[EXT] [PATCH 21/40] cryptodev: add public key verify option

[Kusztal, ArkadiuszX]

> -----Original Message-----
> From: Akhil Goyal <gakhil at marvell.com>
> Sent: Wednesday, May 25, 2022 8:00 AM
> To: Kusztal, ArkadiuszX <arkadiuszx.kusztal at intel.com>; dev at dpdk.org
> Cc: Anoob Joseph <anoobj at marvell.com>; Zhang, Roy Fan
> <roy.fan.zhang at intel.com>
> Subject: RE: [EXT] [PATCH 21/40] cryptodev: add public key verify option
> 
> > > >
> > > >  /**
> > > > @@ -397,6 +399,10 @@ struct rte_crypto_dh_op_param {
> > > >  	 * For ECDH it is a point on the curve.
> > > >  	 * Output for RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE
> > > >  	 * Input for RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE
> > > > +	 *
> > > > +	 * VERIFY option can be used only for elliptic curve
> > > > +	 * point validation, for FFDH (DH) it is user's reponsibility
> > > > +	 * to check the public key accordingly.
> > >
> > > What is expected from the user? Please be specific.
> > [Arek] - Well, this depends on protocol, usually it is size check for
> > FFDH and zero check for x25519/448. Not sure how much information should
> be provided here.
> I can understand we cannot specify everything here.
> How about adding in documentation a section to give details?
[Arek] - actually I came with another idea.
I have added ECDH param, VERIFY is valid only for ecdh_op and verify is:
RTE_CRYPTO_ASYM_KE_EC_PUBLIC_KEY_VERIFY, so it is not included in dh_op_param.
I doubt there will be any hw acceleration for anything else than EC point verification + I doubt there will be 4 steps verification (that's why I have not included it in flags). I have spilt DH into DH and ECDH, as it probably will be easier when adding sm2 key exchange (instead of extending union fields)

+ Kai
> 
> > > Add reference to the ke_type for which this comment id valid.
> >
> > >
> > > >  	 */
> > > >  	union {
> > > >  		rte_crypto_uint shared_secret;
> > > > --
> > > > 2.13.6