From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 5B3ABA00C4 for ; Mon, 30 May 2022 13:59:11 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 2766840694; Mon, 30 May 2022 13:59:11 +0200 (CEST) Received: from APC01-PSA-obe.outbound.protection.outlook.com (mail-psaapc01on2084.outbound.protection.outlook.com [40.107.255.84]) by mails.dpdk.org (Postfix) with ESMTP id 803D5400D6 for ; Mon, 30 May 2022 13:59:09 +0200 (CEST) ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=EQQRZ6pyd1374wz3aRgys2Ke321hSGRcuCBgcbG4my5X79B1SBb7vrmehAJgiT6wejfklmhkGu8l0VbzXYwezH2LSYClSmqu1IC/NxCzE42NYKE7GfuVojCfI3HTnItI5ZMAkqtBBVf9YIBOfDFlRKCUUn9EJfareSaVX7RhILNEii2Z78/6BDzUgFjJ8BjCkSYQn5AS54oAeQRR2xZenDtWvkrI79t2fOmCeVrpoPylMrZC7UliyFopLUL4YC+yuhmyPDuKMgrWmeYTXGvpjb8h7snuWiyA62eCss08I8t/W3nuIA9u4J3OyF82JZh1RpSSRGEgkSivdtD+7FsL6Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TErpBVLMRfn89e+/grDqfl/ClulU/pwZTIaNDpcwKeQ=; b=OeNUo3Pcm0ujuWrolia3y+4y0ScSgtZ4NyAtuaVSth3pIlPNuApvKCGqdPFlo0oC37FZwIZWBFOyUEe9ng5xLpl9BA26Q2F5jq9wCH7nBSpJ6H9ua5uFwKDYkh2Tb3T+Hp7MhSKPGdmLS+FzuoQR9FKHWr4BPVrMUbZK2AZCd0CgQp+zzJeClYolKU1fnPTj6Y9srk4EbU4+clYEokmpmrvQbUGifccvqL4mYsxryqR+a4BBwlM6ZIaOjr+8f3iH3sq7z79drQf6oNw4M40m51qn/wGlefvuWdoOtLFuHo3sdMpvAXqd2SDsy0OyOPZAqhZlnLkLlOYnZyFQ+M7Cgg== ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 54.79.123.149) smtp.rcpttodomain=intel.com smtp.mailfrom=tatacommunications.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=tatacommunications.com; dkim=pass (signature was verified) header.d=tatacommunications.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=tatacommunications.com] dkim=[1,1,header.d=tatacommunications.com] dmarc=[1,1,header.from=tatacommunications.com]) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tatacommunications.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TErpBVLMRfn89e+/grDqfl/ClulU/pwZTIaNDpcwKeQ=; b=VXEr6cyLhwv6my12FiyulHqEeX53Byr/GC9Wnbm/Q2dd6G0aemeiFMVnTmr+tpqhuRwObyemSVWAYILMKipfDS8HViwYtA76B/ZJXYMN4df8BnQl9TvFQQtWjIHY5ew32jMV1/I4KhiS8sh56JefQJltbnbXeAkq9TscGDp95qhxv0xEEHHgNgF4/M4SKTjRqnxhnLQy8CONNU9Rtn9qrV3iAmMXHR4vDqUXcET57kT3lXeanJ00jGElUmiT9tZRmcxfWRneg3qQ7SD+f+krQ5cAZiP2jaUzplzeOmP3jD/CKDbjV+732585goLIzFFBLvScbHzsQP4p3FZClWPL/w== Received: from TYCPR01CA0044.jpnprd01.prod.outlook.com (2603:1096:405:1::32) by SG2PR04MB2427.apcprd04.prod.outlook.com (2603:1096:4:10::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5293.13; Mon, 30 May 2022 11:59:06 +0000 Received: from TYZAPC01FT047.eop-APC01.prod.protection.outlook.com (2603:1096:405:1:cafe::57) by TYCPR01CA0044.outlook.office365.com (2603:1096:405:1::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5293.13 via Frontend Transport; Mon, 30 May 2022 11:59:05 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 54.79.123.149) smtp.mailfrom=tatacommunications.com; dkim=pass (signature was verified) header.d=tatacommunications.com;dmarc=pass action=none header.from=tatacommunications.com; Received-SPF: Pass (protection.outlook.com: domain of tatacommunications.com designates 54.79.123.149 as permitted sender) receiver=protection.outlook.com; client-ip=54.79.123.149; helo=sydapipop-haraka-inline01.vpc-a3a96cc4.ase2.shn; pr=C Received: from sydapipop-haraka-inline01.vpc-a3a96cc4.ase2.shn (54.79.123.149) by TYZAPC01FT047.mail.protection.outlook.com (10.118.152.173) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5293.13 via Frontend Transport; Mon, 30 May 2022 11:59:04 +0000 Received: from APC01-TYZ-obe.outbound.protection.outlook.com (mail-tyzapc01lp2043.outbound.protection.outlook.com [104.47.110.43]) by sydapipop-haraka-inline01.vpc-a3a96cc4.ase2.shn (Haraka/2.8.24) with ESMTPS id D8F1C8A6-1473-4DC3-A4AC-7AB4E7DEAC75.1 envelope-from (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 verify=FAIL); Mon, 30 May 2022 11:59:01 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FguebEMFbI7Drxyb0skmFp/EmBP20Bgf0H01p7qB6RiXr3YmYp7+m4MfEU8/Kfz0amABeN1nSKB8xA6jzuV8GthKKwcVpuo93CyL1Cr05Mp6mk4nVeSMXYcGoDnJveDL5kirQHS6EBYEAnpwO3h2hxEStiszG2leJZuc/h7EKs7AMH6j8PgI79mu7N6O0gkSE2FqH+tYA14v7cuMnp72pgDF9+Y+lyRT7nW/pLLAhTNy0udWEyDoFhQ4cUX6nU8FqcryGG/I1QZiwsia2j+vYx49ozOrTvX1NnRhtJpcWAMB4cgFbMc9LrtFThydWsvZkLD0AwJGzCKqpNE3/7Wmdg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TErpBVLMRfn89e+/grDqfl/ClulU/pwZTIaNDpcwKeQ=; b=eTKU+IpE/w6fIsqJtj9raeXdJKoKCGzfU8ZKLIwywZRfPt6bfj78Vxm93AsIlnHNskCLRC9unUFrtXetsydf1h1cJnK+muucxSHLUK/nlMxGy717zD6lbuIrXdMQCihgUGFZC3eaUeYXlJcxwQvAAhzd0QWDhnEueoXDdTuGZOwkwpclBuNQCyfFaC1/29a1a8QliSKJtFE4CQBxLOIuqyNMsdoU80CnKaIqQqwWiK0wYhJzwihTWQD9nIv+d6CXZd+cwtrH0TbwpvXH/sKmEms8O64Z8TvMZeL8dgZnd3gsokIywVjNFettKPChubEnTjU8sCbYRJUpUjMhTMH1Ew== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=tatacommunications.com; dmarc=pass action=none header.from=tatacommunications.com; dkim=pass header.d=tatacommunications.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tatacommunications.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=TErpBVLMRfn89e+/grDqfl/ClulU/pwZTIaNDpcwKeQ=; b=VXEr6cyLhwv6my12FiyulHqEeX53Byr/GC9Wnbm/Q2dd6G0aemeiFMVnTmr+tpqhuRwObyemSVWAYILMKipfDS8HViwYtA76B/ZJXYMN4df8BnQl9TvFQQtWjIHY5ew32jMV1/I4KhiS8sh56JefQJltbnbXeAkq9TscGDp95qhxv0xEEHHgNgF4/M4SKTjRqnxhnLQy8CONNU9Rtn9qrV3iAmMXHR4vDqUXcET57kT3lXeanJ00jGElUmiT9tZRmcxfWRneg3qQ7SD+f+krQ5cAZiP2jaUzplzeOmP3jD/CKDbjV+732585goLIzFFBLvScbHzsQP4p3FZClWPL/w== Received: from PSAPR04MB5516.apcprd04.prod.outlook.com (2603:1096:301:5c::9) by SI2PR04MB4847.apcprd04.prod.outlook.com (2603:1096:4:147::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5293.13; Mon, 30 May 2022 11:58:59 +0000 Received: from PSAPR04MB5516.apcprd04.prod.outlook.com ([fe80::35fb:34da:9cee:9730]) by PSAPR04MB5516.apcprd04.prod.outlook.com ([fe80::35fb:34da:9cee:9730%5]) with mapi id 15.20.5293.019; Mon, 30 May 2022 11:58:59 +0000 From: Balakrishnan K To: "Kusztal, ArkadiuszX" , "users@dpdk.org" Subject: RE: how to use crypto openssl PMD for asymmetric encryption and decryption Thread-Topic: how to use crypto openssl PMD for asymmetric encryption and decryption Thread-Index: Adhul7L76HpVKxCxQgm6OmL7h9++VgACBMowACMLKYAACHjIQAAGYdCQAC24WYAAASZVAAD+ROEA Date: Mon, 30 May 2022 11:58:59 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_ActionId=1e9b2051-9f45-4073-b7f5-e6b509538b52; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_ContentBits=0; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_Enabled=true; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_Method=Privileged; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_Name=General-Test; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_SetDate=2022-05-23T11:32:59Z; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_SiteId=20210462-2c5e-4ec8-b3e2-0be950f292ca; Authentication-Results-Original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=tatacommunications.com; X-MS-Office365-Filtering-Correlation-Id: f34f9f01-78f2-4dad-6bb0-08da4233cb77 x-ms-traffictypediagnostic: SI2PR04MB4847:EE_|TYZAPC01FT047:EE_|SG2PR04MB2427:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: ko7xAzfIyLWFSmPUddio7bDVXxdc7YJXN1/mflu+gvAgWGnjrYgZIHxDtJt8gP8W7CCK7EESz6VmoJtKPOyrKWj89Xe5dmW6vAvBFrkAAM9ZiKh8AIa3vhnhQFpjVOPv9Mh7u9KeDoTySXMOIYSL1jdA7GIi5WHluLTOXYyRFHQK/C43nae4y5GWpandlFEe9l0h7LqzOh2CP2uvXcppuOH+d8iWFVhTkOjNbpiffYmlXPAnXtu7seXXLRdvA710vehu18K7/atbDNNBAiUvk50h8jfmA1ZRD1Nvw+nFgIP6dVcgIvZDDz/b21azZX2yKEQPq0oiYo2Cpki/EWmMSa5vjwehgjnIwR3G35U4myG0Bt1QqkpLWbshaax8my7wLHqxmi5rnGVg+dUNtAvh3/0++K5Nz3xA/JXktCVZrnmNL6GXLH3oKZo9Lu35nVBZyt7WLEr0T72u/EgXmTFAMVfu1EyUpFX+89QLKifmLyhxTgCe41EfEY84PmZpNpmFl6RDY4ARI1fSL1Vth3cdpJyUoPIfRtySbSXVvdWCePIAb8ku6E2xld54YHrZgQ2DXn3Y5GpHXYcjMExlelQVsgiLsP3ViB0DtaZrDzy60ajKdj0G7KelzWoT8csE5ib+UKf1RTdHlCAr3Pq/VXf9TpoZLW/7zUeXbbRGQQZV4/8t25K3WDAAONuQSJIGiT5ScQlsh52fptsjpK+bV0zB79s+kXu8Viukl7IrDkWtC+99/JH9aNXCe7QQFu+RdsDh44aTfXHQ/rwf0B/8yoSmrNdUckIQVzoJ7inpiGAa8rU= X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PSAPR04MB5516.apcprd04.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(66946007)(5660300002)(64756008)(66446008)(66476007)(66556008)(8676002)(33656002)(76116006)(71200400001)(966005)(186003)(83380400001)(508600001)(8936002)(55016003)(86362001)(9326002)(52536014)(26005)(9686003)(38100700002)(122000001)(53546011)(6506007)(38070700005)(7696005)(2906002)(110136005)(316002)(166002); DIR:OUT; SFP:1101; Content-Type: multipart/alternative; boundary="_000_PSAPR04MB5516448E640B45C8AA691F5AD6DD9PSAPR04MB5516apcp_" MIME-Version: 1.0 X-MS-Exchange-Transport-CrossTenantHeadersStamped: SI2PR04MB4847 Original-Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=tatacommunications.com; X-SHN-DLP-SCAN: success X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: TYZAPC01FT047.eop-APC01.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: 516b436e-c265-422a-9bb9-08da4233c84c X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: xbEd7FIJGQ7EFf3FggFMPvofA4ABD0JU8IYsgeQ4IVmnn4EKEo+0Tiv6WKKiq9e3OjFfhUy82ULgtamyTVjZYVtsTDhA+wnOuT3LO9QxSV0P7JfHusjDj+ASUYgxdXLOL7ET26GwZJw7KqZI6SirUQxj2VAB+ha1JHOHaM/FO0b1q/4PyntJglcGa37zPgEa/BpkX9qsDtpaItmYTJcmjzhfDPzfSt82NvqPAJKVL6i6O3cOvVrWCK3Byq/CbsHW+uK8wcYUwjzUSMVtLuPKryNjdLi8Rxyp2xBXz0Ct2TdYG9SDgWiLsCKRdaU6YaK02aJqSWfdtZ/l7r8iVDG6sYtxRcdNf8BG+mybEij5d8nQfYcF3hhX09Ljbpz68YrFHqMHgrGb/piSo2o2vpfAutqrKnMz39Cdw3edXiWVymv0iyCnyso5NTjbzdRjXPS6z1wdu5viYLG5x/DgTo1bOoCOpxXgIsthcM48IPFE8GP1pXAs8e0HKmyXAoZGvbDq/L0h5pTNUcc3Mc9M3Njd+e0sIcPVKQaTy0WXd0agnbqH4LFEJn+lmornlh6DY++RVxkRi8EJwe2bPPxER0F0POfKI4VdWngy6ChZldsQ6ynaqZrz6mXtQMhIRqKDadIkpGkBHuO14R3f9lcR1CCYzDkQWqKXRo1lR/kW/Btw4yt2+WXQwO2iUWLG+BA0hv1d0ZGDzIRw7BHW57aaI7nfq1lgCvS3RPyPNjXX2jYkkiOfYQJR4PzDzIpcxd+67fzpuuScW/8sDrQcyyb3ZY765w== X-Forefront-Antispam-Report: CIP:54.79.123.149; CTRY:AU; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:sydapipop-haraka-inline01.vpc-a3a96cc4.ase2.shn; PTR:send1.mail-inline.syd-pop.i-shn.net; CAT:NONE; SFS:(13230001)(4636009)(46966006)(36840700001)(40470700004)(83380400001)(36860700001)(110136005)(52536014)(36906005)(70206006)(70586007)(55016003)(47076005)(81166007)(336012)(186003)(9326002)(8936002)(2906002)(82310400005)(9686003)(86362001)(26005)(8676002)(40460700003)(356005)(53546011)(7696005)(966005)(508600001)(45080400002)(166002)(30864003)(5660300002)(316002)(33656002)(6506007); DIR:OUT; SFP:1101; X-OriginatorOrg: tatacommunications.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 May 2022 11:59:04.4932 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f34f9f01-78f2-4dad-6bb0-08da4233cb77 X-MS-Exchange-CrossTenant-Id: 20210462-2c5e-4ec8-b3e2-0be950f292ca X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=20210462-2c5e-4ec8-b3e2-0be950f292ca; Ip=[54.79.123.149]; Helo=[sydapipop-haraka-inline01.vpc-a3a96cc4.ase2.shn] X-MS-Exchange-CrossTenant-AuthSource: TYZAPC01FT047.eop-APC01.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: SG2PR04MB2427 X-BeenThere: users@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK usage discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: users-bounces@dpdk.org --_000_PSAPR04MB5516448E640B45C8AA691F5AD6DD9PSAPR04MB5516apcp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Arek, Thanks for your inputs. I wrote the sample application to encrypt the text from a file also decrypt= ing the same. Now next step is to encrypt the incoming packets. I have one basic doubt. During rte_cryptodev_enqueue_burst call with operat= ion type as RTE_CRYPTO_ASYM_OP_ENCRYPT. For the incoming packet. what is being encrypted ,Is it entire packet or the payload(data section) ? Regards, Bala From: Kusztal, ArkadiuszX Sent: 25 May 2022 16:13 To: Balakrishnan K ; users@dpdk.org Subject: RE: how to use crypto openssl PMD for asymmetric encryption and de= cryption Hi Bala, To fill the below struct do I need to extract Publickey exponent , Private = key exponent etc. [Arek] - yes, you need to convert keys into big-endian unsigned integer. In the file "test_cryptodev_rsa_test_vectors.h" there are few examples. Regards, Arek From: Balakrishnan K > Sent: Wednesday, May 25, 2022 12:08 PM To: Kusztal, ArkadiuszX >; users@dpdk.org Subject: RE: how to use crypto openssl PMD for asymmetric encryption and de= cryption Hi Arek, I have public and private key with me which can be used for encryption/= decryption. To fill the below struct do I need to extract Publickey exponent , Private = key exponent etc. The reason why I am asking is, in openssl for encryption we will use key di= rectly with the exposed API. Example : RSA_private_encrypt(strlen(msg), (unsigned char *)msg, encrypted, rsa, RSA_= PKCS1_PADDING); Here in dpdk the rsa struct looks different . Thanks in advance. struct rte_crypto_rsa_xform { rte_crypto_param n; /**< n - Modulus * Modulus data of RSA operation in Octet-string network * byte order format. */ rte_crypto_param e; /**< e - Public key exponent * Public key exponent used for RSA public key operations in Octet- * string network byte order format. */ enum rte_crypto_rsa_priv_key_type key_type; __extension__ union { rte_crypto_param d; /**< d - Private key exponent * Private key exponent used for RSA * private key operations in * Octet-string network byte order format. */ struct rte_crypto_rsa_priv_key_qt qt; /**< qt - Private key in quintuple format */ }; }; Regards, Bala From: Balakrishnan K Sent: 24 May 2022 17:42 To: Kusztal, ArkadiuszX >; users@dpdk.org Subject: RE: how to use crypto openssl PMD for asymmetric encryption and de= cryption Hi Arek, Thanks for the detailed explanation. Regards, Bala From: Kusztal, ArkadiuszX > Sent: 24 May 2022 14:44 To: Balakrishnan K >; users@dpdk.org Subject: RE: how to use crypto openssl PMD for asymmetric encryption and de= cryption I should use debug_hexdump(stdout, "encrypted message", asym_op->rsa.cipher.data, asym_op->rsa.cipher.length); to check the encrypted message for the input given? Yes, currently it works this way. The same way output for decryption will b= e placed in asym_op->rsa.message.data and input in asym_op->rsa.cipher.data= . More explanations can be found in rte_crypto_asym.h file https://doc.dpdk.org/api/structrte__crypto__rsa__op__param.html. From: Balakrishnan K > Sent: Tuesday, May 24, 2022 7:24 AM To: Kusztal, ArkadiuszX >; users@dpdk.org Subject: RE: how to use crypto openssl PMD for asymmetric encryption and de= cryption Hi Arek, Thanks for quick response. I am using resulted output vector to verify the encrypted message. I thought the encrypted data will be in the asym_op->rsa.message.data after= rte_cryptodev_enqueue_burst and rte_cryptodev_enqueue_burst call with oper= ation type RTE_CRYPTO_ASYM_OP_ENCRYPT. So ,I checked the hex_dump of asym_op->rsa.message.data. Code snippet: asym_op =3D result_op->asym; debug_hexdump(stdout, "encrypted message", asym_op->rsa.message.data, asym_op->rsa.message.length); Encrypted data will be placed in asym_op->rsa.cipher.data after crypto oper= ation is my understanding is correct ? I should use debug_hexdump(stdout, "encrypted message", asym_op->rsa.cipher.data, asym_op->rsa.cipher.length); to check the encrypted message for the input given? Regards, Bala From: Kusztal, ArkadiuszX > Sent: 23 May 2022 18:15 To: Balakrishnan K >; users@dpdk.org Subject: RE: how to use crypto openssl PMD for asymmetric encryption and de= cryption CAUTION: This email originated from outside of the organization. Do not cli= ck links or open attachments unless you recognize the sender and know the c= ontent is safe. Hi Bala, Ciphertext will be written into asym_op->rsa.cipher.data (not message.data)= by the PMD, here you are using same address for both hex dumps. Although there is a bug in debug_hexdump in this function which may cause t= his confusion. Plus, the test you are referring is PWCT test (Pairwise conditional test) -= > it will encrypt, then decrypt. Please take a look into this comment in queue_ops_rsa_enc_dec function: /* Use the resulted output as decryption Input vector* So above this line there is an encryption part. Below is decryption. Regards, Arek From: Balakrishnan K > Sent: Monday, May 23, 2022 1:33 PM To: users@dpdk.org Subject: how to use crypto openssl PMD for asymmetric encryption and decryp= tion Hi All, I am new to dpdk. Planning to use openssl crypto PMD for encrypting/decr= ypting the packets. Couldn't find much documents on openssl PMD for asymmetric encryption/decry= ption. Any one please point me in the right document. I have tried to run the test cases wrote for asymmetric crypto using openss= l virtual PMD. But the output of particular test case is same after the encryption done. File : app/test/test_cryptodev_asym.c Test executable: ./app/test/dpdk-test Test case : test_rsa_enc_dec Input given to encryption: message at [0x1894e60], len=3D20 00000000: F8 BA 1A 55 D0 2F 85 AE 96 7B B6 2F B6 CD A8 EB | ...U./...{./...= . 00000010: 7E 78 A0 50 | ~x.P After processing the output also looks like same : encrypted message exist at [0x1894e60], len=3D20 00000000: F8 BA 1A 55 D0 2F 85 AE 96 7B B6 2F B6 CD A8 EB | ...U./...{./...= . 00000010: 7E 78 A0 50 Regards, Bala --_000_PSAPR04MB5516448E640B45C8AA691F5AD6DD9PSAPR04MB5516apcp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Arek,

    Thanks for y= our inputs.

I wrote the sample application = to encrypt the text from a file also decrypting the same.=

Now next step is to encrypt the= incoming packets.

I have one basic doubt. During = rte_cryptodev_enqueue_burst call with operation type as RTE_CRYPTO_ASYM_OP_= ENCRYPT.

For the incoming packet.

what is being encrypted ,Is it = entire packet or the payload(data section) ?

 

Regards,

Bala

&nbs= p;

From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
Sent: 25 May 2022 16:13
To: Balakrishnan K <Balakrishnan.K1@tatacommunications.com>; u= sers@dpdk.org
Subject: RE: how to use crypto openssl PMD for asymmetric encryption= and decryption

 

Hi Bala,

 

To fill the below struct do I need to extract Public= key exponent , Private key exponent etc.

[Arek] – yes, you need to= convert keys into big-endian unsigned integer.

In the file “test_cryptod= ev_rsa_test_vectors.h” there are few examples.

 

Regards,

Arek

 

 

From: Balakrishnan K <Balakrishnan.K1@tatacommunications.com>
Sent: Wednesday, May 25, 2022 12:08 PM
To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; users@dpdk.org
Subject: RE: how to use crypto openssl PMD for asymmetric encryption= and decryption

 

Hi Arek,

    I have public and private key wit= h me which can be used for encryption/decryption.

 

To fill the below struct do I need to extract Public= key exponent , Private key exponent etc.

The reason why I am asking is, in openssl for encryp= tion we will use key directly with the exposed API.

Example :

 

RSA_private_encrypt(strlen(msg), (unsigned char *)msg, encrypted, rsa, RSA= _PKCS1_PADDING);

 

Here in dpdk the rsa struct looks different .

 

Thanks in advance.

 

struct rte_crypto_rsa_xform {

rte_crypto_param n;

        /**< n= - Modulus

         * M= odulus data of RSA operation in Octet-string network

         * b= yte order format.

         */<= o:p>

 

        rte_crypt= o_param e;

        /**< e= - Public key exponent

         * P= ublic key exponent used for RSA public key operations in Octet-<= /p>

         * s= tring network byte order format.

         */<= o:p>

 

        enum rte_= crypto_rsa_priv_key_type key_type;

 

        __extensi= on__

        union {

        &nbs= p;       rte_crypto_param d;

        &nbs= p;       /**< d - Private key exponent

        &nbs= p;        * Private key exponent used fo= r RSA

        &nbs= p;        * private key operations in

        &nbs= p;        * Octet-string  network b= yte order format.

        &nbs= p;        */

 

        &nbs= p;       struct rte_crypto_rsa_priv_key_qt qt= ;

        &nbs= p;       /**< qt - Private key in quintupl= e format */

        };

};

 

 

Regards,

Bala

From: Balakrishnan K
Sent: 24 May 2022 17:42
To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; users@dpdk.org
Subject: RE: how to use crypto openssl PMD for asymmetric encryption= and decryption

 

Hi Arek,

  Thanks for the detailed = explanation.

 

Regards,

Bala

 

From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
Sent: 24 May 2022 14:44
To: Balakrishnan K <Balakrishnan.K1@tatacommunications.com>; users@dpdk.org
Subject: RE: how to use crypto openssl PMD for asymmetric encryption= and decryption

 

I should use 
debug_hexdump(stdout, "encrypted message&quo=
t;, asym_op->rsa.cipher.data,
        &=
nbsp;           &nbs=
p; asym_op->rsa.cipher.length);
to check the encrypted message for the input give=
n?

 

Yes, currently it works this wa= y. The same way output for decryption will be placed in asym_op->rsa.mes= sage.data and input in asym_op->rsa.cipher.data.

More explanations can be found = in rte_crypto_asym.h file

https://doc.dpdk.org/api/structrte__crypto__rsa__op__param.html.<= o:p>

 

From: Balakrishnan K <Balakrishnan.K1@tatacommunications.com>
Sent: Tuesday, May 24, 2022 7:24 AM
To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; users@dpdk.org
Subject: RE: how to use crypto openssl PMD for asymmetric encryption= and decryption

 

Hi Arek,

   Thanks for quick r= esponse.

I am using resulted output vect= or to verify the encrypted message.

I thought the encrypted data will be in the asym_op-&g=
t;rsa.message.data after rte_cryptodev_enqueue_burst and rte_cryptodev_enqu=
eue_burst call with operation type RTE_CRYPTO_ASYM_OP_ENCRYPT.
So ,I checked the hex_dump of asym_op->rsa.message.=
data.
 
Code snippet:
asym_op =3D result_op->asym;=

debug_hexdump(stdout, "encrypted message&quo=
t;, asym_op->rsa.message.data,
        &=
nbsp;           &nbs=
p; asym_op->rsa.message.length);
 
 
 
Enc=
rypted data will be placed in asym_op->rsa.c=
ipher.data after crypto operation is my understanding is correct ?
I should use 
debug_hexdump(stdout, "encrypted message&quo=
t;, asym_op->rsa.cipher.data,
        &=
nbsp;           &nbs=
p; asym_op->rsa.cipher.length);
to check the encrypted message for the input give=
n?
 
 
Regards,
Bala 
 

 

From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
Sent: 23 May 2022 18:15
To: Balakrishnan K <Balakrishnan.K1@tatacommunications.com>; users@dpdk.org
Subject: RE: how to use crypto openssl PMD for asymmetric encryption= and decryption

 

CAUTION: This email originated from outside of the organization. = Do not click links or open attachments unless you recognize the sender and know the content is safe. <= /p>

Hi Bala,

 

Ciphertext will be written into= asym_op->rsa.cipher.data (not message.data) by the PMD, here you are us= ing same address for both hex dumps.

Although there is a bug in debu= g_hexdump in this function which may cause this confusion.

 

Plus, the test you are referrin= g is PWCT test (Pairwise conditional test) -> it will encrypt, then decr= ypt.

Please take a look into this co= mment in queue_ops_rsa_enc_dec function:

/* Use the resulted output as d= ecryption Input vector*

So above this line there is an = encryption part.

Below is decryption.  = ;        

 

Regards,

Arek

 

From: Balakrishnan K <Balakrishnan.K1@tatacommunication= s.com>
Sent: Monday, May 23, 2022 1:33 PM
To: us= ers@dpdk.org
Subject: how to use crypto openssl PMD for asymmetric encryption and= decryption

 

Hi All,

   I am new to dpdk. = Planning to use openssl crypto PMD for encrypting/decrypting  the pack= ets.

Couldn’t find much docume= nts on openssl PMD for asymmetric encryption/decryption.

Any one please point me in the = right document.

 

I have tried to run the test ca= ses wrote for asymmetric crypto using openssl virtual PMD.

But the output of particular te= st case is same after the encryption done.

 

File : app/test/test_cryptodev_= asym.c

Test executable: ./app/test/dpd= k-test

Test case : test_rsa_enc_dec

    <= /span>

Input given to encryption:&n= bsp;            &nbs= p;

message at [0x1894e60], len=3D2= 0

00000000: F8 BA 1A 55 D0 2F 85 = AE 96 7B B6 2F B6 CD A8 EB | ...U./...{./....

00000010: 7E 78 A0 50 &nbs= p;            &= nbsp;           &nbs= p;          | ~x.P<= /span>

 

After processing the output = also looks like same :

encrypted message exist at [0x1= 894e60], len=3D20

00000000: F8 BA 1A 55 D0 2F 85 = AE 96 7B B6 2F B6 CD A8 EB | ...U./...{./....

00000010: 7E 78 A0 50

 

 

Regards,

Bala

--_000_PSAPR04MB5516448E640B45C8AA691F5AD6DD9PSAPR04MB5516apcp_--