[v1, 1/3] cryptodev: add SM2 asymmetric crypto algorithm

Fri, 28 Apr 2023 02:28:43 -0700 

ShangMi 2 (SM2) is a encryption and digital signatture algorithm
used in the Chinese National Standard.

Signed-off-by: Gowrishankar Muthukrishnan <gmuthukri...@marvell.com>
---
 doc/guides/cryptodevs/features/default.ini |  1 +
 doc/guides/rel_notes/release_23_07.rst     |  3 +
 lib/cryptodev/rte_crypto_asym.h            | 76 ++++++++++++++++++++++
 lib/cryptodev/rte_cryptodev.c              |  1 +
 4 files changed, 81 insertions(+)

diff --git a/doc/guides/cryptodevs/features/default.ini 
b/doc/guides/cryptodevs/features/default.ini
index 523da0cfa8..a69967bb9e 100644
--- a/doc/guides/cryptodevs/features/default.ini
+++ b/doc/guides/cryptodevs/features/default.ini
@@ -125,6 +125,7 @@ Diffie-hellman          =
 ECDSA                   =
 ECPM                    =
 ECDH                    =
+SM2                     =
 
 ;
 ; Supported Operating systems of a default crypto driver.
diff --git a/doc/guides/rel_notes/release_23_07.rst 
b/doc/guides/rel_notes/release_23_07.rst
index a9b1293689..b920840038 100644
--- a/doc/guides/rel_notes/release_23_07.rst
+++ b/doc/guides/rel_notes/release_23_07.rst
@@ -55,6 +55,9 @@ New Features
      Also, make sure to start the actual text at the margin.
      =======================================================
 
+* **Added SM2 algorithm in cryptodev library.**
+
+  Added SM2 algorithm with prime field curve support.
 
 Removed Items
 -------------
diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
index 989f38323f..c91a8dee4d 100644
--- a/lib/cryptodev/rte_crypto_asym.h
+++ b/lib/cryptodev/rte_crypto_asym.h
@@ -119,6 +119,8 @@ enum rte_crypto_asym_xform_type {
        /**< Elliptic Curve Point Multiplication */
        RTE_CRYPTO_ASYM_XFORM_ECFPM,
        /**< Elliptic Curve Fixed Point Multiplication */
+       RTE_CRYPTO_ASYM_XFORM_SM2,
+       /**< ShangMi 2. Performs Encrypt, Decrypt, Sign and Verify. */
        RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
        /**< End of list */
 };
@@ -382,6 +384,20 @@ struct rte_crypto_ec_xform {
        /**< Pre-defined ec groups */
 };
 
+/**
+ * Asymmetric SM2 transform data
+ *
+ * Structure describing SM2 xform params
+ *
+ */
+struct rte_crypto_sm2_xform {
+       rte_crypto_uint pkey;
+       /**< Private key of the signer for signature generation */
+
+       struct rte_crypto_ec_point q;
+       /**< Public key of the signer for verification */
+};
+
 /**
  * Operations params for modular operations:
  * exponentiation and multiplicative inverse
@@ -637,9 +653,68 @@ struct rte_crypto_asym_xform {
                /**< EC xform parameters, used by elliptic curve based
                 * operations.
                 */
+
+               struct rte_crypto_sm2_xform sm2;
+               /**< SM2 xform parameters */
        };
 };
 
+/**
+ * SM2 operation params
+ */
+struct rte_crypto_sm2_op_param {
+       enum rte_crypto_asym_op_type op_type;
+       /**< Signature generation or verification */
+
+       rte_crypto_param message;
+       /**<
+        * Pointer to input data
+        * - to be encrypted for SM2 public encrypt.
+        * - to be signed for SM2 sign generation.
+        * - to be authenticated for SM2 sign verification.
+        *
+        * Pointer to output data
+        * - for SM2 private decrypt.
+        * In this case the underlying array should have been
+        * allocated with enough memory to hold plaintext output
+        * (atleast encrypted text length). The message.length field
+        * will be overwritten by the PMD with the decrypted length.
+        */
+
+       rte_crypto_param cipher;
+       /**<
+        * Pointer to input data
+        * - to be decrypted for SM2 private decrypt.
+        *
+        * Pointer to output data
+        * - for SM2 public encrypt.
+        * In this case the underlying array should have been allocated
+        * with enough memory to hold ciphertext output (atleast X bytes
+        * for prime field curve of N bytes and for message M bytes,
+        * where X = (C1 + C2 + C3) and computed based on SM2 RFC as
+        * C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will
+        * be overwritten by the PMD with the encrypted length.
+        */
+
+       rte_crypto_uint id;
+       /**< The SM2 id used by signer and verifier and is in interval
+        * (1, n-1).
+        */
+
+       rte_crypto_uint r;
+       /**< r component of elliptic curve signature
+        *     output : for signature generation (of atleast N bytes
+        *              where prime field length is N bytes)
+        *     input  : for signature verification
+        */
+       rte_crypto_uint s;
+       /**< s component of elliptic curve signature
+        *     output : for signature generation (of atleast N bytes
+        *              where prime field length is N bytes)
+        *     input  : for signature verification
+        */
+};
+
 /**
  * Asymmetric Cryptographic Operation.
  *
@@ -665,6 +740,7 @@ struct rte_crypto_asym_op {
                struct rte_crypto_dsa_op_param dsa;
                struct rte_crypto_ecdsa_op_param ecdsa;
                struct rte_crypto_ecpm_op_param ecpm;
+               struct rte_crypto_sm2_op_param sm2;
        };
        uint16_t flags;
        /**<
diff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c
index a96114b2da..fd7b6b92b5 100644
--- a/lib/cryptodev/rte_cryptodev.c
+++ b/lib/cryptodev/rte_cryptodev.c
@@ -282,6 +282,7 @@ const char *rte_crypto_asym_xform_strings[] = {
        [RTE_CRYPTO_ASYM_XFORM_DSA]     = "dsa",
        [RTE_CRYPTO_ASYM_XFORM_ECDSA]   = "ecdsa",
        [RTE_CRYPTO_ASYM_XFORM_ECPM]    = "ecpm",
+       [RTE_CRYPTO_ASYM_XFORM_SM2]     = "sm2",
 };
 
 /**
-- 
2.25.1

Reply via email to