[dpdk-dev] [RFC PATCH v2 0/3] specifications for asymmetric crypto algorithms

Neil Horman nhorman at tuxdriver.com
Fri May 12 14:15:57 CEST 2017


On Thu, May 11, 2017 at 06:05:29PM +0530, Umesh Kartha wrote:
> This RFC contains specifications for asymmetric crypto algorithms.
> Asymmetric crypto algorithms are essential part of protocols such as
> SSL/TLS. As the current DPDK crypto library lacks support for asymmetric
> crypto algorithms, this RFC is an attempt to address it.
> 
> Cavium offers  PCI hardware accelerators that supports symmetric and
> asymmetric crypto algorithms, of which a few are  addressed in this RFC.
> Once specifications are agreed upon, I can submit a patch for the same.
> We will develop a poll mode driver which can offload to OpenSSL crypto
> library and to Cavium crypto accelerator.
> 
> The asymmetric crypto algorithms supported in this version are:
> 
This all appears to modify the cryptodev api, but I don't see where said
modification was announced.

Additionally, I don't see modifications to a map file to export the api symbols.
Have you tested this in a shared library build?

Neil

> 1 RSA
>   - RSA Sign
>   - RSA Verify
>   - RSA Public Encrypt
>   - RSA Private Decrypt
> 
>   Padding schemes supported for RSA operations are
>     * RSA PKCS#1 BT1
>     * RSA PKCS#1 BT2
>     * RSA PKCS#1 OAEP
>     * RSA PKCS#1 PSS
> 
> 2 DH
>   - DH generate key
>   - DH compute key
> 
> 3 ECDH
>   - ECDH generate key
>   - ECDH check key
>   - ECDH compute key
> 
> 4 DSA
>   - DSA Sign
>   - DSA Verify
> 
> 5  ECDSA
>   - ECDSA Sign
>   - ECDSA Verify
> 
> 6  MODEXP
> 
> 7  FUNDAMENTAL ECC
>   - Point Addition
>   - Point Multiplication
>   - Point Doubling
> 
> 8 MODULAR INVERSE
> 
> 
>  Asymmetric crypto transform operations support both session oriented
> mode  and session less mode. If the operation is sessionless, an
> asymmetric crypto transform structure, containing immutable parameters,
> is passed along with per-operation mutable parameters in the structure.
> Specific structures were written to contain immutable parameters
> depending on algorithm used for crypto transform operation. The
> parameters and type of transform is distinguished by the algorithm for
> which the transform structure is filled. For a particular asymmetric
> algorithm, not all parameters will be used and hence not required to be
> filled.
> 
> Changes from RFC v1:
> 
> Added additional algorithms : DH/ECDH/MODINVERSE/DSA
> Added additional curves for ECC operations: All cuves supported by libcrypto.
> As per the comments received for RFC v1:
>  - removed mbufs from asymmetric crypto operation structure.
>  - added separate queue pair in device structure to handle asymmetric crypto
>    operations.
>  - added APIs to start/stop/initialize queue pairs to handle asymmetric crypto
>    operations.
>  - added asymmetric session structure and related APIs to handle session
>    operations (initialize/allocate/free) etc.
> 
> RFC v1: http://dpdk.org/ml/archives/dev/2017-March/060869.html
> 
> Umesh Kartha (3):
>   cryptodev: added asymmetric algorithms
>   cryptodev: asymmetric algorithm capability definitions
>   cryptodev: added asym queue pair, session apis
> 
>  lib/librte_cryptodev/rte_crypto.h        |  135 +++-
>  lib/librte_cryptodev/rte_crypto_asym.h   | 1124 ++++++++++++++++++++++++++++++
>  lib/librte_cryptodev/rte_cryptodev.c     |  782 ++++++++++++++++++++-
>  lib/librte_cryptodev/rte_cryptodev.h     |  414 +++++++++++
>  lib/librte_cryptodev/rte_cryptodev_pmd.h |  113 +++
>  5 files changed, 2564 insertions(+), 4 deletions(-)
>  create mode 100644 lib/librte_cryptodev/rte_crypto_asym.h
> 
> -- 
> 1.8.3.1
> 
> 


More information about the dev mailing list