From: Arek Kusztal <arkadiuszx.kusztal@intel.com>
To: dev@dpdk.org
Cc: gakhil@marvell.com, roy.fan.zhang@intel.com,
Arek Kusztal <arkadiuszx.kusztal@intel.com>
Subject: [PATCH v5 10/12] cryptodev: move RSA padding into separate struct
Date: Wed, 1 Jun 2022 10:02:47 +0100 [thread overview]
Message-ID: <20220601090249.86865-11-arkadiuszx.kusztal@intel.com> (raw)
In-Reply-To: <20220601090249.86865-1-arkadiuszx.kusztal@intel.com>
- move RSA padding into separate struct.
More padding members should be added into padding,
therefore having separate struct for padding parameters will
make this more readable.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
app/test/test_cryptodev_asym.c | 10 ++--
drivers/common/cpt/cpt_ucode_asym.h | 4 +-
drivers/crypto/cnxk/cnxk_ae.h | 8 +--
drivers/crypto/octeontx/otx_cryptodev_ops.c | 4 +-
drivers/crypto/openssl/rte_openssl_pmd.c | 2 +-
drivers/crypto/qat/qat_asym.c | 12 ++---
lib/cryptodev/rte_crypto_asym.h | 80 ++++++++++++++++-------------
7 files changed, 63 insertions(+), 57 deletions(-)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 9d044c65b2..7bd7cde16e 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -94,7 +94,7 @@ queue_ops_rsa_sign_verify(void *sess)
asym_op->rsa.message.length = rsaplaintext.len;
asym_op->rsa.sign.length = 0;
asym_op->rsa.sign.data = output_buf;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
+ asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
@@ -126,7 +126,7 @@ queue_ops_rsa_sign_verify(void *sess)
/* Verify sign */
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_VERIFY;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
+ asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -185,7 +185,7 @@ queue_ops_rsa_enc_dec(void *sess)
asym_op->rsa.cipher.data = cipher_buf;
asym_op->rsa.cipher.length = 0;
asym_op->rsa.message.length = rsaplaintext.len;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
+ asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
debug_hexdump(stdout, "message", asym_op->rsa.message.data,
asym_op->rsa.message.length);
@@ -217,7 +217,7 @@ queue_ops_rsa_enc_dec(void *sess)
asym_op = result_op->asym;
asym_op->rsa.message.length = 0;
asym_op->rsa.op_type = RTE_CRYPTO_ASYM_OP_DECRYPT;
- asym_op->rsa.pad = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
+ asym_op->rsa.padding.type = RTE_CRYPTO_RSA_PADDING_PKCS1_5;
/* Process crypto operation */
if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
@@ -414,7 +414,7 @@ test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params,
}
xform_tc.rsa.key_type = key_type;
- op->asym->rsa.pad = data_tc->rsa_data.padding;
+ op->asym->rsa.padding.type = data_tc->rsa_data.padding;
if (op->asym->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
asym_op->rsa.message.data = data_tc->rsa_data.pt.data;
diff --git a/drivers/common/cpt/cpt_ucode_asym.h b/drivers/common/cpt/cpt_ucode_asym.h
index f5d91f2583..1105a0c125 100644
--- a/drivers/common/cpt/cpt_ucode_asym.h
+++ b/drivers/common/cpt/cpt_ucode_asym.h
@@ -327,7 +327,7 @@ cpt_rsa_prep(struct asym_op_params *rsa_params,
/* Result buffer */
rlen = mod_len;
- if (rsa_op.pad == RTE_CRYPTO_RSA_PADDING_NONE) {
+ if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
/* Use mod_exp operation for no_padding type */
vq_cmd_w0.s.opcode.minor = CPT_MINOR_OP_MODEX;
vq_cmd_w0.s.param2 = exp_len;
@@ -412,7 +412,7 @@ cpt_rsa_crt_prep(struct asym_op_params *rsa_params,
/* Result buffer */
rlen = mod_len;
- if (rsa_op.pad == RTE_CRYPTO_RSA_PADDING_NONE) {
+ if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
/*Use mod_exp operation for no_padding type */
vq_cmd_w0.s.opcode.minor = CPT_MINOR_OP_MODEX_CRT;
} else {
diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h
index 10854c79c8..0562f72270 100644
--- a/drivers/crypto/cnxk/cnxk_ae.h
+++ b/drivers/crypto/cnxk/cnxk_ae.h
@@ -288,7 +288,7 @@ cnxk_ae_rsa_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf,
dptr += in_size;
dlen = total_key_len + in_size;
- if (rsa_op.pad == RTE_CRYPTO_RSA_PADDING_NONE) {
+ if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
/* Use mod_exp operation for no_padding type */
w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX;
w4.s.param2 = exp_len;
@@ -347,7 +347,7 @@ cnxk_ae_rsa_crt_prep(struct rte_crypto_op *op, struct roc_ae_buf_ptr *meta_buf,
dptr += in_size;
dlen = total_key_len + in_size;
- if (rsa_op.pad == RTE_CRYPTO_RSA_PADDING_NONE) {
+ if (rsa_op.padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
/*Use mod_exp operation for no_padding type */
w4.s.opcode_minor = ROC_AE_MINOR_OP_MODEX_CRT;
} else {
@@ -675,7 +675,7 @@ cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop, uint8_t *rptr,
memcpy(rsa->cipher.data, rptr, rsa->cipher.length);
break;
case RTE_CRYPTO_ASYM_OP_DECRYPT:
- if (rsa->pad == RTE_CRYPTO_RSA_PADDING_NONE) {
+ if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
rsa->message.length = rsa_ctx->n.length;
memcpy(rsa->message.data, rptr, rsa->message.length);
} else {
@@ -695,7 +695,7 @@ cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop, uint8_t *rptr,
memcpy(rsa->sign.data, rptr, rsa->sign.length);
break;
case RTE_CRYPTO_ASYM_OP_VERIFY:
- if (rsa->pad == RTE_CRYPTO_RSA_PADDING_NONE) {
+ if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
rsa->sign.length = rsa_ctx->n.length;
memcpy(rsa->sign.data, rptr, rsa->sign.length);
} else {
diff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c
index d5851d9987..914b17decf 100644
--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c
+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c
@@ -736,7 +736,7 @@ otx_cpt_asym_rsa_op(struct rte_crypto_op *cop, struct cpt_request_info *req,
memcpy(rsa->cipher.data, req->rptr, rsa->cipher.length);
break;
case RTE_CRYPTO_ASYM_OP_DECRYPT:
- if (rsa->pad == RTE_CRYPTO_RSA_PADDING_NONE)
+ if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
rsa->message.length = rsa_ctx->n.length;
else {
/* Get length of decrypted output */
@@ -753,7 +753,7 @@ otx_cpt_asym_rsa_op(struct rte_crypto_op *cop, struct cpt_request_info *req,
memcpy(rsa->sign.data, req->rptr, rsa->sign.length);
break;
case RTE_CRYPTO_ASYM_OP_VERIFY:
- if (rsa->pad == RTE_CRYPTO_RSA_PADDING_NONE)
+ if (rsa->padding.type == RTE_CRYPTO_RSA_PADDING_NONE)
rsa->sign.length = rsa_ctx->n.length;
else {
/* Get length of decrypted output */
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 8270b01517..6ac2dfff5a 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1896,7 +1896,7 @@ process_openssl_rsa_op(struct rte_crypto_op *cop,
int ret = 0;
struct rte_crypto_asym_op *op = cop->asym;
RSA *rsa = sess->u.r.rsa;
- uint32_t pad = (op->rsa.pad);
+ uint32_t pad = (op->rsa.padding.type);
uint8_t *tmp;
cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index d2041b2efa..82a0450aed 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -332,7 +332,7 @@ rsa_set_pub_input(struct rte_crypto_asym_op *asym_op,
alg_bytesize = qat_function.bytesize;
if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_ENCRYPT) {
- switch (asym_op->rsa.pad) {
+ switch (asym_op->rsa.padding.type) {
case RTE_CRYPTO_RSA_PADDING_NONE:
SET_PKE_LN(asym_op->rsa.message, alg_bytesize, 0);
break;
@@ -344,7 +344,7 @@ rsa_set_pub_input(struct rte_crypto_asym_op *asym_op,
}
HEXDUMP("RSA Message", cookie->input_array[0], alg_bytesize);
} else {
- switch (asym_op->rsa.pad) {
+ switch (asym_op->rsa.padding.type) {
case RTE_CRYPTO_RSA_PADDING_NONE:
SET_PKE_LN(asym_op->rsa.sign, alg_bytesize, 0);
break;
@@ -430,7 +430,7 @@ rsa_set_priv_input(struct rte_crypto_asym_op *asym_op,
if (asym_op->rsa.op_type ==
RTE_CRYPTO_ASYM_OP_DECRYPT) {
- switch (asym_op->rsa.pad) {
+ switch (asym_op->rsa.padding.type) {
case RTE_CRYPTO_RSA_PADDING_NONE:
SET_PKE_LN(asym_op->rsa.cipher, alg_bytesize, 0);
HEXDUMP("RSA ciphertext", cookie->input_array[0],
@@ -444,7 +444,7 @@ rsa_set_priv_input(struct rte_crypto_asym_op *asym_op,
} else if (asym_op->rsa.op_type ==
RTE_CRYPTO_ASYM_OP_SIGN) {
- switch (asym_op->rsa.pad) {
+ switch (asym_op->rsa.padding.type) {
case RTE_CRYPTO_RSA_PADDING_NONE:
SET_PKE_LN(asym_op->rsa.message, alg_bytesize, 0);
HEXDUMP("RSA text to be signed", cookie->input_array[0],
@@ -503,7 +503,7 @@ rsa_collect(struct rte_crypto_asym_op *asym_op,
} else {
uint8_t *rsa_result = asym_op->rsa.cipher.data;
- switch (asym_op->rsa.pad) {
+ switch (asym_op->rsa.padding.type) {
case RTE_CRYPTO_RSA_PADDING_NONE:
rte_memcpy(rsa_result,
cookie->output_array[0],
@@ -521,7 +521,7 @@ rsa_collect(struct rte_crypto_asym_op *asym_op,
if (asym_op->rsa.op_type == RTE_CRYPTO_ASYM_OP_DECRYPT) {
uint8_t *rsa_result = asym_op->rsa.message.data;
- switch (asym_op->rsa.pad) {
+ switch (asym_op->rsa.padding.type) {
case RTE_CRYPTO_RSA_PADDING_NONE:
rte_memcpy(rsa_result,
cookie->output_array[0],
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index 5f6bf41e68..ae0b62c22f 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -236,6 +236,47 @@ struct rte_crypto_rsa_priv_key_qt {
};
/**
+ * RSA padding type
+ */
+struct rte_crypto_rsa_padding {
+ enum rte_crypto_rsa_padding_type type;
+ /**< RSA padding scheme to be used for transform */
+ enum rte_crypto_auth_algorithm md;
+ /**<
+ * RSA padding hash algorithm
+ * Valid hash algorithms are:
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ *
+ * When a specific padding type is selected, the following rules apply:
+ * - RTE_CRYPTO_RSA_PADDING_NONE:
+ * This field is ignored by the PMD
+ *
+ * - RTE_CRYPTO_RSA_PADDING_PKCS1_5:
+ * When signing an operation this field is used to determine value
+ * of the DigestInfo structure, therefore specifying which algorithm
+ * was used to create the message digest.
+ * When doing encryption/decryption this field is ignored for this
+ * padding type.
+ *
+ * - RTE_CRYPTO_RSA_PADDING_OAEP
+ * This field shall be set with the hash algorithm used
+ * in the padding scheme
+ *
+ * - RTE_CRYPTO_RSA_PADDING_PSS
+ * This field shall be set with the hash algorithm used
+ * in the padding scheme (and to create the input message digest)
+ */
+ enum rte_crypto_auth_algorithm mgf1md;
+ /**<
+ * Hash algorithm to be used for mask generation if the
+ * padding scheme is either OAEP or PSS. If the padding
+ * scheme is unspecified a data hash algorithm is used
+ * for mask generation. Valid hash algorithms are:
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+};
+
+/**
* Asymmetric RSA transform data
*
* Structure describing RSA xform params
@@ -391,43 +432,8 @@ struct rte_crypto_rsa_op_param {
* All data is in Octet-string network byte order format.
*/
- enum rte_crypto_rsa_padding_type pad;
- /**< RSA padding scheme to be used for transform */
-
- enum rte_crypto_auth_algorithm md;
- /**<
- * RSA padding hash algorithm
- * Valid hash algorithms are:
- * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
- *
- * When a specific padding type is selected, the following rule apply:
- * - RTE_CRYPTO_RSA_PADDING_NONE:
- * This field is ignored by the PMD
- *
- * - RTE_CRYPTO_RSA_PADDING_PKCS1_5:
- * For sign operation, this field is used to determine value
- * of the DigestInfo structure, therefore specifying which algorithm
- * was used to create the message digest.
- * For encryption/decryption, this field is ignored for this
- * padding type.
- *
- * - RTE_CRYPTO_RSA_PADDING_OAEP
- * This field shall be set with the hash algorithm used
- * in the padding scheme
- *
- * - RTE_CRYPTO_RSA_PADDING_PSS
- * This field shall be set with the hash algorithm used
- * in the padding scheme (and to create the input message digest)
- */
-
- enum rte_crypto_auth_algorithm mgf1md;
- /**<
- * Hash algorithm to be used for mask generation if
- * padding scheme is either OAEP or PSS. If padding
- * scheme is unspecified data hash algorithm is used
- * for mask generation. Valid hash algorithms are:
- * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
- */
+ struct rte_crypto_rsa_padding padding;
+ /**< RSA padding information */
};
/**
--
2.13.6
next prev parent reply other threads:[~2022-06-01 10:11 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-01 9:02 [PATCH v5 00/12] cryptodev: rsa, dh, ecdh changes Arek Kusztal
2022-06-01 9:02 ` [PATCH v5 01/12] cryptodev: redefine ec group enum Arek Kusztal
2022-06-01 9:02 ` [PATCH v5 02/12] cryptodev: separate key exchange operation enum Arek Kusztal
2022-06-01 9:02 ` [PATCH v5 03/12] cryptodev: remove comment about using ephemeral key in dsa Arek Kusztal
2022-06-01 9:02 ` [PATCH v5 04/12] cryptodev: clarify usage of private key in dh Arek Kusztal
2022-06-01 9:02 ` [PATCH v5 05/12] cryptodev: move dh type from xform to dh op Arek Kusztal
2022-06-01 9:02 ` [PATCH v5 06/12] cryptodev: add elliptic curve diffie hellman Arek Kusztal
2022-06-01 10:14 ` Kusztal, ArkadiuszX
2022-06-02 13:33 ` [EXT] " Akhil Goyal
2022-06-02 14:21 ` Ray Kinsella
2022-06-02 14:25 ` Akhil Goyal
2022-06-02 14:46 ` Kusztal, ArkadiuszX
2022-06-03 13:26 ` Ray Kinsella
2022-06-01 9:02 ` [PATCH v5 07/12] cryptodev: add public key verify option Arek Kusztal
2022-06-01 9:02 ` [PATCH v5 08/12] cryptodev: add asym op flags Arek Kusztal
2022-06-01 9:02 ` [PATCH v5 09/12] cryptodev: clarify usage of rsa padding hash Arek Kusztal
2022-06-01 9:02 ` Arek Kusztal [this message]
2022-06-01 9:02 ` [PATCH v5 11/12] cryptodev: clarify rsa verify with none padding Arek Kusztal
2022-06-01 9:02 ` [PATCH v5 12/12] cryptodev: add salt length and optional label Arek Kusztal
2022-06-02 10:07 ` [EXT] [PATCH v5 00/12] cryptodev: rsa, dh, ecdh changes Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220601090249.86865-11-arkadiuszx.kusztal@intel.com \
--to=arkadiuszx.kusztal@intel.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=roy.fan.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).