This commit clarifies usage of random numbers in asymmetric
crypto API.
Signed-off-by: Arek Kusztal <arkadiuszx.kusz...@intel.com>
---
lib/cryptodev/rte_crypto_asym.h | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index e0def3d9ab..58d47158de 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -33,6 +33,11 @@ extern "C" {
* These buffers can be used for both input to PMD and output from PMD. When
* used for output from PMD, application has to ensure the buffer is large
* enough to hold the target data.
+ *
+ * If an operation requires the PMD to generate a random number,
+ * and the device supports CSRNG, 'data' should be set to NULL.
+ * The crypto parameter in question will not be used by the PMD,
+ * as it is internally generated.
*/
typedef struct rte_crypto_param_t {
uint8_t *data;
@@ -549,7 +554,9 @@ struct rte_crypto_dsa_op_param {
/**< input message to be signed or verified */
rte_crypto_param k;
/**< Per-message secret number, which is an integer
- * in the interval (1, q-1)
+ * in the interval (1, q-1).
+ * If the random number is generated by the PMD,
+ * the 'rte_crypto_param.data' parameter should be set to NULL.
*/
rte_crypto_param r;
/**< dsa sign component 'r' value
@@ -589,7 +596,9 @@ struct rte_crypto_ecdsa_op_param {
rte_crypto_param k;
/**< The ECDSA per-message secret number, which is an integer
- * in the interval (1, n-1)
+ * in the interval (1, n-1).
+ * If the random number is generated by the PMD,
+ * the 'rte_crypto_param.data' parameter should be set to NULL.
*/
rte_crypto_param r;
--
2.13.6
