1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
|
/* SPDX-License-Identifier: BSD-3-Clause
* Copyright(c) 2018 Cavium Networks
*/
#ifndef _RTE_CRYPTO_ASYM_H_
#define _RTE_CRYPTO_ASYM_H_
/**
* @file rte_crypto_asym.h
*
* RTE Definitions for Asymmetric Cryptography
*
* Defines asymmetric algorithms and modes, as well as supported
* asymmetric crypto operations.
*/
#include <string.h>
#include <stdint.h>
#include <rte_memory.h>
#include <rte_mempool.h>
#include <rte_common.h>
#include "rte_crypto_sym.h"
struct rte_cryptodev_asym_session;
/** asym key exchange operation type name strings */
extern const char *
rte_crypto_asym_ke_strings[];
/** asym operations type name strings */
extern const char *
rte_crypto_asym_op_strings[];
#define RTE_CRYPTO_ASYM_FLAG_PUB_KEY_NO_PADDING RTE_BIT32(0)
/**<
* Flag to denote public key will be returned without leading zero bytes
* and if the flag is not set, public key will be padded to the left with
* zeros to the size of the underlying algorithm (default)
*/
#define RTE_CRYPTO_ASYM_FLAG_SHARED_KEY_NO_PADDING RTE_BIT32(1)
/**<
* Flag to denote shared secret will be returned without leading zero bytes
* and if the flag is not set, shared secret will be padded to the left with
* zeros to the size of the underlying algorithm (default)
*/
#define RTE_CRYPTO_ASYM_FLAG_PUB_KEY_COMPRESSED RTE_BIT32(2)
/**<
* Flag to denote public key will be returned in compressed form
*/
/**
* List of elliptic curves. This enum aligns with
* TLS "Supported Groups" registry (previously known as
* NamedCurve registry). FFDH groups are not, and will not
* be included in this list.
* Deprecation for selected curve in TLS does not deprecate
* the selected curve in Cryptodev.
* https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
*/
enum rte_crypto_curve_id {
RTE_CRYPTO_EC_GROUP_SECP192R1 = 19,
RTE_CRYPTO_EC_GROUP_SECP224R1 = 21,
RTE_CRYPTO_EC_GROUP_SECP256R1 = 23,
RTE_CRYPTO_EC_GROUP_SECP384R1 = 24,
RTE_CRYPTO_EC_GROUP_SECP521R1 = 25,
RTE_CRYPTO_EC_GROUP_ED25519 = 29,
RTE_CRYPTO_EC_GROUP_ED448 = 30,
RTE_CRYPTO_EC_GROUP_SM2 = 41,
};
/**
* List of Edwards curve instances as per RFC 8032 (Section 5).
*/
enum rte_crypto_edward_instance {
RTE_CRYPTO_EDCURVE_25519,
RTE_CRYPTO_EDCURVE_25519CTX,
RTE_CRYPTO_EDCURVE_25519PH,
RTE_CRYPTO_EDCURVE_448,
RTE_CRYPTO_EDCURVE_448PH
};
/**
* Asymmetric crypto transformation types.
* Each xform type maps to one asymmetric algorithm
* performing specific operation
*/
enum rte_crypto_asym_xform_type {
RTE_CRYPTO_ASYM_XFORM_UNSPECIFIED = 0,
/**< Invalid xform. */
RTE_CRYPTO_ASYM_XFORM_NONE,
/**< Xform type None.
* May be supported by PMD to support
* passthrough op for debugging purpose.
* if xform_type none , op_type is disregarded.
*/
RTE_CRYPTO_ASYM_XFORM_RSA,
/**< RSA. Performs Encrypt, Decrypt, Sign and Verify.
* Refer to rte_crypto_asym_op_type
*/
RTE_CRYPTO_ASYM_XFORM_DH,
/**< Diffie-Hellman.
* Performs Key Generate and Shared Secret Compute.
* Refer to rte_crypto_asym_op_type
*/
RTE_CRYPTO_ASYM_XFORM_DSA,
/**< Digital Signature Algorithm
* Performs Signature Generation and Verification.
* Refer to rte_crypto_asym_op_type
*/
RTE_CRYPTO_ASYM_XFORM_MODINV,
/**< Modular Multiplicative Inverse
* Perform Modular Multiplicative Inverse b^(-1) mod n
*/
RTE_CRYPTO_ASYM_XFORM_MODEX,
/**< Modular Exponentiation
* Perform Modular Exponentiation b^e mod n
*/
RTE_CRYPTO_ASYM_XFORM_ECDSA,
/**< Elliptic Curve Digital Signature Algorithm
* Perform Signature Generation and Verification.
*/
RTE_CRYPTO_ASYM_XFORM_ECDH,
/**< Elliptic Curve Diffie Hellman */
RTE_CRYPTO_ASYM_XFORM_ECPM,
/**< Elliptic Curve Point Multiplication */
RTE_CRYPTO_ASYM_XFORM_ECFPM,
/**< Elliptic Curve Fixed Point Multiplication */
RTE_CRYPTO_ASYM_XFORM_SM2,
/**< ShangMi 2
* Performs Encrypt, Decrypt, Sign and Verify.
* Refer to rte_crypto_asym_op_type.
*/
RTE_CRYPTO_ASYM_XFORM_EDDSA,
/**< Edwards Curve Digital Signature Algorithm
* Perform Signature Generation and Verification.
*/
};
/**
* Asymmetric crypto operation type variants
*/
enum rte_crypto_asym_op_type {
RTE_CRYPTO_ASYM_OP_ENCRYPT,
/**< Asymmetric Encrypt operation */
RTE_CRYPTO_ASYM_OP_DECRYPT,
/**< Asymmetric Decrypt operation */
RTE_CRYPTO_ASYM_OP_SIGN,
/**< Signature Generation operation */
RTE_CRYPTO_ASYM_OP_VERIFY,
/**< Signature Verification operation */
RTE_CRYPTO_ASYM_OP_LIST_END
};
/**
* Asymmetric crypto key exchange operation type
*/
enum rte_crypto_asym_ke_type {
RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE,
/**< Private Key generation operation */
RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE,
/**< Public Key generation operation */
RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE,
/**< Shared Secret compute operation */
RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY
/**< Public Key Verification - can be used for
* elliptic curve point validation.
*/
};
/**
* Padding types for RSA signature.
*/
enum rte_crypto_rsa_padding_type {
RTE_CRYPTO_RSA_PADDING_NONE = 0,
/**< RSA no padding scheme */
RTE_CRYPTO_RSA_PADDING_PKCS1_5,
/**< RSA PKCS#1 PKCS1-v1_5 padding scheme. For signatures block type 01,
* for encryption block type 02 are used.
*/
RTE_CRYPTO_RSA_PADDING_OAEP,
/**< RSA PKCS#1 OAEP padding scheme */
RTE_CRYPTO_RSA_PADDING_PSS,
/**< RSA PKCS#1 PSS padding scheme */
};
/**
* RSA private key type enumeration
*
* enumerates private key format required to perform RSA crypto
* transform.
*/
enum rte_crypto_rsa_priv_key_type {
RTE_RSA_KEY_TYPE_EXP,
/**< RSA private key is an exponent */
RTE_RSA_KEY_TYPE_QT,
/**< RSA private key is in quintuple format
* See rte_crypto_rsa_priv_key_qt
*/
};
/**
* Buffer to hold crypto params required for asym operations.
*
* These buffers can be used for both input to PMD and output from PMD. When
* used for output from PMD, application has to ensure the buffer is large
* enough to hold the target data.
*
* If an operation requires the PMD to generate a random number,
* and the device supports CSRNG, 'data' should be set to NULL.
* The crypto parameter in question will not be used by the PMD,
* as it is internally generated.
*/
typedef struct rte_crypto_param_t {
uint8_t *data;
/**< pointer to buffer holding data */
rte_iova_t iova;
/**< IO address of data buffer */
size_t length;
/**< length of data in bytes */
} rte_crypto_param;
/** Unsigned big-integer in big-endian format */
typedef rte_crypto_param rte_crypto_uint;
/**
* Structure for elliptic curve point
*/
struct rte_crypto_ec_point {
rte_crypto_param x;
/**< X coordinate */
rte_crypto_param y;
/**< Y coordinate */
};
/**
* Structure describing RSA private key in quintuple format.
* See PKCS V1.5 RSA Cryptography Standard.
*/
struct rte_crypto_rsa_priv_key_qt {
rte_crypto_uint p;
/**< the first factor */
rte_crypto_uint q;
/**< the second factor */
rte_crypto_uint dP;
/**< the first factor's CRT exponent */
rte_crypto_uint dQ;
/**< the second's factor's CRT exponent */
rte_crypto_uint qInv;
/**< the CRT coefficient */
};
/**
* RSA padding type
*/
struct rte_crypto_rsa_padding {
enum rte_crypto_rsa_padding_type type;
/**< RSA padding scheme to be used for transform */
enum rte_crypto_auth_algorithm hash;
/**<
* RSA padding hash algorithm
* Valid hash algorithms are:
* MD5, SHA1, SHA224, SHA256, SHA384, SHA512
*
* When a specific padding type is selected, the following rules apply:
* - RTE_CRYPTO_RSA_PADDING_NONE:
* This field is ignored by the PMD
*
* - RTE_CRYPTO_RSA_PADDING_PKCS1_5:
* When signing an operation this field is used to determine value
* of the DigestInfo structure, therefore specifying which algorithm
* was used to create the message digest.
* When doing encryption/decryption this field is ignored for this
* padding type.
*
* - RTE_CRYPTO_RSA_PADDING_OAEP
* This field shall be set with the hash algorithm used
* in the padding scheme
*
* - RTE_CRYPTO_RSA_PADDING_PSS
* This field shall be set with the hash algorithm used
* in the padding scheme (and to create the input message digest)
*/
enum rte_crypto_auth_algorithm mgf1hash;
/**<
* Hash algorithm to be used for mask generation if the
* padding scheme is either OAEP or PSS. If the padding
* scheme is unspecified a data hash algorithm is used
* for mask generation. Valid hash algorithms are:
* MD5, SHA1, SHA224, SHA256, SHA384, SHA512
*/
uint16_t pss_saltlen;
/**<
* RSA PSS padding salt length
*
* Used only when RTE_CRYPTO_RSA_PADDING_PSS padding is selected,
* otherwise ignored.
*/
rte_crypto_param oaep_label;
/**<
* RSA OAEP padding optional label
*
* Used only when RTE_CRYPTO_RSA_PADDING_OAEP padding is selected,
* otherwise ignored. If label.data == NULL, a default
* label (empty string) is used.
*/
};
/**
* Asymmetric RSA transform data
*
* Structure describing RSA xform params
*/
struct rte_crypto_rsa_xform {
rte_crypto_uint n;
/**< the RSA modulus */
rte_crypto_uint e;
/**< the RSA public exponent */
enum rte_crypto_rsa_priv_key_type key_type;
struct {
rte_crypto_uint d;
/**< the RSA private exponent */
struct rte_crypto_rsa_priv_key_qt qt;
/**< qt - Private key in quintuple format */
};
struct rte_crypto_rsa_padding padding;
/**< RSA padding information */
};
/**
* Asymmetric Modular exponentiation transform data
*
* Structure describing modular exponentiation xform param
*/
struct rte_crypto_modex_xform {
rte_crypto_uint modulus;
/**< Modulus data for modexp transform operation */
rte_crypto_uint exponent;
/**< Exponent of the modexp transform operation */
};
/**
* Asymmetric modular multiplicative inverse transform operation
*
* Structure describing modular multiplicative inverse transform
*/
struct rte_crypto_modinv_xform {
rte_crypto_uint modulus;
/**< Modulus data for modular multiplicative inverse operation */
};
/**
* Asymmetric DH transform data
*
* Structure describing deffie-hellman xform params
*/
struct rte_crypto_dh_xform {
rte_crypto_uint p;
/**< Prime modulus data */
rte_crypto_uint g;
/**< DH Generator */
};
/**
* Asymmetric Digital Signature transform operation
*
* Structure describing DSA xform params
*/
struct rte_crypto_dsa_xform {
rte_crypto_uint p;
/**< Prime modulus */
rte_crypto_uint q;
/**< Order of the subgroup */
rte_crypto_uint g;
/**< Generator of the subgroup */
rte_crypto_uint x;
/**< x: Private key of the signer */
};
/**
* Asymmetric elliptic curve transform data
*
* Structure describing all EC based xform params
*/
struct rte_crypto_ec_xform {
enum rte_crypto_curve_id curve_id;
/**< Pre-defined ec groups */
rte_crypto_uint pkey;
/**< Private key */
struct rte_crypto_ec_point q;
/**< Public key */
};
/**
* Operations params for modular operations:
* exponentiation and multiplicative inverse
*/
struct rte_crypto_mod_op_param {
rte_crypto_uint base;
/**< Base of modular exponentiation/multiplicative inverse. */
rte_crypto_uint result;
/**< Result of modular exponentiation/multiplicative inverse. */
};
/**
* RSA operation params
*/
struct rte_crypto_rsa_op_param {
enum rte_crypto_asym_op_type op_type;
/**< Type of RSA operation for transform */
rte_crypto_param message;
/**<
* Pointer to input data
* - to be encrypted for RSA public encrypt.
* - to be signed for RSA sign generation.
* - to be authenticated for RSA sign verification.
*
* Pointer to output data
* - for RSA private decrypt.
* In this case the underlying array should have been
* allocated with enough memory to hold plaintext output
* (i.e. must be at least RSA key size). The message.length
* field could be either 0 or minimal length expected from PMD.
* This could be validated and overwritten by the PMD
* with the decrypted length.
*/
rte_crypto_param cipher;
/**<
* Pointer to input data
* - to be decrypted for RSA private decrypt.
*
* Pointer to output data
* - for RSA public encrypt.
* In this case the underlying array should have been allocated
* with enough memory to hold ciphertext output (i.e. must be
* at least RSA key size). The cipher.length field could be
* either 0 or minimal length expected from PMD.
* This could be validated and overwritten by the PMD
* with the encrypted length.
*
* When RTE_CRYPTO_RSA_PADDING_NONE and RTE_CRYPTO_ASYM_OP_VERIFY
* selected, this is an output of decrypted signature.
*/
rte_crypto_param sign;
/**<
* Pointer to input data
* - to be verified for RSA public decrypt.
*
* Pointer to output data
* - for RSA private encrypt.
* In this case the underlying array should have been allocated
* with enough memory to hold signature output (i.e. must be
* at least RSA key size). The sign.length field could be
* either 0 or minimal length expected from PMD.
* This could be validated and overwritten by the PMD
* with the signature length.
*/
};
/**
* Diffie-Hellman Operations params.
* @note:
*/
struct rte_crypto_dh_op_param {
enum rte_crypto_asym_ke_type ke_type;
/**< Key exchange operation type */
rte_crypto_uint priv_key;
/**<
* Output - generated private key when ke_type is
* RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE.
*
* Input - private key when ke_type is one of:
* RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE,
* RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
*
* In case priv_key.length is 0 and ke_type is set with
* RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE, CSRNG capable
* device will generate a private key and use it for public
* key generation.
*/
rte_crypto_uint pub_key;
/**<
* Output - generated public key when ke_type is
* RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE.
*
* Input - peer's public key when ke_type is
* RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
*/
rte_crypto_uint shared_secret;
/**<
* Output - calculated shared secret when ke_type is
* RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
*/
};
/**
* Elliptic Curve Diffie-Hellman Operations params.
*/
struct rte_crypto_ecdh_op_param {
enum rte_crypto_asym_ke_type ke_type;
/**< Key exchange operation type */
rte_crypto_uint priv_key;
/**<
* Output - generated private key when ke_type is
* RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE.
*
* Input - private key when ke_type is one of:
* RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE,
* RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
*
* In case priv_key.length is 0 and ke_type is set with
* RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE, CSRNG capable
* device will generate private key and use it for public
* key generation.
*/
struct rte_crypto_ec_point pub_key;
/**<
* Output - generated public key when ke_type is
* RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE.
*
* Input - peer's public key, when ke_type is one of:
* RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE,
* RTE_CRYPTO_ASYM_KE_EC_PUBLIC_KEY_VERIFY.
*/
struct rte_crypto_ec_point shared_secret;
/**<
* Output - calculated shared secret when ke_type is
* RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
*/
};
/**
* DSA Operations params
*/
struct rte_crypto_dsa_op_param {
enum rte_crypto_asym_op_type op_type;
/**< Signature Generation or Verification */
rte_crypto_param message;
/**< input message to be signed or verified */
rte_crypto_uint k;
/**< Per-message secret number, which is an integer
* in the interval (1, q-1).
* If the random number is generated by the PMD,
* the 'rte_crypto_param.data' parameter should be set to NULL.
*/
rte_crypto_uint r;
/**< dsa sign component 'r' value
*
* output if op_type = sign generate,
* input if op_type = sign verify
*/
rte_crypto_uint s;
/**< dsa sign component 's' value
*
* output if op_type = sign generate,
* input if op_type = sign verify
*/
rte_crypto_uint y;
/**< y : Public key of the signer.
* y = g^x mod p
*/
};
/**
* ECDSA operation params
*/
struct rte_crypto_ecdsa_op_param {
enum rte_crypto_asym_op_type op_type;
/**< Signature generation or verification */
rte_crypto_param message;
/**< Input message digest to be signed or verified */
rte_crypto_uint k;
/**< The ECDSA per-message secret number, which is an integer
* in the interval (1, n-1).
* If the random number is generated by the PMD,
* the 'rte_crypto_param.data' parameter should be set to NULL.
*/
rte_crypto_uint r;
/**< r component of elliptic curve signature
* output : for signature generation
* input : for signature verification
*/
rte_crypto_uint s;
/**< s component of elliptic curve signature
* output : for signature generation
* input : for signature verification
*/
};
/**
* EdDSA operation params
*/
struct rte_crypto_eddsa_op_param {
enum rte_crypto_asym_op_type op_type;
/**< Signature generation or verification */
rte_crypto_param message;
/**< Input message digest to be signed or verified */
rte_crypto_param context;
/**< Context value for the sign op.
* Must not be empty for Ed25519ctx instance.
*/
enum rte_crypto_edward_instance instance;
/**< Type of Edwards curve. */
rte_crypto_uint sign;
/**< Edward curve signature
* output : for signature generation
* input : for signature verification
*/
};
/**
* Structure for EC point multiplication operation param
*/
struct rte_crypto_ecpm_op_param {
struct rte_crypto_ec_point p;
/**< x and y coordinates of input point */
struct rte_crypto_ec_point r;
/**< x and y coordinates of resultant point */
rte_crypto_param scalar;
/**< Scalar to multiply the input point */
};
/**
* SM2 operation capabilities
*/
enum rte_crypto_sm2_op_capa {
RTE_CRYPTO_SM2_RNG,
/**< Random number generator supported in SM2 ops. */
RTE_CRYPTO_SM2_PH,
/**< Prehash message before crypto op. */
};
/**
* SM2 operation params.
*/
struct rte_crypto_sm2_op_param {
enum rte_crypto_asym_op_type op_type;
/**< Signature generation or verification. */
enum rte_crypto_auth_algorithm hash;
/**< Hash algorithm used in EC op. */
rte_crypto_param message;
/**<
* Pointer to input data
* - to be encrypted for SM2 public encrypt.
* - to be signed for SM2 sign generation.
* - to be authenticated for SM2 sign verification.
*
* Pointer to output data
* - for SM2 private decrypt.
* In this case the underlying array should have been
* allocated with enough memory to hold plaintext output
* (at least encrypted text length). The message.length field
* will be overwritten by the PMD with the decrypted length.
*/
rte_crypto_param cipher;
/**<
* Pointer to input data
* - to be decrypted for SM2 private decrypt.
*
* Pointer to output data
* - for SM2 public encrypt.
* In this case the underlying array should have been allocated
* with enough memory to hold ciphertext output (at least X bytes
* for prime field curve of N bytes and for message M bytes,
* where X = (C1 || C2 || C3) and computed based on SM2 RFC as
* C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will
* be overwritten by the PMD with the encrypted length.
*/
rte_crypto_uint id;
/**< The SM2 id used by signer and verifier. */
rte_crypto_uint k;
/**< The SM2 per-message secret number, which is an integer
* in the interval (1, n-1).
* If the random number is generated by the PMD,
* the 'rte_crypto_param.data' parameter should be set to NULL.
*/
rte_crypto_uint r;
/**< r component of elliptic curve signature
* output : for signature generation (of at least N bytes
* where prime field length is N bytes)
* input : for signature verification
*/
rte_crypto_uint s;
/**< s component of elliptic curve signature
* output : for signature generation (of at least N bytes
* where prime field length is N bytes)
* input : for signature verification
*/
};
/**
* Asymmetric crypto transform data
*
* Structure describing asym xforms.
*/
struct rte_crypto_asym_xform {
struct rte_crypto_asym_xform *next;
/**< Pointer to next xform to set up xform chain.*/
enum rte_crypto_asym_xform_type xform_type;
/**< Asymmetric crypto transform */
union {
struct rte_crypto_rsa_xform rsa;
/**< RSA xform parameters */
struct rte_crypto_modex_xform modex;
/**< Modular Exponentiation xform parameters */
struct rte_crypto_modinv_xform modinv;
/**< Modular Multiplicative Inverse xform parameters */
struct rte_crypto_dh_xform dh;
/**< DH xform parameters */
struct rte_crypto_dsa_xform dsa;
/**< DSA xform parameters */
struct rte_crypto_ec_xform ec;
/**< EC xform parameters, used by elliptic curve based
* operations.
*/
};
};
/**
* Asymmetric Cryptographic Operation.
*
* Structure describing asymmetric crypto operation params.
*/
struct rte_crypto_asym_op {
union {
struct rte_cryptodev_asym_session *session;
/**< Handle for the initialised session context */
struct rte_crypto_asym_xform *xform;
/**< Session-less API crypto operation parameters */
};
union {
struct rte_crypto_rsa_op_param rsa;
struct rte_crypto_mod_op_param modex;
struct rte_crypto_mod_op_param modinv;
struct rte_crypto_dh_op_param dh;
struct rte_crypto_ecdh_op_param ecdh;
struct rte_crypto_dsa_op_param dsa;
struct rte_crypto_ecdsa_op_param ecdsa;
struct rte_crypto_ecpm_op_param ecpm;
struct rte_crypto_sm2_op_param sm2;
struct rte_crypto_eddsa_op_param eddsa;
};
uint16_t flags;
/**<
* Asymmetric crypto operation flags.
* Please refer to the RTE_CRYPTO_ASYM_FLAG_*.
*/
};
#endif /* _RTE_CRYPTO_ASYM_H_ */
|
