From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id 79D009990 for ; Thu, 25 May 2017 18:00:46 +0200 (CEST) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 25 May 2017 09:00:45 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.38,392,1491289200"; d="scan'208";a="1174281771" Received: from irsmsx154.ger.corp.intel.com ([163.33.192.96]) by fmsmga002.fm.intel.com with ESMTP; 25 May 2017 09:00:43 -0700 Received: from irsmsx101.ger.corp.intel.com ([169.254.1.187]) by IRSMSX154.ger.corp.intel.com ([169.254.12.233]) with mapi id 14.03.0319.002; Thu, 25 May 2017 17:00:42 +0100 From: "Trahe, Fiona" To: Umesh Kartha , "dev@dpdk.org" CC: Jerin Jacob , "Balasubramanian Manoharan" , Ram Kumar , Murthy Nidadavolu , "Doherty, Declan" , "De Lara Guarch, Pablo" , "Trahe, Fiona" Thread-Topic: [RFC PATCH v2 1/3] cryptodev: added asymmetric algorithms Thread-Index: AQHSylNB6CS41jndQUmTIE8MZjbIeaIFQ1Pw Date: Thu, 25 May 2017 16:00:42 +0000 Message-ID: <348A99DA5F5B7549AA880327E580B435891FCF16@IRSMSX101.ger.corp.intel.com> References: <1490177802-13398-1-git-send-email-Umesh.Kartha@caviumnetworks.com> <1494506132-23107-1-git-send-email-Umesh.Kartha@caviumnetworks.com> <1494506132-23107-2-git-send-email-Umesh.Kartha@caviumnetworks.com> In-Reply-To: <1494506132-23107-2-git-send-email-Umesh.Kartha@caviumnetworks.com> Accept-Language: en-IE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 10.0.102.7 dlp-reaction: no-action x-originating-ip: [163.33.239.181] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dpdk-dev] [RFC PATCH v2 1/3] cryptodev: added asymmetric algorithms X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 May 2017 16:00:47 -0000 Hi Umesh, > -----Original Message----- > From: Umesh Kartha [mailto:Umesh.Kartha@caviumnetworks.com] > Sent: Thursday, May 11, 2017 1:36 PM > To: dev@dpdk.org > Cc: Jerin Jacob ; Balasubramanian Ma= noharan > ; Ram Kumar ;= Murthy > Nidadavolu ; Doherty, Declan ; De Lara > Guarch, Pablo ; Trahe, Fiona > Subject: [RFC PATCH v2 1/3] cryptodev: added asymmetric algorithms >=20 > Added asymmetric xform structures, operation definitions, operation > parameters. Added asymmetric algorithms RSA, DH, ECDH, DSA, ECDSA, > MODEXP, FECC, MOD-INVERSE. Added curves (all curves supported by > libcrypto as of now). >=20 > Signed-off-by: Umesh Kartha > --- > lib/librte_cryptodev/rte_crypto_asym.h | 1124 ++++++++++++++++++++++++++= ++++++ > 1 file changed, 1124 insertions(+) > create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h >=20 > diff --git lib/librte_cryptodev/rte_crypto_asym.h lib/librte_cryptodev/rt= e_crypto_asym.h > new file mode 100644 > index 0000000..36a8b4f > --- /dev/null > +++ lib/librte_cryptodev/rte_crypto_asym.h > @@ -0,0 +1,1124 @@ > +/* > + * BSD LICENSE > + * > + * Copyright (C) Cavium networks Ltd. 2017. > + * > + * Redistribution and use in source and binary forms, with or without > + * modification, are permitted provided that the following conditions > + * are met: > + * > + * * Redistributions of source code must retain the above copyright > + * notice, this list of conditions and the following disclaimer. > + * * Redistributions in binary form must reproduce the above copyrig= ht > + * notice, this list of conditions and the following disclaimer in > + * the documentation and/or other materials provided with the > + * distribution. > + * * Neither the name of Cavium Networks nor the names of its > + * contributors may be used to endorse or promote products derived > + * from this software without specific prior written permission. > + * > + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS F= OR > + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGH= T > + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTA= L, > + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT > + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF US= E, > + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON A= NY > + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT > + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE U= SE > + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE= . > + */ > + > +#ifndef _RTE_CRYPTO_ASYM_H_ > +#define _RTE_CRYPTO_ASYM_H_ > + > +/** > + * @file rte_crypto_asym.h > + * > + * RTE Definitions for Asymmetric Cryptography > + * > + * Defines asymmetric algorithms and modes, as well as supported > + * asymmetric crypto operations. > + */ > + > +#ifdef __cplusplus > +extern "C" { > +#endif > + > +#include > +#include > +#include > +#include > +#include > +#include > +#include "rte_crypto_sym.h" > + > +typedef struct rte_crypto_xform_param_t { > + uint8_t *data; > + size_t length; > +} rte_crypto_xform_param; > + > +typedef struct rte_crypto_op_param_t { > + uint8_t *data; > + phys_addr_t phys_addr; > + size_t length; > +} rte_crypto_op_param; [Fiona] Are both above lengths in bytes ? > + > +/** Asymmetric crypto transformation types */ > +enum rte_crypto_asym_xform_type { > + RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED =3D 0, > + RTE_CRYPTO_ASYM_XFORM_RSA, > + RTE_CRYPTO_ASYM_XFORM_MODEX, > + RTE_CRYPTO_ASYM_XFORM_DH, > + RTE_CRYPTO_ASYM_XFORM_ECDH, > + RTE_CRYPTO_ASYM_XFORM_DSA, > + RTE_CRYPTO_ASYM_XFORM_ECDSA, > + RTE_CRYPTO_ASYM_XFORM_FECC, > + RTE_CRYPTO_ASYM_XFORM_MODINV, > + RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END > +}; > + > +/** > + * RSA operation type variants > + */ > +enum rte_crypto_rsa_optype { > + RTE_CRYPTO_RSA_OP_NOT_SPECIFIED =3D 1, [Fiona] Is there a reason for not starting at 0 in all these enums? > + /**< RSA operation unspecified */ > + RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT, > + /**< RSA public encrypt operation */ > + RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT, > + /**< RSA private decrypt operation */ > + RTE_CRYPTO_RSA_OP_SIGN, > + /**< RSA private key signature operation */ > + RTE_CRYPTO_RSA_OP_VERIFY, > + /**< RSA public key verification operation */ > + RTE_CRYPTO_RSA_OP_LIST_END > +}; > + > +/** > + * Padding types for RSA signature. > + */ > +enum rte_crypto_rsa_padding_type { > + RTE_CRYPTO_RSA_PADDING_NOT_SPECIFIED =3D 1, > + /**< RSA no padding scheme */ > + RTE_CRYPTO_RSA_PADDING_BT1, > + /**< RSA PKCS#1 padding BT1 scheme */ > + RTE_CRYPTO_RSA_PADDING_BT2, > + /**< RSA PKCS#1 padding BT2 scheme */ > + RTE_CRYPTO_RSA_PADDING_OAEP, > + /**< RSA PKCS#1 OAEP padding scheme */ > + RTE_CRYPTO_RSA_PADDING_PSS, > + /**< RSA PKCS#1 PSS padding scheme */ > + RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END > +}; > + > +/** > + * Modular exponentiaion operation type variants > + */ > +enum rte_crypto_modex_optype { > + RTE_CRYPTO_MODEX_OP_NOT_SPECIFIED =3D 1, > + /**< ModEx operation type unspecified */ > + RTE_CRYPTO_MODEX_OP_MODEX, > + /**< Modex operation modular exponentiation */ > + RTE_CRYPTO_MODEX_OP_LIST_END > +}; > + > +/** > + * Modular Inverse operation type variants > + */ > +enum rte_crypto_modeinv_optype { > + RTE_CRYPTO_MODINV_OP_NOT_SPECIFIED =3D 1, > + /**< ModInv operation type unspecified */ > + RTE_CRYPTO_MODINV_OP_MODINV, > + /**< ModInv operation modular Inverse */ > + RTE_CRYPTO_MODEX_OP_LIST_END > +}; > + > +/** > + * DSA operation type variants > + */ > +enum rte_crypto_dsa_optype { > + RTE_CRYPTO_DSA_OP_NOT_SPECIFIED =3D 1, > + /**< DSA operation unspecified */ > + RTE_CRYPTO_DSA_OP_SIGN, > + /**< DSA private key signature operation */ > + RTE_CRYPTO_DSA_OP_VERIFY, > + /**< DSA public key verification operation */ > + RTE_CRYPTO_DSA_OP_LIST_END > +}; > + > + > +/** > + * ECDSA operation type variants > + */ > +enum rte_crypto_ecdsa_optype { > + RTE_CRYPTO_ECDSA_OP_NOT_SPECIFIED =3D 1, > + /**< ECDSA operation unspecified */ > + RTE_CRYPTO_ECDSA_OP_SIGN, > + /**< ECDSA private key signature operation */ > + RTE_CRYPTO_ECDSA_OP_VERIFY, > + /**< ECDSA public key verification operation */ > + RTE_CRYPTO_ECDSA_OP_LIST_END > +}; > + > +/** > + * Diffie Hellman Key operation variants > + */ > +enum rte_crypto_dh_optype { > + RTE_CRYPTO_DH_OP_NOT_SPECIFIED =3D 1, > + /**< DH operation unspecified */ > + RTE_CRYPTO_DH_OP_KEY_GENERATION, > + /**< DH private/public key generation operation */ > + RTE_CRYPTO_DH_OP_KEY_COMPUTATION, > + /**< DH private key computation operation */ > + RTE_CRYPTO_DH_OP_LIST_END > +}; > + > +/** > + * Elliptic Curve Diffie Hellman Key operation variants > + */ > +enum rte_crypto_ecdh_optype { > + RTE_CRYPTO_ECDH_OP_NOT_SPECIFIED =3D 1, > + /**< ECDH operation unspecified */ > + RTE_CRYPTO_ECDH_OP_KEY_GENERATION, > + /**< ECDH private/public key generation operation */ > + RTE_CRYPTO_ECDH_OP_KEY_CHECK, > + /**< ECDH public key validity check operation */ > + RTE_CRYPTO_ECDH_OP_KEY_COMPUTATION, > + /**< ECDH private key computation operation */ > + RTE_CRYPTO_ECDH_OP_LIST_END > +}; > + > +/** > + * Fundamental ECC operation type variants. > + */ > +enum rte_crypto_fecc_optype { > + RTE_CRYPTO_FECC_OP_NOT_SPECIFIED =3D 1, > + /**< FECC operation type unspecified */ > + RTE_CRYPTO_FECC_OP_POINT_ADD, > + /**< Fundamental ECC point addition operation */ > + RTE_CRYPTO_FECC_OP_POINT_DBL, > + /**< Fundamental ECC point doubling operation */ > + RTE_CRYPTO_FECC_OP_POINT_MULTIPLY, > + /**< Fundamental ECC point multiplication operation */ > + RTE_CRYPTO_FECC_OP_LIST_END > +}; > + > +/** > + * ECC list of curves. > + */ > +enum rte_crypto_ec_prime_curve { > + RTE_CRYPTO_EC_CURVE_NOT_SPECIFIED =3D -1, [Fiona] Why -1 ? > + /**< Unspecified or empty curve id */ > + RTE_CRYPTO_EC_CURVE_secp112r1, > + /**< SECG/WTLS curve over a 112 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp112r2, > + /**< SECG curve over a 112 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp128r1, > + /**< SECG curve over a 128 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp128r2, > + /**< SECG curve over a 128 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp160k1, > + /**< SECG curve over a 160 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp160r1, > + /**< SECG curve over a 160 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp160r2, > + /**< SECG/WTLS curve over a 160 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp192k1, > + /**< SECG curve over a 192 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp224k1, > + /**< SECG curve over a 224 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp224r1, > + /**< NIST/SECG curve over a 224 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp256k1, > + /**< SECG curve over a 256 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp384r1, > + /**< NIST/SECG curve over a 384 bit prime field */ > + RTE_CRYPTO_EC_CURVE_secp521r1, > + /**< NIST/SECG curve over a 521 bit prime field */ > + RTE_CRYPTO_EC_CURVE_prime192v1, > + /**< NIST/X9.62/SECG curve over a 192 bit prime field */ > + RTE_CRYPTO_EC_CURVE_prime192v2, > + /**< X9.62 curve over a 192 bit prime field */ > + RTE_CRYPTO_EC_CURVE_prime192v3, > + /**< X9.62 curve over a 192 bit prime field */ > + RTE_CRYPTO_EC_CURVE_prime239v1, > + /**< X9.62 curve over a 239 bit prime field */ > + RTE_CRYPTO_EC_CURVE_prime239v2, > + /**< X9.62 curve over a 239 bit prime field */ > + RTE_CRYPTO_EC_CURVE_prime239v3, > + /**< X9.62 curve over a 239 bit prime field */ > + RTE_CRYPTO_EC_CURVE_prime256v1, > + /**< X9.62/SECG curve over a 256 bit prime field */ > + RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls6, > + /**< SECG/WTLS curve over a 112 bit prime field */ > + RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls7, > + /**< SECG/WTLS curve over a 160 bit prime field */ > + RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls8, > + /**< WTLS curve over a 112 bit prime field */ > + RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls9, > + /**< WTLS curve over a 160 bit prime field */ > + RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls12, > + /**< WTLS curve over a 224 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP160r1, > + /**< RFC 5639 curve over a 160 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP160t1, > + /**< RFC 5639 curve over a 160 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP192r1, > + /**< RFC 5639 curve over a 192 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP192t1, > + /**< RFC 5639 curve over a 192 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP224r1, > + /**< RFC 5639 curve over a 224 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP224t1, > + /**< RFC 5639 curve over a 224 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP256r1, > + /**< RFC 5639 curve over a 256 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP256t1, > + /**< RFC 5639 curve over a 256 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP320r1, > + /**< RFC 5639 curve over a 320 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP320t1, > + /**< RFC 5639 curve over a 320 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP384r1, > + /**< RFC 5639 curve over a 384 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP384t1, > + /**< RFC 5639 curve over a 384 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP512r1, > + /**< RFC 5639 curve over a 512 bit prime field */ > + RTE_CRYPTO_EC_CURVE_brainpoolP512t1, > + /**< RFC 5639 curve over a 512 bit prime field */ > + RTE_CRYPTO_EC_CURVE_x25519, > + /**< Curve 25519 */ > + RTE_CRYPTO_EC_CURVE_LIST_END > +}; > + > +enum rte_crypto_ec_binary_curve { > + RTE_CRYPTO_EC_CURVE_NOT_SPECIFIED =3D -1, > + /**< Unspecified or empty curve id */ > + RTE_CRYPTO_EC_CURVE_sect113r1, > + /**< SECG curve over a 113 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect113r2, > + /**< SECG curve over a 113 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect131r1, > + /**< SECG/WTLS curve over a 131 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect131r2, > + /**< SECG curve over a 131 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect163k1, > + /**< NIST/SECG/WTLS curve over a 163 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect163r1, > + /**< SECG curve over a 163 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect163r2, > + /**< NIST/SECG curve over a 163 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect193r1, > + /**< SECG curve over a 193 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect193r2, > + /**< SECG curve over a 193 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect233k1, > + /**< NIST/SECG/WTLS curve over a 233 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect233r1, > + /**< NIST/SECG/WTLS curve over a 233 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect239k1, > + /**< SECG curve over a 239 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect283k1, > + /**< NIST/SECG curve over a 283 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect283r1, > + /**< NIST/SECG curve over a 283 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect409k1, > + /**< NIST/SECG curve over a 409 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect409r1, > + /**< NIST/SECG curve over a 409 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect571k1, > + /**< NIST/SECG curve over a 571 bit binary field */ > + RTE_CRYPTO_EC_CURVE_sect571r1, > + /**< NIST/SECG curve over a 571 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2pnb163v1, > + /**< X9.62 curve over a 163 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2pnb163v2, > + /**< X9.62 curve over a 163 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2pnb163v3, > + /**< X9.62 curve over a 163 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2pnb176v1, > + /**< X9.62 curve over a 176 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2tnb191v1, > + /**< X9.62 curve over a 191 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2tnb191v2, > + /**< X9.62 curve over a 191 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2tnb191v3, > + /**< X9.62 curve over a 191 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2pnb208w1, > + /**< X9.62 curve over a 208 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2tnb239v1, > + /**< X9.62 curve over a 239 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2tnb239v2, > + /**< X9.62 curve over a 239 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2tnb239v3, > + /**< X9.62 curve over a 239 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2pnb272w1, > + /**< X9.62 curve over a 272 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2pnb304w1, > + /**< X9.62 curve over a 304 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2tnb359v1, > + /**< X9.62 curve over a 359 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2pnb368w1, > + /**< X9.62 curve over a 368 bit binary field */ > + RTE_CRYPTO_EC_CURVE_c2tnb431r1, > + /**< X9.62 curve over a 431 bit binary field */ > + RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls1, > + /**< WTLS curve over a 113 bit binary field */ > + RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls3, > + /**< NIST/SECG/WTLS curve over a 163 bit binary field */ > + RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls4, > + /**< SECG curve over a 113 bit binary field */ > + RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls5, > + /**< X9.62 curve over a 163 bit binary field */ > + RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls10, > + /**< NIST/SECG/WTLS curve over a 233 bit binary field */ > + RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls11, > + /**< NIST/SECG/WTLS curve over a 233 bit binary field */ > + RTE_CRYPTO_EC_CURVE_LIST_END > +}; > + > +/** > + * Elliptic curve point format > + */ > +struct rte_crypto_ec_point { > + struct { > + int length; > + uint8_t *data; > + phys_addr_t phys_addr; > + /**< phys_addr is used only for points passed in the > + * asym_op structure. > + */ > + } x; > + /**< X co-ordinate */ > + > + struct { > + int length; > + uint8_t *data; > + phys_addr_t phys_addr; > + /**< phys_addr is used only for points passed in the > + * operation structure > + */ > + } y; > + /**< Y co-ordinate */ > +}; > + > +/** > + * Elliptic curve type > + */ > +enum rte_crypto_ec_curve_type { > + RTE_CRYPTO_EC_CURVE_TYPE_UNDEFINED, > + /**< Curve type undefined */ > + RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD, > + /**< EC curve defined over a prime field */ > + RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD, > + /**< EC curve defined over a binary field */ > + RTE_CRYPTO_EC_CURVE_LIST_END > +}; > + > +/** > + * Elliptic curve id > + */ > +struct rte_crypto_ec_curve_id { > + RTE_STD_C11 > + union { > + enum rte_crypto_ec_prime_curve pcurve; > + enum rte_crypto_ec_binary_curve bcurve; > + } > +}; > + > +/** > + * Asymmetric RSA transform data > + * > + * This structure contains data required to perform RSA crypto > + * transform. If all CRT components are filled, RSA private key > + * operations @ref RTE_CRYPTO_RSA_OP_SIGN and @ref > + * RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT uses CRT method for crypto > + * transform. > + */ > +struct rte_crypto_rsa_xform { > + > + rte_crypto_xform_param n; > + /**< n - Prime modulus > + * Prime modulus data of RSA operation in Octet-string network > + * byte order format. > + */ > + > + rte_crypto_xform_param e; > + /**< e - Public key exponent > + * Public key exponent used for RSA public key operations in Octet- > + * string network byte order format. > + */ > + > + rte_crypto_xform_param d; > + /**< d - Private key exponent > + * Private key exponent used for RSA private key operations in > + * Octet-string network byte order format. > + */ > + > + rte_crypto_xform_param p; > + /**< p - Private key component P > + * Private key component of RSA parameter required for CRT method > + * of private key operations in Octet-string network byte order > + * format. > + */ > + > + rte_crypto_xform_param q; > + /**< q - Private key component Q > + * Private key component of RSA parameter required for CRT method > + * of private key operations in Octet-string network byte order > + * format. > + */ > + > + rte_crypto_xform_param dP; > + /**< dP - Private CRT component > + * Private CRT component of RSA parameter required for CRT method > + * RSA private key operations in Octet-string network byte order > + * format. > + * dP =3D d mod ( p - 1 ) > + */ > + > + rte_crypto_xform_param dQ; > + /**< dQ - Private CRT component > + * Private CRT component of RSA parameter required for CRT method > + * RSA private key operations in Octet-string network byte order > + * format. > + * dQ =3D d mod ( q - 1 ) > + */ > + > + rte_crypto_xform_param qInv; > + /**< qInv - Private CRT component > + * Private CRT component of RSA parameter required for CRT method > + * RSA private key operations in Octet-string network byte order > + * format. > + * qInv =3D inv q mod p > + */ > +}; > + > +/** Asymmetric Modular exponentiation transform data > + * > + * This structure contains data required to perform modular exponentatio= n > + * crypto transform. If all CRT components are valid, crypto transform > + * operation follows CRT method. > + */ > +struct rte_crypto_modex_xform { > + > + rte_crypto_xform_param modulus; > + /**< modulus > + * Prime modulus of the modexp transform operation in Octet-string > + * network byte order format. > + */ > + > + rte_crypto_xform_param exponent; > + /**< exponent > + * Private exponent of the modexp transform operation in > + * Octet-string network byte order format. > + */ > +}; > + > +/** Asymmetric DH transform data > + * This structure contains data used to perform DH key > + * computation > + */ > +struct rte_crypto_dh_xform { > + rte_crypto_xform_param p; > + /**< p : Prime modulus data > + * DH prime modulous data in Octet-string network byte order format. > + */ > + > + rte_crypto_xform_param g; > + /**< g : Generator > + * DH group generator data in Octet-string network byte order > + * format. > + */ > + > + rte_crypto_xform_param priv_key; > + /**< priv_key > + * DH private key data in Octet-string network byte order format. > + */ > + > + rte_crypto_xform_param pub_key; > + /**< pub_key > + * DH public key data in Octet-string network byte order format. > + */ > +}; > + > +/**Asymmetric ECDH transform data > + * This structure contains data required to perform ECDH crypto > + * transform > + */ > +struct rte_crypto_ecdh_xform { > + > + enum rte_crypto_ec_curve_type curve_type; > + /**< ECDH curve type: Prime vs Binary */ > + > + struct rte_crypto_ec_curve_id curve_id; > + > + rte_crypto_xform_param n; > + /**< n : order > + * ECDH curve order data in Octet-string network byte order format. > + */ > + > + rte_crypto_xform_param p; > + /**< p: > + * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD: > + * p holds the prime modulus data in Octet string format. > + * > + * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD: > + * p holds reduction polynomial co-efficients and degree. > + */ > + > + rte_crypto_xform_param a; > + /**< Co-efficient 'a' of curve equation data in Octet-string network > + * byte order format. > + */ > + > + rte_crypto_xform_param b; > + /**< Co-efficient 'b' of curve equation data in Octet-string network > + * byte order format. > + */ > + > + struct rte_crypto_ec_point G; > + /**< G: EC curve generator > + * EC curve generator point data in Octet-string network byte order > + * format. > + */ > + > + rte_crypto_xform_param pkey; > + /**< pkey: Private key > + * Private key data for ECDH operation in Octet-string network byte > + * order format. > + */ > + > + struct rte_crypto_ecpoint Q; > + /**< Q: Public key point > + * Public key point data of ECDH operation in Octet-string network > + * byte order format. > + */ > + > + int h; > + /**< Co-factor of the curve */ > +}; > + > +/** Asymmetric Digital Signature transform operation > + * > + * This structure contains data required to perform asymmetric > + * digital signature crypto transform. > + */ > +struct rte_crypto_dsa_xform { > + > + rte_crypto_xform_param p; > + /**< p - Prime modulus > + * Prime modulus data for DSA operation in Octet-string network byte > + * order format. > + */ > + > + rte_crypto_xform_param q; > + /**< q : Order of the subgroup > + * Order of the subgroup data in Octet-string network byte order > + * format. > + * q % (p-1) =3D 0 > + */ > + > + rte_crypto_xform_param g; > + /**< g: Generator of the subgroup > + * Generator data in Octet-string network byte order format. > + */ > + > + rte_crypto_xform_param x; > + /**< x: Private key of the signer > + * Private key data in Octet-string network byte order format. > + * Private key is valid only for signature generation operation. > + */ > + > + rte_crypto_xform_param y; > + /**< y : Public key of the signer. > + * Public key data of the signer in Octet-string network byte order > + * format. > + * y =3D g^x mod p > + */ > +}; > + > +/** Asymmetric ECDSA transform data > + * > + * This structure contains data required to perform ECDSA crypto > + * transform. > + */ > +struct rte_crypto_ecdsa_xform { > + > + enum rte_crypto_ec_curve_type curve_type; > + /**< ECDSA curve type: Prime vs Binary */ > + > + struct rte_crypto_ec_curve_id curve_id; > + /**< EC curve ID */ > + > + rte_crypto_xform_param n; > + /**< n : order > + * ECDH curve order data in Octet-string network byte order format. > + */ > + > + rte_crypto_xform_param p; > + /**< p: > + * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD: > + * p holds the prime modulus data in Octet string format. > + * > + * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD: > + * p holds reduction polynomial co-efficients and degree. > + */ > + > + rte_crypto_xform_param a; > + /**< Co-efficient 'a' of curve equation data in Octet-string network > + * byte order format. > + */ > + > + rte_crypto_xform_param b; > + /**< Co-efficient 'b' of curve equation data in Octet-string network > + * byte order format. > + */ > + > + struct rte_crypto_ecpoint G; > + /**< G: EC curve generator > + * EC curve generator point data in Octet-string network byte order > + * format. > + */ > + > + rte_crypto_xform_param pkey; > + /**< pkey: Private key > + * Private key data of the signer for ECDSA signature generation > + * operation in Octet-string network byte format. Parameter is > + * invalid or unsed for signature verification. > + */ > + > + struct rte_crypto_ecpoint Q; > + /**< Q: Public key point > + * Public key point data of ECDSA operation in Octet-string network > + * byte order format. > + */ > + > + int h; > + /**< Co-factor of the curve */ > +}; > + > +/** Asymmetric modular inverse transform operation > + * This structure contains data required to perform > + * asymmetric modular inverse crypto transform > + */ > +struct rte_crypto_modinv_xform { > +}; > + > +/** Asymmetric Fundamental ECC transform operation > + * > + * This structure contains data required to perform asymmetric > + * fundamental ECC crypto transform. > + */ > +struct rte_crypto_fecc_xform { > + > + enum rte_crypto_ec_curve_type curve_type; > + /**< FECC curve type: Prime vs Binary */ > + > + struct rte_crypto_ec_curve_id curve_id; > + /**< EC curve ID */ > + > + rte_crypto_xform_param order; > + /**< order : ECC curve order > + * Curve order data in Octet-string network byte order format. > + */ > + > + rte_crypto_xform_param prime; > + /**< prime : Curve prime modulus data > + * Prime modulus data in Octet-string network byte order format. > + */ > + > + struct rte_crypto_ec_point G; > + /**< G: curve generator point > + * Curve generator point data in Octet-string network byte order > + * format. > + */ > + > + rte_crypto_xform_param a; > + /**< Co-efficient 'a' of curve equation data in Octet-string network > + * byte order format. > + */ > + > + rte_crypto_xform_param b; > + /**< Co-efficient 'a' of curve equation data in Octet-string network > + * byte order format. > + */ > + > + int h; > + /**< Co-factor of the curve */ > + > +}; > + > +/** > + * Asymmetric crypto transform data > + * > + * This structure contains the data required to perform the > + * asymmetric crypto transformation operation. The field op > + * determines the asymmetric algorithm for transformation. > + */ > +struct rte_crypto_asym_xform { > + struct rte_crypto_asym_xform *next; > + enum rte_crypto_asym_xform_type xform_type; > + /**< Asymmetric algorithm for crypto transform */ > + > + RTE_STD_C11 > + union { > + struct rte_crypto_rsa_xform rsa; > + struct rte_crypto_fecc_xform fecc; > + struct rte_crypto_modex_xform modex; > + struct rte_crypto_ecdsa_xform ecdsa; > + struct rte_crypto_ecdh_xform ecdh; > + struct rte_crypto_dsa_xform dsa; > + }; > +}; > + > +struct rte_cryptodev_asym_session; > + > +/** > + * Crypto operation session type. This is used to specify whether a cryp= to > + * operation has session structure attached for immutable parameters or = if all > + * operation information is included in the operation data structure. > + */ > +enum rte_crypto_asym_op_sess_type { > + RTE_CRYPTO_ASYM_OP_WITH_SESSION, > + /**< Session based crypto operation */ > + RTE_CRYPTO_ASYM_OP_SESSIONLESS > + /**< Session-less crypto operation */ > +}; > + > +/** > + * Asymmetric Cryptographic Operation. > + * > + * This structure contains data relating to performing asymmetric crypto= graphic > + * operation. > + * > + */ > +struct rte_crypto_asym_op { > + > + enum rte_crypto_asym_op_sess_type sess_type; > + enum rte_crypto_asym_xform_type type; > + > + RTE_STD_C11 > + union { > + enum rte_crypto_rsa_optype rsa_op; > + /**< Type of RSA operation for transform */; > + enum rte_crypto_modex_optype modex_op; > + /**< Type of modular exponentiation operation */ > + enum rte_crypto_ecdsa_optype ecdsa_op; > + /**< ECDSA crypto xform operation type */ > + enum rte_crypto_fecc_optype fecc_op; > + /**< ECDSA crypto xform operation type */ > + enum rte_crypto_dsa_optype dsa_op; > + /**< DSA crypto xform operation type */ > + }; > + > + RTE_STD_C11 > + union { > + struct rte_cryptodev_asym_session *session; > + /**< Handle for the initialised session context */ > + struct rte_crypto_asym_xform *xform; > + /**< Session-less API crypto operation parameters */ > + }; > + > + RTE_STD_C11 > + union { > + > + struct { > + rte_crypto_op_param message; > + /**< > + * Pointer to data > + * - to be encrypted for RSA public encrypt. > + * - to be decrypted for RSA private decrypt. > + * - to be signed for RSA sign generation. > + * - to be authenticated for RSA sign verification. > + */ > + > + rte_crypto_op_param sign; > + /**< > + * Pointer to RSA signature data. If operation is RSA > + * sign @ref RTE_CRYPTO_RSA_OP_SIGN, buffer will be > + * over-written with generated signature. > + * > + * Length of the signature data will be equal to the > + * RSA prime modulus length. > + */ > + > + enum rte_crypto_rsa_padding_type pad; > + /**< RSA padding scheme to be used for transform */ > + > + enum rte_crypto_auth_algorithm md; > + /**< Hash algorithm to be used for data hash if padding > + * scheme is either OAEP or PSS. Valid hash algorithms > + * are: > + * MD5, SHA1, SHA224, SHA256, SHA384, SHA512 > + */ > + > + enum rte_crypto_auth_algorithm mgf1md; > + /**< > + * Hash algorithm to be used for mask generation if > + * padding scheme is either OAEP or PSS. If padding > + * scheme is unspecified data hash algorithm is used > + * for mask generation. Valid hash algorithms are: > + * MD5, SHA1, SHA224, SHA256, SHA384, SHA512 > + */ > + } rsa; > + > + struct { > + rte_crypto_op_param pub_key; > + /**< > + * If DH operation type is > + * KEY_GENERATION: > + * if priv_key and public key are provided, the keys > + * are copied to DH xform structure, else key pair is > + * generated and stored in DH xform structure. > + * pub_key data should be in Octet-string network > + * byte order format. > + * > + * KEY_COMPUTATION: > + * pub_key holds the key shared by peer during DH > + * key exchange. pub_key data is written as Octet- > + * string network byte order format. > + */ > + RTE_STD_C11 > + union { > + rte_crypto_op_param priv_key; > + /**< > + * If DH operation type is KEY_GENERATION, and > + * priv_key is provided, the key is copied to > + * DH xform structure, else generated and stored > + * in DH xform structure. priv_key data is in > + * in Octet-string network byte order format. > + */ > + rte_crypto_op_param shared_key; > + /* > + * If DH operation type is KEY_COMPUTATION: > + * shared_key holds the shared secret > + * computed. shared_key is written as > + * Octet-string network byte order format. > + */ > + }; > + } dh; > + > + struct { > + rte_crypto_op_param base; > + /**< > + * Pointer to base of modular exponentiation data in > + * Octet-string network byte order format. > + */ > + } modex; > + > + struct { > + rte_crypto_op_param priv_key; > + /**< > + * If ECDH operation type is KEY_GENERATION, and > + * priv_key is provided, the key is copied to ECDH > + * xform structure, else generated and stored in > + * ECDH xform structure in Octet-string network byte > + * order. > + * If ECDH operation type is KEY_COMPUTATION: > + * priv_key holds the 'X' co-ordinate of the shared > + * secret EC point computed in Octet-string network > + * byte order. > + */ > + > + rte_crypto_ec_point pub_key; > + /**< > + * If ECDH operation type is > + * KEY_GENERATION: > + * if priv_key and public key are provided, the keys > + * are copied ECDH xform structure, else key pair is > + * generated and stored in ECDH xform structure. > + * > + * KEY_COMPUTATION: > + * pub_key holds peer's public key during ECDH > + * key exchange in Octet-string network byte order. > + */ > + } ecdh; > + > + struct { > + rte_crypto_op_param message; > + /**< > + * Pointer to data > + * - to be signed for ECDSA signature generation. > + * - to be authenticated for ECDSA sign verification. > + */ > + > + rte_crypto_op_param sign; > + /**< > + * Pointer to ECDSA signature. If operation type is > + * @ref RTE_CRYPTO_ECDSA_OP_VERIFY this buffer will be > + * over-written with the signature. > + * > + * Length of ECDSA signature will be less than twice the > + * length of prime modulus length. > + */ > + > + rte_crypto_op_param k; > + /**< > + * Pointer to random scalar to be used for generation > + * of ECDSA signature @ref RTE_CRYPTO_ECDSA_OP_SIGN. > + * It is invalid if operation is ECDSA verify. > + * Scalar data is in Octet-string network byte order > + * format. > + * > + * Length of scalar K should be less than the prime > + * modulus of the curve > + */ > + } ecdsa; > + > + struct { > + > + rte_crypto_op_param message; > + /**< > + * Pointer to data > + * - to be signed for DSA signature generation. > + * - to be authenticated for DSA sign verification. > + * > + * Length of data to be signed, if is more than > + * prime modulus length, is truncated to length of > + * prime modulus. > + */ > + > + rte_crypto_op_param k; > + /**< > + * Pointer to random scalar to be used for DSA > + * signature generation. K should be a non-zero number > + * less than q. k is in Octet-string network byte > + * order format. > + */ > + > + } dsa; > + > + struct { > + struct rte_crypto_ec_point p; > + /**< > + * Pointer to primary curve point for fundamental > + * ECC operation. Data is in Octet-string network > + * byte order format. > + * Length of data in bytes cannot exceed the prime > + * modulus length of the curve. > + */ > + > + struct rte_crypto_ec_point q; > + /**< > + * > + * Pointer to secondary curve point for fundamental > + * ECC operation. Data is in Octet-string network > + * byte order format. > + * > + * Length of data in bytes cannot exceed the prime > + * modulus length of the curve. This point is valid > + * only for point addition optype > + * RTE_CRYPTO_FECC_OP_POINT_ADD crypto transform. > + */ > + > + rte_crypto_op_param k; > + /**< > + * Pointer to scalar data to be used only for point > + * multiplication @ref RTE_CRYPTO_FECC_OP_POINT_MULTIPLY > + * crypto transform. Data is in Octet-string network > + * byte order format. > + * > + * Length of data in bytes cannot exceed the prime > + * modulus length of the curve. > + */ > + > + struct rte_crypto_ec_point r; > + /**< > + * Pointer to the resultant point on the curve after > + * fundamental ECC crypto transform. Data is in > + * Octet-string network byte order format. > + * Length of data in bytes cannot exceed the prime > + * modulus length of the curve. > + */ > + > + } fecc; > + > + struct { > + > + rte_crypto_op_param prime; > + /**< > + * Pointer to the prime modulus data for modular > + * inverse operation in Octet-string network byte > + * order format. > + */ > + > + rte_crypto_op_param base; > + /**< > + * Pointer to the base for the modular inverse > + * operation in Octet-string network byte order > + * format. > + */ > + } modinv; > + }; > + > +} __rte_cache_aligned; > + > + > + > +/** > + * Reset the fields of an asymmetric operation to their default values. > + * > + * @param op The crypto operation to be reset. > + */ > +static inline void > +__rte_crypto_asym_op_reset(struct rte_crypto_asym_op *op) > +{ > + memset(op, 0, sizeof(*op)); > + > + op->sess_type =3D RTE_CRYPTO_ASYM_OP_SESSIONLESS; > +} > + > + > +/** > + * Allocate space for asymmetric crypto xforms in the private data space= of the > + * crypto operation. This also defaults the crypto xform type to > + * RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED and configures the chaining of th= e xforms > + * in the crypto operation > + * > + * @return > + * - On success returns pointer to first crypto xform in crypto operatio= ns chain > + * - On failure returns NULL > + */ > +static inline struct rte_crypto_asym_xform * > +__rte_crypto_asym_op_asym_xforms_alloc(struct rte_crypto_asym_op *asym_o= p, > + void *priv_data, uint8_t nb_xforms) > +{ > + struct rte_crypto_asym_xform *xform; > + > + asym_op->xform =3D xform =3D (struct rte_crypto_asym_xform *)priv_data; > + > + do { > + xform->type =3D RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED; > + xform =3D xform->next =3D --nb_xforms > 0 ? xform + 1 : NULL; > + } while (xform); > + > + return asym_op->xform; > +} > + > + > +/** > + * Attach a session to an asymmetric crypto operation > + * > + * @param asym_op crypto operation > + * @param sess cryptodev session > + */ > +static inline int > +__rte_crypto_asym_op_attach_asym_session(struct rte_crypto_asym_op *asym= _op, > + struct rte_cryptodev_asym_session *sess) > +{ > + asym_op->session =3D sess; > + asym_op->sess_type =3D RTE_CRYPTO_ASYM_OP_WITH_SESSION; > + > + return 0; > +} > + > + > +#ifdef __cplusplus > +} > +#endif > + > +#endif /* _RTE_CRYPTO_ASYM_H_ */ > -- > 1.8.3.1