[dpdk-dev,v3,3/6] lib/cryptodev: add asymmetric crypto capability in cryptodev
Checks
Commit Message
Extend cryptodev with asymmetric capability APIs and
definitions.
changes from v2:
- remove redundant xform_type from asym capability struct
- rename rte_cryptodev_get_asym_xform_enum to
be more consistent with other API names
Signed-off-by: Shally Verma <shally.verma@caviumnetworks.com>
Signed-off-by: Sunila Sahu <sunila.sahu@caviumnetworks.com>
Signed-off-by: Ashish Gupta <ashish.gupta@caviumnetworks.com>
---
User must apply patch
"lib/cryptodev: add asymmetric algos in cryptodev" before compilation
---
---
lib/librte_cryptodev/Makefile | 1 +
lib/librte_cryptodev/rte_cryptodev.c | 73 +++++++++++++++++
lib/librte_cryptodev/rte_cryptodev.h | 107 ++++++++++++++++++++++++-
lib/librte_cryptodev/rte_cryptodev_version.map | 11 ++-
4 files changed, 186 insertions(+), 6 deletions(-)
Comments
> -----Original Message-----
> From: Shally Verma [mailto:shally.verma@caviumnetworks.com]
> Sent: Wednesday, May 16, 2018 7:05 AM
> To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
> Cc: Trahe, Fiona <fiona.trahe@intel.com>; akhil.goyal@nxp.com;
> dev@dpdk.org; pathreya@caviumnetworks.com; Sunila Sahu
> <sunila.sahu@caviumnetworks.com>; Ashish Gupta
> <ashish.gupta@caviumnetworks.com>
> Subject: [PATCH v3 3/6] lib/cryptodev: add asymmetric crypto capability in
> cryptodev
>
> Extend cryptodev with asymmetric capability APIs and definitions.
>
> changes from v2:
> - remove redundant xform_type from asym capability struct
> - rename rte_cryptodev_get_asym_xform_enum to be more consistent with
> other API names
>
> Signed-off-by: Shally Verma <shally.verma@caviumnetworks.com>
> Signed-off-by: Sunila Sahu <sunila.sahu@caviumnetworks.com>
> Signed-off-by: Ashish Gupta <ashish.gupta@caviumnetworks.com>
>
> ---
> User must apply patch
> "lib/cryptodev: add asymmetric algos in cryptodev" before compilation
> ---
> ---
> lib/librte_cryptodev/Makefile | 1 +
> lib/librte_cryptodev/rte_cryptodev.c | 73 +++++++++++++++++
> lib/librte_cryptodev/rte_cryptodev.h | 107 ++++++++++++++++++++++++-
> lib/librte_cryptodev/rte_cryptodev_version.map | 11 ++-
> 4 files changed, 186 insertions(+), 6 deletions(-)
>
> diff --git a/lib/librte_cryptodev/Makefile b/lib/librte_cryptodev/Makefile index
> 138e627dc..93f9d2d45 100644
> --- a/lib/librte_cryptodev/Makefile
> +++ b/lib/librte_cryptodev/Makefile
> @@ -12,6 +12,7 @@ LIBABIVER := 4
> # build flags
> CFLAGS += -O3
> CFLAGS += $(WERROR_FLAGS)
> +CFLAGS += -DALLOW_EXPERIMENTAL_API
I don't think this flag is needed. You are exporting experimental API, but not using inside the library
(apps/drivers will need to use this flag, though).
> LDLIBS += -lrte_eal -lrte_mempool -lrte_ring -lrte_mbuf LDLIBS += -lrte_kvargs
>
> diff --git a/lib/librte_cryptodev/rte_cryptodev.c
> b/lib/librte_cryptodev/rte_cryptodev.c
> index 4015872ed..ee76cef07 100644
> --- a/lib/librte_cryptodev/rte_cryptodev.c
...
> +const struct rte_cryptodev_asymmetric_xfrm_capability *
s/xfrm/xform/. Same for the rest of the code.
...
> +int __rte_experimental
> +rte_cryptodev_asym_xfrm_capability_check_modlen(
> + const struct rte_cryptodev_asymmetric_xfrm_capability *capability,
> + uint16_t modlen)
> +{
> + /* handle special case of 0 which means PMD doesn't define
> + * any limit
> + */
> + if ((capability->modlen.min != 0) &&
> + ((modlen < capability->modlen.min) ||
> + (capability->modlen.increment != 0 &&
> + (modlen % (capability->modlen.increment)))))
> + return -1;
It is a bit difficult to read this. I think it would be better to separate this if into multiple ones,
making it easier to review. Same with the following one.
> + if ((capability->modlen.max != 0) &&
> + ((modlen > capability->modlen.max) ||
> + (capability->modlen.increment != 0 &&
> + (modlen % (capability->modlen.increment)))))
> + return -1;
> +
> + return 0;
> +}
> +
>
> const char *
> rte_cryptodev_get_feature_name(uint64_t flag) diff --git
> a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h
> index 623459a95..6c13d23f8 100644
> --- a/lib/librte_cryptodev/rte_cryptodev.h
> +++ b/lib/librte_cryptodev/rte_cryptodev.h
...
> @@ -1164,7 +1265,7 @@ int __rte_experimental
> rte_cryptodev_asym_session_set_private_data(
> struct rte_cryptodev_asym_session
> *sess,
> void *data,
> - uint16_t size)
> + uint16_t size);
Fix this in previous patch.
>
> /**
> * Get private data of a session.
> @@ -1178,7 +1279,7 @@ rte_cryptodev_asym_session_set_private_data(
> */
> void * __rte_experimental
> rte_cryptodev_asym_session_get_private_data(
> - struct rte_cryptodev_asym_session *sess)
> + struct rte_cryptodev_asym_session *sess);
>
>
> #ifdef __cplusplus
> diff --git a/lib/librte_cryptodev/rte_cryptodev_version.map
> b/lib/librte_cryptodev/rte_cryptodev_version.map
> index 62b782444..817cf9f70 100644
> --- a/lib/librte_cryptodev/rte_cryptodev_version.map
> +++ b/lib/librte_cryptodev/rte_cryptodev_version.map
> @@ -89,13 +89,18 @@ DPDK_17.11 {
> EXPERIMENTAL {
> global:
>
> - rte_cryptodev_asym_get_private_session_size
> + rte_cryptodev_asym_capability_get;
> + rte_cryptodev_asym_get_private_session_size;
> + rte_cryptodev_asym_get_xform_enum;
> + rte_crypto_asym_op_strings;
> rte_cryptodev_asym_session_clear;
> rte_cryptodev_asym_session_create;
> rte_cryptodev_asym_session_free;
> rte_cryptodev_asym_session_init;
> - rte_cryptodev_asym_session_get_private_data
> - rte_cryptodev_asym_session_set_private_data
> + rte_cryptodev_asym_session_get_private_data;
> + rte_cryptodev_asym_session_set_private_data;
> + rte_cryptodev_asym_xfrm_capability_check_optype;
> + rte_crypto_asym_xform_strings;
Make sure that list is sorted alphabetically (rte_crypto_* should go at the end).
> rte_cryptodev_sym_session_get_private_data;
> rte_cryptodev_sym_session_set_private_data;
> } DPDK_17.11;
> --
> 2.14.3
Hi Shally,
> -----Original Message-----
> From: Shally Verma [mailto:shally.verma@caviumnetworks.com]
> Sent: Wednesday, May 16, 2018 7:05 AM
> To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
> Cc: Trahe, Fiona <fiona.trahe@intel.com>; akhil.goyal@nxp.com; dev@dpdk.org;
> pathreya@caviumnetworks.com; Sunila Sahu <sunila.sahu@caviumnetworks.com>; Ashish Gupta
> <ashish.gupta@caviumnetworks.com>
> Subject: [PATCH v3 3/6] lib/cryptodev: add asymmetric crypto capability in cryptodev
>
> Extend cryptodev with asymmetric capability APIs and
> definitions.
>
> changes from v2:
> - remove redundant xform_type from asym capability struct
> - rename rte_cryptodev_get_asym_xform_enum to
> be more consistent with other API names
>
> Signed-off-by: Shally Verma <shally.verma@caviumnetworks.com>
> Signed-off-by: Sunila Sahu <sunila.sahu@caviumnetworks.com>
> Signed-off-by: Ashish Gupta <ashish.gupta@caviumnetworks.com>
>
> ---
//snip//
> diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h
> index 623459a95..6c13d23f8 100644
> --- a/lib/librte_cryptodev/rte_cryptodev.h
> +++ b/lib/librte_cryptodev/rte_cryptodev.h
> @@ -178,6 +178,35 @@ struct rte_cryptodev_symmetric_capability {
> };
> };
>
> +/**
> + * Asymmetric Xform Crypto Capability
> + *
> + */
> +struct rte_cryptodev_asymmetric_xfrm_capability {
> + enum rte_crypto_asym_xform_type xform_type;
> + /**< Transform type: RSA/MODEXP/DH/DSA/MODINV */
> +
> + uint32_t op_types;
> + /**< bitmask for supported rte_crypto_asym_op_type */
> +
> + __extension__
> + union {
> + struct rte_crypto_param_range modlen;
> + /**< Range of modulus length supported by modulus based xform.
> + * Value 0 mean implementation default
> + */
[Fiona] Some other fields may be necessary here, e.g.
- A bitmask for supported RSA padding types
- Whether RSA private-key in quintuple format is supported
- Which hash-algorithms are supported if RSA padding = OAEP or PSS
- whether xform chaining is supported for DH keypair gen
These are not blockers for the first release, but are likely to be
needed before the experimental label is removed.
> + };
> +};
> +
> +/**
> + * Asymmetric Crypto Capability
> + *
> + */
> +struct rte_cryptodev_asymmetric_capability {
> + struct rte_cryptodev_asymmetric_xfrm_capability xfrm_capa;
> +};
[Fiona] Why the extra indirection?
Couldn't this be removed and the previous structure be
renamed rte_cryptodev_asymmetric_capability?
//snip//
> @@ -1164,7 +1265,7 @@ int __rte_experimental
> rte_cryptodev_asym_session_set_private_data(
[Fiona] I'd prefer to call this appl_data or appl_priv_data, I think the term private_data is
over-used, sometimes means PMD data and sometimes means appl data.
Btw- same is true of sym private_data - but changing that is out of scope for this patch
> struct rte_cryptodev_asym_session *sess,
> void *data,
> - uint16_t size)
> + uint16_t size);
>
> /**
> * Get private data of a session.
> @@ -1178,7 +1279,7 @@ rte_cryptodev_asym_session_set_private_data(
> */
> void * __rte_experimental
> rte_cryptodev_asym_session_get_private_data(
> - struct rte_cryptodev_asym_session *sess)
> + struct rte_cryptodev_asym_session *sess);
>
>
> #ifdef __cplusplus
> diff --git a/lib/librte_cryptodev/rte_cryptodev_version.map
> b/lib/librte_cryptodev/rte_cryptodev_version.map
> index 62b782444..817cf9f70 100644
> --- a/lib/librte_cryptodev/rte_cryptodev_version.map
> +++ b/lib/librte_cryptodev/rte_cryptodev_version.map
> @@ -89,13 +89,18 @@ DPDK_17.11 {
> EXPERIMENTAL {
> global:
>
> - rte_cryptodev_asym_get_private_session_size
> + rte_cryptodev_asym_capability_get;
> + rte_cryptodev_asym_get_private_session_size;
> + rte_cryptodev_asym_get_xform_enum;
> + rte_crypto_asym_op_strings;
> rte_cryptodev_asym_session_clear;
> rte_cryptodev_asym_session_create;
> rte_cryptodev_asym_session_free;
> rte_cryptodev_asym_session_init;
> - rte_cryptodev_asym_session_get_private_data
> - rte_cryptodev_asym_session_set_private_data
> + rte_cryptodev_asym_session_get_private_data;
> + rte_cryptodev_asym_session_set_private_data;
> + rte_cryptodev_asym_xfrm_capability_check_optype;
> + rte_crypto_asym_xform_strings;
> rte_cryptodev_sym_session_get_private_data;
> rte_cryptodev_sym_session_set_private_data;
> } DPDK_17.11;
> --
> 2.14.3
HI Fiona
Thanks for review. I was just about to send lib patch v4. So for now, I couldn't consider all input but some of them.
But , in any case, this version is experimental so it is open for further feedback after 1st version go in.
Rest, please see my feedback inline.
>-----Original Message-----
>From: Trahe, Fiona [mailto:fiona.trahe@intel.com]
>Sent: 03 July 2018 19:42
>To: Verma, Shally <Shally.Verma@cavium.com>; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
>Cc: akhil.goyal@nxp.com; dev@dpdk.org; Athreya, Narayana Prasad <NarayanaPrasad.Athreya@cavium.com>; Sahu, Sunila
><Sunila.Sahu@cavium.com>; Gupta, Ashish <Ashish.Gupta@cavium.com>; Trahe, Fiona <fiona.trahe@intel.com>
>Subject: RE: [PATCH v3 3/6] lib/cryptodev: add asymmetric crypto capability in cryptodev
>
>External Email
>
>Hi Shally,
>
>> -----Original Message-----
>> From: Shally Verma [mailto:shally.verma@caviumnetworks.com]
>> Sent: Wednesday, May 16, 2018 7:05 AM
>> To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>
>> Cc: Trahe, Fiona <fiona.trahe@intel.com>; akhil.goyal@nxp.com; dev@dpdk.org;
>> pathreya@caviumnetworks.com; Sunila Sahu <sunila.sahu@caviumnetworks.com>; Ashish Gupta
>> <ashish.gupta@caviumnetworks.com>
>> Subject: [PATCH v3 3/6] lib/cryptodev: add asymmetric crypto capability in cryptodev
>>
>> Extend cryptodev with asymmetric capability APIs and
>> definitions.
>>
>> changes from v2:
>> - remove redundant xform_type from asym capability struct
>> - rename rte_cryptodev_get_asym_xform_enum to
>> be more consistent with other API names
>>
>> Signed-off-by: Shally Verma <shally.verma@caviumnetworks.com>
>> Signed-off-by: Sunila Sahu <sunila.sahu@caviumnetworks.com>
>> Signed-off-by: Ashish Gupta <ashish.gupta@caviumnetworks.com>
>>
>> ---
>//snip//
>
>> diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h
>> index 623459a95..6c13d23f8 100644
>> --- a/lib/librte_cryptodev/rte_cryptodev.h
>> +++ b/lib/librte_cryptodev/rte_cryptodev.h
>> @@ -178,6 +178,35 @@ struct rte_cryptodev_symmetric_capability {
>> };
>> };
>>
>> +/**
>> + * Asymmetric Xform Crypto Capability
>> + *
>> + */
>> +struct rte_cryptodev_asymmetric_xfrm_capability {
>> + enum rte_crypto_asym_xform_type xform_type;
>> + /**< Transform type: RSA/MODEXP/DH/DSA/MODINV */
>> +
>> + uint32_t op_types;
>> + /**< bitmask for supported rte_crypto_asym_op_type */
>> +
>> + __extension__
>> + union {
>> + struct rte_crypto_param_range modlen;
>> + /**< Range of modulus length supported by modulus based xform.
>> + * Value 0 mean implementation default
>> + */
>[Fiona] Some other fields may be necessary here, e.g.
> - A bitmask for supported RSA padding types
> - Whether RSA private-key in quintuple format is supported
> - Which hash-algorithms are supported if RSA padding = OAEP or PSS
> - whether xform chaining is supported for DH keypair gen
>These are not blockers for the first release, but are likely to be
>needed before the experimental label is removed.
>
[Shally] Agree. Part of these capabilities might need to there as per xform capability.
But as you indicated, in any case, they are experimental right now, so let's have them added on a requirement basis once current is accepted.
>> + };
>> +};
>> +
>> +/**
>> + * Asymmetric Crypto Capability
>> + *
>> + */
>> +struct rte_cryptodev_asymmetric_capability {
>> + struct rte_cryptodev_asymmetric_xfrm_capability xfrm_capa;
>> +};
>[Fiona] Why the extra indirection?
>Couldn't this be removed and the previous structure be
>renamed rte_cryptodev_asymmetric_capability?
[Shally] it is to keep consistency in rte_cryptodev_capability which uses name asymmetric_capability on the similar line as symmetric.
But again, change is trivial, so if intended will do in subsequent versions.
>
>//snip//
>> @@ -1164,7 +1265,7 @@ int __rte_experimental
>> rte_cryptodev_asym_session_set_private_data(
>[Fiona] I'd prefer to call this appl_data or appl_priv_data, I think the term private_data is
>over-used, sometimes means PMD data and sometimes means appl data.
>Btw- same is true of sym private_data - but changing that is out of scope for this patch
>
[Shally] ok. I can change it to get_app_priv_data and set_app_priv_data
Thanks
Shally
>
>> struct rte_cryptodev_asym_session *sess,
>> void *data,
>> - uint16_t size)
>> + uint16_t size);
>>
>> /**
>> * Get private data of a session.
>> @@ -1178,7 +1279,7 @@ rte_cryptodev_asym_session_set_private_data(
>> */
>> void * __rte_experimental
>> rte_cryptodev_asym_session_get_private_data(
>> - struct rte_cryptodev_asym_session *sess)
>> + struct rte_cryptodev_asym_session *sess);
>>
>>
>> #ifdef __cplusplus
>> diff --git a/lib/librte_cryptodev/rte_cryptodev_version.map
>> b/lib/librte_cryptodev/rte_cryptodev_version.map
>> index 62b782444..817cf9f70 100644
>> --- a/lib/librte_cryptodev/rte_cryptodev_version.map
>> +++ b/lib/librte_cryptodev/rte_cryptodev_version.map
>> @@ -89,13 +89,18 @@ DPDK_17.11 {
>> EXPERIMENTAL {
>> global:
>>
>> - rte_cryptodev_asym_get_private_session_size
>> + rte_cryptodev_asym_capability_get;
>> + rte_cryptodev_asym_get_private_session_size;
>> + rte_cryptodev_asym_get_xform_enum;
>> + rte_crypto_asym_op_strings;
>> rte_cryptodev_asym_session_clear;
>> rte_cryptodev_asym_session_create;
>> rte_cryptodev_asym_session_free;
>> rte_cryptodev_asym_session_init;
>> - rte_cryptodev_asym_session_get_private_data
>> - rte_cryptodev_asym_session_set_private_data
>> + rte_cryptodev_asym_session_get_private_data;
>> + rte_cryptodev_asym_session_set_private_data;
>> + rte_cryptodev_asym_xfrm_capability_check_optype;
>> + rte_crypto_asym_xform_strings;
>> rte_cryptodev_sym_session_get_private_data;
>> rte_cryptodev_sym_session_set_private_data;
>> } DPDK_17.11;
>> --
>> 2.14.3
@@ -12,6 +12,7 @@ LIBABIVER := 4
# build flags
CFLAGS += -O3
CFLAGS += $(WERROR_FLAGS)
+CFLAGS += -DALLOW_EXPERIMENTAL_API
LDLIBS += -lrte_eal -lrte_mempool -lrte_ring -lrte_mbuf
LDLIBS += -lrte_kvargs
@@ -242,6 +242,24 @@ rte_cryptodev_get_aead_algo_enum(enum rte_crypto_aead_algorithm *algo_enum,
return -1;
}
+int __rte_experimental
+rte_cryptodev_asym_get_xform_enum(enum rte_crypto_asym_xform_type *xform_enum,
+ const char *xform_string)
+{
+ unsigned int i;
+
+ for (i = 1; i < RTE_DIM(rte_crypto_asym_xform_strings); i++) {
+ if (strcmp(xform_string,
+ rte_crypto_asym_xform_strings[i]) == 0) {
+ *xform_enum = (enum rte_crypto_asym_xform_type) i;
+ return 0;
+ }
+ }
+
+ /* Invalid string */
+ return -1;
+}
+
/**
* The crypto auth operation strings identifiers.
* It could be used in application command line.
@@ -287,6 +305,28 @@ rte_cryptodev_sym_capability_get(uint8_t dev_id,
}
+const struct rte_cryptodev_asymmetric_xfrm_capability * __rte_experimental
+rte_cryptodev_asym_capability_get(uint8_t dev_id,
+ const struct rte_cryptodev_asym_capability_idx *idx)
+{
+ const struct rte_cryptodev_capabilities *capability;
+ struct rte_cryptodev_info dev_info;
+ unsigned int i = 0;
+
+ memset(&dev_info, 0, sizeof(struct rte_cryptodev_info));
+ rte_cryptodev_info_get(dev_id, &dev_info);
+
+ while ((capability = &dev_info.capabilities[i++])->op !=
+ RTE_CRYPTO_OP_TYPE_UNDEFINED) {
+ if (capability->op != RTE_CRYPTO_OP_TYPE_ASYMMETRIC)
+ continue;
+
+ if (capability->asym.xfrm_capa.xform_type == idx->type)
+ return &capability->asym.xfrm_capa;
+ }
+ return NULL;
+};
+
#define param_range_check(x, y) \
(((x < y.min) || (x > y.max)) || \
(y.increment != 0 && (x % y.increment) != 0))
@@ -342,6 +382,39 @@ rte_cryptodev_sym_capability_check_aead(
return 0;
}
+int __rte_experimental
+rte_cryptodev_asym_xfrm_capability_check_optype(
+ const struct rte_cryptodev_asymmetric_xfrm_capability *capability,
+ enum rte_crypto_asym_op_type op_type)
+{
+ if (capability->op_types & (1 << op_type))
+ return 1;
+
+ return 0;
+}
+
+int __rte_experimental
+rte_cryptodev_asym_xfrm_capability_check_modlen(
+ const struct rte_cryptodev_asymmetric_xfrm_capability *capability,
+ uint16_t modlen)
+{
+ /* handle special case of 0 which means PMD doesn't define
+ * any limit
+ */
+ if ((capability->modlen.min != 0) &&
+ ((modlen < capability->modlen.min) ||
+ (capability->modlen.increment != 0 &&
+ (modlen % (capability->modlen.increment)))))
+ return -1;
+ if ((capability->modlen.max != 0) &&
+ ((modlen > capability->modlen.max) ||
+ (capability->modlen.increment != 0 &&
+ (modlen % (capability->modlen.increment)))))
+ return -1;
+
+ return 0;
+}
+
const char *
rte_cryptodev_get_feature_name(uint64_t flag)
@@ -178,6 +178,35 @@ struct rte_cryptodev_symmetric_capability {
};
};
+/**
+ * Asymmetric Xform Crypto Capability
+ *
+ */
+struct rte_cryptodev_asymmetric_xfrm_capability {
+ enum rte_crypto_asym_xform_type xform_type;
+ /**< Transform type: RSA/MODEXP/DH/DSA/MODINV */
+
+ uint32_t op_types;
+ /**< bitmask for supported rte_crypto_asym_op_type */
+
+ __extension__
+ union {
+ struct rte_crypto_param_range modlen;
+ /**< Range of modulus length supported by modulus based xform.
+ * Value 0 mean implementation default
+ */
+ };
+};
+
+/**
+ * Asymmetric Crypto Capability
+ *
+ */
+struct rte_cryptodev_asymmetric_capability {
+ struct rte_cryptodev_asymmetric_xfrm_capability xfrm_capa;
+};
+
+
/** Structure used to capture a capability of a crypto device */
struct rte_cryptodev_capabilities {
enum rte_crypto_op_type op;
@@ -187,6 +216,8 @@ struct rte_cryptodev_capabilities {
union {
struct rte_cryptodev_symmetric_capability sym;
/**< Symmetric operation capability parameters */
+ struct rte_cryptodev_asymmetric_capability asym;
+ /**< Asymmetric operation capability parameters */
};
};
@@ -201,7 +232,17 @@ struct rte_cryptodev_sym_capability_idx {
};
/**
- * Provide capabilities available for defined device and algorithm
+ * Structure used to describe asymmetric crypto xforms
+ * Each xform maps to one asym algorithm.
+ *
+ */
+struct rte_cryptodev_asym_capability_idx {
+ enum rte_crypto_asym_xform_type type;
+ /**< Asymmetric xform (algo) type */
+};
+
+/**
+ * Provide capabilities available for defined device and algorithm
*
* @param dev_id The identifier of the device.
* @param idx Description of crypto algorithms.
@@ -214,6 +255,20 @@ const struct rte_cryptodev_symmetric_capability *
rte_cryptodev_sym_capability_get(uint8_t dev_id,
const struct rte_cryptodev_sym_capability_idx *idx);
+/**
+ * Provide capabilities available for defined device and algorithm
+ *
+ * @param dev_id The identifier of the device.
+ * @param algo Description of crypto algorithms.
+ *
+ * @return
+ * - Return description of the asymmetric crypto capability if exist.
+ * - Return NULL if the capability not exist.
+ */
+const struct rte_cryptodev_asymmetric_xfrm_capability * __rte_experimental
+rte_cryptodev_asym_capability_get(uint8_t dev_id,
+ const struct rte_cryptodev_asym_capability_idx *idx);
+
/**
* Check if key size and initial vector are supported
* in crypto cipher capability
@@ -269,6 +324,36 @@ rte_cryptodev_sym_capability_check_aead(
uint16_t key_size, uint16_t digest_size, uint16_t aad_size,
uint16_t iv_size);
+/**
+ * Check if op type is supported
+ *
+ * @param capability Description of the asymmetric crypto capability.
+ * @param op_type op type
+ *
+ * @return
+ * - Return 1 if the op type is supported
+ * - Return 0 if unsupported
+ */
+int __rte_experimental
+rte_cryptodev_asym_xfrm_capability_check_optype(
+ const struct rte_cryptodev_asymmetric_xfrm_capability *capability,
+ enum rte_crypto_asym_op_type op_type);
+
+/**
+ * Check if modulus length is in supported range
+ *
+ * @param capability Description of the asymmetric crypto capability.
+ * @param modlen modulus length.
+ *
+ * @return
+ * - Return 0 if the parameters are in range of the capability.
+ * - Return -1 if the parameters are out of range of the capability.
+ */
+int __rte_experimental
+rte_cryptodev_asym_xfrm_capability_check_modlen(
+ const struct rte_cryptodev_asymmetric_xfrm_capability *capability,
+ uint16_t modlen);
+
/**
* Provide the cipher algorithm enum, given an algorithm string
*
@@ -314,6 +399,22 @@ int
rte_cryptodev_get_aead_algo_enum(enum rte_crypto_aead_algorithm *algo_enum,
const char *algo_string);
+/**
+ * Provide the Asymmetric xform enum, given an xform string
+ *
+ * @param xform_enum A pointer to the xform type
+ * enum to be filled
+ * @param xform_string xform string
+ *
+ * @return
+ * - Return -1 if string is not valid
+ * - Return 0 if the string is valid
+ */
+int __rte_experimental
+rte_cryptodev_asym_get_xform_enum(enum rte_crypto_asym_xform_type *xform_enum,
+ const char *xform_string);
+
+
/** Macro used at end of crypto PMD list */
#define RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST() \
{ RTE_CRYPTO_OP_TYPE_UNDEFINED }
@@ -1164,7 +1265,7 @@ int __rte_experimental
rte_cryptodev_asym_session_set_private_data(
struct rte_cryptodev_asym_session *sess,
void *data,
- uint16_t size)
+ uint16_t size);
/**
* Get private data of a session.
@@ -1178,7 +1279,7 @@ rte_cryptodev_asym_session_set_private_data(
*/
void * __rte_experimental
rte_cryptodev_asym_session_get_private_data(
- struct rte_cryptodev_asym_session *sess)
+ struct rte_cryptodev_asym_session *sess);
#ifdef __cplusplus
@@ -89,13 +89,18 @@ DPDK_17.11 {
EXPERIMENTAL {
global:
- rte_cryptodev_asym_get_private_session_size
+ rte_cryptodev_asym_capability_get;
+ rte_cryptodev_asym_get_private_session_size;
+ rte_cryptodev_asym_get_xform_enum;
+ rte_crypto_asym_op_strings;
rte_cryptodev_asym_session_clear;
rte_cryptodev_asym_session_create;
rte_cryptodev_asym_session_free;
rte_cryptodev_asym_session_init;
- rte_cryptodev_asym_session_get_private_data
- rte_cryptodev_asym_session_set_private_data
+ rte_cryptodev_asym_session_get_private_data;
+ rte_cryptodev_asym_session_set_private_data;
+ rte_cryptodev_asym_xfrm_capability_check_optype;
+ rte_crypto_asym_xform_strings;
rte_cryptodev_sym_session_get_private_data;
rte_cryptodev_sym_session_set_private_data;
} DPDK_17.11;