From: Arek Kusztal <arkadiuszx.kusztal@intel.com>
To: dev@dpdk.org
Cc: gakhil@marvell.com, roy.fan.zhang@intel.com,
Arek Kusztal <arkadiuszx.kusztal@intel.com>
Subject: [PATCH v3 2/4] crypto: clarify usage of random numbers in asym
Date: Fri, 11 Feb 2022 16:02:36 +0000 [thread overview]
Message-ID: <20220211160238.90065-3-arkadiuszx.kusztal@intel.com> (raw)
In-Reply-To: <20220211160238.90065-1-arkadiuszx.kusztal@intel.com>
This commit clarifies usage of random numbers in asymmetric
crypto API.
The user is now allowed to provide information to the PMD if random
number should be generated or should be read from user input.
If PMD does not support random number generation user should
always provide it, if PMD does not support user random,
rte_crypto_param.data accordingly should be set to NULL.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
lib/cryptodev/rte_crypto_asym.h | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index e0def3d9ab..58d47158de 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -33,6 +33,11 @@ extern "C" {
* These buffers can be used for both input to PMD and output from PMD. When
* used for output from PMD, application has to ensure the buffer is large
* enough to hold the target data.
+ *
+ * If an operation requires the PMD to generate a random number,
+ * and the device supports CSRNG, 'data' should be set to NULL.
+ * The crypto parameter in question will not be used by the PMD,
+ * as it is internally generated.
*/
typedef struct rte_crypto_param_t {
uint8_t *data;
@@ -549,7 +554,9 @@ struct rte_crypto_dsa_op_param {
/**< input message to be signed or verified */
rte_crypto_param k;
/**< Per-message secret number, which is an integer
- * in the interval (1, q-1)
+ * in the interval (1, q-1).
+ * If the random number is generated by the PMD,
+ * the 'rte_crypto_param.data' parameter should be set to NULL.
*/
rte_crypto_param r;
/**< dsa sign component 'r' value
@@ -589,7 +596,9 @@ struct rte_crypto_ecdsa_op_param {
rte_crypto_param k;
/**< The ECDSA per-message secret number, which is an integer
- * in the interval (1, n-1)
+ * in the interval (1, n-1).
+ * If the random number is generated by the PMD,
+ * the 'rte_crypto_param.data' parameter should be set to NULL.
*/
rte_crypto_param r;
--
2.13.6
next prev parent reply other threads:[~2022-02-11 17:09 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-11 16:02 [PATCH v3 0/4] Clarify asymmetric random, add 'k' and crypto uint Arek Kusztal
2022-02-11 16:02 ` [PATCH v3 1/4] crypto: add dsa random number k Arek Kusztal
2022-02-11 16:02 ` Arek Kusztal [this message]
2022-02-11 16:02 ` [PATCH v3 3/4] crypto: use rte macro instead of direct attribute Arek Kusztal
2022-02-11 16:02 ` [PATCH v3 4/4] crypto: reorganize endianness comments, add crypto uint Arek Kusztal
2022-02-12 10:52 ` [EXT] [PATCH v3 0/4] Clarify asymmetric random, add 'k' and " Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220211160238.90065-3-arkadiuszx.kusztal@intel.com \
--to=arkadiuszx.kusztal@intel.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=roy.fan.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).