From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 1A6A3A054F for ; Wed, 25 May 2022 12:43:25 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 9D10E40146; Wed, 25 May 2022 12:43:24 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by mails.dpdk.org (Postfix) with ESMTP id 01656400EF for ; Wed, 25 May 2022 12:43:22 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1653475403; x=1685011403; h=from:to:subject:date:message-id:references:in-reply-to: mime-version; bh=8qtRRTQ8WQMwISuv7uMe70QYdSvlRbTy/Yzl949CykY=; b=CaVkiad6SZq1WFw4Ks3Kka7wyQ7hRA3Pfrb3YDPBK9jne9EcRyx3kH0A wO2sa8q4To7jx4TrB03Mo5r11AU5RGxrXMT05NYt9DdBEb23D/UcZ5wOL RKiGuDERV4AyKWpuRkjys2Xy8NVUEDYgpUD7vKfhlw60vvhE9bhXsVNH5 NBTMU8UKfNKhEoveipJgXnhtNBHb108fKOZrMQZ5By9BZLczna+KdwTKG Mb8uFWHOKNUBpQ4V3IAv++2QpUxOllapc7P0t7lUjBLKbPTTLIfy6SDqi 00r73k19eHub/1+IR0Cvq8CnTJFwIVlc20ZkY2M0HjMaFeTtMzY4FGvDe w==; X-IronPort-AV: E=McAfee;i="6400,9594,10357"; a="299112913" X-IronPort-AV: E=Sophos;i="5.91,250,1647327600"; d="scan'208,217";a="299112913" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 May 2022 03:43:22 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.91,250,1647327600"; d="scan'208,217";a="676815970" Received: from fmsmsx606.amr.corp.intel.com ([10.18.126.86]) by fmsmga002.fm.intel.com with ESMTP; 25 May 2022 03:43:21 -0700 Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Wed, 25 May 2022 03:43:21 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Wed, 25 May 2022 03:43:21 -0700 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.104) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Wed, 25 May 2022 03:43:21 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CQ5aAAHdAKp1k0s7gxHDsdEfEFo4EZpK/Uu9G+YG+JCock20UhCgWGo+q3k5gWUKvOa7jYpPYaVU4FniA9XYG6IMZWYQt4rf0u5mY3q1DeRC8tHTzvkpTLtLY/VETV2zVM5KArrOVC7oQsGIC1M6ePvoDPDKg/O80iGdFd+B4oa94RgE3HnAhqYNprebfmKFOgQELKo/Lgc5AXf5YatjEs0SsB0hZoy/RWINgaOfyDgiEqzqSHLanW1Ti4wi5qF7y+M8mRTBqSGAmEANcb1GR03OPsSOsFTtPrFWTng8A2Nu90MgGFoTD+lYTWLNz3HnCuxH60YxdBFwTF6eU/mX5w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eBo7MfRJFdqc0usbusk1TgWpOHBJMQmhMC6yOMzz6zk=; b=kIDqL/CE8Xedvgs1YfUH9MTTYw70v/4JdjP91RpUZ51eeNJs1ntIuwAYyLuKCnyHZsukEk+OwNse3AwOkpjsq9eG8+aw71cLCpV9ouE20UF8jPR5spRBEUKYYKGVJu2AJXO2q4PMH0qz5ebrAZQrTd1UGhsKtFwYv+cvXGW57i0vC2H/CvbFExArNbe3ABNHaLd25TgdTAR7j6py9hYZ7Z3fajr7maYfc8EDhxVMvTbZdJszXgYBLMAS5S4g1jcJlG/aNW0CeL2ZHeHx9lh7kRK4LVY+1qpWxNEek1gPDfsAYr696ey5cf9jNcNkjvJxQhLqBeHHxp+rc1wLCJZY9w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5013.namprd11.prod.outlook.com (2603:10b6:510:30::21) by MWHPR11MB1342.namprd11.prod.outlook.com (2603:10b6:300:1e::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5293.13; Wed, 25 May 2022 10:43:19 +0000 Received: from PH0PR11MB5013.namprd11.prod.outlook.com ([fe80::fc0f:1644:98b5:be1]) by PH0PR11MB5013.namprd11.prod.outlook.com ([fe80::fc0f:1644:98b5:be1%5]) with mapi id 15.20.5273.023; Wed, 25 May 2022 10:43:19 +0000 From: "Kusztal, ArkadiuszX" To: Balakrishnan K , "users@dpdk.org" Subject: RE: how to use crypto openssl PMD for asymmetric encryption and decryption Thread-Topic: how to use crypto openssl PMD for asymmetric encryption and decryption Thread-Index: Adhul7L76HpVKxCxQgm6OmL7h9++VgACBMowACMLKYAACHjIQAAGYdCQAC24WYAAASZVAA== Date: Wed, 25 May 2022 10:43:19 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_ActionId=1e9b2051-9f45-4073-b7f5-e6b509538b52; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_ContentBits=0; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_Enabled=true; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_Method=Privileged; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_Name=General-Test; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_SetDate=2022-05-23T11:32:59Z; MSIP_Label_5cbf6393-50e2-4904-bc3e-1804619f2b03_SiteId=20210462-2c5e-4ec8-b3e2-0be950f292ca; dlp-reaction: no-action dlp-version: 11.6.500.17 dlp-product: dlpe-windows authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 6bc9f140-e35d-4972-18db-08da3e3b61cd x-ms-traffictypediagnostic: MWHPR11MB1342:EE_ x-microsoft-antispam-prvs: x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 6FkCOneEkEIQovrwTxvHP91Tu9N6d3tbWs3U63KYHpbq8XMDcdk8tM1OKdNLqPi/x7qqH6N6Gjv8MZkuTlQG/BNDhBh1M/HiOziyaWtutUZNo6+lh2Me+drUnIl4K+rjf0GzxlwM3JizF9ohJgFXgfNs7ywwppax3QEEtalKAn2vM/PXvc+OzRoaIXTTkKd4ps8k5FL8NkSQ4I3X56c2DJK+Co7NgzQtbDryXoFcV9y+yCyKRwnTDXTJEP+/JYFMoXflujsgap8w3JaNfeWbsa8WtRHQUdQ182i30HJfklOLMY/asw4oVrjkzeacZXLDDRy6Tu5K2sT+3PoyGWhlmNL/mJjEBRP9UvaU331y5T3FlBOZUA4IbWzmzJKiv3c7a+4pTko+tEBiAM8wtrmLSFFrs7ecLe0NXbkTgoMyFIVJzOfImEsvwQ9gs1RD0gWulOpPECIdhACXN7ccrqLgXPTEPjqxL6TQQOopbvmE6tQIQNabqtK/s25eXI3AtrPW3gpqDLTb5S6lMhhkeewpaJs7IgNWuZLFNpKADh9eyErCH+DSPXpRK1qk1V7LCy3B1An3R5lIhSzCfP5GYew9VHeg0cLqBBOhH7D3/pZQtGjfz2y3xIjsc0sq/KdPysCayuFlpREHTKarS7cv70L8kTRIRn1UWY44QqQTmb7kWfETd9r4pswXpGdyjGWC++nUsrJdWm0F/MYYZ+7dxGzO9f9NuBy+7OHmBhZsUfAYQ6NEaRhnkSz66BlmBapg9//z7MSBKPUakqhvu3R06Gi0rhuWDOtZsFlF9Koe/8p3z18= x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR11MB5013.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(76116006)(55016003)(38100700002)(316002)(66446008)(66476007)(66556008)(8676002)(64756008)(66946007)(110136005)(508600001)(71200400001)(166002)(86362001)(966005)(9326002)(52536014)(5660300002)(8936002)(186003)(82960400001)(26005)(122000001)(9686003)(33656002)(2906002)(83380400001)(53546011)(7696005)(6506007)(38070700005); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?nWGQDbQPWeNwCG1WdUtmacTEsbFISzgVC8SCT0JFs/6U4cujEGHW4ReGBj4k?= =?us-ascii?Q?w5c+4bfdw4xsi8nj9ED4mIk7Bq8pzkht57gh/zz9H9ezLJQtXoBdesqJSwkm?= =?us-ascii?Q?hNDqhEaOKiXtrMjED/VXH3OMHFP3bnks5f4IXETSKM4WfGITW6eoQd0QL0X9?= =?us-ascii?Q?Y83Qp2/bKjhgDy/W+/1Cjjnmhpz0yQdR6/Z37/0UDP0vQa23HA7yTWZhRl4k?= =?us-ascii?Q?ir/mUaxhXxF18OTVCpGSxZdOoYIAXjYZwVGCFn3h0K/XXPAybhHW3cyEHjv/?= =?us-ascii?Q?SM36wGdiZObpASKw54yjEOaDMH/HPrvfck1khKr0Wm00VosD6t60yK1v+UZ/?= =?us-ascii?Q?iWmSipgpMD5Svtn0xZ8Vw+4R/w9O2qRmXbVc7K5bEfuoOQWy3RTMmRT3KiWj?= =?us-ascii?Q?lNDMq9pqtc1bEfMH0aAIrPn20/HCCD1vyTdamFcBVtuBxCRsYBqy1uBZ+QfI?= =?us-ascii?Q?MhMs/Y4aouRC3IhUJ0g92D3HD8EKTloJeTWSsVwDJtcWs1agoFfzjsBdH+6T?= =?us-ascii?Q?ayQZh3dEnA6/c1XJc3Em4A593n9M+F/XpvZLL9ApaIekyKD0XYA1JmP3el8v?= =?us-ascii?Q?nG2lfEf0/TMPxI+wPdufgnsJgONrnRcm/Y0+Vev2PaiROhZYx6C/Uj9+q4yy?= =?us-ascii?Q?Vw9siivV4DiP3CTMCLcf62NSazg5rp9etsvAf+gLGZ+qcmjsy/kSSOrL7Fng?= =?us-ascii?Q?1DjkQa5rCURceNcDqEPQ0iPKKeq/+/PaSePcbR9PlWQ7qOTPhnsPQ2Ohqaeu?= =?us-ascii?Q?r8wenEy7Fc+/WRNCpcPV39uHAJ8h1Zhr9GeirAydS/YIrwgNUaJMkVDJ4LkU?= =?us-ascii?Q?aCqY0+UV2YRKw0MInftekFR4H9+ibDrKud68Gy6ie58ZvqtcjM4+ad2bmPc4?= =?us-ascii?Q?AJvvuqmd61+MouxrNvbJOWtIgaCJCHsVFhclNhbXgkrwKWf3vuh7J2pDoupz?= =?us-ascii?Q?XqEaIJN1Bphvqr8Q5Ugzsv/tjbiedaI+Z8MZg5uIHHtTkDaCnw6O6eEO55C9?= =?us-ascii?Q?iyyHHyIxVjugrxgVIWkmbUyV5t1BFX9ihCNw/C/pH4vnckFbcDvbChXO+5Rh?= =?us-ascii?Q?4D2q3NJUQCBK7DVco+dF827N9iiI6mVUZEanOkO3tHlyUpwEQpCDUVI6+kTa?= =?us-ascii?Q?Uk4Q1U+J4zI0hyqB2psdKeZeOJw3p+8KphRVUUsGTU9yD7J4/rV3nwiQNFzV?= =?us-ascii?Q?whGANAOgG3XOITo+dpmJ0EnFl25Mig4V/kJcKTpGr35I2oa7/Vi1ZpgyC/Fw?= =?us-ascii?Q?lEKT1QnS+Ym1Nct1t6R7nyR7CilQ7t+E8GJ2buZNbwqcu8iiJHQplTm1rlzY?= =?us-ascii?Q?LlwVmja4pXoOLO4ZZHCDt0gwdh1MVMST1Qv0vpH9BKcdxYQRxTqJmimo7GU+?= =?us-ascii?Q?dQYhuX+BmJsMIzIYlGYEXesZfEKt05Vmq5lGdRTRVahmffVdMy2+N7nMm16r?= =?us-ascii?Q?44wiA6tccrUIz8bn09Hqz78dVc2v1ID2OLYRBZ1dn6IcPCeG/fu3JOkA0wP0?= =?us-ascii?Q?TeVtza2I+OHxM/7YI3om4UjoqiJn+JKzQy5CuHmd9W09XjthWrX4ZITnxoma?= =?us-ascii?Q?IecLWXrju5IdcoTQ0QcSJEQ8SWm+Rdk3Gfw4H8agtrz0DOLEYK8dSWYXYS19?= =?us-ascii?Q?5WEchdkdFMJCqoJysAWnB2bKFjFt2TVxyF+kX2/5miz49LPQfIn059D4bwKe?= =?us-ascii?Q?tfI/wHOQ0HyJrudzdoNVBSn3JVLHN7KmIOKQvNH4wNzp8Am/6qiijV2pH3vI?= =?us-ascii?Q?IM/x3VQ7DkmMf5gC+lv6RN47F0hrsN0=3D?= Content-Type: multipart/alternative; boundary="_000_PH0PR11MB501357854C12FD948B85BE0F9FD69PH0PR11MB5013namp_" MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5013.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6bc9f140-e35d-4972-18db-08da3e3b61cd X-MS-Exchange-CrossTenant-originalarrivaltime: 25 May 2022 10:43:19.0843 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: T0TQz5ln6UMCmXxayP5X3EyEE5/D3fokQqtYmGED8v3lp2b+it5QSI/n4M+sFpfPVRHbEEztzCpdifi692D+T85Jv9LpKrcNkVZ73l0K3y4= X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1342 X-OriginatorOrg: intel.com X-BeenThere: users@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK usage discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: users-bounces@dpdk.org --_000_PH0PR11MB501357854C12FD948B85BE0F9FD69PH0PR11MB5013namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Bala, To fill the below struct do I need to extract Publickey exponent , Private = key exponent etc. [Arek] - yes, you need to convert keys into big-endian unsigned integer. In the file "test_cryptodev_rsa_test_vectors.h" there are few examples. Regards, Arek From: Balakrishnan K Sent: Wednesday, May 25, 2022 12:08 PM To: Kusztal, ArkadiuszX ; users@dpdk.org Subject: RE: how to use crypto openssl PMD for asymmetric encryption and de= cryption Hi Arek, I have public and private key with me which can be used for encryption/= decryption. To fill the below struct do I need to extract Publickey exponent , Private = key exponent etc. The reason why I am asking is, in openssl for encryption we will use key di= rectly with the exposed API. Example : RSA_private_encrypt(strlen(msg), (unsigned char *)msg, encrypted, rsa, RSA_= PKCS1_PADDING); Here in dpdk the rsa struct looks different . Thanks in advance. struct rte_crypto_rsa_xform { rte_crypto_param n; /**< n - Modulus * Modulus data of RSA operation in Octet-string network * byte order format. */ rte_crypto_param e; /**< e - Public key exponent * Public key exponent used for RSA public key operations in Octet- * string network byte order format. */ enum rte_crypto_rsa_priv_key_type key_type; __extension__ union { rte_crypto_param d; /**< d - Private key exponent * Private key exponent used for RSA * private key operations in * Octet-string network byte order format. */ struct rte_crypto_rsa_priv_key_qt qt; /**< qt - Private key in quintuple format */ }; }; Regards, Bala From: Balakrishnan K Sent: 24 May 2022 17:42 To: Kusztal, ArkadiuszX >; users@dpdk.org Subject: RE: how to use crypto openssl PMD for asymmetric encryption and de= cryption Hi Arek, Thanks for the detailed explanation. Regards, Bala From: Kusztal, ArkadiuszX > Sent: 24 May 2022 14:44 To: Balakrishnan K >; users@dpdk.org Subject: RE: how to use crypto openssl PMD for asymmetric encryption and de= cryption I should use debug_hexdump(stdout, "encrypted message", asym_op->rsa.cipher.data, asym_op->rsa.cipher.length); to check the encrypted message for the input given? Yes, currently it works this way. The same way output for decryption will b= e placed in asym_op->rsa.message.data and input in asym_op->rsa.cipher.data= . More explanations can be found in rte_crypto_asym.h file https://doc.dpdk.org/api/structrte__crypto__rsa__op__param.html. From: Balakrishnan K > Sent: Tuesday, May 24, 2022 7:24 AM To: Kusztal, ArkadiuszX >; users@dpdk.org Subject: RE: how to use crypto openssl PMD for asymmetric encryption and de= cryption Hi Arek, Thanks for quick response. I am using resulted output vector to verify the encrypted message. I thought the encrypted data will be in the asym_op->rsa.message.data after= rte_cryptodev_enqueue_burst and rte_cryptodev_enqueue_burst call with oper= ation type RTE_CRYPTO_ASYM_OP_ENCRYPT. So ,I checked the hex_dump of asym_op->rsa.message.data. Code snippet: asym_op =3D result_op->asym; debug_hexdump(stdout, "encrypted message", asym_op->rsa.message.data, asym_op->rsa.message.length); Encrypted data will be placed in asym_op->rsa.cipher.data after crypto oper= ation is my understanding is correct ? I should use debug_hexdump(stdout, "encrypted message", asym_op->rsa.cipher.data, asym_op->rsa.cipher.length); to check the encrypted message for the input given? Regards, Bala From: Kusztal, ArkadiuszX > Sent: 23 May 2022 18:15 To: Balakrishnan K >; users@dpdk.org Subject: RE: how to use crypto openssl PMD for asymmetric encryption and de= cryption CAUTION: This email originated from outside of the organization. Do not cli= ck links or open attachments unless you recognize the sender and know the c= ontent is safe. Hi Bala, Ciphertext will be written into asym_op->rsa.cipher.data (not message.data)= by the PMD, here you are using same address for both hex dumps. Although there is a bug in debug_hexdump in this function which may cause t= his confusion. Plus, the test you are referring is PWCT test (Pairwise conditional test) -= > it will encrypt, then decrypt. Please take a look into this comment in queue_ops_rsa_enc_dec function: /* Use the resulted output as decryption Input vector* So above this line there is an encryption part. Below is decryption. Regards, Arek From: Balakrishnan K > Sent: Monday, May 23, 2022 1:33 PM To: users@dpdk.org Subject: how to use crypto openssl PMD for asymmetric encryption and decryp= tion Hi All, I am new to dpdk. Planning to use openssl crypto PMD for encrypting/decr= ypting the packets. Couldn't find much documents on openssl PMD for asymmetric encryption/decry= ption. Any one please point me in the right document. I have tried to run the test cases wrote for asymmetric crypto using openss= l virtual PMD. But the output of particular test case is same after the encryption done. File : app/test/test_cryptodev_asym.c Test executable: ./app/test/dpdk-test Test case : test_rsa_enc_dec Input given to encryption: message at [0x1894e60], len=3D20 00000000: F8 BA 1A 55 D0 2F 85 AE 96 7B B6 2F B6 CD A8 EB | ...U./...{./...= . 00000010: 7E 78 A0 50 | ~x.P After processing the output also looks like same : encrypted message exist at [0x1894e60], len=3D20 00000000: F8 BA 1A 55 D0 2F 85 AE 96 7B B6 2F B6 CD A8 EB | ...U./...{./...= . 00000010: 7E 78 A0 50 Regards, Bala --_000_PH0PR11MB501357854C12FD948B85BE0F9FD69PH0PR11MB5013namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi Bala,

 

To fill the below struct do I n= eed to extract Publickey exponent , Private key exponent etc.

[Arek] – yes, you need to convert keys into bi= g-endian unsigned integer.

In the file “test_cryptodev_rsa_test_vectors.h= ” there are few examples.

 

Regards,

Arek

 

 

From: Balakrishnan K <Balakrishnan.K1@tata= communications.com>
Sent: Wednesday, May 25, 2022 12:08 PM
To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; users@= dpdk.org
Subject: RE: how to use crypto openssl PMD for asymmetric encryption= and decryption

 

Hi Arek,

    I have publi= c and private key with me which can be used for encryption/decryption.=

 

To fill the below struct do I n= eed to extract Publickey exponent , Private key exponent etc.

The reason why I am asking is, = in openssl for encryption we will use key directly with the exposed API.

Example :

 

RSA_private_encrypt(strlen(msg), (unsigned char *)msg, encr= ypted, rsa, RSA_PKCS1_PADDING);

 

Here in dpdk the rsa struct loo= ks different .

 

Thanks in advance.

 

struct rte_crypto_rsa_xform {

rte_crypto_param n;<= /span>

     &= nbsp;  /**< n - Modulus

     &= nbsp;   * Modulus data of RSA operation in Octet-string network

     &= nbsp;   * byte order format.

     &= nbsp;   */

 

     &= nbsp;  rte_crypto_param e;

     &= nbsp;  /**< e - Public key exponent

     &= nbsp;   * Public key exponent used for RSA public key operations = in Octet-

     &= nbsp;   * string network byte order format.

     &= nbsp;   */

 

     &= nbsp;  enum rte_crypto_rsa_priv_key_type key_type;

 

     &= nbsp;  __extension__

     &= nbsp;  union {

     &= nbsp;          rte_crypto_para= m d;

     &= nbsp;          /**< d - Pri= vate key exponent

     &= nbsp;           * Private= key exponent used for RSA

     &= nbsp;           * private= key operations in

     &= nbsp;           * Octet-s= tring  network byte order format.

     &= nbsp;           */

 

     &= nbsp;          struct rte_cryp= to_rsa_priv_key_qt qt;

     &= nbsp;          /**< qt - Pr= ivate key in quintuple format */

     &= nbsp;  };

};

 

 

Regards,

Bala

From: Balakrishnan K
Sent: 24 May 2022 17:42
To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; users@dpdk.org
Subject: RE: how to use crypto openssl PMD for asymmetric encryption= and decryption

 

Hi Arek,

  Thanks for the detailed explanation.

 

Regards,

Bala

 

From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
Sent: 24 May 2022 14:44
To: Balakrishnan K <Balakrishnan.K1@tatacommunications.com>; users@dpdk.org
Subject: RE: how to use crypto openssl PMD for asymmetric encryption= and decryption

 

I should use 
debug_hexdump(stdout, "encrypted message", asym_op->rsa.c=
ipher.data,
           &nbs=
p;          asym_op->rsa.ci=
pher.length);
to check the encrypted message for the input given?

 

Yes, currently it works this way. The same way outpu= t for decryption will be placed in asym_op->rsa.message.data and input i= n asym_op->rsa.cipher.data.

More explanations can be found in rte_crypto_asym.h = file

https://doc.dpdk= .org/api/structrte__crypto__rsa__op__param.html.

 

From: Balakrishnan K <Balakrishnan.K1@tatacommunications.co= m>
Sent: Tuesday, May 24, 2022 7:24 AM
To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; users@dpdk.org
Subject: RE: how to use crypto openssl PMD for asymmetric encryption= and decryption

 

Hi Arek,

   Thanks for quick response.

I am using resulted output vector to verify the encr= ypted message.

I thought the encrypted data will be in the asym_op->rsa.message.d=
ata after rte_cryptodev_enqueue_burst and rte_cryptodev_enqueue_burst call =
with operation type RTE_CRYPTO_ASYM_OP_ENCRYPT.
So ,I checked the hex_dump of asym_op->rsa.message.data.
 
Code snippet:
asym_op =3D result_op->asym;
debug_hexdump(stdout, "encrypted message", asym_op->rsa.m=
essage.data,
           &nbs=
p;          asym_op->rsa.me=
ssage.length);
 
 
 
Encrypted data will be placed in asym_op->rsa.cipher.=
data after crypto operation is my understanding is correct ?

I should use 


debug_hexdump(stdout, "encrypted message", asym_op->rsa.c=
ipher.data,


           &nbs=
p;          asym_op->rsa.ci=
pher.length);


to check the encrypted message for the input given?


 


 


Regards,


Bala 


 


 






From: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>


Sent: 23 May 2022 18:15

To: Balakrishnan K <Balakrishnan.K1@tatacommunications.com>;
users@dpdk.org

Subject: RE: how to use crypto openssl PMD for asymmetric encryption=
 and decryption






 




CAUTION: This email =
originated from outside of the organization. Do not click links or open att=
achments unless you recognize the sender
 and know the content is safe. 






Hi Bala,


 


Ciphertext will be written into asym_op->rsa.ciph=
er.data (not message.data) by the PMD, here you are using same address for =
both hex dumps.


Although there is a bug in debug_hexdump in this fun=
ction which may cause this confusion.


 


Plus, the test you are referring is PWCT test (Pairw=
ise conditional test) -> it will encrypt, then decrypt.


Please take a look into this comment in queue_ops_rs=
a_enc_dec function:


/* Use the resulted output as decryption Input vecto=
r*


So above this line there is an encryption part.=



Below is decryption.     &n=
bsp;     


 


Regards,


Arek


 








From: Balakrishnan K <Balakrishnan.K1@tatacommunications.com>


Sent: Monday, May 23, 2022 1:33 PM

To: users@dpdk.org

Subject: how to use crypto openssl PMD for asymmetric encryption and=
 decryption






 


Hi All,


   I am new to dpdk. Planning to use opens=
sl crypto PMD for encrypting/decrypting  the packets.


Couldn’t find much documents on openssl PMD fo=
r asymmetric encryption/decryption.


Any one please point me in the right document.<=
/o:p>


 


I have tried to run the test cases wrote for asymmet=
ric crypto using openssl virtual PMD.


But the output of particular test case is same after=
 the encryption done.


 


File : app/test/test_cryptodev_asym.c


Test executable: ./app/test/dpdk-test


Test case : test_rsa_enc_dec


    


Input given to encryption:    =
;          


message at [0x1894e60], len=3D20


00000000: F8 BA 1A 55 D0 2F 85 AE 96 7B B6 2F B6 CD =
A8 EB | ...U./...{./....


00000010: 7E 78 A0 50     &=
nbsp;           &nbs=
p;            &=
nbsp;      | ~x.P


 


After processing the output also looks like same =
:


encrypted message exist at [0x1894e60], len=3D20


00000000: F8 BA 1A 55 D0 2F 85 AE 96 7B B6 2F B6 CD =
A8 EB | ...U./...{./....


00000010: 7E 78 A0 50


 


 


Regards,


Bala
--_000_PH0PR11MB501357854C12FD948B85BE0F9FD69PH0PR11MB5013namp_--