[v3,09/11] cryptodev: add RSA padding none description
Checks
Commit Message
This patch adds RSA padding none description.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
lib/librte_cryptodev/rte_crypto_asym.h | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
Comments
> -----Original Message-----
> From: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> Sent: Wednesday, July 17, 2019 12:23 AM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; fiona.trahe@intel.com; Shally Verma
> <shallyv@marvell.com>; Arek Kusztal <arkadiuszx.kusztal@intel.com>
> Subject: [EXT] [PATCH v3 09/11] cryptodev: add RSA padding none
> description
>
> External Email
>
> ----------------------------------------------------------------------
> This patch adds RSA padding none description.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> ---
> lib/librte_cryptodev/rte_crypto_asym.h | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/lib/librte_cryptodev/rte_crypto_asym.h
> b/lib/librte_cryptodev/rte_crypto_asym.h
> index 5026042..7f630f0 100644
> --- a/lib/librte_cryptodev/rte_crypto_asym.h
> +++ b/lib/librte_cryptodev/rte_crypto_asym.h
> @@ -90,7 +90,10 @@ enum rte_crypto_asym_xform_type {
> */
> enum rte_crypto_asym_op_type {
> RTE_CRYPTO_ASYM_OP_ENCRYPT,
> - /**< Asymmetric Encrypt operation */
> + /**< RSA no padding scheme.
> + * In this case user is responsible for provision and verification
> + * of padding.
> + */
> RTE_CRYPTO_ASYM_OP_DECRYPT,
> /**< Asymmetric Decrypt operation */
> RTE_CRYPTO_ASYM_OP_SIGN,
> @@ -409,6 +412,11 @@ struct rte_crypto_rsa_op_param {
> * - padding PSS
> * data provided should contain message digest of the message
> * to be signed
> + *
> + * When padding field is set to RTE_CRYPTO_RSA_PADDING_NONE
> + * and RTE_CRYPTO_ASYM_OP_DECRYPT op_type used returned
> data size
> + * will be equal to the size of RSA key in bytes. All leading
> + * zeroes will be preserved.
[Shally] its bit unclear here. So, app is supposed to pass buffer with padding removed or padding intact? Are leading 0's padding bytes?
If so, I believe app can use any kind of padding, BT2 or OAEP so it does not have to be necessarily 0. Or
May be I am missing some info here. Could you point me to source which says, for padding none, data will always be padded with leading 0s?
> */
>
>
> --
> 2.1.0
> -----Original Message-----
> From: Shally Verma [mailto:shallyv@marvell.com]
> Sent: Wednesday, July 17, 2019 12:18 PM
> To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Trahe, Fiona <fiona.trahe@intel.com>
> Subject: RE: [EXT] [PATCH v3 09/11] cryptodev: add RSA padding none
> description
>
>
>
> > -----Original Message-----
> > From: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> > Sent: Wednesday, July 17, 2019 12:23 AM
> > To: dev@dpdk.org
> > Cc: akhil.goyal@nxp.com; fiona.trahe@intel.com; Shally Verma
> > <shallyv@marvell.com>; Arek Kusztal <arkadiuszx.kusztal@intel.com>
> > Subject: [EXT] [PATCH v3 09/11] cryptodev: add RSA padding none
> > description
> >
> > External Email
> >
> > ----------------------------------------------------------------------
> > This patch adds RSA padding none description.
> >
> > Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
> > ---
> > lib/librte_cryptodev/rte_crypto_asym.h | 10 +++++++++-
> > 1 file changed, 9 insertions(+), 1 deletion(-)
> >
> > diff --git a/lib/librte_cryptodev/rte_crypto_asym.h
> > b/lib/librte_cryptodev/rte_crypto_asym.h
> > index 5026042..7f630f0 100644
> > --- a/lib/librte_cryptodev/rte_crypto_asym.h
> > +++ b/lib/librte_cryptodev/rte_crypto_asym.h
> > @@ -90,7 +90,10 @@ enum rte_crypto_asym_xform_type {
> > */
> > enum rte_crypto_asym_op_type {
> > RTE_CRYPTO_ASYM_OP_ENCRYPT,
> > - /**< Asymmetric Encrypt operation */
> > + /**< RSA no padding scheme.
> > + * In this case user is responsible for provision and verification
> > + * of padding.
> > + */
> > RTE_CRYPTO_ASYM_OP_DECRYPT,
> > /**< Asymmetric Decrypt operation */
> > RTE_CRYPTO_ASYM_OP_SIGN,
> > @@ -409,6 +412,11 @@ struct rte_crypto_rsa_op_param {
> > * - padding PSS
> > * data provided should contain message digest of the message
> > * to be signed
> > + *
> > + * When padding field is set to RTE_CRYPTO_RSA_PADDING_NONE
> > + * and RTE_CRYPTO_ASYM_OP_DECRYPT op_type used returned
> > data size
> > + * will be equal to the size of RSA key in bytes. All leading
> > + * zeroes will be preserved.
> [Shally] its bit unclear here. So, app is supposed to pass buffer with padding
> removed or padding intact? Are leading 0's padding bytes?
> If so, I believe app can use any kind of padding, BT2 or OAEP so it does not
> have to be necessarily 0. Or May be I am missing some info here. Could you
> point me to source which says, for padding none, data will always be padded
> with leading 0s?
>
OEAP, PKCS1_5 have leading zero.
Example:
We decrypt message that was encrypted using pkcs1_5 padding but we use PADDING_NONE (let say pmd does not support others). We decrypted P = (0x0 | 0x02 | PS| 0x0 | Message) then user would use some padding check function let say openssl RSA_padding_check_PKCS1_type_2. This function will fail if first byte (p[0]) is not equal to zero. So we cannot trim. Openssl behaves exactly this way so does our driver. It is only hint that zeroes should not be trimmed.
> > */
> >
> >
> > --
> > 2.1.0
@@ -90,7 +90,10 @@ enum rte_crypto_asym_xform_type {
*/
enum rte_crypto_asym_op_type {
RTE_CRYPTO_ASYM_OP_ENCRYPT,
- /**< Asymmetric Encrypt operation */
+ /**< RSA no padding scheme.
+ * In this case user is responsible for provision and verification
+ * of padding.
+ */
RTE_CRYPTO_ASYM_OP_DECRYPT,
/**< Asymmetric Decrypt operation */
RTE_CRYPTO_ASYM_OP_SIGN,
@@ -409,6 +412,11 @@ struct rte_crypto_rsa_op_param {
* - padding PSS
* data provided should contain message digest of the message
* to be signed
+ *
+ * When padding field is set to RTE_CRYPTO_RSA_PADDING_NONE
+ * and RTE_CRYPTO_ASYM_OP_DECRYPT op_type used returned data size
+ * will be equal to the size of RSA key in bytes. All leading
+ * zeroes will be preserved.
*/