Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/111838/?format=api
{ "id": 111838, "url": "http://patches.dpdk.org/api/patches/111838/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20220525155324.9288-15-arkadiuszx.kusztal@intel.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20220525155324.9288-15-arkadiuszx.kusztal@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20220525155324.9288-15-arkadiuszx.kusztal@intel.com", "date": "2022-05-25T15:53:24", "name": "[v2,14/14] cryptodev: add asym algorithms capabilities", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "8ad8b2a9621d72891bd45c5b705070b5e91e5acb", "submitter": { "id": 452, "url": "http://patches.dpdk.org/api/people/452/?format=api", "name": "Arkadiusz Kusztal", "email": "arkadiuszx.kusztal@intel.com" }, "delegate": { "id": 6690, "url": "http://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20220525155324.9288-15-arkadiuszx.kusztal@intel.com/mbox/", "series": [ { "id": 23159, "url": "http://patches.dpdk.org/api/series/23159/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=23159", "date": "2022-05-25T15:53:10", "name": "cryptodev: rsa, dh, ecdh changes", "version": 2, "mbox": "http://patches.dpdk.org/series/23159/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/111838/comments/", "check": "warning", "checks": "http://patches.dpdk.org/api/patches/111838/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 14132A0555;\n\tWed, 25 May 2022 19:05:13 +0200 (CEST)", "from [217.70.189.124] (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 0390F40E2D;\n\tWed, 25 May 2022 19:05:13 +0200 (CEST)", "from mga09.intel.com (mga09.intel.com [134.134.136.24])\n by mails.dpdk.org (Postfix) with ESMTP id 0799040151\n for <dev@dpdk.org>; Wed, 25 May 2022 19:05:10 +0200 (CEST)", "from fmsmga003.fm.intel.com ([10.253.24.29])\n by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 25 May 2022 10:01:34 -0700", "from silpixa00399302.ir.intel.com ([10.237.214.136])\n by FMSMGA003.fm.intel.com with ESMTP; 25 May 2022 10:01:32 -0700" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple;\n d=intel.com; i=@intel.com; q=dns/txt; s=Intel;\n t=1653498311; x=1685034311;\n h=from:to:cc:subject:date:message-id:in-reply-to: references;\n bh=h0aZ0OzjZnni2v3YKivOkEuo4tE4PZBVfV8sgen5HSI=;\n b=jWsp5/iO3M+6uljjaQUY/CidTh46zWaEAVIygfPcOE8URkYCU8wQ6WfK\n CNBew8nv4OfsqEdbn8ekNAJdmBlkqyEIADHzInECnNGAvfIhKAi/FRKiD\n BHL0fT8aK3CTvrtkhrnABW/6vZ+RQeWYjlWOKg/EGAeLgWWGbuZQo8kdM\n iIE8jalffTpcL+cYTEF+2VbxiWf5ImlCMxY13TS1WrqKb+6UI6KlKDZ+x\n zW6z2DMgVFBh0DnlbWsv8tCfJO0jVR1yHffdXLOz5xZ6qzPdL8j7yQaJT\n Jg2gU2B2t1cBSo5Yb7wQNn4V/Pjda0po9ExoIBseXTWCgOb4Ww5tboQrf Q==;", "X-IronPort-AV": [ "E=McAfee;i=\"6400,9594,10358\"; a=\"273596702\"", "E=Sophos;i=\"5.91,250,1647327600\"; d=\"scan'208\";a=\"273596702\"", "E=Sophos;i=\"5.91,250,1647327600\"; d=\"scan'208\";a=\"664502453\"" ], "X-ExtLoop1": "1", "From": "Arek Kusztal <arkadiuszx.kusztal@intel.com>", "To": "dev@dpdk.org", "Cc": "gakhil@marvell.com, roy.fan.zhang@intel.com,\n Arek Kusztal <arkadiuszx.kusztal@intel.com>", "Subject": "[PATCH v2 14/14] cryptodev: add asym algorithms capabilities", "Date": "Wed, 25 May 2022 16:53:24 +0100", "Message-Id": "<20220525155324.9288-15-arkadiuszx.kusztal@intel.com>", "X-Mailer": "git-send-email 2.13.6", "In-Reply-To": "<20220525155324.9288-1-arkadiuszx.kusztal@intel.com>", "References": "<20220525155324.9288-1-arkadiuszx.kusztal@intel.com>", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "- Added asymmetric crypto algorithm specific capability struct.\nIncluded fields like random number capability, padding flags etc.\n\nSigned-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>\n---\n app/test-crypto-perf/main.c | 12 +-\n app/test-eventdev/test_perf_common.c | 2 +-\n app/test/test_cryptodev_asym.c | 210 +++++++++++++++++++++------\n app/test/test_event_crypto_adapter.c | 16 +-\n drivers/crypto/openssl/rte_openssl_pmd_ops.c | 128 +++++++---------\n drivers/crypto/qat/dev/qat_asym_pmd_gen1.c | 68 +++++++--\n lib/cryptodev/rte_crypto_asym.h | 48 ++++++\n lib/cryptodev/rte_cryptodev.c | 80 +++++++++-\n lib/cryptodev/rte_cryptodev.h | 75 +++++++++-\n lib/cryptodev/version.map | 4 +\n 10 files changed, 495 insertions(+), 148 deletions(-)", "diff": "diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c\nindex 17e30a8e74..f8a4c9cdcf 100644\n--- a/app/test-crypto-perf/main.c\n+++ b/app/test-crypto-perf/main.c\n@@ -364,8 +364,8 @@ cperf_verify_devices_capabilities(struct cperf_options *opts,\n \tstruct rte_cryptodev_sym_capability_idx cap_idx;\n \tconst struct rte_cryptodev_symmetric_capability *capability;\n \tstruct rte_cryptodev_asym_capability_idx asym_cap_idx;\n-\tconst struct rte_cryptodev_asymmetric_xform_capability *asym_capability;\n-\n+\tconst struct rte_cryptodev_asymmetric_capability *asym_capability;\n+\tstruct rte_crypto_mod_capability mod_capa = {0};\n \n \tuint8_t i, cdev_id;\n \tint ret;\n@@ -381,11 +381,11 @@ cperf_verify_devices_capabilities(struct cperf_options *opts,\n \t\t\tif (asym_capability == NULL)\n \t\t\t\treturn -1;\n \n-\t\t\tret = rte_cryptodev_asym_xform_capability_check_modlen(\n-\t\t\t\tasym_capability, opts->modex_data->modulus.len);\n-\t\t\tif (ret != 0)\n+\t\t\tmod_capa.max_mod_size = opts->modex_data->modulus.len;\n+\t\t\tret = rte_cryptodev_capa_check_mod(asym_capability,\n+\t\t\t\t\t\tmod_capa);\n+\t\t\tif (ret == 0)\n \t\t\t\treturn ret;\n-\n \t\t}\n \n \t\tif (opts->op_type == CPERF_AUTH_ONLY ||\ndiff --git a/app/test-eventdev/test_perf_common.c b/app/test-eventdev/test_perf_common.c\nindex b41785492e..ac8e6410ab 100644\n--- a/app/test-eventdev/test_perf_common.c\n+++ b/app/test-eventdev/test_perf_common.c\n@@ -846,7 +846,7 @@ cryptodev_sym_sess_create(struct prod_data *p, struct test_perf *t)\n static void *\n cryptodev_asym_sess_create(struct prod_data *p, struct test_perf *t)\n {\n-\tconst struct rte_cryptodev_asymmetric_xform_capability *capability;\n+\tconst struct rte_cryptodev_asymmetric_capability *capability;\n \tstruct rte_cryptodev_asym_capability_idx cap_idx;\n \tstruct rte_crypto_asym_xform xform;\n \tvoid *sess;\ndiff --git a/app/test/test_cryptodev_asym.c b/app/test/test_cryptodev_asym.c\nindex 072dbb30f4..c531265642 100644\n--- a/app/test/test_cryptodev_asym.c\n+++ b/app/test/test_cryptodev_asym.c\n@@ -311,10 +311,11 @@ test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params,\n \tstruct rte_crypto_asym_xform xform_tc;\n \tvoid *sess = NULL;\n \tstruct rte_cryptodev_asym_capability_idx cap_idx;\n-\tconst struct rte_cryptodev_asymmetric_xform_capability *capability;\n+\tconst struct rte_cryptodev_asymmetric_capability *capability;\n \tuint8_t dev_id = ts_params->valid_devs[0];\n \tuint8_t input[TEST_DATA_SIZE] = {0};\n \tuint8_t *result = NULL;\n+\tstruct rte_crypto_mod_capability mod_capa = {0};\n \n \tint ret, status = TEST_SUCCESS;\n \n@@ -358,8 +359,10 @@ test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params,\n \t\tasym_op->modex.base.length = data_tc->modex.base.len;\n \t\tasym_op->modex.result.data = result;\n \t\tasym_op->modex.result.length = data_tc->modex.result_len;\n-\t\tif (rte_cryptodev_asym_xform_capability_check_modlen(capability,\n-\t\t\t\txform_tc.modex.modulus.length)) {\n+\n+\t\tmod_capa.max_mod_size = xform_tc.modex.modulus.length;\n+\t\tif (!rte_cryptodev_capa_check_mod(capability,\n+\t\t\tmod_capa)) {\n \t\t\tsnprintf(test_msg, ASYM_TEST_MSG_LEN,\n \t\t\t\t\"line %u \"\n \t\t\t\t\"FAILED: %s\", __LINE__,\n@@ -378,8 +381,10 @@ test_cryptodev_asym_op(struct crypto_testsuite_params_asym *ts_params,\n \t\tasym_op->modinv.base.length = data_tc->modinv.base.len;\n \t\tasym_op->modinv.result.data = result;\n \t\tasym_op->modinv.result.length = data_tc->modinv.result_len;\n-\t\tif (rte_cryptodev_asym_xform_capability_check_modlen(capability,\n-\t\t\t\txform_tc.modinv.modulus.length)) {\n+\n+\t\tmod_capa.max_mod_size = xform_tc.modinv.modulus.length;\n+\t\tif (!rte_cryptodev_capa_check_mod(capability,\n+\t\t\tmod_capa)) {\n \t\t\tsnprintf(test_msg, ASYM_TEST_MSG_LEN,\n \t\t\t\t\"line %u \"\n \t\t\t\t\"FAILED: %s\", __LINE__,\n@@ -963,38 +968,100 @@ ut_teardown_asym(void)\n \trte_cryptodev_stop(ts_params->valid_devs[0]);\n }\n \n-static inline void print_asym_capa(\n-\t\tconst struct rte_cryptodev_asymmetric_xform_capability *capa)\n+static void\n+print_rsa_capability(\n+\tconst struct rte_cryptodev_asymmetric_capability *capa)\n {\n \tint i = 0;\n \n+\tprintf(\"\\nSupported paddings:\");\n+\tfor (; i < 32; i++) {\n+\t\tif (capa->rsa.padding & RTE_BIT32(i))\n+\t\t\tprintf(\"\\n - %s\", rte_crypto_asym_rsa_padding[i]);\n+\t}\n+\tprintf(\"\\nSupported hash functions:\");\n+\tfor (i = 0; i < 32; i++) {\n+\t\tif (capa->rsa.hash & RTE_BIT32(i))\n+\t\t\tprintf(\"\\n - %s\", rte_crypto_auth_algorithm_strings[i]);\n+\t}\n+\tprintf(\"\\nMaximum key size: \");\n+\tif (capa->rsa.max_key_size == 0)\n+\t\tprintf(\"Unlimited\");\n+\telse\n+\t\tprintf(\"%hu\", capa->rsa.max_key_size);\n+}\n+\n+static void\n+print_supported_curves(uint64_t curves)\n+{\n+\tint i = 0;\n+\n+\tprintf(\"\\nSupported elliptic curves:\");\n+\tfor (; i < 64; i++) {\n+\t\tif (curves & RTE_BIT64(i))\n+\t\t\tprintf(\"\\n - %s\", rte_crypto_curves_strings[i]);\n+\t}\n+}\n+\n+static inline void print_asym_capa(\n+\t\tconst struct rte_cryptodev_asymmetric_capability *capa)\n+{\n \tprintf(\"\\nxform type: %s\\n===================\\n\",\n \t\t\trte_crypto_asym_xform_strings[capa->xform_type]);\n-\tprintf(\"operation supported -\");\n \n-\tfor (i = 0; i < RTE_CRYPTO_ASYM_OP_LIST_END; i++) {\n-\t\t/* check supported operations */\n-\t\tif (rte_cryptodev_asym_xform_capability_check_optype(capa, i))\n-\t\t\tprintf(\" %s\",\n-\t\t\t\t\trte_crypto_asym_op_strings[i]);\n-\t\t}\n-\t\tswitch (capa->xform_type) {\n-\t\tcase RTE_CRYPTO_ASYM_XFORM_RSA:\n-\t\tcase RTE_CRYPTO_ASYM_XFORM_MODINV:\n-\t\tcase RTE_CRYPTO_ASYM_XFORM_MODEX:\n-\t\tcase RTE_CRYPTO_ASYM_XFORM_DH:\n-\t\tcase RTE_CRYPTO_ASYM_XFORM_DSA:\n-\t\t\tprintf(\" modlen: min %d max %d increment %d\",\n-\t\t\t\t\tcapa->modlen.min,\n-\t\t\t\t\tcapa->modlen.max,\n-\t\t\t\t\tcapa->modlen.increment);\n+\tswitch (capa->xform_type) {\n+\tcase RTE_CRYPTO_ASYM_XFORM_MODEX:\n+\tcase RTE_CRYPTO_ASYM_XFORM_MODINV:\n+\t\tprintf(\"Maximum size of modulus: \");\n+\t\tif (capa->mod.max_mod_size == 0)\n+\t\t\tprintf(\"Unlimited\");\n+\t\telse\n+\t\t\tprintf(\"%hu\", capa->mod.max_mod_size);\n \t\tbreak;\n-\t\tcase RTE_CRYPTO_ASYM_XFORM_ECDSA:\n-\t\tcase RTE_CRYPTO_ASYM_XFORM_ECPM:\n-\t\tdefault:\n-\t\t\tbreak;\n-\t\t}\n-\t\tprintf(\"\\n\");\n+\tcase RTE_CRYPTO_ASYM_XFORM_RSA:\n+\t\tprint_rsa_capability(capa);\n+\t\tbreak;\n+\tcase RTE_CRYPTO_ASYM_XFORM_DH:\n+\t\tprintf(\"Maximum group size: \");\n+\t\tif (capa->dh.max_group_size == 0)\n+\t\t\tprintf(\"Unlimited\");\n+\t\telse\n+\t\t\tprintf(\"%hu\", capa->dh.max_group_size);\n+\t\tprintf(\"\\nSupport for private key generation: \");\n+\t\tif (capa->dh.priv_key_gen)\n+\t\t\tprintf(\"Yes\");\n+\t\telse\n+\t\t\tprintf(\"No\");\n+\t\tbreak;\n+\tcase RTE_CRYPTO_ASYM_XFORM_DSA:\n+\t\tprintf(\"Maximum key size: \");\n+\t\tif (capa->dsa.max_key_size == 0)\n+\t\t\tprintf(\"Unlimited\");\n+\t\telse\n+\t\t\tprintf(\"%hu\", capa->dsa.max_key_size);\n+\t\tprintf(\"\\nSupport for random 'k' generation: \");\n+\t\tif (capa->dsa.random_k)\n+\t\t\tprintf(\"Yes\");\n+\t\telse\n+\t\t\tprintf(\"No\");\n+\t\tbreak;\n+\n+\t\tbreak;\n+\tcase RTE_CRYPTO_ASYM_XFORM_ECDSA:\n+\t\tprint_supported_curves(capa->ecdsa.curves);\n+\t\tprintf(\"\\nSupport for random 'k' generation: \");\n+\t\tif (capa->ecdsa.random_k)\n+\t\t\tprintf(\"Yes\");\n+\t\telse\n+\t\t\tprintf(\"No\");\n+\t\tbreak;\n+\tcase RTE_CRYPTO_ASYM_XFORM_ECPM:\n+\t\tprint_supported_curves(capa->ecpm.curves);\n+\t\tbreak;\n+\tdefault:\n+\t\tbreak;\n+\t}\n+\tprintf(\"\\n\");\n }\n \n static int\n@@ -1006,7 +1073,7 @@ test_capability(void)\n \tconst struct rte_cryptodev_capabilities *dev_capa;\n \tint i = 0;\n \tstruct rte_cryptodev_asym_capability_idx idx;\n-\tconst struct rte_cryptodev_asymmetric_xform_capability *capa;\n+\tconst struct rte_cryptodev_asymmetric_capability *capa;\n \n \trte_cryptodev_info_get(dev_id, &dev_info);\n \tif (!(dev_info.feature_flags &\n@@ -1023,7 +1090,7 @@ test_capability(void)\n \t\tdev_capa = &(dev_info.capabilities[i]);\n \t\tif (dev_info.capabilities[i].op ==\n \t\t\t\tRTE_CRYPTO_OP_TYPE_ASYMMETRIC) {\n-\t\t\tidx.type = dev_capa->asym.xform_capa.xform_type;\n+\t\t\tidx.type = dev_capa->asym.xform_type;\n \n \t\t\tcapa = rte_cryptodev_asym_capability_get(dev_id,\n \t\t\t\t(const struct\n@@ -1386,10 +1453,11 @@ test_mod_inv(void)\n \tvoid *sess = NULL;\n \tint status = TEST_SUCCESS;\n \tstruct rte_cryptodev_asym_capability_idx cap_idx;\n-\tconst struct rte_cryptodev_asymmetric_xform_capability *capability;\n+\tconst struct rte_cryptodev_asymmetric_capability *capability;\n \tuint8_t input[TEST_DATA_SIZE] = {0};\n \tint ret = 0;\n \tuint8_t result[sizeof(mod_p)] = { 0 };\n+\tstruct rte_crypto_mod_capability mod_capa = {0};\n \n \tif (rte_cryptodev_asym_get_xform_enum(\n \t\t&modinv_xform.xform_type, \"modinv\") < 0) {\n@@ -1408,13 +1476,11 @@ test_mod_inv(void)\n \t\treturn TEST_SKIPPED;\n \t}\n \n-\tif (rte_cryptodev_asym_xform_capability_check_modlen(\n-\t\tcapability,\n-\t\tmodinv_xform.modinv.modulus.length)) {\n-\t\tRTE_LOG(ERR, USER1,\n-\t\t\t\t \"Invalid MODULUS length specified\\n\");\n-\t\t\t\treturn TEST_SKIPPED;\n-\t\t}\n+\tmod_capa.max_mod_size = modinv_xform.modinv.modulus.length;\n+\tif (!rte_cryptodev_capa_check_mod(capability, mod_capa)) {\n+\t\tRTE_LOG(ERR, USER1, \"Invalid MODULUS length specified\\n\");\n+\t\treturn TEST_SKIPPED;\n+\t}\n \n \tret = rte_cryptodev_asym_session_create(dev_id, &modinv_xform, sess_mpool, &sess);\n \tif (ret < 0) {\n@@ -1499,7 +1565,8 @@ test_mod_exp(void)\n \tvoid *sess = NULL;\n \tint status = TEST_SUCCESS;\n \tstruct rte_cryptodev_asym_capability_idx cap_idx;\n-\tconst struct rte_cryptodev_asymmetric_xform_capability *capability;\n+\tconst struct rte_cryptodev_asymmetric_capability *capability;\n+\tstruct rte_crypto_mod_capability mod_capa = {0};\n \tuint8_t input[TEST_DATA_SIZE] = {0};\n \tint ret = 0;\n \tuint8_t result[sizeof(mod_p)] = { 0 };\n@@ -1522,12 +1589,11 @@ test_mod_exp(void)\n \t\treturn TEST_SKIPPED;\n \t}\n \n-\tif (rte_cryptodev_asym_xform_capability_check_modlen(\n-\t\t\tcapability, modex_xform.modex.modulus.length)) {\n-\t\tRTE_LOG(ERR, USER1,\n-\t\t\t\t\"Invalid MODULUS length specified\\n\");\n-\t\t\t\treturn TEST_SKIPPED;\n-\t\t}\n+\tmod_capa.max_mod_size = modex_xform.modex.modulus.length;\n+\tif (!rte_cryptodev_capa_check_mod(capability, mod_capa)) {\n+\t\tRTE_LOG(ERR, USER1, \"Invalid MODULUS length specified\\n\");\n+\t\treturn TEST_SKIPPED;\n+\t}\n \n \t/* Create op, create session, and process packets. 8< */\n \top = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);\n@@ -1785,6 +1851,8 @@ test_ecdsa_sign_verify(enum curve curve_id)\n \tstruct rte_crypto_asym_xform xform;\n \tstruct rte_crypto_asym_op *asym_op;\n \tstruct rte_cryptodev_info dev_info;\n+\tstruct rte_cryptodev_asym_capability_idx idx;\n+\tconst struct rte_cryptodev_asymmetric_capability *capabilities;\n \tstruct rte_crypto_op *op = NULL;\n \tint ret, status = TEST_SUCCESS;\n \n@@ -1814,6 +1882,25 @@ test_ecdsa_sign_verify(enum curve curve_id)\n \n \trte_cryptodev_info_get(dev_id, &dev_info);\n \n+\tstruct rte_crypto_ecdsa_capability capa = {\n+\t\t.curves = RTE_BIT32(input_params.curve),\n+\t\t.random_k = 0\n+\t};\n+\n+\tidx.type = RTE_CRYPTO_ASYM_XFORM_ECDSA;\n+\tcapabilities = rte_cryptodev_asym_capability_get(dev_id,\n+\t\t(const struct\n+\t\trte_cryptodev_asym_capability_idx *) &idx);\n+\n+\tif (capabilities == NULL) {\n+\t\tstatus = TEST_SKIPPED;\n+\t\tgoto exit;\n+\t}\n+\tif (!rte_cryptodev_capa_check_ecdsa(capabilities, capa)) {\n+\t\tstatus = TEST_SKIPPED;\n+\t\tgoto exit;\n+\t}\n+\n \t/* Setup crypto op data structure */\n \top = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);\n \tif (op == NULL) {\n@@ -1962,6 +2049,8 @@ test_ecdsa_sign_verify_all_curve(void)\n \t\tstatus = test_ecdsa_sign_verify(curve_id);\n \t\tif (status == TEST_SUCCESS) {\n \t\t\tmsg = \"succeeded\";\n+\t\t} else if (status == TEST_SKIPPED) {\n+\t\t\tcontinue;\n \t\t} else {\n \t\t\tmsg = \"failed\";\n \t\t\toverall_status = status;\n@@ -1987,6 +2076,8 @@ test_ecpm(enum curve curve_id)\n \tstruct rte_crypto_asym_xform xform;\n \tstruct rte_crypto_asym_op *asym_op;\n \tstruct rte_cryptodev_info dev_info;\n+\tstruct rte_cryptodev_asym_capability_idx idx;\n+\tconst struct rte_cryptodev_asymmetric_capability *capabilities;\n \tstruct rte_crypto_op *op = NULL;\n \tint ret, status = TEST_SUCCESS;\n \n@@ -2016,6 +2107,24 @@ test_ecpm(enum curve curve_id)\n \n \trte_cryptodev_info_get(dev_id, &dev_info);\n \n+\tstruct rte_crypto_ecdsa_capability capa = {\n+\t\t.curves = RTE_BIT32(input_params.curve)\n+\t};\n+\n+\tidx.type = RTE_CRYPTO_ASYM_XFORM_ECPM;\n+\tcapabilities = rte_cryptodev_asym_capability_get(dev_id,\n+\t\t(const struct\n+\t\trte_cryptodev_asym_capability_idx *) &idx);\n+\n+\tif (capabilities == NULL) {\n+\t\tstatus = TEST_SKIPPED;\n+\t\tgoto exit;\n+\t}\n+\tif (!rte_cryptodev_capa_check_ecdsa(capabilities, capa)) {\n+\t\tstatus = TEST_SKIPPED;\n+\t\tgoto exit;\n+\t}\n+\n \t/* Setup crypto op data structure */\n \top = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_ASYMMETRIC);\n \tif (op == NULL) {\n@@ -2124,6 +2233,8 @@ test_ecpm_all_curve(void)\n \t\tstatus = test_ecpm(curve_id);\n \t\tif (status == TEST_SUCCESS) {\n \t\t\tmsg = \"succeeded\";\n+\t\t} else if (status == TEST_SKIPPED) {\n+\t\t\tcontinue;\n \t\t} else {\n \t\t\tmsg = \"failed\";\n \t\t\toverall_status = status;\n@@ -2162,7 +2273,12 @@ static struct unit_test_suite cryptodev_qat_asym_testsuite = {\n \t.setup = testsuite_setup,\n \t.teardown = testsuite_teardown,\n \t.unit_test_cases = {\n+\t\tTEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_capability),\n \t\tTEST_CASE_ST(ut_setup_asym, ut_teardown_asym, test_one_by_one),\n+\t\tTEST_CASE_ST(ut_setup_asym, ut_teardown_asym,\n+\t\t\t test_ecdsa_sign_verify_all_curve),\n+\t\tTEST_CASE_ST(ut_setup_asym, ut_teardown_asym,\n+\t\t\t\ttest_ecpm_all_curve),\n \t\tTEST_CASES_END() /**< NULL terminate unit test array */\n \t}\n };\ndiff --git a/app/test/test_event_crypto_adapter.c b/app/test/test_event_crypto_adapter.c\nindex 2ecc7e2cea..9a62241371 100644\n--- a/app/test/test_event_crypto_adapter.c\n+++ b/app/test/test_event_crypto_adapter.c\n@@ -450,7 +450,7 @@ test_session_with_op_forward_mode(void)\n static int\n test_asym_op_forward_mode(uint8_t session_less)\n {\n-\tconst struct rte_cryptodev_asymmetric_xform_capability *capability;\n+\tconst struct rte_cryptodev_asymmetric_capability *capability;\n \tstruct rte_cryptodev_asym_capability_idx cap_idx;\n \tstruct rte_crypto_asym_xform xform_tc;\n \tunion rte_event_crypto_metadata m_data;\n@@ -458,6 +458,7 @@ test_asym_op_forward_mode(uint8_t session_less)\n \tstruct rte_crypto_asym_op *asym_op;\n \tstruct rte_crypto_op *op;\n \tuint8_t input[4096] = {0};\n+\tstruct rte_crypto_mod_capability mod_capa = {0};\n \tuint8_t *result = NULL;\n \tstruct rte_event ev;\n \tvoid *sess = NULL;\n@@ -503,8 +504,9 @@ test_asym_op_forward_mode(uint8_t session_less)\n \tasym_op->modex.base.length = modex_test_case.base.len;\n \tasym_op->modex.result.data = result;\n \tasym_op->modex.result.length = modex_test_case.result_len;\n-\tif (rte_cryptodev_asym_xform_capability_check_modlen(capability,\n-\t\t\txform_tc.modex.modulus.length)) {\n+\n+\tmod_capa.max_mod_size = xform_tc.modex.modulus.length;\n+\tif (!rte_cryptodev_capa_check_mod(capability, mod_capa)) {\n \t\tRTE_LOG(INFO, USER1,\n \t\t\t\"line %u FAILED: %s\", __LINE__,\n \t\t\t\"Invalid MODULUS length specified\");\n@@ -784,7 +786,7 @@ test_session_with_op_new_mode(void)\n static int\n test_asym_op_new_mode(uint8_t session_less)\n {\n-\tconst struct rte_cryptodev_asymmetric_xform_capability *capability;\n+\tconst struct rte_cryptodev_asymmetric_capability *capability;\n \tstruct rte_cryptodev_asym_capability_idx cap_idx;\n \tstruct rte_crypto_asym_xform xform_tc;\n \tunion rte_event_crypto_metadata m_data;\n@@ -792,6 +794,7 @@ test_asym_op_new_mode(uint8_t session_less)\n \tstruct rte_crypto_asym_op *asym_op;\n \tstruct rte_crypto_op *op;\n \tuint8_t input[4096] = {0};\n+\tstruct rte_crypto_mod_capability mod_capa = {0};\n \tuint8_t *result = NULL;\n \tvoid *sess = NULL;\n \tuint32_t cap;\n@@ -835,8 +838,9 @@ test_asym_op_new_mode(uint8_t session_less)\n \tasym_op->modex.base.length = modex_test_case.base.len;\n \tasym_op->modex.result.data = result;\n \tasym_op->modex.result.length = modex_test_case.result_len;\n-\tif (rte_cryptodev_asym_xform_capability_check_modlen(capability,\n-\t\t\txform_tc.modex.modulus.length)) {\n+\n+\tmod_capa.max_mod_size = xform_tc.modex.modulus.length;\n+\tif (!rte_cryptodev_capa_check_mod(capability, mod_capa)) {\n \t\tRTE_LOG(INFO, USER1,\n \t\t\t\"line %u FAILED: %s\", __LINE__,\n \t\t\t\"Invalid MODULUS length specified\");\ndiff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c\nindex 16ec5e15eb..e734fc2a69 100644\n--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c\n+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c\n@@ -7,6 +7,7 @@\n #include <rte_common.h>\n #include <rte_malloc.h>\n #include <cryptodev_pmd.h>\n+#include <rte_bitops.h>\n \n #include \"openssl_pmd_private.h\"\n #include \"compat.h\"\n@@ -470,103 +471,82 @@ static const struct rte_cryptodev_capabilities openssl_pmd_capabilities[] = {\n \t\t\t}, }\n \t\t}, }\n \t},\n-\t{\t/* RSA */\n+\t{\t/* Modular exponentiation */\n \t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n \t\t{.asym = {\n-\t\t\t.xform_capa = {\n-\t\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,\n-\t\t\t\t.op_types = ((1 << RTE_CRYPTO_ASYM_OP_SIGN) |\n-\t\t\t\t\t(1 << RTE_CRYPTO_ASYM_OP_VERIFY) |\n-\t\t\t\t\t(1 << RTE_CRYPTO_ASYM_OP_ENCRYPT) |\n-\t\t\t\t\t(1 << RTE_CRYPTO_ASYM_OP_DECRYPT)),\n-\t\t\t\t{\n-\t\t\t\t.modlen = {\n-\t\t\t\t/* min length is based on openssl rsa keygen */\n-\t\t\t\t.min = 30,\n-\t\t\t\t/* value 0 symbolizes no limit on max length */\n-\t\t\t\t.max = 0,\n-\t\t\t\t.increment = 1\n-\t\t\t\t}, }\n+\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_MODEX,\n+\t\t\t.mod = {\n+\t\t\t\t.max_mod_size = 0\n+\t\t\t\t}\n \t\t\t}\n-\t\t},\n \t\t}\n \t},\n-\t{\t/* modexp */\n+\t{\t/* Modular multiplicative inverse */\n \t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n \t\t{.asym = {\n-\t\t\t.xform_capa = {\n-\t\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_MODEX,\n-\t\t\t\t.op_types = 0,\n-\t\t\t\t{\n-\t\t\t\t.modlen = {\n-\t\t\t\t/* value 0 symbolizes no limit on min length */\n-\t\t\t\t.min = 0,\n-\t\t\t\t/* value 0 symbolizes no limit on max length */\n-\t\t\t\t.max = 0,\n-\t\t\t\t.increment = 1\n-\t\t\t\t}, }\n+\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_MODINV,\n+\t\t\t.mod = {\n+\t\t\t\t.max_mod_size = 0\n+\t\t\t\t}\n \t\t\t}\n-\t\t},\n \t\t}\n \t},\n-\t{\t/* modinv */\n+\t{\t/* RSA */\n \t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n \t\t{.asym = {\n-\t\t\t.xform_capa = {\n-\t\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_MODINV,\n-\t\t\t\t.op_types = 0,\n-\t\t\t\t{\n-\t\t\t\t.modlen = {\n-\t\t\t\t/* value 0 symbolizes no limit on min length */\n-\t\t\t\t.min = 0,\n-\t\t\t\t/* value 0 symbolizes no limit on max length */\n-\t\t\t\t.max = 0,\n-\t\t\t\t.increment = 1\n-\t\t\t\t}, }\n+\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,\n+\t\t\t.rsa = {\n+\t\t\t\t.padding =\n+\t\t\t\t\tRTE_BIT32(RTE_CRYPTO_RSA_PADDING_NONE) |\n+\t\t\t\t\tRTE_BIT32(RTE_CRYPTO_RSA_PADDING_PKCS1_5),\n+\t\t\t\t.hash =\n+\t\t\t\t\tRTE_BIT32(RTE_CRYPTO_AUTH_MD5) |\n+\t\t\t\t\tRTE_BIT32(RTE_CRYPTO_AUTH_SHA1)\t|\n+\t\t\t\t\tRTE_BIT32(RTE_CRYPTO_AUTH_SHA224) |\n+\t\t\t\t\tRTE_BIT32(RTE_CRYPTO_AUTH_SHA256) |\n+\t\t\t\t\tRTE_BIT32(RTE_CRYPTO_AUTH_SHA384) |\n+\t\t\t\t\tRTE_BIT32(RTE_CRYPTO_AUTH_SHA512),\n+\t\t\t\t.max_key_size = 0\n+\t\t\t\t}\n \t\t\t}\n-\t\t},\n \t\t}\n \t},\n-\t{\t/* dh */\n+\t{\t/* Diffie-Hellman */\n \t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n \t\t{.asym = {\n-\t\t\t.xform_capa = {\n-\t\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_DH,\n-\t\t\t\t.op_types =\n-\t\t\t\t((1<<RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE) |\n-\t\t\t\t(1 << RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE |\n-\t\t\t\t(1 <<\n-\t\t\t\tRTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE))),\n-\t\t\t\t{\n-\t\t\t\t.modlen = {\n-\t\t\t\t/* value 0 symbolizes no limit on min length */\n-\t\t\t\t.min = 0,\n-\t\t\t\t/* value 0 symbolizes no limit on max length */\n-\t\t\t\t.max = 0,\n-\t\t\t\t.increment = 1\n-\t\t\t\t}, }\n+\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_DH,\n+\t\t\t.dh = {\n+\t\t\t\t.max_group_size = 0,\n+\t\t\t\t.priv_key_gen = 1\n+\t\t\t\t}\n \t\t\t}\n-\t\t},\n \t\t}\n \t},\n-\t{\t/* dsa */\n+\t{\t/* DSA */\n \t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n \t\t{.asym = {\n-\t\t\t.xform_capa = {\n-\t\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_DSA,\n-\t\t\t\t.op_types =\n-\t\t\t\t((1<<RTE_CRYPTO_ASYM_OP_SIGN) |\n-\t\t\t\t(1 << RTE_CRYPTO_ASYM_OP_VERIFY)),\n-\t\t\t\t{\n-\t\t\t\t.modlen = {\n-\t\t\t\t/* value 0 symbolizes no limit on min length */\n-\t\t\t\t.min = 0,\n-\t\t\t\t/* value 0 symbolizes no limit on max length */\n-\t\t\t\t.max = 0,\n-\t\t\t\t.increment = 1\n-\t\t\t\t}, }\n+\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_DSA,\n+\t\t\t.dsa = {\n+\t\t\t\t.max_key_size = 0,\n+\t\t\t\t.random_k = 1\n+\t\t\t\t}\n+\t\t\t}\n+\t\t}\n+\t},\n+\t{\t/* ECDSA */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n+\t\t{.asym = {\n+\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_ECDSA,\n+\t\t\t.ecdsa = {\n+\t\t\t\t.curves =\n+\t\t\t\t\tRTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP192R1) |\n+\t\t\t\t\tRTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP224R1) |\n+\t\t\t\t\tRTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP256R1) |\n+\t\t\t\t\tRTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP384R1) |\n+\t\t\t\t\tRTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP521R1),\n+\t\t\t\t.random_k = 1\n+\t\t\t\t}\n \t\t\t}\n-\t\t},\n \t\t}\n \t},\n \ndiff --git a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c\nindex 4499fdaf2d..d5144bca84 100644\n--- a/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c\n+++ b/drivers/crypto/qat/dev/qat_asym_pmd_gen1.c\n@@ -28,16 +28,64 @@ struct rte_cryptodev_ops qat_asym_crypto_ops_gen1 = {\n };\n \n static struct rte_cryptodev_capabilities qat_asym_crypto_caps_gen1[] = {\n-\tQAT_ASYM_CAP(MODEX,\n-\t\t0, 1, 512, 1),\n-\tQAT_ASYM_CAP(MODINV,\n-\t\t0, 1, 512, 1),\n-\tQAT_ASYM_CAP(RSA,\n-\t\t\t((1 << RTE_CRYPTO_ASYM_OP_SIGN) |\n-\t\t\t(1 << RTE_CRYPTO_ASYM_OP_VERIFY) |\n-\t\t\t(1 << RTE_CRYPTO_ASYM_OP_ENCRYPT) |\n-\t\t\t(1 << RTE_CRYPTO_ASYM_OP_DECRYPT)),\n-\t\t\t64, 512, 64),\n+\t{\t/* Modular exponentiation */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n+\t\t{.asym = {\n+\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_MODEX,\n+\t\t\t.mod = {\n+\t\t\t\t.max_mod_size = 4096\n+\t\t\t\t}\n+\t\t\t}\n+\t\t}\n+\t},\n+\t{\t/* Modular multiplicative inverse */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n+\t\t{.asym = {\n+\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_MODINV,\n+\t\t\t.mod = {\n+\t\t\t\t.max_mod_size = 4096\n+\t\t\t\t}\n+\t\t\t}\n+\t\t}\n+\t},\n+\t{\t/* RSA */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n+\t\t{.asym = {\n+\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_RSA,\n+\t\t\t.rsa = {\n+\t\t\t\t.padding =\n+\t\t\t\t\tRTE_BIT32(RTE_CRYPTO_RSA_PADDING_NONE),\n+\t\t\t\t.hash = 0,\n+\t\t\t\t.max_key_size = 4096\n+\t\t\t\t}\n+\t\t\t}\n+\t\t}\n+\t},\n+\t{\t/* ECDSA */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n+\t\t{.asym = {\n+\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_ECDSA,\n+\t\t\t.ecdsa = {\n+\t\t\t\t.curves =\n+\t\t\t\t\tRTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP256R1) |\n+\t\t\t\t\tRTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP521R1),\n+\t\t\t\t.random_k = 0\n+\t\t\t\t}\n+\t\t\t}\n+\t\t}\n+\t},\n+\t{\t/* ECPM */\n+\t\t.op = RTE_CRYPTO_OP_TYPE_ASYMMETRIC,\n+\t\t{.asym = {\n+\t\t\t.xform_type = RTE_CRYPTO_ASYM_XFORM_ECPM,\n+\t\t\t.ecdsa = {\n+\t\t\t\t.curves =\n+\t\t\t\t\tRTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP256R1) |\n+\t\t\t\t\tRTE_BIT64(RTE_CRYPTO_EC_GROUP_SECP521R1)\n+\t\t\t\t}\n+\t\t\t}\n+\t\t}\n+\t},\n \tRTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()\n };\n \ndiff --git a/lib/cryptodev/rte_crypto_asym.h b/lib/cryptodev/rte_crypto_asym.h\nindex d90a7a1957..41b22450d3 100644\n--- a/lib/cryptodev/rte_crypto_asym.h\n+++ b/lib/cryptodev/rte_crypto_asym.h\n@@ -41,6 +41,14 @@ rte_crypto_asym_ke_strings[];\n extern const char *\n rte_crypto_asym_op_strings[];\n \n+/** RSA padding type name strings */\n+extern const char *\n+rte_crypto_asym_rsa_padding[];\n+\n+/** Elliptic curves name strings */\n+extern const char *\n+rte_crypto_curves_strings[];\n+\n /**\n * Buffer to hold crypto params required for asym operations.\n *\n@@ -265,6 +273,46 @@ struct rte_crypto_rsa_padding {\n \t */\n };\n \n+struct rte_crypto_mod_capability {\n+\tuint16_t max_mod_size;\n+\t/**< Maximum supported modulus size in bytes, 0 means no limit */\n+};\n+\n+struct rte_crypto_rsa_capability {\n+\tuint32_t padding;\n+\t/**< List of supported paddings */\n+\tuint32_t hash;\n+\t/**< List of supported hash functions */\n+\tuint32_t max_key_size;\n+\t/**< Maximum supported key size in bytes, 0 means no limit */\n+};\n+\n+struct rte_crypto_dh_capability {\n+\tuint16_t max_group_size;\n+\t/**< Maximum group in bytes, 0 means no limit */\n+\tuint8_t priv_key_gen;\n+\t/**< Does PMD supports private key generation generation */\n+};\n+\n+struct rte_crypto_dsa_capability {\n+\tuint16_t max_key_size;\n+\t/**< Maximum supported key size in bytes, 0 means no limit */\n+\tuint8_t random_k;\n+\t/**< Does PMD supports random 'k' generation */\n+};\n+\n+struct rte_crypto_ecdsa_capability {\n+\tuint64_t curves;\n+\t/**< Supported elliptic curve ids */\n+\tuint8_t random_k;\n+\t/**< Does PMD supports random 'k' generation */\n+};\n+\n+struct rte_crypto_ecpm_capability {\n+\tuint64_t curves;\n+\t/**< Supported elliptic curve ids */\n+};\n+\n /**\n * Asymmetric RSA transform data\n *\ndiff --git a/lib/cryptodev/rte_cryptodev.c b/lib/cryptodev/rte_cryptodev.c\nindex 57ee6b3f07..b1ad1112fe 100644\n--- a/lib/cryptodev/rte_cryptodev.c\n+++ b/lib/cryptodev/rte_cryptodev.c\n@@ -190,6 +190,27 @@ const char *rte_crypto_asym_ke_strings[] = {\n };\n \n /**\n+ * RSA padding string identifiers\n+ */\n+const char *rte_crypto_asym_rsa_padding[] = {\n+\t[RTE_CRYPTO_RSA_PADDING_NONE] = \"RTE_CRYPTO_RSA_PADDING_NONE\",\n+\t[RTE_CRYPTO_RSA_PADDING_PKCS1_5] = \"RTE_CRYPTO_RSA_PADDING_PKCS1_5\",\n+\t[RTE_CRYPTO_RSA_PADDING_OAEP] = \"RTE_CRYPTO_RSA_PADDING_OAEP\",\n+\t[RTE_CRYPTO_RSA_PADDING_PSS] = \"RTE_CRYPTO_RSA_PADDING_PSS\"\n+};\n+\n+/**\n+ * Elliptic curves string identifiers\n+ */\n+const char *rte_crypto_curves_strings[] = {\n+\t[RTE_CRYPTO_EC_GROUP_SECP192R1] = \"RTE_CRYPTO_EC_GROUP_SECP192R1\",\n+\t[RTE_CRYPTO_EC_GROUP_SECP224R1] = \"RTE_CRYPTO_EC_GROUP_SECP224R1\",\n+\t[RTE_CRYPTO_EC_GROUP_SECP256R1] = \"RTE_CRYPTO_EC_GROUP_SECP256R1\",\n+\t[RTE_CRYPTO_EC_GROUP_SECP384R1] = \"RTE_CRYPTO_EC_GROUP_SECP384R1\",\n+\t[RTE_CRYPTO_EC_GROUP_SECP521R1] = \"RTE_CRYPTO_EC_GROUP_SECP521R1\",\n+};\n+\n+/**\n * The private data structure stored in the sym session mempool private data.\n */\n struct rte_cryptodev_sym_session_pool_private_data {\n@@ -347,7 +368,7 @@ param_range_check(uint16_t size, const struct rte_crypto_param_range *range)\n \treturn -1;\n }\n \n-const struct rte_cryptodev_asymmetric_xform_capability *\n+const struct rte_cryptodev_asymmetric_capability *\n rte_cryptodev_asym_capability_get(uint8_t dev_id,\n \t\tconst struct rte_cryptodev_asym_capability_idx *idx)\n {\n@@ -363,8 +384,8 @@ rte_cryptodev_asym_capability_get(uint8_t dev_id,\n \t\tif (capability->op != RTE_CRYPTO_OP_TYPE_ASYMMETRIC)\n \t\t\tcontinue;\n \n-\t\tif (capability->asym.xform_capa.xform_type == idx->type)\n-\t\t\treturn &capability->asym.xform_capa;\n+\t\tif (capability->asym.xform_type == idx->type)\n+\t\t\treturn &capability->asym;\n \t}\n \treturn NULL;\n };\n@@ -456,6 +477,59 @@ rte_cryptodev_asym_xform_capability_check_modlen(\n \treturn 0;\n }\n \n+int\n+rte_cryptodev_capa_check_mod(\n+\tconst struct rte_cryptodev_asymmetric_capability *capa,\n+\tstruct rte_crypto_mod_capability mod)\n+{\n+\tif (capa->mod.max_mod_size == 0)\n+\t\treturn 1;\n+\n+\tif (mod.max_mod_size <= capa->mod.max_mod_size)\n+\t\treturn 1;\n+\telse\n+\t\treturn 0;\n+}\n+\n+int\n+rte_cryptodev_capa_check_rsa(\n+\tconst struct rte_cryptodev_asymmetric_capability *capa,\n+\tstruct rte_crypto_rsa_capability rsa)\n+{\n+\tif (rsa.padding != (capa->rsa.padding & rsa.padding))\n+\t\treturn 0;\n+\tif (rsa.hash != (capa->rsa.hash & rsa.hash))\n+\t\treturn 0;\n+\tif (capa->rsa.max_key_size == 0)\n+\t\treturn 1;\n+\tif (rsa.max_key_size <= capa->rsa.max_key_size)\n+\t\treturn 1;\n+\telse\n+\t\treturn 0;\n+}\n+\n+int\n+rte_cryptodev_capa_check_ecdsa(\n+\tconst struct rte_cryptodev_asymmetric_capability *capa,\n+\tstruct rte_crypto_ecdsa_capability ecdsa)\n+{\n+\tif (ecdsa.curves != (capa->ecdsa.curves & ecdsa.curves))\n+\t\treturn 0;\n+\tif (ecdsa.random_k == 1 && capa->ecdsa.random_k == 0)\n+\t\treturn 0;\n+\treturn 1;\n+}\n+\n+int\n+rte_cryptodev_capa_check_ecpm(\n+\tconst struct rte_cryptodev_asymmetric_capability *capa,\n+\tstruct rte_crypto_ecpm_capability ecpm)\n+{\n+\tif (ecpm.curves != (capa->ecpm.curves & ecpm.curves))\n+\t\treturn 0;\n+\treturn 1;\n+}\n+\n /* spinlock for crypto device enq callbacks */\n static rte_spinlock_t rte_cryptodev_callback_lock = RTE_SPINLOCK_INITIALIZER;\n \ndiff --git a/lib/cryptodev/rte_cryptodev.h b/lib/cryptodev/rte_cryptodev.h\nindex 2c2c2edeb7..6c5bd819b2 100644\n--- a/lib/cryptodev/rte_cryptodev.h\n+++ b/lib/cryptodev/rte_cryptodev.h\n@@ -184,6 +184,19 @@ struct rte_cryptodev_asymmetric_xform_capability {\n *\n */\n struct rte_cryptodev_asymmetric_capability {\n+\tenum rte_crypto_asym_xform_type xform_type;\n+\t/**< Asymmetric transform type */\n+\tuint32_t op_types;\n+\t/**< bitmask for supported rte_crypto_asym_op_type */\n+\tunion {\n+\t\tstruct rte_crypto_mod_capability mod;\n+\t\tstruct rte_crypto_rsa_capability rsa;\n+\t\tstruct rte_crypto_dh_capability dh;\n+\t\tstruct rte_crypto_dsa_capability dsa;\n+\t\tstruct rte_crypto_ecdsa_capability ecdsa;\n+\t\tstruct rte_crypto_ecpm_capability ecpm;\n+\t};\n+\n \tstruct rte_cryptodev_asymmetric_xform_capability xform_capa;\n };\n \n@@ -247,7 +260,7 @@ rte_cryptodev_sym_capability_get(uint8_t dev_id,\n * - Return NULL if the capability not exist.\n */\n __rte_experimental\n-const struct rte_cryptodev_asymmetric_xform_capability *\n+const struct rte_cryptodev_asymmetric_capability *\n rte_cryptodev_asym_capability_get(uint8_t dev_id,\n \t\tconst struct rte_cryptodev_asym_capability_idx *idx);\n \n@@ -339,6 +352,66 @@ rte_cryptodev_asym_xform_capability_check_modlen(\n \t\tuint16_t modlen);\n \n /**\n+ * Check if requested Modexp features are supported\n+ *\n+ * @param\tcapability\tDescription of the asymmetric crypto capability.\n+ * @param\tmod\t\tModexp requested capability.\n+ *\n+ * @return\n+ * - Return 1 if the parameters are in range of the capability.\n+ * - Return 0 if the parameters are out of range of the capability.\n+ */\n+__rte_experimental\n+int\n+rte_cryptodev_capa_check_mod(\n+\tconst struct rte_cryptodev_asymmetric_capability *capa,\n+\tstruct rte_crypto_mod_capability mod);\n+/**\n+ * Check if requested RSA features are supported\n+ *\n+ * @param\tcapability\tDescription of the asymmetric crypto capability.\n+ * @param\trsa\t\tRSA requested capability.\n+ *\n+ * @return\n+ * - Return 1 if the parameters are in range of the capability.\n+ * - Return 0 if the parameters are out of range of the capability.\n+ */\n+__rte_experimental\n+int\n+rte_cryptodev_capa_check_rsa(\n+\tconst struct rte_cryptodev_asymmetric_capability *capa,\n+\tstruct rte_crypto_rsa_capability rsa);\n+/**\n+ * Check if requested ECDSA features are supported\n+ *\n+ * @param\tcapability\tDescription of the asymmetric crypto capability.\n+ * @param\tecdsa\t\tECDSA requested capability.\n+ *\n+ * @return\n+ * - Return 1 if the parameters are in range of the capability.\n+ * - Return 0 if the parameters are out of range of the capability.\n+ */\n+__rte_experimental\n+int\n+rte_cryptodev_capa_check_ecdsa(\n+\tconst struct rte_cryptodev_asymmetric_capability *capa,\n+\tstruct rte_crypto_ecdsa_capability ecdsa);\n+/**\n+ * Check if requested ECPM features are supported\n+ *\n+ * @param\tcapability\tDescription of the asymmetric crypto capability.\n+ * @param\tecpm\t\tECPM requested capability.\n+ *\n+ * @return\n+ * - Return 1 if the parameters are in range of the capability.\n+ * - Return 0 if the parameters are out of range of the capability.\n+ */\n+__rte_experimental\n+int\n+rte_cryptodev_capa_check_ecpm(\n+\tconst struct rte_cryptodev_asymmetric_capability *capa,\n+\tstruct rte_crypto_ecpm_capability ecpm);\n+/**\n * Provide the cipher algorithm enum, given an algorithm string\n *\n * @param\talgo_enum\tA pointer to the cipher algorithm\ndiff --git a/lib/cryptodev/version.map b/lib/cryptodev/version.map\nindex f0abfaa47d..4d93b9a947 100644\n--- a/lib/cryptodev/version.map\n+++ b/lib/cryptodev/version.map\n@@ -108,6 +108,10 @@ EXPERIMENTAL {\n \n \t#added in 22.07\n \trte_cryptodev_session_event_mdata_set;\n+\trte_cryptodev_capa_check_mod;\n+\trte_cryptodev_capa_check_rsa;\n+\trte_cryptodev_capa_check_ecdsa;\n+\trte_cryptodev_capa_check_ecpm;\n };\n \n INTERNAL {\n", "prefixes": [ "v2", "14/14" ] }