From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 8E003A0553; Thu, 26 May 2022 14:54:28 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2F24E40151; Thu, 26 May 2022 14:54:28 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 379DB40150 for ; Thu, 26 May 2022 14:54:26 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 24Q9AUaS023391; Thu, 26 May 2022 05:54:25 -0700 Received: from nam12-bn8-obe.outbound.protection.outlook.com (mail-bn8nam12lp2173.outbound.protection.outlook.com [104.47.55.173]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3g93ty8s57-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 26 May 2022 05:54:25 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NM+6oZ9dEds62hyzimSzVEdzqeT4iQ4LIwl0MkLQM2fZYqtqOIgIaCDqnAemBuO1brhwO7klvo/xe/2ZjOLtaGCnj808gDDEZZ5yPCcdepwrerrUQ9RJYK7HI5D9sni2VevqslLu47ECmrECpD2PeSbSxGWhtmtKKFenWjAwxyE4pXaAkwz1z1caBlqCag4yhWOYpj39no0KKT7U6cJb3L1qw/93l7w9uhWYX43QMUWleA+lmBKfnKOq2CqGv1npP/dAQb8Rn2AabuSXcD2EOCVviN0oJjUFxzFdgaVHPtncHcN9Gx/zRlVEzx8xSQqtxqweE13Z4kDIc+BrTafXRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=h/XSyxQXsO9bFOLJkweNFK3swv9tNY/0YDRa6FTgsqs=; b=MSMyBxzhaicwJEbtIYMwQjOgT/lUvNGX2GsAAlSgRrGA/LOB4Ds8uUr3LpNKSGco7rPOGcP+hflQUdoImqsIFWeuzZx/ApbJPEVFtVkgmIxlN9qqeAJ8XKWXdvGwQF9itmpt85vIFWp+FCWVnLTQKdO0C+I0AZn8SNSqo3/pGiZp/dpHRjMSy71ZPrpjqIOAXmufH0U499O7RBF2ZCfqRtbBnM0nr8qqRwPT2FiiNXciBR1D+fsuD0k7gJ1+8GWcwVipxPuvJYZ0q5/N8aLLydDvyM0QZRIiIRbCmieXN8a7TFGe3kfc+YGo9dKgy3USoOqsv/P8UoujlGSftlGq5w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=h/XSyxQXsO9bFOLJkweNFK3swv9tNY/0YDRa6FTgsqs=; b=T9k/eWjbGE2QYD5zIt5c/15SlR/99LrObqvVl4qkMXKjqgawJr/CicxJz5pceXPlgb7HSG0QtPGRHJhjcCx6iAfK8mncVXdu/YIQlsGAVMQXohpi51GhLOaN6Nx3PfzESPQhk1khWNxcWsPA1285GgFivJcp92KwELZkMNykrdE= Received: from CO6PR18MB4484.namprd18.prod.outlook.com (2603:10b6:5:359::9) by CH2PR18MB3318.namprd18.prod.outlook.com (2603:10b6:610:28::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5293.13; Thu, 26 May 2022 12:54:22 +0000 Received: from CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::f154:453d:893:f6ce]) by CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::f154:453d:893:f6ce%7]) with mapi id 15.20.5293.013; Thu, 26 May 2022 12:54:22 +0000 From: Akhil Goyal To: Arek Kusztal , "dev@dpdk.org" CC: "roy.fan.zhang@intel.com" Subject: RE: [EXT] [PATCH v2 14/14] cryptodev: add asym algorithms capabilities Thread-Topic: [EXT] [PATCH v2 14/14] cryptodev: add asym algorithms capabilities Thread-Index: AQHYcFnJIe4sljBnE02TS+KvuyyYmK0xEg/w Date: Thu, 26 May 2022 12:54:22 +0000 Message-ID: References: <20220525155324.9288-1-arkadiuszx.kusztal@intel.com> <20220525155324.9288-15-arkadiuszx.kusztal@intel.com> In-Reply-To: <20220525155324.9288-15-arkadiuszx.kusztal@intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 5331cf27-e67d-41e0-9bbb-08da3f16db06 x-ms-traffictypediagnostic: CH2PR18MB3318:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 47exHzMMmDPJ4ANLAp5DiDtEf7AiXWa3D59YR+Nfy6DYCW/r7fHk9mbDo1eJ6SsVpQ+gIAPVq0QwRrXzKqK5uul4qbNSqaf2MoxG53C6bbPv9DP1a20o0CA+7iSp6Ci2MX9geO+oUstAcHKGqCSbnAvJlGKnt7q/X+p1K6uq8uW0AratywOKwmobx/d2SO67A6RExBywL5uIRwvrE5p3kr/VQDss3q/UFXdig2aEMDBOQ+PSWpCoyTKNFCxzDcx/US2cwIX+qGhJU5w4bieF6uQZfUwtHYR6mLKMRdCfVSoYr5TiPTI7HYblh4vt1H/tDBybYTbPj7mfT5V2DZcIPUOCkXrMn5zmUmSoUlkuKhXxnmqt2GS6N9SN4rmK0kL3Rpsx4UodKeIaAsYKOFSTWmlHYVKGUDl9mvP9MUnkfGkatZ13zcFTU3QP352ar+uNHzRT+oMTp41V3WEC0jGD3oYgJ+gcbP3UR2V985w5N+Rukgw1F6FyokhH3Lyya09A6bg+8CVeg7hqSS3K8z9GZtPVia3gJGxapAbfkBaN7y0MQ4/x/PfKclsERprawrdipHt0lwAqp4IKxgevjHBim2hB6mV1F5JgqMCWPRzvSOwYackqGBXxniHX/YC7bMONPV/THd7ij7cG6SEcWepQ/K7uFa9s91IpWuvE2gCjZfhrL/zK5UnGjGcyzhl9aYczGkmG5KyB6iFda6lgRulYRw== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO6PR18MB4484.namprd18.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(71200400001)(86362001)(7696005)(186003)(66446008)(52536014)(316002)(55016003)(6506007)(38070700005)(38100700002)(26005)(55236004)(83380400001)(33656002)(9686003)(64756008)(508600001)(76116006)(66556008)(4326008)(8676002)(2906002)(122000001)(66946007)(110136005)(8936002)(5660300002)(30864003)(66476007)(579004)(559001); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?R8IcAka84xTVFcpAe0+gDXDjelVWIJ8g2kc2IknMdA69KpadpZ7LTLDFKGyp?= =?us-ascii?Q?UDn10kq6/KYishQiLLt7jzcTNF0q4BAtQXHqvDCey5KQkXysmY5l7cKwAGnd?= =?us-ascii?Q?eLRZLZm2cIm9Jp5GlV5Vrv4NhzxTBPNVjDo86K06cy8oNNN3ZBmRb9j9FAP+?= =?us-ascii?Q?+esfZ1flumA2rN2aG9ocRD0GYvf3WjvVhm31Ow4cyKqJvXt5WTaKVOj7t4zC?= =?us-ascii?Q?+1sS96Zwown8HMWmdvixCPv+efnvXMOjAlc1Vqv45xChwVWMHiALOfdzktyW?= =?us-ascii?Q?qAX8Mxqk9yJopbVFWuIWSyK06slwqNg+dsdTYw66zF4ZD3DUs07caxk75wDr?= =?us-ascii?Q?QG1ixhUOYvSuy6dYKi/WYedeeodhNNjw1MT5YV+OJ3ievQxH+ZGt7HDL+ia6?= =?us-ascii?Q?kBYA5kDiH+n52PhrtAxRuIguwk7CE6lo3jHvWun63Sh0eu5fzHDphhyZCNjg?= =?us-ascii?Q?hytYqqSrNQW2qRyu1+m49cOoHg3aI3FUTCp6vzGiVeFR/8SZKCD1faH1CD5s?= =?us-ascii?Q?4hb8C6gGQ2+usLGhhYIx+U91WvIraz3JQ/eiq7wFeK/3FT/GnetYZHDEDnrt?= =?us-ascii?Q?+QzbHqfdLd5py8ZTt+eugt1KAbRT96d0nkJoUJMrZXTcMobXTQN/nPEzryDU?= =?us-ascii?Q?Nm5GGTSVChsKcsqjkYtEyqTA9aD9XX+dl42Y4hV48n9CyVQvftSuKy0OzubH?= =?us-ascii?Q?zghwbIo1JyUQxVy+a95pexeM7CMMPawR3PZw2iwm/iba0olHC5GB7DKcEd15?= =?us-ascii?Q?BeGuavxEALGPssXqJh6Vfk+RPHoj1yc+EnzJtz02it8++3wT2pRvPPUwjwy0?= =?us-ascii?Q?ktSm8eQUJgpHkwk3Cq/f/enf0CUCynDzZAO+SEemhQ5783Xa0tYjh4JE4u2F?= =?us-ascii?Q?dexBjFvZigewvBEFQTY6zdKmBc7OaZAJBSPPqvG80yVkMqRLLsJSo7otbtxk?= =?us-ascii?Q?ttv0+reRyUwRgsffpZCj9jWrazx9hoe1IikRClRCJWLoXRG36OlY8OKMqPRs?= =?us-ascii?Q?uH7Ff5wQOFRg30FZGqeAJftocJxszkiZfhVxVyafX4WDBeNP7+FhAsF531UK?= =?us-ascii?Q?NxQTYg3QRSwStEbnRkK7qPAiaH5NeifSIAmdrYI5f5qa96j1cTzTWduOmGSA?= =?us-ascii?Q?foof8uv2yok1u+9Ig8ZceiHjih6LhORQmNT3vTAxDpeddYtqSSaocgYcT3cV?= =?us-ascii?Q?Ts7by4PiSETn0prHxcMzKTSw0XSST7mIT2L50s3N0okIeDMp+PUCMQlEh9qM?= =?us-ascii?Q?5r+WsexSamFWfFFCw+bDy5ZHNknZdHVA/ZciZ1J4ZZiLx2/P8IntOE8a279Z?= =?us-ascii?Q?I2Fjzw/Ec+3CKUc+jrrUGjmc8r9SKig7DFQXD2VYiSH6StqPJSL3iVHiEV89?= =?us-ascii?Q?86JGKR6ULW1Yl5Va/nCVDCsJKoqq9Tk3hW+T8gSvIBmCIUkDrBmG0ZSlqfvU?= =?us-ascii?Q?h+Xj5lSlpdlojkMJ+kt06M3LIVdfX7RIMOHnHNdrPMm716rHjw0zx8D0A0Fx?= =?us-ascii?Q?yY4b/nQPmXH25ayLxy8rhPF0Zu4QZG6ITypnjIfHK7SpLqeo2ZXqyEgSEqM7?= =?us-ascii?Q?KqgTjpZGPuNXDnC+tuoN7y6TpGPZf6NqpFmsJd4zcKF1Aq3zwN9FjGU0b+lg?= =?us-ascii?Q?w6OW5fJHzlkBmYQ6vXcWEQqGHCUsF+KDRFApiOn0G1uW9rh5hNRRtfF21tSD?= =?us-ascii?Q?Xc8d1sutomMHb+Ni2COJBWeLRYURg524cW19mGxUn7my0Njqg2eD50ArQkz3?= =?us-ascii?Q?b+6e56ux5g=3D=3D?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: marvell.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO6PR18MB4484.namprd18.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5331cf27-e67d-41e0-9bbb-08da3f16db06 X-MS-Exchange-CrossTenant-originalarrivaltime: 26 May 2022 12:54:22.2664 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: w05O5pfnT3bRK/BOvuAtDiLXFmZQa8kXazVCgnzaZxr8tcG548v+nVwmd77Xv/RGsSfi72dmdppRRykvjuYxEA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR18MB3318 X-Proofpoint-GUID: QmyIeF0N14CPT2sGiujr5y-Kb5gYvAJK X-Proofpoint-ORIG-GUID: QmyIeF0N14CPT2sGiujr5y-Kb5gYvAJK X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-05-26_07,2022-05-25_02,2022-02-23_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org > - Added asymmetric crypto algorithm specific capability struct. > Included fields like random number capability, padding flags etc. >=20 > Signed-off-by: Arek Kusztal > --- > app/test-crypto-perf/main.c | 12 +- > app/test-eventdev/test_perf_common.c | 2 +- > app/test/test_cryptodev_asym.c | 210 +++++++++++++++++++++= ------ > app/test/test_event_crypto_adapter.c | 16 +- > drivers/crypto/openssl/rte_openssl_pmd_ops.c | 128 +++++++--------- > drivers/crypto/qat/dev/qat_asym_pmd_gen1.c | 68 +++++++-- > lib/cryptodev/rte_crypto_asym.h | 48 ++++++ > lib/cryptodev/rte_cryptodev.c | 80 +++++++++- > lib/cryptodev/rte_cryptodev.h | 75 +++++++++- > lib/cryptodev/version.map | 4 + > 10 files changed, 495 insertions(+), 148 deletions(-) This would also need a change in documentation. >=20 > diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c > index 17e30a8e74..f8a4c9cdcf 100644 > --- a/app/test-crypto-perf/main.c > +++ b/app/test-crypto-perf/main.c > @@ -364,8 +364,8 @@ cperf_verify_devices_capabilities(struct cperf_option= s > *opts, > struct rte_cryptodev_sym_capability_idx cap_idx; > const struct rte_cryptodev_symmetric_capability *capability; > struct rte_cryptodev_asym_capability_idx asym_cap_idx; > - const struct rte_cryptodev_asymmetric_xform_capability > *asym_capability; > - > + const struct rte_cryptodev_asymmetric_capability *asym_capability; > + struct rte_crypto_mod_capability mod_capa =3D {0}; >=20 > uint8_t i, cdev_id; > int ret; > @@ -381,11 +381,11 @@ cperf_verify_devices_capabilities(struct > cperf_options *opts, > if (asym_capability =3D=3D NULL) > return -1; >=20 > - ret =3D > rte_cryptodev_asym_xform_capability_check_modlen( > - asym_capability, opts->modex_data- > >modulus.len); > - if (ret !=3D 0) > + mod_capa.max_mod_size =3D opts->modex_data- > >modulus.len; > + ret =3D rte_cryptodev_capa_check_mod(asym_capability, > + mod_capa); > + if (ret =3D=3D 0) > return ret; > - > } >=20 > if (opts->op_type =3D=3D CPERF_AUTH_ONLY || > diff --git a/app/test-eventdev/test_perf_common.c b/app/test- > eventdev/test_perf_common.c > index b41785492e..ac8e6410ab 100644 > --- a/app/test-eventdev/test_perf_common.c > +++ b/app/test-eventdev/test_perf_common.c > @@ -846,7 +846,7 @@ cryptodev_sym_sess_create(struct prod_data *p, struct > test_perf *t) > static void * > cryptodev_asym_sess_create(struct prod_data *p, struct test_perf *t) > { > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > + const struct rte_cryptodev_asymmetric_capability *capability; > struct rte_cryptodev_asym_capability_idx cap_idx; > struct rte_crypto_asym_xform xform; > void *sess; > diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asy= m.c > index 072dbb30f4..c531265642 100644 > --- a/app/test/test_cryptodev_asym.c > +++ b/app/test/test_cryptodev_asym.c > @@ -311,10 +311,11 @@ test_cryptodev_asym_op(struct > crypto_testsuite_params_asym *ts_params, > struct rte_crypto_asym_xform xform_tc; > void *sess =3D NULL; > struct rte_cryptodev_asym_capability_idx cap_idx; > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > + const struct rte_cryptodev_asymmetric_capability *capability; > uint8_t dev_id =3D ts_params->valid_devs[0]; > uint8_t input[TEST_DATA_SIZE] =3D {0}; > uint8_t *result =3D NULL; > + struct rte_crypto_mod_capability mod_capa =3D {0}; >=20 > int ret, status =3D TEST_SUCCESS; >=20 > @@ -358,8 +359,10 @@ test_cryptodev_asym_op(struct > crypto_testsuite_params_asym *ts_params, > asym_op->modex.base.length =3D data_tc->modex.base.len; > asym_op->modex.result.data =3D result; > asym_op->modex.result.length =3D data_tc->modex.result_len; > - if > (rte_cryptodev_asym_xform_capability_check_modlen(capability, > - xform_tc.modex.modulus.length)) { > + > + mod_capa.max_mod_size =3D xform_tc.modex.modulus.length; > + if (!rte_cryptodev_capa_check_mod(capability, > + mod_capa)) { > snprintf(test_msg, ASYM_TEST_MSG_LEN, > "line %u " > "FAILED: %s", __LINE__, > @@ -378,8 +381,10 @@ test_cryptodev_asym_op(struct > crypto_testsuite_params_asym *ts_params, > asym_op->modinv.base.length =3D data_tc->modinv.base.len; > asym_op->modinv.result.data =3D result; > asym_op->modinv.result.length =3D data_tc->modinv.result_len; > - if > (rte_cryptodev_asym_xform_capability_check_modlen(capability, > - xform_tc.modinv.modulus.length)) { > + > + mod_capa.max_mod_size =3D xform_tc.modinv.modulus.length; > + if (!rte_cryptodev_capa_check_mod(capability, > + mod_capa)) { > snprintf(test_msg, ASYM_TEST_MSG_LEN, > "line %u " > "FAILED: %s", __LINE__, > @@ -963,38 +968,100 @@ ut_teardown_asym(void) > rte_cryptodev_stop(ts_params->valid_devs[0]); > } >=20 > -static inline void print_asym_capa( > - const struct rte_cryptodev_asymmetric_xform_capability > *capa) > +static void > +print_rsa_capability( > + const struct rte_cryptodev_asymmetric_capability *capa) > { > int i =3D 0; >=20 > + printf("\nSupported paddings:"); > + for (; i < 32; i++) { > + if (capa->rsa.padding & RTE_BIT32(i)) > + printf("\n - %s", rte_crypto_asym_rsa_padding[i]); > + } > + printf("\nSupported hash functions:"); > + for (i =3D 0; i < 32; i++) { > + if (capa->rsa.hash & RTE_BIT32(i)) > + printf("\n - %s", rte_crypto_auth_algorithm_strings[i]); > + } > + printf("\nMaximum key size: "); > + if (capa->rsa.max_key_size =3D=3D 0) > + printf("Unlimited"); > + else > + printf("%hu", capa->rsa.max_key_size); > +} > + > +static void > +print_supported_curves(uint64_t curves) > +{ > + int i =3D 0; > + > + printf("\nSupported elliptic curves:"); > + for (; i < 64; i++) { > + if (curves & RTE_BIT64(i)) > + printf("\n - %s", rte_crypto_curves_strings[i]); > + } > +} > + > +static inline void print_asym_capa( > + const struct rte_cryptodev_asymmetric_capability *capa) > +{ > printf("\nxform type: %s\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D\n", > rte_crypto_asym_xform_strings[capa->xform_type]); > - printf("operation supported -"); >=20 > - for (i =3D 0; i < RTE_CRYPTO_ASYM_OP_LIST_END; i++) { > - /* check supported operations */ > - if (rte_cryptodev_asym_xform_capability_check_optype(capa, > i)) > - printf(" %s", > - rte_crypto_asym_op_strings[i]); > - } > - switch (capa->xform_type) { > - case RTE_CRYPTO_ASYM_XFORM_RSA: > - case RTE_CRYPTO_ASYM_XFORM_MODINV: > - case RTE_CRYPTO_ASYM_XFORM_MODEX: > - case RTE_CRYPTO_ASYM_XFORM_DH: > - case RTE_CRYPTO_ASYM_XFORM_DSA: > - printf(" modlen: min %d max %d increment %d", > - capa->modlen.min, > - capa->modlen.max, > - capa->modlen.increment); > + switch (capa->xform_type) { > + case RTE_CRYPTO_ASYM_XFORM_MODEX: > + case RTE_CRYPTO_ASYM_XFORM_MODINV: > + printf("Maximum size of modulus: "); > + if (capa->mod.max_mod_size =3D=3D 0) > + printf("Unlimited"); > + else > + printf("%hu", capa->mod.max_mod_size); > break; > - case RTE_CRYPTO_ASYM_XFORM_ECDSA: > - case RTE_CRYPTO_ASYM_XFORM_ECPM: > - default: > - break; > - } > - printf("\n"); > + case RTE_CRYPTO_ASYM_XFORM_RSA: > + print_rsa_capability(capa); > + break; > + case RTE_CRYPTO_ASYM_XFORM_DH: ECDH?? I hope it will be added once it is tested in this app. > + printf("Maximum group size: "); > + if (capa->dh.max_group_size =3D=3D 0) > + printf("Unlimited"); > + else > + printf("%hu", capa->dh.max_group_size); > + printf("\nSupport for private key generation: "); > + if (capa->dh.priv_key_gen) > + printf("Yes"); > + else > + printf("No"); > + break; > + case RTE_CRYPTO_ASYM_XFORM_DSA: > + printf("Maximum key size: "); > + if (capa->dsa.max_key_size =3D=3D 0) > + printf("Unlimited"); > + else > + printf("%hu", capa->dsa.max_key_size); > + printf("\nSupport for random 'k' generation: "); > + if (capa->dsa.random_k) > + printf("Yes"); > + else > + printf("No"); > + break; > + > + break; > + case RTE_CRYPTO_ASYM_XFORM_ECDSA: > + print_supported_curves(capa->ecdsa.curves); > + printf("\nSupport for random 'k' generation: "); > + if (capa->ecdsa.random_k) > + printf("Yes"); > + else > + printf("No"); > + break; > + case RTE_CRYPTO_ASYM_XFORM_ECPM: > + print_supported_curves(capa->ecpm.curves); > + break; > + default: > + break; > + } > + printf("\n"); > } >=20 > static int > @@ -1006,7 +1073,7 @@ test_capability(void) > const struct rte_cryptodev_capabilities *dev_capa; > int i =3D 0; > struct rte_cryptodev_asym_capability_idx idx; > - const struct rte_cryptodev_asymmetric_xform_capability *capa; > + const struct rte_cryptodev_asymmetric_capability *capa; >=20 > rte_cryptodev_info_get(dev_id, &dev_info); > if (!(dev_info.feature_flags & > @@ -1023,7 +1090,7 @@ test_capability(void) > dev_capa =3D &(dev_info.capabilities[i]); > if (dev_info.capabilities[i].op =3D=3D > RTE_CRYPTO_OP_TYPE_ASYMMETRIC) { > - idx.type =3D dev_capa->asym.xform_capa.xform_type; > + idx.type =3D dev_capa->asym.xform_type; >=20 > capa =3D rte_cryptodev_asym_capability_get(dev_id, > (const struct > @@ -1386,10 +1453,11 @@ test_mod_inv(void) > void *sess =3D NULL; > int status =3D TEST_SUCCESS; > struct rte_cryptodev_asym_capability_idx cap_idx; > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > + const struct rte_cryptodev_asymmetric_capability *capability; > uint8_t input[TEST_DATA_SIZE] =3D {0}; > int ret =3D 0; > uint8_t result[sizeof(mod_p)] =3D { 0 }; > + struct rte_crypto_mod_capability mod_capa =3D {0}; >=20 > if (rte_cryptodev_asym_get_xform_enum( > &modinv_xform.xform_type, "modinv") < 0) { > @@ -1408,13 +1476,11 @@ test_mod_inv(void) > return TEST_SKIPPED; > } >=20 > - if (rte_cryptodev_asym_xform_capability_check_modlen( > - capability, > - modinv_xform.modinv.modulus.length)) { > - RTE_LOG(ERR, USER1, > - "Invalid MODULUS length specified\n"); > - return TEST_SKIPPED; > - } > + mod_capa.max_mod_size =3D modinv_xform.modinv.modulus.length; > + if (!rte_cryptodev_capa_check_mod(capability, mod_capa)) { > + RTE_LOG(ERR, USER1, "Invalid MODULUS length specified\n"); > + return TEST_SKIPPED; > + } >=20 > ret =3D rte_cryptodev_asym_session_create(dev_id, &modinv_xform, > sess_mpool, &sess); > if (ret < 0) { > @@ -1499,7 +1565,8 @@ test_mod_exp(void) > void *sess =3D NULL; > int status =3D TEST_SUCCESS; > struct rte_cryptodev_asym_capability_idx cap_idx; > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > + const struct rte_cryptodev_asymmetric_capability *capability; > + struct rte_crypto_mod_capability mod_capa =3D {0}; > uint8_t input[TEST_DATA_SIZE] =3D {0}; > int ret =3D 0; > uint8_t result[sizeof(mod_p)] =3D { 0 }; > @@ -1522,12 +1589,11 @@ test_mod_exp(void) > return TEST_SKIPPED; > } >=20 > - if (rte_cryptodev_asym_xform_capability_check_modlen( > - capability, modex_xform.modex.modulus.length)) { > - RTE_LOG(ERR, USER1, > - "Invalid MODULUS length specified\n"); > - return TEST_SKIPPED; > - } > + mod_capa.max_mod_size =3D modex_xform.modex.modulus.length; > + if (!rte_cryptodev_capa_check_mod(capability, mod_capa)) { > + RTE_LOG(ERR, USER1, "Invalid MODULUS length specified\n"); > + return TEST_SKIPPED; > + } >=20 > /* Create op, create session, and process packets. 8< */ > op =3D rte_crypto_op_alloc(op_mpool, > RTE_CRYPTO_OP_TYPE_ASYMMETRIC); > @@ -1785,6 +1851,8 @@ test_ecdsa_sign_verify(enum curve curve_id) > struct rte_crypto_asym_xform xform; > struct rte_crypto_asym_op *asym_op; > struct rte_cryptodev_info dev_info; > + struct rte_cryptodev_asym_capability_idx idx; > + const struct rte_cryptodev_asymmetric_capability *capabilities; > struct rte_crypto_op *op =3D NULL; > int ret, status =3D TEST_SUCCESS; >=20 > @@ -1814,6 +1882,25 @@ test_ecdsa_sign_verify(enum curve curve_id) >=20 > rte_cryptodev_info_get(dev_id, &dev_info); >=20 > + struct rte_crypto_ecdsa_capability capa =3D { > + .curves =3D RTE_BIT32(input_params.curve), > + .random_k =3D 0 > + }; > + > + idx.type =3D RTE_CRYPTO_ASYM_XFORM_ECDSA; > + capabilities =3D rte_cryptodev_asym_capability_get(dev_id, > + (const struct > + rte_cryptodev_asym_capability_idx *) &idx); > + > + if (capabilities =3D=3D NULL) { > + status =3D TEST_SKIPPED; > + goto exit; > + } > + if (!rte_cryptodev_capa_check_ecdsa(capabilities, capa)) { > + status =3D TEST_SKIPPED; > + goto exit; > + } > + > /* Setup crypto op data structure */ > op =3D rte_crypto_op_alloc(op_mpool, > RTE_CRYPTO_OP_TYPE_ASYMMETRIC); > if (op =3D=3D NULL) { > @@ -1962,6 +2049,8 @@ test_ecdsa_sign_verify_all_curve(void) > status =3D test_ecdsa_sign_verify(curve_id); > if (status =3D=3D TEST_SUCCESS) { > msg =3D "succeeded"; > + } else if (status =3D=3D TEST_SKIPPED) { > + continue; > } else { > msg =3D "failed"; > overall_status =3D status; > @@ -1987,6 +2076,8 @@ test_ecpm(enum curve curve_id) > struct rte_crypto_asym_xform xform; > struct rte_crypto_asym_op *asym_op; > struct rte_cryptodev_info dev_info; > + struct rte_cryptodev_asym_capability_idx idx; > + const struct rte_cryptodev_asymmetric_capability *capabilities; > struct rte_crypto_op *op =3D NULL; > int ret, status =3D TEST_SUCCESS; >=20 > @@ -2016,6 +2107,24 @@ test_ecpm(enum curve curve_id) >=20 > rte_cryptodev_info_get(dev_id, &dev_info); >=20 > + struct rte_crypto_ecdsa_capability capa =3D { > + .curves =3D RTE_BIT32(input_params.curve) > + }; > + > + idx.type =3D RTE_CRYPTO_ASYM_XFORM_ECPM; > + capabilities =3D rte_cryptodev_asym_capability_get(dev_id, > + (const struct > + rte_cryptodev_asym_capability_idx *) &idx); > + > + if (capabilities =3D=3D NULL) { > + status =3D TEST_SKIPPED; > + goto exit; > + } > + if (!rte_cryptodev_capa_check_ecdsa(capabilities, capa)) { > + status =3D TEST_SKIPPED; > + goto exit; > + } > + > /* Setup crypto op data structure */ > op =3D rte_crypto_op_alloc(op_mpool, > RTE_CRYPTO_OP_TYPE_ASYMMETRIC); > if (op =3D=3D NULL) { > @@ -2124,6 +2233,8 @@ test_ecpm_all_curve(void) > status =3D test_ecpm(curve_id); > if (status =3D=3D TEST_SUCCESS) { > msg =3D "succeeded"; > + } else if (status =3D=3D TEST_SKIPPED) { > + continue; > } else { > msg =3D "failed"; > overall_status =3D status; > @@ -2162,7 +2273,12 @@ static struct unit_test_suite > cryptodev_qat_asym_testsuite =3D { > .setup =3D testsuite_setup, > .teardown =3D testsuite_teardown, > .unit_test_cases =3D { > + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, > test_capability), > TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, > test_one_by_one), > + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, > + test_ecdsa_sign_verify_all_curve), > + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, > + test_ecpm_all_curve), > TEST_CASES_END() /**< NULL terminate unit test array */ > } > }; I think patch need to be split for adding test app changes. > diff --git a/app/test/test_event_crypto_adapter.c > b/app/test/test_event_crypto_adapter.c > index 2ecc7e2cea..9a62241371 100644 > --- a/app/test/test_event_crypto_adapter.c > +++ b/app/test/test_event_crypto_adapter.c > @@ -450,7 +450,7 @@ test_session_with_op_forward_mode(void) > static int > test_asym_op_forward_mode(uint8_t session_less) > { > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > + const struct rte_cryptodev_asymmetric_capability *capability; > struct rte_cryptodev_asym_capability_idx cap_idx; > struct rte_crypto_asym_xform xform_tc; > union rte_event_crypto_metadata m_data; > @@ -458,6 +458,7 @@ test_asym_op_forward_mode(uint8_t session_less) > struct rte_crypto_asym_op *asym_op; > struct rte_crypto_op *op; > uint8_t input[4096] =3D {0}; > + struct rte_crypto_mod_capability mod_capa =3D {0}; > uint8_t *result =3D NULL; > struct rte_event ev; > void *sess =3D NULL; > @@ -503,8 +504,9 @@ test_asym_op_forward_mode(uint8_t session_less) > asym_op->modex.base.length =3D modex_test_case.base.len; > asym_op->modex.result.data =3D result; > asym_op->modex.result.length =3D modex_test_case.result_len; > - if (rte_cryptodev_asym_xform_capability_check_modlen(capability, > - xform_tc.modex.modulus.length)) { > + > + mod_capa.max_mod_size =3D xform_tc.modex.modulus.length; > + if (!rte_cryptodev_capa_check_mod(capability, mod_capa)) { > RTE_LOG(INFO, USER1, > "line %u FAILED: %s", __LINE__, > "Invalid MODULUS length specified"); > @@ -784,7 +786,7 @@ test_session_with_op_new_mode(void) > static int > test_asym_op_new_mode(uint8_t session_less) > { > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > + const struct rte_cryptodev_asymmetric_capability *capability; > struct rte_cryptodev_asym_capability_idx cap_idx; > struct rte_crypto_asym_xform xform_tc; > union rte_event_crypto_metadata m_data; > @@ -792,6 +794,7 @@ test_asym_op_new_mode(uint8_t session_less) > struct rte_crypto_asym_op *asym_op; > struct rte_crypto_op *op; > uint8_t input[4096] =3D {0}; > + struct rte_crypto_mod_capability mod_capa =3D {0}; Can you move this above to maintain reverse Xmas tree? > uint8_t *result =3D NULL; > void *sess =3D NULL; > uint32_t cap; > @@ -835,8 +838,9 @@ test_asym_op_new_mode(uint8_t session_less) > asym_op->modex.base.length =3D modex_test_case.base.len; > asym_op->modex.result.data =3D result; > asym_op->modex.result.length =3D modex_test_case.result_len; > - if (rte_cryptodev_asym_xform_capability_check_modlen(capability, > - xform_tc.modex.modulus.length)) { > + > + mod_capa.max_mod_size =3D xform_tc.modex.modulus.length; > + if (!rte_cryptodev_capa_check_mod(capability, mod_capa)) { > RTE_LOG(INFO, USER1, > "line %u FAILED: %s", __LINE__, > "Invalid MODULUS length specified"); > diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c > b/drivers/crypto/openssl/rte_openssl_pmd_ops.c > index 16ec5e15eb..e734fc2a69 100644 > --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c > +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c > @@ -7,6 +7,7 @@ > #include > #include > #include > +#include >=20 > #include "openssl_pmd_private.h" > #include "compat.h" > @@ -470,103 +471,82 @@ static const struct rte_cryptodev_capabilities > openssl_pmd_capabilities[] =3D { > }, } > }, } > }, > - { /* RSA */ > + { /* Modular exponentiation */ > .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > {.asym =3D { > - .xform_capa =3D { > - .xform_type =3D > RTE_CRYPTO_ASYM_XFORM_RSA, > - .op_types =3D ((1 << > RTE_CRYPTO_ASYM_OP_SIGN) | > - (1 << RTE_CRYPTO_ASYM_OP_VERIFY) > | > - (1 << > RTE_CRYPTO_ASYM_OP_ENCRYPT) | > - (1 << > RTE_CRYPTO_ASYM_OP_DECRYPT)), > - { > - .modlen =3D { > - /* min length is based on openssl rsa keygen */ > - .min =3D 30, > - /* value 0 symbolizes no limit on max length */ > - .max =3D 0, > - .increment =3D 1 > - }, } > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_MODEX, > + .mod =3D { > + .max_mod_size =3D 0 > + } > } > - }, > } > }, > - { /* modexp */ > + { /* Modular multiplicative inverse */ > .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > {.asym =3D { > - .xform_capa =3D { > - .xform_type =3D > RTE_CRYPTO_ASYM_XFORM_MODEX, > - .op_types =3D 0, > - { > - .modlen =3D { > - /* value 0 symbolizes no limit on min length */ > - .min =3D 0, > - /* value 0 symbolizes no limit on max length */ > - .max =3D 0, > - .increment =3D 1 > - }, } > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_MODINV, > + .mod =3D { > + .max_mod_size =3D 0 > + } > } > - }, > } > }, > - { /* modinv */ > + { /* RSA */ > .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > {.asym =3D { > - .xform_capa =3D { > - .xform_type =3D > RTE_CRYPTO_ASYM_XFORM_MODINV, > - .op_types =3D 0, > - { > - .modlen =3D { > - /* value 0 symbolizes no limit on min length */ > - .min =3D 0, > - /* value 0 symbolizes no limit on max length */ > - .max =3D 0, > - .increment =3D 1 > - }, } > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_RSA, > + .rsa =3D { > + .padding =3D > + > RTE_BIT32(RTE_CRYPTO_RSA_PADDING_NONE) | > + > RTE_BIT32(RTE_CRYPTO_RSA_PADDING_PKCS1_5), > + .hash =3D > + RTE_BIT32(RTE_CRYPTO_AUTH_MD5) > | > + RTE_BIT32(RTE_CRYPTO_AUTH_SHA1) > | > + > RTE_BIT32(RTE_CRYPTO_AUTH_SHA224) | > + > RTE_BIT32(RTE_CRYPTO_AUTH_SHA256) | > + > RTE_BIT32(RTE_CRYPTO_AUTH_SHA384) | > + > RTE_BIT32(RTE_CRYPTO_AUTH_SHA512), > + .max_key_size =3D 0 > + } > } > - }, > } > }, > - { /* dh */ > + { /* Diffie-Hellman */ > .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > {.asym =3D { > - .xform_capa =3D { > - .xform_type =3D > RTE_CRYPTO_ASYM_XFORM_DH, > - .op_types =3D > - > ((1< - (1 << > RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE | > - (1 << > - > RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE))), > - { > - .modlen =3D { > - /* value 0 symbolizes no limit on min length */ > - .min =3D 0, > - /* value 0 symbolizes no limit on max length */ > - .max =3D 0, > - .increment =3D 1 > - }, } > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_DH, > + .dh =3D { > + .max_group_size =3D 0, > + .priv_key_gen =3D 1 > + } > } > - }, > } > }, > - { /* dsa */ > + { /* DSA */ > .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > {.asym =3D { > - .xform_capa =3D { > - .xform_type =3D > RTE_CRYPTO_ASYM_XFORM_DSA, > - .op_types =3D > - ((1< - (1 << RTE_CRYPTO_ASYM_OP_VERIFY)), > - { > - .modlen =3D { > - /* value 0 symbolizes no limit on min length */ > - .min =3D 0, > - /* value 0 symbolizes no limit on max length */ > - .max =3D 0, > - .increment =3D 1 > - }, } > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_DSA, > + .dsa =3D { > + .max_key_size =3D 0, > + .random_k =3D 1 > + } > + } > + } > + }, > + { /* ECDSA */ > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > + {.asym =3D { > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_ECDSA, > + .ecdsa =3D { > + .curves =3D > + > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP192R1) | > + > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP224R1) | > + > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP256R1) | > + > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP384R1) | > + > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP521R1), > + .random_k =3D 1 > + } > } > - }, > } > }, >=20 Do not combine PMD changes for capabilities in cryptodev patch for new APIs= . > diff --git a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c > b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c > index 4499fdaf2d..d5144bca84 100644 > --- a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c > +++ b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c > @@ -28,16 +28,64 @@ struct rte_cryptodev_ops qat_asym_crypto_ops_gen1 =3D > { > }; >=20 > static struct rte_cryptodev_capabilities qat_asym_crypto_caps_gen1[] =3D= { > - QAT_ASYM_CAP(MODEX, > - 0, 1, 512, 1), > - QAT_ASYM_CAP(MODINV, > - 0, 1, 512, 1), > - QAT_ASYM_CAP(RSA, > - ((1 << RTE_CRYPTO_ASYM_OP_SIGN) | > - (1 << RTE_CRYPTO_ASYM_OP_VERIFY) | > - (1 << RTE_CRYPTO_ASYM_OP_ENCRYPT) | > - (1 << RTE_CRYPTO_ASYM_OP_DECRYPT)), > - 64, 512, 64), > + { /* Modular exponentiation */ > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > + {.asym =3D { > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_MODEX, > + .mod =3D { > + .max_mod_size =3D 4096 > + } > + } > + } > + }, > + { /* Modular multiplicative inverse */ > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > + {.asym =3D { > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_MODINV, > + .mod =3D { > + .max_mod_size =3D 4096 > + } > + } > + } > + }, > + { /* RSA */ > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > + {.asym =3D { > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_RSA, > + .rsa =3D { > + .padding =3D > + > RTE_BIT32(RTE_CRYPTO_RSA_PADDING_NONE), > + .hash =3D 0, > + .max_key_size =3D 4096 > + } > + } > + } > + }, > + { /* ECDSA */ > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > + {.asym =3D { > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_ECDSA, > + .ecdsa =3D { > + .curves =3D > + > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP256R1) | > + > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP521R1), > + .random_k =3D 0 > + } > + } > + } > + }, > + { /* ECPM */ > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > + {.asym =3D { > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_ECPM, > + .ecdsa =3D { > + .curves =3D > + > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP256R1) | > + > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP521R1) > + } > + } > + } > + }, > RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() > }; >=20 > diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_a= sym.h > index d90a7a1957..41b22450d3 100644 > --- a/lib/cryptodev/rte_crypto_asym.h > +++ b/lib/cryptodev/rte_crypto_asym.h > @@ -41,6 +41,14 @@ rte_crypto_asym_ke_strings[]; > extern const char * > rte_crypto_asym_op_strings[]; >=20 > +/** RSA padding type name strings */ > +extern const char * > +rte_crypto_asym_rsa_padding[]; rte_crypto_asym_rsa_padding_strings > + > +/** Elliptic curves name strings */ > +extern const char * > +rte_crypto_curves_strings[]; > + > /** > * Buffer to hold crypto params required for asym operations. > * > @@ -265,6 +273,46 @@ struct rte_crypto_rsa_padding { > */ > }; >=20 > +struct rte_crypto_mod_capability { > + uint16_t max_mod_size; > + /**< Maximum supported modulus size in bytes, 0 means no limit */ > +}; > + > +struct rte_crypto_rsa_capability { > + uint32_t padding; > + /**< List of supported paddings */ How is this list supposed to work? I believe this should be enum to specify a single value. Driver can maintain a static array to list all supported ones. And application can query if a particular capability which it intend to use Is supported by the PMD. > + uint32_t hash; > + /**< List of supported hash functions */ Same comment here as well > + uint32_t max_key_size; > + /**< Maximum supported key size in bytes, 0 means no limit */ > +}; > + > +struct rte_crypto_dh_capability { > + uint16_t max_group_size; > + /**< Maximum group in bytes, 0 means no limit */ Maximum group size in bytes ... > + uint8_t priv_key_gen; > + /**< Does PMD supports private key generation generation */ Is it a flag? Please comment it properly. > +}; > + > +struct rte_crypto_dsa_capability { > + uint16_t max_key_size; > + /**< Maximum supported key size in bytes, 0 means no limit */ > + uint8_t random_k; > + /**< Does PMD supports random 'k' generation */ Comments should not ask questions. > +}; > + > +struct rte_crypto_ecdsa_capability { > + uint64_t curves; > + /**< Supported elliptic curve ids */ Shouldn't this also be enum? > + uint8_t random_k; > + /**< Does PMD supports random 'k' generation */ Same comment as above. > +}; > + > +struct rte_crypto_ecpm_capability { > + uint64_t curves; > + /**< Supported elliptic curve ids */ Enum?? > +}; > + > /** > * Asymmetric RSA transform data > * > diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.= c > index 57ee6b3f07..b1ad1112fe 100644 > --- a/lib/cryptodev/rte_cryptodev.c > +++ b/lib/cryptodev/rte_cryptodev.c > @@ -190,6 +190,27 @@ const char *rte_crypto_asym_ke_strings[] =3D { > }; >=20 > /** > + * RSA padding string identifiers > + */ > +const char *rte_crypto_asym_rsa_padding[] =3D { > + [RTE_CRYPTO_RSA_PADDING_NONE] =3D > "RTE_CRYPTO_RSA_PADDING_NONE", > + [RTE_CRYPTO_RSA_PADDING_PKCS1_5] =3D > "RTE_CRYPTO_RSA_PADDING_PKCS1_5", > + [RTE_CRYPTO_RSA_PADDING_OAEP] =3D > "RTE_CRYPTO_RSA_PADDING_OAEP", > + [RTE_CRYPTO_RSA_PADDING_PSS] =3D > "RTE_CRYPTO_RSA_PADDING_PSS" > +}; > + > +/** > + * Elliptic curves string identifiers > + */ > +const char *rte_crypto_curves_strings[] =3D { > + [RTE_CRYPTO_EC_GROUP_SECP192R1] =3D > "RTE_CRYPTO_EC_GROUP_SECP192R1", > + [RTE_CRYPTO_EC_GROUP_SECP224R1] =3D > "RTE_CRYPTO_EC_GROUP_SECP224R1", > + [RTE_CRYPTO_EC_GROUP_SECP256R1] =3D > "RTE_CRYPTO_EC_GROUP_SECP256R1", > + [RTE_CRYPTO_EC_GROUP_SECP384R1] =3D > "RTE_CRYPTO_EC_GROUP_SECP384R1", > + [RTE_CRYPTO_EC_GROUP_SECP521R1] =3D > "RTE_CRYPTO_EC_GROUP_SECP521R1", > +}; > + > +/** > * The private data structure stored in the sym session mempool private = data. > */ > struct rte_cryptodev_sym_session_pool_private_data { > @@ -347,7 +368,7 @@ param_range_check(uint16_t size, const struct > rte_crypto_param_range *range) > return -1; > } >=20 > -const struct rte_cryptodev_asymmetric_xform_capability * > +const struct rte_cryptodev_asymmetric_capability * > rte_cryptodev_asym_capability_get(uint8_t dev_id, > const struct rte_cryptodev_asym_capability_idx *idx) > { > @@ -363,8 +384,8 @@ rte_cryptodev_asym_capability_get(uint8_t dev_id, > if (capability->op !=3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC) > continue; >=20 > - if (capability->asym.xform_capa.xform_type =3D=3D idx->type) > - return &capability->asym.xform_capa; > + if (capability->asym.xform_type =3D=3D idx->type) > + return &capability->asym; > } > return NULL; > }; > @@ -456,6 +477,59 @@ rte_cryptodev_asym_xform_capability_check_modlen( > return 0; > } >=20 > +int > +rte_cryptodev_capa_check_mod( API name should be rte_cryptodev_mod_capa_check Verb should come in the end. Fix other APIs also. > + const struct rte_cryptodev_asymmetric_capability *capa, > + struct rte_crypto_mod_capability mod) > +{ > + if (capa->mod.max_mod_size =3D=3D 0) > + return 1; > + > + if (mod.max_mod_size <=3D capa->mod.max_mod_size) > + return 1; > + else > + return 0; > +} > + > +int > +rte_cryptodev_capa_check_rsa( > + const struct rte_cryptodev_asymmetric_capability *capa, > + struct rte_crypto_rsa_capability rsa) > +{ > + if (rsa.padding !=3D (capa->rsa.padding & rsa.padding)) > + return 0; > + if (rsa.hash !=3D (capa->rsa.hash & rsa.hash)) > + return 0; > + if (capa->rsa.max_key_size =3D=3D 0) > + return 1; > + if (rsa.max_key_size <=3D capa->rsa.max_key_size) > + return 1; > + else > + return 0; > +} Can we have something similar to symmetric crypto/rte_security capabilities= ? > + > +int > +rte_cryptodev_capa_check_ecdsa( > + const struct rte_cryptodev_asymmetric_capability *capa, > + struct rte_crypto_ecdsa_capability ecdsa) > +{ > + if (ecdsa.curves !=3D (capa->ecdsa.curves & ecdsa.curves)) > + return 0; > + if (ecdsa.random_k =3D=3D 1 && capa->ecdsa.random_k =3D=3D 0) > + return 0; > + return 1; > +} > + > +int > +rte_cryptodev_capa_check_ecpm( > + const struct rte_cryptodev_asymmetric_capability *capa, > + struct rte_crypto_ecpm_capability ecpm) > +{ > + if (ecpm.curves !=3D (capa->ecpm.curves & ecpm.curves)) > + return 0; > + return 1; > +} > + > /* spinlock for crypto device enq callbacks */ > static rte_spinlock_t rte_cryptodev_callback_lock =3D > RTE_SPINLOCK_INITIALIZER; >=20 > diff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.= h > index 2c2c2edeb7..6c5bd819b2 100644 > --- a/lib/cryptodev/rte_cryptodev.h > +++ b/lib/cryptodev/rte_cryptodev.h > @@ -184,6 +184,19 @@ struct rte_cryptodev_asymmetric_xform_capability { > * > */ > struct rte_cryptodev_asymmetric_capability { > + enum rte_crypto_asym_xform_type xform_type; > + /**< Asymmetric transform type */ > + uint32_t op_types; > + /**< bitmask for supported rte_crypto_asym_op_type */ > + union { > + struct rte_crypto_mod_capability mod; > + struct rte_crypto_rsa_capability rsa; > + struct rte_crypto_dh_capability dh; > + struct rte_crypto_dsa_capability dsa; > + struct rte_crypto_ecdsa_capability ecdsa; > + struct rte_crypto_ecpm_capability ecpm; > + }; > + > struct rte_cryptodev_asymmetric_xform_capability xform_capa; > }; >=20 > @@ -247,7 +260,7 @@ rte_cryptodev_sym_capability_get(uint8_t dev_id, > * - Return NULL if the capability not exist. > */ > __rte_experimental > -const struct rte_cryptodev_asymmetric_xform_capability * > +const struct rte_cryptodev_asymmetric_capability * > rte_cryptodev_asym_capability_get(uint8_t dev_id, > const struct rte_cryptodev_asym_capability_idx *idx); >=20 > @@ -339,6 +352,66 @@ rte_cryptodev_asym_xform_capability_check_modlen( > uint16_t modlen); >=20 > /** > + * Check if requested Modexp features are supported > + * > + * @param capability Description of the asymmetric crypto > capability. > + * @param mod Modexp requested capability. > + * > + * @return > + * - Return 1 if the parameters are in range of the capability. > + * - Return 0 if the parameters are out of range of the capability. > + */ > +__rte_experimental > +int > +rte_cryptodev_capa_check_mod( > + const struct rte_cryptodev_asymmetric_capability *capa, > + struct rte_crypto_mod_capability mod); > +/** > + * Check if requested RSA features are supported > + * > + * @param capability Description of the asymmetric crypto > capability. > + * @param rsa RSA requested capability. > + * > + * @return > + * - Return 1 if the parameters are in range of the capability. > + * - Return 0 if the parameters are out of range of the capability. > + */ > +__rte_experimental > +int > +rte_cryptodev_capa_check_rsa( > + const struct rte_cryptodev_asymmetric_capability *capa, > + struct rte_crypto_rsa_capability rsa); > +/** > + * Check if requested ECDSA features are supported > + * > + * @param capability Description of the asymmetric crypto > capability. > + * @param ecdsa ECDSA requested capability. > + * > + * @return > + * - Return 1 if the parameters are in range of the capability. > + * - Return 0 if the parameters are out of range of the capability. > + */ > +__rte_experimental > +int > +rte_cryptodev_capa_check_ecdsa( > + const struct rte_cryptodev_asymmetric_capability *capa, > + struct rte_crypto_ecdsa_capability ecdsa); > +/** > + * Check if requested ECPM features are supported > + * > + * @param capability Description of the asymmetric crypto > capability. > + * @param ecpm ECPM requested capability. > + * > + * @return > + * - Return 1 if the parameters are in range of the capability. > + * - Return 0 if the parameters are out of range of the capability. > + */ > +__rte_experimental > +int > +rte_cryptodev_capa_check_ecpm( > + const struct rte_cryptodev_asymmetric_capability *capa, > + struct rte_crypto_ecpm_capability ecpm); > +/** > * Provide the cipher algorithm enum, given an algorithm string > * > * @param algo_enum A pointer to the cipher algorithm > diff --git a/lib/cryptodev/version.map b/lib/cryptodev/version.map > index f0abfaa47d..4d93b9a947 100644 > --- a/lib/cryptodev/version.map > +++ b/lib/cryptodev/version.map > @@ -108,6 +108,10 @@ EXPERIMENTAL { >=20 > #added in 22.07 > rte_cryptodev_session_event_mdata_set; > + rte_cryptodev_capa_check_mod; > + rte_cryptodev_capa_check_rsa; > + rte_cryptodev_capa_check_ecdsa; > + rte_cryptodev_capa_check_ecpm; > }; >=20 > INTERNAL { > -- > 2.13.6