From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 6BF16A0487 for ; Thu, 4 Jul 2019 14:40:32 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 909B91BE27; Thu, 4 Jul 2019 14:40:31 +0200 (CEST) Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by dpdk.org (Postfix) with ESMTP id 38B241BDFA for ; Thu, 4 Jul 2019 14:40:30 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Jul 2019 05:40:29 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.63,451,1557212400"; d="scan'208";a="187567082" Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by fmsmga004.fm.intel.com with ESMTP; 04 Jul 2019 05:40:28 -0700 Received: from fmsmsx155.amr.corp.intel.com (10.18.116.71) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 4 Jul 2019 05:40:29 -0700 Received: from hasmsx114.ger.corp.intel.com (10.184.198.65) by FMSMSX155.amr.corp.intel.com (10.18.116.71) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 4 Jul 2019 05:40:28 -0700 Received: from HASMSX109.ger.corp.intel.com ([169.254.3.134]) by HASMSX114.ger.corp.intel.com ([169.254.14.198]) with mapi id 14.03.0439.000; Thu, 4 Jul 2019 15:40:26 +0300 From: "Kusztal, ArkadiuszX" To: "dev@dpdk.org" CC: "akhil.goyal@nxp.com" , "Trahe, Fiona" , "shally.verma@caviumnetworks.com" , Shally Verma Thread-Topic: [PATCH v2 1/3] cryptodev: rework api of rsa algorithm Thread-Index: AQHVMbV6Xkv9IeQaakqByLm+ywdiNqa6Z6Hw Date: Thu, 4 Jul 2019 12:40:25 +0000 Message-ID: <06EE24DD0B19E248B53F6DC8657831551B279302@hasmsx109.ger.corp.intel.com> References: <20190703153759.1508-1-arkadiuszx.kusztal@intel.com> <20190703153759.1508-2-arkadiuszx.kusztal@intel.com> In-Reply-To: <20190703153759.1508-2-arkadiuszx.kusztal@intel.com> Accept-Language: pl-PL, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.0.600.7 dlp-reaction: no-action x-originating-ip: [10.184.70.11] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dpdk-dev] [PATCH v2 1/3] cryptodev: rework api of rsa algorithm X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" + Shally's Marvell address. Shally, Fiona can you take a look? > -----Original Message----- > From: Kusztal, ArkadiuszX > Sent: Wednesday, July 3, 2019 5:38 PM > To: dev@dpdk.org > Cc: akhil.goyal@nxp.com; Trahe, Fiona ; > shally.verma@caviumnetworks.com; Kusztal, ArkadiuszX > > Subject: [PATCH v2 1/3] cryptodev: rework api of rsa algorithm >=20 > This patch reworks API of RSA algorithm. > Major changes: > - Cipher field was introduced > - Field for singature verification when padding none selected was added > - Padding union was created > - PKCS1-v1_5 Block type 0 was removed > - Fixed comments about prime numbers > - Added guide to use none padding >=20 > Signed-off-by: Arek Kusztal > --- > lib/librte_cryptodev/rte_crypto_asym.h | 150 > ++++++++++++++++++++++++++------- > 1 file changed, 118 insertions(+), 32 deletions(-) >=20 > diff --git a/lib/librte_cryptodev/rte_crypto_asym.h > b/lib/librte_cryptodev/rte_crypto_asym.h > index 8672f21..486399c 100644 > --- a/lib/librte_cryptodev/rte_crypto_asym.h > +++ b/lib/librte_cryptodev/rte_crypto_asym.h > @@ -111,23 +111,21 @@ enum rte_crypto_asym_op_type { > */ > enum rte_crypto_rsa_padding_type { > RTE_CRYPTO_RSA_PADDING_NONE =3D 0, > - /**< RSA no padding scheme */ > - RTE_CRYPTO_RSA_PKCS1_V1_5_BT0, > - /**< RSA PKCS#1 V1.5 Block Type 0 padding scheme > - * as described in rfc2313 > + /**< RSA no padding scheme. > + * In this case user is responsible for provision and verification > + * of padding. > */ > - RTE_CRYPTO_RSA_PKCS1_V1_5_BT1, > - /**< RSA PKCS#1 V1.5 Block Type 01 padding scheme > - * as described in rfc2313 > - */ > - RTE_CRYPTO_RSA_PKCS1_V1_5_BT2, > - /**< RSA PKCS#1 V1.5 Block Type 02 padding scheme > - * as described in rfc2313 > + RTE_CRYPTO_RSA_PADDING_PKCS1, > + /**< RSA PKCS#1 PKCS1-v1_5 padding scheme. For signatures block > type 01, > + * for encryption block type 02 are used. > */ > RTE_CRYPTO_RSA_PADDING_OAEP, > - /**< RSA PKCS#1 OAEP padding scheme */ > + /**< RSA PKCS#1 OAEP padding scheme, can be used only for > encryption/ > + * decryption. > + */ > RTE_CRYPTO_RSA_PADDING_PSS, > - /**< RSA PKCS#1 PSS padding scheme */ > + /**< RSA PKCS#1 PSS padding scheme, can be used only for > signatures. > + */ > RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END > }; >=20 > @@ -199,8 +197,8 @@ struct rte_crypto_rsa_priv_key_qt { > */ > struct rte_crypto_rsa_xform { > rte_crypto_param n; > - /**< n - Prime modulus > - * Prime modulus data of RSA operation in Octet-string network > + /**< n - Modulus > + * Modulus data of RSA operation in Octet-string network > * byte order format. > */ >=20 > @@ -397,9 +395,36 @@ struct rte_crypto_rsa_op_param { > /**< > * Pointer to data > * - to be encrypted for RSA public encrypt. > - * - to be decrypted for RSA private decrypt. > * - to be signed for RSA sign generation. > * - to be authenticated for RSA sign verification. > + * > + * Octet-string network byte order format. > + * > + * This field is an input to RTE_CRYPTO_ASYM_OP_ENCRYPT > + * operation, and output to RTE_CRYPTO_ASYM_OP_DECRYPT > operation. > + * > + * When RTE_CRYPTO_ASYM_OP_DECRYPT op_type used length in > bytes > + * of this field needs to be greater or equal to the length of > + * corresponding RSA key in bytes. > + * > + * When padding field is set to RTE_CRYPTO_RSA_PADDING_NONE > + * returned data size will be equal to the size of RSA key > + * in bytes. All leading zeroes will be preserved. > + */ > + > + rte_crypto_param cipher; > + /**< > + * Pointer to data > + * - to be decrypted for RSA private decrypt. > + * > + * Octet-string network byte order format. > + * > + * This field is an input to RTE_CRYPTO_ASYM_OP_DECRYPT > + * operation, and output to RTE_CRYPTO_ASYM_OP_ENCRYPT > operation. > + * > + * When RTE_CRYPTO_ASYM_OP_ENCRYPT op_type used length in > bytes > + * of this field needs to be greater or equal to the length of > + * corresponding RSA key in bytes. > */ >=20 > rte_crypto_param sign; > @@ -408,27 +433,88 @@ struct rte_crypto_rsa_op_param { > * sign @ref RTE_CRYPTO_ASYM_OP_SIGN, buffer will be > * over-written with generated signature. > * > - * Length of the signature data will be equal to the > - * RSA prime modulus length. > + * Octet-string network byte order format. > + * > + * When RTE_CRYPTO_ASYM_OP_SIGN op_type used length in bytes > + * of this field needs to be greater or equal to the length of > + * corresponding RSA key in bytes. > */ >=20 > - enum rte_crypto_rsa_padding_type pad; > - /**< RSA padding scheme to be used for transform */ > - > - enum rte_crypto_auth_algorithm md; > - /**< Hash algorithm to be used for data hash if padding > - * scheme is either OAEP or PSS. Valid hash algorithms > - * are: > - * MD5, SHA1, SHA224, SHA256, SHA384, SHA512 > + rte_crypto_param message_to_verify; > + /**< > + * Pointer to the message 'm' that was signed with > + * RSASP1 in RFC8017. It is the result of operation RSAVP1 > + * defined in RFC8017, where field `sign` is the input > + * parameter `s`. > + * > + * Used only when padding type is set to > RTE_CRYPTO_RSA_PADDING_NONE > + * and `op_type` is set to RTE_CRYPTO_ASYM_OP_VERIFY. > + * > + * Returned data size will be equal to the size of RSA key > + * in bytes. All leading zeroes will be preserved. > + * > + * When RTE_CRYPTO_ASYM_OP_VERIFY op_type used length in > bytes > + * of this field needs to be greater or equal to the length of > + * corresponding RSA key in bytes. > */ >=20 > - enum rte_crypto_auth_algorithm mgf1md; > + enum rte_crypto_rsa_padding_type padding; > + /**< > + * In case RTE_CRYPTO_RSA_PADDING_PKCS1 is selected, > + * driver will distinguish between block type basing > + * on rte_crypto_asym_op_type of the operation. > + * > + * Which padding type is supported by the driver can be > + * found in in specific driver guide. > + */ > + enum rte_crypto_auth_algorithm padding_hash; > + /**< > + * - For PKCS1-v1_5 signature (Block type 01) this field > + * represents hash function that will be used to create > + * message hash. > + * > + * - For OAEP this field represents hash function that will > + * be used to produce hash of the optional label. > + * > + * - For PSS this field represents hash function that will be used > + * to produce hash (mHash) of message M and of M' (padding1 | > mHash | salt) > + * > + * If not set driver will use default value. > + */ > + union { > + struct { > + enum rte_crypto_auth_algorithm mgf; > + /**< > + * Mask genereation function hash algorithm. > + * > + * If not set driver will use default value. > + */ > + rte_crypto_param label; > + /**< > + * Optional label, if driver does not support > + * this option, optional label is just an empty string. > + */ > + } OAEP; > + struct { > + enum rte_crypto_auth_algorithm mgf; > + /**< > + * Mask genereation function hash algorithm. > + * > + * If not set driver will use default value. > + */ > + int seed_len; > + /**< > + * Intended seed length. Nagative number has special > + * value as follows: > + * -1 : seed len =3D length of output ot used hash > function > + * -2 : seed len is maximized > + */ > + } PSS; > + }; > /**< > - * Hash algorithm to be used for mask generation if > - * padding scheme is either OAEP or PSS. If padding > - * scheme is unspecified data hash algorithm is used > - * for mask generation. Valid hash algorithms are: > - * MD5, SHA1, SHA224, SHA256, SHA384, SHA512 > + * Padding type of RSA crypto operation. > + * What are random number generator requirements and prequisites > + * can be found specific driver guide. > */ > }; >=20 > -- > 2.1.0