Added asymmetric xform structures, operation definitions, operation
parameters. Added asymmetric algorithms RSA, DH, ECDH, DSA, ECDSA,
MODEXP, FECC, MOD-INVERSE. Added curves (all curves supported by
libcrypto as of now).
Signed-off-by: Umesh Kartha <umesh.kar...@caviumnetworks.com>
---
lib/librte_cryptodev/rte_crypto_asym.h | 1124 ++++++++++++++++++++++++++++++++
1 file changed, 1124 insertions(+)
create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
diff --git lib/librte_cryptodev/rte_crypto_asym.h
lib/librte_cryptodev/rte_crypto_asym.h
new file mode 100644
index 0000000..36a8b4f
--- /dev/null
+++ lib/librte_cryptodev/rte_crypto_asym.h
@@ -0,0 +1,1124 @@
+/*
+ * BSD LICENSE
+ *
+ * Copyright (C) Cavium networks Ltd. 2017.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * * Neither the name of Cavium Networks nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _RTE_CRYPTO_ASYM_H_
+#define _RTE_CRYPTO_ASYM_H_
+
+/**
+ * @file rte_crypto_asym.h
+ *
+ * RTE Definitions for Asymmetric Cryptography
+ *
+ * Defines asymmetric algorithms and modes, as well as supported
+ * asymmetric crypto operations.
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <string.h>
+#include <stdint.h>
+#include <rte_mbuf.h>
+#include <rte_memory.h>
+#include <rte_mempool.h>
+#include <rte_common.h>
+#include "rte_crypto_sym.h"
+
+typedef struct rte_crypto_xform_param_t {
+ uint8_t *data;
+ size_t length;
+} rte_crypto_xform_param;
+
+typedef struct rte_crypto_op_param_t {
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ size_t length;
+} rte_crypto_op_param;
+
+/** Asymmetric crypto transformation types */
+enum rte_crypto_asym_xform_type {
+ RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED = 0,
+ RTE_CRYPTO_ASYM_XFORM_RSA,
+ RTE_CRYPTO_ASYM_XFORM_MODEX,
+ RTE_CRYPTO_ASYM_XFORM_DH,
+ RTE_CRYPTO_ASYM_XFORM_ECDH,
+ RTE_CRYPTO_ASYM_XFORM_DSA,
+ RTE_CRYPTO_ASYM_XFORM_ECDSA,
+ RTE_CRYPTO_ASYM_XFORM_FECC,
+ RTE_CRYPTO_ASYM_XFORM_MODINV,
+ RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
+};
+
+/**
+ * RSA operation type variants
+ */
+enum rte_crypto_rsa_optype {
+ RTE_CRYPTO_RSA_OP_NOT_SPECIFIED = 1,
+ /**< RSA operation unspecified */
+ RTE_CRYPTO_RSA_OP_PUBLIC_ENCRYPT,
+ /**< RSA public encrypt operation */
+ RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT,
+ /**< RSA private decrypt operation */
+ RTE_CRYPTO_RSA_OP_SIGN,
+ /**< RSA private key signature operation */
+ RTE_CRYPTO_RSA_OP_VERIFY,
+ /**< RSA public key verification operation */
+ RTE_CRYPTO_RSA_OP_LIST_END
+};
+
+/**
+ * Padding types for RSA signature.
+ */
+enum rte_crypto_rsa_padding_type {
+ RTE_CRYPTO_RSA_PADDING_NOT_SPECIFIED = 1,
+ /**< RSA no padding scheme */
+ RTE_CRYPTO_RSA_PADDING_BT1,
+ /**< RSA PKCS#1 padding BT1 scheme */
+ RTE_CRYPTO_RSA_PADDING_BT2,
+ /**< RSA PKCS#1 padding BT2 scheme */
+ RTE_CRYPTO_RSA_PADDING_OAEP,
+ /**< RSA PKCS#1 OAEP padding scheme */
+ RTE_CRYPTO_RSA_PADDING_PSS,
+ /**< RSA PKCS#1 PSS padding scheme */
+ RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END
+};
+
+/**
+ * Modular exponentiaion operation type variants
+ */
+enum rte_crypto_modex_optype {
+ RTE_CRYPTO_MODEX_OP_NOT_SPECIFIED = 1,
+ /**< ModEx operation type unspecified */
+ RTE_CRYPTO_MODEX_OP_MODEX,
+ /**< Modex operation modular exponentiation */
+ RTE_CRYPTO_MODEX_OP_LIST_END
+};
+
+/**
+ * Modular Inverse operation type variants
+ */
+enum rte_crypto_modeinv_optype {
+ RTE_CRYPTO_MODINV_OP_NOT_SPECIFIED = 1,
+ /**< ModInv operation type unspecified */
+ RTE_CRYPTO_MODINV_OP_MODINV,
+ /**< ModInv operation modular Inverse */
+ RTE_CRYPTO_MODEX_OP_LIST_END
+};
+
+/**
+ * DSA operation type variants
+ */
+enum rte_crypto_dsa_optype {
+ RTE_CRYPTO_DSA_OP_NOT_SPECIFIED = 1,
+ /**< DSA operation unspecified */
+ RTE_CRYPTO_DSA_OP_SIGN,
+ /**< DSA private key signature operation */
+ RTE_CRYPTO_DSA_OP_VERIFY,
+ /**< DSA public key verification operation */
+ RTE_CRYPTO_DSA_OP_LIST_END
+};
+
+
+/**
+ * ECDSA operation type variants
+ */
+enum rte_crypto_ecdsa_optype {
+ RTE_CRYPTO_ECDSA_OP_NOT_SPECIFIED = 1,
+ /**< ECDSA operation unspecified */
+ RTE_CRYPTO_ECDSA_OP_SIGN,
+ /**< ECDSA private key signature operation */
+ RTE_CRYPTO_ECDSA_OP_VERIFY,
+ /**< ECDSA public key verification operation */
+ RTE_CRYPTO_ECDSA_OP_LIST_END
+};
+
+/**
+ * Diffie Hellman Key operation variants
+ */
+enum rte_crypto_dh_optype {
+ RTE_CRYPTO_DH_OP_NOT_SPECIFIED = 1,
+ /**< DH operation unspecified */
+ RTE_CRYPTO_DH_OP_KEY_GENERATION,
+ /**< DH private/public key generation operation */
+ RTE_CRYPTO_DH_OP_KEY_COMPUTATION,
+ /**< DH private key computation operation */
+ RTE_CRYPTO_DH_OP_LIST_END
+};
+
+/**
+ * Elliptic Curve Diffie Hellman Key operation variants
+ */
+enum rte_crypto_ecdh_optype {
+ RTE_CRYPTO_ECDH_OP_NOT_SPECIFIED = 1,
+ /**< ECDH operation unspecified */
+ RTE_CRYPTO_ECDH_OP_KEY_GENERATION,
+ /**< ECDH private/public key generation operation */
+ RTE_CRYPTO_ECDH_OP_KEY_CHECK,
+ /**< ECDH public key validity check operation */
+ RTE_CRYPTO_ECDH_OP_KEY_COMPUTATION,
+ /**< ECDH private key computation operation */
+ RTE_CRYPTO_ECDH_OP_LIST_END
+};
+
+/**
+ * Fundamental ECC operation type variants.
+ */
+enum rte_crypto_fecc_optype {
+ RTE_CRYPTO_FECC_OP_NOT_SPECIFIED = 1,
+ /**< FECC operation type unspecified */
+ RTE_CRYPTO_FECC_OP_POINT_ADD,
+ /**< Fundamental ECC point addition operation */
+ RTE_CRYPTO_FECC_OP_POINT_DBL,
+ /**< Fundamental ECC point doubling operation */
+ RTE_CRYPTO_FECC_OP_POINT_MULTIPLY,
+ /**< Fundamental ECC point multiplication operation */
+ RTE_CRYPTO_FECC_OP_LIST_END
+};
+
+/**
+ * ECC list of curves.
+ */
+enum rte_crypto_ec_prime_curve {
+ RTE_CRYPTO_EC_CURVE_NOT_SPECIFIED = -1,
+ /**< Unspecified or empty curve id */
+ RTE_CRYPTO_EC_CURVE_secp112r1,
+ /**< SECG/WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp112r2,
+ /**< SECG curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp128r1,
+ /**< SECG curve over a 128 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp128r2,
+ /**< SECG curve over a 128 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160k1,
+ /**< SECG curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160r1,
+ /**< SECG curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp160r2,
+ /**< SECG/WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp192k1,
+ /**< SECG curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp224k1,
+ /**< SECG curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp224r1,
+ /**< NIST/SECG curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp256k1,
+ /**< SECG curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp384r1,
+ /**< NIST/SECG curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_secp521r1,
+ /**< NIST/SECG curve over a 521 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v1,
+ /**< NIST/X9.62/SECG curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v2,
+ /**< X9.62 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime192v3,
+ /**< X9.62 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v1,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v2,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime239v3,
+ /**< X9.62 curve over a 239 bit prime field */
+ RTE_CRYPTO_EC_CURVE_prime256v1,
+ /**< X9.62/SECG curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls6,
+ /**< SECG/WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls7,
+ /**< SECG/WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls8,
+ /**< WTLS curve over a 112 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls9,
+ /**< WTLS curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls12,
+ /**< WTLS curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP160r1,
+ /**< RFC 5639 curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP160t1,
+ /**< RFC 5639 curve over a 160 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP192r1,
+ /**< RFC 5639 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP192t1,
+ /**< RFC 5639 curve over a 192 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP224r1,
+ /**< RFC 5639 curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP224t1,
+ /**< RFC 5639 curve over a 224 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP256r1,
+ /**< RFC 5639 curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP256t1,
+ /**< RFC 5639 curve over a 256 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP320r1,
+ /**< RFC 5639 curve over a 320 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP320t1,
+ /**< RFC 5639 curve over a 320 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP384r1,
+ /**< RFC 5639 curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP384t1,
+ /**< RFC 5639 curve over a 384 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP512r1,
+ /**< RFC 5639 curve over a 512 bit prime field */
+ RTE_CRYPTO_EC_CURVE_brainpoolP512t1,
+ /**< RFC 5639 curve over a 512 bit prime field */
+ RTE_CRYPTO_EC_CURVE_x25519,
+ /**< Curve 25519 */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+enum rte_crypto_ec_binary_curve {
+ RTE_CRYPTO_EC_CURVE_NOT_SPECIFIED = -1,
+ /**< Unspecified or empty curve id */
+ RTE_CRYPTO_EC_CURVE_sect113r1,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect113r2,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect131r1,
+ /**< SECG/WTLS curve over a 131 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect131r2,
+ /**< SECG curve over a 131 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163k1,
+ /**< NIST/SECG/WTLS curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163r1,
+ /**< SECG curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect163r2,
+ /**< NIST/SECG curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect193r1,
+ /**< SECG curve over a 193 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect193r2,
+ /**< SECG curve over a 193 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect233k1,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect233r1,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect239k1,
+ /**< SECG curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect283k1,
+ /**< NIST/SECG curve over a 283 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect283r1,
+ /**< NIST/SECG curve over a 283 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect409k1,
+ /**< NIST/SECG curve over a 409 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect409r1,
+ /**< NIST/SECG curve over a 409 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect571k1,
+ /**< NIST/SECG curve over a 571 bit binary field */
+ RTE_CRYPTO_EC_CURVE_sect571r1,
+ /**< NIST/SECG curve over a 571 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v1,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v2,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb163v3,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb176v1,
+ /**< X9.62 curve over a 176 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v1,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v2,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb191v3,
+ /**< X9.62 curve over a 191 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb208w1,
+ /**< X9.62 curve over a 208 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v1,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v2,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb239v3,
+ /**< X9.62 curve over a 239 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb272w1,
+ /**< X9.62 curve over a 272 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb304w1,
+ /**< X9.62 curve over a 304 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb359v1,
+ /**< X9.62 curve over a 359 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2pnb368w1,
+ /**< X9.62 curve over a 368 bit binary field */
+ RTE_CRYPTO_EC_CURVE_c2tnb431r1,
+ /**< X9.62 curve over a 431 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls1,
+ /**< WTLS curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls3,
+ /**< NIST/SECG/WTLS curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls4,
+ /**< SECG curve over a 113 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls5,
+ /**< X9.62 curve over a 163 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls10,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_wap_wsg_idm_ecid_wtls11,
+ /**< NIST/SECG/WTLS curve over a 233 bit binary field */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+/**
+ * Elliptic curve point format
+ */
+struct rte_crypto_ec_point {
+ struct {
+ int length;
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ /**< phys_addr is used only for points passed in the
+ * asym_op structure.
+ */
+ } x;
+ /**< X co-ordinate */
+
+ struct {
+ int length;
+ uint8_t *data;
+ phys_addr_t phys_addr;
+ /**< phys_addr is used only for points passed in the
+ * operation structure
+ */
+ } y;
+ /**< Y co-ordinate */
+};
+
+/**
+ * Elliptic curve type
+ */
+enum rte_crypto_ec_curve_type {
+ RTE_CRYPTO_EC_CURVE_TYPE_UNDEFINED,
+ /**< Curve type undefined */
+ RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD,
+ /**< EC curve defined over a prime field */
+ RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD,
+ /**< EC curve defined over a binary field */
+ RTE_CRYPTO_EC_CURVE_LIST_END
+};
+
+/**
+ * Elliptic curve id
+ */
+struct rte_crypto_ec_curve_id {
+ RTE_STD_C11
+ union {
+ enum rte_crypto_ec_prime_curve pcurve;
+ enum rte_crypto_ec_binary_curve bcurve;
+ }
+};
+
+/**
+ * Asymmetric RSA transform data
+ *
+ * This structure contains data required to perform RSA crypto
+ * transform. If all CRT components are filled, RSA private key
+ * operations @ref RTE_CRYPTO_RSA_OP_SIGN and @ref
+ * RTE_CRYPTO_RSA_OP_PRIVATE_DECRYPT uses CRT method for crypto
+ * transform.
+ */
+struct rte_crypto_rsa_xform {
+
+ rte_crypto_xform_param n;
+ /**< n - Prime modulus
+ * Prime modulus data of RSA operation in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param e;
+ /**< e - Public key exponent
+ * Public key exponent used for RSA public key operations in Octet-
+ * string network byte order format.
+ */
+
+ rte_crypto_xform_param d;
+ /**< d - Private key exponent
+ * Private key exponent used for RSA private key operations in
+ * Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ /**< p - Private key component P
+ * Private key component of RSA parameter required for CRT method
+ * of private key operations in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param q;
+ /**< q - Private key component Q
+ * Private key component of RSA parameter required for CRT method
+ * of private key operations in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param dP;
+ /**< dP - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * dP = d mod ( p - 1 )
+ */
+
+ rte_crypto_xform_param dQ;
+ /**< dQ - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * dQ = d mod ( q - 1 )
+ */
+
+ rte_crypto_xform_param qInv;
+ /**< qInv - Private CRT component
+ * Private CRT component of RSA parameter required for CRT method
+ * RSA private key operations in Octet-string network byte order
+ * format.
+ * qInv = inv q mod p
+ */
+};
+
+/** Asymmetric Modular exponentiation transform data
+ *
+ * This structure contains data required to perform modular exponentation
+ * crypto transform. If all CRT components are valid, crypto transform
+ * operation follows CRT method.
+ */
+struct rte_crypto_modex_xform {
+
+ rte_crypto_xform_param modulus;
+ /**< modulus
+ * Prime modulus of the modexp transform operation in Octet-string
+ * network byte order format.
+ */
+
+ rte_crypto_xform_param exponent;
+ /**< exponent
+ * Private exponent of the modexp transform operation in
+ * Octet-string network byte order format.
+ */
+};
+
+/** Asymmetric DH transform data
+ * This structure contains data used to perform DH key
+ * computation
+ */
+struct rte_crypto_dh_xform {
+ rte_crypto_xform_param p;
+ /**< p : Prime modulus data
+ * DH prime modulous data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param g;
+ /**< g : Generator
+ * DH group generator data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param priv_key;
+ /**< priv_key
+ * DH private key data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param pub_key;
+ /**< pub_key
+ * DH public key data in Octet-string network byte order format.
+ */
+};
+
+/**Asymmetric ECDH transform data
+ * This structure contains data required to perform ECDH crypto
+ * transform
+ */
+struct rte_crypto_ecdh_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< ECDH curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+
+ rte_crypto_xform_param n;
+ /**< n : order
+ * ECDH curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ /**< p:
+ * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD:
+ * p holds the prime modulus data in Octet string format.
+ *
+ * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD:
+ * p holds reduction polynomial co-efficients and degree.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'b' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ struct rte_crypto_ec_point G;
+ /**< G: EC curve generator
+ * EC curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param pkey;
+ /**< pkey: Private key
+ * Private key data for ECDH operation in Octet-string network byte
+ * order format.
+ */
+
+ struct rte_crypto_ecpoint Q;
+ /**< Q: Public key point
+ * Public key point data of ECDH operation in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+};
+
+/** Asymmetric Digital Signature transform operation
+ *
+ * This structure contains data required to perform asymmetric
+ * digital signature crypto transform.
+ */
+struct rte_crypto_dsa_xform {
+
+ rte_crypto_xform_param p;
+ /**< p - Prime modulus
+ * Prime modulus data for DSA operation in Octet-string network byte
+ * order format.
+ */
+
+ rte_crypto_xform_param q;
+ /**< q : Order of the subgroup
+ * Order of the subgroup data in Octet-string network byte order
+ * format.
+ * q % (p-1) = 0
+ */
+
+ rte_crypto_xform_param g;
+ /**< g: Generator of the subgroup
+ * Generator data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param x;
+ /**< x: Private key of the signer
+ * Private key data in Octet-string network byte order format.
+ * Private key is valid only for signature generation operation.
+ */
+
+ rte_crypto_xform_param y;
+ /**< y : Public key of the signer.
+ * Public key data of the signer in Octet-string network byte order
+ * format.
+ * y = g^x mod p
+ */
+};
+
+/** Asymmetric ECDSA transform data
+ *
+ * This structure contains data required to perform ECDSA crypto
+ * transform.
+ */
+struct rte_crypto_ecdsa_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< ECDSA curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+ /**< EC curve ID */
+
+ rte_crypto_xform_param n;
+ /**< n : order
+ * ECDH curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param p;
+ /**< p:
+ * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_PRIME_FIELD:
+ * p holds the prime modulus data in Octet string format.
+ *
+ * If the curve_type is @ref RTE_CRYPTO_EC_CURVE_TYPE_BINARY_FIELD:
+ * p holds reduction polynomial co-efficients and degree.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'b' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ struct rte_crypto_ecpoint G;
+ /**< G: EC curve generator
+ * EC curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param pkey;
+ /**< pkey: Private key
+ * Private key data of the signer for ECDSA signature generation
+ * operation in Octet-string network byte format. Parameter is
+ * invalid or unsed for signature verification.
+ */
+
+ struct rte_crypto_ecpoint Q;
+ /**< Q: Public key point
+ * Public key point data of ECDSA operation in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+};
+
+/** Asymmetric modular inverse transform operation
+ * This structure contains data required to perform
+ * asymmetric modular inverse crypto transform
+ */
+struct rte_crypto_modinv_xform {
+};
+
+/** Asymmetric Fundamental ECC transform operation
+ *
+ * This structure contains data required to perform asymmetric
+ * fundamental ECC crypto transform.
+ */
+struct rte_crypto_fecc_xform {
+
+ enum rte_crypto_ec_curve_type curve_type;
+ /**< FECC curve type: Prime vs Binary */
+
+ struct rte_crypto_ec_curve_id curve_id;
+ /**< EC curve ID */
+
+ rte_crypto_xform_param order;
+ /**< order : ECC curve order
+ * Curve order data in Octet-string network byte order format.
+ */
+
+ rte_crypto_xform_param prime;
+ /**< prime : Curve prime modulus data
+ * Prime modulus data in Octet-string network byte order format.
+ */
+
+ struct rte_crypto_ec_point G;
+ /**< G: curve generator point
+ * Curve generator point data in Octet-string network byte order
+ * format.
+ */
+
+ rte_crypto_xform_param a;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ rte_crypto_xform_param b;
+ /**< Co-efficient 'a' of curve equation data in Octet-string network
+ * byte order format.
+ */
+
+ int h;
+ /**< Co-factor of the curve */
+
+};
+
+/**
+ * Asymmetric crypto transform data
+ *
+ * This structure contains the data required to perform the
+ * asymmetric crypto transformation operation. The field op
+ * determines the asymmetric algorithm for transformation.
+ */
+struct rte_crypto_asym_xform {
+ struct rte_crypto_asym_xform *next;
+ enum rte_crypto_asym_xform_type xform_type;
+ /**< Asymmetric algorithm for crypto transform */
+
+ RTE_STD_C11
+ union {
+ struct rte_crypto_rsa_xform rsa;
+ struct rte_crypto_fecc_xform fecc;
+ struct rte_crypto_modex_xform modex;
+ struct rte_crypto_ecdsa_xform ecdsa;
+ struct rte_crypto_ecdh_xform ecdh;
+ struct rte_crypto_dsa_xform dsa;
+ };
+};
+
+struct rte_cryptodev_asym_session;
+
+/**
+ * Crypto operation session type. This is used to specify whether a crypto
+ * operation has session structure attached for immutable parameters or if all
+ * operation information is included in the operation data structure.
+ */
+enum rte_crypto_asym_op_sess_type {
+ RTE_CRYPTO_ASYM_OP_WITH_SESSION,
+ /**< Session based crypto operation */
+ RTE_CRYPTO_ASYM_OP_SESSIONLESS
+ /**< Session-less crypto operation */
+};
+
+/**
+ * Asymmetric Cryptographic Operation.
+ *
+ * This structure contains data relating to performing asymmetric cryptographic
+ * operation.
+ *
+ */
+struct rte_crypto_asym_op {
+
+ enum rte_crypto_asym_op_sess_type sess_type;
+ enum rte_crypto_asym_xform_type type;
+
+ RTE_STD_C11
+ union {
+ enum rte_crypto_rsa_optype rsa_op;
+ /**< Type of RSA operation for transform */;
+ enum rte_crypto_modex_optype modex_op;
+ /**< Type of modular exponentiation operation */
+ enum rte_crypto_ecdsa_optype ecdsa_op;
+ /**< ECDSA crypto xform operation type */
+ enum rte_crypto_fecc_optype fecc_op;
+ /**< ECDSA crypto xform operation type */
+ enum rte_crypto_dsa_optype dsa_op;
+ /**< DSA crypto xform operation type */
+ };
+
+ RTE_STD_C11
+ union {
+ struct rte_cryptodev_asym_session *session;
+ /**< Handle for the initialised session context */
+ struct rte_crypto_asym_xform *xform;
+ /**< Session-less API crypto operation parameters */
+ };
+
+ RTE_STD_C11
+ union {
+
+ struct {
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be encrypted for RSA public encrypt.
+ * - to be decrypted for RSA private decrypt.
+ * - to be signed for RSA sign generation.
+ * - to be authenticated for RSA sign verification.
+ */
+
+ rte_crypto_op_param sign;
+ /**<
+ * Pointer to RSA signature data. If operation is RSA
+ * sign @ref RTE_CRYPTO_RSA_OP_SIGN, buffer will be
+ * over-written with generated signature.
+ *
+ * Length of the signature data will be equal to the
+ * RSA prime modulus length.
+ */
+
+ enum rte_crypto_rsa_padding_type pad;
+ /**< RSA padding scheme to be used for transform */
+
+ enum rte_crypto_auth_algorithm md;
+ /**< Hash algorithm to be used for data hash if padding
+ * scheme is either OAEP or PSS. Valid hash algorithms
+ * are:
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+
+ enum rte_crypto_auth_algorithm mgf1md;
+ /**<
+ * Hash algorithm to be used for mask generation if
+ * padding scheme is either OAEP or PSS. If padding
+ * scheme is unspecified data hash algorithm is used
+ * for mask generation. Valid hash algorithms are:
+ * MD5, SHA1, SHA224, SHA256, SHA384, SHA512
+ */
+ } rsa;
+
+ struct {
+ rte_crypto_op_param pub_key;
+ /**<
+ * If DH operation type is
+ * KEY_GENERATION:
+ * if priv_key and public key are provided, the keys
+ * are copied to DH xform structure, else key pair is
+ * generated and stored in DH xform structure.
+ * pub_key data should be in Octet-string network
+ * byte order format.
+ *
+ * KEY_COMPUTATION:
+ * pub_key holds the key shared by peer during DH
+ * key exchange. pub_key data is written as Octet-
+ * string network byte order format.
+ */
+ RTE_STD_C11
+ union {
+ rte_crypto_op_param priv_key;
+ /**<
+ * If DH operation type is KEY_GENERATION, and
+ * priv_key is provided, the key is copied to
+ * DH xform structure, else generated and stored
+ * in DH xform structure. priv_key data is in
+ * in Octet-string network byte order format.
+ */
+ rte_crypto_op_param shared_key;
+ /*
+ * If DH operation type is KEY_COMPUTATION:
+ * shared_key holds the shared secret
+ * computed. shared_key is written as
+ * Octet-string network byte order format.
+ */
+ };
+ } dh;
+
+ struct {
+ rte_crypto_op_param base;
+ /**<
+ * Pointer to base of modular exponentiation data in
+ * Octet-string network byte order format.
+ */
+ } modex;
+
+ struct {
+ rte_crypto_op_param priv_key;
+ /**<
+ * If ECDH operation type is KEY_GENERATION, and
+ * priv_key is provided, the key is copied to ECDH
+ * xform structure, else generated and stored in
+ * ECDH xform structure in Octet-string network byte
+ * order.
+ * If ECDH operation type is KEY_COMPUTATION:
+ * priv_key holds the 'X' co-ordinate of the shared
+ * secret EC point computed in Octet-string network
+ * byte order.
+ */
+
+ rte_crypto_ec_point pub_key;
+ /**<
+ * If ECDH operation type is
+ * KEY_GENERATION:
+ * if priv_key and public key are provided, the keys
+ * are copied ECDH xform structure, else key pair is
+ * generated and stored in ECDH xform structure.
+ *
+ * KEY_COMPUTATION:
+ * pub_key holds peer's public key during ECDH
+ * key exchange in Octet-string network byte order.
+ */
+ } ecdh;
+
+ struct {
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be signed for ECDSA signature generation.
+ * - to be authenticated for ECDSA sign verification.
+ */
+
+ rte_crypto_op_param sign;
+ /**<
+ * Pointer to ECDSA signature. If operation type is
+ * @ref RTE_CRYPTO_ECDSA_OP_VERIFY this buffer will be
+ * over-written with the signature.
+ *
+ * Length of ECDSA signature will be less than twice the
+ * length of prime modulus length.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to random scalar to be used for generation
+ * of ECDSA signature @ref RTE_CRYPTO_ECDSA_OP_SIGN.
+ * It is invalid if operation is ECDSA verify.
+ * Scalar data is in Octet-string network byte order
+ * format.
+ *
+ * Length of scalar K should be less than the prime
+ * modulus of the curve
+ */
+ } ecdsa;
+
+ struct {
+
+ rte_crypto_op_param message;
+ /**<
+ * Pointer to data
+ * - to be signed for DSA signature generation.
+ * - to be authenticated for DSA sign verification.
+ *
+ * Length of data to be signed, if is more than
+ * prime modulus length, is truncated to length of
+ * prime modulus.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to random scalar to be used for DSA
+ * signature generation. K should be a non-zero number
+ * less than q. k is in Octet-string network byte
+ * order format.
+ */
+
+ } dsa;
+
+ struct {
+ struct rte_crypto_ec_point p;
+ /**<
+ * Pointer to primary curve point for fundamental
+ * ECC operation. Data is in Octet-string network
+ * byte order format.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct rte_crypto_ec_point q;
+ /**<
+ *
+ * Pointer to secondary curve point for fundamental
+ * ECC operation. Data is in Octet-string network
+ * byte order format.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve. This point is valid
+ * only for point addition optype
+ * RTE_CRYPTO_FECC_OP_POINT_ADD crypto transform.
+ */
+
+ rte_crypto_op_param k;
+ /**<
+ * Pointer to scalar data to be used only for point
+ * multiplication @ref RTE_CRYPTO_FECC_OP_POINT_MULTIPLY
+ * crypto transform. Data is in Octet-string network
+ * byte order format.
+ *
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ struct rte_crypto_ec_point r;
+ /**<
+ * Pointer to the resultant point on the curve after
+ * fundamental ECC crypto transform. Data is in
+ * Octet-string network byte order format.
+ * Length of data in bytes cannot exceed the prime
+ * modulus length of the curve.
+ */
+
+ } fecc;
+
+ struct {
+
+ rte_crypto_op_param prime;
+ /**<
+ * Pointer to the prime modulus data for modular
+ * inverse operation in Octet-string network byte
+ * order format.
+ */
+
+ rte_crypto_op_param base;
+ /**<
+ * Pointer to the base for the modular inverse
+ * operation in Octet-string network byte order
+ * format.
+ */
+ } modinv;
+ };
+
+} __rte_cache_aligned;
+
+
+
+/**
+ * Reset the fields of an asymmetric operation to their default values.
+ *
+ * @param op The crypto operation to be reset.
+ */
+static inline void
+__rte_crypto_asym_op_reset(struct rte_crypto_asym_op *op)
+{
+ memset(op, 0, sizeof(*op));
+
+ op->sess_type = RTE_CRYPTO_ASYM_OP_SESSIONLESS;
+}
+
+
+/**
+ * Allocate space for asymmetric crypto xforms in the private data space of the
+ * crypto operation. This also defaults the crypto xform type to
+ * RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED and configures the chaining of the
xforms
+ * in the crypto operation
+ *
+ * @return
+ * - On success returns pointer to first crypto xform in crypto operations
chain
+ * - On failure returns NULL
+ */
+static inline struct rte_crypto_asym_xform *
+__rte_crypto_asym_op_asym_xforms_alloc(struct rte_crypto_asym_op *asym_op,
+ void *priv_data, uint8_t nb_xforms)
+{
+ struct rte_crypto_asym_xform *xform;
+
+ asym_op->xform = xform = (struct rte_crypto_asym_xform *)priv_data;
+
+ do {
+ xform->type = RTE_CRYPTO_ASYM_XFORM_NOT_SPECIFIED;
+ xform = xform->next = --nb_xforms > 0 ? xform + 1 : NULL;
+ } while (xform);
+
+ return asym_op->xform;
+}
+
+
+/**
+ * Attach a session to an asymmetric crypto operation
+ *
+ * @param asym_op crypto operation
+ * @param sess cryptodev session
+ */
+static inline int
+__rte_crypto_asym_op_attach_asym_session(struct rte_crypto_asym_op *asym_op,
+ struct rte_cryptodev_asym_session *sess)
+{
+ asym_op->session = sess;
+ asym_op->sess_type = RTE_CRYPTO_ASYM_OP_WITH_SESSION;
+
+ return 0;
+}
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* _RTE_CRYPTO_ASYM_H_ */
--
1.8.3.1
