[EXT] [PATCH 29/40] cryptodev: add salt length and optional label

Kusztal, ArkadiuszX arkadiuszx.kusztal at intel.com
Tue May 24 17:14:31 CEST 2022

Previous message (by thread): [EXT] [PATCH 29/40] cryptodev: add salt length and optional label
Next message (by thread): [EXT] [PATCH 29/40] cryptodev: add salt length and optional label
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


> -----Original Message-----
> From: Akhil Goyal <gakhil at marvell.com>
> Sent: Tuesday, May 24, 2022 2:30 PM
> To: Kusztal, ArkadiuszX <arkadiuszx.kusztal at intel.com>; dev at dpdk.org
> Cc: Anoob Joseph <anoobj at marvell.com>; Zhang, Roy Fan
> <roy.fan.zhang at intel.com>
> Subject: RE: [EXT] [PATCH 29/40] cryptodev: add salt length and optional label
> 
> > - added salt length and optional label.
> > Common parameters to PSS and OAEP padding for RSA.
> 
> Please add description about how it is expected to be used.
> 
> > - Fixed hash API in RSA padding.
> > Now it is specified how hash should be used with particular RSA
> > padding modes.
> 
> I believe this should be a separate patch. Right?
[Arek] +1
> Patch title does not justify this
> 
> >
> > Signed-off-by: Arek Kusztal <arkadiuszx.kusztal at intel.com>
> > ---
> >  lib/cryptodev/rte_crypto_asym.h | 44
> > +++++++++++++++++++++++++++++++++++------
> >  1 file changed, 38 insertions(+), 6 deletions(-)
> >
> > diff --git a/lib/cryptodev/rte_crypto_asym.h
> > b/lib/cryptodev/rte_crypto_asym.h index 97c3fbee38..c864b8a115 100644
> > --- a/lib/cryptodev/rte_crypto_asym.h
> > +++ b/lib/cryptodev/rte_crypto_asym.h
> > @@ -205,12 +205,29 @@ struct rte_crypto_rsa_priv_key_qt {
> >   */
> >  struct rte_crypto_rsa_padding {
> >  	enum rte_crypto_rsa_padding_type type;
> > -	/**< RSA padding scheme to be used for transform */
> > -	enum rte_crypto_auth_algorithm md;
> 
> Any specific reason to change the field name?
> I think this matches with the next field mgf1md
[Arek] - now it aligns with RSA RFC. Both current names comes from the OpenSSL EVP_MD naming, in my rfc initially mgf1md was changed too into:
+enum rte_crypto_mgf {
+	RTE_CRYPTO_MGF_DEFAULT,
+	/**< Default mask generation function */
+	RTE_CRYPTO_MGF_MGF1_SHA1,
+	/**< MGF1 function with SHA1 hash algorithm */
But we do not need to be that conformant with the standard I think, so I have left it out.
As for names it may be 'md' as well, every name is ok if is not excessively long.

> 
> > -	/**< Hash algorithm to be used for data hash if padding
> > -	 * scheme is either OAEP or PSS. Valid hash algorithms
> > -	 * are:
> > -	 * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
> > +	/**< Type of RSA padding */
> > +	enum rte_crypto_auth_algorithm hash;
> > +	/**<
> > +	 * RSA padding hash function
> > +	 *
> > +	 * When a specific padding type is selected, the following rule apply:
> > +	 * - RTE_CRYPTO_RSA_PADDING_NONE:
> > +	 * This field is ignored by the PMD
> > +	 *
> > +	 * - RTE_CRYPTO_RSA_PADDING_PKCS1_5:
> > +	 * When signing operation this field is used to determine value
> > +	 * of the DigestInfo structure, therefore specifying which algorithm
> > +	 * was used to create the message digest.
> > +	 * When doing encryption/decryption this field is ignored for this
> > +	 * padding type.
> > +	 *
> > +	 * - RTE_CRYPTO_RSA_PADDING_OAEP
> > +	 * This field shall be set with the hash algorithm used
> > +	 * in the padding scheme
> > +	 *
> > +	 * - RTE_CRYPTO_RSA_PADDING_PSS
> > +	 * This field shall be set with the hash algorithm used
> > +	 * in the padding scheme (and to create the input message digest)
> >  	 */
> >  	enum rte_crypto_auth_algorithm mgf1md;
> >  	/**<
> > @@ -220,6 +237,21 @@ struct rte_crypto_rsa_padding {
> >  	 * for mask generation. Valid hash algorithms are:
> >  	 * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
> >  	 */
> > +	uint16_t saltlen;
> > +	/**<
> > +	 * RSA PSS padding salt length
> > +	 *
> > +	 * Used only when RTE_CRYPTO_RSA_PADDING_PSS padding is
> > selected,
> 
> Used only when RTE_CRYPTO_RSA_PADDING_PSS is selected,
> 
> > +	 * otherwise ignored.
> > +	 */
> > +	rte_crypto_param label;
> > +	/**<
> > +	 * RSA OAEP padding optional label
> > +	 *
> > +	 * Used only when RTE_CRYPTO_RSA_PADDING_OAEP padding is
> > selected,
> 
> Drop the word padding.
> 
> BTW, can this be a union for label and saltlen?
Yes, will do.
> Also can we name them as pss_saltlen and oaep_label?
Yes, though I am not entirely convinced. These names are unique anyway.
> 
> > +	 * otherwise ignored. If label.data == NULL, a default
> > +	 * label (empty string) is used.
> > +	 */
> >  };
> >
> >  /**
> > --
> > 2.13.6

Previous message (by thread): [EXT] [PATCH 29/40] cryptodev: add salt length and optional label
Next message (by thread): [EXT] [PATCH 29/40] cryptodev: add salt length and optional label
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list