[PATCH v3 1/3] cryptodev: add SM2 asymmetric crypto algorithm

[Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>]

ShangMi 2 (SM2) is set of public-key cryptography algorithms
based on elliptic curves.

Added support for asymmetric SM2 in cryptodev along with prime
field curve, as referenced in RFC:
https://datatracker.ietf.org/doc/html/draft-shen-sm2-ecdsa-02

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
---
 doc/guides/cryptodevs/features/default.ini |  1 +
 doc/guides/rel_notes/release_23_07.rst     |  5 ++
 lib/cryptodev/rte_crypto_asym.h            | 87 ++++++++++++++++++++++
 lib/cryptodev/rte_cryptodev.c              |  1 +
 4 files changed, 94 insertions(+)

diff --git a/doc/guides/cryptodevs/features/default.ini b/doc/guides/cryptodevs/features/default.ini
index 523da0cfa8..a69967bb9e 100644
--- a/doc/guides/cryptodevs/features/default.ini
+++ b/doc/guides/cryptodevs/features/default.ini
@@ -125,6 +125,7 @@ Diffie-hellman          =
 ECDSA                   =
 ECPM                    =
 ECDH                    =
+SM2                     =
 
 ;
 ; Supported Operating systems of a default crypto driver.
diff --git a/doc/guides/rel_notes/release_23_07.rst b/doc/guides/rel_notes/release_23_07.rst
index a9b1293689..8b8e69d619 100644
--- a/doc/guides/rel_notes/release_23_07.rst
+++ b/doc/guides/rel_notes/release_23_07.rst
@@ -55,6 +55,11 @@ New Features
      Also, make sure to start the actual text at the margin.
      =======================================================
 
+* **Added SM2 asymmetric algorithm in cryptodev.**
+
+  Added support for ShamMi 2 (SM2) asymmetric crypto algorithm
+  along with prime field curve support.
+
 
 Removed Items
 -------------
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index 989f38323f..ab0b4abea7 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -119,6 +119,11 @@ enum rte_crypto_asym_xform_type {
 	/**< Elliptic Curve Point Multiplication */
 	RTE_CRYPTO_ASYM_XFORM_ECFPM,
 	/**< Elliptic Curve Fixed Point Multiplication */
+	RTE_CRYPTO_ASYM_XFORM_SM2,
+	/**< ShangMi 2
+	 * Performs Encrypt, Decrypt, Sign and Verify.
+	 * Refer to rte_crypto_asym_op_type.
+	 */
 	RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
 	/**< End of list */
 };
@@ -382,6 +387,17 @@ struct rte_crypto_ec_xform {
 	/**< Pre-defined ec groups */
 };
 
+/**
+ * Asymmetric SM2 transform data
+ *
+ * Structure describing SM2 xform params
+ *
+ */
+struct rte_crypto_sm2_xform {
+	enum rte_crypto_auth_algorithm hash;
+	/**< Hash algorithm used in SM2 op. */
+};
+
 /**
  * Operations params for modular operations:
  * exponentiation and multiplicative inverse
@@ -637,9 +653,79 @@ struct rte_crypto_asym_xform {
 		/**< EC xform parameters, used by elliptic curve based
 		 * operations.
 		 */
+
+		struct rte_crypto_sm2_xform sm2;
+		/**< SM2 xform parameters */
 	};
 };
 
+/**
+ * SM2 operation params
+ */
+struct rte_crypto_sm2_op_param {
+	enum rte_crypto_asym_op_type op_type;
+	/**< Signature generation or verification */
+
+	rte_crypto_uint pkey;
+	/**< Private key for encryption or sign generation */
+
+	struct rte_crypto_ec_point q;
+	/**< Public key for decryption or verification */
+
+	rte_crypto_param message;
+	/**<
+	 * Pointer to input data
+	 * - to be encrypted for SM2 public encrypt.
+	 * - to be signed for SM2 sign generation.
+	 * - to be authenticated for SM2 sign verification.
+	 *
+	 * Pointer to output data
+	 * - for SM2 private decrypt.
+	 * In this case the underlying array should have been
+	 * allocated with enough memory to hold plaintext output
+	 * (at least encrypted text length). The message.length field
+	 * will be overwritten by the PMD with the decrypted length.
+	 */
+
+	rte_crypto_param cipher;
+	/**<
+	 * Pointer to input data
+	 * - to be decrypted for SM2 private decrypt.
+	 *
+	 * Pointer to output data
+	 * - for SM2 public encrypt.
+	 * In this case the underlying array should have been allocated
+	 * with enough memory to hold ciphertext output (at least X bytes
+	 * for prime field curve of N bytes and for message M bytes,
+	 * where X = (C1 + C2 + C3) and computed based on SM2 RFC as
+	 * C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will
+	 * be overwritten by the PMD with the encrypted length.
+	 */
+
+	rte_crypto_uint id;
+	/**< The SM2 id used by signer and verifier and is in interval (1, n-1). */
+
+	rte_crypto_uint k;
+	/**< The SM2 per-message secret number, which is an integer
+	 * in the interval (1, n-1).
+	 * If the random number is generated by the PMD,
+	 * the 'rte_crypto_param.data' parameter should be set to NULL.
+	 */
+
+	rte_crypto_uint r;
+	/**< r component of elliptic curve signature
+	 *     output : for signature generation (of at least N bytes
+	 *              where prime field length is N bytes)
+	 *     input  : for signature verification
+	 */
+	rte_crypto_uint s;
+	/**< s component of elliptic curve signature
+	 *     output : for signature generation (of at least N bytes
+	 *              where prime field length is N bytes)
+	 *     input  : for signature verification
+	 */
+};
+
 /**
  * Asymmetric Cryptographic Operation.
  *
@@ -665,6 +751,7 @@ struct rte_crypto_asym_op {
 		struct rte_crypto_dsa_op_param dsa;
 		struct rte_crypto_ecdsa_op_param ecdsa;
 		struct rte_crypto_ecpm_op_param ecpm;
+		struct rte_crypto_sm2_op_param sm2;
 	};
 	uint16_t flags;
 	/**<
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
index a96114b2da..21cabc3ffd 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -299,6 +299,7 @@ crypto_asym_xform_strings[] = {
 	[RTE_CRYPTO_ASYM_XFORM_DSA]	= "dsa",
 	[RTE_CRYPTO_ASYM_XFORM_ECDSA]	= "ecdsa",
 	[RTE_CRYPTO_ASYM_XFORM_ECPM]	= "ecpm",
+	[RTE_CRYPTO_ASYM_XFORM_SM2]	= "sm2",
 };
 
 /**
-- 
2.25.1