* [PATCH v4 0/3] cryptodev: move dh type from xform to dh op
@ 2022-04-27 7:43 Arek Kusztal
2022-04-27 7:43 ` [PATCH v4 1/3] " Arek Kusztal
` (5 more replies)
0 siblings, 6 replies; 13+ messages in thread
From: Arek Kusztal @ 2022-04-27 7:43 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should
be free to choose for any operation. One xform/session should
be enough to perform both DH operations, if op_type would be xform
member, session would have to be to be created twice for the same
group. Similar problem would be observed in sessionless case.
Additionally, it will help extend DH to support Elliptic Curves.
v4:
- changed op_type coment
- added openssl fix
Arek Kusztal (3):
cryptodev: move dh type from xform to dh op
crypto/openssl: move dh type from xform to dh op
test/crypto: move dh type from xform to dh op
app/test/test_cryptodev_asym.c | 11 +++---
drivers/crypto/openssl/rte_openssl_pmd.c | 54 ++--------------------------
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 26 --------------
lib/cryptodev/rte_crypto_asym.h | 14 ++++----
4 files changed, 16 insertions(+), 89 deletions(-)
--
2.13.6
^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH v4 1/3] cryptodev: move dh type from xform to dh op
2022-04-27 7:43 [PATCH v4 0/3] cryptodev: move dh type from xform to dh op Arek Kusztal
@ 2022-04-27 7:43 ` Arek Kusztal
2022-04-27 8:11 ` Zhang, Roy Fan
2022-05-10 9:26 ` Ji, Kai
2022-04-27 7:43 ` [PATCH v4 2/3] crypto/openssl: " Arek Kusztal
` (4 subsequent siblings)
5 siblings, 2 replies; 13+ messages in thread
From: Arek Kusztal @ 2022-04-27 7:43 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should
be free to choose for any operation. One xform/session should
be enough to perform both DH operations, if op_type would be xform
member, session would have to be to be created twice for the same
group. Similar problem would be observed in sessionless case.
Additionally, it will help extend DH to support Elliptic Curves.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
lib/cryptodev/rte_crypto_asym.h | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index cd24d4b07b..4697a7bc59 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -256,8 +256,6 @@ struct rte_crypto_modinv_xform {
*
*/
struct rte_crypto_dh_xform {
- enum rte_crypto_asym_op_type type;
- /**< Setup xform for key generate or shared secret compute */
rte_crypto_uint p;
/**< Prime modulus data */
rte_crypto_uint g;
@@ -391,27 +389,29 @@ struct rte_crypto_rsa_op_param {
* @note:
*/
struct rte_crypto_dh_op_param {
+ enum rte_crypto_asym_op_type op_type;
+ /**< Diffie-Hellman operation type */
rte_crypto_uint pub_key;
/**<
- * Output generated public key when xform type is
+ * Output generated public key when op_type is
* DH PUB_KEY_GENERATION.
- * Input peer public key when xform type is DH
+ * Input peer public key when op_type is DH
* SHARED_SECRET_COMPUTATION
*
*/
rte_crypto_uint priv_key;
/**<
- * Output generated private key if xform type is
+ * Output generated private key if op_type is
* DH PRIVATE_KEY_GENERATION
- * Input when xform type is DH SHARED_SECRET_COMPUTATION.
+ * Input when op_type is DH SHARED_SECRET_COMPUTATION.
*
*/
rte_crypto_uint shared_secret;
/**<
* Output with calculated shared secret
- * when dh xform set up with op type = SHARED_SECRET_COMPUTATION.
+ * when dh op_type = SHARED_SECRET_COMPUTATION.
*
*/
};
--
2.13.6
^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH v4 2/3] crypto/openssl: move dh type from xform to dh op
2022-04-27 7:43 [PATCH v4 0/3] cryptodev: move dh type from xform to dh op Arek Kusztal
2022-04-27 7:43 ` [PATCH v4 1/3] " Arek Kusztal
@ 2022-04-27 7:43 ` Arek Kusztal
2022-04-27 8:11 ` Zhang, Roy Fan
2022-04-27 7:44 ` [PATCH v4 3/3] test/crypto: " Arek Kusztal
` (3 subsequent siblings)
5 siblings, 1 reply; 13+ messages in thread
From: Arek Kusztal @ 2022-04-27 7:43 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This commit reflects API changes of location of
operation type in Diffie-Hellman.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/crypto/openssl/rte_openssl_pmd.c | 54 ++--------------------------
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 26 --------------
2 files changed, 3 insertions(+), 77 deletions(-)
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index d80e1052e2..409711c097 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1696,12 +1696,7 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
BIGNUM *priv_key = NULL;
int ret = 0;
- if (sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE)) {
- /* compute shared secret using peer public key
- * and current private key
- * shared secret = peer_key ^ priv_key mod p
- */
+ if (op->op_type == RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE) {
BIGNUM *peer_key = NULL;
/* copy private key and peer key and compute shared secret */
@@ -1735,10 +1730,6 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
if (ret < 0) {
cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
BN_free(peer_key);
- /* priv key is already loaded into dh,
- * let's not free that directly here.
- * DH_free() will auto free it later.
- */
return 0;
}
cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
@@ -1747,50 +1738,12 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
return 0;
}
- /*
- * other options are public and private key generations.
- *
- * if user provides private key,
- * then first set DH with user provided private key
- */
- if ((sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) &&
- !(sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE))) {
- /* generate public key using user-provided private key
- * pub_key = g ^ priv_key mod p
- */
-
- /* load private key into DH */
- priv_key = BN_bin2bn(op->priv_key.data,
- op->priv_key.length,
- priv_key);
- if (priv_key == NULL) {
- cop->status = RTE_CRYPTO_OP_STATUS_NOT_PROCESSED;
- return -1;
- }
- ret = set_dh_priv_key(dh_key, priv_key);
- if (ret) {
- OPENSSL_LOG(ERR, "Failed to set private key\n");
- cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
- BN_free(priv_key);
- return 0;
- }
- }
-
- /* generate public and private key pair.
- *
- * if private key already set, generates only public key.
- *
- * if private key is not already set, then set it to random value
- * and update internal private key.
- */
if (!DH_generate_key(dh_key)) {
cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
return 0;
}
- if (sess->u.dh.key_op & (1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) {
+ if (op->op_type == RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE) {
const BIGNUM *pub_key = NULL;
OPENSSL_LOG(DEBUG, "%s:%d update public key\n",
@@ -1804,8 +1757,7 @@ process_openssl_dh_op(struct rte_crypto_op *cop,
op->pub_key.data);
}
- if (sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE)) {
+ if (op->op_type == RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) {
const BIGNUM *priv_key = NULL;
OPENSSL_LOG(DEBUG, "%s:%d updated priv key\n",
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index 1cb07794bd..02802ab0c2 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -1000,32 +1000,6 @@ static int openssl_set_asym_session_parameters(
goto err_dh;
}
- /*
- * setup xfrom for
- * public key generate, or
- * DH Priv key generate, or both
- * public and private key generate
- */
- asym_session->u.dh.key_op = (1 << xform->dh.type);
-
- if (xform->dh.type ==
- RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) {
- /* check if next is pubkey */
- if ((xform->next != NULL) &&
- (xform->next->xform_type ==
- RTE_CRYPTO_ASYM_XFORM_DH) &&
- (xform->next->dh.type ==
- RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)
- ) {
- /*
- * setup op as pub/priv key
- * pair generationi
- */
- asym_session->u.dh.key_op |=
- (1 <<
- RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE);
- }
- }
asym_session->u.dh.dh_key = dh;
asym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_DH;
break;
--
2.13.6
^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH v4 3/3] test/crypto: move dh type from xform to dh op
2022-04-27 7:43 [PATCH v4 0/3] cryptodev: move dh type from xform to dh op Arek Kusztal
2022-04-27 7:43 ` [PATCH v4 1/3] " Arek Kusztal
2022-04-27 7:43 ` [PATCH v4 2/3] crypto/openssl: " Arek Kusztal
@ 2022-04-27 7:44 ` Arek Kusztal
2022-04-27 8:12 ` Zhang, Roy Fan
2022-04-27 8:12 ` [PATCH v4 0/3] cryptodev: " Zhang, Roy Fan
` (2 subsequent siblings)
5 siblings, 1 reply; 13+ messages in thread
From: Arek Kusztal @ 2022-04-27 7:44 UTC (permalink / raw)
To: dev; +Cc: gakhil, roy.fan.zhang, Arek Kusztal
This commit reflects API changes in Diffie-Hellman,
now for setting crypto operation type asym_op no xform
is responsible.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
app/test/test_cryptodev_asym.c | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
diff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c
index 573af2a537..a5e385f4bd 100644
--- a/app/test/test_cryptodev_asym.c
+++ b/app/test/test_cryptodev_asym.c
@@ -1064,8 +1064,8 @@ test_dh_gen_shared_sec(struct rte_crypto_asym_xform *xfrm)
asym_op = op->asym;
/* Setup a xform and op to generate private key only */
- xform.dh.type = RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE;
xform.next = NULL;
+ asym_op->dh.op_type = RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE;
asym_op->dh.priv_key.data = dh_test_params.priv_key.data;
asym_op->dh.priv_key.length = dh_test_params.priv_key.length;
asym_op->dh.pub_key.data = (uint8_t *)peer;
@@ -1146,7 +1146,7 @@ test_dh_gen_priv_key(struct rte_crypto_asym_xform *xfrm)
asym_op = op->asym;
/* Setup a xform and op to generate private key only */
- xform.dh.type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE;
+ asym_op->dh.op_type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE;
xform.next = NULL;
asym_op->dh.priv_key.data = output;
asym_op->dh.priv_key.length = sizeof(output);
@@ -1229,7 +1229,7 @@ test_dh_gen_pub_key(struct rte_crypto_asym_xform *xfrm)
* using test private key
*
*/
- xform.dh.type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE;
+ asym_op->dh.op_type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE;
xform.next = NULL;
asym_op->dh.pub_key.data = output;
@@ -1319,9 +1319,10 @@ test_dh_gen_kp(struct rte_crypto_asym_xform *xfrm)
/* Setup a xform chain to generate
* private key first followed by
* public key
- */xform.dh.type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE;
+ */
+ asym_op->dh.op_type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE;
pub_key_xform.xform_type = RTE_CRYPTO_ASYM_XFORM_DH;
- pub_key_xform.dh.type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE;
+ asym_op->dh.op_type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE;
xform.next = &pub_key_xform;
asym_op->dh.pub_key.data = out_pub_key;
--
2.13.6
^ permalink raw reply [flat|nested] 13+ messages in thread
* RE: [PATCH v4 1/3] cryptodev: move dh type from xform to dh op
2022-04-27 7:43 ` [PATCH v4 1/3] " Arek Kusztal
@ 2022-04-27 8:11 ` Zhang, Roy Fan
2022-05-10 9:26 ` Ji, Kai
1 sibling, 0 replies; 13+ messages in thread
From: Zhang, Roy Fan @ 2022-04-27 8:11 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev; +Cc: gakhil
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Wednesday, April 27, 2022 8:44 AM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; Kusztal,
> ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v4 1/3] cryptodev: move dh type from xform to dh op
>
> Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should
> be free to choose for any operation. One xform/session should
> be enough to perform both DH operations, if op_type would be xform
> member, session would have to be to be created twice for the same
> group. Similar problem would be observed in sessionless case.
> Additionally, it will help extend DH to support Elliptic Curves.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 13+ messages in thread
* RE: [PATCH v4 2/3] crypto/openssl: move dh type from xform to dh op
2022-04-27 7:43 ` [PATCH v4 2/3] crypto/openssl: " Arek Kusztal
@ 2022-04-27 8:11 ` Zhang, Roy Fan
0 siblings, 0 replies; 13+ messages in thread
From: Zhang, Roy Fan @ 2022-04-27 8:11 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev; +Cc: gakhil
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Wednesday, April 27, 2022 8:44 AM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; Kusztal,
> ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v4 2/3] crypto/openssl: move dh type from xform to dh op
>
> This commit reflects API changes of location of
> operation type in Diffie-Hellman.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 13+ messages in thread
* RE: [PATCH v4 3/3] test/crypto: move dh type from xform to dh op
2022-04-27 7:44 ` [PATCH v4 3/3] test/crypto: " Arek Kusztal
@ 2022-04-27 8:12 ` Zhang, Roy Fan
0 siblings, 0 replies; 13+ messages in thread
From: Zhang, Roy Fan @ 2022-04-27 8:12 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev; +Cc: gakhil
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Wednesday, April 27, 2022 8:44 AM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; Kusztal,
> ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v4 3/3] test/crypto: move dh type from xform to dh op
>
> This commit reflects API changes in Diffie-Hellman,
> now for setting crypto operation type asym_op no xform
> is responsible.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 13+ messages in thread
* RE: [PATCH v4 0/3] cryptodev: move dh type from xform to dh op
2022-04-27 7:43 [PATCH v4 0/3] cryptodev: move dh type from xform to dh op Arek Kusztal
` (2 preceding siblings ...)
2022-04-27 7:44 ` [PATCH v4 3/3] test/crypto: " Arek Kusztal
@ 2022-04-27 8:12 ` Zhang, Roy Fan
2022-04-27 15:57 ` [EXT] " Akhil Goyal
2022-05-10 9:43 ` Ji, Kai
5 siblings, 0 replies; 13+ messages in thread
From: Zhang, Roy Fan @ 2022-04-27 8:12 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev; +Cc: gakhil
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Sent: Wednesday, April 27, 2022 8:44 AM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; Kusztal,
> ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v4 0/3] cryptodev: move dh type from xform to dh op
>
> Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should
> be free to choose for any operation. One xform/session should
> be enough to perform both DH operations, if op_type would be xform
> member, session would have to be to be created twice for the same
> group. Similar problem would be observed in sessionless case.
> Additionally, it will help extend DH to support Elliptic Curves.
>
> v4:
> - changed op_type coment
> - added openssl fix
>
> Arek Kusztal (3):
> cryptodev: move dh type from xform to dh op
> crypto/openssl: move dh type from xform to dh op
> test/crypto: move dh type from xform to dh op
>
> app/test/test_cryptodev_asym.c | 11 +++---
> drivers/crypto/openssl/rte_openssl_pmd.c | 54 ++--------------------------
> drivers/crypto/openssl/rte_openssl_pmd_ops.c | 26 --------------
> lib/cryptodev/rte_crypto_asym.h | 14 ++++----
> 4 files changed, 16 insertions(+), 89 deletions(-)
>
> --
> 2.13.6
Series-acked-by: Fan Zhang <roy.fan.zhang@intel.com>
^ permalink raw reply [flat|nested] 13+ messages in thread
* RE: [EXT] [PATCH v4 0/3] cryptodev: move dh type from xform to dh op
2022-04-27 7:43 [PATCH v4 0/3] cryptodev: move dh type from xform to dh op Arek Kusztal
` (3 preceding siblings ...)
2022-04-27 8:12 ` [PATCH v4 0/3] cryptodev: " Zhang, Roy Fan
@ 2022-04-27 15:57 ` Akhil Goyal
2022-04-29 6:25 ` Kusztal, ArkadiuszX
2022-05-10 9:43 ` Ji, Kai
5 siblings, 1 reply; 13+ messages in thread
From: Akhil Goyal @ 2022-04-27 15:57 UTC (permalink / raw)
To: Arek Kusztal, dev; +Cc: roy.fan.zhang
Hi Arek,
> Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should
> be free to choose for any operation. One xform/session should
> be enough to perform both DH operations, if op_type would be xform
> member, session would have to be to be created twice for the same
> group. Similar problem would be observed in sessionless case.
> Additionally, it will help extend DH to support Elliptic Curves.
>
rte_crypto_asym_op_type is moved to rte_crypto_dh_op_param.
But why not move to rte_crypto_asym_op? I see that in other ops also,
Op_type is there, we can move that out. Right?
Also, I see one more potential issue.
There is a union of various ops in rte_crypto_asym_op, but how will
User identify which one to use. There should be a union to identify which
Struct to choose from.
> v4:
> - changed op_type coment
> - added openssl fix
>
> Arek Kusztal (3):
> cryptodev: move dh type from xform to dh op
> crypto/openssl: move dh type from xform to dh op
> test/crypto: move dh type from xform to dh op
>
> app/test/test_cryptodev_asym.c | 11 +++---
> drivers/crypto/openssl/rte_openssl_pmd.c | 54 ++--------------------------
> drivers/crypto/openssl/rte_openssl_pmd_ops.c | 26 --------------
> lib/cryptodev/rte_crypto_asym.h | 14 ++++----
> 4 files changed, 16 insertions(+), 89 deletions(-)
>
> --
> 2.13.6
^ permalink raw reply [flat|nested] 13+ messages in thread
* RE: [EXT] [PATCH v4 0/3] cryptodev: move dh type from xform to dh op
2022-04-27 15:57 ` [EXT] " Akhil Goyal
@ 2022-04-29 6:25 ` Kusztal, ArkadiuszX
2022-05-06 12:05 ` Kusztal, ArkadiuszX
0 siblings, 1 reply; 13+ messages in thread
From: Kusztal, ArkadiuszX @ 2022-04-29 6:25 UTC (permalink / raw)
To: Akhil Goyal, dev; +Cc: Zhang, Roy Fan
> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Wednesday, April 27, 2022 5:58 PM
> To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>
> Subject: RE: [EXT] [PATCH v4 0/3] cryptodev: move dh type from xform to dh op
>
> Hi Arek,
> > Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should be free
> > to choose for any operation. One xform/session should be enough to
> > perform both DH operations, if op_type would be xform member, session
> > would have to be to be created twice for the same group. Similar
> > problem would be observed in sessionless case.
> > Additionally, it will help extend DH to support Elliptic Curves.
> >
> rte_crypto_asym_op_type is moved to rte_crypto_dh_op_param.
> But why not move to rte_crypto_asym_op? I see that in other ops also, Op_type
> is there, we can move that out. Right?
>
Yes, we could. Although some of the operations do not use op type
(POINT_MULT, MODEX) so we would have to extend asym_op_type to contain
RTE_CRYPTO_ASYM_OP_DEFAULT
/**< Default operation */.
Another proposal was to split op type to:
CRYPTO and KEY_EXCHANGE_OP
like I described in here:
https://patchwork.dpdk.org/project/dpdk/patch/20220407134248.20178-1-arkadiuszx.kusztal@intel.com/
then op stays in algorithm_op.
> Also, I see one more potential issue.
> There is a union of various ops in rte_crypto_asym_op, but how will User
> identify which one to use. There should be a union to identify which Struct to
> choose from.
Could you show how this union would look like?
Normally PMD will reject operations that are incorrectly setup, for example DH_op + ECDSA_xform or incorrect op
type like ENCRYPT.
>
>
> > v4:
> > - changed op_type coment
> > - added openssl fix
> >
> > Arek Kusztal (3):
> > cryptodev: move dh type from xform to dh op
> > crypto/openssl: move dh type from xform to dh op
> > test/crypto: move dh type from xform to dh op
> >
> > app/test/test_cryptodev_asym.c | 11 +++---
> > drivers/crypto/openssl/rte_openssl_pmd.c | 54 ++--------------------------
> > drivers/crypto/openssl/rte_openssl_pmd_ops.c | 26 --------------
> > lib/cryptodev/rte_crypto_asym.h | 14 ++++----
> > 4 files changed, 16 insertions(+), 89 deletions(-)
> >
> > --
> > 2.13.6
^ permalink raw reply [flat|nested] 13+ messages in thread
* RE: [EXT] [PATCH v4 0/3] cryptodev: move dh type from xform to dh op
2022-04-29 6:25 ` Kusztal, ArkadiuszX
@ 2022-05-06 12:05 ` Kusztal, ArkadiuszX
0 siblings, 0 replies; 13+ messages in thread
From: Kusztal, ArkadiuszX @ 2022-05-06 12:05 UTC (permalink / raw)
To: Akhil Goyal, dev; +Cc: Zhang, Roy Fan
Hi Akhil,
> -----Original Message-----
> From: Kusztal, ArkadiuszX
> Sent: Friday, April 29, 2022 8:26 AM
> To: Akhil Goyal <gakhil@marvell.com>; dev@dpdk.org
> Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>
> Subject: RE: [EXT] [PATCH v4 0/3] cryptodev: move dh type from xform to dh op
>
>
>
> > -----Original Message-----
> > From: Akhil Goyal <gakhil@marvell.com>
> > Sent: Wednesday, April 27, 2022 5:58 PM
> > To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org
> > Cc: Zhang, Roy Fan <roy.fan.zhang@intel.com>
> > Subject: RE: [EXT] [PATCH v4 0/3] cryptodev: move dh type from xform
> > to dh op
> >
> > Hi Arek,
> > > Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should be free
> > > to choose for any operation. One xform/session should be enough to
> > > perform both DH operations, if op_type would be xform member,
> > > session would have to be to be created twice for the same group.
> > > Similar problem would be observed in sessionless case.
> > > Additionally, it will help extend DH to support Elliptic Curves.
> > >
> > rte_crypto_asym_op_type is moved to rte_crypto_dh_op_param.
> > But why not move to rte_crypto_asym_op? I see that in other ops also,
> > Op_type is there, we can move that out. Right?
> >
> Yes, we could. Although some of the operations do not use op type
> (POINT_MULT, MODEX) so we would have to extend asym_op_type to contain
> RTE_CRYPTO_ASYM_OP_DEFAULT /**< Default operation */.
> Another proposal was to split op type to:
> CRYPTO and KEY_EXCHANGE_OP
> like I described in here:
> https://patchwork.dpdk.org/project/dpdk/patch/20220407134248.20178-1-
> arkadiuszx.kusztal@intel.com/
> then op stays in algorithm_op.
If op_type will eventually be placed in op_param or in asym_op can be changed later, as it is of less importance.
I would say first we need to decide if we are going to extend this Diffie Hellman struct to support Elliptic Curves (for Montgomery/Edwards there will be another extension, but it is fine, would be in union).
So in this case op_type should not be in xform as:
- DH op will be used with EC xform.
- We would have to create separate sessions for single group.
Then we can add 'point verification' to this or, have separate API structs for all these but then DH would be redundant.
>
> > Also, I see one more potential issue.
> > There is a union of various ops in rte_crypto_asym_op, but how will
> > User identify which one to use. There should be a union to identify
> > which Struct to choose from.
> Could you show how this union would look like?
> Normally PMD will reject operations that are incorrectly setup, for example
> DH_op + ECDSA_xform or incorrect op type like ENCRYPT.
>
> >
> >
> > > v4:
> > > - changed op_type coment
> > > - added openssl fix
> > >
> > > Arek Kusztal (3):
> > > cryptodev: move dh type from xform to dh op
> > > crypto/openssl: move dh type from xform to dh op
> > > test/crypto: move dh type from xform to dh op
> > >
> > > app/test/test_cryptodev_asym.c | 11 +++---
> > > drivers/crypto/openssl/rte_openssl_pmd.c | 54 ++--------------------------
> > > drivers/crypto/openssl/rte_openssl_pmd_ops.c | 26 --------------
> > > lib/cryptodev/rte_crypto_asym.h | 14 ++++----
> > > 4 files changed, 16 insertions(+), 89 deletions(-)
> > >
> > > --
> > > 2.13.6
^ permalink raw reply [flat|nested] 13+ messages in thread
* RE: [PATCH v4 1/3] cryptodev: move dh type from xform to dh op
2022-04-27 7:43 ` [PATCH v4 1/3] " Arek Kusztal
2022-04-27 8:11 ` Zhang, Roy Fan
@ 2022-05-10 9:26 ` Ji, Kai
1 sibling, 0 replies; 13+ messages in thread
From: Ji, Kai @ 2022-05-10 9:26 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev
Acked-by: Kai Ji <kai.ji@intel.com>
> -----Original Message-----
> From: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> Sent: Wednesday, April 27, 2022 8:44 AM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; Kusztal,
> ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v4 1/3] cryptodev: move dh type from xform to dh op
>
> Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should be free to
> choose for any operation. One xform/session should be enough to perform both
> DH operations, if op_type would be xform member, session would have to be to
> be created twice for the same group. Similar problem would be observed in
> sessionless case.
> Additionally, it will help extend DH to support Elliptic Curves.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
^ permalink raw reply [flat|nested] 13+ messages in thread
* RE: [PATCH v4 0/3] cryptodev: move dh type from xform to dh op
2022-04-27 7:43 [PATCH v4 0/3] cryptodev: move dh type from xform to dh op Arek Kusztal
` (4 preceding siblings ...)
2022-04-27 15:57 ` [EXT] " Akhil Goyal
@ 2022-05-10 9:43 ` Ji, Kai
5 siblings, 0 replies; 13+ messages in thread
From: Ji, Kai @ 2022-05-10 9:43 UTC (permalink / raw)
To: Kusztal, ArkadiuszX, dev
Series-acked-by: Kai Ji <kai.ji@intel.com>
> -----Original Message-----
> From: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> Sent: Wednesday, April 27, 2022 8:44 AM
> To: dev@dpdk.org
> Cc: gakhil@marvell.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; Kusztal,
> ArkadiuszX <arkadiuszx.kusztal@intel.com>
> Subject: [PATCH v4 0/3] cryptodev: move dh type from xform to dh op
>
> Operation type (PUBLIC_KEY_GENERATION, SHARED_SECRET) should be free to
> choose for any operation. One xform/session should be enough to perform both
> DH operations, if op_type would be xform member, session would have to be to
> be created twice for the same group. Similar problem would be observed in
> sessionless case.
> Additionally, it will help extend DH to support Elliptic Curves.
>
> v4:
> - changed op_type coment
> - added openssl fix
>
> Arek Kusztal (3):
> cryptodev: move dh type from xform to dh op
> crypto/openssl: move dh type from xform to dh op
> test/crypto: move dh type from xform to dh op
>
> app/test/test_cryptodev_asym.c | 11 +++---
> drivers/crypto/openssl/rte_openssl_pmd.c | 54 ++--------------------------
> drivers/crypto/openssl/rte_openssl_pmd_ops.c | 26 --------------
> lib/cryptodev/rte_crypto_asym.h | 14 ++++----
> 4 files changed, 16 insertions(+), 89 deletions(-)
>
> --
> 2.13.6
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2022-05-10 9:43 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-27 7:43 [PATCH v4 0/3] cryptodev: move dh type from xform to dh op Arek Kusztal
2022-04-27 7:43 ` [PATCH v4 1/3] " Arek Kusztal
2022-04-27 8:11 ` Zhang, Roy Fan
2022-05-10 9:26 ` Ji, Kai
2022-04-27 7:43 ` [PATCH v4 2/3] crypto/openssl: " Arek Kusztal
2022-04-27 8:11 ` Zhang, Roy Fan
2022-04-27 7:44 ` [PATCH v4 3/3] test/crypto: " Arek Kusztal
2022-04-27 8:12 ` Zhang, Roy Fan
2022-04-27 8:12 ` [PATCH v4 0/3] cryptodev: " Zhang, Roy Fan
2022-04-27 15:57 ` [EXT] " Akhil Goyal
2022-04-29 6:25 ` Kusztal, ArkadiuszX
2022-05-06 12:05 ` Kusztal, ArkadiuszX
2022-05-10 9:43 ` Ji, Kai
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).