From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 40C47A054A; Thu, 26 May 2022 17:00:15 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 3122440151; Thu, 26 May 2022 17:00:15 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 7CE9740150 for ; Thu, 26 May 2022 17:00:13 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 24QBkFPq027501; Thu, 26 May 2022 08:00:12 -0700 Received: from nam10-dm6-obe.outbound.protection.outlook.com (mail-dm6nam10lp2107.outbound.protection.outlook.com [104.47.58.107]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3ga8y0gpfk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 26 May 2022 08:00:12 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dqJ8ftOwNpowDJwviMBVwYN70Z2eDI91EhXe5cB5ZZxkqsl3647Q+vt9QjNWzUh4nijiuzyjbMS2Lf3E2ESCjqwStO73ynNdEU/dlLvIfpPnDAKOFjoc8IK3rvryjNGxSshWJNEaim2UdCCOSNwfYkIEFPTnHGnXTUiLU0frDtmWoARQAeugDGfmlxSRV05srraGPUrTbMuwUYKFaNZd2fm6ye+W4zYT2MKFi6mzuIyoZeWQzHK6grxA4Y9wohAP1JGs5AFMwJS6abN2u7gkeTHmHLv9vYA8+24sp96U32Ep8eZcp3QKntQoSruYcA5vWUEeVHrIyUuo2NqZ/9Np1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9qSfpPfAUJyH3gwB4yTh3++0lZT4KVGE0aqYevHlXJM=; b=br/YuDZRWh1R34LbgP/TA06XDaw4rPj4on4HAV98HkWJWZnGUnpBSEtGdoTA99ll0JgMEGLfJsRRqOgCckcPalcKFWexYFq4Fo9oI8zGbNj7r3T23AXPl6cmgco/GDcHC10czw5ZljDF0sc2nvkospFx/+kAl5tp2saqQoxsYZ7pCP/pGDwoVcZttA/iVOGViBtfxzhiRg3PQLsAjea3nA89yQ/uQUk/BPGjz4OdbWGvUOjmffumvDegOlZWxtEPD3rQHud315v5gyWiRkh1B/fn6mKuX00/IvAQKs1GE6C8DqfZwH9Nn1PhuMF5pAB6nVzDU8PIqb3R6hfesdNtVw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9qSfpPfAUJyH3gwB4yTh3++0lZT4KVGE0aqYevHlXJM=; b=CtHk8InxZ8DmYEac7JL1ECiLUPmmFl4n+OcYCqR7/S09Rwz8ygAH3AlK6Tbhabl4U3GYzAOB2ID4gerX8TLRMzhVCnKUbYA30OxPt36EIRYLWpse2BcrXV3p1cjJC8AGt8DsJTLVXXO4rCfK08/UCdoDS3iP/HpD1VI9VQxwiiA= Received: from CO6PR18MB4484.namprd18.prod.outlook.com (2603:10b6:5:359::9) by MW2PR18MB2217.namprd18.prod.outlook.com (2603:10b6:907:7::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5293.13; Thu, 26 May 2022 15:00:09 +0000 Received: from CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::f154:453d:893:f6ce]) by CO6PR18MB4484.namprd18.prod.outlook.com ([fe80::f154:453d:893:f6ce%7]) with mapi id 15.20.5293.013; Thu, 26 May 2022 15:00:09 +0000 From: Akhil Goyal To: "Kusztal, ArkadiuszX" , "dev@dpdk.org" CC: "Zhang, Roy Fan" Subject: RE: [EXT] [PATCH v2 14/14] cryptodev: add asym algorithms capabilities Thread-Topic: [EXT] [PATCH v2 14/14] cryptodev: add asym algorithms capabilities Thread-Index: AQHYcFnJIe4sljBnE02TS+KvuyyYmK0xEg/wgAAkXICAAAXwMA== Date: Thu, 26 May 2022 15:00:08 +0000 Message-ID: References: <20220525155324.9288-1-arkadiuszx.kusztal@intel.com> <20220525155324.9288-15-arkadiuszx.kusztal@intel.com> In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 67034c30-97bb-47f7-23cc-08da3f286d28 x-ms-traffictypediagnostic: MW2PR18MB2217:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: dc0BavVtgDQHxALDNQH230wfqlgEnoicXVHzUhl0zLke55hJ/P2Vryl0ombb2I8CXhuQ4Nt42ouYBWfRggzfyHcaQK+22uJLonYBWx29Qba+uBNlU6LmNe245ypuOsdTkckJrYL479CoGnoiIIZZNss1spldgTrQddLBdlUXEA5rNQYtAKIkOlmwhLJ/YAkop9aIl6MDLhIz87FMeBj3oRnhYqOjvMnItqh584+48MiykkUxN9jCLxTAuAR3bm+jJhHlJYf60J1VcoXcAFDGd1hI7SM7BxfxNwt4okkMfJSSDFVWAkOUK1OnuWkHQtr47Hb+0YXTgt8YhoXFlXsaYAdGPV6P53A9b8EXfmIz0ao6TY1DeXj4XWOwxgGoMPLhxyEcTUTHYQELtSZho+7xVZ/jVxbmfTwHx1O+HMNQ3N527BrD6HdTCu81FMu78xf3av8hEIZ7NudL6n/uzeqYxHIHRRKx0Sbf/AyRkOSuAAyoXGOHFOx2Zax0nQevLBK47yhMq0Lp22A7BhnzTn803zU8PPfpwBo+LEM3PrvPqpeeeQb9gWgG6e9ILZFqdOIiacPhqYn8kwPr2cfQXVeBLLErYYpu0H+jH6Hn1L14NIuzVQ3gVhnGMyFeEW0r0xmUqGrXXZN5sN6XOvSO+GwMrxbU87wDxKTNqFDBpolpYubWJ59fTs9Ir/a3drJpiARAD+4gZGIx7p0yMC1N0aT1/A== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO6PR18MB4484.namprd18.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(110136005)(86362001)(186003)(38100700002)(55016003)(66556008)(4326008)(66446008)(66476007)(8676002)(64756008)(122000001)(76116006)(66946007)(38070700005)(316002)(26005)(33656002)(5660300002)(71200400001)(83380400001)(9686003)(8936002)(52536014)(30864003)(55236004)(53546011)(2906002)(7696005)(508600001)(6506007)(579004)(559001); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?DKSmcsiut27j8mTP3GONPeS59Fyo/eCkaMSoc9/fCv1DQa0WaQ3EZ17D7Ee3?= =?us-ascii?Q?BSWA8x1fAe4OsTwrHLQ4dqISN/NX3d/5asF9kizblw0AgZJTHOqMygqsZPYQ?= =?us-ascii?Q?gHRmJP6UKEDy6bk2fuYL2BKZRpL1ZB5TtGkFMWpllXzxSo7ibcKdcBva5+Ru?= =?us-ascii?Q?M5Enf6fDaQb/Lps8XGNyYQNhmkm66JHUMLdcLB1bHcos4+TPl1iPdzERa+Ki?= =?us-ascii?Q?v9USiUIlFssCL4D8IGaLGnugfeOkQQE34YdtV5XixDnvV/LN1Q5s/laFzQXY?= =?us-ascii?Q?EnGWthf+qonvXd6tcCEj3k4UDtnuKampnNlrdAWO2a54Scm6sE6XlVInIA51?= =?us-ascii?Q?ylXVMbOV0uIWP+NNMIt75TBDzNz3PWi1QcP6lAYJK4MWSMU+jwUYOzfEgJIg?= =?us-ascii?Q?B05UTPo3xLDcoF/p+wnq+4ANcrgu3a4jjD5/kG3Vp2PzU7EDLzYlwm/plt8Z?= =?us-ascii?Q?ts1wK87ysViCrIjEqraKGZE/7RTmZgzwb5Jr/bcIDoe4NSB8OiE8CRS/WumY?= =?us-ascii?Q?SHRlwAzihEFZBguOExuyiLedDY6JkwttdVMhzUbkBV2cBGNaTTSZgpmvWXhn?= =?us-ascii?Q?PVzMcRsFLeHywJkORQSRvyRw4DHxcVSu6ooakNtVbCddwGSOq/vYS+ZewDLY?= =?us-ascii?Q?83fy08Q3Eftfq9g6DO4BlH8kG/44zge0g8JaKAf86O3T/ZaQofVcIIRuZqoA?= =?us-ascii?Q?qDTxqtQPPIIFNnPYrpIE+rxfwCghKOlrM7MEFRPVKNe/0KT7DfO/FkC+gBIS?= =?us-ascii?Q?YgY4Kd2BXgsRLszLu1u/hi2Q43g6Ljbo6zLHKlBsVJtmXQe6rA5g/u+1Vgy8?= =?us-ascii?Q?NRlu8GVLeTuehs2/GJz8sAJ1z3rGvekD6NVglbsJD/611UfM9UKy8UExWJm7?= =?us-ascii?Q?eKOaxBG6JekYLulfe7rQm158xC6oS653XOLXugUOBE2eqVPZkGF//YVPwS8D?= =?us-ascii?Q?nwSCSZqT/an6CDYykPmBjke0SVF3b7jnGqOJF53NQAZIwqUKx8M3f+pmnh9z?= =?us-ascii?Q?MNYTUBqJik74pDWo4FKGfvcG4MK8h7cdIlL35NkXvavJklGy8SRfNqwPfuuy?= =?us-ascii?Q?1H3+MAOhz7FIAFF9WsOE9jCL6D+A+I+lEcESpmkSEXreVdcv1oWQUDjhfJiO?= =?us-ascii?Q?jUbw4n6ipzp0kuCCfMenzTPxdt48pns0y4xxnj9woLIvv4sS6qbavzYNx1DW?= =?us-ascii?Q?zSwdSiZ/+3m4/L6vIlnc7QTen2TykwYystpD+ae1AVaHpHea8jbVwOdRDdpZ?= =?us-ascii?Q?8NMVUWjtcOYndvkC+0Qg73nS1EHXcJ1PyzWpsUXxRXjyws6Q1W8pQcdDVljn?= =?us-ascii?Q?h4i/F3PQSTtWbL0Y6GPKI+Fop4tesmdcfZEb1X4gqneuYDQcSbEnYvYXqz+Y?= =?us-ascii?Q?ey0Dhpw8nuAjWpLoqjuAy4P0z4kLU43ois8KngYR303rPP+ATAqrRg2yD9Ur?= =?us-ascii?Q?PdKpNvt/k9vDsPuyEeZI/08ohMbQeTUwgwLp7EjcKUy68NN4SJeMeKc9SIeZ?= =?us-ascii?Q?5mWPvwVwSW3/b2OR1xnGfEr5Iq5ZjPn02kJDpJBt7USfaR131nGr4IV/9eR5?= =?us-ascii?Q?3PVcn4Q9qGOaFNA/jbyi59T9gK8g+q8cCtf+zVYJ8XnADTbPnRiFaauZ9UfT?= =?us-ascii?Q?vemufpyK9PkzzL8zzjmpGevM2+B5bJ1YHXVc64e6zdQevpsKKad9kcWmBEP5?= =?us-ascii?Q?f6HLCrDarJxFCcPJKFa3HrrgJRRPbtBsGn8OPCVq2EuA3Ik8GpXf0fGHqSMc?= =?us-ascii?Q?2FMbPkOm8A=3D=3D?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: marvell.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CO6PR18MB4484.namprd18.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 67034c30-97bb-47f7-23cc-08da3f286d28 X-MS-Exchange-CrossTenant-originalarrivaltime: 26 May 2022 15:00:08.8310 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: zbd6A5S2dsQDKMf4ea9xiv2TCgJxBg5YmLD47QIIEzLbu+x/jdqyLY5krmTt8DZ6TTiITSGnXXjO7qqE0Qy8Qw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW2PR18MB2217 X-Proofpoint-GUID: BGOzxX5Q_WwhiqpW8GuOXpO31WXQQBpq X-Proofpoint-ORIG-GUID: BGOzxX5Q_WwhiqpW8GuOXpO31WXQQBpq X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.874,Hydra:6.0.486,FMLib:17.11.64.514 definitions=2022-05-26_08,2022-05-25_02,2022-02-23_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org > -----Original Message----- > From: Kusztal, ArkadiuszX > Sent: Thursday, May 26, 2022 7:49 PM > To: Akhil Goyal ; dev@dpdk.org > Cc: Zhang, Roy Fan > Subject: RE: [EXT] [PATCH v2 14/14] cryptodev: add asym algorithms capabi= lities >=20 >=20 >=20 > > -----Original Message----- > > From: Akhil Goyal > > Sent: Thursday, May 26, 2022 2:54 PM > > To: Kusztal, ArkadiuszX ; dev@dpdk.org > > Cc: Zhang, Roy Fan > > Subject: RE: [EXT] [PATCH v2 14/14] cryptodev: add asym algorithms > capabilities > > > > > - Added asymmetric crypto algorithm specific capability struct. > > > Included fields like random number capability, padding flags etc. > > > > > > Signed-off-by: Arek Kusztal > > > --- > > > app/test-crypto-perf/main.c | 12 +- > > > app/test-eventdev/test_perf_common.c | 2 +- > > > app/test/test_cryptodev_asym.c | 210 +++++++++++++++++= ++++---- > -- > > > app/test/test_event_crypto_adapter.c | 16 +- > > > drivers/crypto/openssl/rte_openssl_pmd_ops.c | 128 +++++++--------- > > > drivers/crypto/qat/dev/qat_asym_pmd_gen1.c | 68 +++++++-- > > > lib/cryptodev/rte_crypto_asym.h | 48 ++++++ > > > lib/cryptodev/rte_cryptodev.c | 80 +++++++++- > > > lib/cryptodev/rte_cryptodev.h | 75 +++++++++- > > > lib/cryptodev/version.map | 4 + > > > 10 files changed, 495 insertions(+), 148 deletions(-) > > > > This would also need a change in documentation. > > > > > > > > diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.= c > > > index 17e30a8e74..f8a4c9cdcf 100644 > > > --- a/app/test-crypto-perf/main.c > > > +++ b/app/test-crypto-perf/main.c > > > @@ -364,8 +364,8 @@ cperf_verify_devices_capabilities(struct > > > cperf_options *opts, > > > struct rte_cryptodev_sym_capability_idx cap_idx; > > > const struct rte_cryptodev_symmetric_capability *capability; > > > struct rte_cryptodev_asym_capability_idx asym_cap_idx; > > > - const struct rte_cryptodev_asymmetric_xform_capability > > > *asym_capability; > > > - > > > + const struct rte_cryptodev_asymmetric_capability *asym_capability; > > > + struct rte_crypto_mod_capability mod_capa =3D {0}; > > > > > > uint8_t i, cdev_id; > > > int ret; > > > @@ -381,11 +381,11 @@ cperf_verify_devices_capabilities(struct > > > cperf_options *opts, > > > if (asym_capability =3D=3D NULL) > > > return -1; > > > > > > - ret =3D > > > rte_cryptodev_asym_xform_capability_check_modlen( > > > - asym_capability, opts->modex_data- > > > >modulus.len); > > > - if (ret !=3D 0) > > > + mod_capa.max_mod_size =3D opts->modex_data- > > > >modulus.len; > > > + ret =3D rte_cryptodev_capa_check_mod(asym_capability, > > > + mod_capa); > > > + if (ret =3D=3D 0) > > > return ret; > > > - > > > } > > > > > > if (opts->op_type =3D=3D CPERF_AUTH_ONLY || diff --git > > > a/app/test-eventdev/test_perf_common.c b/app/test- > > > eventdev/test_perf_common.c index b41785492e..ac8e6410ab 100644 > > > --- a/app/test-eventdev/test_perf_common.c > > > +++ b/app/test-eventdev/test_perf_common.c > > > @@ -846,7 +846,7 @@ cryptodev_sym_sess_create(struct prod_data *p, > > > struct test_perf *t) static void * cryptodev_asym_sess_create(struc= t > > > prod_data *p, struct test_perf *t) { > > > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > > > + const struct rte_cryptodev_asymmetric_capability *capability; > > > struct rte_cryptodev_asym_capability_idx cap_idx; > > > struct rte_crypto_asym_xform xform; > > > void *sess; > > > diff --git a/app/test/test_cryptodev_asym.c > > > b/app/test/test_cryptodev_asym.c index 072dbb30f4..c531265642 100644 > > > --- a/app/test/test_cryptodev_asym.c > > > +++ b/app/test/test_cryptodev_asym.c > > > @@ -311,10 +311,11 @@ test_cryptodev_asym_op(struct > > > crypto_testsuite_params_asym *ts_params, > > > struct rte_crypto_asym_xform xform_tc; > > > void *sess =3D NULL; > > > struct rte_cryptodev_asym_capability_idx cap_idx; > > > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > > > + const struct rte_cryptodev_asymmetric_capability *capability; > > > uint8_t dev_id =3D ts_params->valid_devs[0]; > > > uint8_t input[TEST_DATA_SIZE] =3D {0}; > > > uint8_t *result =3D NULL; > > > + struct rte_crypto_mod_capability mod_capa =3D {0}; > > > > > > int ret, status =3D TEST_SUCCESS; > > > > > > @@ -358,8 +359,10 @@ test_cryptodev_asym_op(struct > > > crypto_testsuite_params_asym *ts_params, > > > asym_op->modex.base.length =3D data_tc->modex.base.len; > > > asym_op->modex.result.data =3D result; > > > asym_op->modex.result.length =3D data_tc->modex.result_len; > > > - if > > > (rte_cryptodev_asym_xform_capability_check_modlen(capability, > > > - xform_tc.modex.modulus.length)) { > > > + > > > + mod_capa.max_mod_size =3D xform_tc.modex.modulus.length; > > > + if (!rte_cryptodev_capa_check_mod(capability, > > > + mod_capa)) { > > > snprintf(test_msg, ASYM_TEST_MSG_LEN, > > > "line %u " > > > "FAILED: %s", __LINE__, > > > @@ -378,8 +381,10 @@ test_cryptodev_asym_op(struct > > > crypto_testsuite_params_asym *ts_params, > > > asym_op->modinv.base.length =3D data_tc->modinv.base.len; > > > asym_op->modinv.result.data =3D result; > > > asym_op->modinv.result.length =3D data_tc->modinv.result_len; > > > - if > > > (rte_cryptodev_asym_xform_capability_check_modlen(capability, > > > - xform_tc.modinv.modulus.length)) { > > > + > > > + mod_capa.max_mod_size =3D xform_tc.modinv.modulus.length; > > > + if (!rte_cryptodev_capa_check_mod(capability, > > > + mod_capa)) { > > > snprintf(test_msg, ASYM_TEST_MSG_LEN, > > > "line %u " > > > "FAILED: %s", __LINE__, > > > @@ -963,38 +968,100 @@ ut_teardown_asym(void) > > > rte_cryptodev_stop(ts_params->valid_devs[0]); > > > } > > > > > > -static inline void print_asym_capa( > > > - const struct rte_cryptodev_asymmetric_xform_capability > > > *capa) > > > +static void > > > +print_rsa_capability( > > > + const struct rte_cryptodev_asymmetric_capability *capa) > > > { > > > int i =3D 0; > > > > > > + printf("\nSupported paddings:"); > > > + for (; i < 32; i++) { > > > + if (capa->rsa.padding & RTE_BIT32(i)) > > > + printf("\n - %s", rte_crypto_asym_rsa_padding[i]); > > > + } > > > + printf("\nSupported hash functions:"); > > > + for (i =3D 0; i < 32; i++) { > > > + if (capa->rsa.hash & RTE_BIT32(i)) > > > + printf("\n - %s", rte_crypto_auth_algorithm_strings[i]); > > > + } > > > + printf("\nMaximum key size: "); > > > + if (capa->rsa.max_key_size =3D=3D 0) > > > + printf("Unlimited"); > > > + else > > > + printf("%hu", capa->rsa.max_key_size); } > > > + > > > +static void > > > +print_supported_curves(uint64_t curves) { > > > + int i =3D 0; > > > + > > > + printf("\nSupported elliptic curves:"); > > > + for (; i < 64; i++) { > > > + if (curves & RTE_BIT64(i)) > > > + printf("\n - %s", rte_crypto_curves_strings[i]); > > > + } > > > +} > > > + > > > +static inline void print_asym_capa( > > > + const struct rte_cryptodev_asymmetric_capability *capa) { > > > printf("\nxform type: %s\n=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D\n", > > > rte_crypto_asym_xform_strings[capa->xform_type]); > > > - printf("operation supported -"); > > > > > > - for (i =3D 0; i < RTE_CRYPTO_ASYM_OP_LIST_END; i++) { > > > - /* check supported operations */ > > > - if (rte_cryptodev_asym_xform_capability_check_optype(capa, > > > i)) > > > - printf(" %s", > > > - rte_crypto_asym_op_strings[i]); > > > - } > > > - switch (capa->xform_type) { > > > - case RTE_CRYPTO_ASYM_XFORM_RSA: > > > - case RTE_CRYPTO_ASYM_XFORM_MODINV: > > > - case RTE_CRYPTO_ASYM_XFORM_MODEX: > > > - case RTE_CRYPTO_ASYM_XFORM_DH: > > > - case RTE_CRYPTO_ASYM_XFORM_DSA: > > > - printf(" modlen: min %d max %d increment %d", > > > - capa->modlen.min, > > > - capa->modlen.max, > > > - capa->modlen.increment); > > > + switch (capa->xform_type) { > > > + case RTE_CRYPTO_ASYM_XFORM_MODEX: > > > + case RTE_CRYPTO_ASYM_XFORM_MODINV: > > > + printf("Maximum size of modulus: "); > > > + if (capa->mod.max_mod_size =3D=3D 0) > > > + printf("Unlimited"); > > > + else > > > + printf("%hu", capa->mod.max_mod_size); > > > break; > > > - case RTE_CRYPTO_ASYM_XFORM_ECDSA: > > > - case RTE_CRYPTO_ASYM_XFORM_ECPM: > > > - default: > > > - break; > > > - } > > > - printf("\n"); > > > + case RTE_CRYPTO_ASYM_XFORM_RSA: > > > + print_rsa_capability(capa); > > > + break; > > > + case RTE_CRYPTO_ASYM_XFORM_DH: > > > > ECDH?? I hope it will be added once it is tested in this app. > > > > > + printf("Maximum group size: "); > > > + if (capa->dh.max_group_size =3D=3D 0) > > > + printf("Unlimited"); > > > + else > > > + printf("%hu", capa->dh.max_group_size); > > > + printf("\nSupport for private key generation: "); > > > + if (capa->dh.priv_key_gen) > > > + printf("Yes"); > > > + else > > > + printf("No"); > > > + break; > > > + case RTE_CRYPTO_ASYM_XFORM_DSA: > > > + printf("Maximum key size: "); > > > + if (capa->dsa.max_key_size =3D=3D 0) > > > + printf("Unlimited"); > > > + else > > > + printf("%hu", capa->dsa.max_key_size); > > > + printf("\nSupport for random 'k' generation: "); > > > + if (capa->dsa.random_k) > > > + printf("Yes"); > > > + else > > > + printf("No"); > > > + break; > > > + > > > + break; > > > + case RTE_CRYPTO_ASYM_XFORM_ECDSA: > > > + print_supported_curves(capa->ecdsa.curves); > > > + printf("\nSupport for random 'k' generation: "); > > > + if (capa->ecdsa.random_k) > > > + printf("Yes"); > > > + else > > > + printf("No"); > > > + break; > > > + case RTE_CRYPTO_ASYM_XFORM_ECPM: > > > + print_supported_curves(capa->ecpm.curves); > > > + break; > > > + default: > > > + break; > > > + } > > > + printf("\n"); > > > } > > > > > > static int > > > @@ -1006,7 +1073,7 @@ test_capability(void) > > > const struct rte_cryptodev_capabilities *dev_capa; > > > int i =3D 0; > > > struct rte_cryptodev_asym_capability_idx idx; > > > - const struct rte_cryptodev_asymmetric_xform_capability *capa; > > > + const struct rte_cryptodev_asymmetric_capability *capa; > > > > > > rte_cryptodev_info_get(dev_id, &dev_info); > > > if (!(dev_info.feature_flags & > > > @@ -1023,7 +1090,7 @@ test_capability(void) > > > dev_capa =3D &(dev_info.capabilities[i]); > > > if (dev_info.capabilities[i].op =3D=3D > > > RTE_CRYPTO_OP_TYPE_ASYMMETRIC) { > > > - idx.type =3D dev_capa->asym.xform_capa.xform_type; > > > + idx.type =3D dev_capa->asym.xform_type; > > > > > > capa =3D rte_cryptodev_asym_capability_get(dev_id, > > > (const struct > > > @@ -1386,10 +1453,11 @@ test_mod_inv(void) > > > void *sess =3D NULL; > > > int status =3D TEST_SUCCESS; > > > struct rte_cryptodev_asym_capability_idx cap_idx; > > > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > > > + const struct rte_cryptodev_asymmetric_capability *capability; > > > uint8_t input[TEST_DATA_SIZE] =3D {0}; > > > int ret =3D 0; > > > uint8_t result[sizeof(mod_p)] =3D { 0 }; > > > + struct rte_crypto_mod_capability mod_capa =3D {0}; > > > > > > if (rte_cryptodev_asym_get_xform_enum( > > > &modinv_xform.xform_type, "modinv") < 0) { @@ -1408,13 > > +1476,11 @@ > > > test_mod_inv(void) > > > return TEST_SKIPPED; > > > } > > > > > > - if (rte_cryptodev_asym_xform_capability_check_modlen( > > > - capability, > > > - modinv_xform.modinv.modulus.length)) { > > > - RTE_LOG(ERR, USER1, > > > - "Invalid MODULUS length specified\n"); > > > - return TEST_SKIPPED; > > > - } > > > + mod_capa.max_mod_size =3D modinv_xform.modinv.modulus.length; > > > + if (!rte_cryptodev_capa_check_mod(capability, mod_capa)) { > > > + RTE_LOG(ERR, USER1, "Invalid MODULUS length specified\n"); > > > + return TEST_SKIPPED; > > > + } > > > > > > ret =3D rte_cryptodev_asym_session_create(dev_id, &modinv_xform, > > > sess_mpool, &sess); > > > if (ret < 0) { > > > @@ -1499,7 +1565,8 @@ test_mod_exp(void) > > > void *sess =3D NULL; > > > int status =3D TEST_SUCCESS; > > > struct rte_cryptodev_asym_capability_idx cap_idx; > > > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > > > + const struct rte_cryptodev_asymmetric_capability *capability; > > > + struct rte_crypto_mod_capability mod_capa =3D {0}; > > > uint8_t input[TEST_DATA_SIZE] =3D {0}; > > > int ret =3D 0; > > > uint8_t result[sizeof(mod_p)] =3D { 0 }; @@ -1522,12 +1589,11 @@ > > > test_mod_exp(void) > > > return TEST_SKIPPED; > > > } > > > > > > - if (rte_cryptodev_asym_xform_capability_check_modlen( > > > - capability, modex_xform.modex.modulus.length)) { > > > - RTE_LOG(ERR, USER1, > > > - "Invalid MODULUS length specified\n"); > > > - return TEST_SKIPPED; > > > - } > > > + mod_capa.max_mod_size =3D modex_xform.modex.modulus.length; > > > + if (!rte_cryptodev_capa_check_mod(capability, mod_capa)) { > > > + RTE_LOG(ERR, USER1, "Invalid MODULUS length specified\n"); > > > + return TEST_SKIPPED; > > > + } > > > > > > /* Create op, create session, and process packets. 8< */ > > > op =3D rte_crypto_op_alloc(op_mpool, > > > RTE_CRYPTO_OP_TYPE_ASYMMETRIC); > > > @@ -1785,6 +1851,8 @@ test_ecdsa_sign_verify(enum curve curve_id) > > > struct rte_crypto_asym_xform xform; > > > struct rte_crypto_asym_op *asym_op; > > > struct rte_cryptodev_info dev_info; > > > + struct rte_cryptodev_asym_capability_idx idx; > > > + const struct rte_cryptodev_asymmetric_capability *capabilities; > > > struct rte_crypto_op *op =3D NULL; > > > int ret, status =3D TEST_SUCCESS; > > > > > > @@ -1814,6 +1882,25 @@ test_ecdsa_sign_verify(enum curve curve_id) > > > > > > rte_cryptodev_info_get(dev_id, &dev_info); > > > > > > + struct rte_crypto_ecdsa_capability capa =3D { > > > + .curves =3D RTE_BIT32(input_params.curve), > > > + .random_k =3D 0 > > > + }; > > > + > > > + idx.type =3D RTE_CRYPTO_ASYM_XFORM_ECDSA; > > > + capabilities =3D rte_cryptodev_asym_capability_get(dev_id, > > > + (const struct > > > + rte_cryptodev_asym_capability_idx *) &idx); > > > + > > > + if (capabilities =3D=3D NULL) { > > > + status =3D TEST_SKIPPED; > > > + goto exit; > > > + } > > > + if (!rte_cryptodev_capa_check_ecdsa(capabilities, capa)) { > > > + status =3D TEST_SKIPPED; > > > + goto exit; > > > + } > > > + > > > /* Setup crypto op data structure */ > > > op =3D rte_crypto_op_alloc(op_mpool, > > > RTE_CRYPTO_OP_TYPE_ASYMMETRIC); > > > if (op =3D=3D NULL) { > > > @@ -1962,6 +2049,8 @@ test_ecdsa_sign_verify_all_curve(void) > > > status =3D test_ecdsa_sign_verify(curve_id); > > > if (status =3D=3D TEST_SUCCESS) { > > > msg =3D "succeeded"; > > > + } else if (status =3D=3D TEST_SKIPPED) { > > > + continue; > > > } else { > > > msg =3D "failed"; > > > overall_status =3D status; > > > @@ -1987,6 +2076,8 @@ test_ecpm(enum curve curve_id) > > > struct rte_crypto_asym_xform xform; > > > struct rte_crypto_asym_op *asym_op; > > > struct rte_cryptodev_info dev_info; > > > + struct rte_cryptodev_asym_capability_idx idx; > > > + const struct rte_cryptodev_asymmetric_capability *capabilities; > > > struct rte_crypto_op *op =3D NULL; > > > int ret, status =3D TEST_SUCCESS; > > > > > > @@ -2016,6 +2107,24 @@ test_ecpm(enum curve curve_id) > > > > > > rte_cryptodev_info_get(dev_id, &dev_info); > > > > > > + struct rte_crypto_ecdsa_capability capa =3D { > > > + .curves =3D RTE_BIT32(input_params.curve) > > > + }; > > > + > > > + idx.type =3D RTE_CRYPTO_ASYM_XFORM_ECPM; > > > + capabilities =3D rte_cryptodev_asym_capability_get(dev_id, > > > + (const struct > > > + rte_cryptodev_asym_capability_idx *) &idx); > > > + > > > + if (capabilities =3D=3D NULL) { > > > + status =3D TEST_SKIPPED; > > > + goto exit; > > > + } > > > + if (!rte_cryptodev_capa_check_ecdsa(capabilities, capa)) { > > > + status =3D TEST_SKIPPED; > > > + goto exit; > > > + } > > > + > > > /* Setup crypto op data structure */ > > > op =3D rte_crypto_op_alloc(op_mpool, > > > RTE_CRYPTO_OP_TYPE_ASYMMETRIC); > > > if (op =3D=3D NULL) { > > > @@ -2124,6 +2233,8 @@ test_ecpm_all_curve(void) > > > status =3D test_ecpm(curve_id); > > > if (status =3D=3D TEST_SUCCESS) { > > > msg =3D "succeeded"; > > > + } else if (status =3D=3D TEST_SKIPPED) { > > > + continue; > > > } else { > > > msg =3D "failed"; > > > overall_status =3D status; > > > @@ -2162,7 +2273,12 @@ static struct unit_test_suite > > > cryptodev_qat_asym_testsuite =3D { > > > .setup =3D testsuite_setup, > > > .teardown =3D testsuite_teardown, > > > .unit_test_cases =3D { > > > + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, > > > test_capability), > > > TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, > > test_one_by_one), > > > + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, > > > + test_ecdsa_sign_verify_all_curve), > > > + TEST_CASE_ST(ut_setup_asym, ut_teardown_asym, > > > + test_ecpm_all_curve), > > > TEST_CASES_END() /**< NULL terminate unit test array */ > > > } > > > }; > > > > I think patch need to be split for adding test app changes. > > > > > > > diff --git a/app/test/test_event_crypto_adapter.c > > > b/app/test/test_event_crypto_adapter.c > > > index 2ecc7e2cea..9a62241371 100644 > > > --- a/app/test/test_event_crypto_adapter.c > > > +++ b/app/test/test_event_crypto_adapter.c > > > @@ -450,7 +450,7 @@ test_session_with_op_forward_mode(void) > > > static int > > > test_asym_op_forward_mode(uint8_t session_less) { > > > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > > > + const struct rte_cryptodev_asymmetric_capability *capability; > > > struct rte_cryptodev_asym_capability_idx cap_idx; > > > struct rte_crypto_asym_xform xform_tc; > > > union rte_event_crypto_metadata m_data; @@ -458,6 +458,7 @@ > > > test_asym_op_forward_mode(uint8_t session_less) > > > struct rte_crypto_asym_op *asym_op; > > > struct rte_crypto_op *op; > > > uint8_t input[4096] =3D {0}; > > > + struct rte_crypto_mod_capability mod_capa =3D {0}; > > > uint8_t *result =3D NULL; > > > struct rte_event ev; > > > void *sess =3D NULL; > > > @@ -503,8 +504,9 @@ test_asym_op_forward_mode(uint8_t session_less) > > > asym_op->modex.base.length =3D modex_test_case.base.len; > > > asym_op->modex.result.data =3D result; > > > asym_op->modex.result.length =3D modex_test_case.result_len; > > > - if (rte_cryptodev_asym_xform_capability_check_modlen(capability, > > > - xform_tc.modex.modulus.length)) { > > > + > > > + mod_capa.max_mod_size =3D xform_tc.modex.modulus.length; > > > + if (!rte_cryptodev_capa_check_mod(capability, mod_capa)) { > > > RTE_LOG(INFO, USER1, > > > "line %u FAILED: %s", __LINE__, > > > "Invalid MODULUS length specified"); @@ -784,7 > > +786,7 @@ > > > test_session_with_op_new_mode(void) > > > static int > > > test_asym_op_new_mode(uint8_t session_less) { > > > - const struct rte_cryptodev_asymmetric_xform_capability *capability; > > > + const struct rte_cryptodev_asymmetric_capability *capability; > > > struct rte_cryptodev_asym_capability_idx cap_idx; > > > struct rte_crypto_asym_xform xform_tc; > > > union rte_event_crypto_metadata m_data; @@ -792,6 +794,7 @@ > > > test_asym_op_new_mode(uint8_t session_less) > > > struct rte_crypto_asym_op *asym_op; > > > struct rte_crypto_op *op; > > > uint8_t input[4096] =3D {0}; > > > + struct rte_crypto_mod_capability mod_capa =3D {0}; > > > > Can you move this above to maintain reverse Xmas tree? > > > > > uint8_t *result =3D NULL; > > > void *sess =3D NULL; > > > uint32_t cap; > > > @@ -835,8 +838,9 @@ test_asym_op_new_mode(uint8_t session_less) > > > asym_op->modex.base.length =3D modex_test_case.base.len; > > > asym_op->modex.result.data =3D result; > > > asym_op->modex.result.length =3D modex_test_case.result_len; > > > - if (rte_cryptodev_asym_xform_capability_check_modlen(capability, > > > - xform_tc.modex.modulus.length)) { > > > + > > > + mod_capa.max_mod_size =3D xform_tc.modex.modulus.length; > > > + if (!rte_cryptodev_capa_check_mod(capability, mod_capa)) { > > > RTE_LOG(INFO, USER1, > > > "line %u FAILED: %s", __LINE__, > > > "Invalid MODULUS length specified"); diff --git > > > a/drivers/crypto/openssl/rte_openssl_pmd_ops.c > > > b/drivers/crypto/openssl/rte_openssl_pmd_ops.c > > > index 16ec5e15eb..e734fc2a69 100644 > > > --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c > > > +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c > > > @@ -7,6 +7,7 @@ > > > #include > > > #include > > > #include > > > +#include > > > > > > #include "openssl_pmd_private.h" > > > #include "compat.h" > > > @@ -470,103 +471,82 @@ static const struct rte_cryptodev_capabilities > > > openssl_pmd_capabilities[] =3D { > > > }, } > > > }, } > > > }, > > > - { /* RSA */ > > > + { /* Modular exponentiation */ > > > .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > > > {.asym =3D { > > > - .xform_capa =3D { > > > - .xform_type =3D > > > RTE_CRYPTO_ASYM_XFORM_RSA, > > > - .op_types =3D ((1 << > > > RTE_CRYPTO_ASYM_OP_SIGN) | > > > - (1 << RTE_CRYPTO_ASYM_OP_VERIFY) > > > | > > > - (1 << > > > RTE_CRYPTO_ASYM_OP_ENCRYPT) | > > > - (1 << > > > RTE_CRYPTO_ASYM_OP_DECRYPT)), > > > - { > > > - .modlen =3D { > > > - /* min length is based on openssl rsa keygen */ > > > - .min =3D 30, > > > - /* value 0 symbolizes no limit on max length */ > > > - .max =3D 0, > > > - .increment =3D 1 > > > - }, } > > > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_MODEX, > > > + .mod =3D { > > > + .max_mod_size =3D 0 > > > + } > > > } > > > - }, > > > } > > > }, > > > - { /* modexp */ > > > + { /* Modular multiplicative inverse */ > > > .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > > > {.asym =3D { > > > - .xform_capa =3D { > > > - .xform_type =3D > > > RTE_CRYPTO_ASYM_XFORM_MODEX, > > > - .op_types =3D 0, > > > - { > > > - .modlen =3D { > > > - /* value 0 symbolizes no limit on min length */ > > > - .min =3D 0, > > > - /* value 0 symbolizes no limit on max length */ > > > - .max =3D 0, > > > - .increment =3D 1 > > > - }, } > > > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_MODINV, > > > + .mod =3D { > > > + .max_mod_size =3D 0 > > > + } > > > } > > > - }, > > > } > > > }, > > > - { /* modinv */ > > > + { /* RSA */ > > > .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > > > {.asym =3D { > > > - .xform_capa =3D { > > > - .xform_type =3D > > > RTE_CRYPTO_ASYM_XFORM_MODINV, > > > - .op_types =3D 0, > > > - { > > > - .modlen =3D { > > > - /* value 0 symbolizes no limit on min length */ > > > - .min =3D 0, > > > - /* value 0 symbolizes no limit on max length */ > > > - .max =3D 0, > > > - .increment =3D 1 > > > - }, } > > > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_RSA, > > > + .rsa =3D { > > > + .padding =3D > > > + > > > RTE_BIT32(RTE_CRYPTO_RSA_PADDING_NONE) | > > > + > > > RTE_BIT32(RTE_CRYPTO_RSA_PADDING_PKCS1_5), > > > + .hash =3D > > > + RTE_BIT32(RTE_CRYPTO_AUTH_MD5) > > > | > > > + RTE_BIT32(RTE_CRYPTO_AUTH_SHA1) > > > | > > > + > > > RTE_BIT32(RTE_CRYPTO_AUTH_SHA224) | > > > + > > > RTE_BIT32(RTE_CRYPTO_AUTH_SHA256) | > > > + > > > RTE_BIT32(RTE_CRYPTO_AUTH_SHA384) | > > > + > > > RTE_BIT32(RTE_CRYPTO_AUTH_SHA512), > > > + .max_key_size =3D 0 > > > + } > > > } > > > - }, > > > } > > > }, > > > - { /* dh */ > > > + { /* Diffie-Hellman */ > > > .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > > > {.asym =3D { > > > - .xform_capa =3D { > > > - .xform_type =3D > > > RTE_CRYPTO_ASYM_XFORM_DH, > > > - .op_types =3D > > > - > > > ((1< > > - (1 << > > > RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE | > > > - (1 << > > > - > > > RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE))), > > > - { > > > - .modlen =3D { > > > - /* value 0 symbolizes no limit on min length */ > > > - .min =3D 0, > > > - /* value 0 symbolizes no limit on max length */ > > > - .max =3D 0, > > > - .increment =3D 1 > > > - }, } > > > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_DH, > > > + .dh =3D { > > > + .max_group_size =3D 0, > > > + .priv_key_gen =3D 1 > > > + } > > > } > > > - }, > > > } > > > }, > > > - { /* dsa */ > > > + { /* DSA */ > > > .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > > > {.asym =3D { > > > - .xform_capa =3D { > > > - .xform_type =3D > > > RTE_CRYPTO_ASYM_XFORM_DSA, > > > - .op_types =3D > > > - ((1< > > - (1 << RTE_CRYPTO_ASYM_OP_VERIFY)), > > > - { > > > - .modlen =3D { > > > - /* value 0 symbolizes no limit on min length */ > > > - .min =3D 0, > > > - /* value 0 symbolizes no limit on max length */ > > > - .max =3D 0, > > > - .increment =3D 1 > > > - }, } > > > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_DSA, > > > + .dsa =3D { > > > + .max_key_size =3D 0, > > > + .random_k =3D 1 > > > + } > > > + } > > > + } > > > + }, > > > + { /* ECDSA */ > > > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > > > + {.asym =3D { > > > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_ECDSA, > > > + .ecdsa =3D { > > > + .curves =3D > > > + > > > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP192R1) | > > > + > > > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP224R1) | > > > + > > > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP256R1) | > > > + > > > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP384R1) | > > > + > > > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP521R1), > > > + .random_k =3D 1 > > > + } > > > } > > > - }, > > > } > > > }, > > > > > > > Do not combine PMD changes for capabilities in cryptodev patch for new = APIs. > > > > > > > diff --git a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c > > > b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c > > > index 4499fdaf2d..d5144bca84 100644 > > > --- a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c > > > +++ b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c > > > @@ -28,16 +28,64 @@ struct rte_cryptodev_ops > qat_asym_crypto_ops_gen1 > > > =3D { }; > > > > > > static struct rte_cryptodev_capabilities qat_asym_crypto_caps_gen1[]= =3D { > > > - QAT_ASYM_CAP(MODEX, > > > - 0, 1, 512, 1), > > > - QAT_ASYM_CAP(MODINV, > > > - 0, 1, 512, 1), > > > - QAT_ASYM_CAP(RSA, > > > - ((1 << RTE_CRYPTO_ASYM_OP_SIGN) | > > > - (1 << RTE_CRYPTO_ASYM_OP_VERIFY) | > > > - (1 << RTE_CRYPTO_ASYM_OP_ENCRYPT) | > > > - (1 << RTE_CRYPTO_ASYM_OP_DECRYPT)), > > > - 64, 512, 64), > > > + { /* Modular exponentiation */ > > > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > > > + {.asym =3D { > > > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_MODEX, > > > + .mod =3D { > > > + .max_mod_size =3D 4096 > > > + } > > > + } > > > + } > > > + }, > > > + { /* Modular multiplicative inverse */ > > > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > > > + {.asym =3D { > > > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_MODINV, > > > + .mod =3D { > > > + .max_mod_size =3D 4096 > > > + } > > > + } > > > + } > > > + }, > > > + { /* RSA */ > > > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > > > + {.asym =3D { > > > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_RSA, > > > + .rsa =3D { > > > + .padding =3D > > > + > > > RTE_BIT32(RTE_CRYPTO_RSA_PADDING_NONE), > > > + .hash =3D 0, > > > + .max_key_size =3D 4096 > > > + } > > > + } > > > + } > > > + }, > > > + { /* ECDSA */ > > > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > > > + {.asym =3D { > > > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_ECDSA, > > > + .ecdsa =3D { > > > + .curves =3D > > > + > > > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP256R1) | > > > + > > > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP521R1), > > > + .random_k =3D 0 > > > + } > > > + } > > > + } > > > + }, > > > + { /* ECPM */ > > > + .op =3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC, > > > + {.asym =3D { > > > + .xform_type =3D RTE_CRYPTO_ASYM_XFORM_ECPM, > > > + .ecdsa =3D { > > > + .curves =3D > > > + > > > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP256R1) | > > > + > > > RTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP521R1) > > > + } > > > + } > > > + } > > > + }, > > > RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() > > > }; > > > > > > diff --git a/lib/cryptodev/rte_crypto_asym.h > > > b/lib/cryptodev/rte_crypto_asym.h index d90a7a1957..41b22450d3 100644 > > > --- a/lib/cryptodev/rte_crypto_asym.h > > > +++ b/lib/cryptodev/rte_crypto_asym.h > > > @@ -41,6 +41,14 @@ rte_crypto_asym_ke_strings[]; extern const char * > > > rte_crypto_asym_op_strings[]; > > > > > > +/** RSA padding type name strings */ > > > +extern const char * > > > +rte_crypto_asym_rsa_padding[]; > > > > rte_crypto_asym_rsa_padding_strings > > > > > + > > > +/** Elliptic curves name strings */ > > > +extern const char * > > > +rte_crypto_curves_strings[]; > > > + > > > /** > > > * Buffer to hold crypto params required for asym operations. > > > * > > > @@ -265,6 +273,46 @@ struct rte_crypto_rsa_padding { > > > */ > > > }; > > > > > > +struct rte_crypto_mod_capability { > > > + uint16_t max_mod_size; > > > + /**< Maximum supported modulus size in bytes, 0 means no limit */ }= ; > > > + > > > +struct rte_crypto_rsa_capability { > > > + uint32_t padding; > > > + /**< List of supported paddings */ > > How is this list supposed to work? > > I believe this should be enum to specify a single value. > > Driver can maintain a static array to list all supported ones. > > And application can query if a particular capability which it intend to= use Is > > supported by the PMD. > > > > > + uint32_t hash; > > > + /**< List of supported hash functions */ > > Same comment here as well > > > > > + uint32_t max_key_size; > > > + /**< Maximum supported key size in bytes, 0 means no limit */ }; > > > + > > > +struct rte_crypto_dh_capability { > > > + uint16_t max_group_size; > > > + /**< Maximum group in bytes, 0 means no limit */ > > Maximum group size in bytes ... > > > > > + uint8_t priv_key_gen; > > > + /**< Does PMD supports private key generation generation */ > > Is it a flag? Please comment it properly. > > > > > +}; > > > + > > > +struct rte_crypto_dsa_capability { > > > + uint16_t max_key_size; > > > + /**< Maximum supported key size in bytes, 0 means no limit */ > > > + uint8_t random_k; > > > + /**< Does PMD supports random 'k' generation */ > > > > Comments should not ask questions. > > > > > +}; > > > + > > > +struct rte_crypto_ecdsa_capability { > > > + uint64_t curves; > > > + /**< Supported elliptic curve ids */ > > Shouldn't this also be enum? > > > > > + uint8_t random_k; > > > + /**< Does PMD supports random 'k' generation */ > > > > Same comment as above. > > > +}; > > > + > > > +struct rte_crypto_ecpm_capability { > > > + uint64_t curves; > > > + /**< Supported elliptic curve ids */ > > > > Enum?? > > > > > +}; > > > + > > > /** > > > * Asymmetric RSA transform data > > > * > > > diff --git a/lib/cryptodev/rte_cryptodev.c > > > b/lib/cryptodev/rte_cryptodev.c index 57ee6b3f07..b1ad1112fe 100644 > > > --- a/lib/cryptodev/rte_cryptodev.c > > > +++ b/lib/cryptodev/rte_cryptodev.c > > > @@ -190,6 +190,27 @@ const char *rte_crypto_asym_ke_strings[] =3D { = }; > > > > > > /** > > > + * RSA padding string identifiers > > > + */ > > > +const char *rte_crypto_asym_rsa_padding[] =3D { > > > + [RTE_CRYPTO_RSA_PADDING_NONE] =3D > > > "RTE_CRYPTO_RSA_PADDING_NONE", > > > + [RTE_CRYPTO_RSA_PADDING_PKCS1_5] =3D > > > "RTE_CRYPTO_RSA_PADDING_PKCS1_5", > > > + [RTE_CRYPTO_RSA_PADDING_OAEP] =3D > > > "RTE_CRYPTO_RSA_PADDING_OAEP", > > > + [RTE_CRYPTO_RSA_PADDING_PSS] =3D > > > "RTE_CRYPTO_RSA_PADDING_PSS" > > > +}; > > > + > > > +/** > > > + * Elliptic curves string identifiers */ const char > > > +*rte_crypto_curves_strings[] =3D { > > > + [RTE_CRYPTO_EC_GROUP_SECP192R1] =3D > > > "RTE_CRYPTO_EC_GROUP_SECP192R1", > > > + [RTE_CRYPTO_EC_GROUP_SECP224R1] =3D > > > "RTE_CRYPTO_EC_GROUP_SECP224R1", > > > + [RTE_CRYPTO_EC_GROUP_SECP256R1] =3D > > > "RTE_CRYPTO_EC_GROUP_SECP256R1", > > > + [RTE_CRYPTO_EC_GROUP_SECP384R1] =3D > > > "RTE_CRYPTO_EC_GROUP_SECP384R1", > > > + [RTE_CRYPTO_EC_GROUP_SECP521R1] =3D > > > "RTE_CRYPTO_EC_GROUP_SECP521R1", > > > +}; > > > + > > > +/** > > > * The private data structure stored in the sym session mempool priv= ate > data. > > > */ > > > struct rte_cryptodev_sym_session_pool_private_data { @@ -347,7 +368,= 7 > > > @@ param_range_check(uint16_t size, const struct > > > rte_crypto_param_range *range) > > > return -1; > > > } > > > > > > -const struct rte_cryptodev_asymmetric_xform_capability * > > > +const struct rte_cryptodev_asymmetric_capability * > > > rte_cryptodev_asym_capability_get(uint8_t dev_id, > > > const struct rte_cryptodev_asym_capability_idx *idx) { @@ - > > 363,8 > > > +384,8 @@ rte_cryptodev_asym_capability_get(uint8_t dev_id, > > > if (capability->op !=3D RTE_CRYPTO_OP_TYPE_ASYMMETRIC) > > > continue; > > > > > > - if (capability->asym.xform_capa.xform_type =3D=3D idx->type) > > > - return &capability->asym.xform_capa; > > > + if (capability->asym.xform_type =3D=3D idx->type) > > > + return &capability->asym; > > > } > > > return NULL; > > > }; > > > @@ -456,6 +477,59 @@ > > rte_cryptodev_asym_xform_capability_check_modlen( > > > return 0; > > > } > > > > > > +int > > > +rte_cryptodev_capa_check_mod( > > > > API name should be rte_cryptodev_mod_capa_check Verb should come in the > > end. > > Fix other APIs also. > > > > > + const struct rte_cryptodev_asymmetric_capability *capa, > > > + struct rte_crypto_mod_capability mod) { > > > + if (capa->mod.max_mod_size =3D=3D 0) > > > + return 1; > > > + > > > + if (mod.max_mod_size <=3D capa->mod.max_mod_size) > > > + return 1; > > > + else > > > + return 0; > > > +} > > > + > > > +int > > > +rte_cryptodev_capa_check_rsa( > > > + const struct rte_cryptodev_asymmetric_capability *capa, > > > + struct rte_crypto_rsa_capability rsa) { > > > + if (rsa.padding !=3D (capa->rsa.padding & rsa.padding)) > > > + return 0; > > > + if (rsa.hash !=3D (capa->rsa.hash & rsa.hash)) > > > + return 0; > > > + if (capa->rsa.max_key_size =3D=3D 0) > > > + return 1; > > > + if (rsa.max_key_size <=3D capa->rsa.max_key_size) > > > + return 1; > > > + else > > > + return 0; > > > +} > > > > Can we have something similar to symmetric crypto/rte_security capabili= ties? > In what way similar? There are mostly range checks in symmetric. Please ignore this comment, I misinterpreted xforms with algos. For each of the xforms we can have separate API to check. All algos in that particular xform can be clubbed in same API. > > > > > + > > > +int > > > +rte_cryptodev_capa_check_ecdsa( > > > + const struct rte_cryptodev_asymmetric_capability *capa, > > > + struct rte_crypto_ecdsa_capability ecdsa) { > > > + if (ecdsa.curves !=3D (capa->ecdsa.curves & ecdsa.curves)) > > > + return 0; > > > + if (ecdsa.random_k =3D=3D 1 && capa->ecdsa.random_k =3D=3D 0) > > > + return 0; > > > + return 1; > > > +} > > > + > > > +int > > > +rte_cryptodev_capa_check_ecpm( > > > + const struct rte_cryptodev_asymmetric_capability *capa, > > > + struct rte_crypto_ecpm_capability ecpm) { > > > + if (ecpm.curves !=3D (capa->ecpm.curves & ecpm.curves)) > > > + return 0; > > > + return 1; > > > +} > > > + > > > /* spinlock for crypto device enq callbacks */ static rte_spinlock_= t > > > rte_cryptodev_callback_lock =3D RTE_SPINLOCK_INITIALIZER; > > > > > > diff --git a/lib/cryptodev/rte_cryptodev.h > > > b/lib/cryptodev/rte_cryptodev.h index 2c2c2edeb7..6c5bd819b2 100644 > > > --- a/lib/cryptodev/rte_cryptodev.h > > > +++ b/lib/cryptodev/rte_cryptodev.h > > > @@ -184,6 +184,19 @@ struct rte_cryptodev_asymmetric_xform_capability > { > > > * > > > */ > > > struct rte_cryptodev_asymmetric_capability { > > > + enum rte_crypto_asym_xform_type xform_type; > > > + /**< Asymmetric transform type */ > > > + uint32_t op_types; > > > + /**< bitmask for supported rte_crypto_asym_op_type */ > > > + union { > > > + struct rte_crypto_mod_capability mod; > > > + struct rte_crypto_rsa_capability rsa; > > > + struct rte_crypto_dh_capability dh; > > > + struct rte_crypto_dsa_capability dsa; > > > + struct rte_crypto_ecdsa_capability ecdsa; > > > + struct rte_crypto_ecpm_capability ecpm; > > > + }; > > > + > > > struct rte_cryptodev_asymmetric_xform_capability xform_capa; }; > > > > > > @@ -247,7 +260,7 @@ rte_cryptodev_sym_capability_get(uint8_t dev_id, > > > * - Return NULL if the capability not exist. > > > */ > > > __rte_experimental > > > -const struct rte_cryptodev_asymmetric_xform_capability * > > > +const struct rte_cryptodev_asymmetric_capability * > > > rte_cryptodev_asym_capability_get(uint8_t dev_id, > > > const struct rte_cryptodev_asym_capability_idx *idx); > > > > > > @@ -339,6 +352,66 @@ > > rte_cryptodev_asym_xform_capability_check_modlen( > > > uint16_t modlen); > > > > > > /** > > > + * Check if requested Modexp features are supported > > > + * > > > + * @param capability Description of the asymmetric crypto > > > capability. > > > + * @param mod Modexp requested capability. > > > + * > > > + * @return > > > + * - Return 1 if the parameters are in range of the capability. > > > + * - Return 0 if the parameters are out of range of the capability= . > > > + */ > > > +__rte_experimental > > > +int > > > +rte_cryptodev_capa_check_mod( > > > + const struct rte_cryptodev_asymmetric_capability *capa, > > > + struct rte_crypto_mod_capability mod); > > > +/** > > > + * Check if requested RSA features are supported > > > + * > > > + * @param capability Description of the asymmetric crypto > > > capability. > > > + * @param rsa RSA requested capability. > > > + * > > > + * @return > > > + * - Return 1 if the parameters are in range of the capability. > > > + * - Return 0 if the parameters are out of range of the capability= . > > > + */ > > > +__rte_experimental > > > +int > > > +rte_cryptodev_capa_check_rsa( > > > + const struct rte_cryptodev_asymmetric_capability *capa, > > > + struct rte_crypto_rsa_capability rsa); > > > +/** > > > + * Check if requested ECDSA features are supported > > > + * > > > + * @param capability Description of the asymmetric crypto > > > capability. > > > + * @param ecdsa ECDSA requested capability. > > > + * > > > + * @return > > > + * - Return 1 if the parameters are in range of the capability. > > > + * - Return 0 if the parameters are out of range of the capability= . > > > + */ > > > +__rte_experimental > > > +int > > > +rte_cryptodev_capa_check_ecdsa( > > > + const struct rte_cryptodev_asymmetric_capability *capa, > > > + struct rte_crypto_ecdsa_capability ecdsa); > > > +/** > > > + * Check if requested ECPM features are supported > > > + * > > > + * @param capability Description of the asymmetric crypto > > > capability. > > > + * @param ecpm ECPM requested capability. > > > + * > > > + * @return > > > + * - Return 1 if the parameters are in range of the capability. > > > + * - Return 0 if the parameters are out of range of the capability= . > > > + */ > > > +__rte_experimental > > > +int > > > +rte_cryptodev_capa_check_ecpm( > > > + const struct rte_cryptodev_asymmetric_capability *capa, > > > + struct rte_crypto_ecpm_capability ecpm); > > > +/** > > > * Provide the cipher algorithm enum, given an algorithm string > > > * > > > * @param algo_enum A pointer to the cipher algorithm > > > diff --git a/lib/cryptodev/version.map b/lib/cryptodev/version.map > > > index f0abfaa47d..4d93b9a947 100644 > > > --- a/lib/cryptodev/version.map > > > +++ b/lib/cryptodev/version.map > > > @@ -108,6 +108,10 @@ EXPERIMENTAL { > > > > > > #added in 22.07 > > > rte_cryptodev_session_event_mdata_set; > > > + rte_cryptodev_capa_check_mod; > > > + rte_cryptodev_capa_check_rsa; > > > + rte_cryptodev_capa_check_ecdsa; > > > + rte_cryptodev_capa_check_ecpm; > > > }; > > > > > > INTERNAL { > > > -- > > > 2.13.6