From: "Kusztal, ArkadiuszX" <arkadiuszx.kusztal@intel.com>
To: Akhil Goyal <gakhil@marvell.com>, "dev@dpdk.org" <dev@dpdk.org>
Cc: "Zhang, Roy Fan" <roy.fan.zhang@intel.com>
Subject: RE: [EXT] [PATCH v2] cryptodev: add elliptic curve diffie hellman
Date: Tue, 17 May 2022 11:58:07 +0000 [thread overview]
Message-ID: <PH0PR11MB5013FE9639A0A2FFE59BA2429FCE9@PH0PR11MB5013.namprd11.prod.outlook.com> (raw)
In-Reply-To: <CO6PR18MB4484675731CB653B516D9004D8CF9@CO6PR18MB4484.namprd18.prod.outlook.com>
> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Monday, May 16, 2022 8:42 PM
> To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>
> Subject: RE: [EXT] [PATCH v2] cryptodev: add elliptic curve diffie hellman
>
> > This commit adds Elliptic Curve Diffie-Hellman option to Cryptodev.
> > This could be achieved with EC point multiplication but:
> > 1) Phase 1 of DH is used with EC generator, multiplication expect
> > setting generator manually.
> > 2) It will unify usage of DH.
> > 3) Can be extended easily to support X25519 and X448.
>
> It is not clear how adding ECDH option will achieve above three statements.
[Arek] - Sure I will add an explanation, more or less like this:
1) - EC point multiplication allows user to process every phase of ECDH but for phase 1, user should really not care about generator. He does no even need to know how generator looks like, therefore setting ec would make this work for him.
2) - Instead of having {dh_op, ecdh_op, x448_op, x25519_op} would would have on DH combined with different types of xform (dh_xform for FFDH and EC for curves).
3) - Addition of field in the union should be enough, provided that curves are added to enum.
>
> >
> > Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> > ---
> > v2:
> > - added ecdh comments to operation types
> >
> > Depends-on: series-22684 ("cryptodev: move dh type from xform to dh
> > op")
> >
> > lib/cryptodev/rte_crypto_asym.h | 46
> > +++++++++++++++++++++++----------------
> > --
> > 1 file changed, 26 insertions(+), 20 deletions(-)
> >
> > diff --git a/lib/cryptodev/rte_crypto_asym.h
> > b/lib/cryptodev/rte_crypto_asym.h index 4697a7bc59..64d97ae054 100644
> > --- a/lib/cryptodev/rte_crypto_asym.h
> > +++ b/lib/cryptodev/rte_crypto_asym.h
> > @@ -91,6 +91,8 @@ enum rte_crypto_asym_xform_type {
> > /**< Elliptic Curve Digital Signature Algorithm
> > * Perform Signature Generation and Verification.
> > */
> > + RTE_CRYPTO_ASYM_XFORM_ECDH,
> > + /**< Elliptic Curve Diffie Hellman */
>
> Can we add this after ECPM?
>
> And we also need to remove the LIST_ENDs from Asym.
>
> > RTE_CRYPTO_ASYM_XFORM_ECPM,
> > /**< Elliptic Curve Point Multiplication */
> > RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
> > @@ -112,9 +114,9 @@ enum rte_crypto_asym_op_type {
> > RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE,
> > /**< DH Private Key generation operation */
> > RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE,
> > - /**< DH Public Key generation operation */
> > + /**< DH/ECDH Public Key generation operation */
> > RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE,
> > - /**< DH Shared Secret compute operation */
> > + /**< DH/ECDH Shared Secret compute operation */
> > RTE_CRYPTO_ASYM_OP_LIST_END
> > };
> >
> > @@ -385,34 +387,38 @@ struct rte_crypto_rsa_op_param { };
> >
> > /**
> > - * Diffie-Hellman Operations params.
> > + * Diffie-Hellman/Elliptic Curve Diffie-Hellman operation.
> > * @note:
> > */
> > struct rte_crypto_dh_op_param {
> > enum rte_crypto_asym_op_type op_type;
> > /**< Diffie-Hellman operation type */
> > - rte_crypto_uint pub_key;
> > + rte_crypto_param priv_key;
> > /**<
> > - * Output generated public key when op_type is
> > - * DH PUB_KEY_GENERATION.
> > - * Input peer public key when op_type is DH
> > - * SHARED_SECRET_COMPUTATION
> > - *
> > + * Diffie-Hellman private part
> > + * For DH and ECDH it is big-endian integer.
> > + * Input for both phases of Diffie-Hellman
> > */
> > -
> > - rte_crypto_uint priv_key;
> > + union {
> > + rte_crypto_uint pub_key;
> > + struct rte_crypto_ec_point pub_point;
> > + };
> > /**<
> > - * Output generated private key if op_type is
> > - * DH PRIVATE_KEY_GENERATION
> > - * Input when op_type is DH SHARED_SECRET_COMPUTATION.
> > - *
> > + * Diffie-Hellman public part
> > + * For DH it is big-endian unsigned integer.
> > + * For ECDH it is a point on the curve.
> > + * Output for RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE
> > + * Input for RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE
> > */
> > -
> > - rte_crypto_uint shared_secret;
> > + union {
> > + rte_crypto_uint shared_secret;
> > + struct rte_crypto_ec_point shared_point;
> > + };
> > /**<
> > - * Output with calculated shared secret
> > - * when dh op_type = SHARED_SECRET_COMPUTATION.
> > - *
> > + * Diffie-Hellman shared secret
> > + * For DH it is big-endian unsigned integer.
> > + * For ECDH it is a point on the curve.
> > + * Output for RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE
> > */
> > };
>
> There are 2 questions for this above change.
> - why is the order of parameters change?
> - The patch description does not describe this change. Could you separate out
> this change And provide proper explanation to this change?
next prev parent reply other threads:[~2022-05-17 11:58 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-27 9:55 Arek Kusztal
2022-05-10 10:06 ` Zhang, Roy Fan
2022-05-16 18:42 ` [EXT] " Akhil Goyal
2022-05-17 11:58 ` Kusztal, ArkadiuszX [this message]
2022-05-17 12:02 ` Kusztal, ArkadiuszX
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=PH0PR11MB5013FE9639A0A2FFE59BA2429FCE9@PH0PR11MB5013.namprd11.prod.outlook.com \
--to=arkadiuszx.kusztal@intel.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=roy.fan.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).