Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/56039/?format=api
{ "id": 56039, "url": "http://patches.dpdk.org/api/patches/56039/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20190703153759.1508-2-arkadiuszx.kusztal@intel.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20190703153759.1508-2-arkadiuszx.kusztal@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20190703153759.1508-2-arkadiuszx.kusztal@intel.com", "date": "2019-07-03T15:37:57", "name": "[v2,1/3] cryptodev: rework api of rsa algorithm", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "063af5eb7e76b7363d84e5389a13dad377f4b77e", "submitter": { "id": 452, "url": "http://patches.dpdk.org/api/people/452/?format=api", "name": "Arkadiusz Kusztal", "email": "arkadiuszx.kusztal@intel.com" }, "delegate": { "id": 6690, "url": "http://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20190703153759.1508-2-arkadiuszx.kusztal@intel.com/mbox/", "series": [ { "id": 5316, "url": "http://patches.dpdk.org/api/series/5316/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=5316", "date": "2019-07-03T15:37:56", "name": "Rework API for RSA algorithm in asymmetric crypto", "version": 2, "mbox": "http://patches.dpdk.org/series/5316/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/56039/comments/", "check": "fail", "checks": "http://patches.dpdk.org/api/patches/56039/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@dpdk.org", "Delivered-To": "patchwork@dpdk.org", "Received": [ "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 465C22C38;\n\tWed, 3 Jul 2019 17:39:10 +0200 (CEST)", "from mga06.intel.com (mga06.intel.com [134.134.136.31])\n\tby dpdk.org (Postfix) with ESMTP id 9318B2956\n\tfor <dev@dpdk.org>; Wed, 3 Jul 2019 17:39:08 +0200 (CEST)", "from fmsmga001.fm.intel.com ([10.253.24.23])\n\tby orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t03 Jul 2019 08:39:07 -0700", "from damiannx-mobl1.ger.corp.intel.com (HELO\n\takusztax-MOBL.ger.corp.intel.com) ([10.104.14.182])\n\tby fmsmga001.fm.intel.com with ESMTP; 03 Jul 2019 08:39:05 -0700" ], "X-Amp-Result": "SKIPPED(no attachment in message)", "X-Amp-File-Uploaded": "False", "X-ExtLoop1": "1", "X-IronPort-AV": "E=Sophos;i=\"5.63,446,1557212400\"; d=\"scan'208\";a=\"184788144\"", "From": "Arek Kusztal <arkadiuszx.kusztal@intel.com>", "To": "dev@dpdk.org", "Cc": "akhil.goyal@nxp.com, fiona.trahe@intel.com,\n\tshally.verma@caviumnetworks.com,\n\tArek Kusztal <arkadiuszx.kusztal@intel.com>", "Date": "Wed, 3 Jul 2019 17:37:57 +0200", "Message-Id": "<20190703153759.1508-2-arkadiuszx.kusztal@intel.com>", "X-Mailer": "git-send-email 2.19.1.windows.1", "In-Reply-To": "<20190703153759.1508-1-arkadiuszx.kusztal@intel.com>", "References": "<20190703153759.1508-1-arkadiuszx.kusztal@intel.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Subject": "[dpdk-dev] [PATCH v2 1/3] cryptodev: rework api of rsa algorithm", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "This patch reworks API of RSA algorithm.\nMajor changes:\n- Cipher field was introduced\n- Field for singature verification when padding none selected was added\n- Padding union was created\n- PKCS1-v1_5 Block type 0 was removed\n- Fixed comments about prime numbers\n- Added guide to use none padding\n\nSigned-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>\n---\n lib/librte_cryptodev/rte_crypto_asym.h | 150 ++++++++++++++++++++++++++-------\n 1 file changed, 118 insertions(+), 32 deletions(-)", "diff": "diff --git a/lib/librte_cryptodev/rte_crypto_asym.h b/lib/librte_cryptodev/rte_crypto_asym.h\nindex 8672f21..486399c 100644\n--- a/lib/librte_cryptodev/rte_crypto_asym.h\n+++ b/lib/librte_cryptodev/rte_crypto_asym.h\n@@ -111,23 +111,21 @@ enum rte_crypto_asym_op_type {\n */\n enum rte_crypto_rsa_padding_type {\n \tRTE_CRYPTO_RSA_PADDING_NONE = 0,\n-\t/**< RSA no padding scheme */\n-\tRTE_CRYPTO_RSA_PKCS1_V1_5_BT0,\n-\t/**< RSA PKCS#1 V1.5 Block Type 0 padding scheme\n-\t * as described in rfc2313\n+\t/**< RSA no padding scheme.\n+\t * In this case user is responsible for provision and verification\n+\t * of padding.\n \t */\n-\tRTE_CRYPTO_RSA_PKCS1_V1_5_BT1,\n-\t/**< RSA PKCS#1 V1.5 Block Type 01 padding scheme\n-\t * as described in rfc2313\n-\t */\n-\tRTE_CRYPTO_RSA_PKCS1_V1_5_BT2,\n-\t/**< RSA PKCS#1 V1.5 Block Type 02 padding scheme\n-\t * as described in rfc2313\n+\tRTE_CRYPTO_RSA_PADDING_PKCS1,\n+\t/**< RSA PKCS#1 PKCS1-v1_5 padding scheme. For signatures block type 01,\n+\t * for encryption block type 02 are used.\n \t */\n \tRTE_CRYPTO_RSA_PADDING_OAEP,\n-\t/**< RSA PKCS#1 OAEP padding scheme */\n+\t/**< RSA PKCS#1 OAEP padding scheme, can be used only for encryption/\n+\t * decryption.\n+\t */\n \tRTE_CRYPTO_RSA_PADDING_PSS,\n-\t/**< RSA PKCS#1 PSS padding scheme */\n+\t/**< RSA PKCS#1 PSS padding scheme, can be used only for signatures.\n+\t */\n \tRTE_CRYPTO_RSA_PADDING_TYPE_LIST_END\n };\n \n@@ -199,8 +197,8 @@ struct rte_crypto_rsa_priv_key_qt {\n */\n struct rte_crypto_rsa_xform {\n \trte_crypto_param n;\n-\t/**< n - Prime modulus\n-\t * Prime modulus data of RSA operation in Octet-string network\n+\t/**< n - Modulus\n+\t * Modulus data of RSA operation in Octet-string network\n \t * byte order format.\n \t */\n \n@@ -397,9 +395,36 @@ struct rte_crypto_rsa_op_param {\n \t/**<\n \t * Pointer to data\n \t * - to be encrypted for RSA public encrypt.\n-\t * - to be decrypted for RSA private decrypt.\n \t * - to be signed for RSA sign generation.\n \t * - to be authenticated for RSA sign verification.\n+\t *\n+\t * Octet-string network byte order format.\n+\t *\n+\t * This field is an input to RTE_CRYPTO_ASYM_OP_ENCRYPT\n+\t * operation, and output to RTE_CRYPTO_ASYM_OP_DECRYPT operation.\n+\t *\n+\t * When RTE_CRYPTO_ASYM_OP_DECRYPT op_type used length in bytes\n+\t * of this field needs to be greater or equal to the length of\n+\t * corresponding RSA key in bytes.\n+\t *\n+\t * When padding field is set to RTE_CRYPTO_RSA_PADDING_NONE\n+\t * returned data size will be equal to the size of RSA key\n+\t * in bytes. All leading zeroes will be preserved.\n+\t */\n+\n+\trte_crypto_param cipher;\n+\t/**<\n+\t * Pointer to data\n+\t * - to be decrypted for RSA private decrypt.\n+\t *\n+\t * Octet-string network byte order format.\n+\t *\n+\t * This field is an input to RTE_CRYPTO_ASYM_OP_DECRYPT\n+\t * operation, and output to RTE_CRYPTO_ASYM_OP_ENCRYPT operation.\n+\t *\n+\t * When RTE_CRYPTO_ASYM_OP_ENCRYPT op_type used length in bytes\n+\t * of this field needs to be greater or equal to the length of\n+\t * corresponding RSA key in bytes.\n \t */\n \n \trte_crypto_param sign;\n@@ -408,27 +433,88 @@ struct rte_crypto_rsa_op_param {\n \t * sign @ref RTE_CRYPTO_ASYM_OP_SIGN, buffer will be\n \t * over-written with generated signature.\n \t *\n-\t * Length of the signature data will be equal to the\n-\t * RSA prime modulus length.\n+\t * Octet-string network byte order format.\n+\t *\n+\t * When RTE_CRYPTO_ASYM_OP_SIGN op_type used length in bytes\n+\t * of this field needs to be greater or equal to the length of\n+\t * corresponding RSA key in bytes.\n \t */\n \n-\tenum rte_crypto_rsa_padding_type pad;\n-\t/**< RSA padding scheme to be used for transform */\n-\n-\tenum rte_crypto_auth_algorithm md;\n-\t/**< Hash algorithm to be used for data hash if padding\n-\t * scheme is either OAEP or PSS. Valid hash algorithms\n-\t * are:\n-\t * MD5, SHA1, SHA224, SHA256, SHA384, SHA512\n+\trte_crypto_param message_to_verify;\n+\t/**<\n+\t * Pointer to the message 'm' that was signed with\n+\t * RSASP1 in RFC8017. It is the result of operation RSAVP1\n+\t * defined in RFC8017, where field `sign` is the input\n+\t * parameter `s`.\n+\t *\n+\t * Used only when padding type is set to RTE_CRYPTO_RSA_PADDING_NONE\n+\t * and `op_type` is set to RTE_CRYPTO_ASYM_OP_VERIFY.\n+\t *\n+\t * Returned data size will be equal to the size of RSA key\n+\t * in bytes. All leading zeroes will be preserved.\n+\t *\n+\t * When RTE_CRYPTO_ASYM_OP_VERIFY op_type used length in bytes\n+\t * of this field needs to be greater or equal to the length of\n+\t * corresponding RSA key in bytes.\n \t */\n \n-\tenum rte_crypto_auth_algorithm mgf1md;\n+\tenum rte_crypto_rsa_padding_type padding;\n+\t/**<\n+\t * In case RTE_CRYPTO_RSA_PADDING_PKCS1 is selected,\n+\t * driver will distinguish between block type basing\n+\t * on rte_crypto_asym_op_type of the operation.\n+\t *\n+\t * Which padding type is supported by the driver can be\n+\t * found in in specific driver guide.\n+\t */\n+\tenum rte_crypto_auth_algorithm padding_hash;\n+\t/**<\n+\t * -\tFor PKCS1-v1_5 signature (Block type 01) this field\n+\t * represents hash function that will be used to create\n+\t * message hash.\n+\t *\n+\t * -\tFor OAEP this field represents hash function that will\n+\t * be used to produce hash of the optional label.\n+\t *\n+\t * -\tFor PSS this field represents hash function that will be used\n+\t * to produce hash (mHash) of message M and of M' (padding1 | mHash | salt)\n+\t *\n+\t * If not set driver will use default value.\n+\t */\n+\tunion {\n+\t\tstruct {\n+\t\t\tenum rte_crypto_auth_algorithm mgf;\n+\t\t\t/**<\n+\t\t\t * Mask genereation function hash algorithm.\n+\t\t\t *\n+\t\t\t * If not set driver will use default value.\n+\t\t\t */\n+\t\t\trte_crypto_param label;\n+\t\t\t/**<\n+\t\t\t * Optional label, if driver does not support\n+\t\t\t * this option, optional label is just an empty string.\n+\t\t\t */\n+\t\t} OAEP;\n+\t\tstruct {\n+\t\t\tenum rte_crypto_auth_algorithm mgf;\n+\t\t\t/**<\n+\t\t\t * Mask genereation function hash algorithm.\n+\t\t\t *\n+\t\t\t * If not set driver will use default value.\n+\t\t\t */\n+\t\t\tint seed_len;\n+\t\t\t/**<\n+\t\t\t * Intended seed length. Nagative number has special\n+\t\t\t * value as follows:\n+\t\t\t * -1 : seed len = length of output ot used hash function\n+\t\t\t * -2 : seed len is maximized\n+\t\t\t */\n+\t\t} PSS;\n+\t};\n \t/**<\n-\t * Hash algorithm to be used for mask generation if\n-\t * padding scheme is either OAEP or PSS. If padding\n-\t * scheme is unspecified data hash algorithm is used\n-\t * for mask generation. Valid hash algorithms are:\n-\t * MD5, SHA1, SHA224, SHA256, SHA384, SHA512\n+\t * Padding type of RSA crypto operation.\n+\t * What are random number generator requirements and prequisites\n+\t * can be found specific driver guide.\n \t */\n };\n \n", "prefixes": [ "v2", "1/3" ] }