Discussion:
[dpdk-dev] [RFC] specifications for asymmetric crypto algorithms
Umesh Kartha
2017-03-22 10:16:42 UTC
Permalink
This RFC contains specifications for asymmetric crypto algorithms.
Asymmetric crypto algorithms are essential part of protocols such as
SSL/TLS. As the current DPDK crypto library lacks support for asymmetric
crypto algorithms, this RFC is an attempt to address it.

Cavium offers PCI hardware accelerators that supports symmetric and
asymmetric crypto algorithms, of which a few are addressed in this RFC.
Once specifications are agreed upon, I can submit a patch for the same.
We will develop a poll mode driver which can offload to OpenSSL crypto
library and to Cavium crypto accelerator.

The asymmetric crypto algorithms supported in this version are:

1 RSA
- RSA Sign
- RSA Verify
- RSA Public Encrypt
- RSA Private Decrypt

Padding schemes supported for RSA operations are
* RSA PKCS#1 BT1
* RSA PKCS#1 BT2
* RSA PKCS#1 OAEP
* RSA PKCS#1 PSS

2 ECDSA
- ECDSA Sign
- ECDSA Verify

Curves supported for ECDSA operations are
* Prime192v1
* Secp224k1
* Prime256v1
* Secp384r1
* Secp521r1

3 MODEXP

4 FUNDAMENTAL ECC
- Point Addition
- Point Multiplication
- Point Doubling

Curves supported for fundamental ECC operations are same as that of
ECDSA operations.

Asymmetric crypto transform operations support both session oriented
mode (WIP) and session less mode. If the operation is sessionless, an
asymmetric crypto transform structure, containing immutable parameters,
is passed along with per-operation mutable parameters in the structure.
Specific structures were written to contain immutable parameters
depending on algorithm used for crypto transform operation. The
parameters and type of transform is distinguished by the algorithm for
which the transform structure is filled. For a particular asymmetric
algorithm, not all parameters will be used and hence not required to be
filled.

Unlike symmetric operations, asymmetric operations can have more than
one resultant component for a single transform. Hence, only for select
operation types do we use destination mbuf structure passed along with
other operation parameters. The lengths of input and output parameters
are fixed and short. Depending on the algorithm, the number of inputs to
crypto transform operation, both mutable and immutable parameters,
vary. Depending on the algorithm, the type of data expected at source
mbuf varies and has been described.

---
lib/librte_cryptodev/rte_crypto.h | 135 ++++-
lib/librte_cryptodev/rte_crypto_asym.h | 881 +++++++++++++++++++++++++++++++++
2 files changed, 1013 insertions(+), 3 deletions(-)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h

diff --git lib/librte_cryptodev/rte_crypto.h lib/librte_cryptodev/rte_crypto.h
index 9019518..a8720bf 100644
--- lib/librte_cryptodev/rte_crypto.h
+++ lib/librte_cryptodev/rte_crypto.h
@@ -51,6 +51,7 @@
#include <rte_common.h>

#include "rte_crypto_sym.h"
+#include "rte_crypto_asym.h"

/** Crypto operation types */
enum rte_crypto_op_type {
@@ -58,6 +59,8 @@ enum rte_crypto_op_type {
/**< Undefined operation type */
RTE_CRYPTO_OP_TYPE_SYMMETRIC,
/**< Symmetric operation */
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC,
+ /**< Asymmetric operation */
};

/** Status of crypto operation */
@@ -75,6 +78,29 @@ enum rte_crypto_op_status {
* Symmetric operation failed due to invalid session arguments, or if
* in session-less mode, failed to allocate private operation material.
*/
+ RTE_CRYPTO_OP_STATUS_RSA_DATA_TOO_LARGE,
+ /**< Length of data to be encrypted/signed is too large */
+ RTE_CRYPTO_OP_STATUS_PKCS_DECRYPT_FAILED,
+ /**<
+ * PKCS decrypt operation failed due to bad padding.
+ */
+ RTE_CRYPTO_OP_STATUS_RSA_VERIFY_FAILED,
+ /**<
+ * PKCS RSA signature verification failed.
+ */
+ RTE_CRYPTO_OP_STATUS_ECDSA_INVALID_SIGNATURE,
+ /**<
+ * ECDSA signature generation failed due to either ECDSA_SIGN->r or
+ * ECDSA_SIGN->s component being invalid.
+ */
+ RTE_CRYPTO_OP_STATUS_ECDSA_VERIFY_FAILED,
+ /**<
+ * ECDSA signature verification failed.
+ */
+ RTE_CRYPTO_OP_STATUS_ECC_POINT_AT_INFINITY,
+ /**<
+ * ECC Operation failed due to point at infinity
+ */
RTE_CRYPTO_OP_STATUS_INVALID_ARGS,
/**< Operation failed due to invalid arguments in request */
RTE_CRYPTO_OP_STATUS_ERROR,
@@ -116,6 +142,8 @@ struct rte_crypto_op {
union {
struct rte_crypto_sym_op *sym;
/**< Symmetric operation parameters */
+ struct rte_crypto_asym_op *asym;
+ /**< Asymmetric operation parameters */
}; /**< operation specific parameters */
} __rte_cache_aligned;

@@ -141,6 +169,14 @@ struct rte_crypto_op {

__rte_crypto_sym_op_reset(op->sym);
break;
+ case RTE_CRYPTO_OP_TYPE_ASYMMETRIC:
+ /** Asymmetric operation structure starts after the end of the
+ * rte_crypto_op strucutre.
+ */
+ op->asym = (struct rte_crypto_asym_op *)(op + 1);
+ op->type = type;
+
+ __rte_crypto_asym_op_reset(op->asym);
default:
break;
}
@@ -303,13 +339,25 @@ struct rte_crypto_op_pool_private {
__rte_crypto_op_get_priv_data(struct rte_crypto_op *op, uint32_t size)
{
uint32_t priv_size;
+ int type = op->type;

if (likely(op->mempool != NULL)) {
priv_size = __rte_crypto_op_get_priv_data_size(op->mempool);

- if (likely(priv_size >= size))
- return (void *)((uint8_t *)(op + 1) +
+ if (likely(priv_size >= size)) {
+ switch (type) {
+ case RTE_CRYPTO_OP_TYPE_SYMMETRIC:
+ return (void *)((uint8_t *)(op + 1) +
sizeof(struct rte_crypto_sym_op));
+ break;
+ case RTE_CRYPTO_OP_TYPE_ASYMMETRIC:
+ return (void *)((uint8_t *)(op + 1) +
+ sizeof(struct rte_crypto_asym_op));
+ break;
+ default:
+ break;
+ }
+ }
}

return NULL;
@@ -320,7 +368,7 @@ struct rte_crypto_op_pool_private {
* If operation has been allocate from a rte_mempool, then the operation will
* be returned to the mempool.
*
- * @param op symmetric crypto operation
+ * @param op crypto operation
*/
static inline void
rte_crypto_op_free(struct rte_crypto_op *op)
@@ -410,6 +458,87 @@ struct rte_crypto_op_pool_private {
return __rte_crypto_sym_op_attach_sym_session(op->sym, sess);
}

+/**
+ * Allocate an asymmetric crypto operation in the private data of an mbuf.
+ *
+ * @param m mbuf which is associated with the crypto operation, the
+ * operation will be allocated in the private data of that
+ * mbuf.
+ *
+ * @returns
+ * - On success returns a pointer to the crypto operation.
+ * - On failure returns NULL.
+ */
+static inline struct rte_crypto_op *
+rte_crypto_asym_op_alloc_from_mbuf_priv_data(struct rte_mbuf *m)
+{
+ if (unlikely(m == NULL))
+ return NULL;
+
+ /*
+ * check that the mbuf's private data size is sufficient to contain a
+ * crypto operation
+ */
+ if (unlikely(m->priv_size < (sizeof(struct rte_crypto_op) +
+ sizeof(struct rte_crypto_asym_op))))
+ return NULL;
+
+ /* private data starts immediately after the mbuf header in the mbuf. */
+ struct rte_crypto_op *op = (struct rte_crypto_op *)(m + 1);
+
+ __rte_crypto_op_reset(op, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+
+ op->mempool = NULL;
+ op->asym->m_src = m;
+
+ return op;
+}
+
+/**
+ * Allocate space for asymmetric crypto xforms in the private data space of the
+ * crypto operation. This also defaults the crypto xform type and configures
+ * the chaining of the xforms in the crypto operation
+ *
+ * @return
+ * - On success returns pointer to first crypto xform in crypto operations chain
+ * - On failure returns NULL
+ */
+static inline struct rte_crypto_asym_xform *
+rte_crypto_op_asym_xforms_alloc(struct rte_crypto_op *op, uint8_t nb_xforms)
+{
+ void *priv_data;
+ uint32_t size;
+
+ if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_ASYMMETRIC))
+ return NULL;
+
+ size = sizeof(struct rte_crypto_asym_xform) * nb_xforms;
+
+ priv_data = __rte_crypto_op_get_priv_data(op, size);
+ if (priv_data == NULL)
+ return NULL;
+
+ return __rte_crypto_asym_op_asym_xforms_alloc(op->asym, priv_data,
+ nb_xforms);
+}
+
+
+/**
+ * Attach a session to a crypto operation
+ *
+ * @param op crypto operation, must be of type asymmetric
+ * @param sess cryptodev session
+ */
+static inline int
+rte_crypto_op_attach_asym_session(struct rte_crypto_op *op,
+ struct rte_cryptodev_asym_session *sess)
+{
+ if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_ASYMMETRIC))
+ return -1;
+
+ return __rte_crypto_asym_op_attach_asym_session(op->asym, sess);
+}
+
#ifdef __cplusplus
}
#endif
diff --git lib/librte_cryptodev/rte_crypto_asym.h lib/librte_cryptodev/rte_crypto_asym.h
new file mode 100644
index 0000000..9dfd579
--- /dev/null
+++ lib/librte_cryptodev/rte_crypto_asym.h
@@ -0,0 +1,881 @@
+/*
+ * BSD LICENSE
+ *
+ * Copyright (C) Cavium Networks Ltd. 2017.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Cavium Networks nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _RTE_CRYPTO_ASYM_H_
+#define _RTE_CRYPTO_ASYM_H_
+
+/**
+ * @file rte_crypto_asym.h
+ *
+ * RTE Definitions for Asymmetric Cryptography
+ *
+ * Defines asymmetric algorithms and modes, as well as supported
+ * asymmetric crypto operations.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <string.h>
+#include <stdint.h>
+#include <rte_mbuf.h>
+#include <rte_memory.h>
+#include <rte_mempool.h>
+#include <rte_common.h>
+#include "rte_crypto_sym.h"
+
+/** Asymmetric crypto transformation types */
+enum rte_crypto_asym_xform_type {
+ RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED = 0,
+ RTE_CRYPTO_ASYM_XFORM_RSA,
+ RTE_CRYPTO_ASYM_XFORM_MODEX,
+ RTE_CRYPTO_ASYM_XFORM_ECDSA,
+ RTE_CRYPTO_ASYM_XFORM_FECC,
+ RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
+};
+
+/**
+ * RSA operation type variants
+ */
+enum rte_crypto_rsa_optype {
+ RTE_CRYPTO_RSA_OP_NOT_SPECIFIED = 1,
+ /**< RSA operation unspecified */
+ RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT,
+ /**< RSA public encrypt operation */
+ RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT,
+ /**< RSA private decrypt operation */
+ RTE_CRYPTO_RSA_OP_SIGN,
+ /**< RSA private key signature operation */
+ RTE_CRYPTO_RSA_OP_VERIFY,
+ /**< RSA public key verification operation */
+ RTE_CRYPTO_RSA_OP_LIST_END
+};
+
+/**
+ * Modular exponentiaion operation type variants
+ */
+enum rte_crypto_modex_optype {
+ RTE_CRYPTO_MODEX_OP_NOT_SPECIFIED = 1,
+ /**< ModEx operation type unspecified */
+ RTE_CRYPTO_MODEX_OP_MODEX,
+ /**< Modex operation modular exponentiation */
+ RTE_CRYPTO_MODEX_OP_LIST_END
+};
+
+/**
+ * ECDSA operation type variants
+ */
+enum rte_crypto_ecdsa_optype {
+ RTE_CRYPTO_ECDSA_OP_NOT_SPECIFIED = 1,
+ /**< ECDSA operation unspecified */
+ RTE_CRYPTO_ECDSA_OP_SIGN,
+ /**< ECDSA private key signature operation */
+ RTE_CRYPTO_ECDSA_OP_VERIFY,
+ /**< ECDSA public key verification operation */
+ RTE_CRYPTO_ECDSA_OP_LIST_END
+};
+
+/**
+ * Fundamental ECC operation type variants.
+ */
+enum rte_crypto_fecc_optype {
+ RTE_CRYPTO_FECC_OP_NOT_SPECIFIED = 1,
+ /**< FECC operation type unspecified */
+ RTE_CRYPTO_FECC_OP_POINT_ADD,
+ /**< Fundamental ECC point addition operation */
+ RTE_CRYPTO_FECC_OP_POINT_DBL,
+ /**< Fundamental ECC point doubling operation */
+ RTE_CRYPTO_FECC_OP_POINT_MULTIPLY,
+ /**< Fundamental ECC point multiplication operation */
+ RTE_CRYPTO_FECC_OP_LIST_END
+};
+
+/**
+ * ECC list of curves.
+ */
+enum rte_crypto_fecc_curves {
+ RTE_CRYPTO_FECC_CURVE_NOT_SPECIFIED = 1,
+ /**< Unspecified or empty curve id */
+ RTE_CRYPTO_FECC_CURVE_P192,
+ /**< NIST/X9.62/SECG curve over a 192 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P224,
+ /**< NIST/SECG curve over a 224 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P256,
+ /**< X9.62/SECG curve over a 256 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P384,
+ /**< NIST/SECG curve over a 384 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P521,
+ /**< NIST/SECG curve over a 521 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_LIST_END
+};
+
+
+/**
+ * Padding types for RSA signature.
+ */
+enum rte_crypto_rsa_padding_type {
+ RTE_CRYPTO_RSA_PADDING_NOT_SPECIFIED = 1,
+ /**< RSA no padding scheme */
+ RTE_CRYPTO_RSA_PADDING_BT1,
+ /**< RSA PKCS#1 padding BT1 scheme */
+ RTE_CRYPTO_RSA_PADDING_BT2,
+ /**< RSA PKCS#1 padding BT2 scheme */
+ RTE_CRYPTO_RSA_PADDING_OAEP,
+ /**< RSA PKCS#1 OAEP padding scheme */
+ RTE_CRYPTO_RSA_PADDING_PSS,
+ /**< RSA PKCS#1 PSS padding scheme */
+ RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END
+};
+
+/**
+ * Asymmetric RSA transform data
+ *
+ * This structure contains data required to perform RSA crypto
+ * transform. If all CRT components are filled, RSA private key
+ * operations @ref RTE_CRYPTO_RSA_OP_SIGN and @ref
+ * RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT uses CRT method for crypto
+ * transform.
+ */
+struct rte_crypto_rsa_xform {
+
+ int modlen;
+ /**< Length of RSA prime modulus */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to prime modulus data */
+ size_t length;
+ /**< Length of prime modulus */
+ } n;
+ /**< n - Prime modulus
+ * n is the prime modulus of RSA parameters.
+ */
+
+ struct {
+ uint8_t *data;
+ /** Pointer to public key exponent data */
+ size_t length;
+ /** Length of public key exponent */
+ } e;
+ /**< e - Public key exponent
+ * e is the public key exponent used for RSA public key
+ * operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private key exponent data */
+ size_t length;
+ /**< Pointer to public key exponent data */
+ } d;
+ /**< d - Private key exponent
+ * d is the private key exponent used for RSA private key
+ * operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private key component P data */
+ size_t length;
+ /**< Length of private key component P */
+ } p;
+
+ /**< p - Private key component P
+ * p is the private key component of RSA parameter required
+ * for CRT method of private key operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private key component Q data */
+ size_t length;
+ /**< Length of private key component Q */
+ } q;
+ /**< q - Private key component Q
+ * q is the private key component of RSA parameter required
+ * for CRT method of private key operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private CRT component, dP, data */
+ size_t length;
+ /**< Length of private key component dmp */
+ } dP;
+ /**< dP - Private CRT component
+ * dP is the private CRT component of RSA parameter required for
+ * RSA private key operation in CRT method.
+ * dP = d mod ( p - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private CRT component, dQ, data */
+ size_t length;
+ /**< Length of private key component dQ */
+ } dQ;
+ /**< dQ - Private CRT component
+ * dQ is the private CRT component of RSA parameter required for
+ * RSA private key operation in CRT method.
+ * dQ = d mod ( q - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private CRT component, qInv, data */
+ size_t length;
+ /**< Length of private key component qInv */
+ } qInv;
+ /**< qInv - Private CRT component
+ * qInv is the private CRT component of RSA parameter required for
+ * RSA private key operation in CRT method.
+ * qInv = inv q mod p
+ */
+};
+
+/** Asymmetric Modular exponentiation transform data
+ *
+ * This structure contains data required to perform modular exponentation
+ * crypto transform. If all CRT components are valid, crypto transform
+ * operation follows CRT method.
+ */
+struct rte_crypto_modex_xform {
+
+ int modlen;
+ /**< Length of prime modulus */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to prime modulus data */
+ size_t length;
+ /**< Length of prime modulus */
+ } modulus;
+ /**< modulus
+ * modulus is the prime modulus of the modexp transform
+ * operation.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to exponent data */
+ size_t length;
+ /**< Length of exponent */
+ } exponent;
+ /**< exponent
+ * Private exponent of the modexp transform operation.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component of exponent data */
+ size_t length;
+ /**< Length of CRT component P */
+ } p;
+ /**< P
+ * p is CRT component of private exponent.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component of exponent data */
+ size_t length;
+ /**< Length of CRT component Q */
+ } q;
+ /**< q
+ * q is the CRT component of private exponent.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component Ep data */
+ size_t length;
+ /**< Length of CRT component Ep */
+ } Ep;
+ /**< Ep CRT component
+ * Ep is the CRT component of private exponent.
+ * Ep = exponent mod ( p - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component Eq data */
+ size_t length;
+ /**< Length of CRT component Eq */
+ } Eq;
+ /**< Eq CRT component
+ * Eq is the CRT component of private exponent.
+ * Eq = exponent mod ( q - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component of exponent, qInv, data */
+ size_t length;
+ /**< Length of private key component qInv */
+ } qInv;
+ /**< qInv - Private CRT component
+ * qInv is the CRT component of private exponent.
+ * qInv = inv q mod p
+ */
+};
+
+/** Asymmetric ECDSA transform data
+ *
+ * This structure contains data required to perform ECDSA crypto
+ * transform.
+ */
+struct rte_crypto_ecdsa_xform {
+
+ enum rte_crypto_fecc_curves curve_id;
+ /**< ECC prime field curve */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve order data */
+ size_t length;
+ /**< Length of curve order */
+ } order;
+ /**< ECC curve order data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC prime modulus data */
+ size_t length;
+ /**< Length of prime */
+ } prime;
+ /**< ECC Curve prime modulus data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data X */
+ size_t length;
+ /**< Length of curve generator x-coord*/
+ } Gx;
+ /**< X co-ordinate of the ECC curve generator point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data Y */
+ size_t length;
+ /**< Length of curve generator y-coord*/
+ } Gy;
+ /**< Y co-ordinate of the ECC curve generator point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC private key data */
+ size_t length;
+ /**< Length of private key */
+ } pkey;
+ /**< Private key of the signer, is only valid for signature
+ * generation and not verification operation.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to public key data (x co-ordinate) */
+ size_t length;
+ /**< Length of public key X */
+ } qx;
+ /**< X co-ordinate of the public key point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to public key data (y co-ordinate) */
+ size_t length;
+ /**< Length of public key Y*/
+ } qy;
+ /**< Y co-ordinate of the public key point */
+};
+
+/** Asymmetric Fundamental ECC transform operation
+ *
+ * This structure contains data required to perform asymmetric
+ * fundamental ECC crypto transform.
+ */
+struct rte_crypto_fecc_xform {
+
+ enum rte_crypto_fecc_curves curve_id;
+ /**< ECC prime field curve */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve order data */
+ size_t length;
+ /**< Length of curve order */
+ } order;
+ /**< ECC curve order data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC prime modulus data */
+ size_t length;
+ /**< Length of prime */
+ } prime;
+ /**< ECC Curve prime modulus data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data X */
+ size_t length;
+ /**< Length of curve generator x-coord*/
+ } Gx;
+ /**< X co-ordinate of the ECC curve generator point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data Y */
+ size_t length;
+ /**< Length of curve generator y-coord*/
+ } Gy;
+ /**< Y co-ordinate of the ECC curve generator point */
+
+};
+
+/**
+ * Asymmetric crypto transform data
+ *
+ * This structure contains the data required to perform the
+ * asymmetric crypto transformation operation. The field op
+ * determines the asymmetric algorithm for transformation.
+ */
+struct rte_crypto_asym_xform {
+ struct rte_crypto_asym_xform *next;
+ enum rte_crypto_asym_xform_type type;
+ /**< Asymmetric algorithm for crypto transform */
+
+ RTE_STD_C11
+ union {
+ struct rte_crypto_rsa_xform rsa;
+ struct rte_crypto_fecc_xform fecc;
+ struct rte_crypto_modex_xform modex;
+ struct rte_crypto_ecdsa_xform ecdsa;
+ };
+};
+
+struct rte_cryptodev_asym_session;
+
+/**
+ * Crypto operation session type. This is used to specify whether a crypto
+ * operation has session structure attached for immutable parameters or if all
+ * operation information is included in the operation data structure.
+ */
+enum rte_crypto_asym_op_sess_type {
+ RTE_CRYPTO_ASYM_OP_WITH_SESSION,
+ /**< Session based crypto operation */
+ RTE_CRYPTO_ASYM_OP_SESSIONLESS
+ /**< Session-less crypto operation */
+};
+
+/**
+ * Asymmetric Cryptographic Operation.
+ *
+ * This structure contains data relating to performing asymmetric cryptographic
+ * processing on a referenced mbuf data buffer.
+ *
+ * When an asymmetric crypto operation is enqueued with device for processing
+ * it must have a valid *rte_mbuf* structure attached, via m_src parameter,
+ * which contains the source data which the crypto operation is to be performed
+ * on.
+ * While the mbuf is in use by a crypto operation no part of the mbuf should be
+ * changed by the application as the device may read or write to any part of the
+ * mbuf. In the case of hardware crypto devices some or all of the mbuf
+ * may be DMAed in and out of the device, so writing over the original data.
+ * Asymmetric operation, in more than most cases, works in Out-of-place mode. ie
+ * source mbuf and destination mbuf will be different. Data will be copied from
+ * m_src to m_dst after transformation.
+ */
+struct rte_crypto_asym_op {
+ struct rte_mbuf *m_src; /**< source mbuf */
+ struct rte_mbuf *m_dst; /**< destination mbuf */
+
+ enum rte_crypto_asym_op_sess_type sess_type;
+
+ RTE_STD_C11
+ union {
+ enum rte_crypto_rsa_optype rsa_op;
+ /**< Type of RSA operation for transform */;
+ enum rte_crypto_modex_optype modex_op;
+ /**< Type of modular exponentiation operation */
+ enum rte_crypto_ecdsa_optype ecdsa_op;
+ /**< ECDSA crypto xform operation type */
+ enum rte_crypto_fecc_optype fecc_op;
+ /**< ECDSA crypto xform operation type */
+ };
+
+ RTE_STD_C11
+ union {
+ struct rte_cryptodev_asym_session *session;
+ /**< Handle for the initialised session context */
+ struct rte_crypto_asym_xform *xform;
+ /**< Session-less API crypto operation parameters */
+ };
+
+ struct {
+ uint32_t offset;
+ /**< Starting point for crypto processing, specified
+ * as number of bytes from start of data in the source
+ * buffer.
+ *
+ * @note
+ * When the crypto transform is either RSA public encryt @ref
+ * RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT or RSA private decrypt
+ * @ref RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT, offset specifies the
+ * data which is to be encrypted or decrypted respectively.
+ *
+ * @note
+ * When the crypto transform is RSA sign @ref
+ * RTE_CRYPTO_RSA_OP_SIGN, offset specifies the data for
+ * which the RSA signature is to be generated.
+ *
+ * @note
+ * When the crypto transform is RSA verify @ref
+ * RTE_CRYPTO_RSA_OP_VERIFY, offset specifies the data for
+ * which the signature is to be verified
+ *
+ * @note
+ * When the crypto transform is ECDSA sign @ref
+ * RTE_CRYPTO_ECDSA_OP_SIGN, offset specifies the data for
+ * which ECDSA signature is to be generated.
+ *
+ * @note
+ * When the crypto trasnform is ECDSA verify @ref
+ * RTE_CRYPTO_ECDSA_OP_VERIFY, offset specifies the data for
+ * which ECDSA signature is to be verified.
+ *
+ * @note
+ * When the crypto trasnform is MODEXP @ref
+ * RTE_CRYPTO_MODEX_OP_MODEX, offset specifies the data for
+ * which modular exponentiation is be performed.
+ *
+ * @note
+ * When the crypto trasnform is any of the fundamental ECC
+ * operations @ref RTE_CRYPTO_ASYM_XFORM_FECC, source and
+ * desitnation mbufs are unused.
+ */
+
+ uint32_t length;
+ /**<
+ * The message length, in bytes, in the source buffer
+ * on which the cryptographic transform will be
+ * performed.
+ *
+ * @note
+ * If the operation type involes RSA encrypt
+ * @ref RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT, the length
+ * of data should be less than the prime modulus of RSA.
+ *
+ * @note
+ * If the operation type involves RSA decrypt
+ * @ref RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT, the length of
+ * data will be equal to RSA prime modulus length.
+ *
+ * @note
+ * If the operation type is RSA signature generation
+ * @ref RTE_CRYPTO_RSA_OP_SIGN, or verification
+ * @ref RTE_CRYPTO_RSA_OP_VERIFY, the length of data should be
+ * less than prime modulus length in bytes. The maximum length
+ * is dependent on the padding scheme selected.
+ *
+ * @note
+ * If the operation type is modular exponentiation,
+ * @ref RTE_CRYPTO_MODEX_OP_MODEX, the length of data
+ * should be less than the prime modulus of the modex
+ * operation.
+ *
+ * @note
+ * For ECDSA sign operation @ref RTE_CRYPTO_ECDSA_OP_SIGN,
+ * only the leftmost prime_modulus length of data in bytes
+ * is considered for signature.
+ *
+ * @note
+ * For ECDSA verify operation @ref RTE_CRYPTO_ECDSA_OP_VERIFY,
+ * only the leftmost prime_modulus length of data in bytes is
+ * considered for signature verification.
+ */
+ } data;
+
+ RTE_STD_C11
+ union {
+
+ struct {
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } sign;
+ /**<
+ * Pointer to RSA signature data. If operation is RSA
+ * sign @ref RTE_CRYPTO_RSA_OP_SIGN, buffer will be
+ * over-written with generated signature.
+ *
+ * Length of the signature data will be equal to the
+ * RSA prime modulus length.
+ */
+
+ enum rte_crypto_rsa_padding_type pad;
+ /**< RSA padding scheme to be used for transform */
+
+ enum rte_crypto_auth_algorithm md;
+ /**< Hash algorithm to be used for data hash if padding
+ * scheme is either OAEP or PSS. Valid hash algorithms
+ * are:
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+
+ enum rte_crypto_auth_algorithm mgf1md;
+ /**<
+ * Hash algorithm to be used for mask generation if
+ * padding scheme is either OAEP or PSS. If padding
+ * scheme is unspecified data hash algorithm is used
+ * for mask generation. Valid hash algorithms are:
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+ } rsa;
+
+ struct {
+ struct {
+ uint8_t *data;
+
+ phys_addr_t phys_addr;
+
+ size_t length;
+ } sign_r;
+ /**<
+ * Pointer to r-component of ECDSA signature. If
+ * operation type is @ref RTE_CRYPTO_ECDSA_OP_SIGN
+ * this buffer will be over-written with the signature
+ * component.
+ *
+ * Length of r-component will be less than the prime
+ * modulus of the ECC curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } sign_s;
+ /**<
+ * Pointer to s-component of ECDSA signature. If
+ * operation type is @ref RTE_CRYPTO_ECDSA_OP_VERIFY
+ * this buffer will be over-written with the signature
+ * component.
+ *
+ * Length of s-component will be less than the prime
+ * modulus of the ECC curve.
+ */
+
+ struct {
+ uint8_t *data;
+
+ phys_addr_t phys_addr;
+
+ size_t length;
+ } k;
+ /**<
+ * Pointer to random scalar to be used for generation
+ * of ECDSA signature @ref RTE_CRYPTO_ECDSA_OP_VERIFY.
+ * It is invalid if operation is ECDSA verify.
+ *
+ * Length of scalar K should be less than the prime
+ * modulus of the curve
+ */
+ } ecdsa;
+
+ struct {
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } px;
+ /**<
+ * Pointer to the X co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } py;
+ /**<
+ * Pointer to the Y co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } qx;
+ /**<
+ * Pointer to the X co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve. This data valid only for
+ * point addition @ref RTE_CRYPTO_FECC_OP_POINT_ADD
+ * crypto transform.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } qy;
+ /**<
+ * Pointer to the X co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve. This data valid only for
+ * point addition @ref RTE_CRYPTO_FECC_OP_POINT_ADD
+ * crypto transform.
+ */
+
+ struct {
+ uint8_t *data;
+
+ phys_addr_t phys_addr;
+
+ size_t length;
+ } k;
+ /**<
+ * Pointer to scalar data to be used only for point
+ * multiplication @ref RTE_CRYPTO_FECC_OP_POINT_MULTIPLY
+ * crypto transform.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } rx;
+ /**<
+ * Pointer to the X co-ordinate of resultant point on
+ * the curve after fundamental ECC crypto transform.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } ry;
+ /**<
+ * Pointer to the Y co-ordinate of resultant point on
+ * the curve after fundamental ECC crypto transform.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+ } fecc;
+ };
+
+} __rte_cache_aligned;
+
+
+
+/**
+ * Reset the fields of an asymmetric operation to their default values.
+ *
+ * @param op The crypto operation to be reset.
+ */
+static inline void
+__rte_crypto_asym_op_reset(struct rte_crypto_asym_op *op)
+{
+ memset(op, 0, sizeof(*op));
+
+ op->sess_type = RTE_CRYPTO_ASYM_OP_SESSIONLESS;
+}
+
+
+/**
+ * Allocate space for asymmetric crypto xforms in the private data space of the
+ * crypto operation. This also defaults the crypto xform type to
+ * RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED and configures the chaining of the xforms
+ * in the crypto operation
+ *
+ * @return
+ * - On success returns pointer to first crypto xform in crypto operations chain
+ * - On failure returns NULL
+ */
+static inline struct rte_crypto_asym_xform *
+__rte_crypto_asym_op_asym_xforms_alloc(struct rte_crypto_asym_op *asym_op,
+ void *priv_data, uint8_t nb_xforms)
+{
+ struct rte_crypto_asym_xform *xform;
+
+ asym_op->xform = xform = (struct rte_crypto_asym_xform *)priv_data;
+
+ do {
+ xform->type = RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED;
+ xform = xform->next = --nb_xforms > 0 ? xform + 1 : NULL;
+ } while (xform);
+
+ return asym_op->xform;
+}
+
+
+/**
+ * Attach a session to an asymmetric crypto operation
+ *
+ * @param asym_op crypto operation
+ * @param sess cryptodev session
+ */
+static inline int
+__rte_crypto_asym_op_attach_asym_session(struct rte_crypto_asym_op *asym_op,
+ struct rte_cryptodev_asym_session *sess)
+{
+ asym_op->session = sess;
+ asym_op->sess_type = RTE_CRYPTO_ASYM_OP_WITH_SESSION;
+
+ return 0;
+}
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _RTE_CRYPTO_ASYM_H_ */
--
1.8.3.1
Declan Doherty
2017-03-27 12:58:58 UTC
Permalink
Post by Umesh Kartha
This RFC contains specifications for asymmetric crypto algorithms.
Asymmetric crypto algorithms are essential part of protocols such as
SSL/TLS. As the current DPDK crypto library lacks support for asymmetric
crypto algorithms, this RFC is an attempt to address it.
Cavium offers PCI hardware accelerators that supports symmetric and
asymmetric crypto algorithms, of which a few are addressed in this RFC.
Once specifications are agreed upon, I can submit a patch for the same.
We will develop a poll mode driver which can offload to OpenSSL crypto
library and to Cavium crypto accelerator.
1 RSA
- RSA Sign
- RSA Verify
- RSA Public Encrypt
- RSA Private Decrypt
Padding schemes supported for RSA operations are
* RSA PKCS#1 BT1
* RSA PKCS#1 BT2
* RSA PKCS#1 OAEP
* RSA PKCS#1 PSS
2 ECDSA
- ECDSA Sign
- ECDSA Verify
Curves supported for ECDSA operations are
* Prime192v1
* Secp224k1
* Prime256v1
* Secp384r1
* Secp521r1
3 MODEXP
4 FUNDAMENTAL ECC
- Point Addition
- Point Multiplication
- Point Doubling
Curves supported for fundamental ECC operations are same as that of
ECDSA operations.
Asymmetric crypto transform operations support both session oriented
mode (WIP) and session less mode. If the operation is sessionless, an
asymmetric crypto transform structure, containing immutable parameters,
is passed along with per-operation mutable parameters in the structure.
Specific structures were written to contain immutable parameters
depending on algorithm used for crypto transform operation. The
parameters and type of transform is distinguished by the algorithm for
which the transform structure is filled. For a particular asymmetric
algorithm, not all parameters will be used and hence not required to be
filled.
Unlike symmetric operations, asymmetric operations can have more than
one resultant component for a single transform. Hence, only for select
operation types do we use destination mbuf structure passed along with
other operation parameters. The lengths of input and output parameters
are fixed and short. Depending on the algorithm, the number of inputs to
crypto transform operation, both mutable and immutable parameters,
vary. Depending on the algorithm, the type of data expected at source
mbuf varies and has been described.
---
...
Hey Umesh,

it's great to see this RFC and the expansion to the cryptodev framework
functionality. I'm currently working my way through the proposal and
drafting in some help from colleagues within Intel with asymmetric
crypto expertise. Hopefully I'll be able to come back to the list with
detailed comments as soon as possible.

Thanks
Declan
Trahe, Fiona
2017-04-06 11:39:42 UTC
Permalink
Hi Umesh,
-----Original Message-----
Sent: Wednesday, March 22, 2017 10:17 AM
Subject: [dpdk-dev] [RFC] specifications for asymmetric crypto algorithms
This RFC contains specifications for asymmetric crypto algorithms.
Asymmetric crypto algorithms are essential part of protocols such as
SSL/TLS. As the current DPDK crypto library lacks support for asymmetric
crypto algorithms, this RFC is an attempt to address it.
I agree with Declan that it's great to see this RFC and the expansion to
the cryptodev framework functionality.
Some comments below - marked with [Fiona] to find more easily.
Cavium offers PCI hardware accelerators that supports symmetric and
asymmetric crypto algorithms, of which a few are addressed in this RFC.
Once specifications are agreed upon, I can submit a patch for the same.
We will develop a poll mode driver which can offload to OpenSSL crypto
library and to Cavium crypto accelerator.
[Fiona] great. Implementing both HW and openssl-based SW PMDs will help
to refine the API and ensure it's as generic as possible.
1 RSA
- RSA Sign
- RSA Verify
- RSA Public Encrypt
- RSA Private Decrypt
Padding schemes supported for RSA operations are
* RSA PKCS#1 BT1
* RSA PKCS#1 BT2
* RSA PKCS#1 OAEP
* RSA PKCS#1 PSS
2 ECDSA
- ECDSA Sign
- ECDSA Verify
Curves supported for ECDSA operations are
* Prime192v1
* Secp224k1
* Prime256v1
* Secp384r1
* Secp521r1
3 MODEXP
4 FUNDAMENTAL ECC
- Point Addition
- Point Multiplication
- Point Doubling
Curves supported for fundamental ECC operations are same as that of
ECDSA operations.
Asymmetric crypto transform operations support both session oriented
mode (WIP) and session less mode. If the operation is sessionless, an
asymmetric crypto transform structure, containing immutable parameters,
is passed along with per-operation mutable parameters in the structure.
Specific structures were written to contain immutable parameters
depending on algorithm used for crypto transform operation. The
parameters and type of transform is distinguished by the algorithm for
which the transform structure is filled. For a particular asymmetric
algorithm, not all parameters will be used and hence not required to be
filled.
Unlike symmetric operations, asymmetric operations can have more than
one resultant component for a single transform. Hence, only for select
operation types do we use destination mbuf structure passed along with
other operation parameters. The lengths of input and output parameters
are fixed and short. Depending on the algorithm, the number of inputs to
crypto transform operation, both mutable and immutable parameters,
vary. Depending on the algorithm, the type of data expected at source
mbuf varies and has been described.
---
lib/librte_cryptodev/rte_crypto.h | 135 ++++-
lib/librte_cryptodev/rte_crypto_asym.h | 881
+++++++++++++++++++++++++++++++++
2 files changed, 1013 insertions(+), 3 deletions(-)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
diff --git lib/librte_cryptodev/rte_crypto.h lib/librte_cryptodev/rte_crypto.h
index 9019518..a8720bf 100644
--- lib/librte_cryptodev/rte_crypto.h
+++ lib/librte_cryptodev/rte_crypto.h
@@ -51,6 +51,7 @@
#include <rte_common.h>
#include "rte_crypto_sym.h"
+#include "rte_crypto_asym.h"
/** Crypto operation types */
enum rte_crypto_op_type {
@@ -58,6 +59,8 @@ enum rte_crypto_op_type {
/**< Undefined operation type */
RTE_CRYPTO_OP_TYPE_SYMMETRIC,
/**< Symmetric operation */
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC,
+ /**< Asymmetric operation */
};
/** Status of crypto operation */
@@ -75,6 +78,29 @@ enum rte_crypto_op_status {
* Symmetric operation failed due to invalid session arguments, or if
* in session-less mode, failed to allocate private operation material.
*/
+ RTE_CRYPTO_OP_STATUS_RSA_DATA_TOO_LARGE,
+ /**< Length of data to be encrypted/signed is too large */
+ RTE_CRYPTO_OP_STATUS_PKCS_DECRYPT_FAILED,
+ /**<
+ * PKCS decrypt operation failed due to bad padding.
+ */
+ RTE_CRYPTO_OP_STATUS_RSA_VERIFY_FAILED,
+ /**<
+ * PKCS RSA signature verification failed.
+ */
+ RTE_CRYPTO_OP_STATUS_ECDSA_INVALID_SIGNATURE,
+ /**<
+ * ECDSA signature generation failed due to either ECDSA_SIGN->r or
+ * ECDSA_SIGN->s component being invalid.
+ */
+ RTE_CRYPTO_OP_STATUS_ECDSA_VERIFY_FAILED,
+ /**<
+ * ECDSA signature verification failed.
+ */
+ RTE_CRYPTO_OP_STATUS_ECC_POINT_AT_INFINITY,
+ /**<
+ * ECC Operation failed due to point at infinity
+ */
RTE_CRYPTO_OP_STATUS_INVALID_ARGS,
/**< Operation failed due to invalid arguments in request */
RTE_CRYPTO_OP_STATUS_ERROR,
@@ -116,6 +142,8 @@ struct rte_crypto_op {
union {
struct rte_crypto_sym_op *sym;
/**< Symmetric operation parameters */
+ struct rte_crypto_asym_op *asym;
+ /**< Asymmetric operation parameters */
}; /**< operation specific parameters */
} __rte_cache_aligned;
@@ -141,6 +169,14 @@ struct rte_crypto_op {
__rte_crypto_sym_op_reset(op->sym);
break;
+ /** Asymmetric operation structure starts after the end of the
+ * rte_crypto_op strucutre.
+ */
+ op->asym = (struct rte_crypto_asym_op *)(op + 1);
+ op->type = type;
+
+ __rte_crypto_asym_op_reset(op->asym);
break;
}
@@ -303,13 +339,25 @@ struct rte_crypto_op_pool_private {
__rte_crypto_op_get_priv_data(struct rte_crypto_op *op, uint32_t size)
{
uint32_t priv_size;
+ int type = op->type;
if (likely(op->mempool != NULL)) {
priv_size = __rte_crypto_op_get_priv_data_size(op-
Post by Umesh Kartha
mempool);
- if (likely(priv_size >= size))
- return (void *)((uint8_t *)(op + 1) +
+ if (likely(priv_size >= size)) {
+ switch (type) {
+ return (void *)((uint8_t *)(op + 1) +
sizeof(struct rte_crypto_sym_op));
+ break;
+ return (void *)((uint8_t *)(op + 1) +
+ sizeof(struct rte_crypto_asym_op));
+ break;
+ break;
+ }
+ }
}
[Fiona] Some more details for op_pool will be worked out in actual patch I expect, e.g.
changes also needed in rte_crypto_op_pool_create and maybe add a check here that
priv->type is either UNDEFINED or matches the op-type.
return NULL;
@@ -320,7 +368,7 @@ struct rte_crypto_op_pool_private {
* If operation has been allocate from a rte_mempool, then the operation will
* be returned to the mempool.
*
*/
static inline void
rte_crypto_op_free(struct rte_crypto_op *op)
@@ -410,6 +458,87 @@ struct rte_crypto_op_pool_private {
return __rte_crypto_sym_op_attach_sym_session(op->sym, sess);
}
+/**
+ * Allocate an asymmetric crypto operation in the private data of an mbuf.
+ *
+ * operation will be allocated in the private data of that
+ * mbuf.
+ *
+ * - On success returns a pointer to the crypto operation.
+ * - On failure returns NULL.
+ */
+static inline struct rte_crypto_op *
+rte_crypto_asym_op_alloc_from_mbuf_priv_data(struct rte_mbuf *m)
+{
+ if (unlikely(m == NULL))
+ return NULL;
+
+ /*
+ * check that the mbuf's private data size is sufficient to contain a
+ * crypto operation
+ */
+ if (unlikely(m->priv_size < (sizeof(struct rte_crypto_op) +
+ sizeof(struct rte_crypto_asym_op))))
+ return NULL;
+
+ /* private data starts immediately after the mbuf header in the mbuf. */
+ struct rte_crypto_op *op = (struct rte_crypto_op *)(m + 1);
+
+ __rte_crypto_op_reset(op, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+
+ op->mempool = NULL;
+ op->asym->m_src = m;
+
+ return op;
+}
+
+/**
+ * Allocate space for asymmetric crypto xforms in the private data space of the
+ * crypto operation. This also defaults the crypto xform type and configures
+ * the chaining of the xforms in the crypto operation
+ *
+ * - On success returns pointer to first crypto xform in crypto operations chain
+ * - On failure returns NULL
+ */
+static inline struct rte_crypto_asym_xform *
+rte_crypto_op_asym_xforms_alloc(struct rte_crypto_op *op, uint8_t nb_xforms)
+{
+ void *priv_data;
+ uint32_t size;
+
+ if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_ASYMMETRIC))
+ return NULL;
+
+ size = sizeof(struct rte_crypto_asym_xform) * nb_xforms;
+
+ priv_data = __rte_crypto_op_get_priv_data(op, size);
+ if (priv_data == NULL)
+ return NULL;
+
+ return __rte_crypto_asym_op_asym_xforms_alloc(op->asym,
priv_data,
+ nb_xforms);
+}
+
+
+/**
+ * Attach a session to a crypto operation
+ *
+ */
+static inline int
+rte_crypto_op_attach_asym_session(struct rte_crypto_op *op,
+ struct rte_cryptodev_asym_session *sess)
+{
+ if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_ASYMMETRIC))
+ return -1;
+
+ return __rte_crypto_asym_op_attach_asym_session(op->asym, sess);
+}
+
#ifdef __cplusplus
}
#endif
diff --git lib/librte_cryptodev/rte_crypto_asym.h
lib/librte_cryptodev/rte_crypto_asym.h
new file mode 100644
index 0000000..9dfd579
--- /dev/null
+++ lib/librte_cryptodev/rte_crypto_asym.h
@@ -0,0 +1,881 @@
+/*
+ * BSD LICENSE
+ *
+ * Copyright (C) Cavium Networks Ltd. 2017.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Cavium Networks nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _RTE_CRYPTO_ASYM_H_
+#define _RTE_CRYPTO_ASYM_H_
+
+/**
+ *
+ * RTE Definitions for Asymmetric Cryptography
+ *
+ * Defines asymmetric algorithms and modes, as well as supported
+ * asymmetric crypto operations.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <string.h>
+#include <stdint.h>
+#include <rte_mbuf.h>
+#include <rte_memory.h>
+#include <rte_mempool.h>
+#include <rte_common.h>
+#include "rte_crypto_sym.h"
+
+/** Asymmetric crypto transformation types */
+enum rte_crypto_asym_xform_type {
+ RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED = 0,
+ RTE_CRYPTO_ASYM_XFORM_RSA,
+ RTE_CRYPTO_ASYM_XFORM_MODEX,
+ RTE_CRYPTO_ASYM_XFORM_ECDSA,
+ RTE_CRYPTO_ASYM_XFORM_FECC,
+ RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
+};
[Fiona] suggest also including mod inverse, Diffie-Hellman, ECDH and DSA
+
+/**
+ * RSA operation type variants
+ */
+enum rte_crypto_rsa_optype {
+ RTE_CRYPTO_RSA_OP_NOT_SPECIFIED = 1,
+ /**< RSA operation unspecified */
+ RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT,
+ /**< RSA public encrypt operation */
+ RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT,
+ /**< RSA private decrypt operation */
+ RTE_CRYPTO_RSA_OP_SIGN,
+ /**< RSA private key signature operation */
+ RTE_CRYPTO_RSA_OP_VERIFY,
+ /**< RSA public key verification operation */
+ RTE_CRYPTO_RSA_OP_LIST_END
+};
+
+/**
+ * Modular exponentiaion operation type variants
+ */
+enum rte_crypto_modex_optype {
+ RTE_CRYPTO_MODEX_OP_NOT_SPECIFIED = 1,
+ /**< ModEx operation type unspecified */
+ RTE_CRYPTO_MODEX_OP_MODEX,
+ /**< Modex operation modular exponentiation */
+ RTE_CRYPTO_MODEX_OP_LIST_END
+};
+
+/**
+ * ECDSA operation type variants
+ */
+enum rte_crypto_ecdsa_optype {
+ RTE_CRYPTO_ECDSA_OP_NOT_SPECIFIED = 1,
+ /**< ECDSA operation unspecified */
+ RTE_CRYPTO_ECDSA_OP_SIGN,
+ /**< ECDSA private key signature operation */
+ RTE_CRYPTO_ECDSA_OP_VERIFY,
+ /**< ECDSA public key verification operation */
+ RTE_CRYPTO_ECDSA_OP_LIST_END
+};
+
+/**
+ * Fundamental ECC operation type variants.
+ */
+enum rte_crypto_fecc_optype {
+ RTE_CRYPTO_FECC_OP_NOT_SPECIFIED = 1,
+ /**< FECC operation type unspecified */
+ RTE_CRYPTO_FECC_OP_POINT_ADD,
+ /**< Fundamental ECC point addition operation */
+ RTE_CRYPTO_FECC_OP_POINT_DBL,
+ /**< Fundamental ECC point doubling operation */
+ RTE_CRYPTO_FECC_OP_POINT_MULTIPLY,
+ /**< Fundamental ECC point multiplication operation */
+ RTE_CRYPTO_FECC_OP_LIST_END
+};
+
+/**
+ * ECC list of curves.
+ */
+enum rte_crypto_fecc_curves {
+ RTE_CRYPTO_FECC_CURVE_NOT_SPECIFIED = 1,
+ /**< Unspecified or empty curve id */
+ RTE_CRYPTO_FECC_CURVE_P192,
+ /**< NIST/X9.62/SECG curve over a 192 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P224,
+ /**< NIST/SECG curve over a 224 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P256,
+ /**< X9.62/SECG curve over a 256 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P384,
+ /**< NIST/SECG curve over a 384 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P521,
+ /**< NIST/SECG curve over a 521 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_LIST_END
+};
+
[Fiona] Suggest including non-NIST curves.
+
+/**
+ * Padding types for RSA signature.
+ */
+enum rte_crypto_rsa_padding_type {
+ RTE_CRYPTO_RSA_PADDING_NOT_SPECIFIED = 1,
+ /**< RSA no padding scheme */
+ RTE_CRYPTO_RSA_PADDING_BT1,
+ /**< RSA PKCS#1 padding BT1 scheme */
+ RTE_CRYPTO_RSA_PADDING_BT2,
+ /**< RSA PKCS#1 padding BT2 scheme */
+ RTE_CRYPTO_RSA_PADDING_OAEP,
+ /**< RSA PKCS#1 OAEP padding scheme */
+ RTE_CRYPTO_RSA_PADDING_PSS,
+ /**< RSA PKCS#1 PSS padding scheme */
+ RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END
+};
[Fiona] Can you clarify where these padding schemes are to be used by the PMD?
+
+/**
+ * Asymmetric RSA transform data
+ *
+ * This structure contains data required to perform RSA crypto
+ * transform. If all CRT components are filled, RSA private key
+ * RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT uses CRT method for crypto
+ * transform.
+ */
+struct rte_crypto_rsa_xform {
+
+ int modlen;
+ /**< Length of RSA prime modulus */
[Fiona] Can you clarify the usage of this param vs the usage of n.length below
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to prime modulus data */
+ size_t length;
+ /**< Length of prime modulus */
+ } n;
+ /**< n - Prime modulus
+ * n is the prime modulus of RSA parameters.
+ */
+
+ struct {
+ uint8_t *data;
+ /** Pointer to public key exponent data */
+ size_t length;
+ /** Length of public key exponent */
+ } e;
+ /**< e - Public key exponent
+ * e is the public key exponent used for RSA public key
+ * operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private key exponent data */
+ size_t length;
+ /**< Pointer to public key exponent data */
+ } d;
+ /**< d - Private key exponent
+ * d is the private key exponent used for RSA private key
+ * operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private key component P data */
+ size_t length;
+ /**< Length of private key component P */
+ } p;
+
+ /**< p - Private key component P
+ * p is the private key component of RSA parameter required
+ * for CRT method of private key operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private key component Q data */
+ size_t length;
+ /**< Length of private key component Q */
+ } q;
+ /**< q - Private key component Q
+ * q is the private key component of RSA parameter required
+ * for CRT method of private key operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private CRT component, dP, data */
+ size_t length;
+ /**< Length of private key component dmp */
+ } dP;
+ /**< dP - Private CRT component
+ * dP is the private CRT component of RSA parameter required for
+ * RSA private key operation in CRT method.
+ * dP = d mod ( p - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private CRT component, dQ, data */
+ size_t length;
+ /**< Length of private key component dQ */
+ } dQ;
+ /**< dQ - Private CRT component
+ * dQ is the private CRT component of RSA parameter required for
+ * RSA private key operation in CRT method.
+ * dQ = d mod ( q - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private CRT component, qInv, data */
+ size_t length;
+ /**< Length of private key component qInv */
+ } qInv;
+ /**< qInv - Private CRT component
+ * qInv is the private CRT component of RSA parameter required for
+ * RSA private key operation in CRT method.
+ * qInv = inv q mod p
+ */
+};
+
+/** Asymmetric Modular exponentiation transform data
+ *
+ * This structure contains data required to perform modular exponentation
+ * crypto transform. If all CRT components are valid, crypto transform
+ * operation follows CRT method.
+ */
+struct rte_crypto_modex_xform {
+
+ int modlen;
+ /**< Length of prime modulus */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to prime modulus data */
+ size_t length;
+ /**< Length of prime modulus */
+ } modulus;
+ /**< modulus
+ * modulus is the prime modulus of the modexp transform
+ * operation.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to exponent data */
+ size_t length;
+ /**< Length of exponent */
+ } exponent;
+ /**< exponent
+ * Private exponent of the modexp transform operation.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component of exponent data */
+ size_t length;
+ /**< Length of CRT component P */
+ } p;
+ /**< P
+ * p is CRT component of private exponent.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component of exponent data */
+ size_t length;
+ /**< Length of CRT component Q */
+ } q;
+ /**< q
+ * q is the CRT component of private exponent.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component Ep data */
+ size_t length;
+ /**< Length of CRT component Ep */
+ } Ep;
+ /**< Ep CRT component
+ * Ep is the CRT component of private exponent.
+ * Ep = exponent mod ( p - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component Eq data */
+ size_t length;
+ /**< Length of CRT component Eq */
+ } Eq;
+ /**< Eq CRT component
+ * Eq is the CRT component of private exponent.
+ * Eq = exponent mod ( q - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component of exponent, qInv, data */
+ size_t length;
+ /**< Length of private key component qInv */
+ } qInv;
+ /**< qInv - Private CRT component
+ * qInv is the CRT component of private exponent.
+ * qInv = inv q mod p
+ */
+};
+
+/** Asymmetric ECDSA transform data
+ *
+ * This structure contains data required to perform ECDSA crypto
+ * transform.
+ */
+struct rte_crypto_ecdsa_xform {
+
+ enum rte_crypto_fecc_curves curve_id;
+ /**< ECC prime field curve */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve order data */
+ size_t length;
+ /**< Length of curve order */
+ } order;
+ /**< ECC curve order data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC prime modulus data */
+ size_t length;
+ /**< Length of prime */
+ } prime;
+ /**< ECC Curve prime modulus data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data X */
+ size_t length;
+ /**< Length of curve generator x-coord*/
+ } Gx;
+ /**< X co-ordinate of the ECC curve generator point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data Y */
+ size_t length;
+ /**< Length of curve generator y-coord*/
+ } Gy;
+ /**< Y co-ordinate of the ECC curve generator point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC private key data */
+ size_t length;
+ /**< Length of private key */
+ } pkey;
+ /**< Private key of the signer, is only valid for signature
+ * generation and not verification operation.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to public key data (x co-ordinate) */
+ size_t length;
+ /**< Length of public key X */
+ } qx;
+ /**< X co-ordinate of the public key point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to public key data (y co-ordinate) */
+ size_t length;
+ /**< Length of public key Y*/
+ } qy;
+ /**< Y co-ordinate of the public key point */
+};
+
+/** Asymmetric Fundamental ECC transform operation
+ *
+ * This structure contains data required to perform asymmetric
+ * fundamental ECC crypto transform.
+ */
+struct rte_crypto_fecc_xform {
+
+ enum rte_crypto_fecc_curves curve_id;
+ /**< ECC prime field curve */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve order data */
+ size_t length;
+ /**< Length of curve order */
+ } order;
+ /**< ECC curve order data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC prime modulus data */
+ size_t length;
+ /**< Length of prime */
+ } prime;
+ /**< ECC Curve prime modulus data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data X */
+ size_t length;
+ /**< Length of curve generator x-coord*/
+ } Gx;
+ /**< X co-ordinate of the ECC curve generator point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data Y */
+ size_t length;
+ /**< Length of curve generator y-coord*/
+ } Gy;
+ /**< Y co-ordinate of the ECC curve generator point */
+
+};
+
+/**
+ * Asymmetric crypto transform data
+ *
+ * This structure contains the data required to perform the
+ * asymmetric crypto transformation operation. The field op
+ * determines the asymmetric algorithm for transformation.
+ */
+struct rte_crypto_asym_xform {
+ struct rte_crypto_asym_xform *next;
+ enum rte_crypto_asym_xform_type type;
+ /**< Asymmetric algorithm for crypto transform */
+
+ RTE_STD_C11
+ union {
+ struct rte_crypto_rsa_xform rsa;
+ struct rte_crypto_fecc_xform fecc;
+ struct rte_crypto_modex_xform modex;
+ struct rte_crypto_ecdsa_xform ecdsa;
+ };
+};
+
+struct rte_cryptodev_asym_session;
+
+/**
+ * Crypto operation session type. This is used to specify whether a crypto
+ * operation has session structure attached for immutable parameters or if all
+ * operation information is included in the operation data structure.
+ */
+enum rte_crypto_asym_op_sess_type {
+ RTE_CRYPTO_ASYM_OP_WITH_SESSION,
+ /**< Session based crypto operation */
+ RTE_CRYPTO_ASYM_OP_SESSIONLESS
+ /**< Session-less crypto operation */
+};
+
+/**
+ * Asymmetric Cryptographic Operation.
+ *
+ * This structure contains data relating to performing asymmetric cryptographic
+ * processing on a referenced mbuf data buffer.
+ *
+ * When an asymmetric crypto operation is enqueued with device for processing
+ * it must have a valid *rte_mbuf* structure attached, via m_src parameter,
+ * which contains the source data which the crypto operation is to be performed
+ * on.
+ * While the mbuf is in use by a crypto operation no part of the mbuf should be
+ * changed by the application as the device may read or write to any part of the
+ * mbuf. In the case of hardware crypto devices some or all of the mbuf
+ * may be DMAed in and out of the device, so writing over the original data.
+ * Asymmetric operation, in more than most cases, works in Out-of-place mode. ie
+ * source mbuf and destination mbuf will be different. Data will be copied from
+ * m_src to m_dst after transformation.
+ */
+struct rte_crypto_asym_op {
+ struct rte_mbuf *m_src; /**< source mbuf */
+ struct rte_mbuf *m_dst; /**< destination mbuf */
[Fiona] suggest removing mbufs from op and using specific named fields in the
per-type op structures instead, as unlikely the data would originate in an mbuf.
If it's expected that data could originate in an mbuf for a specific op type then put
the mbuf into the part of the union specific to that type.
This would also have the nice advantage of removing a lot of the notes under
data.offset below as the explicit naming of the params in the union should provide
more clarity.

[Fiona] Can you add a note about long number format of all parameters, assume they
conform to PKCS#1 v2.1, section 4. It would be nice to call out the details re endianness,
leading zeros, etc explicitly in the API.
+
+ enum rte_crypto_asym_op_sess_type sess_type;
+
+ RTE_STD_C11
+ union {
+ enum rte_crypto_rsa_optype rsa_op;
+ /**< Type of RSA operation for transform */;
+ enum rte_crypto_modex_optype modex_op;
+ /**< Type of modular exponentiation operation */
+ enum rte_crypto_ecdsa_optype ecdsa_op;
+ /**< ECDSA crypto xform operation type */
+ enum rte_crypto_fecc_optype fecc_op;
+ /**< ECDSA crypto xform operation type */
+ };
+
+ RTE_STD_C11
+ union {
+ struct rte_cryptodev_asym_session *session;
+ /**< Handle for the initialised session context */
+ struct rte_crypto_asym_xform *xform;
+ /**< Session-less API crypto operation parameters */
+ };
+
+ struct {
+ uint32_t offset;
+ /**< Starting point for crypto processing, specified
+ * as number of bytes from start of data in the source
+ * buffer.
+ *
+ * RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT or RSA private
decrypt
specifies the
+ * data which is to be encrypted or decrypted respectively.
+ *
+ * RTE_CRYPTO_RSA_OP_SIGN, offset specifies the data for
+ * which the RSA signature is to be generated.
+ *
+ * RTE_CRYPTO_RSA_OP_VERIFY, offset specifies the data for
+ * which the signature is to be verified
+ *
+ * RTE_CRYPTO_ECDSA_OP_SIGN, offset specifies the data for
+ * which ECDSA signature is to be generated.
+ *
+ * RTE_CRYPTO_ECDSA_OP_VERIFY, offset specifies the data
for
+ * which ECDSA signature is to be verified.
+ *
+ * RTE_CRYPTO_MODEX_OP_MODEX, offset specifies the data
for
+ * which modular exponentiation is be performed.
+ *
+ * When the crypto trasnform is any of the fundamental ECC
and
+ * desitnation mbufs are unused.
+ */
+
+ uint32_t length;
+ /**<
+ * The message length, in bytes, in the source buffer
+ * on which the cryptographic transform will be
+ * performed.
+ *
+ * If the operation type involes RSA encrypt
+ * of data should be less than the prime modulus of RSA.
+ *
+ * If the operation type involves RSA decrypt
of
+ * data will be equal to RSA prime modulus length.
+ *
+ * If the operation type is RSA signature generation
should be
+ * less than prime modulus length in bytes. The maximum
length
+ * is dependent on the padding scheme selected.
+ *
+ * If the operation type is modular exponentiation,
+ * should be less than the prime modulus of the modex
+ * operation.
+ *
RTE_CRYPTO_ECDSA_OP_SIGN,
+ * only the leftmost prime_modulus length of data in bytes
+ * is considered for signature.
+ *
RTE_CRYPTO_ECDSA_OP_VERIFY,
+ * only the leftmost prime_modulus length of data in bytes is
+ * considered for signature verification.
+ */
+ } data;
+
+ RTE_STD_C11
+ union {
+
+ struct {
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } sign;
+ /**<
+ * Pointer to RSA signature data. If operation is RSA
be
+ * over-written with generated signature.
+ *
+ * Length of the signature data will be equal to the
+ * RSA prime modulus length.
+ */
+
+ enum rte_crypto_rsa_padding_type pad;
+ /**< RSA padding scheme to be used for transform */
+
+ enum rte_crypto_auth_algorithm md;
+ /**< Hash algorithm to be used for data hash if
padding
+ * scheme is either OAEP or PSS. Valid hash algorithms
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+
+ enum rte_crypto_auth_algorithm mgf1md;
+ /**<
+ * Hash algorithm to be used for mask generation if
+ * padding scheme is either OAEP or PSS. If padding
+ * scheme is unspecified data hash algorithm is used
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+ } rsa;
+
+ struct {
+ struct {
+ uint8_t *data;
+
+ phys_addr_t phys_addr;
+
+ size_t length;
+ } sign_r;
+ /**<
+ * Pointer to r-component of ECDSA signature. If
RTE_CRYPTO_ECDSA_OP_SIGN
+ * this buffer will be over-written with the signature
+ * component.
+ *
+ * Length of r-component will be less than the prime
+ * modulus of the ECC curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } sign_s;
+ /**<
+ * Pointer to s-component of ECDSA signature. If
RTE_CRYPTO_ECDSA_OP_VERIFY
+ * this buffer will be over-written with the signature
+ * component.
+ *
+ * Length of s-component will be less than the prime
+ * modulus of the ECC curve.
+ */
+
+ struct {
+ uint8_t *data;
+
+ phys_addr_t phys_addr;
+
+ size_t length;
+ } k;
+ /**<
+ * Pointer to random scalar to be used for generation
RTE_CRYPTO_ECDSA_OP_VERIFY.
+ * It is invalid if operation is ECDSA verify.
+ *
+ * Length of scalar K should be less than the prime
+ * modulus of the curve
+ */
+ } ecdsa;
+
+ struct {
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } px;
+ /**<
+ * Pointer to the X co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } py;
+ /**<
+ * Pointer to the Y co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } qx;
+ /**<
+ * Pointer to the X co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve. This data valid only for
RTE_CRYPTO_FECC_OP_POINT_ADD
+ * crypto transform.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } qy;
+ /**<
+ * Pointer to the X co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve. This data valid only for
RTE_CRYPTO_FECC_OP_POINT_ADD
+ * crypto transform.
+ */
+
+ struct {
+ uint8_t *data;
+
+ phys_addr_t phys_addr;
+
+ size_t length;
+ } k;
+ /**<
+ * Pointer to scalar data to be used only for point
RTE_CRYPTO_FECC_OP_POINT_MULTIPLY
+ * crypto transform.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } rx;
+ /**<
+ * Pointer to the X co-ordinate of resultant point on
+ * the curve after fundamental ECC crypto transform.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } ry;
+ /**<
+ * Pointer to the Y co-ordinate of resultant point on
+ * the curve after fundamental ECC crypto transform.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+ } fecc;
+ };
+
+} __rte_cache_aligned;
+
+
+
+/**
+ * Reset the fields of an asymmetric operation to their default values.
+ *
+ */
+static inline void
+__rte_crypto_asym_op_reset(struct rte_crypto_asym_op *op)
+{
+ memset(op, 0, sizeof(*op));
+
+ op->sess_type = RTE_CRYPTO_ASYM_OP_SESSIONLESS;
+}
+
+
+/**
+ * Allocate space for asymmetric crypto xforms in the private data space of the
+ * crypto operation. This also defaults the crypto xform type to
+ * RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED and configures the chaining of the xforms
+ * in the crypto operation
+ *
+ * - On success returns pointer to first crypto xform in crypto operations chain
+ * - On failure returns NULL
+ */
+static inline struct rte_crypto_asym_xform *
+__rte_crypto_asym_op_asym_xforms_alloc(struct rte_crypto_asym_op *asym_op,
+ void *priv_data, uint8_t nb_xforms)
+{
+ struct rte_crypto_asym_xform *xform;
+
+ asym_op->xform = xform = (struct rte_crypto_asym_xform
*)priv_data;
+
+ do {
+ xform->type = RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED;
+ xform = xform->next = --nb_xforms > 0 ? xform + 1 : NULL;
+ } while (xform);
+
+ return asym_op->xform;
+}
+
+
+/**
+ * Attach a session to an asymmetric crypto operation
+ *
+ */
+static inline int
+__rte_crypto_asym_op_attach_asym_session(struct rte_crypto_asym_op *asym_op,
+ struct rte_cryptodev_asym_session *sess)
+{
+ asym_op->session = sess;
+ asym_op->sess_type = RTE_CRYPTO_ASYM_OP_WITH_SESSION;
+
+ return 0;
+}
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _RTE_CRYPTO_ASYM_H_ */
--
1.8.3.1
[Fiona] Capabilities and Stats APIs are needed.

[Fiona] Though this API facilitates both symmetric and asymmetric operations
being sent to the same device and qp, in practice if this is done on a HW accelerator
it could result in head-of-line blocking due to the asym ops taking longer than the
symmetric ops.
Some HW accelerators avoid this issue by supporting sym and asym ops
on different qps on the same device. To avoid the application being aware of this
hardware configuration some changes to EAL would be useful to facilitate pci device sharing
between PMDs, enabling separation of sym and asym services onto different PMDs.
We will submit a patch to enable this.

[Fiona] will be interested to see the proposals for session pool for the WITH_SESSION case, e.g. is there a
dedicated asym session pool with duplication of the sym session mgmt fns in rte_cryptodev_ops? Or any
point in having a common session ?
Umesh Kartha
2017-04-27 07:26:31 UTC
Permalink
Hi Fiona,

Sorry for the delay in response and thanks for the feedback. I have
included the suggested changes for v2. Please find comments inline.
Post by Trahe, Fiona
Hi Umesh,
-----Original Message-----
Sent: Wednesday, March 22, 2017 10:17 AM
Subject: [dpdk-dev] [RFC] specifications for asymmetric crypto algorithms
This RFC contains specifications for asymmetric crypto algorithms.
Asymmetric crypto algorithms are essential part of protocols such as
SSL/TLS. As the current DPDK crypto library lacks support for asymmetric
crypto algorithms, this RFC is an attempt to address it.
I agree with Declan that it's great to see this RFC and the expansion to
the cryptodev framework functionality.
Some comments below - marked with [Fiona] to find more easily.
Cavium offers PCI hardware accelerators that supports symmetric and
asymmetric crypto algorithms, of which a few are addressed in this RFC.
Once specifications are agreed upon, I can submit a patch for the same.
We will develop a poll mode driver which can offload to OpenSSL crypto
library and to Cavium crypto accelerator.
[Fiona] great. Implementing both HW and openssl-based SW PMDs will help
to refine the API and ensure it's as generic as possible.
1 RSA
- RSA Sign
- RSA Verify
- RSA Public Encrypt
- RSA Private Decrypt
Padding schemes supported for RSA operations are
* RSA PKCS#1 BT1
* RSA PKCS#1 BT2
* RSA PKCS#1 OAEP
* RSA PKCS#1 PSS
2 ECDSA
- ECDSA Sign
- ECDSA Verify
Curves supported for ECDSA operations are
* Prime192v1
* Secp224k1
* Prime256v1
* Secp384r1
* Secp521r1
3 MODEXP
4 FUNDAMENTAL ECC
- Point Addition
- Point Multiplication
- Point Doubling
Curves supported for fundamental ECC operations are same as that of
ECDSA operations.
Asymmetric crypto transform operations support both session oriented
mode (WIP) and session less mode. If the operation is sessionless, an
asymmetric crypto transform structure, containing immutable parameters,
is passed along with per-operation mutable parameters in the structure.
Specific structures were written to contain immutable parameters
depending on algorithm used for crypto transform operation. The
parameters and type of transform is distinguished by the algorithm for
which the transform structure is filled. For a particular asymmetric
algorithm, not all parameters will be used and hence not required to be
filled.
Unlike symmetric operations, asymmetric operations can have more than
one resultant component for a single transform. Hence, only for select
operation types do we use destination mbuf structure passed along with
other operation parameters. The lengths of input and output parameters
are fixed and short. Depending on the algorithm, the number of inputs to
crypto transform operation, both mutable and immutable parameters,
vary. Depending on the algorithm, the type of data expected at source
mbuf varies and has been described.
---
lib/librte_cryptodev/rte_crypto.h | 135 ++++-
lib/librte_cryptodev/rte_crypto_asym.h | 881
+++++++++++++++++++++++++++++++++
2 files changed, 1013 insertions(+), 3 deletions(-)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
diff --git lib/librte_cryptodev/rte_crypto.h lib/librte_cryptodev/rte_crypto.h
index 9019518..a8720bf 100644
--- lib/librte_cryptodev/rte_crypto.h
+++ lib/librte_cryptodev/rte_crypto.h
@@ -51,6 +51,7 @@
#include <rte_common.h>
#include "rte_crypto_sym.h"
+#include "rte_crypto_asym.h"
/** Crypto operation types */
enum rte_crypto_op_type {
@@ -58,6 +59,8 @@ enum rte_crypto_op_type {
/**< Undefined operation type */
RTE_CRYPTO_OP_TYPE_SYMMETRIC,
/**< Symmetric operation */
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC,
+ /**< Asymmetric operation */
};
/** Status of crypto operation */
@@ -75,6 +78,29 @@ enum rte_crypto_op_status {
* Symmetric operation failed due to invalid session arguments, or if
* in session-less mode, failed to allocate private operation material.
*/
+ RTE_CRYPTO_OP_STATUS_RSA_DATA_TOO_LARGE,
+ /**< Length of data to be encrypted/signed is too large */
+ RTE_CRYPTO_OP_STATUS_PKCS_DECRYPT_FAILED,
+ /**<
+ * PKCS decrypt operation failed due to bad padding.
+ */
+ RTE_CRYPTO_OP_STATUS_RSA_VERIFY_FAILED,
+ /**<
+ * PKCS RSA signature verification failed.
+ */
+ RTE_CRYPTO_OP_STATUS_ECDSA_INVALID_SIGNATURE,
+ /**<
+ * ECDSA signature generation failed due to either ECDSA_SIGN->r or
+ * ECDSA_SIGN->s component being invalid.
+ */
+ RTE_CRYPTO_OP_STATUS_ECDSA_VERIFY_FAILED,
+ /**<
+ * ECDSA signature verification failed.
+ */
+ RTE_CRYPTO_OP_STATUS_ECC_POINT_AT_INFINITY,
+ /**<
+ * ECC Operation failed due to point at infinity
+ */
RTE_CRYPTO_OP_STATUS_INVALID_ARGS,
/**< Operation failed due to invalid arguments in request */
RTE_CRYPTO_OP_STATUS_ERROR,
@@ -116,6 +142,8 @@ struct rte_crypto_op {
union {
struct rte_crypto_sym_op *sym;
/**< Symmetric operation parameters */
+ struct rte_crypto_asym_op *asym;
+ /**< Asymmetric operation parameters */
}; /**< operation specific parameters */
} __rte_cache_aligned;
@@ -141,6 +169,14 @@ struct rte_crypto_op {
__rte_crypto_sym_op_reset(op->sym);
break;
+ /** Asymmetric operation structure starts after the end of the
+ * rte_crypto_op strucutre.
+ */
+ op->asym = (struct rte_crypto_asym_op *)(op + 1);
+ op->type = type;
+
+ __rte_crypto_asym_op_reset(op->asym);
break;
}
@@ -303,13 +339,25 @@ struct rte_crypto_op_pool_private {
__rte_crypto_op_get_priv_data(struct rte_crypto_op *op, uint32_t size)
{
uint32_t priv_size;
+ int type = op->type;
if (likely(op->mempool != NULL)) {
priv_size = __rte_crypto_op_get_priv_data_size(op-
Post by Umesh Kartha
mempool);
- if (likely(priv_size >= size))
- return (void *)((uint8_t *)(op + 1) +
+ if (likely(priv_size >= size)) {
+ switch (type) {
+ return (void *)((uint8_t *)(op + 1) +
sizeof(struct rte_crypto_sym_op));
+ break;
+ return (void *)((uint8_t *)(op + 1) +
+ sizeof(struct rte_crypto_asym_op));
+ break;
+ break;
+ }
+ }
}
[Fiona] Some more details for op_pool will be worked out in actual patch I expect, e.g.
changes also needed in rte_crypto_op_pool_create and maybe add a check here that
priv->type is either UNDEFINED or matches the op-type.
return NULL;
@@ -320,7 +368,7 @@ struct rte_crypto_op_pool_private {
* If operation has been allocate from a rte_mempool, then the operation will
* be returned to the mempool.
*
*/
static inline void
rte_crypto_op_free(struct rte_crypto_op *op)
@@ -410,6 +458,87 @@ struct rte_crypto_op_pool_private {
return __rte_crypto_sym_op_attach_sym_session(op->sym, sess);
}
+/**
+ * Allocate an asymmetric crypto operation in the private data of an mbuf.
+ *
+ * operation will be allocated in the private data of that
+ * mbuf.
+ *
+ * - On success returns a pointer to the crypto operation.
+ * - On failure returns NULL.
+ */
+static inline struct rte_crypto_op *
+rte_crypto_asym_op_alloc_from_mbuf_priv_data(struct rte_mbuf *m)
+{
+ if (unlikely(m == NULL))
+ return NULL;
+
+ /*
+ * check that the mbuf's private data size is sufficient to contain a
+ * crypto operation
+ */
+ if (unlikely(m->priv_size < (sizeof(struct rte_crypto_op) +
+ sizeof(struct rte_crypto_asym_op))))
+ return NULL;
+
+ /* private data starts immediately after the mbuf header in the mbuf. */
+ struct rte_crypto_op *op = (struct rte_crypto_op *)(m + 1);
+
+ __rte_crypto_op_reset(op, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+
+ op->mempool = NULL;
+ op->asym->m_src = m;
+
+ return op;
+}
+
+/**
+ * Allocate space for asymmetric crypto xforms in the private data space of the
+ * crypto operation. This also defaults the crypto xform type and configures
+ * the chaining of the xforms in the crypto operation
+ *
+ * - On success returns pointer to first crypto xform in crypto operations chain
+ * - On failure returns NULL
+ */
+static inline struct rte_crypto_asym_xform *
+rte_crypto_op_asym_xforms_alloc(struct rte_crypto_op *op, uint8_t nb_xforms)
+{
+ void *priv_data;
+ uint32_t size;
+
+ if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_ASYMMETRIC))
+ return NULL;
+
+ size = sizeof(struct rte_crypto_asym_xform) * nb_xforms;
+
+ priv_data = __rte_crypto_op_get_priv_data(op, size);
+ if (priv_data == NULL)
+ return NULL;
+
+ return __rte_crypto_asym_op_asym_xforms_alloc(op->asym,
priv_data,
+ nb_xforms);
+}
+
+
+/**
+ * Attach a session to a crypto operation
+ *
+ */
+static inline int
+rte_crypto_op_attach_asym_session(struct rte_crypto_op *op,
+ struct rte_cryptodev_asym_session *sess)
+{
+ if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_ASYMMETRIC))
+ return -1;
+
+ return __rte_crypto_asym_op_attach_asym_session(op->asym, sess);
+}
+
#ifdef __cplusplus
}
#endif
diff --git lib/librte_cryptodev/rte_crypto_asym.h
lib/librte_cryptodev/rte_crypto_asym.h
new file mode 100644
index 0000000..9dfd579
--- /dev/null
+++ lib/librte_cryptodev/rte_crypto_asym.h
@@ -0,0 +1,881 @@
+/*
+ * BSD LICENSE
+ *
+ * Copyright (C) Cavium Networks Ltd. 2017.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Cavium Networks nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _RTE_CRYPTO_ASYM_H_
+#define _RTE_CRYPTO_ASYM_H_
+
+/**
+ *
+ * RTE Definitions for Asymmetric Cryptography
+ *
+ * Defines asymmetric algorithms and modes, as well as supported
+ * asymmetric crypto operations.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <string.h>
+#include <stdint.h>
+#include <rte_mbuf.h>
+#include <rte_memory.h>
+#include <rte_mempool.h>
+#include <rte_common.h>
+#include "rte_crypto_sym.h"
+
+/** Asymmetric crypto transformation types */
+enum rte_crypto_asym_xform_type {
+ RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED = 0,
+ RTE_CRYPTO_ASYM_XFORM_RSA,
+ RTE_CRYPTO_ASYM_XFORM_MODEX,
+ RTE_CRYPTO_ASYM_XFORM_ECDSA,
+ RTE_CRYPTO_ASYM_XFORM_FECC,
+ RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
+};
[Fiona] suggest also including mod inverse, Diffie-Hellman, ECDH and DSA
[Umesh] Sure, I will be adding mod inverse, DH, ECDH and DSA in the next
version.
Post by Trahe, Fiona
+
+/**
+ * RSA operation type variants
+ */
+enum rte_crypto_rsa_optype {
+ RTE_CRYPTO_RSA_OP_NOT_SPECIFIED = 1,
+ /**< RSA operation unspecified */
+ RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT,
+ /**< RSA public encrypt operation */
+ RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT,
+ /**< RSA private decrypt operation */
+ RTE_CRYPTO_RSA_OP_SIGN,
+ /**< RSA private key signature operation */
+ RTE_CRYPTO_RSA_OP_VERIFY,
+ /**< RSA public key verification operation */
+ RTE_CRYPTO_RSA_OP_LIST_END
+};
+
+/**
+ * Modular exponentiaion operation type variants
+ */
+enum rte_crypto_modex_optype {
+ RTE_CRYPTO_MODEX_OP_NOT_SPECIFIED = 1,
+ /**< ModEx operation type unspecified */
+ RTE_CRYPTO_MODEX_OP_MODEX,
+ /**< Modex operation modular exponentiation */
+ RTE_CRYPTO_MODEX_OP_LIST_END
+};
+
+/**
+ * ECDSA operation type variants
+ */
+enum rte_crypto_ecdsa_optype {
+ RTE_CRYPTO_ECDSA_OP_NOT_SPECIFIED = 1,
+ /**< ECDSA operation unspecified */
+ RTE_CRYPTO_ECDSA_OP_SIGN,
+ /**< ECDSA private key signature operation */
+ RTE_CRYPTO_ECDSA_OP_VERIFY,
+ /**< ECDSA public key verification operation */
+ RTE_CRYPTO_ECDSA_OP_LIST_END
+};
+
+/**
+ * Fundamental ECC operation type variants.
+ */
+enum rte_crypto_fecc_optype {
+ RTE_CRYPTO_FECC_OP_NOT_SPECIFIED = 1,
+ /**< FECC operation type unspecified */
+ RTE_CRYPTO_FECC_OP_POINT_ADD,
+ /**< Fundamental ECC point addition operation */
+ RTE_CRYPTO_FECC_OP_POINT_DBL,
+ /**< Fundamental ECC point doubling operation */
+ RTE_CRYPTO_FECC_OP_POINT_MULTIPLY,
+ /**< Fundamental ECC point multiplication operation */
+ RTE_CRYPTO_FECC_OP_LIST_END
+};
+
+/**
+ * ECC list of curves.
+ */
+enum rte_crypto_fecc_curves {
+ RTE_CRYPTO_FECC_CURVE_NOT_SPECIFIED = 1,
+ /**< Unspecified or empty curve id */
+ RTE_CRYPTO_FECC_CURVE_P192,
+ /**< NIST/X9.62/SECG curve over a 192 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P224,
+ /**< NIST/SECG curve over a 224 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P256,
+ /**< X9.62/SECG curve over a 256 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P384,
+ /**< NIST/SECG curve over a 384 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_P521,
+ /**< NIST/SECG curve over a 521 bit prime field */
+ RTE_CRYPTO_FECC_CURVE_LIST_END
+};
+
[Fiona] Suggest including non-NIST curves.
[Umesh] Plan is to be include all the curves supported in libcrypto.
Please share your thoughts on dividing the curves based on their type,
ie binary curves and prime curves? For binary curves, the prime modulus
parameter is expected to hold the polynomial and degree.
Post by Trahe, Fiona
+
+/**
+ * Padding types for RSA signature.
+ */
+enum rte_crypto_rsa_padding_type {
+ RTE_CRYPTO_RSA_PADDING_NOT_SPECIFIED = 1,
+ /**< RSA no padding scheme */
+ RTE_CRYPTO_RSA_PADDING_BT1,
+ /**< RSA PKCS#1 padding BT1 scheme */
+ RTE_CRYPTO_RSA_PADDING_BT2,
+ /**< RSA PKCS#1 padding BT2 scheme */
+ RTE_CRYPTO_RSA_PADDING_OAEP,
+ /**< RSA PKCS#1 OAEP padding scheme */
+ RTE_CRYPTO_RSA_PADDING_PSS,
+ /**< RSA PKCS#1 PSS padding scheme */
+ RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END
+};
[Fiona] Can you clarify where these padding schemes are to be used by the PMD?
[Umesh] These are the encryption/signature schemes specified in PKCSv2.2
[RFC 8017] standard to be used while performing RSA operations. We may
use RSA OAEP encoding and PSS signature scheme instead of blocktype 1
padding for RSA sign and blocktype 2 for RSA public encryption.
Post by Trahe, Fiona
+
+/**
+ * Asymmetric RSA transform data
+ *
+ * This structure contains data required to perform RSA crypto
+ * transform. If all CRT components are filled, RSA private key
+ * RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT uses CRT method for crypto
+ * transform.
+ */
+struct rte_crypto_rsa_xform {
+
+ int modlen;
+ /**< Length of RSA prime modulus */
[Fiona] Can you clarify the usage of this param vs the usage of n.length below
[Umesh] modlen does seem to be redundant with the presence of length
param for prime modulus. Will remove this.
Post by Trahe, Fiona
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to prime modulus data */
+ size_t length;
+ /**< Length of prime modulus */
+ } n;
+ /**< n - Prime modulus
+ * n is the prime modulus of RSA parameters.
+ */
+
+ struct {
+ uint8_t *data;
+ /** Pointer to public key exponent data */
+ size_t length;
+ /** Length of public key exponent */
+ } e;
+ /**< e - Public key exponent
+ * e is the public key exponent used for RSA public key
+ * operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private key exponent data */
+ size_t length;
+ /**< Pointer to public key exponent data */
+ } d;
+ /**< d - Private key exponent
+ * d is the private key exponent used for RSA private key
+ * operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private key component P data */
+ size_t length;
+ /**< Length of private key component P */
+ } p;
+
+ /**< p - Private key component P
+ * p is the private key component of RSA parameter required
+ * for CRT method of private key operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private key component Q data */
+ size_t length;
+ /**< Length of private key component Q */
+ } q;
+ /**< q - Private key component Q
+ * q is the private key component of RSA parameter required
+ * for CRT method of private key operations.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private CRT component, dP, data */
+ size_t length;
+ /**< Length of private key component dmp */
+ } dP;
+ /**< dP - Private CRT component
+ * dP is the private CRT component of RSA parameter required for
+ * RSA private key operation in CRT method.
+ * dP = d mod ( p - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private CRT component, dQ, data */
+ size_t length;
+ /**< Length of private key component dQ */
+ } dQ;
+ /**< dQ - Private CRT component
+ * dQ is the private CRT component of RSA parameter required for
+ * RSA private key operation in CRT method.
+ * dQ = d mod ( q - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to private CRT component, qInv, data */
+ size_t length;
+ /**< Length of private key component qInv */
+ } qInv;
+ /**< qInv - Private CRT component
+ * qInv is the private CRT component of RSA parameter required for
+ * RSA private key operation in CRT method.
+ * qInv = inv q mod p
+ */
+};
+
+/** Asymmetric Modular exponentiation transform data
+ *
+ * This structure contains data required to perform modular exponentation
+ * crypto transform. If all CRT components are valid, crypto transform
+ * operation follows CRT method.
+ */
+struct rte_crypto_modex_xform {
+
+ int modlen;
+ /**< Length of prime modulus */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to prime modulus data */
+ size_t length;
+ /**< Length of prime modulus */
+ } modulus;
+ /**< modulus
+ * modulus is the prime modulus of the modexp transform
+ * operation.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to exponent data */
+ size_t length;
+ /**< Length of exponent */
+ } exponent;
+ /**< exponent
+ * Private exponent of the modexp transform operation.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component of exponent data */
+ size_t length;
+ /**< Length of CRT component P */
+ } p;
+ /**< P
+ * p is CRT component of private exponent.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component of exponent data */
+ size_t length;
+ /**< Length of CRT component Q */
+ } q;
+ /**< q
+ * q is the CRT component of private exponent.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component Ep data */
+ size_t length;
+ /**< Length of CRT component Ep */
+ } Ep;
+ /**< Ep CRT component
+ * Ep is the CRT component of private exponent.
+ * Ep = exponent mod ( p - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component Eq data */
+ size_t length;
+ /**< Length of CRT component Eq */
+ } Eq;
+ /**< Eq CRT component
+ * Eq is the CRT component of private exponent.
+ * Eq = exponent mod ( q - 1 )
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to CRT component of exponent, qInv, data */
+ size_t length;
+ /**< Length of private key component qInv */
+ } qInv;
+ /**< qInv - Private CRT component
+ * qInv is the CRT component of private exponent.
+ * qInv = inv q mod p
+ */
+};
+
+/** Asymmetric ECDSA transform data
+ *
+ * This structure contains data required to perform ECDSA crypto
+ * transform.
+ */
+struct rte_crypto_ecdsa_xform {
+
+ enum rte_crypto_fecc_curves curve_id;
+ /**< ECC prime field curve */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve order data */
+ size_t length;
+ /**< Length of curve order */
+ } order;
+ /**< ECC curve order data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC prime modulus data */
+ size_t length;
+ /**< Length of prime */
+ } prime;
+ /**< ECC Curve prime modulus data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data X */
+ size_t length;
+ /**< Length of curve generator x-coord*/
+ } Gx;
+ /**< X co-ordinate of the ECC curve generator point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data Y */
+ size_t length;
+ /**< Length of curve generator y-coord*/
+ } Gy;
+ /**< Y co-ordinate of the ECC curve generator point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC private key data */
+ size_t length;
+ /**< Length of private key */
+ } pkey;
+ /**< Private key of the signer, is only valid for signature
+ * generation and not verification operation.
+ */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to public key data (x co-ordinate) */
+ size_t length;
+ /**< Length of public key X */
+ } qx;
+ /**< X co-ordinate of the public key point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to public key data (y co-ordinate) */
+ size_t length;
+ /**< Length of public key Y*/
+ } qy;
+ /**< Y co-ordinate of the public key point */
+};
+
+/** Asymmetric Fundamental ECC transform operation
+ *
+ * This structure contains data required to perform asymmetric
+ * fundamental ECC crypto transform.
+ */
+struct rte_crypto_fecc_xform {
+
+ enum rte_crypto_fecc_curves curve_id;
+ /**< ECC prime field curve */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve order data */
+ size_t length;
+ /**< Length of curve order */
+ } order;
+ /**< ECC curve order data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC prime modulus data */
+ size_t length;
+ /**< Length of prime */
+ } prime;
+ /**< ECC Curve prime modulus data */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data X */
+ size_t length;
+ /**< Length of curve generator x-coord*/
+ } Gx;
+ /**< X co-ordinate of the ECC curve generator point */
+
+ struct {
+ uint8_t *data;
+ /**< Pointer to ECC curve generator data Y */
+ size_t length;
+ /**< Length of curve generator y-coord*/
+ } Gy;
+ /**< Y co-ordinate of the ECC curve generator point */
+
+};
+
+/**
+ * Asymmetric crypto transform data
+ *
+ * This structure contains the data required to perform the
+ * asymmetric crypto transformation operation. The field op
+ * determines the asymmetric algorithm for transformation.
+ */
+struct rte_crypto_asym_xform {
+ struct rte_crypto_asym_xform *next;
+ enum rte_crypto_asym_xform_type type;
+ /**< Asymmetric algorithm for crypto transform */
+
+ RTE_STD_C11
+ union {
+ struct rte_crypto_rsa_xform rsa;
+ struct rte_crypto_fecc_xform fecc;
+ struct rte_crypto_modex_xform modex;
+ struct rte_crypto_ecdsa_xform ecdsa;
+ };
+};
+
+struct rte_cryptodev_asym_session;
+
+/**
+ * Crypto operation session type. This is used to specify whether a crypto
+ * operation has session structure attached for immutable parameters or if all
+ * operation information is included in the operation data structure.
+ */
+enum rte_crypto_asym_op_sess_type {
+ RTE_CRYPTO_ASYM_OP_WITH_SESSION,
+ /**< Session based crypto operation */
+ RTE_CRYPTO_ASYM_OP_SESSIONLESS
+ /**< Session-less crypto operation */
+};
+
+/**
+ * Asymmetric Cryptographic Operation.
+ *
+ * This structure contains data relating to performing asymmetric cryptographic
+ * processing on a referenced mbuf data buffer.
+ *
+ * When an asymmetric crypto operation is enqueued with device for processing
+ * it must have a valid *rte_mbuf* structure attached, via m_src parameter,
+ * which contains the source data which the crypto operation is to be performed
+ * on.
+ * While the mbuf is in use by a crypto operation no part of the mbuf should be
+ * changed by the application as the device may read or write to any part of the
+ * mbuf. In the case of hardware crypto devices some or all of the mbuf
+ * may be DMAed in and out of the device, so writing over the original data.
+ * Asymmetric operation, in more than most cases, works in Out-of-place mode. ie
+ * source mbuf and destination mbuf will be different. Data will be copied from
+ * m_src to m_dst after transformation.
+ */
+struct rte_crypto_asym_op {
+ struct rte_mbuf *m_src; /**< source mbuf */
+ struct rte_mbuf *m_dst; /**< destination mbuf */
[Fiona] suggest removing mbufs from op and using specific named fields in the
per-type op structures instead, as unlikely the data would originate in an mbuf.
If it's expected that data could originate in an mbuf for a specific op type then put
the mbuf into the part of the union specific to that type.
This would also have the nice advantage of removing a lot of the notes under
data.offset below as the explicit naming of the params in the union should provide
more clarity.
[Umesh] I do agree that input data is unlikely to be presented to
crypto_op APIs as mbufs. Wanted opinion of others in the community
before deciding whether to omit mbufs or not.
Post by Trahe, Fiona
[Fiona] Can you add a note about long number format of all parameters, assume they
conform to PKCS#1 v2.1, section 4. It would be nice to call out the details re endianness,
leading zeros, etc explicitly in the API.
[Umesh] Sure.
Post by Trahe, Fiona
+
+ enum rte_crypto_asym_op_sess_type sess_type;
+
+ RTE_STD_C11
+ union {
+ enum rte_crypto_rsa_optype rsa_op;
+ /**< Type of RSA operation for transform */;
+ enum rte_crypto_modex_optype modex_op;
+ /**< Type of modular exponentiation operation */
+ enum rte_crypto_ecdsa_optype ecdsa_op;
+ /**< ECDSA crypto xform operation type */
+ enum rte_crypto_fecc_optype fecc_op;
+ /**< ECDSA crypto xform operation type */
+ };
+
+ RTE_STD_C11
+ union {
+ struct rte_cryptodev_asym_session *session;
+ /**< Handle for the initialised session context */
+ struct rte_crypto_asym_xform *xform;
+ /**< Session-less API crypto operation parameters */
+ };
+
+ struct {
+ uint32_t offset;
+ /**< Starting point for crypto processing, specified
+ * as number of bytes from start of data in the source
+ * buffer.
+ *
+ * RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT or RSA private
decrypt
specifies the
+ * data which is to be encrypted or decrypted respectively.
+ *
+ * RTE_CRYPTO_RSA_OP_SIGN, offset specifies the data for
+ * which the RSA signature is to be generated.
+ *
+ * RTE_CRYPTO_RSA_OP_VERIFY, offset specifies the data for
+ * which the signature is to be verified
+ *
+ * RTE_CRYPTO_ECDSA_OP_SIGN, offset specifies the data for
+ * which ECDSA signature is to be generated.
+ *
+ * RTE_CRYPTO_ECDSA_OP_VERIFY, offset specifies the data
for
+ * which ECDSA signature is to be verified.
+ *
+ * RTE_CRYPTO_MODEX_OP_MODEX, offset specifies the data
for
+ * which modular exponentiation is be performed.
+ *
+ * When the crypto trasnform is any of the fundamental ECC
and
+ * desitnation mbufs are unused.
+ */
+
+ uint32_t length;
+ /**<
+ * The message length, in bytes, in the source buffer
+ * on which the cryptographic transform will be
+ * performed.
+ *
+ * If the operation type involes RSA encrypt
+ * of data should be less than the prime modulus of RSA.
+ *
+ * If the operation type involves RSA decrypt
of
+ * data will be equal to RSA prime modulus length.
+ *
+ * If the operation type is RSA signature generation
should be
+ * less than prime modulus length in bytes. The maximum
length
+ * is dependent on the padding scheme selected.
+ *
+ * If the operation type is modular exponentiation,
+ * should be less than the prime modulus of the modex
+ * operation.
+ *
RTE_CRYPTO_ECDSA_OP_SIGN,
+ * only the leftmost prime_modulus length of data in bytes
+ * is considered for signature.
+ *
RTE_CRYPTO_ECDSA_OP_VERIFY,
+ * only the leftmost prime_modulus length of data in bytes is
+ * considered for signature verification.
+ */
+ } data;
+
+ RTE_STD_C11
+ union {
+
+ struct {
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } sign;
+ /**<
+ * Pointer to RSA signature data. If operation is RSA
be
+ * over-written with generated signature.
+ *
+ * Length of the signature data will be equal to the
+ * RSA prime modulus length.
+ */
+
+ enum rte_crypto_rsa_padding_type pad;
+ /**< RSA padding scheme to be used for transform */
+
+ enum rte_crypto_auth_algorithm md;
+ /**< Hash algorithm to be used for data hash if
padding
+ * scheme is either OAEP or PSS. Valid hash algorithms
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+
+ enum rte_crypto_auth_algorithm mgf1md;
+ /**<
+ * Hash algorithm to be used for mask generation if
+ * padding scheme is either OAEP or PSS. If padding
+ * scheme is unspecified data hash algorithm is used
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+ } rsa;
+
+ struct {
+ struct {
+ uint8_t *data;
+
+ phys_addr_t phys_addr;
+
+ size_t length;
+ } sign_r;
+ /**<
+ * Pointer to r-component of ECDSA signature. If
RTE_CRYPTO_ECDSA_OP_SIGN
+ * this buffer will be over-written with the signature
+ * component.
+ *
+ * Length of r-component will be less than the prime
+ * modulus of the ECC curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } sign_s;
+ /**<
+ * Pointer to s-component of ECDSA signature. If
RTE_CRYPTO_ECDSA_OP_VERIFY
+ * this buffer will be over-written with the signature
+ * component.
+ *
+ * Length of s-component will be less than the prime
+ * modulus of the ECC curve.
+ */
+
+ struct {
+ uint8_t *data;
+
+ phys_addr_t phys_addr;
+
+ size_t length;
+ } k;
+ /**<
+ * Pointer to random scalar to be used for generation
RTE_CRYPTO_ECDSA_OP_VERIFY.
+ * It is invalid if operation is ECDSA verify.
+ *
+ * Length of scalar K should be less than the prime
+ * modulus of the curve
+ */
+ } ecdsa;
+
+ struct {
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } px;
+ /**<
+ * Pointer to the X co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } py;
+ /**<
+ * Pointer to the Y co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } qx;
+ /**<
+ * Pointer to the X co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve. This data valid only for
RTE_CRYPTO_FECC_OP_POINT_ADD
+ * crypto transform.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } qy;
+ /**<
+ * Pointer to the X co-ordinate of the primary curve
+ * point for fundamental ECC operation.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve. This data valid only for
RTE_CRYPTO_FECC_OP_POINT_ADD
+ * crypto transform.
+ */
+
+ struct {
+ uint8_t *data;
+
+ phys_addr_t phys_addr;
+
+ size_t length;
+ } k;
+ /**<
+ * Pointer to scalar data to be used only for point
RTE_CRYPTO_FECC_OP_POINT_MULTIPLY
+ * crypto transform.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } rx;
+ /**<
+ * Pointer to the X co-ordinate of resultant point on
+ * the curve after fundamental ECC crypto transform.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+ } ry;
+ /**<
+ * Pointer to the Y co-ordinate of resultant point on
+ * the curve after fundamental ECC crypto transform.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+ } fecc;
+ };
+
+} __rte_cache_aligned;
+
+
+
+/**
+ * Reset the fields of an asymmetric operation to their default values.
+ *
+ */
+static inline void
+__rte_crypto_asym_op_reset(struct rte_crypto_asym_op *op)
+{
+ memset(op, 0, sizeof(*op));
+
+ op->sess_type = RTE_CRYPTO_ASYM_OP_SESSIONLESS;
+}
+
+
+/**
+ * Allocate space for asymmetric crypto xforms in the private data space of the
+ * crypto operation. This also defaults the crypto xform type to
+ * RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED and configures the chaining of the xforms
+ * in the crypto operation
+ *
+ * - On success returns pointer to first crypto xform in crypto operations chain
+ * - On failure returns NULL
+ */
+static inline struct rte_crypto_asym_xform *
+__rte_crypto_asym_op_asym_xforms_alloc(struct rte_crypto_asym_op *asym_op,
+ void *priv_data, uint8_t nb_xforms)
+{
+ struct rte_crypto_asym_xform *xform;
+
+ asym_op->xform = xform = (struct rte_crypto_asym_xform
*)priv_data;
+
+ do {
+ xform->type = RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED;
+ xform = xform->next = --nb_xforms > 0 ? xform + 1 : NULL;
+ } while (xform);
+
+ return asym_op->xform;
+}
+
+
+/**
+ * Attach a session to an asymmetric crypto operation
+ *
+ */
+static inline int
+__rte_crypto_asym_op_attach_asym_session(struct rte_crypto_asym_op *asym_op,
+ struct rte_cryptodev_asym_session *sess)
+{
+ asym_op->session = sess;
+ asym_op->sess_type = RTE_CRYPTO_ASYM_OP_WITH_SESSION;
+
+ return 0;
+}
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _RTE_CRYPTO_ASYM_H_ */
--
1.8.3.1
[Fiona] Capabilities and Stats APIs are needed.
[Umesh] Capability for non-ECC operations(RSA/DH/DSA/MODEXP/MODINV] are
decided by the range of modlength.
For ECC operations(ECDH,ECDSA,FECC), the capability for the operation is
decided by whether the curves is supported or not. Support for the curve
is a bit-field with each bit, corresponding to the enumerated value in the
curve list, representing each curve. Dividing the curves by their type,
binary/prime, helps in this scenario.
For ex in the curve list above, turning on bit in the third position in
the curve capability field enables support for RTE_CRYPTO_FECC_CURVE_P192.

Please share your thoughts. Should there by any other factor deciding on
the capability for a particular asymmetric operation?
Post by Trahe, Fiona
[Fiona] Though this API facilitates both symmetric and asymmetric operations
being sent to the same device and qp, in practice if this is done on a HW accelerator
it could result in head-of-line blocking due to the asym ops taking longer than the
symmetric ops.
Some HW accelerators avoid this issue by supporting sym and asym ops
on different qps on the same device. To avoid the application being aware of this
hardware configuration some changes to EAL would be useful to facilitate pci device sharing
between PMDs, enabling separation of sym and asym services onto different PMDs.
We will submit a patch to enable this.
[Fiona] will be interested to see the proposals for session pool for the WITH_SESSION case, e.g. is there a
dedicated asym session pool with duplication of the sym session mgmt fns in rte_cryptodev_ops? Or any
point in having a common session ?
Unlike symmetric operations, sessions will be unlikely be used for a
long duration. What is your opinion on asymmetric operations working only
in SESSION_LESS mode?
Umesh Kartha
2017-05-11 12:35:29 UTC
Permalink
This RFC contains specifications for asymmetric crypto algorithms.
Asymmetric crypto algorithms are essential part of protocols such as
SSL/TLS. As the current DPDK crypto library lacks support for asymmetric
crypto algorithms, this RFC is an attempt to address it.

Cavium offers PCI hardware accelerators that supports symmetric and
asymmetric crypto algorithms, of which a few are addressed in this RFC.
Once specifications are agreed upon, I can submit a patch for the same.
We will develop a poll mode driver which can offload to OpenSSL crypto
library and to Cavium crypto accelerator.

The asymmetric crypto algorithms supported in this version are:

1 RSA
- RSA Sign
- RSA Verify
- RSA Public Encrypt
- RSA Private Decrypt

Padding schemes supported for RSA operations are
* RSA PKCS#1 BT1
* RSA PKCS#1 BT2
* RSA PKCS#1 OAEP
* RSA PKCS#1 PSS

2 DH
- DH generate key
- DH compute key

3 ECDH
- ECDH generate key
- ECDH check key
- ECDH compute key

4 DSA
- DSA Sign
- DSA Verify

5 ECDSA
- ECDSA Sign
- ECDSA Verify

6 MODEXP

7 FUNDAMENTAL ECC
- Point Addition
- Point Multiplication
- Point Doubling

8 MODULAR INVERSE


Asymmetric crypto transform operations support both session oriented
mode and session less mode. If the operation is sessionless, an
asymmetric crypto transform structure, containing immutable parameters,
is passed along with per-operation mutable parameters in the structure.
Specific structures were written to contain immutable parameters
depending on algorithm used for crypto transform operation. The
parameters and type of transform is distinguished by the algorithm for
which the transform structure is filled. For a particular asymmetric
algorithm, not all parameters will be used and hence not required to be
filled.

Changes from RFC v1:

Added additional algorithms : DH/ECDH/MODINVERSE/DSA
Added additional curves for ECC operations: All cuves supported by libcrypto.
As per the comments received for RFC v1:
- removed mbufs from asymmetric crypto operation structure.
- added separate queue pair in device structure to handle asymmetric crypto
operations.
- added APIs to start/stop/initialize queue pairs to handle asymmetric crypto
operations.
- added asymmetric session structure and related APIs to handle session
operations (initialize/allocate/free) etc.

RFC v1: http://dpdk.org/ml/archives/dev/2017-March/060869.html

Umesh Kartha (3):
cryptodev: added asymmetric algorithms
cryptodev: asymmetric algorithm capability definitions
cryptodev: added asym queue pair, session apis

lib/librte_cryptodev/rte_crypto.h | 135 +++-
lib/librte_cryptodev/rte_crypto_asym.h | 1124 ++++++++++++++++++++++++++++++
lib/librte_cryptodev/rte_cryptodev.c | 782 ++++++++++++++++++++-
lib/librte_cryptodev/rte_cryptodev.h | 414 +++++++++++
lib/librte_cryptodev/rte_cryptodev_pmd.h | 113 +++
5 files changed, 2564 insertions(+), 4 deletions(-)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
--
1.8.3.1
Umesh Kartha
2017-05-11 12:35:30 UTC
Permalink
Added asymmetric xform structures, operation definitions, operation
parameters. Added asymmetric algorithms RSA, DH, ECDH, DSA, ECDSA,
MODEXP, FECC, MOD-INVERSE. Added curves (all curves supported by
libcrypto as of now).

Signed-off-by: Umesh Kartha <***@caviumnetworks.com>
---
lib/librte_cryptodev/rte_crypto_asym.h | 1124 ++++++++++++++++++++++++++++++++
1 file changed, 1124 insertions(+)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h

diff --git lib/librte_cryptodev/rte_crypto_asym.h lib/librte_cryptodev/rte_crypto_asym.h
new file mode 100644
index 0000000..36a8b4f
--- /dev/null
+++ lib/librte_cryptodev/rte_crypto_asym.h
@@ -0,0 +1,1124 @@
+/*
+ * BSD LICENSE
+ *
+ * Copyright (C) Cavium networks Ltd. 2017.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Cavium Networks nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _RTE_CRYPTO_ASYM_H_
+#define _RTE_CRYPTO_ASYM_H_
+
+/**
+ * @file rte_crypto_asym.h
+ *
+ * RTE Definitions for Asymmetric Cryptography
+ *
+ * Defines asymmetric algorithms and modes, as well as supported
+ * asymmetric crypto operations.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <string.h>
+#include <stdint.h>
+#include <rte_mbuf.h>
+#include <rte_memory.h>
+#include <rte_mempool.h>
+#include <rte_common.h>
+#include "rte_crypto_sym.h"
+
+typedef struct rte_crypto_xform_param_t {
+ uint8_t *data;
+ size_t length;
+} rte_crypto_xform_param;
+
+typedef struct rte_crypto_op_param_t {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+} rte_crypto_op_param;
+
+/** Asymmetric crypto transformation types */
+enum rte_crypto_asym_xform_type {
+ RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED = 0,
+ RTE_CRYPTO_ASYM_XFORM_RSA,
+ RTE_CRYPTO_ASYM_XFORM_MODEX,
+ RTE_CRYPTO_ASYM_XFORM_DH,
+ RTE_CRYPTO_ASYM_XFORM_ECDH,
+ RTE_CRYPTO_ASYM_XFORM_DSA,
+ RTE_CRYPTO_ASYM_XFORM_ECDSA,
+ RTE_CRYPTO_ASYM_XFORM_FECC,
+ RTE_CRYPTO_ASYM_XFORM_MODINV,
+ RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
+};
+
+/**
+ * RSA operation type variants
+ */
+enum rte_crypto_rsa_optype {
+ RTE_CRYPTO_RSA_OP_NOT_SPECIFIED = 1,
+ /**< RSA operation unspecified */
+ RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT,
+ /**< RSA public encrypt operation */
+ RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT,
+ /**< RSA private decrypt operation */
+ RTE_CRYPTO_RSA_OP_SIGN,
+ /**< RSA private key signature operation */
+ RTE_CRYPTO_RSA_OP_VERIFY,
+ /**< RSA public key verification operation */
+ RTE_CRYPTO_RSA_OP_LIST_END
+};
+
+/**
+ * Padding types for RSA signature.
+ */
+enum rte_crypto_rsa_padding_type {
+ RTE_CRYPTO_RSA_PADDING_NOT_SPECIFIED = 1,
+ /**< RSA no padding scheme */
+ RTE_CRYPTO_RSA_PADDING_BT1,
+ /**< RSA PKCS#1 padding BT1 scheme */
+ RTE_CRYPTO_RSA_PADDING_BT2,
+ /**< RSA PKCS#1 padding BT2 scheme */
+ RTE_CRYPTO_RSA_PADDING_OAEP,
+ /**< RSA PKCS#1 OAEP padding scheme */
+ RTE_CRYPTO_RSA_PADDING_PSS,
+ /**< RSA PKCS#1 PSS padding scheme */
+ RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END
+};
+
+/**
+ * Modular exponentiaion operation type variants
+ */
+enum rte_crypto_modex_optype {
+ RTE_CRYPTO_MODEX_OP_NOT_SPECIFIED = 1,
+ /**< ModEx operation type unspecified */
+ RTE_CRYPTO_MODEX_OP_MODEX,
+ /**< Modex operation modular exponentiation */
+ RTE_CRYPTO_MODEX_OP_LIST_END
+};
+
+/**
+ * Modular Inverse operation type variants
+ */
+enum rte_crypto_modeinv_optype {
+ RTE_CRYPTO_MODINV_OP_NOT_SPECIFIED = 1,
+ /**< ModInv operation type unspecified */
+ RTE_CRYPTO_MODINV_OP_MODINV,
+ /**< ModInv operation modular Inverse */
+ RTE_CRYPTO_MODEX_OP_LIST_END
+};
+
+/**
+ * DSA operation type variants
+ */
+enum rte_crypto_dsa_optype {
+ RTE_CRYPTO_DSA_OP_NOT_SPECIFIED = 1,
+ /**< DSA operation unspecified */
+ RTE_CRYPTO_DSA_OP_SIGN,
+ /**< DSA private key signature operation */
+ RTE_CRYPTO_DSA_OP_VERIFY,
+ /**< DSA public key verification operation */
+ RTE_CRYPTO_DSA_OP_LIST_END
+};
+
+
+/**
+ * ECDSA operation type variants
+ */
+enum rte_crypto_ecdsa_optype {
+ RTE_CRYPTO_ECDSA_OP_NOT_SPECIFIED = 1,
+ /**< ECDSA operation unspecified */
+ RTE_CRYPTO_ECDSA_OP_SIGN,
+ /**< ECDSA private key signature operation */
+ RTE_CRYPTO_ECDSA_OP_VERIFY,
+ /**< ECDSA public key verification operation */
+ RTE_CRYPTO_ECDSA_OP_LIST_END
+};
+
+/**
+ * Diffie Hellman Key operation variants
+ */
+enum rte_crypto_dh_optype {
+ RTE_CRYPTO_DH_OP_NOT_SPECIFIED = 1,
+ /**< DH operation unspecified */
+ RTE_CRYPTO_DH_OP_KEY_GENERATION,
+ /**< DH private/public key generation operation */
+ RTE_CRYPTO_DH_OP_KEY_COMPUTATION,
+ /**< DH private key computation operation */
+ RTE_CRYPTO_DH_OP_LIST_END
+};
+
+/**
+ * Elliptic Curve Diffie Hellman Key operation variants
+ */
+enum rte_crypto_ecdh_optype {
+ RTE_CRYPTO_ECDH_OP_NOT_SPECIFIED = 1,
+ /**< ECDH operation unspecified */
+ RTE_CRYPTO_ECDH_OP_KEY_GENERATION,
+ /**< ECDH private/public key generation operation */
+ RTE_CRYPTO_ECDH_OP_KEY_CHECK,
+ /**< ECDH public key validity check operation */
+ RTE_CRYPTO_ECDH_OP_KEY_COMPUTATION,
+ /**< ECDH private key computation operation */
+ RTE_CRYPTO_ECDH_OP_LIST_END
+};
+
+/**
+ * Fundamental ECC operation type variants.
+ */
+enum rte_crypto_fecc_optype {
+ RTE_CRYPTO_FECC_OP_NOT_SPECIFIED = 1,
+ /**< FECC operation type unspecified */
+ RTE_CRYPTO_FECC_OP_POINT_ADD,
+ /**< Fundamental ECC point addition operation */
+ RTE_CRYPTO_FECC_OP_POINT_DBL,
+ /**< Fundamental ECC point doubling operation */
+ RTE_CRYPTO_FECC_OP_POINT_MULTIPLY,
+ /**< Fundamental ECC point multiplication operation */
+ RTE_CRYPTO_FECC_OP_LIST_END
+};
+
+/**
+ * ECC list of curves.
+ */
+enum rte_crypto_ec_prime_curve {
+ RTE_CRYPTO_EC_CURVE_NOT_SPECIFIED = -1,
+ /**< Unspecified or empty curve id */
+ RTE_CRYPTO_EC_CURVE_secp112r1,
+ /**< SECG/WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp112r2,
+ /**< SECG curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp128r1,
+ /**< SECG curve over a 128 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp128r2,
+ /**< SECG curve over a 128 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160k1,
+ /**< SECG curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160r1,
+ /**< SECG curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160r2,
+ /**< SECG/WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp192k1,
+ /**< SECG curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp224k1,
+ /**< SECG curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp224r1,
+ /**< NIST/SECG curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp256k1,
+ /**< SECG curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp384r1,
+ /**< NIST/SECG curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp521r1,
+ /**< NIST/SECG curve over a 521 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v1,
+ /**< NIST/X9.62/SECG curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v2,
+ /**< X9.62 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v3,
+ /**< X9.62 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v1,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v2,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v3,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime256v1,
+ /**< X9.62/SECG curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls6,
+ /**< SECG/WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls7,
+ /**< SECG/WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls8,
+ /**< WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls9,
+ /**< WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls12,
+ /**< WTLS curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP160r1,
+ /**< RFC 5639 curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP160t1,
+ /**< RFC 5639 curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP192r1,
+ /**< RFC 5639 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP192t1,
+ /**< RFC 5639 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP224r1,
+ /**< RFC 5639 curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP224t1,
+ /**< RFC 5639 curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP256r1,
+ /**< RFC 5639 curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP256t1,
+ /**< RFC 5639 curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP320r1,
+ /**< RFC 5639 curve over a 320 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP320t1,
+ /**< RFC 5639 curve over a 320 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP384r1,
+ /**< RFC 5639 curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP384t1,
+ /**< RFC 5639 curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP512r1,
+ /**< RFC 5639 curve over a 512 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP512t1,
+ /**< RFC 5639 curve over a 512 bit prime field */
+ RTE_CRYPTO_EC_CURVE_x25519,
+ /**< Curve 25519 */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+enum rte_crypto_ec_binary_curve {
+ RTE_CRYPTO_EC_CURVE_NOT_SPECIFIED = -1,
+ /**< Unspecified or empty curve id */
+ RTE_CRYPTO_EC_CURVE_sect113r1,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect113r2,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect131r1,
+ /**< SECG/WTLS curve over a 131 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect131r2,
+ /**< SECG curve over a 131 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163k1,
+ /**< NIST/SECG/WTLS curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163r1,
+ /**< SECG curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163r2,
+ /**< NIST/SECG curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect193r1,
+ /**< SECG curve over a 193 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect193r2,
+ /**< SECG curve over a 193 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect233k1,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect233r1,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect239k1,
+ /**< SECG curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect283k1,
+ /**< NIST/SECG curve over a 283 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect283r1,
+ /**< NIST/SECG curve over a 283 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect409k1,
+ /**< NIST/SECG curve over a 409 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect409r1,
+ /**< NIST/SECG curve over a 409 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect571k1,
+ /**< NIST/SECG curve over a 571 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect571r1,
+ /**< NIST/SECG curve over a 571 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v1,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v2,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v3,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb176v1,
+ /**< X9.62 curve over a 176 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v1,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v2,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v3,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb208w1,
+ /**< X9.62 curve over a 208 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v1,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v2,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v3,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb272w1,
+ /**< X9.62 curve over a 272 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb304w1,
+ /**< X9.62 curve over a 304 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb359v1,
+ /**< X9.62 curve over a 359 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb368w1,
+ /**< X9.62 curve over a 368 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb431r1,
+ /**< X9.62 curve over a 431 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls1,
+ /**< WTLS curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls3,
+ /**< NIST/SECG/WTLS curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls4,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls5,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls10,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls11,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+/**
+ * Elliptic curve point format
+ */
+struct rte_crypto_ec_point {
+ struct {
+ int length;
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ /**< phys_addr is used only for points passed in the
+ * asym_op structure.
+ */
+ } x;
+ /**< X co-ordinate */
+
+ struct {
+ int length;
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ /**< phys_addr is used only for points passed in the
+ * operation structure
+ */
+ } y;
+ /**< Y co-ordinate */
+};
+
+/**
+ * Elliptic curve type
+ */
+enum rte_crypto_ec_curve_type {
+ RTE_CRYPTO_EC_CURVE_TYPE_UNDEFINED,
+ /**< Curve type undefined */
+ RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD,
+ /**< EC curve defined over a prime field */
+ RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD,
+ /**< EC curve defined over a binary field */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+/**
+ * Elliptic curve id
+ */
+struct rte_crypto_ec_curve_id {
+ RTE_STD_C11
+ union {
+ enum rte_crypto_ec_prime_curve pcurve;
+ enum rte_crypto_ec_binary_curve bcurve;
+ }
+};
+
+/**
+ * Asymmetric RSA transform data
+ *
+ * This structure contains data required to perform RSA crypto
+ * transform. If all CRT components are filled, RSA private key
+ * operations @ref RTE_CRYPTO_RSA_OP_SIGN and @ref
+ * RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT uses CRT method for crypto
+ * transform.
+ */
+struct rte_crypto_rsa_xform {
+
+ rte_crypto_xform_param n;
+ /**< n - Prime modulus
+ * Prime modulus data of RSA operation in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param e;
+ /**< e - Public key exponent
+ * Public key exponent used for RSA public key operations in Octet-
+ * string network byte order format.
+ */
+
+ rte_crypto_xform_param d;
+ /**< d - Private key exponent
+ * Private key exponent used for RSA private key operations in
+ * Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ /**< p - Private key component P
+ * Private key component of RSA parameter required for CRT method
+ * of private key operations in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param q;
+ /**< q - Private key component Q
+ * Private key component of RSA parameter required for CRT method
+ * of private key operations in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param dP;
+ /**< dP - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * dP = d mod ( p - 1 )
+ */
+
+ rte_crypto_xform_param dQ;
+ /**< dQ - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * dQ = d mod ( q - 1 )
+ */
+
+ rte_crypto_xform_param qInv;
+ /**< qInv - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * qInv = inv q mod p
+ */
+};
+
+/** Asymmetric Modular exponentiation transform data
+ *
+ * This structure contains data required to perform modular exponentation
+ * crypto transform. If all CRT components are valid, crypto transform
+ * operation follows CRT method.
+ */
+struct rte_crypto_modex_xform {
+
+ rte_crypto_xform_param modulus;
+ /**< modulus
+ * Prime modulus of the modexp transform operation in Octet-string
+ * network byte order format.
+ */
+
+ rte_crypto_xform_param exponent;
+ /**< exponent
+ * Private exponent of the modexp transform operation in
+ * Octet-string network byte order format.
+ */
+};
+
+/** Asymmetric DH transform data
+ * This structure contains data used to perform DH key
+ * computation
+ */
+struct rte_crypto_dh_xform {
+ rte_crypto_xform_param p;
+ /**< p : Prime modulus data
+ * DH prime modulous data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param g;
+ /**< g : Generator
+ * DH group generator data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param priv_key;
+ /**< priv_key
+ * DH private key data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param pub_key;
+ /**< pub_key
+ * DH public key data in Octet-string network byte order format.
+ */
+};
+
+/**Asymmetric ECDH transform data
+ * This structure contains data required to perform ECDH crypto
+ * transform
+ */
+struct rte_crypto_ecdh_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< ECDH curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+
+ rte_crypto_xform_param n;
+ /**< n : order
+ * ECDH curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ /**< p:
+ * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD:
+ * p holds the prime modulus data in Octet string format.
+ *
+ * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD:
+ * p holds reduction polynomial co-efficients and degree.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'b' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ struct rte_crypto_ec_point G;
+ /**< G: EC curve generator
+ * EC curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param pkey;
+ /**< pkey: Private key
+ * Private key data for ECDH operation in Octet-string network byte
+ * order format.
+ */
+
+ struct rte_crypto_ecpoint Q;
+ /**< Q: Public key point
+ * Public key point data of ECDH operation in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+};
+
+/** Asymmetric Digital Signature transform operation
+ *
+ * This structure contains data required to perform asymmetric
+ * digital signature crypto transform.
+ */
+struct rte_crypto_dsa_xform {
+
+ rte_crypto_xform_param p;
+ /**< p - Prime modulus
+ * Prime modulus data for DSA operation in Octet-string network byte
+ * order format.
+ */
+
+ rte_crypto_xform_param q;
+ /**< q : Order of the subgroup
+ * Order of the subgroup data in Octet-string network byte order
+ * format.
+ * q % (p-1) = 0
+ */
+
+ rte_crypto_xform_param g;
+ /**< g: Generator of the subgroup
+ * Generator data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param x;
+ /**< x: Private key of the signer
+ * Private key data in Octet-string network byte order format.
+ * Private key is valid only for signature generation operation.
+ */
+
+ rte_crypto_xform_param y;
+ /**< y : Public key of the signer.
+ * Public key data of the signer in Octet-string network byte order
+ * format.
+ * y = g^x mod p
+ */
+};
+
+/** Asymmetric ECDSA transform data
+ *
+ * This structure contains data required to perform ECDSA crypto
+ * transform.
+ */
+struct rte_crypto_ecdsa_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< ECDSA curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+ /**< EC curve ID */
+
+ rte_crypto_xform_param n;
+ /**< n : order
+ * ECDH curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ /**< p:
+ * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD:
+ * p holds the prime modulus data in Octet string format.
+ *
+ * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD:
+ * p holds reduction polynomial co-efficients and degree.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'b' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ struct rte_crypto_ecpoint G;
+ /**< G: EC curve generator
+ * EC curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param pkey;
+ /**< pkey: Private key
+ * Private key data of the signer for ECDSA signature generation
+ * operation in Octet-string network byte format. Parameter is
+ * invalid or unsed for signature verification.
+ */
+
+ struct rte_crypto_ecpoint Q;
+ /**< Q: Public key point
+ * Public key point data of ECDSA operation in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+};
+
+/** Asymmetric modular inverse transform operation
+ * This structure contains data required to perform
+ * asymmetric modular inverse crypto transform
+ */
+struct rte_crypto_modinv_xform {
+};
+
+/** Asymmetric Fundamental ECC transform operation
+ *
+ * This structure contains data required to perform asymmetric
+ * fundamental ECC crypto transform.
+ */
+struct rte_crypto_fecc_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< FECC curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+ /**< EC curve ID */
+
+ rte_crypto_xform_param order;
+ /**< order : ECC curve order
+ * Curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param prime;
+ /**< prime : Curve prime modulus data
+ * Prime modulus data in Octet-string network byte order format.
+ */
+
+ struct rte_crypto_ec_point G;
+ /**< G: curve generator point
+ * Curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+
+};
+
+/**
+ * Asymmetric crypto transform data
+ *
+ * This structure contains the data required to perform the
+ * asymmetric crypto transformation operation. The field op
+ * determines the asymmetric algorithm for transformation.
+ */
+struct rte_crypto_asym_xform {
+ struct rte_crypto_asym_xform *next;
+ enum rte_crypto_asym_xform_type xform_type;
+ /**< Asymmetric algorithm for crypto transform */
+
+ RTE_STD_C11
+ union {
+ struct rte_crypto_rsa_xform rsa;
+ struct rte_crypto_fecc_xform fecc;
+ struct rte_crypto_modex_xform modex;
+ struct rte_crypto_ecdsa_xform ecdsa;
+ struct rte_crypto_ecdh_xform ecdh;
+ struct rte_crypto_dsa_xform dsa;
+ };
+};
+
+struct rte_cryptodev_asym_session;
+
+/**
+ * Crypto operation session type. This is used to specify whether a crypto
+ * operation has session structure attached for immutable parameters or if all
+ * operation information is included in the operation data structure.
+ */
+enum rte_crypto_asym_op_sess_type {
+ RTE_CRYPTO_ASYM_OP_WITH_SESSION,
+ /**< Session based crypto operation */
+ RTE_CRYPTO_ASYM_OP_SESSIONLESS
+ /**< Session-less crypto operation */
+};
+
+/**
+ * Asymmetric Cryptographic Operation.
+ *
+ * This structure contains data relating to performing asymmetric cryptographic
+ * operation.
+ *
+ */
+struct rte_crypto_asym_op {
+
+ enum rte_crypto_asym_op_sess_type sess_type;
+ enum rte_crypto_asym_xform_type type;
+
+ RTE_STD_C11
+ union {
+ enum rte_crypto_rsa_optype rsa_op;
+ /**< Type of RSA operation for transform */;
+ enum rte_crypto_modex_optype modex_op;
+ /**< Type of modular exponentiation operation */
+ enum rte_crypto_ecdsa_optype ecdsa_op;
+ /**< ECDSA crypto xform operation type */
+ enum rte_crypto_fecc_optype fecc_op;
+ /**< ECDSA crypto xform operation type */
+ enum rte_crypto_dsa_optype dsa_op;
+ /**< DSA crypto xform operation type */
+ };
+
+ RTE_STD_C11
+ union {
+ struct rte_cryptodev_asym_session *session;
+ /**< Handle for the initialised session context */
+ struct rte_crypto_asym_xform *xform;
+ /**< Session-less API crypto operation parameters */
+ };
+
+ RTE_STD_C11
+ union {
+
+ struct {
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be encrypted for RSA public encrypt.
+ * - to be decrypted for RSA private decrypt.
+ * - to be signed for RSA sign generation.
+ * - to be authenticated for RSA sign verification.
+ */
+
+ rte_crypto_op_param sign;
+ /**<
+ * Pointer to RSA signature data. If operation is RSA
+ * sign @ref RTE_CRYPTO_RSA_OP_SIGN, buffer will be
+ * over-written with generated signature.
+ *
+ * Length of the signature data will be equal to the
+ * RSA prime modulus length.
+ */
+
+ enum rte_crypto_rsa_padding_type pad;
+ /**< RSA padding scheme to be used for transform */
+
+ enum rte_crypto_auth_algorithm md;
+ /**< Hash algorithm to be used for data hash if padding
+ * scheme is either OAEP or PSS. Valid hash algorithms
+ * are:
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+
+ enum rte_crypto_auth_algorithm mgf1md;
+ /**<
+ * Hash algorithm to be used for mask generation if
+ * padding scheme is either OAEP or PSS. If padding
+ * scheme is unspecified data hash algorithm is used
+ * for mask generation. Valid hash algorithms are:
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+ } rsa;
+
+ struct {
+ rte_crypto_op_param pub_key;
+ /**<
+ * If DH operation type is
+ * KEY_GENERATION:
+ * if priv_key and public key are provided, the keys
+ * are copied to DH xform structure, else key pair is
+ * generated and stored in DH xform structure.
+ * pub_key data should be in Octet-string network
+ * byte order format.
+ *
+ * KEY_COMPUTATION:
+ * pub_key holds the key shared by peer during DH
+ * key exchange. pub_key data is written as Octet-
+ * string network byte order format.
+ */
+ RTE_STD_C11
+ union {
+ rte_crypto_op_param priv_key;
+ /**<
+ * If DH operation type is KEY_GENERATION, and
+ * priv_key is provided, the key is copied to
+ * DH xform structure, else generated and stored
+ * in DH xform structure. priv_key data is in
+ * in Octet-string network byte order format.
+ */
+ rte_crypto_op_param shared_key;
+ /*
+ * If DH operation type is KEY_COMPUTATION:
+ * shared_key holds the shared secret
+ * computed. shared_key is written as
+ * Octet-string network byte order format.
+ */
+ };
+ } dh;
+
+ struct {
+ rte_crypto_op_param base;
+ /**<
+ * Pointer to base of modular exponentiation data in
+ * Octet-string network byte order format.
+ */
+ } modex;
+
+ struct {
+ rte_crypto_op_param priv_key;
+ /**<
+ * If ECDH operation type is KEY_GENERATION, and
+ * priv_key is provided, the key is copied to ECDH
+ * xform structure, else generated and stored in
+ * ECDH xform structure in Octet-string network byte
+ * order.
+ * If ECDH operation type is KEY_COMPUTATION:
+ * priv_key holds the 'X' co-ordinate of the shared
+ * secret EC point computed in Octet-string network
+ * byte order.
+ */
+
+ rte_crypto_ec_point pub_key;
+ /**<
+ * If ECDH operation type is
+ * KEY_GENERATION:
+ * if priv_key and public key are provided, the keys
+ * are copied ECDH xform structure, else key pair is
+ * generated and stored in ECDH xform structure.
+ *
+ * KEY_COMPUTATION:
+ * pub_key holds peer's public key during ECDH
+ * key exchange in Octet-string network byte order.
+ */
+ } ecdh;
+
+ struct {
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be signed for ECDSA signature generation.
+ * - to be authenticated for ECDSA sign verification.
+ */
+
+ rte_crypto_op_param sign;
+ /**<
+ * Pointer to ECDSA signature. If operation type is
+ * @ref RTE_CRYPTO_ECDSA_OP_VERIFY this buffer will be
+ * over-written with the signature.
+ *
+ * Length of ECDSA signature will be less than twice the
+ * length of prime modulus length.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to random scalar to be used for generation
+ * of ECDSA signature @ref RTE_CRYPTO_ECDSA_OP_SIGN.
+ * It is invalid if operation is ECDSA verify.
+ * Scalar data is in Octet-string network byte order
+ * format.
+ *
+ * Length of scalar K should be less than the prime
+ * modulus of the curve
+ */
+ } ecdsa;
+
+ struct {
+
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be signed for DSA signature generation.
+ * - to be authenticated for DSA sign verification.
+ *
+ * Length of data to be signed, if is more than
+ * prime modulus length, is truncated to length of
+ * prime modulus.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to random scalar to be used for DSA
+ * signature generation. K should be a non-zero number
+ * less than q. k is in Octet-string network byte
+ * order format.
+ */
+
+ } dsa;
+
+ struct {
+ struct rte_crypto_ec_point p;
+ /**<
+ * Pointer to primary curve point for fundamental
+ * ECC operation. Data is in Octet-string network
+ * byte order format.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct rte_crypto_ec_point q;
+ /**<
+ *
+ * Pointer to secondary curve point for fundamental
+ * ECC operation. Data is in Octet-string network
+ * byte order format.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve. This point is valid
+ * only for point addition optype
+ * RTE_CRYPTO_FECC_OP_POINT_ADD crypto transform.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to scalar data to be used only for point
+ * multiplication @ref RTE_CRYPTO_FECC_OP_POINT_MULTIPLY
+ * crypto transform. Data is in Octet-string network
+ * byte order format.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct rte_crypto_ec_point r;
+ /**<
+ * Pointer to the resultant point on the curve after
+ * fundamental ECC crypto transform. Data is in
+ * Octet-string network byte order format.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ } fecc;
+
+ struct {
+
+ rte_crypto_op_param prime;
+ /**<
+ * Pointer to the prime modulus data for modular
+ * inverse operation in Octet-string network byte
+ * order format.
+ */
+
+ rte_crypto_op_param base;
+ /**<
+ * Pointer to the base for the modular inverse
+ * operation in Octet-string network byte order
+ * format.
+ */
+ } modinv;
+ };
+
+} __rte_cache_aligned;
+
+
+
+/**
+ * Reset the fields of an asymmetric operation to their default values.
+ *
+ * @param op The crypto operation to be reset.
+ */
+static inline void
+__rte_crypto_asym_op_reset(struct rte_crypto_asym_op *op)
+{
+ memset(op, 0, sizeof(*op));
+
+ op->sess_type = RTE_CRYPTO_ASYM_OP_SESSIONLESS;
+}
+
+
+/**
+ * Allocate space for asymmetric crypto xforms in the private data space of the
+ * crypto operation. This also defaults the crypto xform type to
+ * RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED and configures the chaining of the xforms
+ * in the crypto operation
+ *
+ * @return
+ * - On success returns pointer to first crypto xform in crypto operations chain
+ * - On failure returns NULL
+ */
+static inline struct rte_crypto_asym_xform *
+__rte_crypto_asym_op_asym_xforms_alloc(struct rte_crypto_asym_op *asym_op,
+ void *priv_data, uint8_t nb_xforms)
+{
+ struct rte_crypto_asym_xform *xform;
+
+ asym_op->xform = xform = (struct rte_crypto_asym_xform *)priv_data;
+
+ do {
+ xform->type = RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED;
+ xform = xform->next = --nb_xforms > 0 ? xform + 1 : NULL;
+ } while (xform);
+
+ return asym_op->xform;
+}
+
+
+/**
+ * Attach a session to an asymmetric crypto operation
+ *
+ * @param asym_op crypto operation
+ * @param sess cryptodev session
+ */
+static inline int
+__rte_crypto_asym_op_attach_asym_session(struct rte_crypto_asym_op *asym_op,
+ struct rte_cryptodev_asym_session *sess)
+{
+ asym_op->session = sess;
+ asym_op->sess_type = RTE_CRYPTO_ASYM_OP_WITH_SESSION;
+
+ return 0;
+}
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _RTE_CRYPTO_ASYM_H_ */
--
1.8.3.1
Trahe, Fiona
2017-05-25 16:00:42 UTC
Permalink
Hi Umesh,
-----Original Message-----
Sent: Thursday, May 11, 2017 1:36 PM
Subject: [RFC PATCH v2 1/3] cryptodev: added asymmetric algorithms
Added asymmetric xform structures, operation definitions, operation
parameters. Added asymmetric algorithms RSA, DH, ECDH, DSA, ECDSA,
MODEXP, FECC, MOD-INVERSE. Added curves (all curves supported by
libcrypto as of now).
---
lib/librte_cryptodev/rte_crypto_asym.h | 1124 ++++++++++++++++++++++++++++++++
1 file changed, 1124 insertions(+)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
diff --git lib/librte_cryptodev/rte_crypto_asym.h lib/librte_cryptodev/rte_crypto_asym.h
new file mode 100644
index 0000000..36a8b4f
--- /dev/null
+++ lib/librte_cryptodev/rte_crypto_asym.h
@@ -0,0 +1,1124 @@
+/*
+ * BSD LICENSE
+ *
+ * Copyright (C) Cavium networks Ltd. 2017.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Cavium Networks nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _RTE_CRYPTO_ASYM_H_
+#define _RTE_CRYPTO_ASYM_H_
+
+/**
+ *
+ * RTE Definitions for Asymmetric Cryptography
+ *
+ * Defines asymmetric algorithms and modes, as well as supported
+ * asymmetric crypto operations.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <string.h>
+#include <stdint.h>
+#include <rte_mbuf.h>
+#include <rte_memory.h>
+#include <rte_mempool.h>
+#include <rte_common.h>
+#include "rte_crypto_sym.h"
+
+typedef struct rte_crypto_xform_param_t {
+ uint8_t *data;
+ size_t length;
+} rte_crypto_xform_param;
+
+typedef struct rte_crypto_op_param_t {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+} rte_crypto_op_param;
[Fiona] Are both above lengths in bytes ?
+
+/** Asymmetric crypto transformation types */
+enum rte_crypto_asym_xform_type {
+ RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED = 0,
+ RTE_CRYPTO_ASYM_XFORM_RSA,
+ RTE_CRYPTO_ASYM_XFORM_MODEX,
+ RTE_CRYPTO_ASYM_XFORM_DH,
+ RTE_CRYPTO_ASYM_XFORM_ECDH,
+ RTE_CRYPTO_ASYM_XFORM_DSA,
+ RTE_CRYPTO_ASYM_XFORM_ECDSA,
+ RTE_CRYPTO_ASYM_XFORM_FECC,
+ RTE_CRYPTO_ASYM_XFORM_MODINV,
+ RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
+};
+
+/**
+ * RSA operation type variants
+ */
+enum rte_crypto_rsa_optype {
+ RTE_CRYPTO_RSA_OP_NOT_SPECIFIED = 1,
[Fiona] Is there a reason for not starting at 0 in all these enums?
+ /**< RSA operation unspecified */
+ RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT,
+ /**< RSA public encrypt operation */
+ RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT,
+ /**< RSA private decrypt operation */
+ RTE_CRYPTO_RSA_OP_SIGN,
+ /**< RSA private key signature operation */
+ RTE_CRYPTO_RSA_OP_VERIFY,
+ /**< RSA public key verification operation */
+ RTE_CRYPTO_RSA_OP_LIST_END
+};
+
+/**
+ * Padding types for RSA signature.
+ */
+enum rte_crypto_rsa_padding_type {
+ RTE_CRYPTO_RSA_PADDING_NOT_SPECIFIED = 1,
+ /**< RSA no padding scheme */
+ RTE_CRYPTO_RSA_PADDING_BT1,
+ /**< RSA PKCS#1 padding BT1 scheme */
+ RTE_CRYPTO_RSA_PADDING_BT2,
+ /**< RSA PKCS#1 padding BT2 scheme */
+ RTE_CRYPTO_RSA_PADDING_OAEP,
+ /**< RSA PKCS#1 OAEP padding scheme */
+ RTE_CRYPTO_RSA_PADDING_PSS,
+ /**< RSA PKCS#1 PSS padding scheme */
+ RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END
+};
+
+/**
+ * Modular exponentiaion operation type variants
+ */
+enum rte_crypto_modex_optype {
+ RTE_CRYPTO_MODEX_OP_NOT_SPECIFIED = 1,
+ /**< ModEx operation type unspecified */
+ RTE_CRYPTO_MODEX_OP_MODEX,
+ /**< Modex operation modular exponentiation */
+ RTE_CRYPTO_MODEX_OP_LIST_END
+};
+
+/**
+ * Modular Inverse operation type variants
+ */
+enum rte_crypto_modeinv_optype {
+ RTE_CRYPTO_MODINV_OP_NOT_SPECIFIED = 1,
+ /**< ModInv operation type unspecified */
+ RTE_CRYPTO_MODINV_OP_MODINV,
+ /**< ModInv operation modular Inverse */
+ RTE_CRYPTO_MODEX_OP_LIST_END
+};
+
+/**
+ * DSA operation type variants
+ */
+enum rte_crypto_dsa_optype {
+ RTE_CRYPTO_DSA_OP_NOT_SPECIFIED = 1,
+ /**< DSA operation unspecified */
+ RTE_CRYPTO_DSA_OP_SIGN,
+ /**< DSA private key signature operation */
+ RTE_CRYPTO_DSA_OP_VERIFY,
+ /**< DSA public key verification operation */
+ RTE_CRYPTO_DSA_OP_LIST_END
+};
+
+
+/**
+ * ECDSA operation type variants
+ */
+enum rte_crypto_ecdsa_optype {
+ RTE_CRYPTO_ECDSA_OP_NOT_SPECIFIED = 1,
+ /**< ECDSA operation unspecified */
+ RTE_CRYPTO_ECDSA_OP_SIGN,
+ /**< ECDSA private key signature operation */
+ RTE_CRYPTO_ECDSA_OP_VERIFY,
+ /**< ECDSA public key verification operation */
+ RTE_CRYPTO_ECDSA_OP_LIST_END
+};
+
+/**
+ * Diffie Hellman Key operation variants
+ */
+enum rte_crypto_dh_optype {
+ RTE_CRYPTO_DH_OP_NOT_SPECIFIED = 1,
+ /**< DH operation unspecified */
+ RTE_CRYPTO_DH_OP_KEY_GENERATION,
+ /**< DH private/public key generation operation */
+ RTE_CRYPTO_DH_OP_KEY_COMPUTATION,
+ /**< DH private key computation operation */
+ RTE_CRYPTO_DH_OP_LIST_END
+};
+
+/**
+ * Elliptic Curve Diffie Hellman Key operation variants
+ */
+enum rte_crypto_ecdh_optype {
+ RTE_CRYPTO_ECDH_OP_NOT_SPECIFIED = 1,
+ /**< ECDH operation unspecified */
+ RTE_CRYPTO_ECDH_OP_KEY_GENERATION,
+ /**< ECDH private/public key generation operation */
+ RTE_CRYPTO_ECDH_OP_KEY_CHECK,
+ /**< ECDH public key validity check operation */
+ RTE_CRYPTO_ECDH_OP_KEY_COMPUTATION,
+ /**< ECDH private key computation operation */
+ RTE_CRYPTO_ECDH_OP_LIST_END
+};
+
+/**
+ * Fundamental ECC operation type variants.
+ */
+enum rte_crypto_fecc_optype {
+ RTE_CRYPTO_FECC_OP_NOT_SPECIFIED = 1,
+ /**< FECC operation type unspecified */
+ RTE_CRYPTO_FECC_OP_POINT_ADD,
+ /**< Fundamental ECC point addition operation */
+ RTE_CRYPTO_FECC_OP_POINT_DBL,
+ /**< Fundamental ECC point doubling operation */
+ RTE_CRYPTO_FECC_OP_POINT_MULTIPLY,
+ /**< Fundamental ECC point multiplication operation */
+ RTE_CRYPTO_FECC_OP_LIST_END
+};
+
+/**
+ * ECC list of curves.
+ */
+enum rte_crypto_ec_prime_curve {
+ RTE_CRYPTO_EC_CURVE_NOT_SPECIFIED = -1,
[Fiona] Why -1 ?
+ /**< Unspecified or empty curve id */
+ RTE_CRYPTO_EC_CURVE_secp112r1,
+ /**< SECG/WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp112r2,
+ /**< SECG curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp128r1,
+ /**< SECG curve over a 128 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp128r2,
+ /**< SECG curve over a 128 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160k1,
+ /**< SECG curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160r1,
+ /**< SECG curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160r2,
+ /**< SECG/WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp192k1,
+ /**< SECG curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp224k1,
+ /**< SECG curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp224r1,
+ /**< NIST/SECG curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp256k1,
+ /**< SECG curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp384r1,
+ /**< NIST/SECG curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp521r1,
+ /**< NIST/SECG curve over a 521 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v1,
+ /**< NIST/X9.62/SECG curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v2,
+ /**< X9.62 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v3,
+ /**< X9.62 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v1,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v2,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v3,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime256v1,
+ /**< X9.62/SECG curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls6,
+ /**< SECG/WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls7,
+ /**< SECG/WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls8,
+ /**< WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls9,
+ /**< WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls12,
+ /**< WTLS curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP160r1,
+ /**< RFC 5639 curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP160t1,
+ /**< RFC 5639 curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP192r1,
+ /**< RFC 5639 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP192t1,
+ /**< RFC 5639 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP224r1,
+ /**< RFC 5639 curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP224t1,
+ /**< RFC 5639 curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP256r1,
+ /**< RFC 5639 curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP256t1,
+ /**< RFC 5639 curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP320r1,
+ /**< RFC 5639 curve over a 320 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP320t1,
+ /**< RFC 5639 curve over a 320 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP384r1,
+ /**< RFC 5639 curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP384t1,
+ /**< RFC 5639 curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP512r1,
+ /**< RFC 5639 curve over a 512 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP512t1,
+ /**< RFC 5639 curve over a 512 bit prime field */
+ RTE_CRYPTO_EC_CURVE_x25519,
+ /**< Curve 25519 */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+enum rte_crypto_ec_binary_curve {
+ RTE_CRYPTO_EC_CURVE_NOT_SPECIFIED = -1,
+ /**< Unspecified or empty curve id */
+ RTE_CRYPTO_EC_CURVE_sect113r1,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect113r2,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect131r1,
+ /**< SECG/WTLS curve over a 131 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect131r2,
+ /**< SECG curve over a 131 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163k1,
+ /**< NIST/SECG/WTLS curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163r1,
+ /**< SECG curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163r2,
+ /**< NIST/SECG curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect193r1,
+ /**< SECG curve over a 193 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect193r2,
+ /**< SECG curve over a 193 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect233k1,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect233r1,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect239k1,
+ /**< SECG curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect283k1,
+ /**< NIST/SECG curve over a 283 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect283r1,
+ /**< NIST/SECG curve over a 283 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect409k1,
+ /**< NIST/SECG curve over a 409 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect409r1,
+ /**< NIST/SECG curve over a 409 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect571k1,
+ /**< NIST/SECG curve over a 571 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect571r1,
+ /**< NIST/SECG curve over a 571 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v1,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v2,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v3,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb176v1,
+ /**< X9.62 curve over a 176 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v1,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v2,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v3,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb208w1,
+ /**< X9.62 curve over a 208 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v1,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v2,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v3,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb272w1,
+ /**< X9.62 curve over a 272 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb304w1,
+ /**< X9.62 curve over a 304 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb359v1,
+ /**< X9.62 curve over a 359 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb368w1,
+ /**< X9.62 curve over a 368 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb431r1,
+ /**< X9.62 curve over a 431 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls1,
+ /**< WTLS curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls3,
+ /**< NIST/SECG/WTLS curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls4,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls5,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls10,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls11,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+/**
+ * Elliptic curve point format
+ */
+struct rte_crypto_ec_point {
+ struct {
+ int length;
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ /**< phys_addr is used only for points passed in the
+ * asym_op structure.
+ */
+ } x;
+ /**< X co-ordinate */
+
+ struct {
+ int length;
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ /**< phys_addr is used only for points passed in the
+ * operation structure
+ */
+ } y;
+ /**< Y co-ordinate */
+};
+
+/**
+ * Elliptic curve type
+ */
+enum rte_crypto_ec_curve_type {
+ RTE_CRYPTO_EC_CURVE_TYPE_UNDEFINED,
+ /**< Curve type undefined */
+ RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD,
+ /**< EC curve defined over a prime field */
+ RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD,
+ /**< EC curve defined over a binary field */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+/**
+ * Elliptic curve id
+ */
+struct rte_crypto_ec_curve_id {
+ RTE_STD_C11
+ union {
+ enum rte_crypto_ec_prime_curve pcurve;
+ enum rte_crypto_ec_binary_curve bcurve;
+ }
+};
+
+/**
+ * Asymmetric RSA transform data
+ *
+ * This structure contains data required to perform RSA crypto
+ * transform. If all CRT components are filled, RSA private key
+ * RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT uses CRT method for crypto
+ * transform.
+ */
+struct rte_crypto_rsa_xform {
+
+ rte_crypto_xform_param n;
+ /**< n - Prime modulus
+ * Prime modulus data of RSA operation in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param e;
+ /**< e - Public key exponent
+ * Public key exponent used for RSA public key operations in Octet-
+ * string network byte order format.
+ */
+
+ rte_crypto_xform_param d;
+ /**< d - Private key exponent
+ * Private key exponent used for RSA private key operations in
+ * Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ /**< p - Private key component P
+ * Private key component of RSA parameter required for CRT method
+ * of private key operations in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param q;
+ /**< q - Private key component Q
+ * Private key component of RSA parameter required for CRT method
+ * of private key operations in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param dP;
+ /**< dP - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * dP = d mod ( p - 1 )
+ */
+
+ rte_crypto_xform_param dQ;
+ /**< dQ - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * dQ = d mod ( q - 1 )
+ */
+
+ rte_crypto_xform_param qInv;
+ /**< qInv - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * qInv = inv q mod p
+ */
+};
+
+/** Asymmetric Modular exponentiation transform data
+ *
+ * This structure contains data required to perform modular exponentation
+ * crypto transform. If all CRT components are valid, crypto transform
+ * operation follows CRT method.
+ */
+struct rte_crypto_modex_xform {
+
+ rte_crypto_xform_param modulus;
+ /**< modulus
+ * Prime modulus of the modexp transform operation in Octet-string
+ * network byte order format.
+ */
+
+ rte_crypto_xform_param exponent;
+ /**< exponent
+ * Private exponent of the modexp transform operation in
+ * Octet-string network byte order format.
+ */
+};
+
+/** Asymmetric DH transform data
+ * This structure contains data used to perform DH key
+ * computation
+ */
+struct rte_crypto_dh_xform {
+ rte_crypto_xform_param p;
+ /**< p : Prime modulus data
+ * DH prime modulous data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param g;
+ /**< g : Generator
+ * DH group generator data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param priv_key;
+ /**< priv_key
+ * DH private key data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param pub_key;
+ /**< pub_key
+ * DH public key data in Octet-string network byte order format.
+ */
+};
+
+/**Asymmetric ECDH transform data
+ * This structure contains data required to perform ECDH crypto
+ * transform
+ */
+struct rte_crypto_ecdh_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< ECDH curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+
+ rte_crypto_xform_param n;
+ /**< n : order
+ * ECDH curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ * p holds the prime modulus data in Octet string format.
+ *
+ * p holds reduction polynomial co-efficients and degree.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'b' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ struct rte_crypto_ec_point G;
+ /**< G: EC curve generator
+ * EC curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param pkey;
+ /**< pkey: Private key
+ * Private key data for ECDH operation in Octet-string network byte
+ * order format.
+ */
+
+ struct rte_crypto_ecpoint Q;
+ /**< Q: Public key point
+ * Public key point data of ECDH operation in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+};
+
+/** Asymmetric Digital Signature transform operation
+ *
+ * This structure contains data required to perform asymmetric
+ * digital signature crypto transform.
+ */
+struct rte_crypto_dsa_xform {
+
+ rte_crypto_xform_param p;
+ /**< p - Prime modulus
+ * Prime modulus data for DSA operation in Octet-string network byte
+ * order format.
+ */
+
+ rte_crypto_xform_param q;
+ /**< q : Order of the subgroup
+ * Order of the subgroup data in Octet-string network byte order
+ * format.
+ * q % (p-1) = 0
+ */
+
+ rte_crypto_xform_param g;
+ /**< g: Generator of the subgroup
+ * Generator data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param x;
+ /**< x: Private key of the signer
+ * Private key data in Octet-string network byte order format.
+ * Private key is valid only for signature generation operation.
+ */
+
+ rte_crypto_xform_param y;
+ /**< y : Public key of the signer.
+ * Public key data of the signer in Octet-string network byte order
+ * format.
+ * y = g^x mod p
+ */
+};
+
+/** Asymmetric ECDSA transform data
+ *
+ * This structure contains data required to perform ECDSA crypto
+ * transform.
+ */
+struct rte_crypto_ecdsa_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< ECDSA curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+ /**< EC curve ID */
+
+ rte_crypto_xform_param n;
+ /**< n : order
+ * ECDH curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ * p holds the prime modulus data in Octet string format.
+ *
+ * p holds reduction polynomial co-efficients and degree.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'b' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ struct rte_crypto_ecpoint G;
+ /**< G: EC curve generator
+ * EC curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param pkey;
+ /**< pkey: Private key
+ * Private key data of the signer for ECDSA signature generation
+ * operation in Octet-string network byte format. Parameter is
+ * invalid or unsed for signature verification.
+ */
+
+ struct rte_crypto_ecpoint Q;
+ /**< Q: Public key point
+ * Public key point data of ECDSA operation in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+};
+
+/** Asymmetric modular inverse transform operation
+ * This structure contains data required to perform
+ * asymmetric modular inverse crypto transform
+ */
+struct rte_crypto_modinv_xform {
+};
+
+/** Asymmetric Fundamental ECC transform operation
+ *
+ * This structure contains data required to perform asymmetric
+ * fundamental ECC crypto transform.
+ */
+struct rte_crypto_fecc_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< FECC curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+ /**< EC curve ID */
+
+ rte_crypto_xform_param order;
+ /**< order : ECC curve order
+ * Curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param prime;
+ /**< prime : Curve prime modulus data
+ * Prime modulus data in Octet-string network byte order format.
+ */
+
+ struct rte_crypto_ec_point G;
+ /**< G: curve generator point
+ * Curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+
+};
+
+/**
+ * Asymmetric crypto transform data
+ *
+ * This structure contains the data required to perform the
+ * asymmetric crypto transformation operation. The field op
+ * determines the asymmetric algorithm for transformation.
+ */
+struct rte_crypto_asym_xform {
+ struct rte_crypto_asym_xform *next;
+ enum rte_crypto_asym_xform_type xform_type;
+ /**< Asymmetric algorithm for crypto transform */
+
+ RTE_STD_C11
+ union {
+ struct rte_crypto_rsa_xform rsa;
+ struct rte_crypto_fecc_xform fecc;
+ struct rte_crypto_modex_xform modex;
+ struct rte_crypto_ecdsa_xform ecdsa;
+ struct rte_crypto_ecdh_xform ecdh;
+ struct rte_crypto_dsa_xform dsa;
+ };
+};
+
+struct rte_cryptodev_asym_session;
+
+/**
+ * Crypto operation session type. This is used to specify whether a crypto
+ * operation has session structure attached for immutable parameters or if all
+ * operation information is included in the operation data structure.
+ */
+enum rte_crypto_asym_op_sess_type {
+ RTE_CRYPTO_ASYM_OP_WITH_SESSION,
+ /**< Session based crypto operation */
+ RTE_CRYPTO_ASYM_OP_SESSIONLESS
+ /**< Session-less crypto operation */
+};
+
+/**
+ * Asymmetric Cryptographic Operation.
+ *
+ * This structure contains data relating to performing asymmetric cryptographic
+ * operation.
+ *
+ */
+struct rte_crypto_asym_op {
+
+ enum rte_crypto_asym_op_sess_type sess_type;
+ enum rte_crypto_asym_xform_type type;
+
+ RTE_STD_C11
+ union {
+ enum rte_crypto_rsa_optype rsa_op;
+ /**< Type of RSA operation for transform */;
+ enum rte_crypto_modex_optype modex_op;
+ /**< Type of modular exponentiation operation */
+ enum rte_crypto_ecdsa_optype ecdsa_op;
+ /**< ECDSA crypto xform operation type */
+ enum rte_crypto_fecc_optype fecc_op;
+ /**< ECDSA crypto xform operation type */
+ enum rte_crypto_dsa_optype dsa_op;
+ /**< DSA crypto xform operation type */
+ };
+
+ RTE_STD_C11
+ union {
+ struct rte_cryptodev_asym_session *session;
+ /**< Handle for the initialised session context */
+ struct rte_crypto_asym_xform *xform;
+ /**< Session-less API crypto operation parameters */
+ };
+
+ RTE_STD_C11
+ union {
+
+ struct {
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be encrypted for RSA public encrypt.
+ * - to be decrypted for RSA private decrypt.
+ * - to be signed for RSA sign generation.
+ * - to be authenticated for RSA sign verification.
+ */
+
+ rte_crypto_op_param sign;
+ /**<
+ * Pointer to RSA signature data. If operation is RSA
+ * over-written with generated signature.
+ *
+ * Length of the signature data will be equal to the
+ * RSA prime modulus length.
+ */
+
+ enum rte_crypto_rsa_padding_type pad;
+ /**< RSA padding scheme to be used for transform */
+
+ enum rte_crypto_auth_algorithm md;
+ /**< Hash algorithm to be used for data hash if padding
+ * scheme is either OAEP or PSS. Valid hash algorithms
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+
+ enum rte_crypto_auth_algorithm mgf1md;
+ /**<
+ * Hash algorithm to be used for mask generation if
+ * padding scheme is either OAEP or PSS. If padding
+ * scheme is unspecified data hash algorithm is used
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+ } rsa;
+
+ struct {
+ rte_crypto_op_param pub_key;
+ /**<
+ * If DH operation type is
+ * if priv_key and public key are provided, the keys
+ * are copied to DH xform structure, else key pair is
+ * generated and stored in DH xform structure.
+ * pub_key data should be in Octet-string network
+ * byte order format.
+ *
+ * pub_key holds the key shared by peer during DH
+ * key exchange. pub_key data is written as Octet-
+ * string network byte order format.
+ */
+ RTE_STD_C11
+ union {
+ rte_crypto_op_param priv_key;
+ /**<
+ * If DH operation type is KEY_GENERATION, and
+ * priv_key is provided, the key is copied to
+ * DH xform structure, else generated and stored
+ * in DH xform structure. priv_key data is in
+ * in Octet-string network byte order format.
+ */
+ rte_crypto_op_param shared_key;
+ /*
+ * shared_key holds the shared secret
+ * computed. shared_key is written as
+ * Octet-string network byte order format.
+ */
+ };
+ } dh;
+
+ struct {
+ rte_crypto_op_param base;
+ /**<
+ * Pointer to base of modular exponentiation data in
+ * Octet-string network byte order format.
+ */
+ } modex;
+
+ struct {
+ rte_crypto_op_param priv_key;
+ /**<
+ * If ECDH operation type is KEY_GENERATION, and
+ * priv_key is provided, the key is copied to ECDH
+ * xform structure, else generated and stored in
+ * ECDH xform structure in Octet-string network byte
+ * order.
+ * priv_key holds the 'X' co-ordinate of the shared
+ * secret EC point computed in Octet-string network
+ * byte order.
+ */
+
+ rte_crypto_ec_point pub_key;
+ /**<
+ * If ECDH operation type is
+ * if priv_key and public key are provided, the keys
+ * are copied ECDH xform structure, else key pair is
+ * generated and stored in ECDH xform structure.
+ *
+ * pub_key holds peer's public key during ECDH
+ * key exchange in Octet-string network byte order.
+ */
+ } ecdh;
+
+ struct {
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be signed for ECDSA signature generation.
+ * - to be authenticated for ECDSA sign verification.
+ */
+
+ rte_crypto_op_param sign;
+ /**<
+ * Pointer to ECDSA signature. If operation type is
+ * over-written with the signature.
+ *
+ * Length of ECDSA signature will be less than twice the
+ * length of prime modulus length.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to random scalar to be used for generation
+ * It is invalid if operation is ECDSA verify.
+ * Scalar data is in Octet-string network byte order
+ * format.
+ *
+ * Length of scalar K should be less than the prime
+ * modulus of the curve
+ */
+ } ecdsa;
+
+ struct {
+
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be signed for DSA signature generation.
+ * - to be authenticated for DSA sign verification.
+ *
+ * Length of data to be signed, if is more than
+ * prime modulus length, is truncated to length of
+ * prime modulus.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to random scalar to be used for DSA
+ * signature generation. K should be a non-zero number
+ * less than q. k is in Octet-string network byte
+ * order format.
+ */
+
+ } dsa;
+
+ struct {
+ struct rte_crypto_ec_point p;
+ /**<
+ * Pointer to primary curve point for fundamental
+ * ECC operation. Data is in Octet-string network
+ * byte order format.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct rte_crypto_ec_point q;
+ /**<
+ *
+ * Pointer to secondary curve point for fundamental
+ * ECC operation. Data is in Octet-string network
+ * byte order format.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve. This point is valid
+ * only for point addition optype
+ * RTE_CRYPTO_FECC_OP_POINT_ADD crypto transform.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to scalar data to be used only for point
+ * crypto transform. Data is in Octet-string network
+ * byte order format.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct rte_crypto_ec_point r;
+ /**<
+ * Pointer to the resultant point on the curve after
+ * fundamental ECC crypto transform. Data is in
+ * Octet-string network byte order format.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ } fecc;
+
+ struct {
+
+ rte_crypto_op_param prime;
+ /**<
+ * Pointer to the prime modulus data for modular
+ * inverse operation in Octet-string network byte
+ * order format.
+ */
+
+ rte_crypto_op_param base;
+ /**<
+ * Pointer to the base for the modular inverse
+ * operation in Octet-string network byte order
+ * format.
+ */
+ } modinv;
+ };
+
+} __rte_cache_aligned;
+
+
+
+/**
+ * Reset the fields of an asymmetric operation to their default values.
+ *
+ */
+static inline void
+__rte_crypto_asym_op_reset(struct rte_crypto_asym_op *op)
+{
+ memset(op, 0, sizeof(*op));
+
+ op->sess_type = RTE_CRYPTO_ASYM_OP_SESSIONLESS;
+}
+
+
+/**
+ * Allocate space for asymmetric crypto xforms in the private data space of the
+ * crypto operation. This also defaults the crypto xform type to
+ * RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED and configures the chaining of the xforms
+ * in the crypto operation
+ *
+ * - On success returns pointer to first crypto xform in crypto operations chain
+ * - On failure returns NULL
+ */
+static inline struct rte_crypto_asym_xform *
+__rte_crypto_asym_op_asym_xforms_alloc(struct rte_crypto_asym_op *asym_op,
+ void *priv_data, uint8_t nb_xforms)
+{
+ struct rte_crypto_asym_xform *xform;
+
+ asym_op->xform = xform = (struct rte_crypto_asym_xform *)priv_data;
+
+ do {
+ xform->type = RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED;
+ xform = xform->next = --nb_xforms > 0 ? xform + 1 : NULL;
+ } while (xform);
+
+ return asym_op->xform;
+}
+
+
+/**
+ * Attach a session to an asymmetric crypto operation
+ *
+ */
+static inline int
+__rte_crypto_asym_op_attach_asym_session(struct rte_crypto_asym_op *asym_op,
+ struct rte_cryptodev_asym_session *sess)
+{
+ asym_op->session = sess;
+ asym_op->sess_type = RTE_CRYPTO_ASYM_OP_WITH_SESSION;
+
+ return 0;
+}
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _RTE_CRYPTO_ASYM_H_ */
--
1.8.3.1
Umesh Kartha
2017-05-26 07:18:25 UTC
Permalink
Hi Fiona,
Post by Trahe, Fiona
Hi Umesh,
-----Original Message-----
Sent: Thursday, May 11, 2017 1:36 PM
Subject: [RFC PATCH v2 1/3] cryptodev: added asymmetric algorithms
Added asymmetric xform structures, operation definitions, operation
parameters. Added asymmetric algorithms RSA, DH, ECDH, DSA, ECDSA,
MODEXP, FECC, MOD-INVERSE. Added curves (all curves supported by
libcrypto as of now).
---
lib/librte_cryptodev/rte_crypto_asym.h | 1124 ++++++++++++++++++++++++++++++++
1 file changed, 1124 insertions(+)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
diff --git lib/librte_cryptodev/rte_crypto_asym.h lib/librte_cryptodev/rte_crypto_asym.h
new file mode 100644
index 0000000..36a8b4f
--- /dev/null
+++ lib/librte_cryptodev/rte_crypto_asym.h
@@ -0,0 +1,1124 @@
+/*
+ * BSD LICENSE
+ *
+ * Copyright (C) Cavium networks Ltd. 2017.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Cavium Networks nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _RTE_CRYPTO_ASYM_H_
+#define _RTE_CRYPTO_ASYM_H_
+
+/**
+ *
+ * RTE Definitions for Asymmetric Cryptography
+ *
+ * Defines asymmetric algorithms and modes, as well as supported
+ * asymmetric crypto operations.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <string.h>
+#include <stdint.h>
+#include <rte_mbuf.h>
+#include <rte_memory.h>
+#include <rte_mempool.h>
+#include <rte_common.h>
+#include "rte_crypto_sym.h"
+
+typedef struct rte_crypto_xform_param_t {
+ uint8_t *data;
+ size_t length;
+} rte_crypto_xform_param;
+
+typedef struct rte_crypto_op_param_t {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+} rte_crypto_op_param;
[Fiona] Are both above lengths in bytes ?
[Umesh] Yes, they are in bytes. Will add note for this to avoid any
confusion.
Post by Trahe, Fiona
+
+/** Asymmetric crypto transformation types */
+enum rte_crypto_asym_xform_type {
+ RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED = 0,
+ RTE_CRYPTO_ASYM_XFORM_RSA,
+ RTE_CRYPTO_ASYM_XFORM_MODEX,
+ RTE_CRYPTO_ASYM_XFORM_DH,
+ RTE_CRYPTO_ASYM_XFORM_ECDH,
+ RTE_CRYPTO_ASYM_XFORM_DSA,
+ RTE_CRYPTO_ASYM_XFORM_ECDSA,
+ RTE_CRYPTO_ASYM_XFORM_FECC,
+ RTE_CRYPTO_ASYM_XFORM_MODINV,
+ RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
+};
+
+/**
+ * RSA operation type variants
+ */
+enum rte_crypto_rsa_optype {
+ RTE_CRYPTO_RSA_OP_NOT_SPECIFIED = 1,
[Fiona] Is there a reason for not starting at 0 in all these enums?
[Umesh] Some of the enums are being used as bit positions in capability
structures. Will try to make these consistent.
Post by Trahe, Fiona
+ /**< RSA operation unspecified */
+ RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT,
+ /**< RSA public encrypt operation */
+ RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT,
+ /**< RSA private decrypt operation */
+ RTE_CRYPTO_RSA_OP_SIGN,
+ /**< RSA private key signature operation */
+ RTE_CRYPTO_RSA_OP_VERIFY,
+ /**< RSA public key verification operation */
+ RTE_CRYPTO_RSA_OP_LIST_END
+};
+
+/**
+ * Padding types for RSA signature.
+ */
+enum rte_crypto_rsa_padding_type {
+ RTE_CRYPTO_RSA_PADDING_NOT_SPECIFIED = 1,
+ /**< RSA no padding scheme */
+ RTE_CRYPTO_RSA_PADDING_BT1,
+ /**< RSA PKCS#1 padding BT1 scheme */
+ RTE_CRYPTO_RSA_PADDING_BT2,
+ /**< RSA PKCS#1 padding BT2 scheme */
+ RTE_CRYPTO_RSA_PADDING_OAEP,
+ /**< RSA PKCS#1 OAEP padding scheme */
+ RTE_CRYPTO_RSA_PADDING_PSS,
+ /**< RSA PKCS#1 PSS padding scheme */
+ RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END
+};
+
+/**
+ * Modular exponentiaion operation type variants
+ */
+enum rte_crypto_modex_optype {
+ RTE_CRYPTO_MODEX_OP_NOT_SPECIFIED = 1,
+ /**< ModEx operation type unspecified */
+ RTE_CRYPTO_MODEX_OP_MODEX,
+ /**< Modex operation modular exponentiation */
+ RTE_CRYPTO_MODEX_OP_LIST_END
+};
+
+/**
+ * Modular Inverse operation type variants
+ */
+enum rte_crypto_modeinv_optype {
+ RTE_CRYPTO_MODINV_OP_NOT_SPECIFIED = 1,
+ /**< ModInv operation type unspecified */
+ RTE_CRYPTO_MODINV_OP_MODINV,
+ /**< ModInv operation modular Inverse */
+ RTE_CRYPTO_MODEX_OP_LIST_END
+};
+
+/**
+ * DSA operation type variants
+ */
+enum rte_crypto_dsa_optype {
+ RTE_CRYPTO_DSA_OP_NOT_SPECIFIED = 1,
+ /**< DSA operation unspecified */
+ RTE_CRYPTO_DSA_OP_SIGN,
+ /**< DSA private key signature operation */
+ RTE_CRYPTO_DSA_OP_VERIFY,
+ /**< DSA public key verification operation */
+ RTE_CRYPTO_DSA_OP_LIST_END
+};
+
+
+/**
+ * ECDSA operation type variants
+ */
+enum rte_crypto_ecdsa_optype {
+ RTE_CRYPTO_ECDSA_OP_NOT_SPECIFIED = 1,
+ /**< ECDSA operation unspecified */
+ RTE_CRYPTO_ECDSA_OP_SIGN,
+ /**< ECDSA private key signature operation */
+ RTE_CRYPTO_ECDSA_OP_VERIFY,
+ /**< ECDSA public key verification operation */
+ RTE_CRYPTO_ECDSA_OP_LIST_END
+};
+
+/**
+ * Diffie Hellman Key operation variants
+ */
+enum rte_crypto_dh_optype {
+ RTE_CRYPTO_DH_OP_NOT_SPECIFIED = 1,
+ /**< DH operation unspecified */
+ RTE_CRYPTO_DH_OP_KEY_GENERATION,
+ /**< DH private/public key generation operation */
+ RTE_CRYPTO_DH_OP_KEY_COMPUTATION,
+ /**< DH private key computation operation */
+ RTE_CRYPTO_DH_OP_LIST_END
+};
+
+/**
+ * Elliptic Curve Diffie Hellman Key operation variants
+ */
+enum rte_crypto_ecdh_optype {
+ RTE_CRYPTO_ECDH_OP_NOT_SPECIFIED = 1,
+ /**< ECDH operation unspecified */
+ RTE_CRYPTO_ECDH_OP_KEY_GENERATION,
+ /**< ECDH private/public key generation operation */
+ RTE_CRYPTO_ECDH_OP_KEY_CHECK,
+ /**< ECDH public key validity check operation */
+ RTE_CRYPTO_ECDH_OP_KEY_COMPUTATION,
+ /**< ECDH private key computation operation */
+ RTE_CRYPTO_ECDH_OP_LIST_END
+};
+
+/**
+ * Fundamental ECC operation type variants.
+ */
+enum rte_crypto_fecc_optype {
+ RTE_CRYPTO_FECC_OP_NOT_SPECIFIED = 1,
+ /**< FECC operation type unspecified */
+ RTE_CRYPTO_FECC_OP_POINT_ADD,
+ /**< Fundamental ECC point addition operation */
+ RTE_CRYPTO_FECC_OP_POINT_DBL,
+ /**< Fundamental ECC point doubling operation */
+ RTE_CRYPTO_FECC_OP_POINT_MULTIPLY,
+ /**< Fundamental ECC point multiplication operation */
+ RTE_CRYPTO_FECC_OP_LIST_END
+};
+
+/**
+ * ECC list of curves.
+ */
+enum rte_crypto_ec_prime_curve {
+ RTE_CRYPTO_EC_CURVE_NOT_SPECIFIED = -1,
[Fiona] Why -1 ?
[Umesh] This is to ensure enum of a curve represents the corresponding
bit in the curve capability bitfield.
Post by Trahe, Fiona
+ /**< Unspecified or empty curve id */
+ RTE_CRYPTO_EC_CURVE_secp112r1,
+ /**< SECG/WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp112r2,
+ /**< SECG curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp128r1,
+ /**< SECG curve over a 128 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp128r2,
+ /**< SECG curve over a 128 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160k1,
+ /**< SECG curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160r1,
+ /**< SECG curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160r2,
+ /**< SECG/WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp192k1,
+ /**< SECG curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp224k1,
+ /**< SECG curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp224r1,
+ /**< NIST/SECG curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp256k1,
+ /**< SECG curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp384r1,
+ /**< NIST/SECG curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp521r1,
+ /**< NIST/SECG curve over a 521 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v1,
+ /**< NIST/X9.62/SECG curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v2,
+ /**< X9.62 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v3,
+ /**< X9.62 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v1,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v2,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v3,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime256v1,
+ /**< X9.62/SECG curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls6,
+ /**< SECG/WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls7,
+ /**< SECG/WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls8,
+ /**< WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls9,
+ /**< WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls12,
+ /**< WTLS curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP160r1,
+ /**< RFC 5639 curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP160t1,
+ /**< RFC 5639 curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP192r1,
+ /**< RFC 5639 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP192t1,
+ /**< RFC 5639 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP224r1,
+ /**< RFC 5639 curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP224t1,
+ /**< RFC 5639 curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP256r1,
+ /**< RFC 5639 curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP256t1,
+ /**< RFC 5639 curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP320r1,
+ /**< RFC 5639 curve over a 320 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP320t1,
+ /**< RFC 5639 curve over a 320 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP384r1,
+ /**< RFC 5639 curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP384t1,
+ /**< RFC 5639 curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP512r1,
+ /**< RFC 5639 curve over a 512 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP512t1,
+ /**< RFC 5639 curve over a 512 bit prime field */
+ RTE_CRYPTO_EC_CURVE_x25519,
+ /**< Curve 25519 */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+enum rte_crypto_ec_binary_curve {
+ RTE_CRYPTO_EC_CURVE_NOT_SPECIFIED = -1,
+ /**< Unspecified or empty curve id */
+ RTE_CRYPTO_EC_CURVE_sect113r1,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect113r2,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect131r1,
+ /**< SECG/WTLS curve over a 131 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect131r2,
+ /**< SECG curve over a 131 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163k1,
+ /**< NIST/SECG/WTLS curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163r1,
+ /**< SECG curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163r2,
+ /**< NIST/SECG curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect193r1,
+ /**< SECG curve over a 193 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect193r2,
+ /**< SECG curve over a 193 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect233k1,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect233r1,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect239k1,
+ /**< SECG curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect283k1,
+ /**< NIST/SECG curve over a 283 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect283r1,
+ /**< NIST/SECG curve over a 283 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect409k1,
+ /**< NIST/SECG curve over a 409 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect409r1,
+ /**< NIST/SECG curve over a 409 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect571k1,
+ /**< NIST/SECG curve over a 571 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect571r1,
+ /**< NIST/SECG curve over a 571 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v1,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v2,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v3,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb176v1,
+ /**< X9.62 curve over a 176 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v1,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v2,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v3,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb208w1,
+ /**< X9.62 curve over a 208 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v1,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v2,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v3,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb272w1,
+ /**< X9.62 curve over a 272 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb304w1,
+ /**< X9.62 curve over a 304 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb359v1,
+ /**< X9.62 curve over a 359 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb368w1,
+ /**< X9.62 curve over a 368 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb431r1,
+ /**< X9.62 curve over a 431 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls1,
+ /**< WTLS curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls3,
+ /**< NIST/SECG/WTLS curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls4,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls5,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls10,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls11,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+/**
+ * Elliptic curve point format
+ */
+struct rte_crypto_ec_point {
+ struct {
+ int length;
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ /**< phys_addr is used only for points passed in the
+ * asym_op structure.
+ */
+ } x;
+ /**< X co-ordinate */
+
+ struct {
+ int length;
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ /**< phys_addr is used only for points passed in the
+ * operation structure
+ */
+ } y;
+ /**< Y co-ordinate */
+};
+
+/**
+ * Elliptic curve type
+ */
+enum rte_crypto_ec_curve_type {
+ RTE_CRYPTO_EC_CURVE_TYPE_UNDEFINED,
+ /**< Curve type undefined */
+ RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD,
+ /**< EC curve defined over a prime field */
+ RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD,
+ /**< EC curve defined over a binary field */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+/**
+ * Elliptic curve id
+ */
+struct rte_crypto_ec_curve_id {
+ RTE_STD_C11
+ union {
+ enum rte_crypto_ec_prime_curve pcurve;
+ enum rte_crypto_ec_binary_curve bcurve;
+ }
+};
+
+/**
+ * Asymmetric RSA transform data
+ *
+ * This structure contains data required to perform RSA crypto
+ * transform. If all CRT components are filled, RSA private key
+ * RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT uses CRT method for crypto
+ * transform.
+ */
+struct rte_crypto_rsa_xform {
+
+ rte_crypto_xform_param n;
+ /**< n - Prime modulus
+ * Prime modulus data of RSA operation in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param e;
+ /**< e - Public key exponent
+ * Public key exponent used for RSA public key operations in Octet-
+ * string network byte order format.
+ */
+
+ rte_crypto_xform_param d;
+ /**< d - Private key exponent
+ * Private key exponent used for RSA private key operations in
+ * Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ /**< p - Private key component P
+ * Private key component of RSA parameter required for CRT method
+ * of private key operations in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param q;
+ /**< q - Private key component Q
+ * Private key component of RSA parameter required for CRT method
+ * of private key operations in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param dP;
+ /**< dP - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * dP = d mod ( p - 1 )
+ */
+
+ rte_crypto_xform_param dQ;
+ /**< dQ - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * dQ = d mod ( q - 1 )
+ */
+
+ rte_crypto_xform_param qInv;
+ /**< qInv - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * qInv = inv q mod p
+ */
+};
+
+/** Asymmetric Modular exponentiation transform data
+ *
+ * This structure contains data required to perform modular exponentation
+ * crypto transform. If all CRT components are valid, crypto transform
+ * operation follows CRT method.
+ */
+struct rte_crypto_modex_xform {
+
+ rte_crypto_xform_param modulus;
+ /**< modulus
+ * Prime modulus of the modexp transform operation in Octet-string
+ * network byte order format.
+ */
+
+ rte_crypto_xform_param exponent;
+ /**< exponent
+ * Private exponent of the modexp transform operation in
+ * Octet-string network byte order format.
+ */
+};
+
+/** Asymmetric DH transform data
+ * This structure contains data used to perform DH key
+ * computation
+ */
+struct rte_crypto_dh_xform {
+ rte_crypto_xform_param p;
+ /**< p : Prime modulus data
+ * DH prime modulous data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param g;
+ /**< g : Generator
+ * DH group generator data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param priv_key;
+ /**< priv_key
+ * DH private key data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param pub_key;
+ /**< pub_key
+ * DH public key data in Octet-string network byte order format.
+ */
+};
+
+/**Asymmetric ECDH transform data
+ * This structure contains data required to perform ECDH crypto
+ * transform
+ */
+struct rte_crypto_ecdh_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< ECDH curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+
+ rte_crypto_xform_param n;
+ /**< n : order
+ * ECDH curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ * p holds the prime modulus data in Octet string format.
+ *
+ * p holds reduction polynomial co-efficients and degree.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'b' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ struct rte_crypto_ec_point G;
+ /**< G: EC curve generator
+ * EC curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param pkey;
+ /**< pkey: Private key
+ * Private key data for ECDH operation in Octet-string network byte
+ * order format.
+ */
+
+ struct rte_crypto_ecpoint Q;
+ /**< Q: Public key point
+ * Public key point data of ECDH operation in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+};
+
+/** Asymmetric Digital Signature transform operation
+ *
+ * This structure contains data required to perform asymmetric
+ * digital signature crypto transform.
+ */
+struct rte_crypto_dsa_xform {
+
+ rte_crypto_xform_param p;
+ /**< p - Prime modulus
+ * Prime modulus data for DSA operation in Octet-string network byte
+ * order format.
+ */
+
+ rte_crypto_xform_param q;
+ /**< q : Order of the subgroup
+ * Order of the subgroup data in Octet-string network byte order
+ * format.
+ * q % (p-1) = 0
+ */
+
+ rte_crypto_xform_param g;
+ /**< g: Generator of the subgroup
+ * Generator data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param x;
+ /**< x: Private key of the signer
+ * Private key data in Octet-string network byte order format.
+ * Private key is valid only for signature generation operation.
+ */
+
+ rte_crypto_xform_param y;
+ /**< y : Public key of the signer.
+ * Public key data of the signer in Octet-string network byte order
+ * format.
+ * y = g^x mod p
+ */
+};
+
+/** Asymmetric ECDSA transform data
+ *
+ * This structure contains data required to perform ECDSA crypto
+ * transform.
+ */
+struct rte_crypto_ecdsa_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< ECDSA curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+ /**< EC curve ID */
+
+ rte_crypto_xform_param n;
+ /**< n : order
+ * ECDH curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ * p holds the prime modulus data in Octet string format.
+ *
+ * p holds reduction polynomial co-efficients and degree.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'b' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ struct rte_crypto_ecpoint G;
+ /**< G: EC curve generator
+ * EC curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param pkey;
+ /**< pkey: Private key
+ * Private key data of the signer for ECDSA signature generation
+ * operation in Octet-string network byte format. Parameter is
+ * invalid or unsed for signature verification.
+ */
+
+ struct rte_crypto_ecpoint Q;
+ /**< Q: Public key point
+ * Public key point data of ECDSA operation in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+};
+
+/** Asymmetric modular inverse transform operation
+ * This structure contains data required to perform
+ * asymmetric modular inverse crypto transform
+ */
+struct rte_crypto_modinv_xform {
+};
+
+/** Asymmetric Fundamental ECC transform operation
+ *
+ * This structure contains data required to perform asymmetric
+ * fundamental ECC crypto transform.
+ */
+struct rte_crypto_fecc_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< FECC curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+ /**< EC curve ID */
+
+ rte_crypto_xform_param order;
+ /**< order : ECC curve order
+ * Curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param prime;
+ /**< prime : Curve prime modulus data
+ * Prime modulus data in Octet-string network byte order format.
+ */
+
+ struct rte_crypto_ec_point G;
+ /**< G: curve generator point
+ * Curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+
+};
+
+/**
+ * Asymmetric crypto transform data
+ *
+ * This structure contains the data required to perform the
+ * asymmetric crypto transformation operation. The field op
+ * determines the asymmetric algorithm for transformation.
+ */
+struct rte_crypto_asym_xform {
+ struct rte_crypto_asym_xform *next;
+ enum rte_crypto_asym_xform_type xform_type;
+ /**< Asymmetric algorithm for crypto transform */
+
+ RTE_STD_C11
+ union {
+ struct rte_crypto_rsa_xform rsa;
+ struct rte_crypto_fecc_xform fecc;
+ struct rte_crypto_modex_xform modex;
+ struct rte_crypto_ecdsa_xform ecdsa;
+ struct rte_crypto_ecdh_xform ecdh;
+ struct rte_crypto_dsa_xform dsa;
+ };
+};
+
+struct rte_cryptodev_asym_session;
+
+/**
+ * Crypto operation session type. This is used to specify whether a crypto
+ * operation has session structure attached for immutable parameters or if all
+ * operation information is included in the operation data structure.
+ */
+enum rte_crypto_asym_op_sess_type {
+ RTE_CRYPTO_ASYM_OP_WITH_SESSION,
+ /**< Session based crypto operation */
+ RTE_CRYPTO_ASYM_OP_SESSIONLESS
+ /**< Session-less crypto operation */
+};
+
+/**
+ * Asymmetric Cryptographic Operation.
+ *
+ * This structure contains data relating to performing asymmetric cryptographic
+ * operation.
+ *
+ */
+struct rte_crypto_asym_op {
+
+ enum rte_crypto_asym_op_sess_type sess_type;
+ enum rte_crypto_asym_xform_type type;
+
+ RTE_STD_C11
+ union {
+ enum rte_crypto_rsa_optype rsa_op;
+ /**< Type of RSA operation for transform */;
+ enum rte_crypto_modex_optype modex_op;
+ /**< Type of modular exponentiation operation */
+ enum rte_crypto_ecdsa_optype ecdsa_op;
+ /**< ECDSA crypto xform operation type */
+ enum rte_crypto_fecc_optype fecc_op;
+ /**< ECDSA crypto xform operation type */
+ enum rte_crypto_dsa_optype dsa_op;
+ /**< DSA crypto xform operation type */
+ };
+
+ RTE_STD_C11
+ union {
+ struct rte_cryptodev_asym_session *session;
+ /**< Handle for the initialised session context */
+ struct rte_crypto_asym_xform *xform;
+ /**< Session-less API crypto operation parameters */
+ };
+
+ RTE_STD_C11
+ union {
+
+ struct {
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be encrypted for RSA public encrypt.
+ * - to be decrypted for RSA private decrypt.
+ * - to be signed for RSA sign generation.
+ * - to be authenticated for RSA sign verification.
+ */
+
+ rte_crypto_op_param sign;
+ /**<
+ * Pointer to RSA signature data. If operation is RSA
+ * over-written with generated signature.
+ *
+ * Length of the signature data will be equal to the
+ * RSA prime modulus length.
+ */
+
+ enum rte_crypto_rsa_padding_type pad;
+ /**< RSA padding scheme to be used for transform */
+
+ enum rte_crypto_auth_algorithm md;
+ /**< Hash algorithm to be used for data hash if padding
+ * scheme is either OAEP or PSS. Valid hash algorithms
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+
+ enum rte_crypto_auth_algorithm mgf1md;
+ /**<
+ * Hash algorithm to be used for mask generation if
+ * padding scheme is either OAEP or PSS. If padding
+ * scheme is unspecified data hash algorithm is used
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+ } rsa;
+
+ struct {
+ rte_crypto_op_param pub_key;
+ /**<
+ * If DH operation type is
+ * if priv_key and public key are provided, the keys
+ * are copied to DH xform structure, else key pair is
+ * generated and stored in DH xform structure.
+ * pub_key data should be in Octet-string network
+ * byte order format.
+ *
+ * pub_key holds the key shared by peer during DH
+ * key exchange. pub_key data is written as Octet-
+ * string network byte order format.
+ */
+ RTE_STD_C11
+ union {
+ rte_crypto_op_param priv_key;
+ /**<
+ * If DH operation type is KEY_GENERATION, and
+ * priv_key is provided, the key is copied to
+ * DH xform structure, else generated and stored
+ * in DH xform structure. priv_key data is in
+ * in Octet-string network byte order format.
+ */
+ rte_crypto_op_param shared_key;
+ /*
+ * shared_key holds the shared secret
+ * computed. shared_key is written as
+ * Octet-string network byte order format.
+ */
+ };
+ } dh;
+
+ struct {
+ rte_crypto_op_param base;
+ /**<
+ * Pointer to base of modular exponentiation data in
+ * Octet-string network byte order format.
+ */
+ } modex;
+
+ struct {
+ rte_crypto_op_param priv_key;
+ /**<
+ * If ECDH operation type is KEY_GENERATION, and
+ * priv_key is provided, the key is copied to ECDH
+ * xform structure, else generated and stored in
+ * ECDH xform structure in Octet-string network byte
+ * order.
+ * priv_key holds the 'X' co-ordinate of the shared
+ * secret EC point computed in Octet-string network
+ * byte order.
+ */
+
+ rte_crypto_ec_point pub_key;
+ /**<
+ * If ECDH operation type is
+ * if priv_key and public key are provided, the keys
+ * are copied ECDH xform structure, else key pair is
+ * generated and stored in ECDH xform structure.
+ *
+ * pub_key holds peer's public key during ECDH
+ * key exchange in Octet-string network byte order.
+ */
+ } ecdh;
+
+ struct {
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be signed for ECDSA signature generation.
+ * - to be authenticated for ECDSA sign verification.
+ */
+
+ rte_crypto_op_param sign;
+ /**<
+ * Pointer to ECDSA signature. If operation type is
+ * over-written with the signature.
+ *
+ * Length of ECDSA signature will be less than twice the
+ * length of prime modulus length.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to random scalar to be used for generation
+ * It is invalid if operation is ECDSA verify.
+ * Scalar data is in Octet-string network byte order
+ * format.
+ *
+ * Length of scalar K should be less than the prime
+ * modulus of the curve
+ */
+ } ecdsa;
+
+ struct {
+
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be signed for DSA signature generation.
+ * - to be authenticated for DSA sign verification.
+ *
+ * Length of data to be signed, if is more than
+ * prime modulus length, is truncated to length of
+ * prime modulus.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to random scalar to be used for DSA
+ * signature generation. K should be a non-zero number
+ * less than q. k is in Octet-string network byte
+ * order format.
+ */
+
+ } dsa;
+
+ struct {
+ struct rte_crypto_ec_point p;
+ /**<
+ * Pointer to primary curve point for fundamental
+ * ECC operation. Data is in Octet-string network
+ * byte order format.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct rte_crypto_ec_point q;
+ /**<
+ *
+ * Pointer to secondary curve point for fundamental
+ * ECC operation. Data is in Octet-string network
+ * byte order format.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve. This point is valid
+ * only for point addition optype
+ * RTE_CRYPTO_FECC_OP_POINT_ADD crypto transform.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to scalar data to be used only for point
+ * crypto transform. Data is in Octet-string network
+ * byte order format.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct rte_crypto_ec_point r;
+ /**<
+ * Pointer to the resultant point on the curve after
+ * fundamental ECC crypto transform. Data is in
+ * Octet-string network byte order format.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ } fecc;
+
+ struct {
+
+ rte_crypto_op_param prime;
+ /**<
+ * Pointer to the prime modulus data for modular
+ * inverse operation in Octet-string network byte
+ * order format.
+ */
+
+ rte_crypto_op_param base;
+ /**<
+ * Pointer to the base for the modular inverse
+ * operation in Octet-string network byte order
+ * format.
+ */
+ } modinv;
+ };
+
+} __rte_cache_aligned;
+
+
+
+/**
+ * Reset the fields of an asymmetric operation to their default values.
+ *
+ */
+static inline void
+__rte_crypto_asym_op_reset(struct rte_crypto_asym_op *op)
+{
+ memset(op, 0, sizeof(*op));
+
+ op->sess_type = RTE_CRYPTO_ASYM_OP_SESSIONLESS;
+}
+
+
+/**
+ * Allocate space for asymmetric crypto xforms in the private data space of the
+ * crypto operation. This also defaults the crypto xform type to
+ * RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED and configures the chaining of the xforms
+ * in the crypto operation
+ *
+ * - On success returns pointer to first crypto xform in crypto operations chain
+ * - On failure returns NULL
+ */
+static inline struct rte_crypto_asym_xform *
+__rte_crypto_asym_op_asym_xforms_alloc(struct rte_crypto_asym_op *asym_op,
+ void *priv_data, uint8_t nb_xforms)
+{
+ struct rte_crypto_asym_xform *xform;
+
+ asym_op->xform = xform = (struct rte_crypto_asym_xform *)priv_data;
+
+ do {
+ xform->type = RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED;
+ xform = xform->next = --nb_xforms > 0 ? xform + 1 : NULL;
+ } while (xform);
+
+ return asym_op->xform;
+}
+
+
+/**
+ * Attach a session to an asymmetric crypto operation
+ *
+ */
+static inline int
+__rte_crypto_asym_op_attach_asym_session(struct rte_crypto_asym_op *asym_op,
+ struct rte_cryptodev_asym_session *sess)
+{
+ asym_op->session = sess;
+ asym_op->sess_type = RTE_CRYPTO_ASYM_OP_WITH_SESSION;
+
+ return 0;
+}
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _RTE_CRYPTO_ASYM_H_ */
--
1.8.3.1
Regards,
Umesh
Trahe, Fiona
2017-05-29 14:51:11 UTC
Permalink
Hi Umesh,
-----Original Message-----
Sent: Friday, May 26, 2017 8:18 AM
Subject: Re: [RFC PATCH v2 1/3] cryptodev: added asymmetric algorithms
Hi Fiona,
Post by Trahe, Fiona
Hi Umesh,
-----Original Message-----
Sent: Thursday, May 11, 2017 1:36 PM
Lara
Post by Trahe, Fiona
Subject: [RFC PATCH v2 1/3] cryptodev: added asymmetric algorithms
Added asymmetric xform structures, operation definitions, operation
parameters. Added asymmetric algorithms RSA, DH, ECDH, DSA, ECDSA,
MODEXP, FECC, MOD-INVERSE. Added curves (all curves supported by
libcrypto as of now).
---
lib/librte_cryptodev/rte_crypto_asym.h | 1124 ++++++++++++++++++++++++++++++++
1 file changed, 1124 insertions(+)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
diff --git lib/librte_cryptodev/rte_crypto_asym.h lib/librte_cryptodev/rte_crypto_asym.h
new file mode 100644
index 0000000..36a8b4f
--- /dev/null
+++ lib/librte_cryptodev/rte_crypto_asym.h
@@ -0,0 +1,1124 @@
+/*
+ * BSD LICENSE
+ *
+ * Copyright (C) Cavium networks Ltd. 2017.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Cavium Networks nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _RTE_CRYPTO_ASYM_H_
+#define _RTE_CRYPTO_ASYM_H_
+
+/**
+ *
+ * RTE Definitions for Asymmetric Cryptography
+ *
+ * Defines asymmetric algorithms and modes, as well as supported
+ * asymmetric crypto operations.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <string.h>
+#include <stdint.h>
+#include <rte_mbuf.h>
+#include <rte_memory.h>
+#include <rte_mempool.h>
+#include <rte_common.h>
+#include "rte_crypto_sym.h"
+
+typedef struct rte_crypto_xform_param_t {
+ uint8_t *data;
+ size_t length;
+} rte_crypto_xform_param;
+
+typedef struct rte_crypto_op_param_t {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+} rte_crypto_op_param;
[Fiona] Are both above lengths in bytes ?
[Umesh] Yes, they are in bytes. Will add note for this to avoid any
confusion.
[Fiona] Thanks.
Re your v1 question re sessionless, I don't see a strong need to support sessions
in Asymm crypto and we would probably initially just implement the SESSIONLESS case.
For that case, the rte_crypto_xform_param_t would be used to provide data to
the op. So providing a phys_addr would save an internal alloc and copy and
be necessary to optimise performance.
What do you think of adding this?
In that case the structs are identical, so can be combined.

Regards,
Fiona
Umesh Kartha
2017-06-02 11:01:14 UTC
Permalink
Hi Fiona,
Post by Trahe, Fiona
Hi Umesh,
-----Original Message-----
Sent: Friday, May 26, 2017 8:18 AM
Subject: Re: [RFC PATCH v2 1/3] cryptodev: added asymmetric algorithms
Hi Fiona,
Post by Trahe, Fiona
Hi Umesh,
-----Original Message-----
Sent: Thursday, May 11, 2017 1:36 PM
Lara
Post by Trahe, Fiona
Subject: [RFC PATCH v2 1/3] cryptodev: added asymmetric algorithms
Added asymmetric xform structures, operation definitions, operation
parameters. Added asymmetric algorithms RSA, DH, ECDH, DSA, ECDSA,
MODEXP, FECC, MOD-INVERSE. Added curves (all curves supported by
libcrypto as of now).
---
lib/librte_cryptodev/rte_crypto_asym.h | 1124 ++++++++++++++++++++++++++++++++
1 file changed, 1124 insertions(+)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
diff --git lib/librte_cryptodev/rte_crypto_asym.h lib/librte_cryptodev/rte_crypto_asym.h
new file mode 100644
index 0000000..36a8b4f
--- /dev/null
+++ lib/librte_cryptodev/rte_crypto_asym.h
@@ -0,0 +1,1124 @@
+/*
+ * BSD LICENSE
+ *
+ * Copyright (C) Cavium networks Ltd. 2017.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Cavium Networks nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _RTE_CRYPTO_ASYM_H_
+#define _RTE_CRYPTO_ASYM_H_
+
+/**
+ *
+ * RTE Definitions for Asymmetric Cryptography
+ *
+ * Defines asymmetric algorithms and modes, as well as supported
+ * asymmetric crypto operations.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <string.h>
+#include <stdint.h>
+#include <rte_mbuf.h>
+#include <rte_memory.h>
+#include <rte_mempool.h>
+#include <rte_common.h>
+#include "rte_crypto_sym.h"
+
+typedef struct rte_crypto_xform_param_t {
+ uint8_t *data;
+ size_t length;
+} rte_crypto_xform_param;
+
+typedef struct rte_crypto_op_param_t {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+} rte_crypto_op_param;
[Fiona] Are both above lengths in bytes ?
[Umesh] Yes, they are in bytes. Will add note for this to avoid any
confusion.
[Fiona] Thanks.
Re your v1 question re sessionless, I don't see a strong need to support sessions
in Asymm crypto and we would probably initially just implement the SESSIONLESS case.
For that case, the rte_crypto_xform_param_t would be used to provide data to
the op. So providing a phys_addr would save an internal alloc and copy and
be necessary to optimise performance.
What do you think of adding this?
In that case the structs are identical, so can be combined.
Regards,
Fiona
If the general conscience is that a session is not required to perform
asymmetric crypto operations, I will remove it. The only scenario in which
an asymmetric session can be used is to generate DSA/ECDSA/RSA signatures
multiple times. Alternatively, crypto_asym_xform struct can be reused in
this scenario.
And yes, as you suggested, we can combine the structs.


Regards,
Umesh

Umesh Kartha
2017-05-11 12:35:31 UTC
Permalink
Added asymmetric algorithm capability structures, operation error codes,
application helper functions. Added asymmetric algorithm/operation
variants, capability query APIs.

Signed-off-by: Umesh Kartha <***@caviumnetworks.com>
---
lib/librte_cryptodev/rte_crypto.h | 135 ++++++++++-
lib/librte_cryptodev/rte_cryptodev.c | 430 +++++++++++++++++++++++++++++++++++
lib/librte_cryptodev/rte_cryptodev.h | 334 +++++++++++++++++++++++++++
3 files changed, 896 insertions(+), 3 deletions(-)

diff --git lib/librte_cryptodev/rte_crypto.h lib/librte_cryptodev/rte_crypto.h
index 9019518..a8720bf 100644
--- lib/librte_cryptodev/rte_crypto.h
+++ lib/librte_cryptodev/rte_crypto.h
@@ -51,6 +51,7 @@
#include <rte_common.h>

#include "rte_crypto_sym.h"
+#include "rte_crypto_asym.h"

/** Crypto operation types */
enum rte_crypto_op_type {
@@ -58,6 +59,8 @@ enum rte_crypto_op_type {
/**< Undefined operation type */
RTE_CRYPTO_OP_TYPE_SYMMETRIC,
/**< Symmetric operation */
+ RTE_CRYPTO_OP_TYPE_ASYMMETRIC,
+ /**< Asymmetric operation */
};

/** Status of crypto operation */
@@ -75,6 +78,29 @@ enum rte_crypto_op_status {
* Symmetric operation failed due to invalid session arguments, or if
* in session-less mode, failed to allocate private operation material.
*/
+ RTE_CRYPTO_OP_STATUS_RSA_DATA_TOO_LARGE,
+ /**< Length of data to be encrypted/signed is too large */
+ RTE_CRYPTO_OP_STATUS_PKCS_DECRYPT_FAILED,
+ /**<
+ * PKCS decrypt operation failed due to bad padding.
+ */
+ RTE_CRYPTO_OP_STATUS_RSA_VERIFY_FAILED,
+ /**<
+ * PKCS RSA signature verification failed.
+ */
+ RTE_CRYPTO_OP_STATUS_ECDSA_INVALID_SIGNATURE,
+ /**<
+ * ECDSA signature generation failed due to either ECDSA_SIGN->r or
+ * ECDSA_SIGN->s component being invalid.
+ */
+ RTE_CRYPTO_OP_STATUS_ECDSA_VERIFY_FAILED,
+ /**<
+ * ECDSA signature verification failed.
+ */
+ RTE_CRYPTO_OP_STATUS_ECC_POINT_AT_INFINITY,
+ /**<
+ * ECC Operation failed due to point at infinity
+ */
RTE_CRYPTO_OP_STATUS_INVALID_ARGS,
/**< Operation failed due to invalid arguments in request */
RTE_CRYPTO_OP_STATUS_ERROR,
@@ -116,6 +142,8 @@ struct rte_crypto_op {
union {
struct rte_crypto_sym_op *sym;
/**< Symmetric operation parameters */
+ struct rte_crypto_asym_op *asym;
+ /**< Asymmetric operation parameters */
}; /**< operation specific parameters */
} __rte_cache_aligned;

@@ -141,6 +169,14 @@ struct rte_crypto_op {

__rte_crypto_sym_op_reset(op->sym);
break;
+ case RTE_CRYPTO_OP_TYPE_ASYMMETRIC:
+ /** Asymmetric operation structure starts after the end of the
+ * rte_crypto_op strucutre.
+ */
+ op->asym = (struct rte_crypto_asym_op *)(op + 1);
+ op->type = type;
+
+ __rte_crypto_asym_op_reset(op->asym);
default:
break;
}
@@ -303,13 +339,25 @@ struct rte_crypto_op_pool_private {
__rte_crypto_op_get_priv_data(struct rte_crypto_op *op, uint32_t size)
{
uint32_t priv_size;
+ int type = op->type;

if (likely(op->mempool != NULL)) {
priv_size = __rte_crypto_op_get_priv_data_size(op->mempool);

- if (likely(priv_size >= size))
- return (void *)((uint8_t *)(op + 1) +
+ if (likely(priv_size >= size)) {
+ switch (type) {
+ case RTE_CRYPTO_OP_TYPE_SYMMETRIC:
+ return (void *)((uint8_t *)(op + 1) +
sizeof(struct rte_crypto_sym_op));
+ break;
+ case RTE_CRYPTO_OP_TYPE_ASYMMETRIC:
+ return (void *)((uint8_t *)(op + 1) +
+ sizeof(struct rte_crypto_asym_op));
+ break;
+ default:
+ break;
+ }
+ }
}

return NULL;
@@ -320,7 +368,7 @@ struct rte_crypto_op_pool_private {
* If operation has been allocate from a rte_mempool, then the operation will
* be returned to the mempool.
*
- * @param op symmetric crypto operation
+ * @param op crypto operation
*/
static inline void
rte_crypto_op_free(struct rte_crypto_op *op)
@@ -410,6 +458,87 @@ struct rte_crypto_op_pool_private {
return __rte_crypto_sym_op_attach_sym_session(op->sym, sess);
}

+/**
+ * Allocate an asymmetric crypto operation in the private data of an mbuf.
+ *
+ * @param m mbuf which is associated with the crypto operation, the
+ * operation will be allocated in the private data of that
+ * mbuf.
+ *
+ * @returns
+ * - On success returns a pointer to the crypto operation.
+ * - On failure returns NULL.
+ */
+static inline struct rte_crypto_op *
+rte_crypto_asym_op_alloc_from_mbuf_priv_data(struct rte_mbuf *m)
+{
+ if (unlikely(m == NULL))
+ return NULL;
+
+ /*
+ * check that the mbuf's private data size is sufficient to contain a
+ * crypto operation
+ */
+ if (unlikely(m->priv_size < (sizeof(struct rte_crypto_op) +
+ sizeof(struct rte_crypto_asym_op))))
+ return NULL;
+
+ /* private data starts immediately after the mbuf header in the mbuf. */
+ struct rte_crypto_op *op = (struct rte_crypto_op *)(m + 1);
+
+ __rte_crypto_op_reset(op, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);
+
+ op->mempool = NULL;
+ op->asym->m_src = m;
+
+ return op;
+}
+
+/**
+ * Allocate space for asymmetric crypto xforms in the private data space of the
+ * crypto operation. This also defaults the crypto xform type and configures
+ * the chaining of the xforms in the crypto operation
+ *
+ * @return
+ * - On success returns pointer to first crypto xform in crypto operations chain
+ * - On failure returns NULL
+ */
+static inline struct rte_crypto_asym_xform *
+rte_crypto_op_asym_xforms_alloc(struct rte_crypto_op *op, uint8_t nb_xforms)
+{
+ void *priv_data;
+ uint32_t size;
+
+ if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_ASYMMETRIC))
+ return NULL;
+
+ size = sizeof(struct rte_crypto_asym_xform) * nb_xforms;
+
+ priv_data = __rte_crypto_op_get_priv_data(op, size);
+ if (priv_data == NULL)
+ return NULL;
+
+ return __rte_crypto_asym_op_asym_xforms_alloc(op->asym, priv_data,
+ nb_xforms);
+}
+
+
+/**
+ * Attach a session to a crypto operation
+ *
+ * @param op crypto operation, must be of type asymmetric
+ * @param sess cryptodev session
+ */
+static inline int
+rte_crypto_op_attach_asym_session(struct rte_crypto_op *op,
+ struct rte_cryptodev_asym_session *sess)
+{
+ if (unlikely(op->type != RTE_CRYPTO_OP_TYPE_ASYMMETRIC))
+ return -1;
+
+ return __rte_crypto_asym_op_attach_asym_session(op->asym, sess);
+}
+
#ifdef __cplusplus
}
#endif
diff --git lib/librte_cryptodev/rte_cryptodev.c lib/librte_cryptodev/rte_cryptodev.c
index b65cd9c..abcdeb0 100644
--- lib/librte_cryptodev/rte_cryptodev.c
+++ lib/librte_cryptodev/rte_cryptodev.c
@@ -224,6 +224,385 @@ struct rte_cryptodev_callback {
}

/**
+ * Asymmetric crypto transform operation strings identifiers.
+ */
+
+const char *
+rte_crypto_asym_algorithm_strings[] = {
+ [RTE_CRYPTO_ASYM_XFORM_RSA] = "rsa",
+ [RTE_CRYPTO_ASYM_XFORM_MODEX] = "modexp",
+ [RTE_CRYPTO_ASYM_XFORM_DH] = "dh",
+ [RTE_CRYPTO_ASYM_XFORM_ECDH] = "ecdh",
+ [RTE_CRYPTO_ASYM_XFORM_DSA] = "dsa",
+ [RTE_CRYPTO_ASYM_XFORM_ECDSA] = "ecdsa",
+ [RTE_CRYPTO_ASYM_XFORM_MODINV] = "modinv",
+ [RTE_CRYPTO_ASYM_XFORM_FECC] = "fecc"
+};
+
+/**
+ * RSA crypto transform operation strings identifiers.
+ */
+const char *
+rte_crypto_rsa_operation_strings[] = {
+ [RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT] = "public-encrypt",
+ [RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT] = "private-decrypt",
+ [RTE_CRYPTO_RSA_OP_SIGN] = "sign",
+ [RTE_CRYPTO_RSA_OP_VERIFY] = "verify"
+};
+
+/**
+ * DH crypto transform operation strings identifiers.
+ */
+const char *
+rte_crypto_dh_operation_strings[] = {
+ [RTE_CRYPTO_DH_OP_KEY_GENERATION] = "key-generate",
+ [RTE_CRYPTO_DH_OP_KEY_COMPUTATION] = "key-compute"
+};
+
+/**
+ * ECDH crypto transform operation strings identifiers.
+ */
+const char *
+rte_crypto_ecdh_operation_strings[] = {
+ [RTE_CRYPTO_ECDH_OP_KEY_GENERATION] = "key-generate",
+ [RTE_CRYPTO_ECDH_OP_KEY_CHECK] = "key-check",
+ [RTE_CRYPTO_ECDH_OP_KEY_COMPUTATION] = "key-compute"
+};
+
+/**
+ * DSA crypto transform operation strings identifiers.
+ */
+const char *
+rte_crypto_dsa_operation_strings[] = {
+ [RTE_CRYPTO_DSA_OP_SIGN] = "sign",
+ [RTE_CRYPTO_DSA_OP_VERIFY] = "verify"
+};
+
+/**
+ * ECDSA crypto transform operation strings identifiers.
+ */
+const char *
+rte_crypto_ecdsa_operation_strings[] = {
+ [RTE_CRYPTO_ECDSA_OP_SIGN] = "sign",
+ [RTE_CRYPTO_ECDSA_OP_VERIFY] = "verify"
+};
+
+/**
+ * F-ECC crypto transform operation strings identifiers.
+ */
+const char *
+rte_crypto_fecc_operation_strings[] = {
+ [RTE_CRYPTO_FECC_OP_POINT_ADD] = "point-add",
+ [RTE_CRYPTO_FECC_OP_POINT_DBL] = "point-double",
+ [RTE_CRYPTO_FECC_OP_POINT_MULTIPLY] = "point-multiply"
+};
+
+/**
+ * RSA crypto padding scheme strings identifiers.
+ */
+const char *
+rte_crypto_rsa_padding_scheme_strings[] = {
+ [RTE_CRYPTO_RSA_PADDING_BT1] = "bt1",
+ [RTE_CRYPTO_RSA_PADDING_BT2] = "bt2",
+ [RTE_CRYPTO_RSA_PADDING_OAEP] = "oaep",
+ [RTE_CRYPTO_RSA_PADDING_PSS] = "pss"
+};
+
+/**
+ * ECC prime field curve string identifiers.
+ */
+const char *
+rte_crypto_prime_curve_id_strings[] = {
+ [RTE_CRYPTO_EC_CURVE_secp112r1] = "secp112r1",
+ [RTE_CRYPTO_EC_CURVE_secp112r2] = "secp112r2",
+ [RTE_CRYPTO_EC_CURVE_secp128r1] = "secp128r1",
+ [RTE_CRYPTO_EC_CURVE_secp128r2] = "secp128r2",
+ [RTE_CRYPTO_EC_CURVE_secp160k1] = "secp160k1",
+ [RTE_CRYPTO_EC_CURVE_secp160r1] = "secp160r1",
+ [RTE_CRYPTO_EC_CURVE_secp160r2] = "secp160r2",
+ [RTE_CRYPTO_EC_CURVE_secp192k1] = "secp192k1",
+ [RTE_CRYPTO_EC_CURVE_secp224k1] = "secp224k1",
+ [RTE_CRYPTO_EC_CURVE_secp224r1] = "secp224r1",
+ [RTE_CRYPTO_EC_CURVE_secp256k1] = "secp256k1",
+ [RTE_CRYPTO_EC_CURVE_secp384r1] = "secp384r1",
+ [RTE_CRYPTO_EC_CURVE_secp521r1] = "secp521r1",
+ [RTE_CRYPTO_EC_CURVE_prime192v1] = "prime192v1",
+ [RTE_CRYPTO_EC_CURVE_prime192v2] = "prime192v2",
+ [RTE_CRYPTO_EC_CURVE_prime192v3] = "prime192v3",
+ [RTE_CRYPTO_EC_CURVE_prime239v1] = "prime239v1",
+ [RTE_CRYPTO_EC_CURVE_prime239v2] = "prime239v2",
+ [RTE_CRYPTO_EC_CURVE_prime239v3] = "prime239v3",
+ [RTE_CRYPTO_EC_CURVE_prime256v1] = "prime256v1",
+ [RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls6] =
+ "wap_wsg_idm_ecid_wtls6";
+ [RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls7] =
+ "wap_wsg_idm_ecid_wtls7";
+ [RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls8] =
+ "wap_wsg_idm_ecid_wtls8";
+ [RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls9] =
+ "wap_wsg_idm_ecid_wtls9";
+ [RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls12] =
+ "wap_wsg_idm_ecid_wtls12";
+ [RTE_CRYPTO_EC_CURVE_brainpoolP160r1] = "brainpoolP160r1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP160t1] = "brainpoolP160t1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP192r1] = "brainpoolP192r1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP192t1] = "brainpoolP192t1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP224r1] = "brainpoolP224r1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP224t1] = "brainpoolP224t1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP256r1] = "brainpoolP256r1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP256t1] = "brainpoolP256t1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP320r1] = "brainpoolP320r1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP320t1] = "brainpoolP320t1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP384r1] = "brainpoolP384r1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP384t1] = "brainpoolP384t1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP512r1] = "brainpoolP512r1",
+ [RTE_CRYPTO_EC_CURVE_brainpoolP512t1] = "brainpoolP512t1",
+ [RTE_CRYPTO_EC_CURVE_x25519] = "curve25519"
+};
+
+/**
+ * ECC binary field curve string identifiers.
+ */
+const char *
+rte_crypto_prime_curve_id_strings[] = {
+ [RTE_CRYPTO_EC_CURVE_sect113r1] = "sect113r1",
+ [RTE_CRYPTO_EC_CURVE_sect113r2] = "sect113r2",
+ [RTE_CRYPTO_EC_CURVE_sect131r1] = "sect131r1",
+ [RTE_CRYPTO_EC_CURVE_sect131r2] = "sect131r2",
+ [RTE_CRYPTO_EC_CURVE_sect163k1] = "sect163k1",
+ [RTE_CRYPTO_EC_CURVE_sect163r1] = "sect163r1",
+ [RTE_CRYPTO_EC_CURVE_sect163r2] = "sect163r2",
+ [RTE_CRYPTO_EC_CURVE_sect193r1] = "sect193r1",
+ [RTE_CRYPTO_EC_CURVE_sect193r2] = "sect193r2",
+ [RTE_CRYPTO_EC_CURVE_sect233k1] = "sect233k1",
+ [RTE_CRYPTO_EC_CURVE_sect233r1] = "sect233r1",
+ [RTE_CRYPTO_EC_CURVE_sect239k1] = "sect239k1",
+ [RTE_CRYPTO_EC_CURVE_sect283k1] = "sect283k1",
+ [RTE_CRYPTO_EC_CURVE_sect283r1] = "sect283r1",
+ [RTE_CRYPTO_EC_CURVE_sect409k1] = "sect409k1",
+ [RTE_CRYPTO_EC_CURVE_sect409r1] = "sect409r1",
+ [RTE_CRYPTO_EC_CURVE_sect571k1] = "sect571k1",
+ [RTE_CRYPTO_EC_CURVE_sect571r1] = "sect571r1",
+ [RTE_CRYPTO_EC_CURVE_c2pnb163v1] = "c2pnb163v1",
+ [RTE_CRYPTO_EC_CURVE_c2pnb163v2] = "c2pnb163v2",
+ [RTE_CRYPTO_EC_CURVE_c2pnb163v3] = "c2pnb163v3",
+ [RTE_CRYPTO_EC_CURVE_c2pnb176v1] = "c2pnb176v1",
+ [RTE_CRYPTO_EC_CURVE_c2tnb191v1] = "c2tnb191v1",
+ [RTE_CRYPTO_EC_CURVE_c2tnb191v2] = "c2tnb191v2",
+ [RTE_CRYPTO_EC_CURVE_c2tnb191v3] = "c2tnb191v3",
+ [RTE_CRYPTO_EC_CURVE_c2pnb208w1] = "c2pnb208w1",
+ [RTE_CRYPTO_EC_CURVE_c2tnb239v1] = "c2tnb239v1",
+ [RTE_CRYPTO_EC_CURVE_c2tnb239v2] = "c2tnb239v2",
+ [RTE_CRYPTO_EC_CURVE_c2tnb239v3] = "c2tnb239v3",
+ [RTE_CRYPTO_EC_CURVE_c2pnb272w1] = "c2pnb272w1",
+ [RTE_CRYPTO_EC_CURVE_c2pnb304w1] = "c2pnb304w1",
+ [RTE_CRYPTO_EC_CURVE_c2tnb359v1] = "c2tnb359v1",
+ [RTE_CRYPTO_EC_CURVE_c2pnb368w1] = "c2pnb368w1",
+ [RTE_CRYPTO_EC_CURVE_c2tnb431r1] = "c2tnb431r1",
+ [RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls1] =
+ "wap_wsg_idm_ecid_wtls1",
+ [RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls3] =
+ "wap_wsg_idm_ecid_wtls3",
+ [RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls4] =
+ "wap_wsg_idm_ecid_wtls4",
+ [RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls5] =
+ "wap_wsg_idm_ecid_wtls5",
+ [RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls10] =
+ "wap_wsg_idm_ecid_wtls10",
+ [RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls11] =
+ "wap_wsg_idm_ecid_wtls11"
+};
+
+int
+rte_cryptodev_get_cipher_algo_enum(enum rte_crypto_cipher_algorithm *algo_enum,
+ const char *algo_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_cipher_algorithm_strings); i++) {
+ if (strcmp(algo_string, rte_crypto_cipher_algorithm_strings[i])
+ == 0) {
+ *algo_enum = (enum rte_crypto_cipher_algorithm) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
+int
+rte_cryptodev_get_auth_algo_enum(enum rte_crypto_auth_algorithm *algo_enum,
+ const char *algo_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_auth_algorithm_strings); i++) {
+ if (strcmp(algo_string, rte_crypto_auth_algorithm_strings[i])
+ == 0) {
+ *algo_enum = (enum rte_crypto_auth_algorithm) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
+int
+rte_cryptodev_get_asym_algo_enum(enum rte_crypto_asym_xform_type *algo_enum,
+ const char *algo_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_asym_algorithm_strings); i++) {
+ if (strcmp(algo_string, rte_crypto_asym_algorithm_strings[i])
+ == 0) {
+ *algo_enum = (enum rte_crypto_asym_xform) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
+int
+rte_cryptodev_get_rsa_op_enum(enum rte_crypto_rsa_optype *op_enum,
+ const char *op_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_rsa_operation_strings); i++) {
+ if (strcmp(op_string, rte_crypto_rsa_operation_strings[i])
+ == 0) {
+ *op_enum = (enum rte_crypto_rsa_optype) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
+int
+rte_cryptodev_get_dh_op_enum(enum rte_crypto_dh_optype *op_enum,
+ const char *op_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_dh_operation_strings); i++) {
+ if (strcmp(op_string, rte_crypto_dh_operation_strings[i])
+ == 0) {
+ *op_enum = (enum rte_crypto_dh_optype) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
+int
+rte_cryptodev_get_ecdh_op_enum(enum rte_crypto_ecdh_optype *op_enum,
+ const char *op_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_ecdh_operation_strings); i++) {
+ if (strcmp(op_string, rte_crypto_ecdh_operation_strings[i])
+ == 0) {
+ *op_enum = (enum rte_crypto_ecdh_optype) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
+int
+rte_cryptodev_get_dsa_op_enum(enum rte_crypto_dsa_optype *op_enum,
+ const char *op_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_dsa_operation_strings); i++) {
+ if (strcmp(op_string, rte_crypto_dsa_operation_strings[i])
+ == 0) {
+ *op_enum = (enum rte_crypto_dsa_optype) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
+int
+rte_cryptodev_get_ecdsa_op_enum(enum rte_crypto_ecdsa_optype *op_enum,
+ const char *op_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_rsa_operation_strings); i++) {
+ if (strcmp(op_string, rte_crypto_ecdsa_operation_strings[i])
+ == 0) {
+ *op_enum = (enum rte_crypto_ecdsa_optype) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
+int
+rte_cryptodev_get_rsa_padding_enum(enum rte_crypto_rsa_padding_type *pad_enum,
+ const char *pad_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_rsa_padding_scheme_strings); i++) {
+ if (strcmp(op_string, rte_crypto_rsa_padding_scheme_strings[i])
+ == 0) {
+ *op_enum = (enum rte_crypto_rsa_padding_type) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
+int
+rte_cryptodev_get_ec_curve_enum(struct rte_crypto_ec_curve_id *curve_id,
+ enum rte_crypto_ec_curve_type *curve_type,
+ const char *curve_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_prime_curve_id_strings); i++) {
+ if (strcmp(op_string, rte_crypto_prime_curve_id_strings[i])
+ == 0){
+ *curve_id.pcurve = (enum rte_crypto_ec_prime_curve) i;
+ *curve_type = RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD;
+ return 0;
+ }
+ }
+
+ for (i = 1; i < RTE_DIM(rte_crypto_binary_curve_id_strings); i++) {
+ if (strcmp(op_string, rte_crypto_binary_curve_id_strings[i])
+ == 0){
+ *curve_id.bcurve = (enum rte_crypto_ec_binary_curve) i;
+ *curve_type = RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD;
+ return 0;
+ }
+ }
+ /* Invalid string */
+ return -1;
+}
+/**
* The crypto auth operation strings identifiers.
* It could be used in application command line.
*/
@@ -369,6 +748,27 @@ struct rte_cryptodev_callback {

}

+const struct rte_cryptodev_asymmetric_capability *
+rte_cryptodev_asym_capability_get(uint8_t dev_id,
+ const struct rte_cryptodev_asym_capability_idx *idx)
+{
+ const struct rte_cryptodev_capabilities *capability;
+ struct rte_cryptodev_info dev_info;
+
+ rte_cryptodev_info_get(dev_id, &dev_info);
+
+ while ((capability == &dev_info.capabilities[i++])->op !=
+ RTE_CRYPTO_OP_TYPE_UNDEFINED) {
+ if (capability->op != RTE_CRYPTO_OP_TYPE_ASYMMETRIC)
+ continue;
+
+ if (capability->asym.xform_type == idx->type)
+ return &capability->asym;
+
+ }
+ return NULL;
+};
+
#define param_range_check(x, y) \
(((x < y.min) || (x > y.max)) || \
(y.increment != 0 && (x % y.increment) != 0))
@@ -404,6 +804,36 @@ struct rte_cryptodev_callback {
return 0;
}

+int
+rte_cryptodev_asym_capability_check_modlen(
+ const struct rte_cryptodev_asymmetric_capability *capability,
+ uint16_t modlen)
+{
+ if (param_range_check(modlen, capability.modlen))
+ return -1;
+
+ return 0;
+}
+
+#define curve_support_check(bitfield, curve) \
+ (bitfield & (1<<curve))
+
+int rte_cryptodev_asym_capability_check_curve(
+ const struct rte_cryptodev_asymmetric_capability *capability,
+ rte_crypto_ec_curve_type curve_type,
+ struct rte_crypto_ec_curve_id curve_id)
+{
+ uint64_t curve_field =
+ (curve_type == RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD) ?
+ capability->prime_bits:capability->binary_bits;
+
+ if (curve_support_check(curve_field, curve_id))
+ return 0;
+
+ return -1;
+
+}
+

const char *
rte_cryptodev_get_feature_name(uint64_t flag)
diff --git lib/librte_cryptodev/rte_cryptodev.h lib/librte_cryptodev/rte_cryptodev.h
index 88aeb87..f5f5a73 100644
--- lib/librte_cryptodev/rte_cryptodev.h
+++ lib/librte_cryptodev/rte_cryptodev.h
@@ -167,6 +167,161 @@ struct rte_cryptodev_symmetric_capability {
};
};

+/**
+ * Asymmetric Crypto Capability
+ *
+ * Capability for asymmetric crypto capabilities are divided as elliptic
+ * curve operations and non-elliptic curve operations. Capability for
+ * elliptic curve operations are dependent on the support for the curve
+ * used for the operation. Capability for non-elliptic curve operations
+ * are dependent on the length of prime modulus used for the operation.
+ *
+ * For non-elliptic curve operations (RSA/DSA/MODEXP/MODIN/DH):
+ * Capability is the param range of prime modulus
+ *
+ * For elliptic curve operations (ECDH/ECDSA/F-ECC) :
+ * Capability is the support for the operations on the curve.
+ *
+ *
+ * NOTE: The list of curves mentioned in the following structure are the
+ * curves supported by OpenSSL libcrypto presently. The curves were
+ * divided into prime or binary so as to use bitfield to determine the
+ * support for correspoding curve.
+ *
+ */
+struct rte_cryptodev_asymmetric_capability {
+ enum rte_crypto_asym_xform_type xform_type;
+ /**< Transform type: RSA/MODEXP/DH/ECDH/DSA/ECDSA/FECC/MODINV */
+ RTE_STD_C11
+ union {
+ struct rte_crypto_param_range mod_len;
+ /**< Range of modulus length supported for
+ * RSA
+ * MODEXP
+ * MODINV
+ * DH
+ */
+ struct {
+ RTE_STD_C11
+ union {
+ /**
+ * List or prime curves represented as a bit field.
+ */
+ struct{
+ uint64_t secp112r1 :1;
+ uint64_t secp112r2 :1;
+ uint64_t secp128r1 :1;
+ uint64_t secp128r2 :1;
+ uint64_t secp160k1 :1;
+ uint64_t secp160r1 :1;
+ uint64_t secp160r2 :1;
+ uint64_t secp192k1 :1;
+ uint64_t secp224k1 :1;
+ uint64_t secp224r1 :1;
+ uint64_t secp256k1 :1;
+ uint64_t secp384r1 :1;
+ uint64_t secp521r1 :1;
+ uint64_t prime192v1 :1;
+ uint64_t prime192v2 :1;
+ uint64_t prime192v3 :1;
+ uint64_t prime239v1 :1;
+ uint64_t prime239v2 :1;
+ uint64_t prime239v3 :1;
+ uint64_t prime256v1 :1;
+ uint64_t wap_wsg_idm_ecid_wtls6 :1;
+ uint64_t wap_wsg_idm_ecid_wtls7 :1;
+ uint64_t wap_wsg_idm_ecid_wtls8 :1;
+ uint64_t wap_wsg_idm_ecid_wtls9 :1;
+ uint64_t wap_wsg_idm_ecid_wtls12 :1;
+ uint64_t brainpoolP160r1 :1;
+ uint64_t brainpoolP160t1 :1;
+ uint64_t brainpoolP192r1 :1;
+ uint64_t brainpoolP192t1 :1;
+ uint64_t brainpoolP224r1 :1;
+ uint64_t brainpoolP224t1 :1;
+ uint64_t brainpoolP256r1 :1;
+ uint64_t brainpoolP256t1 :1;
+ uint64_t brainpoolP320r1 :1;
+ uint64_t brainpoolP320t1 :1;
+ uint64_t brainpoolP384r1 :1;
+ uint64_t brainpoolP384t1 :1;
+ uint64_t brainpoolP512r1 :1;
+ uint64_t brainpoolP512t1 :1;
+ uint64_t x25519 :1;
+ uint64_t unused :24;
+ } prime_curve;
+ /**<
+ * Supported prime curves for
+ * ECDH
+ * ECDSA
+ * FECC
+ */
+ uint64_t prime_bits;
+ };
+
+ RTE_STD_C11
+ union {
+ /**
+ * List or binary curves represented as a bit field.
+ */
+ struct {
+ uint64_t sect113r1 :1;
+ uint64_t sect113r2 :1;
+ uint64_t sect131r1 :1;
+ uint64_t sect131r2 :1;
+ uint64_t sect163k1 :1;
+ uint64_t sect163r1 :1;
+ uint64_t sect163r2 :1;
+ uint64_t sect193r1 :1;
+ uint64_t sect193r2 :1;
+ uint64_t sect233k1 :1;
+ uint64_t sect233r1 :1;
+ uint64_t sect239k1 :1;
+ uint64_t sect283k1 :1;
+ uint64_t sect283r1 :1;
+ uint64_t sect409k1 :1;
+ uint64_t sect409r1 :1;
+ uint64_t sect571k1 :1;
+ uint64_t sect571r1 :1;
+ uint64_t c2pnb163v1 :1;
+ uint64_t c2pnb163v2 :1;
+ uint64_t c2pnb163v3 :1;
+ uint64_t c2pnb176v1 :1;
+ uint64_t c2tnb191v1 :1;
+ uint64_t c2tnb191v2 :1;
+ uint64_t c2tnb191v3 :1;
+ uint64_t c2pnb208w1 :1;
+ uint64_t c2tnb239v1 :1;
+ uint64_t c2tnb239v2 :1;
+ uint64_t c2tnb239v3 :1;
+ uint64_t c2pnb272w1 :1;
+ uint64_t c2pnb304w1 :1;
+ uint64_t c2tnb359v1 :1;
+ uint64_t c2pnb368w1 :1;
+ uint64_t c2tnb431r1 :1;
+ uint64_t wap_wsg_idm_ecid_wtls1 :1;
+ uint64_t wap_wsg_idm_ecid_wtls3 :1;
+ uint64_t wap_wsg_idm_ecid_wtls4 :1;
+ uint64_t wap_wsg_idm_ecid_wtls5 :1;
+ uint64_t wap_wsg_idm_ecid_wtls10 :1;
+ uint64_t wap_wsg_idm_ecid_wtls11 :1;
+ uint64_t unused :24;
+ } binary_curve;
+ /**<
+ * Supported binary curves for
+ * ECDH
+ * ECDSA
+ * FECC
+ */
+ uint64_t binary_bits;
+ /**<
+ * Bitfield representing all binary curves.
+ */
+ };
+ } curves;
+ };
+};
+
/** Structure used to capture a capability of a crypto device */
struct rte_cryptodev_capabilities {
enum rte_crypto_op_type op;
@@ -176,6 +331,8 @@ struct rte_cryptodev_capabilities {
union {
struct rte_cryptodev_symmetric_capability sym;
/**< Symmetric operation capability parameters */
+ struct rte_cryptodev_asymmetric_capability asym;
+ /**< Asymmetric operation capability parameters */
};
};

@@ -188,6 +345,13 @@ struct rte_cryptodev_sym_capability_idx {
} algo;
};

+/** Structure used to describe crypto algorithms
+ * Only algorithm is required to define the capabilites associated
+ * with the particular asymmetric operation.
+ */
+struct rte_cryptodev_asym_capability_idx {
+ enum rte_crypto_asym_xform_type type;
+};
/**
* Provide capabilities available for defined device and algorithm
*
@@ -203,6 +367,20 @@ struct rte_cryptodev_sym_capability_idx {
const struct rte_cryptodev_sym_capability_idx *idx);

/**
+ * Provide capabilities available for defined device and algorithm
+ *
+ * @param dev_id The identifier of the device.
+ * @param algo Description of crypto algorithms.
+ *
+ * @return
+ * - Return description of the asymmetric crypto capability if exist.
+ * - Return NULL if the capability not exist.
+ */
+const struct rte_cryptodev_asymmetric_capability *
+rte_cryptodev_asym_capability_get(uint8_t dev_id,
+ const struct rte_cryptodev_asym_capability_idx *idx);
+
+/**
* Check if key size and initial vector are supported
* in crypto cipher capability
*
@@ -238,6 +416,37 @@ struct rte_cryptodev_sym_capability_idx {
uint16_t key_size, uint16_t digest_size, uint16_t aad_size);

/**
+ * Check if modulus length is supported for asymmetric crypto operation over
+ * a finite field.
+ *
+ * @param capability Description of the asymmetric crypto capability.
+ * @param modlen Modulus length
+ *
+ * @return
+ * - Return 0 if the parameters are in range of the capability.
+ * - Return -1 if the parameters are out of range of the capability.
+ */
+int
+rte_cryptodev_asym_capability_check_modlen(
+ const struct rte_cryptodev_asymmetric_capability *capability,
+ uint16_t modlen);
+
+/**
+ * Check if curve provided is supported for ECC operations
+ * @param capability Description of the asymmetric crypto capability.
+ * @param curve_type Type of the curve (Binary or Prime)
+ * @param curve_id Curve ID of the curve to be checked for support.
+ *
+ * @return
+ * - Return 0 if the curve provided is supported in the capability.
+ * - Return -1 if the curve provided is unsupported in the capability.
+ */
+int rte_cryptodev_asym_capability_check_curve(
+ const struct rte_cryptodev_asymmetric_capability *capability,
+ rte_crypto_ec_curve_type curve_type,
+ struct rte_crypto_ec_curve_id curve_id);
+
+/**
* Provide the cipher algorithm enum, given an algorithm string
*
* @param algo_enum A pointer to the cipher algorithm
@@ -267,6 +476,131 @@ struct rte_cryptodev_sym_capability_idx {
rte_cryptodev_get_auth_algo_enum(enum rte_crypto_auth_algorithm *algo_enum,
const char *algo_string);

+/**
+ * Provide ECC curve enum and curve type from given curve name string.
+ *
+ * @param curve_id A pointer to the ECC curve ID enum to be
+ * filled.
+ * @param curve_type A pointer to the ECC curve type enum to be
+ * filled.
+ * @param curve_string Curve name string.
+ *
+ *
+ * @return
+ * - Return -1 if string is not valid.
+ * - Return 0 if the string is valid.
+ */
+int rte_cryptodev_get_ec_curve_enum(struct rte_crypto_ec_curve_id *curve_id,
+ enum rte_crypto_ec_curve_type *curve_type,
+ const char *curve_string);
+
+/**
+ * Provide asymmetric algorithm xform type for the given string.
+ *
+ * @param algo_enum Pointer to asymmetric xform enum to be filled.
+ *
+ * @param algo_string Asymmetric algorithm string.
+ *
+ * @return
+ * - Return -1 if string is not valid.
+ * - Return 0 if the string is valid.
+ */
+int
+rte_cryptodev_get_asym_algo_enum(enum rte_crypto_asym_xform_type *algo_enum,
+ const char *algo_string);
+
+/**
+ * Provide RSA operation type enum for the given string.
+ *
+ * @param op_enum Pointer to RSA operation type to be filled.
+ *
+ * @param op_string RSA operation type string.
+ *
+ * @return
+ * - Return -1 if string is not valid.
+ * - Return 0 if the string is valid.
+ */
+int
+rte_cryptodev_get_dh_op_enum(enum rte_crypto_dh_optype *op_enum,
+ const char *op_string);
+
+/**
+ * Provide DH operation type enum for the given string.
+ *
+ * @param op_enum Pointer to DH operation type enum to be filled.
+ *
+ * @param op_string DH operation type string.
+ *
+ * @return
+ * - Return -1 if string is not valid.
+ * - Return 0 if the string is valid.
+ */
+int
+rte_cryptodev_get_ecdh_op_enum(enum rte_crypto_ecdh_optype *op_enum,
+ const char *op_string);
+
+
+/**
+ * Provide ECDH operation type enum for the given string.
+ *
+ * @param op_enum Pointer to ECDH operation type enum to be filled.
+ *
+ * @param op_string ECDH operation type string.
+ *
+ * @return
+ * - Return -1 if string is not valid.
+ * - Return 0 if the string is valid.
+ */
+int
+rte_cryptodev_get_ecdh_op_enum(enum rte_crypto_ecdh_optype *op_enum,
+ const char *op_string);
+
+/**
+ * Provide DSA operation type enum for the given string.
+ *
+ * @param op_enum Pointer to DSA operation type enum to be filled.
+ *
+ * @param op_string DSA operation type string.
+ *
+ * @return
+ * - Return -1 if string is not valid.
+ * - Return 0 if the string is valid.
+ */
+int
+rte_cryptodev_get_dsa_op_enum(enum rte_crypto_dsa_optype *op_enum,
+ const char *op_string);
+
+
+/**
+ * Provide ECDSA operation type enum for the given string.
+ *
+ * @param op_enum Pointer to ECDSA operation type enum to be filled.
+ *
+ * @param op_string ECDSA operation type string.
+ *
+ * @return
+ * - Return -1 if string is not valid.
+ * - Return 0 if the string is valid.
+ */
+int
+rte_cryptodev_get_ecdsa_op_enum(enum rte_crypto_ecdsa_optype *op_enum,
+ const char *op_string);
+
+/**
+ * Provide RSA padding scheme enum for the given string.
+ *
+ * @param pad_enum Pointer to RSA padding scheme enum to be filled.
+ *
+ * @param pad_string Padding scheme as string
+ *
+ * @return
+ * - Return -1 if string is not valid.
+ * - Return 0 if the string is valid.
+ */
+int
+rte_cryptodev_get_rsa_padding_enum(enum rte_crypto_rsa_padding_type *pad_enum,
+ const char *pad_string);
+
/** Macro used at end of crypto PMD list */
#define RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() \
{ RTE_CRYPTO_OP_TYPE_UNDEFINED }
--
1.8.3.1
Umesh Kartha
2017-05-11 12:35:32 UTC
Permalink
Added asymmetric operation queue pairs to device file. Added asymmetric
session creation/initialisation/deletion APIs. Added asymmetric queue
pair APIs to device ops. Added APIs to attach asym session to queue
pairs.

Signed-off-by: Umesh Kartha <***@caviumnetworks.com>
---
lib/librte_cryptodev/rte_cryptodev.c | 352 ++++++++++++++++++++++++++++++-
lib/librte_cryptodev/rte_cryptodev.h | 80 +++++++
lib/librte_cryptodev/rte_cryptodev_pmd.h | 113 ++++++++++
3 files changed, 544 insertions(+), 1 deletion(-)

diff --git lib/librte_cryptodev/rte_cryptodev.c lib/librte_cryptodev/rte_cryptodev.c
index abcdeb0..d4e943c 100644
--- lib/librte_cryptodev/rte_cryptodev.c
+++ lib/librte_cryptodev/rte_cryptodev.c
@@ -1242,6 +1242,15 @@ struct rte_cryptodev *
return dev->data->nb_queue_pairs;
}

+uint16_t
+rte_cryptodev_asym_queue_pair_count(uint8_t dev_id)
+{
+ struct rte_cryptodev *dev;
+
+ dev = &rte_crypto_devices[dev_id];
+ return dev->data->asym_nb_queue_pairs;
+}
+
static int
rte_cryptodev_queue_pairs_config(struct rte_cryptodev *dev, uint16_t nb_qpairs,
int socket_id)
@@ -1320,6 +1329,87 @@ struct rte_cryptodev *
return 0;
}

+static int
+rte_cryptodev_asym_queue_pairs_config(struct rte_cryptodev *dev,
+ uint16_t nb_qpairs, int socket_id)
+{
+ struct rte_cryptodev_info dev_info;
+ void **qp;
+ unsigned i;
+ uint16_t sym_nb_qps = dev->data->nb_queue_pairs;
+
+ if ((dev == NULL) || (nb_qpairs < 1)) {
+ CDEV_LOG_ERR("invalid param: dev %p, nb_queues %u",
+ dev, nb_qpairs);
+ return -EINVAL;
+ }
+
+ CDEV_LOG_DEBUG("Setup asym %d queues pairs on device %u",
+ nb_qpairs, dev->data->dev_id);
+
+ memset(&dev_info, 0, sizeof(struct rte_cryptodev_info));
+
+ RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->dev_infos_get, -ENOTSUP);
+ (*dev->dev_ops->dev_infos_get)(dev, &dev_info);
+
+ if ((nb_qpairs + sym_nb_qps) > (dev_info.max_nb_queue_pairs)) {
+ CDEV_LOG_ERR("Invalid num asym queue_pairs (%u) for dev %u",
+ nb_qpairs, dev->data->dev_id);
+ return -EINVAL;
+ }
+
+ if (dev->data->asym_queue_pairs == NULL) {
+ /* first time configuration */
+ dev->data->asym_queue_pairs = rte_zmalloc_socket(
+ "cryptodev->queue_pairs",
+ sizeof(dev->data->asym_queue_pairs[0]) * nb_qpairs,
+ RTE_CACHE_LINE_SIZE, socket_id);
+
+ if (dev->data->asym_queue_pairs == NULL) {
+ dev->data->asym_nb_queue_pairs = 0;
+ CDEV_LOG_ERR("failed to get memory for asym "
+ "qp meta data, "
+ "nb_queues %u",
+ nb_qpairs);
+ return -(ENOMEM);
+ }
+ } else { /* re-configure */
+ int ret;
+ uint16_t old_nb_queues = dev->data->asym_nb_queue_pairs;
+
+ qp = dev->data->asym_queue_pairs;
+
+ RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->queue_pair_release,
+ -ENOTSUP);
+
+ for (i = nb_qpairs; i < old_nb_queues; i++) {
+ ret = (*dev->dev_ops->queue_pair_release)(dev, i);
+ if (ret < 0)
+ return ret;
+ }
+
+ qp = rte_realloc(qp, sizeof(qp[0]) * nb_qpairs,
+ RTE_CACHE_LINE_SIZE);
+ if (qp == NULL) {
+ CDEV_LOG_ERR("failed to realloc asym qp meta data,"
+ " nb_queues %u", nb_qpairs);
+ return -(ENOMEM);
+ }
+
+ if (nb_qpairs > old_nb_queues) {
+ uint16_t new_qs = nb_qpairs - old_nb_queues;
+
+ memset(qp + old_nb_queues, 0,
+ sizeof(qp[0]) * new_qs);
+ }
+
+ dev->data->asym_queue_pairs = qp;
+
+ }
+ dev->data->asym_nb_queue_pairs = nb_qpairs;
+ return 0;
+}
+
int
rte_cryptodev_queue_pair_start(uint8_t dev_id, uint16_t queue_pair_id)
{
@@ -1368,6 +1458,10 @@ struct rte_cryptodev *
rte_cryptodev_sym_session_pool_create(struct rte_cryptodev *dev,
unsigned nb_objs, unsigned obj_cache_size, int socket_id);

+static int
+rte_cryptodev_asym_session_pool_create(struct rte_cryptodev *dev,
+ unsigned nb_objs, unsigned obj_cache_size, int socket_id);
+
int
rte_cryptodev_configure(uint8_t dev_id, struct rte_cryptodev_config *config)
{
@@ -1398,6 +1492,16 @@ struct rte_cryptodev *
return diag;
}

+ /* Setup new number of asym queue pairs and reconfigure device. */
+ diag = rte_cryptodev_asym_queue_pairs_config(dev,
+ config->asym_nb_queue_pairs, config->socket_id);
+ if (diag != 0) {
+ CDEV_LOG_ERR("dev%d rte_crypto_dev_asym_queue_pairs_config"
+ " = %d",
+ dev_id, diag);
+ return diag;
+ }
+
/* Setup Session mempool for device */
diag = rte_cryptodev_sym_session_pool_create(dev,
config->session_mp.nb_objs,
@@ -1406,6 +1510,15 @@ struct rte_cryptodev *
if (diag != 0)
return diag;

+ /* Setup Session mempool for device */
+ diag = rte_cryptodev_asym_session_pool_create(dev,
+ config->asym_session_mp.nb_objs,
+ config->asym_session_mp.cache_size,
+ config->socket_id);
+ if (diag != 0)
+ return diag;
+
+
return (*dev->dev_ops->dev_configure)(dev, config);
}

@@ -1496,6 +1609,16 @@ struct rte_cryptodev *
return -EBUSY;
}
}
+ if (dev->data->asym_session_pool != NULL) {
+ if (!rte_mempool_full(dev->data->asym_session_pool)) {
+ CDEV_LOG_ERR("dev_id=%u close failed, session mempool "
+ "has sessions still in use, free "
+ "all sessions before calling close",
+ (unsigned)dev_id);
+ return -EBUSY;
+ }
+ }
+

RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->dev_close, -ENOTSUP);
retval = (*dev->dev_ops->dev_close)(dev);
@@ -1535,6 +1658,35 @@ struct rte_cryptodev *
socket_id);
}

+int
+rte_cryptodev_asym_queue_pair_setup(uint8_t dev_id, uint16_t queue_pair_id,
+ const struct rte_cryptodev_qp_conf *qp_conf, int socket_id)
+{
+ struct rte_cryptodev *dev;
+
+ if (!rte_cryptodev_pmd_is_valid_dev(dev_id)) {
+ CDEV_LOG_ERR("Invalid dev_id=%" PRIu8, dev_id);
+ return -EINVAL;
+ }
+
+ dev = &rte_crypto_devices[dev_id];
+ if (queue_pair_id >= dev->data->asym_nb_queue_pairs) {
+ CDEV_LOG_ERR("Invalid queue_pair_id=%d", queue_pair_id);
+ return -EINVAL;
+ }
+
+ if (dev->data->dev_started) {
+ CDEV_LOG_ERR(
+ "device %d must be stopped to allow configuration", dev_id);
+ return -EBUSY;
+ }
+
+ RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->queue_pair_setup, -ENOTSUP);
+
+ return (*dev->dev_ops->asym_queue_pair_setup)(dev, queue_pair_id,
+ qp_conf, socket_id);
+}
+

int
rte_cryptodev_stats_get(uint8_t dev_id, struct rte_cryptodev_stats *stats)
@@ -1730,6 +1882,25 @@ struct rte_cryptodev *
(*dev->dev_ops->session_initialize)(mp, sess);
}

+static void
+rte_cryptodev_asym_session_init(struct rte_mempool *mp,
+ void *opaque_arg,
+ void *_sess,
+ __rte_unused unsigned i)
+{
+ struct rte_cryptodev_asym_session *sess = _sess;
+ struct rte_cryptodev *dev = opaque_arg;
+
+ memset(sess, 0, mp->elt_size);
+
+ sess->dev_id = dev->data->dev_id;
+ sess->dev_type = dev->dev_type;
+ sess->mp = mp;
+
+ if (dev->dev_ops->asym_session_initialize)
+ (*dev->dev_ops->asym_session_initialize)(mp, sess);
+}
+
static int
rte_cryptodev_sym_session_pool_create(struct rte_cryptodev *dev,
unsigned nb_objs, unsigned obj_cache_size, int socket_id)
@@ -1792,6 +1963,70 @@ struct rte_cryptodev *
return 0;
}

+static int
+rte_cryptodev_asym_session_pool_create(struct rte_cryptodev *dev,
+ unsigned nb_objs, unsigned obj_cache_size, int socket_id)
+{
+ char mp_name[RTE_CRYPTODEV_NAME_MAX_LEN];
+ unsigned priv_sess_size;
+
+ unsigned n = snprintf(mp_name, sizeof(mp_name), "cdev_%d_sess_mp",
+ dev->data->dev_id);
+ if (n > sizeof(mp_name)) {
+ CDEV_LOG_ERR("Unable to create unique name for"
+ " session mempool");
+ return -ENOMEM;
+ }
+
+ RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->asym_session_get_size,
+ -ENOTSUP);
+ priv_sess_size = (*dev->dev_ops->asym_session_get_size)(dev);
+ if (priv_sess_size == 0) {
+ CDEV_LOG_ERR("%s returned and invalid private session size ",
+ dev->data->name);
+ return -ENOMEM;
+ }
+
+ unsigned elt_size = sizeof(struct rte_cryptodev_asym_session) +
+ priv_sess_size;
+
+ dev->data->asym_session_pool = rte_mempool_lookup(mp_name);
+ if (dev->data->asym_session_pool != NULL) {
+ if ((dev->data->asym_session_pool->elt_size != elt_size) ||
+ (dev->data->asym_session_pool->cache_size <
+ obj_cache_size) ||
+ (dev->data->asym_session_pool->size < nb_objs)) {
+
+ CDEV_LOG_ERR("%s mempool already exists with different"
+ " initialization parameters", mp_name);
+ dev->data->asym_session_pool = NULL;
+ return -ENOMEM;
+ }
+ } else {
+ dev->data->asym_session_pool = rte_mempool_create(
+ mp_name, /* mempool name */
+ nb_objs, /* number of elements*/
+ elt_size, /* element size*/
+ obj_cache_size, /* Cache size*/
+ 0, /* private data size */
+ NULL, /* obj initialization constructor */
+ NULL, /* obj initialization constructor arg */
+ rte_cryptodev_asym_session_init,
+ /**< obj constructor*/
+ dev, /* obj constructor arg */
+ socket_id, /* socket id */
+ 0); /* flags */
+
+ if (dev->data->asym_session_pool == NULL) {
+ CDEV_LOG_ERR("%s mempool allocation failed", mp_name);
+ return -ENOMEM;
+ }
+ }
+
+ CDEV_LOG_DEBUG("%s mempool created!", mp_name);
+ return 0;
+}
+
struct rte_cryptodev_sym_session *
rte_cryptodev_sym_session_create(uint8_t dev_id,
struct rte_crypto_sym_xform *xform)
@@ -1829,6 +2064,43 @@ struct rte_cryptodev_sym_session *
return sess;
}

+struct rte_cryptodev_asym_session *
+rte_cryptodev_asym_session_create(uint8_t dev_id,
+ struct rte_crypto_asym_xform *xform)
+{
+ struct rte_cryptodev *dev;
+ struct rte_cryptodev_asym_session *sess;
+ void *_sess;
+
+ if (!rte_cryptodev_pmd_is_valid_dev(dev_id)) {
+ CDEV_LOG_ERR("Invalid dev_id=%d", dev_id);
+ return NULL;
+ }
+
+ dev = &rte_crypto_devices[dev_id];
+
+ /* Allocate a session structure from the session pool */
+ if (rte_mempool_get(dev->data->asym_session_pool, &_sess)) {
+ CDEV_LOG_ERR("Couldn't get object from session mempool");
+ return NULL;
+ }
+
+ sess = (struct rte_cryptodev_asym_session *)_sess;
+
+ RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->session_configure, NULL);
+ if (dev->dev_ops->asym_session_configure(dev, xform, sess->_private) ==
+ NULL) {
+ CDEV_LOG_ERR("dev_id %d failed to configure session details",
+ dev_id);
+
+ /* Return session to mempool */
+ rte_mempool_put(sess->mp, _sess);
+ return NULL;
+ }
+
+ return sess;
+}
+
int
rte_cryptodev_queue_pair_attach_sym_session(uint16_t qp_id,
struct rte_cryptodev_sym_session *sess)
@@ -1854,6 +2126,30 @@ struct rte_cryptodev_sym_session *
}

int
+rte_cryptodev_queue_pair_attach_asym_session(uint16_t qp_id,
+ struct rte_cryptodev_asym_session *sess)
+{
+ struct rte_cryptodev *dev;
+
+ if (!rte_cryptodev_pmd_is_valid_dev(sess->dev_id)) {
+ CDEV_LOG_ERR("Invalid dev_id=%d", sess->dev_id);
+ return -EINVAL;
+ }
+
+ dev = &rte_crypto_devices[sess->dev_id];
+
+ /* The API is optional, not returning error if driver do not suuport */
+ RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->asym_qp_attach_session, 0);
+ if (dev->dev_ops->asym_qp_attach_session(dev, qp_id, sess->_private)) {
+ CDEV_LOG_ERR("dev_id %d failed to attach qp: %d with session",
+ sess->dev_id, qp_id);
+ return -EPERM;
+ }
+
+ return 0;
+}
+
+int
rte_cryptodev_queue_pair_detach_sym_session(uint16_t qp_id,
struct rte_cryptodev_sym_session *sess)
{
@@ -1876,6 +2172,31 @@ struct rte_cryptodev_sym_session *

return 0;
}
+
+int
+rte_cryptodev_queue_pair_detach_asym_session(uint16_t qp_id,
+ struct rte_cryptodev_asym_session *sess)
+{
+ struct rte_cryptodev *dev;
+
+ if (!rte_cryptodev_pmd_is_valid_dev(sess->dev_id)) {
+ CDEV_LOG_ERR("Invalid dev_id=%d", sess->dev_id);
+ return -EINVAL;
+ }
+
+ dev = &rte_crypto_devices[sess->dev_id];
+
+ /* The API is optional, not returning error if driver do not suuport */
+ RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->asym_qp_detach_session, 0);
+ if (dev->dev_ops->asym_qp_detach_session(dev, qp_id, sess->_private)) {
+ CDEV_LOG_ERR("dev_id %d failed to detach qp: %d from session",
+ sess->dev_id, qp_id);
+ return -EPERM;
+ }
+
+ return 0;
+}
+
struct rte_cryptodev_sym_session *
rte_cryptodev_sym_session_free(uint8_t dev_id,
struct rte_cryptodev_sym_session *sess)
@@ -1903,6 +2224,33 @@ struct rte_cryptodev_sym_session *
return NULL;
}

+struct rte_cryptodev_asym_session *
+rte_cryptodev_asym_session_free(uint8_t dev_id,
+ struct rte_cryptodev_asym_session *sess)
+{
+ struct rte_cryptodev *dev;
+
+ if (!rte_cryptodev_pmd_is_valid_dev(dev_id)) {
+ CDEV_LOG_ERR("Invalid dev_id=%d", dev_id);
+ return sess;
+ }
+
+ dev = &rte_crypto_devices[dev_id];
+
+ /* Check the session belongs to this device type */
+ if (sess->dev_type != dev->dev_type)
+ return sess;
+
+ /* Let device implementation clear session material */
+ RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->asym_session_clear, sess);
+ dev->dev_ops->asym_session_clear(dev, (void *)sess->_private);
+
+ /* Return session to mempool */
+ rte_mempool_put(sess->mp, (void *)sess);
+
+ return NULL;
+}
+
/** Initialise rte_crypto_op mempool element */
static void
rte_crypto_op_init(struct rte_mempool *mempool,
@@ -1930,7 +2278,9 @@ struct rte_mempool *
struct rte_crypto_op_pool_private *priv;

unsigned elt_size = sizeof(struct rte_crypto_op) +
- sizeof(struct rte_crypto_sym_op) +
+ (type == RTE_CRYPTO_OP_TYPE_SYMMETRIC) ?
+ sizeof(struct rte_crypto_sym_op) :
+ sizeof(struct rte_crypto_asym_op) +
priv_size;

/* lookup mempool in case already allocated */
diff --git lib/librte_cryptodev/rte_cryptodev.h lib/librte_cryptodev/rte_cryptodev.h
index f5f5a73..edfd8fd 100644
--- lib/librte_cryptodev/rte_cryptodev.h
+++ lib/librte_cryptodev/rte_cryptodev.h
@@ -674,6 +674,11 @@ struct rte_cryptodev_info {
* Default 0 for infinite sessions
*/
} sym;
+
+ struct {
+ unsigned max_nb_sessions;
+ /**< Maximum number of sessions supported by device. */
+ } asym;
};

#define RTE_CRYPTODEV_DETACHED (0)
@@ -827,11 +832,18 @@ struct rte_cryptodev_config {
int socket_id; /**< Socket to allocate resources on */
uint16_t nb_queue_pairs;
/**< Number of queue pairs to configure on device */
+ uint16_t asym_nb_queue_pairs;
+ /**< Number of asym_queue pairs to configure on device */

struct {
uint32_t nb_objs; /**< Number of objects in mempool */
uint32_t cache_size; /**< l-core object cache size */
} session_mp; /**< Session mempool configuration */
+
+ struct {
+ uint32_t nb_objs; /**< Number of objects in mempool */
+ uint32_t cache_size; /**< l-core object cache size */
+ } asym_session_mp; /**< Session mempool configuration */
};

/**
@@ -1098,11 +1110,22 @@ struct rte_cryptodev_data {

struct rte_mempool *session_pool;
/**< Session memory pool */
+
+ struct rte_mempool *asym_session_pool;
+ /**< Asymmetric xform session memory pool */
+
void **queue_pairs;
/**< Array of pointers to queue pairs. */
+
+ void **asym_queue_pairs;
+ /**< Array of pointers to asymmetric queue pairs */
+
uint16_t nb_queue_pairs;
/**< Number of device queue pairs. */

+ uint16_t asym_nb_queue_pairs;
+ /**< Number of device queue pairs for asym ops */
+
void *dev_private;
/**< PMD-specific private data */
} __rte_cache_aligned;
@@ -1216,6 +1239,24 @@ struct rte_cryptodev_sym_session {
};


+/** Cryptodev symmetric crypto session */
+struct rte_cryptodev_asym_session {
+ RTE_STD_C11
+ struct {
+ uint8_t dev_id;
+ /**< Device Id */
+ enum rte_cryptodev_type dev_type;
+ /** Crypto Device type session created on */
+ struct rte_mempool *mp;
+ /**< Mempool session allocated from */
+ } __rte_aligned(8);
+ /**< Public asymmetric session details */
+
+ __extension__ char _private[0];
+ /**< Private session material */
+};
+
+
/**
* Initialise a session for symmetric cryptographic operations.
*
@@ -1241,6 +1282,32 @@ struct rte_cryptodev_sym_session {
rte_cryptodev_sym_session_create(uint8_t dev_id,
struct rte_crypto_sym_xform *xform);

+
+/**
+ * Initialise a session for asymmetric cryptographic operations.
+ *
+ * This function is used by the client to initialize immutable
+ * parameters of asymmetric cryptographic operation.
+ * To perform the operation the rte_cryptodev_enqueue_burst function is
+ * used. Each mbuf should contain a reference to the session
+ * pointer returned from this function contained within it's crypto_op if a
+ * session-based operation is being provisioned. Memory to contain the session
+ * information is allocated from within mempool managed by the cryptodev.
+ *
+ * The rte_cryptodev_session_free must be called to free allocated
+ * memory when the session is no longer required.
+ *
+ * @param dev_id The device identifier.
+ * @param xform Crypto transform chain.
+
+ *
+ * @return
+ * Pointer to the created session or NULL
+ */
+extern struct rte_cryptodev_asym_session *
+rte_cryptodev_asym_session_create(uint8_t dev_id,
+ struct rte_crypto_asym_xform *xform);
+
/**
* Free the memory associated with a previously allocated session.
*
@@ -1257,6 +1324,19 @@ struct rte_cryptodev_sym_session {
struct rte_cryptodev_sym_session *session);

/**
+ * Free the memory associated with a previously allocated session.
+ *
+ * @param dev_id The device identifier.
+ * @param session Session pointer previously allocated by
+ * *rte_cryptodev_asym_session_create*.
+ *
+ * @return
+ * NULL on successful freeing of session.
+ * Session pointer on failure to free session.
+ */
+extern struct rte_cryptodev_asym_session *
+rte_cryptodev_asym_session_free(uint8_t dev_id,
+ struct rte_cryptodev_asym_session *session);
* Attach queue pair with sym session.
*
* @param qp_id Queue pair to which session will be attached.
diff --git lib/librte_cryptodev/rte_cryptodev_pmd.h lib/librte_cryptodev/rte_cryptodev_pmd.h
index 17ef37c..31c5804 100644
--- lib/librte_cryptodev/rte_cryptodev_pmd.h
+++ lib/librte_cryptodev/rte_cryptodev_pmd.h
@@ -327,6 +327,22 @@ typedef int (*cryptodev_sym_create_session_pool_t)(
struct rte_cryptodev *dev, unsigned nb_objs,
unsigned obj_cache_size, int socket_id);

+/**
+ * Create asymmetric session mempool to allocate sessions from
+ *
+ * @param dev Crypto device pointer
+ * @param nb_objs number of sessions objects in mempool
+ * @param obj_cache l-core object cache size, see *rte_ring_create*
+ * @param socket_id Socket Id to allocate mempool on.
+ *
+ * @return
+ * - On success returns a pointer to a rte_mempool
+ * - On failure returns a NULL pointer
+ */
+typedef int (*cryptodev_asym_create_session_pool_t)(
+ struct rte_cryptodev *dev, unsigned nb_objs,
+ unsigned obj_cache_size, int socket_id);
+

/**
* Get the size of a cryptodev session
@@ -341,6 +357,18 @@ typedef unsigned (*cryptodev_sym_get_session_private_size_t)(
struct rte_cryptodev *dev);

/**
+ * Get the size of an asymmetric cryptodev session
+ *
+ * @param dev Crypto device pointer
+ *
+ * @return
+ * - On success returns the size of the session structure for device
+ * - On failure returns 0
+ */
+typedef unsigned (*cryptodev_asym_get_session_private_size_t)(
+ struct rte_cryptodev *dev);
+
+/**
* Initialize a Crypto session on a device.
*
* @param dev Crypto device pointer
@@ -355,6 +383,20 @@ typedef void (*cryptodev_sym_initialize_session_t)(struct rte_mempool *mempool,
void *session_private);

/**
+ * Initialize an asymmetric Crypto session on a device.
+ *
+ * @param dev Crypto device pointer
+ * @param xform Single or chain of crypto xforms
+ * @param priv_sess Pointer to cryptodev's private session structure
+ *
+ * @return
+ * - Returns private session structure on success.
+ * - Returns NULL on failure.
+ */
+typedef void (*cryptodev_asym_initialize_session_t)(struct rte_mempool *mempool,
+ void *session_private);
+
+/**
* Configure a Crypto session on a device.
*
* @param dev Crypto device pointer
@@ -369,6 +411,20 @@ typedef void (*cryptodev_sym_initialize_session_t)(struct rte_mempool *mempool,
struct rte_crypto_sym_xform *xform, void *session_private);

/**
+ * Configure an asymmetric Crypto session on a device.
+ *
+ * @param dev Crypto device pointer
+ * @param xform Single or chain of asymmetric crypto xforms
+ * @param priv_sess Pointer to cryptodev's private session structure
+ *
+ * @return
+ * - Returns private session structure on success.
+ * - Returns NULL on failure.
+ */
+typedef void *(*cryptodev_asym_configure_session_t)(struct rte_cryptodev *dev,
+ struct rte_crypto_asym_xform *xform, void *session_private);
+
+/**
* Free Crypto session.
* @param session Cryptodev session structure to free
*/
@@ -376,6 +432,13 @@ typedef void (*cryptodev_sym_free_session_t)(struct rte_cryptodev *dev,
void *session_private);

/**
+ * Free asymmetric Crypto session.
+ * @param session Cryptodev session structure to free
+ */
+typedef void (*cryptodev_asym_free_session_t)(struct rte_cryptodev *dev,
+ void *session_private);
+
+/**
* Optional API for drivers to attach sessions with queue pair.
* @param dev Crypto device pointer
* @param qp_id queue pair id for attaching session
@@ -389,6 +452,19 @@ typedef int (*cryptodev_sym_queue_pair_attach_session_t)(
void *session_private);

/**
+ * Optional API for drivers to attach asymmetric sessions with queue pair.
+ * @param dev Crypto device pointer
+ * @param qp_id queue pair id for attaching session
+ * @param priv_sess Pointer to cryptodev's private session structure
+ * @return
+ * - Return 0 on success
+ */
+typedef int (*cryptodev_asym_queue_pair_attach_session_t)(
+ struct rte_cryptodev *dev,
+ uint16_t qp_id,
+ void *session_private);
+
+/**
* Optional API for drivers to detach sessions from queue pair.
* @param dev Crypto device pointer
* @param qp_id queue pair id for detaching session
@@ -401,6 +477,20 @@ typedef int (*cryptodev_sym_queue_pair_detach_session_t)(
uint16_t qp_id,
void *session_private);

+/**
+ * Optional API for drivers to detach asymmetric sessions from queue pair.
+ * @param dev Crypto device pointer
+ * @param qp_id queue pair id for detaching session
+ * @param priv_sess Pointer to cryptodev's private session
+ * structure.
+ * @return
+ * - Return 0 on success
+ */
+typedef int (*cryptodev_asym_queue_pair_detach_session_t)(
+ struct rte_cryptodev *dev,
+ uint16_t qp_id,
+ void *session_private);
+
/** Crypto device operations function pointer table */
struct rte_cryptodev_ops {
cryptodev_configure_t dev_configure; /**< Configure device. */
@@ -426,18 +516,41 @@ struct rte_cryptodev_ops {
cryptodev_queue_pair_count_t queue_pair_count;
/**< Get count of the queue pairs. */

+ cryptodev_queue_pair_setup_t asym_queue_pair_setup;
+ /**< Set up a device queue pair. */
+ cryptodev_queue_pair_release_t asym_queue_pair_release;
+ /**< Release a queue pair. */
+ cryptodev_queue_pair_start_t asym_queue_pair_start;
+ /**< Start a queue pair. */
+ cryptodev_queue_pair_stop_t asym_queue_pair_stop;
+ /**< Stop a queue pair. */
+ cryptodev_queue_pair_count_t asym_queue_pair_count;
+ /**< Get count of the queue pairs. */
+
cryptodev_sym_get_session_private_size_t session_get_size;
/**< Return private session. */
+ cryptodev_asym_get_session_private_size_t asym_session_get_size;
+ /**< Return asymmetric private session. */
cryptodev_sym_initialize_session_t session_initialize;
/**< Initialization function for private session data */
+ cryptodev_asym_initialize_session_t asym_session_initialize;
+ /**< Initialization asymmetric function for private session data */
cryptodev_sym_configure_session_t session_configure;
/**< Configure a Crypto session. */
+ cryptodev_asym_configure_session_t asym_session_configure;
+ /**< Configure an Asymmetric Crypto session. */
cryptodev_sym_free_session_t session_clear;
/**< Clear a Crypto sessions private data. */
+ cryptodev_asym_free_session_t asym_session_clear;
+ /**< Clear an asymmetric Crypto sessions private data. */
cryptodev_sym_queue_pair_attach_session_t qp_attach_session;
/**< Attach session to queue pair. */
+ cryptodev_asym_queue_pair_attach_session_t asym_qp_attach_session;
+ /**< Attach asymmetric session to queue pair. */
cryptodev_sym_queue_pair_attach_session_t qp_detach_session;
/**< Detach session from queue pair. */
+ cryptodev_asym_queue_pair_attach_session_t asym_qp_detach_session;
+ /**< Detach asymmetric session from queue pair. */
};
--
1.8.3.1
Trahe, Fiona
2017-05-24 11:48:39 UTC
Permalink
This post might be inappropriate. Click to display it.
Neil Horman
2017-05-12 12:15:57 UTC
Permalink
Post by Umesh Kartha
This RFC contains specifications for asymmetric crypto algorithms.
Asymmetric crypto algorithms are essential part of protocols such as
SSL/TLS. As the current DPDK crypto library lacks support for asymmetric
crypto algorithms, this RFC is an attempt to address it.
Cavium offers PCI hardware accelerators that supports symmetric and
asymmetric crypto algorithms, of which a few are addressed in this RFC.
Once specifications are agreed upon, I can submit a patch for the same.
We will develop a poll mode driver which can offload to OpenSSL crypto
library and to Cavium crypto accelerator.
This all appears to modify the cryptodev api, but I don't see where said
modification was announced.

Additionally, I don't see modifications to a map file to export the api symbols.
Have you tested this in a shared library build?

Neil
Post by Umesh Kartha
1 RSA
- RSA Sign
- RSA Verify
- RSA Public Encrypt
- RSA Private Decrypt
Padding schemes supported for RSA operations are
* RSA PKCS#1 BT1
* RSA PKCS#1 BT2
* RSA PKCS#1 OAEP
* RSA PKCS#1 PSS
2 DH
- DH generate key
- DH compute key
3 ECDH
- ECDH generate key
- ECDH check key
- ECDH compute key
4 DSA
- DSA Sign
- DSA Verify
5 ECDSA
- ECDSA Sign
- ECDSA Verify
6 MODEXP
7 FUNDAMENTAL ECC
- Point Addition
- Point Multiplication
- Point Doubling
8 MODULAR INVERSE
Asymmetric crypto transform operations support both session oriented
mode and session less mode. If the operation is sessionless, an
asymmetric crypto transform structure, containing immutable parameters,
is passed along with per-operation mutable parameters in the structure.
Specific structures were written to contain immutable parameters
depending on algorithm used for crypto transform operation. The
parameters and type of transform is distinguished by the algorithm for
which the transform structure is filled. For a particular asymmetric
algorithm, not all parameters will be used and hence not required to be
filled.
Added additional algorithms : DH/ECDH/MODINVERSE/DSA
Added additional curves for ECC operations: All cuves supported by libcrypto.
- removed mbufs from asymmetric crypto operation structure.
- added separate queue pair in device structure to handle asymmetric crypto
operations.
- added APIs to start/stop/initialize queue pairs to handle asymmetric crypto
operations.
- added asymmetric session structure and related APIs to handle session
operations (initialize/allocate/free) etc.
RFC v1: http://dpdk.org/ml/archives/dev/2017-March/060869.html
cryptodev: added asymmetric algorithms
cryptodev: asymmetric algorithm capability definitions
cryptodev: added asym queue pair, session apis
lib/librte_cryptodev/rte_crypto.h | 135 +++-
lib/librte_cryptodev/rte_crypto_asym.h | 1124 ++++++++++++++++++++++++++++++
lib/librte_cryptodev/rte_cryptodev.c | 782 ++++++++++++++++++++-
lib/librte_cryptodev/rte_cryptodev.h | 414 +++++++++++
lib/librte_cryptodev/rte_cryptodev_pmd.h | 113 +++
5 files changed, 2564 insertions(+), 4 deletions(-)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
--
1.8.3.1
Umesh Kartha
2017-05-12 14:35:20 UTC
Permalink
Hi Neil,
Post by Neil Horman
Post by Umesh Kartha
This RFC contains specifications for asymmetric crypto algorithms.
Asymmetric crypto algorithms are essential part of protocols such as
SSL/TLS. As the current DPDK crypto library lacks support for asymmetric
crypto algorithms, this RFC is an attempt to address it.
Cavium offers PCI hardware accelerators that supports symmetric and
asymmetric crypto algorithms, of which a few are addressed in this RFC.
Once specifications are agreed upon, I can submit a patch for the same.
We will develop a poll mode driver which can offload to OpenSSL crypto
library and to Cavium crypto accelerator.
This all appears to modify the cryptodev api, but I don't see where said
modification was announced.
Additionally, I don't see modifications to a map file to export the api symbols.
Have you tested this in a shared library build?
Neil
This is just an RFC for asymmetric crypto operation specifications. The
specifications are not finalised. Once the specifications are finalised,
support for asymmetric algorithms will be added to OpenSSL PMD.
Post by Neil Horman
Post by Umesh Kartha
1 RSA
- RSA Sign
- RSA Verify
- RSA Public Encrypt
- RSA Private Decrypt
Padding schemes supported for RSA operations are
* RSA PKCS#1 BT1
* RSA PKCS#1 BT2
* RSA PKCS#1 OAEP
* RSA PKCS#1 PSS
2 DH
- DH generate key
- DH compute key
3 ECDH
- ECDH generate key
- ECDH check key
- ECDH compute key
4 DSA
- DSA Sign
- DSA Verify
5 ECDSA
- ECDSA Sign
- ECDSA Verify
6 MODEXP
7 FUNDAMENTAL ECC
- Point Addition
- Point Multiplication
- Point Doubling
8 MODULAR INVERSE
Asymmetric crypto transform operations support both session oriented
mode and session less mode. If the operation is sessionless, an
asymmetric crypto transform structure, containing immutable parameters,
is passed along with per-operation mutable parameters in the structure.
Specific structures were written to contain immutable parameters
depending on algorithm used for crypto transform operation. The
parameters and type of transform is distinguished by the algorithm for
which the transform structure is filled. For a particular asymmetric
algorithm, not all parameters will be used and hence not required to be
filled.
Added additional algorithms : DH/ECDH/MODINVERSE/DSA
Added additional curves for ECC operations: All cuves supported by libcrypto.
- removed mbufs from asymmetric crypto operation structure.
- added separate queue pair in device structure to handle asymmetric crypto
operations.
- added APIs to start/stop/initialize queue pairs to handle asymmetric crypto
operations.
- added asymmetric session structure and related APIs to handle session
operations (initialize/allocate/free) etc.
RFC v1: http://dpdk.org/ml/archives/dev/2017-March/060869.html
cryptodev: added asymmetric algorithms
cryptodev: asymmetric algorithm capability definitions
cryptodev: added asym queue pair, session apis
lib/librte_cryptodev/rte_crypto.h | 135 +++-
lib/librte_cryptodev/rte_crypto_asym.h | 1124 ++++++++++++++++++++++++++++++
lib/librte_cryptodev/rte_cryptodev.c | 782 ++++++++++++++++++++-
lib/librte_cryptodev/rte_cryptodev.h | 414 +++++++++++
lib/librte_cryptodev/rte_cryptodev_pmd.h | 113 +++
5 files changed, 2564 insertions(+), 4 deletions(-)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
--
1.8.3.1
Regards,
Umesh
Loading...