From: Arek Kusztal <arkadiuszx.kusztal@intel.com>
To: dev@dpdk.org
Cc: gakhil@marvell.com, roy.fan.zhang@intel.com, rbalu@marvell.com,
Arek Kusztal <arkadiuszx.kusztal@intel.com>
Subject: [PATCH 4/4] crypto: reorganize endianness comments, add crypto uint
Date: Wed, 2 Feb 2022 06:50:30 +0000 [thread overview]
Message-ID: <20220202065030.23276-5-arkadiuszx.kusztal@intel.com> (raw)
In-Reply-To: <20220202065030.23276-1-arkadiuszx.kusztal@intel.com>
This patch adds crypto uint typedef so adding comment
about byte-order becomes unnecessary.
Additionally it reorganizes code that enums, externs
and forward declarations are moved to the top of the
header file.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
lib/cryptodev/rte_crypto_asym.h | 356 +++++++++++++++-------------------------
1 file changed, 131 insertions(+), 225 deletions(-)
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index 7bdc847702..2eb0f001e3 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -27,26 +27,7 @@ extern "C" {
#include "rte_crypto_sym.h"
-/**
- * Buffer to hold crypto params required for asym operations.
- *
- * These buffers can be used for both input to PMD and output from PMD. When
- * used for output from PMD, application has to ensure the buffer is large
- * enough to hold the target data.
- *
- * If an operation requires the PMD to generate a random number,
- * and the device supports CSRNG, 'data' should be set to NULL.
- * The crypto parameter in question will not be used by the PMD,
- * as it is internally generated.
- */
-typedef struct rte_crypto_param_t {
- uint8_t *data;
- /**< pointer to buffer holding data */
- rte_iova_t iova;
- /**< IO address of data buffer */
- size_t length;
- /**< length of data in bytes */
-} rte_crypto_param;
+struct rte_cryptodev_asym_session;
/** asym xform type name strings */
extern const char *
@@ -57,6 +38,19 @@ extern const char *
rte_crypto_asym_op_strings[];
/**
+ * TLS named curves
+ * https://tools.ietf.org/html/rfc8422
+ */
+enum rte_crypto_ec_group {
+ RTE_CRYPTO_EC_GROUP_UNKNOWN = 0,
+ RTE_CRYPTO_EC_GROUP_SECP192R1 = 19,
+ RTE_CRYPTO_EC_GROUP_SECP224R1 = 21,
+ RTE_CRYPTO_EC_GROUP_SECP256R1 = 23,
+ RTE_CRYPTO_EC_GROUP_SECP384R1 = 24,
+ RTE_CRYPTO_EC_GROUP_SECP521R1 = 25,
+};
+
+/**
* Asymmetric crypto transformation types.
* Each xform type maps to one asymmetric algorithm
* performing specific operation
@@ -158,47 +152,54 @@ enum rte_crypto_rsa_priv_key_type {
};
/**
- * Structure describing RSA private key in quintuple format.
- * See PKCS V1.5 RSA Cryptography Standard.
+ * Buffer to hold crypto params required for asym operations.
+ *
+ * These buffers can be used for both input to PMD and output from PMD. When
+ * used for output from PMD, application has to ensure the buffer is large
+ * enough to hold the target data.
+ *
+ * If an operation requires the PMD to generate a random number,
+ * and the device supports CSRNG, 'data' should be set to NULL.
+ * The crypto parameter in question will not be used by the PMD,
+ * as it is internally generated.
*/
-struct rte_crypto_rsa_priv_key_qt {
- rte_crypto_param p;
- /**< p - Private key component P
- * Private key component of RSA parameter required for CRT method
- * of private key operations in Octet-string network byte order
- * format.
- */
-
- rte_crypto_param q;
- /**< q - Private key component Q
- * Private key component of RSA parameter required for CRT method
- * of private key operations in Octet-string network byte order
- * format.
- */
+typedef struct rte_crypto_param_t {
+ uint8_t *data;
+ /**< pointer to buffer holding data */
+ rte_iova_t iova;
+ /**< IO address of data buffer */
+ size_t length;
+ /**< length of data in bytes */
+} rte_crypto_param;
- rte_crypto_param dP;
- /**< dP - Private CRT component
- * Private CRT component of RSA parameter required for CRT method
- * RSA private key operations in Octet-string network byte order
- * format.
- * dP = d mod ( p - 1 )
- */
+/** Unsigned big-integer in big-endian format */
+typedef rte_crypto_param rte_crypto_uint;
- rte_crypto_param dQ;
- /**< dQ - Private CRT component
- * Private CRT component of RSA parameter required for CRT method
- * RSA private key operations in Octet-string network byte order
- * format.
- * dQ = d mod ( q - 1 )
- */
+/**
+ * Structure for elliptic curve point
+ */
+struct rte_crypto_ec_point {
+ rte_crypto_param x;
+ /**< X coordinate */
+ rte_crypto_param y;
+ /**< Y coordinate */
+};
- rte_crypto_param qInv;
- /**< qInv - Private CRT component
- * Private CRT component of RSA parameter required for CRT method
- * RSA private key operations in Octet-string network byte order
- * format.
- * qInv = inv q mod p
- */
+/**
+ * Structure describing RSA private key in quintuple format.
+ * See PKCS V1.5 RSA Cryptography Standard.
+ */
+struct rte_crypto_rsa_priv_key_qt {
+ rte_crypto_uint p;
+ /**< the first factor */
+ rte_crypto_uint q;
+ /**< the second factor */
+ rte_crypto_uint dP;
+ /**< the first factor's CRT exponent */
+ rte_crypto_uint dQ;
+ /**< the second's factor's CRT exponent */
+ rte_crypto_uint qInv;
+ /**< the CRT coefficient */
};
/**
@@ -208,29 +209,17 @@ struct rte_crypto_rsa_priv_key_qt {
*
*/
struct rte_crypto_rsa_xform {
- rte_crypto_param n;
- /**< n - Modulus
- * Modulus data of RSA operation in Octet-string network
- * byte order format.
- */
-
- rte_crypto_param e;
- /**< e - Public key exponent
- * Public key exponent used for RSA public key operations in Octet-
- * string network byte order format.
- */
+ rte_crypto_uint n;
+ /**< the RSA modulus */
+ rte_crypto_uint e;
+ /**< the RSA public exponent */
enum rte_crypto_rsa_priv_key_type key_type;
RTE_STD_C11
union {
- rte_crypto_param d;
- /**< d - Private key exponent
- * Private key exponent used for RSA
- * private key operations in
- * Octet-string network byte order format.
- */
-
+ rte_crypto_uint d;
+ /**< the RSA private exponent */
struct rte_crypto_rsa_priv_key_qt qt;
/**< qt - Private key in quintuple format */
};
@@ -243,20 +232,10 @@ struct rte_crypto_rsa_xform {
*
*/
struct rte_crypto_modex_xform {
- rte_crypto_param modulus;
- /**< modulus
- * Pointer to the modulus data for modexp transform operation
- * in octet-string network byte order format
- *
- * In case this number is equal to zero the driver shall set
- * the crypto op status field to RTE_CRYPTO_OP_STATUS_ERROR
- */
-
- rte_crypto_param exponent;
- /**< exponent
- * Exponent of the modexp transform operation in
- * octet-string network byte order format
- */
+ rte_crypto_uint modulus;
+ /**< Modulus data for modexp transform operation */
+ rte_crypto_uint exponent;
+ /**< Exponent of the modexp transform operation */
};
/**
@@ -266,18 +245,8 @@ struct rte_crypto_modex_xform {
*
*/
struct rte_crypto_modinv_xform {
- rte_crypto_param modulus;
- /**<
- * Pointer to the modulus data for modular multiplicative inverse
- * operation in octet-string network byte order format
- *
- * In case this number is equal to zero the driver shall set
- * the crypto op status field to RTE_CRYPTO_OP_STATUS_ERROR
- *
- * This number shall be relatively prime to base
- * in corresponding Modular Multiplicative Inverse
- * rte_crypto_mod_op_param
- */
+ rte_crypto_uint modulus;
+ /**< Modulus data for modular multiplicative inverse operation */
};
/**
@@ -289,19 +258,10 @@ struct rte_crypto_modinv_xform {
struct rte_crypto_dh_xform {
enum rte_crypto_asym_op_type type;
/**< Setup xform for key generate or shared secret compute */
-
- rte_crypto_param p;
- /**< p : Prime modulus data
- * DH prime modulus data in octet-string network byte order format.
- *
- */
-
- rte_crypto_param g;
- /**< g : Generator
- * DH group generator data in octet-string network byte order
- * format.
- *
- */
+ rte_crypto_uint p;
+ /**< Prime modulus data */
+ rte_crypto_uint g;
+ /**< DH Generator */
};
/**
@@ -311,22 +271,13 @@ struct rte_crypto_dh_xform {
*
*/
struct rte_crypto_dsa_xform {
- rte_crypto_param p;
- /**< p - Prime modulus
- * Prime modulus data for DSA operation in Octet-string network byte
- * order format.
- */
- rte_crypto_param q;
- /**< q : Order of the subgroup.
- * Order of the subgroup data in Octet-string network byte order
- * format.
- * (p-1) % q = 0
- */
- rte_crypto_param g;
- /**< g: Generator of the subgroup
- * Generator data in Octet-string network byte order format.
- */
- rte_crypto_param x;
+ rte_crypto_uint p;
+ /**< Prime modulus */
+ rte_crypto_uint q;
+ /**< Order of the subgroup */
+ rte_crypto_uint g;
+ /**< Generator of the subgroup */
+ rte_crypto_uint x;
/**< x: Private key of the signer in octet-string network
* byte order format.
* Used when app has pre-defined private key.
@@ -337,29 +288,6 @@ struct rte_crypto_dsa_xform {
};
/**
- * TLS named curves
- * https://tools.ietf.org/html/rfc8422
- */
-enum rte_crypto_ec_group {
- RTE_CRYPTO_EC_GROUP_UNKNOWN = 0,
- RTE_CRYPTO_EC_GROUP_SECP192R1 = 19,
- RTE_CRYPTO_EC_GROUP_SECP224R1 = 21,
- RTE_CRYPTO_EC_GROUP_SECP256R1 = 23,
- RTE_CRYPTO_EC_GROUP_SECP384R1 = 24,
- RTE_CRYPTO_EC_GROUP_SECP521R1 = 25,
-};
-
-/**
- * Structure for elliptic curve point
- */
-struct rte_crypto_ec_point {
- rte_crypto_param x;
- /**< X coordinate */
- rte_crypto_param y;
- /**< Y coordinate */
-};
-
-/**
* Asymmetric elliptic curve transform data
*
* Structure describing all EC based xform params
@@ -376,65 +304,13 @@ struct rte_crypto_ec_xform {
*
*/
struct rte_crypto_mod_op_param {
- rte_crypto_param base;
- /**<
- * Pointer to base of modular exponentiation/multiplicative
- * inverse data in octet-string network byte order format
- *
- * In case Multiplicative Inverse is used this number shall
- * be relatively prime to modulus in corresponding Modular
- * Multiplicative Inverse rte_crypto_modinv_xform
- */
-
- rte_crypto_param result;
- /**<
- * Pointer to the result of modular exponentiation/multiplicative inverse
- * data in octet-string network byte order format.
- *
- * This field shall be big enough to hold the result of Modular
- * Exponentiation or Modular Multiplicative Inverse
- * (bigger or equal to length of modulus)
- */
+ rte_crypto_uint base;
+ /** Base of modular exponentiation/multiplicative inverse */
+ rte_crypto_uint result;
+ /** Result of modular exponentiation/multiplicative inverse */
};
/**
- * Asymmetric crypto transform data
- *
- * Structure describing asym xforms.
- */
-struct rte_crypto_asym_xform {
- struct rte_crypto_asym_xform *next;
- /**< Pointer to next xform to set up xform chain.*/
- enum rte_crypto_asym_xform_type xform_type;
- /**< Asymmetric crypto transform */
-
- RTE_STD_C11
- union {
- struct rte_crypto_rsa_xform rsa;
- /**< RSA xform parameters */
-
- struct rte_crypto_modex_xform modex;
- /**< Modular Exponentiation xform parameters */
-
- struct rte_crypto_modinv_xform modinv;
- /**< Modular Multiplicative Inverse xform parameters */
-
- struct rte_crypto_dh_xform dh;
- /**< DH xform parameters */
-
- struct rte_crypto_dsa_xform dsa;
- /**< DSA xform parameters */
-
- struct rte_crypto_ec_xform ec;
- /**< EC xform parameters, used by elliptic curve based
- * operations.
- */
- };
-};
-
-struct rte_cryptodev_asym_session;
-
-/**
* RSA operation params
*
*/
@@ -515,30 +391,27 @@ struct rte_crypto_rsa_op_param {
* @note:
*/
struct rte_crypto_dh_op_param {
- rte_crypto_param pub_key;
+ rte_crypto_uint pub_key;
/**<
* Output generated public key when xform type is
* DH PUB_KEY_GENERATION.
* Input peer public key when xform type is DH
* SHARED_SECRET_COMPUTATION
- * pub_key is in octet-string network byte order format.
*
*/
- rte_crypto_param priv_key;
+ rte_crypto_uint priv_key;
/**<
* Output generated private key if xform type is
* DH PRIVATE_KEY_GENERATION
* Input when xform type is DH SHARED_SECRET_COMPUTATION.
- * priv_key is in octet-string network byte order format.
*
*/
- rte_crypto_param shared_secret;
+ rte_crypto_uint shared_secret;
/**<
* Output with calculated shared secret
* when dh xform set up with op type = SHARED_SECRET_COMPUTATION.
- * shared_secret is an octet-string network byte order format.
*
*/
};
@@ -552,28 +425,26 @@ struct rte_crypto_dsa_op_param {
/**< Signature Generation or Verification */
rte_crypto_param message;
/**< input message to be signed or verified */
- rte_crypto_param k;
+ rte_crypto_uint k;
/**< Per-message secret number, which is an integer
* in the interval (1, q-1).
* If the random number is generated by the PMD,
* the 'rte_crypto_param.data' parameter should be set to NULL.
*/
- rte_crypto_param r;
+ rte_crypto_uint r;
/**< dsa sign component 'r' value
*
* output if op_type = sign generate,
* input if op_type = sign verify
*/
- rte_crypto_param s;
+ rte_crypto_uint s;
/**< dsa sign component 's' value
*
* output if op_type = sign generate,
* input if op_type = sign verify
*/
- rte_crypto_param y;
+ rte_crypto_uint y;
/**< y : Public key of the signer.
- * Public key data of the signer in Octet-string network byte order
- * format.
* y = g^x mod p
*/
};
@@ -585,7 +456,7 @@ struct rte_crypto_ecdsa_op_param {
enum rte_crypto_asym_op_type op_type;
/**< Signature generation or verification */
- rte_crypto_param pkey;
+ rte_crypto_uint pkey;
/**< Private key of the signer for signature generation */
struct rte_crypto_ec_point q;
@@ -594,19 +465,19 @@ struct rte_crypto_ecdsa_op_param {
rte_crypto_param message;
/**< Input message digest to be signed or verified */
- rte_crypto_param k;
+ rte_crypto_uint k;
/**< The ECDSA per-message secret number, which is an integer
* in the interval (1, n-1).
* If the random number is generated by the PMD,
* the 'rte_crypto_param.data' parameter should be set to NULL.
*/
- rte_crypto_param r;
+ rte_crypto_uint r;
/**< r component of elliptic curve signature
* output : for signature generation
* input : for signature verification
*/
- rte_crypto_param s;
+ rte_crypto_uint s;
/**< s component of elliptic curve signature
* output : for signature generation
* input : for signature verification
@@ -628,6 +499,41 @@ struct rte_crypto_ecpm_op_param {
};
/**
+ * Asymmetric crypto transform data
+ *
+ * Structure describing asym xforms.
+ */
+struct rte_crypto_asym_xform {
+ struct rte_crypto_asym_xform *next;
+ /**< Pointer to next xform to set up xform chain.*/
+ enum rte_crypto_asym_xform_type xform_type;
+ /**< Asymmetric crypto transform */
+
+ RTE_STD_C11
+ union {
+ struct rte_crypto_rsa_xform rsa;
+ /**< RSA xform parameters */
+
+ struct rte_crypto_modex_xform modex;
+ /**< Modular Exponentiation xform parameters */
+
+ struct rte_crypto_modinv_xform modinv;
+ /**< Modular Multiplicative Inverse xform parameters */
+
+ struct rte_crypto_dh_xform dh;
+ /**< DH xform parameters */
+
+ struct rte_crypto_dsa_xform dsa;
+ /**< DSA xform parameters */
+
+ struct rte_crypto_ec_xform ec;
+ /**< EC xform parameters, used by elliptic curve based
+ * operations.
+ */
+ };
+};
+
+/**
* Asymmetric Cryptographic Operation.
*
* Structure describing asymmetric crypto operation params.
--
2.13.6
next prev parent reply other threads:[~2022-02-02 6:50 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-02 6:50 [PATCH 0/4] Clarify asymmetric random, add 'k', uint Arek Kusztal
2022-02-02 6:50 ` [PATCH 1/4] crypto: add dsa random number k Arek Kusztal
2022-02-04 10:02 ` Zhang, Roy Fan
2022-02-07 7:33 ` [EXT] " Akhil Goyal
2022-02-02 6:50 ` [PATCH 2/4] crypto: clarify usage of random numbers in asym Arek Kusztal
2022-02-04 10:03 ` Zhang, Roy Fan
2022-02-02 6:50 ` [PATCH 3/4] crypto: use rte macro instead of direct attribute Arek Kusztal
2022-02-04 10:04 ` Zhang, Roy Fan
2022-02-02 6:50 ` Arek Kusztal [this message]
2022-02-04 10:04 ` [PATCH 4/4] crypto: reorganize endianness comments, add crypto uint Zhang, Roy Fan
2022-02-04 10:03 ` [PATCH 0/4] Clarify asymmetric random, add 'k', uint Zhang, Roy Fan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220202065030.23276-5-arkadiuszx.kusztal@intel.com \
--to=arkadiuszx.kusztal@intel.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=rbalu@marvell.com \
--cc=roy.fan.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).