[EXT] [PATCH v2 1/2] cryptodev: add dh verify option

Akhil Goyal gakhil at marvell.com
Mon May 16 20:50:24 CEST 2022

Previous message (by thread): [EXT] [PATCH v2] cryptodev: add elliptic curve diffie hellman
Next message (by thread): [EXT] [PATCH v2 2/2] cryptodev: add dh padding options
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> For some elliptic curves public point in DH exchange
> needs to be checked, if lays on the curve.
> Modular exponentiation needs certain checks as well, though
> mathematically much easier.
> This commit adds verify option to asym_op operations.
> 
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal at intel.com>
> ---
>  lib/cryptodev/rte_crypto_asym.h | 19 +++++++++++++++++++
>  lib/cryptodev/rte_cryptodev.c   |  1 +
>  2 files changed, 20 insertions(+)
> 
> diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
> index 5b30083f30..c4f4afa07f 100644
> --- a/lib/cryptodev/rte_crypto_asym.h
> +++ b/lib/cryptodev/rte_crypto_asym.h
> @@ -117,6 +117,8 @@ enum rte_crypto_asym_op_type {
>  	/**< DH Public Key generation operation */
>  	RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE,
>  	/**< DH Shared Secret compute operation */
> +	RTE_CRYPTO_ASYM_OP_DH_KEY_VERIFY,

I think RTE_CRYPTO_ASYM_OP_DH_PUB_KEY_VERIFY is a better name.

> +	/**< DH Public Key Verification */
>  	RTE_CRYPTO_ASYM_OP_LIST_END
>  };
> 
> @@ -412,6 +414,11 @@ struct rte_crypto_dh_op_param {
>  	 * For ECDH it is a point on the curve.
>  	 * Output for RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE
>  	 * Input for RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE
> +	 * Input for RTE_CRYPTO_ASYM_OP_DH_KEY_VERIFY
> +	 *
> +	 * VERIFY option can be used only for elliptic curve
> +	 * point validation, for FFDH (DH) it is user's reponsability
> +	 * to check the public key accordingly.
>  	 */
> 
>  	union {
> @@ -424,6 +431,18 @@ struct rte_crypto_dh_op_param {
>  	 * For ECDH it is a point on the curve.
>  	 * Output for RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE
>  	 */
> +	 uint16_t flags;
> +	 /*
> +	  * Diffie-Hellman operation flags
> +	  * Flag                | Bit pos |      Description
> +	  *--------------------------------------------------------------------------------
> +	  *                     |         | If set to 1 - verification will use all four
> +	  * Full verification   |    0    | steps of point verification (full validation),
> +	  *                     |         | otherwise three (partial validation - default).
> +	  *--------------------------------------------------------------------------------
> +	  * Reserved            |   1-15  | Reserved
> +	  */

Instead of adding these comments. It is better to define macros for each of the flags.
Give reference of the macros in the comments here.

> +
>  };
> 
>  /**
> diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
> index 3500a2d470..2679ef54f8 100644
> --- a/lib/cryptodev/rte_cryptodev.c
> +++ b/lib/cryptodev/rte_cryptodev.c
> @@ -181,6 +181,7 @@ const char *rte_crypto_asym_op_strings[] = {
>  	[RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE]	=
> "priv_key_generate",
>  	[RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE] =
> "pub_key_generate",
>  	[RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE] =
> "sharedsecret_compute",
> +	[RTE_CRYPTO_ASYM_OP_DH_KEY_VERIFY] = "dh_pubkey_verify",
>  };
> 
>  /**
> --
> 2.13.6

Previous message (by thread): [EXT] [PATCH v2] cryptodev: add elliptic curve diffie hellman
Next message (by thread): [EXT] [PATCH v2 2/2] cryptodev: add dh padding options
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list