d/numam-dpdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

cryptodev: add public key verify option

Browse Source 
- Added key exchange public key verify option.
For some elliptic curves public point in DH exchange
needs to be checked, if it lays on the curve.
Modular exponentiation needs certain checks as well,
though mathematically much easier.
This commit adds verify option to asym_op operations.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
This commit is contained in:
Arek Kusztal 2022-06-01 10:02:44 +01:00 committed by Akhil Goyal
parent 96db98db69
commit 2adb852923
2 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/cryptodev/rte_crypto_asym.h
View File

@ -130,8 +130,12 @@ enum rte_crypto_asym_ke_type {
/**< Private Key generation operation */
RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE,
/**< Public Key generation operation */
RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE
RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE,
/**< Shared Secret compute operation */
RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY
/**< Public Key Verification - can be used for
* elliptic curve point validation.
*/
};
/**
@ -455,8 +459,9 @@ struct rte_crypto_ecdh_op_param {
* Output - generated public key when ke_type is
* RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE.
*
* Input - peer's public key when ke_type is
* RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE.
* Input - peer's public key, when ke_type is one of:
* RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE,
* RTE_CRYPTO_ASYM_KE_EC_PUBLIC_KEY_VERIFY.
*/
struct rte_crypto_ec_point shared_secret;
/**<

3
lib/cryptodev/rte_cryptodev.c
View File

@ -186,7 +186,8 @@ const char *rte_crypto_asym_op_strings[] = {
const char *rte_crypto_asym_ke_strings[] = {
[RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE] = "priv_key_generate",
[RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE] = "pub_key_generate",
[RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE] = "sharedsecret_compute"
[RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE] = "sharedsecret_compute",
[RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY] = "pub_ec_key_verify"
};
/**