- Separated key exchange enum from asym op type.
Key exchange and asymmetric crypto operations like signatures,
encryption/decryption should not share same operation enum as
its use cases are unrelated and mutually exclusive.
Therefore op_type was separate into:
1) operation type
2) key exchange operation type
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
for (i = 0; i < RTE_CRYPTO_ASYM_OP_LIST_END; i++) {
/* check supported operations */
- if (rte_cryptodev_asym_xform_capability_check_optype(capa, i))
- printf(" %s",
- rte_crypto_asym_op_strings[i]);
+ if (rte_cryptodev_asym_xform_capability_check_optype(capa, i)) {
+ if (capa->xform_type == RTE_CRYPTO_ASYM_XFORM_DH)
+ printf(" %s", rte_crypto_asym_ke_strings[i]);
+ else
+ printf(" %s", rte_crypto_asym_op_strings[i]);
}
- switch (capa->xform_type) {
- case RTE_CRYPTO_ASYM_XFORM_RSA:
- case RTE_CRYPTO_ASYM_XFORM_MODINV:
- case RTE_CRYPTO_ASYM_XFORM_MODEX:
- case RTE_CRYPTO_ASYM_XFORM_DH:
- case RTE_CRYPTO_ASYM_XFORM_DSA:
- printf(" modlen: min %d max %d increment %d",
- capa->modlen.min,
- capa->modlen.max,
- capa->modlen.increment);
+ }
+ switch (capa->xform_type) {
+ case RTE_CRYPTO_ASYM_XFORM_RSA:
+ case RTE_CRYPTO_ASYM_XFORM_MODINV:
+ case RTE_CRYPTO_ASYM_XFORM_MODEX:
+ case RTE_CRYPTO_ASYM_XFORM_DH:
+ case RTE_CRYPTO_ASYM_XFORM_DSA:
+ printf(" modlen: min %d max %d increment %d",
+ capa->modlen.min,
+ capa->modlen.max,
+ capa->modlen.increment);
+ break;
+ case RTE_CRYPTO_ASYM_XFORM_ECDSA:
+ case RTE_CRYPTO_ASYM_XFORM_ECPM:
+ default:
break;
- case RTE_CRYPTO_ASYM_XFORM_ECDSA:
- case RTE_CRYPTO_ASYM_XFORM_ECPM:
- default:
- break;
- }
- printf("\n");
+ }
+ printf("\n");
}
static int
asym_op = op->asym;
/* Setup a xform and op to generate private key only */
- xform.dh.type = RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE;
+ xform.dh.ke_type = RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE;
xform.next = NULL;
asym_op->dh.priv_key.data = dh_test_params.priv_key.data;
asym_op->dh.priv_key.length = dh_test_params.priv_key.length;
asym_op = op->asym;
/* Setup a xform and op to generate private key only */
- xform.dh.type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE;
+ xform.dh.ke_type = RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE;
xform.next = NULL;
asym_op->dh.priv_key.data = output;
asym_op->dh.priv_key.length = sizeof(output);
* using test private key
*
*/
- xform.dh.type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE;
+ xform.dh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;
xform.next = NULL;
asym_op->dh.pub_key.data = output;
/* Setup a xform chain to generate
* private key first followed by
* public key
- */xform.dh.type = RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE;
+ */
+ xform.dh.ke_type = RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE;
pub_key_xform.xform_type = RTE_CRYPTO_ASYM_XFORM_DH;
- pub_key_xform.dh.type = RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE;
+ pub_key_xform.dh.ke_type = RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE;
xform.next = &pub_key_xform;
asym_op->dh.pub_key.data = out_pub_key;
int ret = 0;
if (sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE)) {
+ (1 << RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE)) {
/* compute shared secret using peer public key
* and current private key
* shared secret = peer_key ^ priv_key mod p
* then first set DH with user provided private key
*/
if ((sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) &&
+ (1 << RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE)) &&
!(sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE))) {
+ (1 << RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE))) {
/* generate public key using user-provided private key
* pub_key = g ^ priv_key mod p
*/
return 0;
}
- if (sess->u.dh.key_op & (1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)) {
+ if (sess->u.dh.key_op & (1 << RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE)) {
const BIGNUM *pub_key = NULL;
OPENSSL_LOG(DEBUG, "%s:%d update public key\n",
}
if (sess->u.dh.key_op &
- (1 << RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE)) {
+ (1 << RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE)) {
const BIGNUM *priv_key = NULL;
OPENSSL_LOG(DEBUG, "%s:%d updated priv key\n",
.xform_capa = {
.xform_type = RTE_CRYPTO_ASYM_XFORM_DH,
.op_types =
- ((1<<RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) |
- (1 << RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE |
+ ((1<<RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE) |
+ (1 << RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE |
(1 <<
- RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE))),
+ RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE))),
{
.modlen = {
/* value 0 symbolizes no limit on min length */
* DH Priv key generate, or both
* public and private key generate
*/
- asym_session->u.dh.key_op = (1 << xform->dh.type);
+ asym_session->u.dh.key_op = (1 << xform->dh.ke_type);
- if (xform->dh.type ==
- RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE) {
+ if (xform->dh.ke_type ==
+ RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE) {
/* check if next is pubkey */
if ((xform->next != NULL) &&
(xform->next->xform_type ==
RTE_CRYPTO_ASYM_XFORM_DH) &&
- (xform->next->dh.type ==
- RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE)
+ (xform->next->dh.ke_type ==
+ RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE)
) {
/*
* setup op as pub/priv key
*/
asym_session->u.dh.key_op |=
(1 <<
- RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE);
+ RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE);
}
}
asym_session->u.dh.dh_key = dh;
extern const char *
rte_crypto_asym_xform_strings[];
+/** asym key exchange operation type name strings */
+extern const char *
+rte_crypto_asym_ke_strings[];
+
/** asym operations type name strings */
extern const char *
rte_crypto_asym_op_strings[];
/**< Signature Generation operation */
RTE_CRYPTO_ASYM_OP_VERIFY,
/**< Signature Verification operation */
- RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE,
- /**< DH Private Key generation operation */
- RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE,
- /**< DH Public Key generation operation */
- RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE,
- /**< DH Shared Secret compute operation */
RTE_CRYPTO_ASYM_OP_LIST_END
};
+/**
+ * Asymmetric crypto key exchange operation type
+ */
+enum rte_crypto_asym_ke_type {
+ RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE,
+ /**< Private Key generation operation */
+ RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE,
+ /**< Public Key generation operation */
+ RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE
+ /**< Shared Secret compute operation */
+};
+
/**
* Padding types for RSA signature.
*/
*
*/
struct rte_crypto_dh_xform {
- enum rte_crypto_asym_op_type type;
+ enum rte_crypto_asym_ke_type ke_type;
/**< Setup xform for key generate or shared secret compute */
rte_crypto_uint p;
/**< Prime modulus data */
struct rte_crypto_dh_op_param {
rte_crypto_uint pub_key;
/**<
- * Output generated public key when xform type is
- * DH PUB_KEY_GENERATION.
- * Input peer public key when xform type is DH
- * SHARED_SECRET_COMPUTATION
+ * Output - generated public key, when dh xform ke_type is
+ * RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE.
*
+ * Input - peer's public key, when dh xform ke_type is
+ * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
*/
rte_crypto_uint priv_key;
/**<
- * Output generated private key if xform type is
- * DH PRIVATE_KEY_GENERATION
- * Input when xform type is DH SHARED_SECRET_COMPUTATION.
+ * Output - generated private key, when dh xform ke_type is
+ * RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE.
*
+ * Input - private key, when dh xform ke_type is one of:
+ * RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE,
+ * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
*/
rte_crypto_uint shared_secret;
/**<
- * Output with calculated shared secret
- * when dh xform set up with op type = SHARED_SECRET_COMPUTATION.
- *
+ * Output - calculated shared secret when dh xform ke_type is
+ * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
*/
};
[RTE_CRYPTO_ASYM_OP_ENCRYPT] = "encrypt",
[RTE_CRYPTO_ASYM_OP_DECRYPT] = "decrypt",
[RTE_CRYPTO_ASYM_OP_SIGN] = "sign",
- [RTE_CRYPTO_ASYM_OP_VERIFY] = "verify",
- [RTE_CRYPTO_ASYM_OP_PRIVATE_KEY_GENERATE] = "priv_key_generate",
- [RTE_CRYPTO_ASYM_OP_PUBLIC_KEY_GENERATE] = "pub_key_generate",
- [RTE_CRYPTO_ASYM_OP_SHARED_SECRET_COMPUTE] = "sharedsecret_compute",
+ [RTE_CRYPTO_ASYM_OP_VERIFY] = "verify"
+};
+
+/**
+ * Asymmetric crypto key exchange operation strings identifiers.
+ */
+const char *rte_crypto_asym_ke_strings[] = {
+ [RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE] = "priv_key_generate",
+ [RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE] = "pub_key_generate",
+ [RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE] = "sharedsecret_compute"
};
/**
/**< Transform type: RSA/MODEXP/DH/DSA/MODINV */
uint32_t op_types;
- /**< bitmask for supported rte_crypto_asym_op_type */
+ /**<
+ * Bitmask for supported rte_crypto_asym_op_type or
+ * rte_crypto_asym_ke_type. Which enum is used is determined
+ * by the rte_crypto_asym_xform_type. For key exchange algorithms
+ * like Diffie-Hellman it is rte_crypto_asym_ke_type, for others
+ * it is rte_crypto_asym_op_type.
+ */
__extension__
union {
#added in 22.07
rte_cryptodev_session_event_mdata_set;
+ rte_crypto_asym_ke_strings;
};
INTERNAL {
git.droids-corp.org / dpdk.git / commitdiff