<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div class="elementToProof" style="font-family: "IntelOne Text"; font-size: 10pt; color: rgb(0, 0, 0);">
Acked-by: Kai Ji <kai.ji@intel.com></div>
<div class="elementToProof" style="font-family: "IntelOne Text"; font-size: 10pt; color: rgb(0, 0, 0);">
<br>
</div>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com><br>
<b>Sent:</b> 04 October 2024 09:26<br>
<b>To:</b> dev@dpdk.org <dev@dpdk.org>; Ji, Kai <kai.ji@intel.com><br>
<b>Cc:</b> Anoob Joseph <anoobj@marvell.com>; Richardson, Bruce <bruce.richardson@intel.com>; jerinj@marvell.com <jerinj@marvell.com>; fanzhang.oss@gmail.com <fanzhang.oss@gmail.com>; Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; jack.bond-preston@foss.arm.com
<jack.bond-preston@foss.arm.com>; Marchand, David <david.marchand@redhat.com>; hemant.agrawal@nxp.com <hemant.agrawal@nxp.com>; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>; Trahe, Fiona <fiona.trahe@intel.com>; Doherty, Declan <declan.doherty@intel.com>;
matan@nvidia.com <matan@nvidia.com>; ruifeng.wang@arm.com <ruifeng.wang@arm.com>; Akhil Goyal <gakhil@marvell.com>; Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com><br>
<b>Subject:</b> [PATCH v6 2/6] crypto/openssl: support EDDSA</font>
<div> </div>
</div>
<div class="BodyFragment"><font size="2"><span style="font-size:11pt;">
<div class="PlainText">Support EDDSA crypto algorithm in OpenSSL PMD.<br>
<br>
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com><br>
---<br>
doc/guides/cryptodevs/features/openssl.ini | 1 +<br>
drivers/crypto/openssl/openssl_pmd_private.h | 13 ++<br>
drivers/crypto/openssl/rte_openssl_pmd.c | 223 +++++++++++++++++++<br>
drivers/crypto/openssl/rte_openssl_pmd_ops.c | 131 +++++++++++<br>
4 files changed, 368 insertions(+)<br>
<br>
diff --git a/doc/guides/cryptodevs/features/openssl.ini b/doc/guides/cryptodevs/features/openssl.ini<br>
index b64c8ec4a5..0540c075dc 100644<br>
--- a/doc/guides/cryptodevs/features/openssl.ini<br>
+++ b/doc/guides/cryptodevs/features/openssl.ini<br>
@@ -66,6 +66,7 @@ Modular Exponentiation = Y<br>
Modular Inversion = Y<br>
Diffie-hellman = Y<br>
SM2 = Y<br>
+EDDSA = Y<br>
<br>
;<br>
; Supported Operating systems of the 'openssl' crypto driver.<br>
diff --git a/drivers/crypto/openssl/openssl_pmd_private.h b/drivers/crypto/openssl/openssl_pmd_private.h<br>
index 0282b3d829..7dd97f1c72 100644<br>
--- a/drivers/crypto/openssl/openssl_pmd_private.h<br>
+++ b/drivers/crypto/openssl/openssl_pmd_private.h<br>
@@ -231,10 +231,23 @@ struct __rte_cache_aligned openssl_asym_session {<br>
#endif<br>
} s;<br>
struct {<br>
+ uint8_t curve_id;<br>
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)<br>
+ EC_GROUP * group;<br>
+ BIGNUM *priv_key;<br>
+#endif<br>
+ } ec;<br>
+ struct {<br>
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)<br>
OSSL_PARAM * params;<br>
#endif<br>
} sm2;<br>
+ struct {<br>
+ uint8_t curve_id;<br>
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)<br>
+ OSSL_PARAM * params;<br>
+#endif<br>
+ } eddsa;<br>
} u;<br>
};<br>
/** Set and validate OPENSSL crypto session parameters */<br>
diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c<br>
index e10a172f46..4e4d06403b 100644<br>
--- a/drivers/crypto/openssl/rte_openssl_pmd.c<br>
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c<br>
@@ -2849,6 +2849,45 @@ process_openssl_rsa_op_evp(struct rte_crypto_op *cop,<br>
<br>
}<br>
<br>
+static int<br>
+process_openssl_ecfpm_op_evp(struct rte_crypto_op *cop,<br>
+ struct openssl_asym_session *sess)<br>
+{<br>
+ const EC_GROUP *ecgrp = sess->u.ec.group;<br>
+ EC_POINT *ecpt = NULL;<br>
+ BN_CTX *ctx = NULL;<br>
+ BIGNUM *n = NULL;<br>
+ int ret = -1;<br>
+<br>
+ n = BN_bin2bn((const unsigned char *)<br>
+ cop->asym->ecpm.scalar.data,<br>
+ cop->asym->ecpm.scalar.length,<br>
+ BN_new());<br>
+<br>
+ ctx = BN_CTX_new();<br>
+ if (!ctx)<br>
+ goto err_ecfpm;<br>
+<br>
+ if (!EC_POINT_mul(ecgrp, ecpt, n, NULL, NULL, ctx))<br>
+ goto err_ecfpm;<br>
+<br>
+ if (cop->asym->flags & RTE_CRYPTO_ASYM_FLAG_PUB_KEY_COMPRESSED) {<br>
+ unsigned char *buf = cop->asym->ecpm.r.x.data;<br>
+ size_t sz;<br>
+<br>
+ sz = EC_POINT_point2oct(ecgrp, ecpt, POINT_CONVERSION_COMPRESSED, buf, 0, ctx);<br>
+ if (!sz)<br>
+ goto err_ecfpm;<br>
+<br>
+ cop->asym->ecpm.r.x.length = sz;<br>
+ }<br>
+<br>
+err_ecfpm:<br>
+ BN_CTX_free(ctx);<br>
+ BN_free(n);<br>
+ return ret;<br>
+}<br>
+<br>
static int<br>
process_openssl_sm2_op_evp(struct rte_crypto_op *cop,<br>
struct openssl_asym_session *sess)<br>
@@ -3074,6 +3113,158 @@ process_openssl_sm2_op_evp(struct rte_crypto_op *cop,<br>
return ret;<br>
}<br>
<br>
+static int<br>
+process_openssl_eddsa_op_evp(struct rte_crypto_op *cop,<br>
+ struct openssl_asym_session *sess)<br>
+{<br>
+ static const char * const instance[] = {"Ed25519", "Ed25519ctx", "Ed25519ph",<br>
+ "Ed448", "Ed448ph"};<br>
+ EVP_PKEY_CTX *kctx = NULL, *sctx = NULL, *cctx = NULL;<br>
+ const uint8_t curve_id = sess->u.eddsa.curve_id;<br>
+ struct rte_crypto_asym_op *op = cop->asym;<br>
+ OSSL_PARAM *params = sess->u.eddsa.params;<br>
+ OSSL_PARAM_BLD *iparam_bld = NULL;<br>
+ OSSL_PARAM *iparams = NULL;<br>
+ uint8_t signbuf[128] = {0};<br>
+ EVP_MD_CTX *md_ctx = NULL;<br>
+ EVP_PKEY *pkey = NULL;<br>
+ size_t signlen;<br>
+ int ret = -1;<br>
+<br>
+ cop->status = RTE_CRYPTO_OP_STATUS_ERROR;<br>
+<br>
+ iparam_bld = OSSL_PARAM_BLD_new();<br>
+ if (!iparam_bld)<br>
+ goto err_eddsa;<br>
+<br>
+ if (op->eddsa.instance == RTE_CRYPTO_EDCURVE_25519CTX) {<br>
+ OSSL_PARAM_BLD_push_octet_string(iparam_bld, "context-string",<br>
+ op->eddsa.context.data, op->eddsa.context.length);<br>
+<br>
+ }<br>
+<br>
+ OSSL_PARAM_BLD_push_utf8_string(iparam_bld, "instance",<br>
+ instance[op->eddsa.instance], strlen(instance[op->eddsa.instance]));<br>
+<br>
+ iparams = OSSL_PARAM_BLD_to_param(iparam_bld);<br>
+ if (!iparams)<br>
+ goto err_eddsa;<br>
+<br>
+ switch (op->eddsa.op_type) {<br>
+ case RTE_CRYPTO_ASYM_OP_SIGN:<br>
+ {<br>
+ if (curve_id == RTE_CRYPTO_EC_GROUP_ED25519)<br>
+ kctx = EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);<br>
+ else<br>
+ kctx = EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL);<br>
+<br>
+ if (kctx == NULL || EVP_PKEY_fromdata_init(kctx) <= 0 ||<br>
+ EVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_KEYPAIR, params) <= 0)<br>
+ goto err_eddsa;<br>
+<br>
+ md_ctx = EVP_MD_CTX_new();<br>
+ if (!md_ctx)<br>
+ goto err_eddsa;<br>
+<br>
+ sctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL);<br>
+ if (!sctx)<br>
+ goto err_eddsa;<br>
+<br>
+ EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);<br>
+<br>
+#if (OPENSSL_VERSION_NUMBER >= 0x30300000L)<br>
+ if (!EVP_DigestSignInit_ex(md_ctx, NULL, NULL, NULL, NULL, pkey, iparams))<br>
+ goto err_eddsa;<br>
+#else<br>
+ if (op->eddsa.instance == RTE_CRYPTO_EDCURVE_25519 ||<br>
+ op->eddsa.instance == RTE_CRYPTO_EDCURVE_448) {<br>
+ if (!EVP_DigestSignInit(md_ctx, NULL, NULL, NULL, pkey))<br>
+ goto err_eddsa;<br>
+ } else<br>
+ goto err_eddsa;<br>
+#endif<br>
+<br>
+ if (!EVP_DigestSign(md_ctx, NULL, &signlen, op->eddsa.message.data,<br>
+ op->eddsa.message.length))<br>
+ goto err_eddsa;<br>
+<br>
+ if (signlen > RTE_DIM(signbuf))<br>
+ goto err_eddsa;<br>
+<br>
+ if (!EVP_DigestSign(md_ctx, signbuf, &signlen, op->eddsa.message.data,<br>
+ op->eddsa.message.length))<br>
+ goto err_eddsa;<br>
+<br>
+ memcpy(op->eddsa.sign.data, &signbuf[0], signlen);<br>
+ op->eddsa.sign.length = signlen;<br>
+ }<br>
+ break;<br>
+ case RTE_CRYPTO_ASYM_OP_VERIFY:<br>
+ {<br>
+ if (curve_id == RTE_CRYPTO_EC_GROUP_ED25519)<br>
+ kctx = EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);<br>
+ else<br>
+ kctx = EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL);<br>
+<br>
+ if (kctx == NULL || EVP_PKEY_fromdata_init(kctx) <= 0 ||<br>
+ EVP_PKEY_fromdata(kctx, &pkey, EVP_PKEY_PUBLIC_KEY, params) <= 0)<br>
+ goto err_eddsa;<br>
+<br>
+ md_ctx = EVP_MD_CTX_new();<br>
+ if (!md_ctx)<br>
+ goto err_eddsa;<br>
+<br>
+ sctx = EVP_PKEY_CTX_new_from_pkey(NULL, pkey, NULL);<br>
+ if (!sctx)<br>
+ goto err_eddsa;<br>
+<br>
+ EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);<br>
+<br>
+#if (OPENSSL_VERSION_NUMBER >= 0x30300000L)<br>
+ if (!EVP_DigestVerifyInit_ex(md_ctx, NULL, NULL, NULL, NULL, pkey, iparams))<br>
+ goto err_eddsa;<br>
+#else<br>
+ if (op->eddsa.instance == RTE_CRYPTO_EDCURVE_25519 ||<br>
+ op->eddsa.instance == RTE_CRYPTO_EDCURVE_448) {<br>
+ if (!EVP_DigestVerifyInit(md_ctx, NULL, NULL, NULL, pkey))<br>
+ goto err_eddsa;<br>
+ } else<br>
+ goto err_eddsa;<br>
+#endif<br>
+<br>
+ signlen = op->eddsa.sign.length;<br>
+ memcpy(&signbuf[0], op->eddsa.sign.data, op->eddsa.sign.length);<br>
+<br>
+ ret = EVP_DigestVerify(md_ctx, signbuf, signlen, op->eddsa.message.data,<br>
+ op->eddsa.message.length);<br>
+ if (ret == 0)<br>
+ goto err_eddsa;<br>
+ }<br>
+ break;<br>
+ default:<br>
+ /* allow ops with invalid args to be pushed to<br>
+ * completion queue<br>
+ */<br>
+ cop->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;<br>
+ goto err_eddsa;<br>
+ }<br>
+<br>
+ ret = 0;<br>
+ cop->status = RTE_CRYPTO_OP_STATUS_SUCCESS;<br>
+err_eddsa:<br>
+ OSSL_PARAM_BLD_free(iparam_bld);<br>
+<br>
+ if (sctx)<br>
+ EVP_PKEY_CTX_free(sctx);<br>
+<br>
+ if (cctx)<br>
+ EVP_PKEY_CTX_free(cctx);<br>
+<br>
+ if (pkey)<br>
+ EVP_PKEY_free(pkey);<br>
+<br>
+ return ret;<br>
+}<br>
#else<br>
static int<br>
process_openssl_rsa_op(struct rte_crypto_op *cop,<br>
@@ -3174,6 +3365,15 @@ process_openssl_rsa_op(struct rte_crypto_op *cop,<br>
return 0;<br>
}<br>
<br>
+static int<br>
+process_openssl_ecfpm_op(struct rte_crypto_op *cop,<br>
+ struct openssl_asym_session *sess)<br>
+{<br>
+ RTE_SET_USED(cop);<br>
+ RTE_SET_USED(sess);<br>
+ return -ENOTSUP;<br>
+}<br>
+<br>
static int<br>
process_openssl_sm2_op(struct rte_crypto_op *cop,<br>
struct openssl_asym_session *sess)<br>
@@ -3182,6 +3382,15 @@ process_openssl_sm2_op(struct rte_crypto_op *cop,<br>
RTE_SET_USED(sess);<br>
return -ENOTSUP;<br>
}<br>
+<br>
+static int<br>
+process_openssl_eddsa_op(struct rte_crypto_op *cop,<br>
+ struct openssl_asym_session *sess)<br>
+{<br>
+ RTE_SET_USED(cop);<br>
+ RTE_SET_USED(sess);<br>
+ return -ENOTSUP;<br>
+}<br>
#endif<br>
<br>
static int<br>
@@ -3230,6 +3439,13 @@ process_asym_op(struct openssl_qp *qp, struct rte_crypto_op *op,<br>
process_openssl_dsa_verify_op(op, sess);<br>
else<br>
op->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS;<br>
+#endif<br>
+ break;<br>
+ case RTE_CRYPTO_ASYM_XFORM_ECFPM:<br>
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)<br>
+ retval = process_openssl_ecfpm_op_evp(op, sess);<br>
+#else<br>
+ retval = process_openssl_ecfpm_op(op, sess);<br>
#endif<br>
break;<br>
case RTE_CRYPTO_ASYM_XFORM_SM2:<br>
@@ -3237,6 +3453,13 @@ process_asym_op(struct openssl_qp *qp, struct rte_crypto_op *op,<br>
retval = process_openssl_sm2_op_evp(op, sess);<br>
#else<br>
retval = process_openssl_sm2_op(op, sess);<br>
+#endif<br>
+ break;<br>
+ case RTE_CRYPTO_ASYM_XFORM_EDDSA:<br>
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)<br>
+ retval = process_openssl_eddsa_op_evp(op, sess);<br>
+#else<br>
+ retval = process_openssl_eddsa_op(op, sess);<br>
#endif<br>
break;<br>
default:<br>
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c<br>
index b7b612fc57..0725184653 100644<br>
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c<br>
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c<br>
@@ -593,6 +593,16 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {<br>
},<br>
}<br>
},<br>
+ { /* ECFPM */<br>
+ .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,<br>
+ {.asym = {<br>
+ .xform_capa = {<br>
+ .xform_type = RTE_CRYPTO_ASYM_XFORM_ECFPM,<br>
+ .op_types = 0<br>
+ }<br>
+ }<br>
+ }<br>
+ },<br>
{ /* SM2 */<br>
.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,<br>
{.asym = {<br>
@@ -610,6 +620,20 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {<br>
}<br>
}<br>
},<br>
+ { /* EDDSA */<br>
+ .op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,<br>
+ {.asym = {<br>
+ .xform_capa = {<br>
+ .xform_type = RTE_CRYPTO_ASYM_XFORM_EDDSA,<br>
+ .hash_algos = (1 << RTE_CRYPTO_AUTH_SHA512 |<br>
+ 1 << RTE_CRYPTO_AUTH_SHAKE_256),<br>
+ .op_types =<br>
+ ((1<<RTE_CRYPTO_ASYM_OP_SIGN) |<br>
+ (1 << RTE_CRYPTO_ASYM_OP_VERIFY)),<br>
+ }<br>
+ }<br>
+ }<br>
+ },<br>
<br>
RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()<br>
};<br>
@@ -1356,6 +1380,47 @@ static int openssl_set_asym_session_parameters(<br>
BN_free(pub_key);<br>
return -1;<br>
}<br>
+ case RTE_CRYPTO_ASYM_XFORM_ECFPM:<br>
+ {<br>
+#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)<br>
+ EC_GROUP *ecgrp = NULL;<br>
+<br>
+ asym_session->xfrm_type = xform->xform_type;<br>
+<br>
+ switch (xform->ec.curve_id) {<br>
+ case RTE_CRYPTO_EC_GROUP_SECP192R1:<br>
+ ecgrp = EC_GROUP_new_by_curve_name(NID_secp192k1);<br>
+ break;<br>
+ case RTE_CRYPTO_EC_GROUP_SECP224R1:<br>
+ ecgrp = EC_GROUP_new_by_curve_name(NID_secp224r1);<br>
+ break;<br>
+ case RTE_CRYPTO_EC_GROUP_SECP256R1:<br>
+ ecgrp = EC_GROUP_new_by_curve_name(NID_secp256k1);<br>
+ break;<br>
+ case RTE_CRYPTO_EC_GROUP_SECP384R1:<br>
+ ecgrp = EC_GROUP_new_by_curve_name(NID_secp384r1);<br>
+ break;<br>
+ case RTE_CRYPTO_EC_GROUP_SECP521R1:<br>
+ ecgrp = EC_GROUP_new_by_curve_name(NID_secp521r1);<br>
+ break;<br>
+ case RTE_CRYPTO_EC_GROUP_ED25519:<br>
+ ecgrp = EC_GROUP_new_by_curve_name(NID_ED25519);<br>
+ break;<br>
+ case RTE_CRYPTO_EC_GROUP_ED448:<br>
+ ecgrp = EC_GROUP_new_by_curve_name(NID_ED448);<br>
+ break;<br>
+ default:<br>
+ break;<br>
+ }<br>
+<br>
+ asym_session->u.ec.curve_id = xform->ec.curve_id;<br>
+ asym_session->u.ec.group = ecgrp;<br>
+ break;<br>
+#else<br>
+ OPENSSL_LOG(WARNING, "ECFPM unsupported for OpenSSL Version < 3.0");<br>
+ return -ENOTSUP;<br>
+#endif<br>
+ }<br>
case RTE_CRYPTO_ASYM_XFORM_SM2:<br>
{<br>
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)<br>
@@ -1440,6 +1505,66 @@ static int openssl_set_asym_session_parameters(<br>
#else<br>
OPENSSL_LOG(WARNING, "SM2 unsupported for OpenSSL Version < 3.0");<br>
return -ENOTSUP;<br>
+#endif<br>
+ }<br>
+ case RTE_CRYPTO_ASYM_XFORM_EDDSA:<br>
+ {<br>
+#if (OPENSSL_VERSION_NUMBER >= 0x30300000L)<br>
+ OSSL_PARAM_BLD *param_bld = NULL;<br>
+ OSSL_PARAM *params = NULL;<br>
+ int ret = -1;<br>
+<br>
+ asym_session->u.eddsa.curve_id = xform->ec.curve_id;<br>
+<br>
+ param_bld = OSSL_PARAM_BLD_new();<br>
+ if (!param_bld) {<br>
+ OPENSSL_LOG(ERR, "failed to allocate params");<br>
+ goto err_eddsa;<br>
+ }<br>
+<br>
+ ret = OSSL_PARAM_BLD_push_utf8_string(param_bld,<br>
+ OSSL_PKEY_PARAM_GROUP_NAME, "ED25519", sizeof("ED25519"));<br>
+ if (!ret) {<br>
+ OPENSSL_LOG(ERR, "failed to push params");<br>
+ goto err_eddsa;<br>
+ }<br>
+<br>
+ ret = OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_PKEY_PARAM_PRIV_KEY,<br>
+ xform->ec.pkey.data, xform->ec.pkey.length);<br>
+ if (!ret) {<br>
+ OPENSSL_LOG(ERR, "failed to push params");<br>
+ goto err_eddsa;<br>
+ }<br>
+<br>
+ ret = OSSL_PARAM_BLD_push_octet_string(param_bld, OSSL_PKEY_PARAM_PUB_KEY,<br>
+ xform->ec.q.x.data, xform->ec.q.x.length);<br>
+ if (!ret) {<br>
+ OPENSSL_LOG(ERR, "failed to push params");<br>
+ goto err_eddsa;<br>
+ }<br>
+<br>
+ params = OSSL_PARAM_BLD_to_param(param_bld);<br>
+ if (!params) {<br>
+ OPENSSL_LOG(ERR, "failed to push params");<br>
+ goto err_eddsa;<br>
+ }<br>
+<br>
+ asym_session->u.eddsa.params = params;<br>
+ OSSL_PARAM_BLD_free(param_bld);<br>
+<br>
+ asym_session->xfrm_type = RTE_CRYPTO_ASYM_XFORM_EDDSA;<br>
+ break;<br>
+err_eddsa:<br>
+ if (param_bld)<br>
+ OSSL_PARAM_BLD_free(param_bld);<br>
+<br>
+ if (asym_session->u.eddsa.params)<br>
+ OSSL_PARAM_free(asym_session->u.eddsa.params);<br>
+<br>
+ return -1;<br>
+#else<br>
+ OPENSSL_LOG(WARNING, "EDDSA unsupported for OpenSSL Version < 3.3");<br>
+ return -ENOTSUP;<br>
#endif<br>
}<br>
default:<br>
@@ -1538,6 +1663,12 @@ static void openssl_reset_asym_session(struct openssl_asym_session *sess)<br>
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)<br>
OSSL_PARAM_free(sess->u.sm2.params);<br>
#endif<br>
+ break;<br>
+ case RTE_CRYPTO_ASYM_XFORM_EDDSA:<br>
+#if (OPENSSL_VERSION_NUMBER >= 0x30300000L)<br>
+ OSSL_PARAM_free(sess->u.eddsa.params);<br>
+#endif<br>
+ break;<br>
default:<br>
break;<br>
}<br>
-- <br>
2.21.0<br>
<br>
</div>
</span></font></div>
</body>
</html>