<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:"var\(--ff-mono\)";}
@font-face
{font-family:inherit;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0cm;
font-size:10.0pt;
font-family:"Courier New";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:"Courier New";}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-IN" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Hi Arik,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"> I have referred the symmetric cryptodev test cases and wrote the sample.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">I can encrypt the text as given in the example.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">While trying to change the offset and the length the crypto operation failing with below errors.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">process_openssl_cipher_encrypt() line 946: Process openssl cipher encrypt failed<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">USER1: Error sending packet for encryption<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Example:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"> I tried the offset value as 8 and length as 512 encryption failed.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Tried offset value as 8 and length as 496 (512-8) encryption working fine.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Dose it mean if we change the offset to multiples of 8 same offset value needs to be subtracted from the length (512-8 = 496)<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">In my case trying to encrypt the tcp payload the starting offset value is 42 and length of the payload is 82.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">So, I have set the below value.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"> sym_op->cipher.data.offset = 42; (starting point of the data to be sent for crypto process)<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"> sym_op->cipher.data.length = 82; (length of the data)<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">encryption process not working.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Using cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CBC;<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"> cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT;<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">can you help on this how set the proper offset and the length value.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Bala <o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>
<br>
<b>Sent:</b> 31 May 2022 13:00<br>
<b>To:</b> Balakrishnan K <Balakrishnan.K1@tatacommunications.com>; users@dpdk.org<br>
<b>Subject:</b> RE: how to use crypto openssl PMD for asymmetric encryption and decryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-US">Hi Bala,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">It is similar situation, it is the user who needs to decide where to start encryption process.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Please consult:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><a href="https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdoc.dpdk.org%2Fapi%2Fstructrte__crypto__sym__op.html&data=05%7C01%7CBalakrishnan.K1%40tatacommunications.com%7Cf67a05accad74ae8ba4b08da42d77d37%7C202104622c5e4ec8b3e20be950f292ca%7C0%7C0%7C637895790535001554%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=bO25b5ylXhvsD8EnoCbJvo9W5V%2BsIKPFwnwugemKW6k%3D&reserved=0">https://doc.dpdk.org/api/structrte__crypto__sym__op.html</a><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><a href="https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdoc.dpdk.org%2Fguides%2Fprog_guide%2Fcryptodev_lib.html&data=05%7C01%7CBalakrishnan.K1%40tatacommunications.com%7Cf67a05accad74ae8ba4b08da42d77d37%7C202104622c5e4ec8b3e20be950f292ca%7C0%7C0%7C637895790535001554%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=TBY5Dk0Gbh0NdGHYetubv%2FW3z4uCOhsqRhphpCvL7iQ%3D&reserved=0">https://doc.dpdk.org/guides/prog_guide/cryptodev_lib.html</a>
<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Please look into ‘offset’ and ‘length’ fields.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">P.S. “</span>encrypting the entire packets” -> it is usually not good idea to encrypt entire packets -> packets need to know where to travel, though authentication usually is done over the entire packet.<o:p></o:p></p>
<p class="MsoNormal">P.S. (2) Using asymmetric cryptography for network packet payload encryption is not usually good idea either, not to mention natural performance penalty and few additional security issues, size of the encrypted data is usually limited to
the size = (key size – [additional options | paddings | etc])<o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Arek<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Balakrishnan K <<a href="mailto:Balakrishnan.K1@tatacommunications.com">Balakrishnan.K1@tatacommunications.com</a>>
<br>
<b>Sent:</b> Tuesday, May 31, 2022 8:14 AM<br>
<b>To:</b> Kusztal, ArkadiuszX <<a href="mailto:arkadiuszx.kusztal@intel.com">arkadiuszx.kusztal@intel.com</a>>;
<a href="mailto:users@dpdk.org">users@dpdk.org</a><br>
<b>Subject:</b> RE: how to use crypto openssl PMD for asymmetric encryption and decryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal">Hi Arek,<o:p></o:p></p>
<p class="MsoNormal"> How about symmetric Cryptodev encryption .<o:p></o:p></p>
<p class="MsoNormal">In l2fwd_cryptodev example I could see the packets from Rx queue is fetched and passed to encryption.<o:p></o:p></p>
<p class="MsoNormal">Is symmetric encryption , encrypting the entire packets or payload section?<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Regards,<o:p></o:p></p>
<p class="MsoNormal">Bala <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Kusztal, ArkadiuszX <<a href="mailto:arkadiuszx.kusztal@intel.com">arkadiuszx.kusztal@intel.com</a>>
<br>
<b>Sent:</b> 30 May 2022 17:52<br>
<b>To:</b> Balakrishnan K <<a href="mailto:Balakrishnan.K1@tatacommunications.com">Balakrishnan.K1@tatacommunications.com</a>>;
<a href="mailto:users@dpdk.org">users@dpdk.org</a><br>
<b>Subject:</b> RE: how to use crypto openssl PMD for asymmetric encryption and decryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="line-height:14.25pt;background:white"><span lang="EN-US" style="color:black">For the Asym Cryptodev data to be encrypted it totally opaque -> it does not hold any information about data provided by the user, except for the algorithm
parameters of course. So for example for the RSA, data that “asym_op->rsa.message.data” points to, will be encrypted up to the size of “asym_op->rsa.message.length” (provided size is in scope of possible encryption sizes) regardless if it is TLS or IKE or
anything else.</span><span lang="EN-US" style="font-size:10.5pt;font-family:Consolas;color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Balakrishnan K <<a href="mailto:Balakrishnan.K1@tatacommunications.com">Balakrishnan.K1@tatacommunications.com</a>>
<br>
<b>Sent:</b> Monday, May 30, 2022 1:59 PM<br>
<b>To:</b> Kusztal, ArkadiuszX <<a href="mailto:arkadiuszx.kusztal@intel.com">arkadiuszx.kusztal@intel.com</a>>;
<a href="mailto:users@dpdk.org">users@dpdk.org</a><br>
<b>Subject:</b> RE: how to use crypto openssl PMD for asymmetric encryption and decryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal">Hi <span lang="EN-US">Arek,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> Thanks for your inputs.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I wrote the sample application to encrypt the text from a file also decrypting the same.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Now next step is to encrypt the incoming packets.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I have one basic doubt. During rte_cryptodev_enqueue_burst call with operation type as RTE_CRYPTO_ASYM_OP_ENCRYPT.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">For the incoming packet.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">what is being encrypted ,Is it entire packet or the payload(data section) ?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Bala <o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Kusztal, ArkadiuszX <<a href="mailto:arkadiuszx.kusztal@intel.com">arkadiuszx.kusztal@intel.com</a>>
<br>
<b>Sent:</b> 25 May 2022 16:13<br>
<b>To:</b> Balakrishnan K <<a href="mailto:Balakrishnan.K1@tatacommunications.com">Balakrishnan.K1@tatacommunications.com</a>>;
<a href="mailto:users@dpdk.org">users@dpdk.org</a><br>
<b>Subject:</b> RE: how to use crypto openssl PMD for asymmetric encryption and decryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-US">Hi Bala,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal">To fill the below struct do I need to extract Publickey exponent , Private key exponent etc.<o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-US">[Arek] – yes, you need to convert keys into big-endian unsigned integer.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">In the file “test_cryptodev_rsa_test_vectors.h” there are few examples.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Arek<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Balakrishnan K <<a href="mailto:Balakrishnan.K1@tatacommunications.com">Balakrishnan.K1@tatacommunications.com</a>>
<br>
<b>Sent:</b> Wednesday, May 25, 2022 12:08 PM<br>
<b>To:</b> Kusztal, ArkadiuszX <<a href="mailto:arkadiuszx.kusztal@intel.com">arkadiuszx.kusztal@intel.com</a>>;
<a href="mailto:users@dpdk.org">users@dpdk.org</a><br>
<b>Subject:</b> RE: how to use crypto openssl PMD for asymmetric encryption and decryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal">Hi Arek,<o:p></o:p></p>
<p class="MsoNormal"> I have public and private key with me which can be used for encryption/decryption.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">To fill the below struct do I need to extract Publickey exponent , Private key exponent etc.<o:p></o:p></p>
<p class="MsoNormal">The reason why I am asking is, in openssl for encryption we will use key directly with the exposed API.<o:p></o:p></p>
<p class="MsoNormal">Example :<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="vertical-align:baseline"><span style="font-size:10.0pt;font-family:inherit;border:none windowtext 1.0pt;padding:0cm">RSA_private_encrypt(strlen(msg), (unsigned char *)msg, encrypted, rsa, RSA_PKCS1_PADDING);</span><span style="font-size:10.0pt;font-family:"var\(--ff-mono\)""><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Here in dpdk the rsa struct looks different .<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks in advance.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">struct rte_crypto_rsa_xform {<o:p></o:p></p>
<p class="MsoNormal">rte_crypto_param n;<o:p></o:p></p>
<p class="MsoNormal"> /**< n - Modulus<o:p></o:p></p>
<p class="MsoNormal"> * Modulus data of RSA operation in Octet-string network<o:p></o:p></p>
<p class="MsoNormal"> * byte order format.<o:p></o:p></p>
<p class="MsoNormal"> */<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> rte_crypto_param e;<o:p></o:p></p>
<p class="MsoNormal"> /**< e - Public key exponent<o:p></o:p></p>
<p class="MsoNormal"> * Public key exponent used for RSA public key operations in Octet-<o:p></o:p></p>
<p class="MsoNormal"> * string network byte order format.<o:p></o:p></p>
<p class="MsoNormal"> */<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> enum rte_crypto_rsa_priv_key_type key_type;<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> __extension__<o:p></o:p></p>
<p class="MsoNormal"> union {<o:p></o:p></p>
<p class="MsoNormal"> rte_crypto_param d;<o:p></o:p></p>
<p class="MsoNormal"> /**< d - Private key exponent<o:p></o:p></p>
<p class="MsoNormal"> * Private key exponent used for RSA<o:p></o:p></p>
<p class="MsoNormal"> * private key operations in<o:p></o:p></p>
<p class="MsoNormal"> * Octet-string network byte order format.<o:p></o:p></p>
<p class="MsoNormal"> */<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"> struct rte_crypto_rsa_priv_key_qt qt;<o:p></o:p></p>
<p class="MsoNormal"> /**< qt - Private key in quintuple format */<o:p></o:p></p>
<p class="MsoNormal"> };<o:p></o:p></p>
<p class="MsoNormal">};<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Regards,<o:p></o:p></p>
<p class="MsoNormal">Bala <o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Balakrishnan K
<br>
<b>Sent:</b> 24 May 2022 17:42<br>
<b>To:</b> Kusztal, ArkadiuszX <<a href="mailto:arkadiuszx.kusztal@intel.com">arkadiuszx.kusztal@intel.com</a>>;
<a href="mailto:users@dpdk.org">users@dpdk.org</a><br>
<b>Subject:</b> RE: how to use crypto openssl PMD for asymmetric encryption and decryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Hi <span lang="EN-US">Arek,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> Thanks for the detailed explanation.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Bala <o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Kusztal, ArkadiuszX <<a href="mailto:arkadiuszx.kusztal@intel.com">arkadiuszx.kusztal@intel.com</a>>
<br>
<b>Sent:</b> 24 May 2022 14:44<br>
<b>To:</b> Balakrishnan K <<a href="mailto:Balakrishnan.K1@tatacommunications.com">Balakrishnan.K1@tatacommunications.com</a>>;
<a href="mailto:users@dpdk.org">users@dpdk.org</a><br>
<b>Subject:</b> RE: how to use crypto openssl PMD for asymmetric encryption and decryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<pre><span lang="EN-US">I should use <o:p></o:p></span></pre>
<pre><span lang="EN-US">debug_hexdump(stdout, "encrypted message", asym_op->rsa.cipher.data,<o:p></o:p></span></pre>
<pre><span lang="EN-US"> asym_op->rsa.cipher.length);<o:p></o:p></span></pre>
<pre><span lang="EN-US">to check the encrypted message for the input given?<o:p></o:p></span></pre>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Yes, currently it works this way. The same way output for decryption will be placed in asym_op->rsa.message.data and input in asym_op->rsa.cipher.data.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">More explanations can be found in rte_crypto_asym.h file<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><a href="https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdoc.dpdk.org%2Fapi%2Fstructrte__crypto__rsa__op__param.html&data=05%7C01%7CBalakrishnan.K1%40tatacommunications.com%7Cf67a05accad74ae8ba4b08da42d77d37%7C202104622c5e4ec8b3e20be950f292ca%7C0%7C0%7C637895790535001554%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mPkeI59HaahrnKQDuXONtJmROezh0VIdIc1JutBhjRI%3D&reserved=0">https://doc.dpdk.org/api/structrte__crypto__rsa__op__param.html</a>.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Balakrishnan K <<a href="mailto:Balakrishnan.K1@tatacommunications.com">Balakrishnan.K1@tatacommunications.com</a>>
<br>
<b>Sent:</b> Tuesday, May 24, 2022 7:24 AM<br>
<b>To:</b> Kusztal, ArkadiuszX <<a href="mailto:arkadiuszx.kusztal@intel.com">arkadiuszx.kusztal@intel.com</a>>;
<a href="mailto:users@dpdk.org">users@dpdk.org</a><br>
<b>Subject:</b> RE: how to use crypto openssl PMD for asymmetric encryption and decryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal">Hi <span lang="EN-US">Arek,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> Thanks for quick response.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I am using resulted output vector to verify the encrypted message.<o:p></o:p></span></p>
<pre><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri",sans-serif">I thought the encrypted data will be in the asym_op->rsa.message.data after rte_cryptodev_enqueue_burst and rte_cryptodev_enqueue_burst call with operation type RTE_CRYPTO_ASYM_OP_ENCRYPT.<o:p></o:p></span></pre>
<pre><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri",sans-serif">So ,I checked the hex_dump of asym_op->rsa.message.data.<o:p></o:p></span></pre>
<pre><span lang="EN-US"><o:p> </o:p></span></pre>
<pre><span lang="EN-US">Code snippet:<o:p></o:p></span></pre>
<pre><span lang="EN-US">asym_op = result_op->asym;<o:p></o:p></span></pre>
<pre><span lang="EN-US">debug_hexdump(stdout, "encrypted message", asym_op->rsa.message.data,<o:p></o:p></span></pre>
<pre><span lang="EN-US"> asym_op->rsa.message.length);<o:p></o:p></span></pre>
<pre><span lang="EN-US"><o:p> </o:p></span></pre>
<pre><span lang="EN-US"><o:p> </o:p></span></pre>
<pre><span lang="EN-US"><o:p> </o:p></span></pre>
<pre><span style="font-size:9.0pt;font-family:Consolas;color:#404040">Encrypted data will be placed in </span><span lang="EN-US">asym_op->rsa.cipher.data after crypto operation is my understanding is correct ?<o:p></o:p></span></pre>
<pre><span lang="EN-US">I should use <o:p></o:p></span></pre>
<pre><span lang="EN-US">debug_hexdump(stdout, "encrypted message", asym_op->rsa.cipher.data,<o:p></o:p></span></pre>
<pre><span lang="EN-US"> asym_op->rsa.cipher.length);<o:p></o:p></span></pre>
<pre><span lang="EN-US">to check the encrypted message for the input given?<o:p></o:p></span></pre>
<pre><span lang="EN-US"><o:p> </o:p></span></pre>
<pre><span lang="EN-US"><o:p> </o:p></span></pre>
<pre><span lang="EN-US">Regards,<o:p></o:p></span></pre>
<pre><span lang="EN-US">Bala <o:p></o:p></span></pre>
<pre><span style="font-size:9.0pt;font-family:Consolas;color:#404040"><o:p> </o:p></span></pre>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Kusztal, ArkadiuszX <<a href="mailto:arkadiuszx.kusztal@intel.com">arkadiuszx.kusztal@intel.com</a>>
<br>
<b>Sent:</b> 23 May 2022 18:15<br>
<b>To:</b> Balakrishnan K <<a href="mailto:Balakrishnan.K1@tatacommunications.com">Balakrishnan.K1@tatacommunications.com</a>>;
<a href="mailto:users@dpdk.org">users@dpdk.org</a><br>
<b>Subject:</b> RE: how to use crypto openssl PMD for asymmetric encryption and decryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:dotted #003333 1.0pt;padding:10.0pt 10.0pt 10.0pt 10.0pt">
<p style="background:#CFD3D6"><b><span lang="EN-US" style="font-size:7.5pt;color:red">CAUTION</span></b><span lang="EN-US" style="font-size:7.5pt;color:red">: This email originated from outside of the organization. Do not click links or open attachments unless
you recognize the sender and know the content is safe. <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span lang="EN-US">Hi Bala,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Ciphertext will be written into asym_op->rsa.cipher.data (not message.data) by the PMD, here you are using same address for both hex dumps.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Although there is a bug in debug_hexdump in this function which may cause this confusion.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Plus, the test you are referring is PWCT test (Pairwise conditional test) -> it will encrypt, then decrypt.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Please take a look into this comment in queue_ops_rsa_enc_dec function:<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">/* Use the resulted output as decryption Input vector*<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">So above this line there is an encryption part.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Below is decryption. <o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Arek<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> Balakrishnan K <</span><a href="mailto:Balakrishnan.K1@tatacommunications.com"><span lang="EN-US">Balakrishnan.K1@tatacommunications.com</span></a><span lang="EN-US">>
<br>
<b>Sent:</b> Monday, May 23, 2022 1:33 PM<br>
<b>To:</b> </span><a href="mailto:users@dpdk.org"><span lang="EN-US">users@dpdk.org</span></a><span lang="EN-US"><br>
<b>Subject:</b> how to use crypto openssl PMD for asymmetric encryption and decryption<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Hi All,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> I am new to dpdk. Planning to use openssl crypto PMD for encrypting/decrypting the packets.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Couldn’t find much documents on openssl PMD for
<b>asymmetric</b> encryption/decryption.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Any one please point me in the right document.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I have tried to run the test cases wrote for asymmetric crypto using openssl virtual PMD.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">But the output of particular test case is same after the encryption done.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">File : app/test/test_cryptodev_asym.c<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Test executable: ./app/test/dpdk-test<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Test case : test_rsa_enc_dec<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> <o:p></o:p></span></p>
<p class="MsoNormal"><b><span lang="EN-US">Input given to encryption: <o:p></o:p></span></b></p>
<p class="MsoNormal"><span lang="EN-US">message at [0x1894e60], len=20<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">00000000: F8 BA 1A 55 D0 2F 85 AE 96 7B B6 2F B6 CD A8 EB | ...U./...{./....<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">00000010: 7E 78 A0 50 | ~x.P<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span lang="EN-US">After processing the output also looks like same :<o:p></o:p></span></b></p>
<p class="MsoNormal"><span lang="EN-US">encrypted message exist at [0x1894e60], len=20<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">00000000: F8 BA 1A 55 D0 2F 85 AE 96 7B B6 2F B6 CD A8 EB | ...U./...{./....<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">00000010: 7E 78 A0 50<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Bala <o:p></o:p></span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>