> In the case when PMD cannot support the full process of the SM2,
> but elliptic curve computation only, additional fields
> are needed to handle such a case.
>
> Points C1, kP therefore were added to the SM2 crypto operation struct.
>
> Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusz...@intel.com>
> ---
Please rebase. CI failed to apply patch.
Please be proactive to fix CI issues if reported.
> doc/guides/rel_notes/release_24_11.rst | 3 ++
> lib/cryptodev/rte_crypto_asym.h | 56 +++++++++++++++++++-------
> 2 files changed, 45 insertions(+), 14 deletions(-)
>
> diff --git a/doc/guides/rel_notes/release_24_11.rst
> b/doc/guides/rel_notes/release_24_11.rst
> index 53a5ffebe5..ee9e2cea3c 100644
> --- a/doc/guides/rel_notes/release_24_11.rst
> +++ b/doc/guides/rel_notes/release_24_11.rst
> @@ -413,6 +413,9 @@ ABI Changes
> added new structure ``rte_node_xstats`` to ``rte_node_register`` and
> added ``xstat_off`` to ``rte_node``.
>
> +* cryptodev: The ``rte_crypto_sm2_op_param`` struct member to hold
> ciphertext
> + is changed to union data type. This change is to support partial SM2
> calculation.
> +
>
> Known Issues
> ------------
> diff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h
> index aeb46e688e..f095cebcd0 100644
> --- a/lib/cryptodev/rte_crypto_asym.h
> +++ b/lib/cryptodev/rte_crypto_asym.h
> @@ -646,6 +646,8 @@ enum rte_crypto_sm2_op_capa {
> /**< Random number generator supported in SM2 ops. */
> RTE_CRYPTO_SM2_PH,
> /**< Prehash message before crypto op. */
> + RTE_CRYPTO_SM2_PARTIAL,
> + /**< Calculate elliptic curve points only. */
> };
>
> /**
> @@ -673,20 +675,46 @@ struct rte_crypto_sm2_op_param {
> * will be overwritten by the PMD with the decrypted length.
> */
>
> - rte_crypto_param cipher;
> - /**<
> - * Pointer to input data
> - * - to be decrypted for SM2 private decrypt.
> - *
> - * Pointer to output data
> - * - for SM2 public encrypt.
> - * In this case the underlying array should have been allocated
> - * with enough memory to hold ciphertext output (at least X bytes
> - * for prime field curve of N bytes and for message M bytes,
> - * where X = (C1 || C2 || C3) and computed based on SM2 RFC as
> - * C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will
> - * be overwritten by the PMD with the encrypted length.
> - */
> + union {
> + rte_crypto_param cipher;
> + /**<
> + * Pointer to input data
> + * - to be decrypted for SM2 private decrypt.
> + *
> + * Pointer to output data
> + * - for SM2 public encrypt.
> + * In this case the underlying array should have been allocated
> + * with enough memory to hold ciphertext output (at least X
> bytes
> + * for prime field curve of N bytes and for message M bytes,
> + * where X = (C1 || C2 || C3) and computed based on SM2 RFC
> as
> + * C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will
> + * be overwritten by the PMD with the encrypted length.
> + */
> + struct {
> + struct rte_crypto_ec_point c1;
> + /**<
> + * This field is used only when PMD does not support the
> full
> + * process of the SM2 encryption/decryption, but the
> elliptic
> + * curve part only.
> + *
> + * In the case of encryption, it is an output - point
> C1 =
> (x1,y1).
> + * In the case of decryption, if is an input - point C1
> =
> (x1,y1).
> + *
> + * Must be used along with the
> RTE_CRYPTO_SM2_PARTIAL flag.
> + */
> + struct rte_crypto_ec_point kp;
> + /**<
> + * This field is used only when PMD does not support the
> full
> + * process of the SM2 encryption/decryption, but the
> elliptic
> + * curve part only.
> + *
> + * It is an output in the encryption case, it is a point
> + * [k]P = (x2,y2).
> + *
> + * Must be used along with the
> RTE_CRYPTO_SM2_PARTIAL flag.
> + */
> + };
> + };
>
> rte_crypto_uint id;
> /**< The SM2 id used by signer and verifier. */
> --
> 2.34.1
