Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/53954/?format=api
{ "id": 53954, "url": "https://patches.dpdk.org/api/patches/53954/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/patch/20190531135231.10836-2-arkadiuszx.kusztal@intel.com/", "project": { "id": 1, "url": "https://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20190531135231.10836-2-arkadiuszx.kusztal@intel.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20190531135231.10836-2-arkadiuszx.kusztal@intel.com", "date": "2019-05-31T13:52:29", "name": "[1/3] cryptodev: rework api of rsa algorithm", "commit_ref": null, "pull_url": null, "state": "changes-requested", "archived": true, "hash": "0229af5ca6fc9a702c079c3790d67c71fd6678d5", "submitter": { "id": 452, "url": "https://patches.dpdk.org/api/people/452/?format=api", "name": "Arkadiusz Kusztal", "email": "arkadiuszx.kusztal@intel.com" }, "delegate": { "id": 6690, "url": "https://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "https://patches.dpdk.org/project/dpdk/patch/20190531135231.10836-2-arkadiuszx.kusztal@intel.com/mbox/", "series": [ { "id": 4838, "url": "https://patches.dpdk.org/api/series/4838/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/list/?series=4838", "date": "2019-05-31T13:52:28", "name": "Rework API for RSA algorithm in asymmetric crypto", "version": 1, "mbox": "https://patches.dpdk.org/series/4838/mbox/" } ], "comments": "https://patches.dpdk.org/api/patches/53954/comments/", "check": "fail", "checks": "https://patches.dpdk.org/api/patches/53954/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@dpdk.org", "Delivered-To": "patchwork@dpdk.org", "Received": [ "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 51AE31B951;\n\tFri, 31 May 2019 15:54:00 +0200 (CEST)", "from mga09.intel.com (mga09.intel.com [134.134.136.24])\n\tby dpdk.org (Postfix) with ESMTP id E88901B94B\n\tfor <dev@dpdk.org>; Fri, 31 May 2019 15:53:58 +0200 (CEST)", "from fmsmga002.fm.intel.com ([10.253.24.26])\n\tby orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;\n\t31 May 2019 06:53:57 -0700", "from akusztax-mobl.ger.corp.intel.com ([10.104.14.178])\n\tby fmsmga002.fm.intel.com with ESMTP; 31 May 2019 06:53:55 -0700" ], "X-Amp-Result": "SKIPPED(no attachment in message)", "X-Amp-File-Uploaded": "False", "X-ExtLoop1": "1", "X-IronPort-AV": "E=Sophos;i=\"5.60,535,1549958400\"; d=\"scan'208\";a=\"180330582\"", "From": "Arek Kusztal <arkadiuszx.kusztal@intel.com>", "To": "dev@dpdk.org", "Cc": "akhil.goyal@nxp.com, fiona.trahe@intel.com,\n\tshally.verma@caviumnetworks.com,\n\tArek Kusztal <arkadiuszx.kusztal@intel.com>", "Date": "Fri, 31 May 2019 15:52:29 +0200", "Message-Id": "<20190531135231.10836-2-arkadiuszx.kusztal@intel.com>", "X-Mailer": "git-send-email 2.19.1.windows.1", "In-Reply-To": "<20190531135231.10836-1-arkadiuszx.kusztal@intel.com>", "References": "<20190531135231.10836-1-arkadiuszx.kusztal@intel.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Subject": "[dpdk-dev] [PATCH 1/3] cryptodev: rework api of rsa algorithm", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.15", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n\t<mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n\t<mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "This patch reworks API of RSA algorithm.\nMajor changes:\n- Cipher field was introduced\n- Padding struct was created\n- PKCS1-v1_5 Block type 0 was removed\n- Fixed comments about prime numbers\n\nSigned-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>\n---\n lib/librte_cryptodev/rte_crypto_asym.h | 149 +++++++++++++++++++++++++--------\n 1 file changed, 114 insertions(+), 35 deletions(-)", "diff": "diff --git a/lib/librte_cryptodev/rte_crypto_asym.h b/lib/librte_cryptodev/rte_crypto_asym.h\nindex 8672f21..bb94fa5 100644\n--- a/lib/librte_cryptodev/rte_crypto_asym.h\n+++ b/lib/librte_cryptodev/rte_crypto_asym.h\n@@ -111,23 +111,33 @@ enum rte_crypto_asym_op_type {\n */\n enum rte_crypto_rsa_padding_type {\n \tRTE_CRYPTO_RSA_PADDING_NONE = 0,\n-\t/**< RSA no padding scheme */\n-\tRTE_CRYPTO_RSA_PKCS1_V1_5_BT0,\n-\t/**< RSA PKCS#1 V1.5 Block Type 0 padding scheme\n-\t * as described in rfc2313\n-\t */\n-\tRTE_CRYPTO_RSA_PKCS1_V1_5_BT1,\n-\t/**< RSA PKCS#1 V1.5 Block Type 01 padding scheme\n-\t * as described in rfc2313\n-\t */\n-\tRTE_CRYPTO_RSA_PKCS1_V1_5_BT2,\n-\t/**< RSA PKCS#1 V1.5 Block Type 02 padding scheme\n-\t * as described in rfc2313\n+\t/**< RSA no padding scheme.\n+\t * In this case user is responsible for providing and verification\n+\t * of padding.\n+\t * In case RTE_CRYPTO_ASYM_OP_VERIFY op type is used if no\n+\t * problems in public key 'encryption' detected driver SHALL return\n+\t * RTE_CRYPTO_OP_STATUS_SUCCESS. But it is USER RESPONSABILITY to\n+\t * remove padding and verify signature.\n+\t */\n+\tRTE_CRYPTO_RSA_PADDING_PKCS1,\n+\t/**< RSA PKCS#1 PKCS1-v1_5 padding scheme. For signatures block type 01,\n+\t * for encryption block type 02 are used.\n+\t *\n+\t * In case RTE_CRYPTO_ASYM_OP_VERIFY op type is used crypto op status\n+\t * is set to RTE_CRYPTO_OP_STATUS_SUCCESS when signature is properly\n+\t * verified, RTE_CRYPTO_OP_STATUS_ERROR when it failed.\n \t */\n \tRTE_CRYPTO_RSA_PADDING_OAEP,\n-\t/**< RSA PKCS#1 OAEP padding scheme */\n+\t/**< RSA PKCS#1 OAEP padding scheme, can be used only for encryption/\n+\t * decryption.\n+\t */\n \tRTE_CRYPTO_RSA_PADDING_PSS,\n-\t/**< RSA PKCS#1 PSS padding scheme */\n+\t/**< RSA PKCS#1 PSS padding scheme, can be used only for signatures.\n+\t *\n+\t * Crypto op status is set to RTE_CRYPTO_OP_STATUS_SUCCESS\n+\t * when signature is properly verified, RTE_CRYPTO_OP_STATUS_ERROR\n+\t * when it failed.\n+\t */\n \tRTE_CRYPTO_RSA_PADDING_TYPE_LIST_END\n };\n \n@@ -199,8 +209,8 @@ struct rte_crypto_rsa_priv_key_qt {\n */\n struct rte_crypto_rsa_xform {\n \trte_crypto_param n;\n-\t/**< n - Prime modulus\n-\t * Prime modulus data of RSA operation in Octet-string network\n+\t/**< n - Modulus\n+\t * Modulus data of RSA operation in Octet-string network\n \t * byte order format.\n \t */\n \n@@ -397,11 +407,23 @@ struct rte_crypto_rsa_op_param {\n \t/**<\n \t * Pointer to data\n \t * - to be encrypted for RSA public encrypt.\n-\t * - to be decrypted for RSA private decrypt.\n \t * - to be signed for RSA sign generation.\n \t * - to be authenticated for RSA sign verification.\n \t */\n \n+\trte_crypto_param cipher;\n+\t/**<\n+\t * Pointer to data\n+\t * - to be decrypted for RSA private decrypt.\n+\t *\n+\t * When RTE_CRYPTO_ASYM_OP_ENCRYPT op_type used size in bytes\n+\t * of this field need to be equal to the size of corresponding\n+\t * RSA key. Returned data is in Big-Endian format which means\n+\t * that Least-Significant byte will be placed at top byte of an array\n+\t * (at message.data[message.length - 1]), cipher.length SHALL\n+\t * therefore remain unchanged.\n+\t */\n+\n \trte_crypto_param sign;\n \t/**<\n \t * Pointer to RSA signature data. If operation is RSA\n@@ -410,25 +432,82 @@ struct rte_crypto_rsa_op_param {\n \t *\n \t * Length of the signature data will be equal to the\n \t * RSA prime modulus length.\n-\t */\n-\n-\tenum rte_crypto_rsa_padding_type pad;\n-\t/**< RSA padding scheme to be used for transform */\n-\n-\tenum rte_crypto_auth_algorithm md;\n-\t/**< Hash algorithm to be used for data hash if padding\n-\t * scheme is either OAEP or PSS. Valid hash algorithms\n-\t * are:\n-\t * MD5, SHA1, SHA224, SHA256, SHA384, SHA512\n-\t */\n-\n-\tenum rte_crypto_auth_algorithm mgf1md;\n+\t *\n+\t * Returned data is in Big-Endian format which means\n+\t * that Least-Significant byte will be placed at top byte of an array\n+\t * (at message.data[message.length - 1]), sign.length SHALL\n+\t * therefore remain unchanged.\n+\t */\n+\n+\tstruct {\n+\t\tenum rte_crypto_rsa_padding_type type;\n+\t\t/**<\n+\t\t * In case RTE_CRYPTO_RSA_PADDING_PKCS1 is selected,\n+\t\t * driver will distinguish between block type basing\n+\t\t * on rte_crypto_asym_op_type of the operation.\n+\t\t *\n+\t\t * Which padding type is supported by the driver SHALL be\n+\t\t * available in in specific driver guide or capabilities.\n+\t\t */\n+\t\tenum rte_crypto_auth_algorithm hash;\n+\t\t/**<\n+\t\t * -\tFor PKCS1-v1_5 signature (Block type 01) this field\n+\t\t * represents hash function that will be used to create\n+\t\t * message hash. This hash will be then concatenated with\n+\t\t * hash algorithm identifier into DER encoded sequence.\n+\t\t * If RTE_CRYPTO_HASH_INVALID is set, driver default will be set.\n+\t\t * If RTE_CRYPTO_HASH_NONE is set, message will be signed as it is.\n+\t\t *\n+\t\t * -\tFor OAEP this field represents hash function that will\n+\t\t * be used to produce hash of the optional label.\n+\t\t * If RTE_CRYPTO_HASH_INVALID or RTE_CRYPTO_HASH_NONE is set\n+\t\t * driver will use default value. For OAEP usually it is SHA-1.\n+\t\t *\n+\t\t * -\tFor PSS this field represents hash function that will be used\n+\t\t * to produce hash (mHash) of message M and of M' (padding1 | mHash | salt)\n+\t\t * If RTE_CRYPTO_HASH_INVALID or RTE_CRYPTO_HASH_NONE is set\n+\t\t * driver will use default value.\n+\t\t *\n+\t\t * -\tIf driver supports only one function RTE_CRYPTO_HASH_NONE\n+\t\t * according to aformentioned restrictions should be used or\n+\t\t * specific function should be set, otherwise on dequeue the driver\n+\t\t * SHALL set crypto_op_status to RTE_CRYPTO_OP_STATUS_INVALID_ARGS.\n+\t\t */\n+\t\tunion {\n+\t\t\tstruct {\n+\t\t\t\tenum rte_crypto_auth_algorithm mgf;\n+\t\t\t\t/**<\n+\t\t\t\t * Mask genereation function hash algorithm.\n+\t\t\t\t * If this field is not supported by the driver,\n+\t\t\t\t * it should be set to RTE_CRYPTO_HASH_NONE.\n+\t\t\t\t */\n+\t\t\t\trte_crypto_param label;\n+\t\t\t\t/**<\n+\t\t\t\t * Optional label, if driver does not support\n+\t\t\t\t * this option, optional label is just an empty string.\n+\t\t\t\t */\n+\t\t\t} OAEP;\n+\t\t\tstruct {\n+\t\t\t\tenum rte_crypto_auth_algorithm mgf;\n+\t\t\t\t/**<\n+\t\t\t\t * Mask genereation function hash algorithm.\n+\t\t\t\t * If this field is not supported by the driver,\n+\t\t\t\t * it should be set to RTE_CRYPTO_HASH_NONE.\n+\t\t\t\t */\n+\t\t\t\tint seed_len;\n+\t\t\t\t/**<\n+\t\t\t\t * Intended seed length. Nagative number has special\n+\t\t\t\t * value as follows:\n+\t\t\t\t * -1 : seed len = length of output ot used hash function\n+\t\t\t\t * -2 : seed len is maximized\n+\t\t\t\t */\n+\t\t\t} PSS;\n+\t\t};\n+\t} padding;\n \t/**<\n-\t * Hash algorithm to be used for mask generation if\n-\t * padding scheme is either OAEP or PSS. If padding\n-\t * scheme is unspecified data hash algorithm is used\n-\t * for mask generation. Valid hash algorithms are:\n-\t * MD5, SHA1, SHA224, SHA256, SHA384, SHA512\n+\t * Padding type of RSA crypto operation.\n+\t * What are random number generator requirements and prequisites\n+\t * SHALL be put in specific driver guide\n \t */\n };\n \n", "prefixes": [ "1/3" ] }