[dpdk-dev] [RFC PATCH v2 0/3] specifications for asymmetric crypto algorithms

Umesh Kartha Umesh.Kartha at caviumnetworks.com
Fri May 12 16:35:20 CEST 2017


Hi Neil,

On Fri, May 12, 2017 at 08:15:57AM -0400, Neil Horman wrote:
> On Thu, May 11, 2017 at 06:05:29PM +0530, Umesh Kartha wrote:
> > This RFC contains specifications for asymmetric crypto algorithms.
> > Asymmetric crypto algorithms are essential part of protocols such as
> > SSL/TLS. As the current DPDK crypto library lacks support for asymmetric
> > crypto algorithms, this RFC is an attempt to address it.
> > 
> > Cavium offers  PCI hardware accelerators that supports symmetric and
> > asymmetric crypto algorithms, of which a few are  addressed in this RFC.
> > Once specifications are agreed upon, I can submit a patch for the same.
> > We will develop a poll mode driver which can offload to OpenSSL crypto
> > library and to Cavium crypto accelerator.
> > 
> > The asymmetric crypto algorithms supported in this version are:
> > 
> This all appears to modify the cryptodev api, but I don't see where said
> modification was announced.
> 
> Additionally, I don't see modifications to a map file to export the api symbols.
> Have you tested this in a shared library build?
> 
> Neil
> 

This is just an RFC for asymmetric crypto operation specifications. The
specifications are not finalised. Once the specifications are finalised,
support for asymmetric algorithms will be added to OpenSSL PMD.

> > 1 RSA
> >   - RSA Sign
> >   - RSA Verify
> >   - RSA Public Encrypt
> >   - RSA Private Decrypt
> > 
> >   Padding schemes supported for RSA operations are
> >     * RSA PKCS#1 BT1
> >     * RSA PKCS#1 BT2
> >     * RSA PKCS#1 OAEP
> >     * RSA PKCS#1 PSS
> > 
> > 2 DH
> >   - DH generate key
> >   - DH compute key
> > 
> > 3 ECDH
> >   - ECDH generate key
> >   - ECDH check key
> >   - ECDH compute key
> > 
> > 4 DSA
> >   - DSA Sign
> >   - DSA Verify
> > 
> > 5  ECDSA
> >   - ECDSA Sign
> >   - ECDSA Verify
> > 
> > 6  MODEXP
> > 
> > 7  FUNDAMENTAL ECC
> >   - Point Addition
> >   - Point Multiplication
> >   - Point Doubling
> > 
> > 8 MODULAR INVERSE
> > 
> > 
> >  Asymmetric crypto transform operations support both session oriented
> > mode  and session less mode. If the operation is sessionless, an
> > asymmetric crypto transform structure, containing immutable parameters,
> > is passed along with per-operation mutable parameters in the structure.
> > Specific structures were written to contain immutable parameters
> > depending on algorithm used for crypto transform operation. The
> > parameters and type of transform is distinguished by the algorithm for
> > which the transform structure is filled. For a particular asymmetric
> > algorithm, not all parameters will be used and hence not required to be
> > filled.
> > 
> > Changes from RFC v1:
> > 
> > Added additional algorithms : DH/ECDH/MODINVERSE/DSA
> > Added additional curves for ECC operations: All cuves supported by libcrypto.
> > As per the comments received for RFC v1:
> >  - removed mbufs from asymmetric crypto operation structure.
> >  - added separate queue pair in device structure to handle asymmetric crypto
> >    operations.
> >  - added APIs to start/stop/initialize queue pairs to handle asymmetric crypto
> >    operations.
> >  - added asymmetric session structure and related APIs to handle session
> >    operations (initialize/allocate/free) etc.
> > 
> > RFC v1: http://dpdk.org/ml/archives/dev/2017-March/060869.html
> > 
> > Umesh Kartha (3):
> >   cryptodev: added asymmetric algorithms
> >   cryptodev: asymmetric algorithm capability definitions
> >   cryptodev: added asym queue pair, session apis
> > 
> >  lib/librte_cryptodev/rte_crypto.h        |  135 +++-
> >  lib/librte_cryptodev/rte_crypto_asym.h   | 1124 ++++++++++++++++++++++++++++++
> >  lib/librte_cryptodev/rte_cryptodev.c     |  782 ++++++++++++++++++++-
> >  lib/librte_cryptodev/rte_cryptodev.h     |  414 +++++++++++
> >  lib/librte_cryptodev/rte_cryptodev_pmd.h |  113 +++
> >  5 files changed, 2564 insertions(+), 4 deletions(-)
> >  create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
> > 
> > -- 
> > 1.8.3.1
> > 
> > 
Regards,
Umesh


More information about the dev mailing list