marvell.com> <20210731181327.660296-3-gakhil@marvell.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=marvell.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 331ab412-3f4f-4c70-b8be-08d96eedf10d x-ms-traffictypediagnostic: CO1PR18MB4777: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 9aZy2PF23ck8uSgU72r0ssTlVEyXO1VyfPwE3XiK4gm7mfRaP5wxfG6GRn57NTDniOlu87/qZHA77wqZ521XaoI6r4qTkqLZwbhICzrJmVle9T8XcC/Vtvn2G/gCDRjbh7skRAg+nkT1UfBQhKgvTNoV4P0TxPu5GSwqos9z7UPLBLtUQ66WAeYhU+39GbKrNUoCvWioQWxIDXjbMQTI1uoZay8oDJu95mktvd/dpYe8ln6RuoT+TcQbd9ZQQbjf1aa4gIPaQKUKjM65N7nbE9lnHdyGvRab8tMDxbzYDbyIJKh//i9au72pO3BLJ+iO4TLIskY/JvopjQvGe+mcqIsLImvjDktk7Thr/X7ArLCKWGU/ufJw4vBuTOVRsH/wSl456dr/u/ApI11+t5yVH31KPkU4/hrdmY+VaHYfHLtS+T/dHnnHXljFVUZyL+ytsoXsAVUne3GsJS3rb5D5rXHvDgsWqWg2Ewa7wTG1Rs4CsK46wUX0TOEqZOhXKMeYrgQYYVo7puz5nbF9k0CdJNg1ZefvSpJAAp5NRwjWIZzSBZWjDDNEFSpX79VHJ7fZ3IWq1XOlKwhAfVD+PPucTdtf8Y5jwAsy89AP2AfkGkKMIiKjar3XtTOJtl0ZEqZDwTdnbdf7xRC8rf9QYw4Tmi74L2IhVhy+1gq9OhISnxCkW/FfqWn4RKacOntUwYPy/6MR/6ixcA3/IZIoXInUJ2TUDJZ/uNWUY1QqDndahqbOkrNEI9E8rcV95isNy8LPprG5HOOIL9uPaxjOkFsjFv9rQb7Kmd/qmxSC5he2+P8= x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO6PR18MB4484.namprd18.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(39860400002)(136003)(346002)(366004)(396003)(376002)(8676002)(55236004)(316002)(186003)(9686003)(478600001)(55016002)(38100700002)(86362001)(4326008)(26005)(122000001)(8936002)(66556008)(83380400001)(66476007)(66946007)(64756008)(2906002)(76116006)(52536014)(71200400001)(5660300002)(7696005)(38070700005)(7416002)(33656002)(6506007)(54906003)(66446008)(110136005); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?ZWxHHdA/yujjJrDSHp9P7ACai7h0wm2LyXWJk0Jw2nyEhJOwugmD+JOS17rC?= =?us-ascii?Q?ZACEmbTZV6z3izuN6Q+KXHolwLkmyU5i+151GrhfelMt/MSdlExATNCZ7Sa8?= =?us-ascii?Q?HWB6c+BEkIiyAllYmITUYxsO+R1hVzXScx+plM/2zWuTI9g9pv0Cy4SEFATA?= =?us-ascii?Q?q4VqHGI18UoXeA8NOccyDxXciGkl7oKaMe6rB1XzWXrxDfyJebA2KMxb9Czm?= =?us-ascii?Q?U16UYP+9xkSyg6Ir4/FgrJE9u9d2DL0DlHKqa+wLXSygZAnI9rLV9KTRAz2c?= =?us-ascii?Q?txm/isZaTFTgcU29Hl5TX/sgp6aE0y/fPWl8omvYhyiEsscncCs8RVbukjCN?= =?us-ascii?Q?tOtAuu14xsIxSN/Bt0BLhX56I0VSsMkc5Hy4Y3Fp0MWuLBS4uq+JaL9EFKvn?= =?us-ascii?Q?XaoxbIwvWnVvgHrXhhrXu8hs2G044oe3LuFNjiUvC6rm4UdDW0hZMRebw/Zx?= =?us-ascii?Q?wp9CEZQ3NQ3vjqbIw+p3RJO3oEibtx+ARyQC2/FioyVmZoZSKMtZUW6eYD4Y?= =?us-ascii?Q?KwqyRq8iWFup5D4lCA3AZssn6T0X7VwYAHBJU5LryOxDsjtEOYzSBzq4Fdmz?= =?us-ascii?Q?uL1SX1hrwgydbndSiPpJK95t3I7jpJv6kaBCbUFSEs3O7WLDRdPqnb9AAYH2?= =?us-ascii?Q?PYVtwbGyQsPmcJ5PZ2tC7dUEXIHfnmq9FOfHaf0CsA0p19kSpLf8ZsnDWCZ1?= =?us-ascii?Q?q31seTVtZE6GFEWKUpfLBPuugg+3fEzLCOKTNSQadh+Nv7NNg0/cYN4ldsf4?= =?us-ascii?Q?bY5BImGX48VtFPH2lA5lxrDOGvboUFr6dBzd1TSIFl8TChzQCkdNVfUi/AP0?= =?us-ascii?Q?W1aTlOQsAQlfGKYLT1/Lu+uz1S9noHZ/D2GUHkBPSFT03Lga7gwD6cPl06pT?= =?us-ascii?Q?KPqzfNmd/wVjyWSWPrTnkVyQb0DlL219FpNoJ/e+CI/pMKOxD6AFz+JB8Ei0?= =?us-ascii?Q?Dmsm233i6jkqLNROWE4/Jgr8hm2MiXlOuYdLSiIqc+mHq9BUrS8VuYGqOSwF?= =?us-ascii?Q?BWoghGqdBCZ+bQvJ/tEbyxGRdp/UWmzQbZ3FFdjCB69NMJhMUwY+7/MObr+O?= =?us-ascii?Q?FqPTU+wv/zRm2pC6MFfPCaD2kXpz7hQmjLMdf/Z9c7EBf9b4OYxe6IRMic6t?= =?us-ascii?Q?W4kisC6+/PpDsH36vMXDy3eL2xliXt10Cuve3vUBcmbLdKUBoA/6Roh9TUsS?= =?us-ascii?Q?FxjfpUwhcCzJwuuhI8L7okgITQU0KookxBXwUOVkcnHBcW2at5+4fqwqxwZK?= =?us-ascii?Q?jiNFJiyjBYSravA6k89tpQffb0UdsK/U6YKuUmZCDg5dqaXjMmJw6esoXqE/?= =?us-ascii?Q?2hzHe+eYmaCVDoqsn0u5/VOf?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: marvell.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO6PR18MB4484.namprd18.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 331ab412-3f4f-4c70-b8be-08d96eedf10d X-MS-Exchange-CrossTenant-originalarrivaltime: 03 Sep 2021 15:17:27.8934 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: uHMxdPwOIiC4dFws0UbT0fW0ytU2nvaGVMWzQu45W+RFfg5cYUlBnMPxY9gTVMFx/ZNQNbo2/tkCW08VqKnopA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1PR18MB4777 X-Proofpoint-GUID: arwBruu9Eym7Hoo1Sn4-YvTm5MKBluVb X-Proofpoint-ORIG-GUID: arwBruu9Eym7Hoo1Sn4-YvTm5MKBluVb X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-09-03_05,2021-09-03_01,2020-04-07_01 Subject: Re: [dpdk-dev] [PATCH 2/4] cryptodev: promote asym APIs to stable X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Hi Arek, Do you think all the asym APIs are not eligible for promoting it to stable = APIs? I haven't seen any changes for quite some time and we cannot have it experi= mental Forever. The APIs which you think are expected to change, we can leave them as exper= imental And mark the others as stable. Can you post a patch for it? I will drop it from my series. Also, could you review the other patches in the series as well. Regards, Akhil > Hi Akhil, >=20 > I am not sure if this API is ready to be stable so I will add few comment= s here: >=20 > RSA: > rte_crypto_param message; > ... > * - to be signed for RSA sign generation. >=20 > If this message is plaintext, then in case of: > 1) PKCS1_1.5 padding: > Standard defines data to be signed as DER encoded struct of digestAlgorit= hm > + digest > (few exceptions I am aware of were TLS prior to 1.2 or IKE version 1) > - There is no field to specify that, even if PMD would be correctly > implemented it still would lack information about hash aglorithm. > - Currently what openssl pmd for example is doing is RSA_private_encrypt > which omits this step (https://www.openssl.org/docs/man1.1.1/man3/RSA_pri= vate_encrypt.html - mentions this). > 2) PADDING_NONE: > I cannot find what user is supposed to do in this case, and I think it ma= y be > quite common option for hw due to reliance on strong CSPRNG for PSS or > OAEP. >=20 > DSA: > struct rte_crypto_dsa_op_param { > ... > There is no 'k' parameter? I though I have added it, how hw with no CSRNG > should work with DSA? >=20 > For ECDSA private key is in Op, for DSA is in xform. Where this inconsist= ency > comes from? >=20 > /**< x: Private key of the signer in octet-string network > * byte order format. > * Used when app has pre-defined private key. > * Valid only when xform chain is DSA ONLY. > * if xform chain is DH private key generate + DSA, then DSA sign > * compute will use internally generated key. >=20 > And this one I cannot understand, there is DH and DSA in one line plus se= ems > that private dsa key would be generated and used in the same operation. > We want to create self-signed certificate here on the fly or something? >=20 > RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE, > /**< DH Private Key generation operation */ >=20 > This is another interesting part (similar to 'k' in (EC)DSA, PSS, QAEO in= RSA), > there was no any type of hw random number generation concept for > symmetric crypto (i.e. salt, IV, nonce) and here we have > standalone Diffie Hellman private key generator. > And since it is no crypto computation but random number generation, > maybe there should be another module to handle CSRNG or we could > register randomness > source into cryptodev, like callback? Another option would be to predefin= e > randomness source per device like (i.e. x86 RDRAND, /dev/random) for user > to decide. >=20 > Additionally there is DH op but there is no ECDH (I know there is ECPM, b= ut > the same way there is MODEXP which creates another inconsistency). > Optionally we can extend DH API to work with EC? > EDDSA, EDDH needs to be implemented soon too. >=20 > Regards, > Arek