From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 37497A04A2; Fri, 17 Dec 2021 16:26:36 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id B9FE64013F; Fri, 17 Dec 2021 16:26:35 +0100 (CET) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mails.dpdk.org (Postfix) with ESMTP id 8435940040 for ; Fri, 17 Dec 2021 16:26:34 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1639754794; x=1671290794; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=uv9uQVtts08g+CfMI1uiK7d8bR7NHDi1rbDugg/JOAI=; b=oIw8NX2kAoO4l3NLRatUyQ7ODgaU/xJOZeRW1LEUjrJOVkpnsNLblUJf tiQ+lx0+MdBBBIOW1AeYRzHk4aCaaR4niMtKJ0cON2Rx08adMc16qpkz6 vDTezGMm1bePcTUauMyFJntszneWHEBIpjNCvZMSqPT+OPKvrtIkgXfVf XG62qTRnPnRtBef3kbMjMYGB0bmRuwwk7aoHbmKbibceM2LZRjhOikaKy GUOJeYBixhVEmhBS+vpR9XtGU13iA9W4iZHA83YVxrXOlUB28EfP1jvz/ OqqtyImjyHlYN9FPCed5SeW3qArBpdn4yAUUB2nraZ6dRnPUjt7UX38Zs g==; X-IronPort-AV: E=McAfee;i="6200,9189,10200"; a="237311541" X-IronPort-AV: E=Sophos;i="5.88,213,1635231600"; d="scan'208";a="237311541" Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Dec 2021 07:26:33 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,213,1635231600"; d="scan'208";a="506799049" Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by orsmga007.jf.intel.com with ESMTP; 17 Dec 2021 07:26:31 -0800 Received: from fmsmsx601.amr.corp.intel.com (10.18.126.81) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20; Fri, 17 Dec 2021 07:26:31 -0800 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.20 via Frontend Transport; Fri, 17 Dec 2021 07:26:31 -0800 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.171) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.20; Fri, 17 Dec 2021 07:26:31 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RQiEPiSFRYqIfbk/Wzk/KUGdi3jaRfc2ZCiDOpXuq7wWMgqVbRvpO8+tTVFXme1/1beXha0YJdvu5dsfR/loQYt3JqntPVlDYhO5TCoXZiSEAon5zLwChUqgG7XT8MJVLTcI/Whq9/+eZPKP7zlGY+4CugHlfeibEca4mxjZIikn5fBADgbEL0Ni4CFHMFJlOSaf/m6kvvTsYOTSBJNISIxU06JrLiT+/2YsWrva19zsztc/EcXXvb+MnElX5xI3JcJyCfMVhlOS33dvXzfsz3DrAsOUMNeSI33aqc0mHD/dC4hxf6wQV56zMbsD61Q50mLbX5UIs2lOgyowXYwxUA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xpXGM/vCb8wM19oCNTB0uToQQL1exVCz4NtQLVcEvFg=; b=N1HKcBSzKHFHweNua47CxwQ0HVdgD7LubGYVmNwsMceCffqL0U5Xe6qttMJNHZd9SmPiMC3Xhgezs54eMtOMv7D7Ub095CvEkL+PRwB9hqV0x3wrCklGiJzpoa4aAWbVOyNdppxrSSIP0ZCCnsMwBJnQgOHm5Np4sZe95BLHyRqyZsyt8iDMOiJVJxnVihumH0vGoiU25nT2/6KoJ2lK/kCVfBYXJl/TgvcxwdHjtcsUb8QsN7qhYCXk8vdmZIo3e5UNNWASlHU0nu6apE6eA4w5CEjsWrelGx+gAAnca+uleHrvhTQHduT/mPIDTW9/EC3yFXqUW1zvdZJn7ErloA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5013.namprd11.prod.outlook.com (2603:10b6:510:30::21) by PH0PR11MB5928.namprd11.prod.outlook.com (2603:10b6:510:144::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.15; Fri, 17 Dec 2021 15:26:29 +0000 Received: from PH0PR11MB5013.namprd11.prod.outlook.com ([fe80::119f:7b25:561b:1c72]) by PH0PR11MB5013.namprd11.prod.outlook.com ([fe80::119f:7b25:561b:1c72%6]) with mapi id 15.20.4778.019; Fri, 17 Dec 2021 15:26:29 +0000 From: "Kusztal, ArkadiuszX" To: Ramkumar Balu , Akhil Goyal , Anoob Joseph , "Zhang, Roy Fan" CC: "dev@dpdk.org" Subject: RE: [RFC] cryptodev: asymmetric crypto random number source Thread-Topic: [RFC] cryptodev: asymmetric crypto random number source Thread-Index: AdfoKBI9kOALuhClQZW5YQVgMKdrtQH0USEQAAHd3EAA1EOU0A== Date: Fri, 17 Dec 2021 15:26:29 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-reaction: no-action dlp-version: 11.6.200.16 dlp-product: dlpe-windows authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a6c1c4e0-332d-4d45-dcd8-08d9c171995c x-ms-traffictypediagnostic: PH0PR11MB5928:EE_ x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: eb72/oYCQ1y5G+wHl/eQeUPwKT3c5J+vH42fr1M/f/tN1c8jANzuq2ev2Haj0Lzh/Fh0GOfqw2k/gwz3hQrx0mPPDJFnxe2gX+73eoyDiaFmnvDOWnPmSmLLd+8R65E67XaZwgk2SFTqEuRsgrlkyKZ5UxTm8yi7Vguu7a9tPqhC1bwmYj/frKXQdqNnYdKVb9G0iuWoaniWj+3DSfhQMUDlMZQz/jA/YmcCmzdt946Lod0iSFdKWkscj6TAnHiavshfRfuH5UCMiLQoLTQ3kDUy5WJ5UzoBHIn0IrDudOAAERItILIRXFNekZO+LfDkmU7JZXjLjaJiBmZK4aRR8pMMYMYyM2TstyRZn16O8y34/6oQkAiNyMb9OCOKUNkIsjd2EWo+61R4kihNAQfqMrBPYW7uQCvqLSwwc7/ePHFpZaDBEUGsdAz4lJymoZhVpL+GcvoY00yaeToGZ0Pz4MmTqx30IUvhEiUik2H7Fqxp0JQjmcQUJYrvxswclYK2bKA4GmvTHWYbdpQBKXATsQ1UBe91olQIF9zUAogkUnCdY45f6W2hbXJeXWd9G3vCanSkHWZ2jXezYX7KYtTdY3RBszQxQeW7N2Ri9FzCS6Op0mdRdvAwp/MpgVkuNmqWCS8R4XNqtCLuhmckf2z2ksAFvzb7xy3yOGz06TjA6gHNiS+jcVigEdeMH/M4Od30OWmqZVFDmjB0P2qtWwuRrA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB5013.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(8936002)(186003)(5660300002)(66476007)(52536014)(4743002)(66946007)(2906002)(26005)(38070700005)(71200400001)(55016003)(66446008)(64756008)(76116006)(4326008)(66556008)(122000001)(83380400001)(82960400001)(53546011)(6506007)(110136005)(33656002)(38100700002)(8676002)(316002)(508600001)(86362001)(7696005)(9686003)(6636002); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?s6BsEetvbTrCVcw2v1h4ehxXPeBUW/KdVFuSLAOlt4D81s8BO0BEhFlmF/?= =?iso-8859-1?Q?ASxvJ1T3hTdEbz2sRooAYn06jcWTZ9g3jyVZYRcKISjnfegpQt2gAVRqfy?= =?iso-8859-1?Q?pxKTFTCSymufXKlYeGri9IDhAaWyHjpxFp87Uq8WJZDwlJtSBZ5uNPbLCd?= =?iso-8859-1?Q?g89NQvCxZ0fd7QJ/PvbHQGaJjX5lZtLMj1Fgw/q3XLQcHN94pc/3JnSFXO?= =?iso-8859-1?Q?QGFSv/YYDYNZxR9nAQbLjhIf0NafPnn03sD18aKhR87xG+b9WOyZiCAVnR?= =?iso-8859-1?Q?GfSnvyRhxm946bAXMH9nfBsKZTmN+/dwGx7LmUcXqB30bFCjrARxVgtZcD?= =?iso-8859-1?Q?e0IhLLAFdhHpIzZ4nxayNNMTFRovdmHBeBAelhOJkWZ9j0g3OJCHJNTlBu?= =?iso-8859-1?Q?Sv945lMAe0eaa+K+XqZk+mQflAwZNhHFdMWpaUjjtW4sgKVWxUzZSu3e6t?= =?iso-8859-1?Q?PdAfCyNs5DktWJcSVhmhjSNT7PulYMwGG8glBuGdEXGEp3pqu8skndSF45?= =?iso-8859-1?Q?2Xk5yKvCoUTzCaVGuJcMcwzURzJIQLZ4lXMxJyBEgfPrPWVwIaw8mvxzEu?= =?iso-8859-1?Q?gQ+d+m+gSEyAfsU9Ey2yL8aQHB8hClL2qtaWRMZxb6oJ/05Kc9+EsHoGWG?= =?iso-8859-1?Q?NQwnxAPYuvI2zumI0KjUv3zHAlM+fEPjiw1TNR0hp/3vD4wySXMvr8JYIn?= =?iso-8859-1?Q?Hphll03hvvkYavaMNl0YUvj9H8Lfi89LDfKd7A4/2A+V3ip5HhtRcDG1a2?= =?iso-8859-1?Q?kZ6/Vl7pjmNcphr17S99FCBdxXZFNTyMz4sdV8r+O857NQWbmvebcisAYF?= =?iso-8859-1?Q?eSPgPD4RMXCfZEKPAZmzLBu9e1kALkzfss/4vHZ3vl4FBjPFO5E3y4bB38?= =?iso-8859-1?Q?hgeHjea1QeyvscV6J+LjkZud+jjIsJ3QZqVFa/DoRLF9ndyoE3iztX9SdA?= =?iso-8859-1?Q?Vfu3NPT9Oukzp3F/yHOawKEn9UsqGC/C1zDdRD/mWstqBA9n3dUUyeqRyT?= =?iso-8859-1?Q?fMUjDfz8gPT65y+wryVIR8F/yjGcTjaY6xxZzLFms5A5nmayZMzZ5fm6zr?= =?iso-8859-1?Q?h7cavfsi/ezlx5kN2GWifATXL6BFPymLqR1sYoYEQ7auGlrLU0QdBUChoX?= =?iso-8859-1?Q?IFfPnQV3PQfcPN7vLEZDPMYoTu0o5Gy/9B7YoE4AhJxAHcvKK3CPaobmX6?= =?iso-8859-1?Q?dtKUyYX0pBbKj/AnrSxxaTOeNUJIpaECmbWEEgNf6FWYQW7aYFHc2KlYRc?= =?iso-8859-1?Q?k35iCjiyeBcTrLxaUFHjHeTyJZM71YgzpCtQpGTBTZUvo4/raqOMQX0Inp?= =?iso-8859-1?Q?iBaxQDpWOmaeBnrvxF09sK1hhV0hqL/Nwz4wrv7lpv1u9i2kb/oQF7BgeG?= =?iso-8859-1?Q?4Pyw/Y89Lrk90oOaB4HeUXkl6c/opY5ymqk07a6Ouf7Adux0L8nQOCtfbd?= =?iso-8859-1?Q?cv2Wk9O3ciWkIILD9t+NBkfdFkPjPrhWBNg/2GGYGhWmv2dAGdjk1bdDEg?= =?iso-8859-1?Q?60DC1/0c0njmtscLlGPSMl6CzNfMxV2Nco5QY7cLVUGAWfyijr3gRwpujJ?= =?iso-8859-1?Q?QoGChjQ/kh7DIVd+9ur8AFf3Apyo6HFIL5A3VsH/rvTSUMnQvFgTvI0ruv?= =?iso-8859-1?Q?fXwpO/akwfqRWwX8oWOJU1kisF7aKngL0OWTKn5MbPP7fQ5d70RJEeDi/b?= =?iso-8859-1?Q?qS5xSptBlm/xKoMXonwOFOoaKWc3e6eAIGnX66V3SsHF0Uhp8JmuFW+i0x?= =?iso-8859-1?Q?k9/Q=3D=3D?= Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5013.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: a6c1c4e0-332d-4d45-dcd8-08d9c171995c X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Dec 2021 15:26:29.6448 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: v6fyt9A7Xxl3vXwAmaDU8Y1uBz7QbpeBb+QxGLO9x0h4gp5EiPyxW7lE68PJclIbzbg552qjQrylQ8tgJDd5y0ZcYmmMK8P7X8Ix4V8cLeM= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5928 X-OriginatorOrg: intel.com X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org > -----Original Message----- > From: Ramkumar Balu > Sent: Monday, December 13, 2021 10:27 AM > To: Akhil Goyal ; Kusztal, ArkadiuszX > ; Anoob Joseph ; Zhang, > Roy Fan > Cc: dev@dpdk.org > Subject: RE: [RFC] cryptodev: asymmetric crypto random number source >=20 > > ++Ram for openssl > > > > > ECDSA op: > > > rte_crypto_param k; > > >=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 /**< The ECDSA per-message = secret number, which is an > > >integer > > >=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 * in the interval (1, n-1) > > >=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 */ > > > DSA op: > > >=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 No 'k'. > > > > > > This one I think have described some time ago: > > > Only PMD that verifies ECDSA is OCTEON which apparently needs 'k' pro= vided > by user. > > > Only PMD that verifies DSA is OpenSSL PMD which will generate its own > random number internally. > > > > > > So in case PMD supports one of these options (or especially when supp= orts > both) we need to give some information here. >=20 > We can have a standard way to represent if a particular rte_crypto_param = is set > by the application or not. Then, it is up to the PMD to perform the op o= r return > error code if unable to proceed. >=20 > > > > > > The most obvious option would be to change rte_crypto_param k -> > > > rte_crypto_param *k In case (k =3D=3D NULL) PMD should generate it it= self if > possible, otherwise it should push crypto_op to the response ring with > appropriate error code. >=20 > This case could occur for other params as well. Having a few as nested va= riables > and others as pointers could be confusing for memory alloc/dealloc. Howev= er, > the rte_crypto_param already has a data pointer inside it which can be us= ed in > same manner. For example, in this case (k.data =3D=3D NULL), PMD should g= enerate > random number if possible or push to response ring with error code. This = can be > done without breaking backward compatibility. > This can be the standard way for PMDs to find if a particular rte_crypto_= param is > valid or NULL. [Arek] Agree, let keep it as easy as possible, and agree it could be useful= elsewhere not necessarily in random number cases. >=20 > > > > > > Another options would be: > > > - Extend rte_cryptodev_config and rte_cryptodev_info with > > > information about random number generator for specific device > > > (though it would be ABI breakage) > > > - Provide some kind of callback to get random number from user > > > (which could be useful for other things like RSA padding as well) >=20 > I think the previous solution itself is more straightforward and simpler = unless we > want to have functionality to configure random number generator for each > device. >=20 > Thanks, > Ramkumar Balu >=20