1 /* SPDX-License-Identifier: BSD-3-Clause 2 * Copyright(c) 2018 Cavium Networks 3 */ 4 5 #ifndef _RTE_CRYPTO_ASYM_H_ 6 #define _RTE_CRYPTO_ASYM_H_ 7 8 /** 9 * @file rte_crypto_asym.h 10 * 11 * RTE Definitions for Asymmetric Cryptography 12 * 13 * Defines asymmetric algorithms and modes, as well as supported 14 * asymmetric crypto operations. 15 */ 16 17 #include <string.h> 18 #include <stdint.h> 19 20 #include <rte_memory.h> 21 #include <rte_mempool.h> 22 #include <rte_common.h> 23 24 #include "rte_crypto_sym.h" 25 26 struct rte_cryptodev_asym_session; 27 28 /** asym key exchange operation type name strings */ 29 extern const char * 30 rte_crypto_asym_ke_strings[]; 31 32 /** asym operations type name strings */ 33 extern const char * 34 rte_crypto_asym_op_strings[]; 35 36 #define RTE_CRYPTO_ASYM_FLAG_PUB_KEY_NO_PADDING RTE_BIT32(0) 37 /**< 38 * Flag to denote public key will be returned without leading zero bytes 39 * and if the flag is not set, public key will be padded to the left with 40 * zeros to the size of the underlying algorithm (default) 41 */ 42 #define RTE_CRYPTO_ASYM_FLAG_SHARED_KEY_NO_PADDING RTE_BIT32(1) 43 /**< 44 * Flag to denote shared secret will be returned without leading zero bytes 45 * and if the flag is not set, shared secret will be padded to the left with 46 * zeros to the size of the underlying algorithm (default) 47 */ 48 #define RTE_CRYPTO_ASYM_FLAG_PUB_KEY_COMPRESSED RTE_BIT32(2) 49 /**< 50 * Flag to denote public key will be returned in compressed form 51 */ 52 53 /** 54 * List of elliptic curves. This enum aligns with 55 * TLS "Supported Groups" registry (previously known as 56 * NamedCurve registry). FFDH groups are not, and will not 57 * be included in this list. 58 * Deprecation for selected curve in TLS does not deprecate 59 * the selected curve in Cryptodev. 60 * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml 61 */ 62 enum rte_crypto_curve_id { 63 RTE_CRYPTO_EC_GROUP_SECP192R1 = 19, 64 RTE_CRYPTO_EC_GROUP_SECP224R1 = 21, 65 RTE_CRYPTO_EC_GROUP_SECP256R1 = 23, 66 RTE_CRYPTO_EC_GROUP_SECP384R1 = 24, 67 RTE_CRYPTO_EC_GROUP_SECP521R1 = 25, 68 RTE_CRYPTO_EC_GROUP_ED25519 = 29, 69 RTE_CRYPTO_EC_GROUP_ED448 = 30, 70 RTE_CRYPTO_EC_GROUP_SM2 = 41, 71 }; 72 73 /** 74 * List of Edwards curve instances as per RFC 8032 (Section 5). 75 */ 76 enum rte_crypto_edward_instance { 77 RTE_CRYPTO_EDCURVE_25519, 78 RTE_CRYPTO_EDCURVE_25519CTX, 79 RTE_CRYPTO_EDCURVE_25519PH, 80 RTE_CRYPTO_EDCURVE_448, 81 RTE_CRYPTO_EDCURVE_448PH 82 }; 83 84 /** 85 * Asymmetric crypto transformation types. 86 * Each xform type maps to one asymmetric algorithm 87 * performing specific operation 88 */ 89 enum rte_crypto_asym_xform_type { 90 RTE_CRYPTO_ASYM_XFORM_UNSPECIFIED = 0, 91 /**< Invalid xform. */ 92 RTE_CRYPTO_ASYM_XFORM_NONE, 93 /**< Xform type None. 94 * May be supported by PMD to support 95 * passthrough op for debugging purpose. 96 * if xform_type none , op_type is disregarded. 97 */ 98 RTE_CRYPTO_ASYM_XFORM_RSA, 99 /**< RSA. Performs Encrypt, Decrypt, Sign and Verify. 100 * Refer to rte_crypto_asym_op_type 101 */ 102 RTE_CRYPTO_ASYM_XFORM_DH, 103 /**< Diffie-Hellman. 104 * Performs Key Generate and Shared Secret Compute. 105 * Refer to rte_crypto_asym_op_type 106 */ 107 RTE_CRYPTO_ASYM_XFORM_DSA, 108 /**< Digital Signature Algorithm 109 * Performs Signature Generation and Verification. 110 * Refer to rte_crypto_asym_op_type 111 */ 112 RTE_CRYPTO_ASYM_XFORM_MODINV, 113 /**< Modular Multiplicative Inverse 114 * Perform Modular Multiplicative Inverse b^(-1) mod n 115 */ 116 RTE_CRYPTO_ASYM_XFORM_MODEX, 117 /**< Modular Exponentiation 118 * Perform Modular Exponentiation b^e mod n 119 */ 120 RTE_CRYPTO_ASYM_XFORM_ECDSA, 121 /**< Elliptic Curve Digital Signature Algorithm 122 * Perform Signature Generation and Verification. 123 */ 124 RTE_CRYPTO_ASYM_XFORM_ECDH, 125 /**< Elliptic Curve Diffie Hellman */ 126 RTE_CRYPTO_ASYM_XFORM_ECPM, 127 /**< Elliptic Curve Point Multiplication */ 128 RTE_CRYPTO_ASYM_XFORM_ECFPM, 129 /**< Elliptic Curve Fixed Point Multiplication */ 130 RTE_CRYPTO_ASYM_XFORM_SM2, 131 /**< ShangMi 2 132 * Performs Encrypt, Decrypt, Sign and Verify. 133 * Refer to rte_crypto_asym_op_type. 134 */ 135 RTE_CRYPTO_ASYM_XFORM_EDDSA, 136 /**< Edwards Curve Digital Signature Algorithm 137 * Perform Signature Generation and Verification. 138 */ 139 RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END 140 /**< End of list */ 141 }; 142 143 /** 144 * Asymmetric crypto operation type variants 145 */ 146 enum rte_crypto_asym_op_type { 147 RTE_CRYPTO_ASYM_OP_ENCRYPT, 148 /**< Asymmetric Encrypt operation */ 149 RTE_CRYPTO_ASYM_OP_DECRYPT, 150 /**< Asymmetric Decrypt operation */ 151 RTE_CRYPTO_ASYM_OP_SIGN, 152 /**< Signature Generation operation */ 153 RTE_CRYPTO_ASYM_OP_VERIFY, 154 /**< Signature Verification operation */ 155 RTE_CRYPTO_ASYM_OP_LIST_END 156 }; 157 158 /** 159 * Asymmetric crypto key exchange operation type 160 */ 161 enum rte_crypto_asym_ke_type { 162 RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE, 163 /**< Private Key generation operation */ 164 RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE, 165 /**< Public Key generation operation */ 166 RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE, 167 /**< Shared Secret compute operation */ 168 RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY 169 /**< Public Key Verification - can be used for 170 * elliptic curve point validation. 171 */ 172 }; 173 174 /** 175 * Padding types for RSA signature. 176 */ 177 enum rte_crypto_rsa_padding_type { 178 RTE_CRYPTO_RSA_PADDING_NONE = 0, 179 /**< RSA no padding scheme */ 180 RTE_CRYPTO_RSA_PADDING_PKCS1_5, 181 /**< RSA PKCS#1 PKCS1-v1_5 padding scheme. For signatures block type 01, 182 * for encryption block type 02 are used. 183 */ 184 RTE_CRYPTO_RSA_PADDING_OAEP, 185 /**< RSA PKCS#1 OAEP padding scheme */ 186 RTE_CRYPTO_RSA_PADDING_PSS, 187 /**< RSA PKCS#1 PSS padding scheme */ 188 RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END 189 }; 190 191 /** 192 * RSA private key type enumeration 193 * 194 * enumerates private key format required to perform RSA crypto 195 * transform. 196 */ 197 enum rte_crypto_rsa_priv_key_type { 198 RTE_RSA_KEY_TYPE_EXP, 199 /**< RSA private key is an exponent */ 200 RTE_RSA_KEY_TYPE_QT, 201 /**< RSA private key is in quintuple format 202 * See rte_crypto_rsa_priv_key_qt 203 */ 204 }; 205 206 /** 207 * Buffer to hold crypto params required for asym operations. 208 * 209 * These buffers can be used for both input to PMD and output from PMD. When 210 * used for output from PMD, application has to ensure the buffer is large 211 * enough to hold the target data. 212 * 213 * If an operation requires the PMD to generate a random number, 214 * and the device supports CSRNG, 'data' should be set to NULL. 215 * The crypto parameter in question will not be used by the PMD, 216 * as it is internally generated. 217 */ 218 typedef struct rte_crypto_param_t { 219 uint8_t *data; 220 /**< pointer to buffer holding data */ 221 rte_iova_t iova; 222 /**< IO address of data buffer */ 223 size_t length; 224 /**< length of data in bytes */ 225 } rte_crypto_param; 226 227 /** Unsigned big-integer in big-endian format */ 228 typedef rte_crypto_param rte_crypto_uint; 229 230 /** 231 * Structure for elliptic curve point 232 */ 233 struct rte_crypto_ec_point { 234 rte_crypto_param x; 235 /**< X coordinate */ 236 rte_crypto_param y; 237 /**< Y coordinate */ 238 }; 239 240 /** 241 * Structure describing RSA private key in quintuple format. 242 * See PKCS V1.5 RSA Cryptography Standard. 243 */ 244 struct rte_crypto_rsa_priv_key_qt { 245 rte_crypto_uint p; 246 /**< the first factor */ 247 rte_crypto_uint q; 248 /**< the second factor */ 249 rte_crypto_uint dP; 250 /**< the first factor's CRT exponent */ 251 rte_crypto_uint dQ; 252 /**< the second's factor's CRT exponent */ 253 rte_crypto_uint qInv; 254 /**< the CRT coefficient */ 255 }; 256 257 /** 258 * RSA padding type 259 */ 260 struct rte_crypto_rsa_padding { 261 enum rte_crypto_rsa_padding_type type; 262 /**< RSA padding scheme to be used for transform */ 263 enum rte_crypto_auth_algorithm hash; 264 /**< 265 * RSA padding hash algorithm 266 * Valid hash algorithms are: 267 * MD5, SHA1, SHA224, SHA256, SHA384, SHA512 268 * 269 * When a specific padding type is selected, the following rules apply: 270 * - RTE_CRYPTO_RSA_PADDING_NONE: 271 * This field is ignored by the PMD 272 * 273 * - RTE_CRYPTO_RSA_PADDING_PKCS1_5: 274 * When signing an operation this field is used to determine value 275 * of the DigestInfo structure, therefore specifying which algorithm 276 * was used to create the message digest. 277 * When doing encryption/decryption this field is ignored for this 278 * padding type. 279 * 280 * - RTE_CRYPTO_RSA_PADDING_OAEP 281 * This field shall be set with the hash algorithm used 282 * in the padding scheme 283 * 284 * - RTE_CRYPTO_RSA_PADDING_PSS 285 * This field shall be set with the hash algorithm used 286 * in the padding scheme (and to create the input message digest) 287 */ 288 enum rte_crypto_auth_algorithm mgf1hash; 289 /**< 290 * Hash algorithm to be used for mask generation if the 291 * padding scheme is either OAEP or PSS. If the padding 292 * scheme is unspecified a data hash algorithm is used 293 * for mask generation. Valid hash algorithms are: 294 * MD5, SHA1, SHA224, SHA256, SHA384, SHA512 295 */ 296 uint16_t pss_saltlen; 297 /**< 298 * RSA PSS padding salt length 299 * 300 * Used only when RTE_CRYPTO_RSA_PADDING_PSS padding is selected, 301 * otherwise ignored. 302 */ 303 rte_crypto_param oaep_label; 304 /**< 305 * RSA OAEP padding optional label 306 * 307 * Used only when RTE_CRYPTO_RSA_PADDING_OAEP padding is selected, 308 * otherwise ignored. If label.data == NULL, a default 309 * label (empty string) is used. 310 */ 311 }; 312 313 /** 314 * Asymmetric RSA transform data 315 * 316 * Structure describing RSA xform params 317 */ 318 struct rte_crypto_rsa_xform { 319 rte_crypto_uint n; 320 /**< the RSA modulus */ 321 rte_crypto_uint e; 322 /**< the RSA public exponent */ 323 324 enum rte_crypto_rsa_priv_key_type key_type; 325 326 struct { 327 rte_crypto_uint d; 328 /**< the RSA private exponent */ 329 struct rte_crypto_rsa_priv_key_qt qt; 330 /**< qt - Private key in quintuple format */ 331 }; 332 333 struct rte_crypto_rsa_padding padding; 334 /**< RSA padding information */ 335 }; 336 337 /** 338 * Asymmetric Modular exponentiation transform data 339 * 340 * Structure describing modular exponentiation xform param 341 */ 342 struct rte_crypto_modex_xform { 343 rte_crypto_uint modulus; 344 /**< Modulus data for modexp transform operation */ 345 rte_crypto_uint exponent; 346 /**< Exponent of the modexp transform operation */ 347 }; 348 349 /** 350 * Asymmetric modular multiplicative inverse transform operation 351 * 352 * Structure describing modular multiplicative inverse transform 353 */ 354 struct rte_crypto_modinv_xform { 355 rte_crypto_uint modulus; 356 /**< Modulus data for modular multiplicative inverse operation */ 357 }; 358 359 /** 360 * Asymmetric DH transform data 361 * 362 * Structure describing deffie-hellman xform params 363 */ 364 struct rte_crypto_dh_xform { 365 rte_crypto_uint p; 366 /**< Prime modulus data */ 367 rte_crypto_uint g; 368 /**< DH Generator */ 369 }; 370 371 /** 372 * Asymmetric Digital Signature transform operation 373 * 374 * Structure describing DSA xform params 375 */ 376 struct rte_crypto_dsa_xform { 377 rte_crypto_uint p; 378 /**< Prime modulus */ 379 rte_crypto_uint q; 380 /**< Order of the subgroup */ 381 rte_crypto_uint g; 382 /**< Generator of the subgroup */ 383 rte_crypto_uint x; 384 /**< x: Private key of the signer */ 385 }; 386 387 /** 388 * Asymmetric elliptic curve transform data 389 * 390 * Structure describing all EC based xform params 391 */ 392 struct rte_crypto_ec_xform { 393 enum rte_crypto_curve_id curve_id; 394 /**< Pre-defined ec groups */ 395 396 rte_crypto_uint pkey; 397 /**< Private key */ 398 399 struct rte_crypto_ec_point q; 400 /**< Public key */ 401 }; 402 403 /** 404 * Operations params for modular operations: 405 * exponentiation and multiplicative inverse 406 */ 407 struct rte_crypto_mod_op_param { 408 rte_crypto_uint base; 409 /**< Base of modular exponentiation/multiplicative inverse. */ 410 rte_crypto_uint result; 411 /**< Result of modular exponentiation/multiplicative inverse. */ 412 }; 413 414 /** 415 * RSA operation params 416 */ 417 struct rte_crypto_rsa_op_param { 418 enum rte_crypto_asym_op_type op_type; 419 /**< Type of RSA operation for transform */ 420 421 rte_crypto_param message; 422 /**< 423 * Pointer to input data 424 * - to be encrypted for RSA public encrypt. 425 * - to be signed for RSA sign generation. 426 * - to be authenticated for RSA sign verification. 427 * 428 * Pointer to output data 429 * - for RSA private decrypt. 430 * In this case the underlying array should have been 431 * allocated with enough memory to hold plaintext output 432 * (i.e. must be at least RSA key size). The message.length 433 * field could be either 0 or minimal length expected from PMD. 434 * This could be validated and overwritten by the PMD 435 * with the decrypted length. 436 */ 437 438 rte_crypto_param cipher; 439 /**< 440 * Pointer to input data 441 * - to be decrypted for RSA private decrypt. 442 * 443 * Pointer to output data 444 * - for RSA public encrypt. 445 * In this case the underlying array should have been allocated 446 * with enough memory to hold ciphertext output (i.e. must be 447 * at least RSA key size). The cipher.length field could be 448 * either 0 or minimal length expected from PMD. 449 * This could be validated and overwritten by the PMD 450 * with the encrypted length. 451 * 452 * When RTE_CRYPTO_RSA_PADDING_NONE and RTE_CRYPTO_ASYM_OP_VERIFY 453 * selected, this is an output of decrypted signature. 454 */ 455 456 rte_crypto_param sign; 457 /**< 458 * Pointer to input data 459 * - to be verified for RSA public decrypt. 460 * 461 * Pointer to output data 462 * - for RSA private encrypt. 463 * In this case the underlying array should have been allocated 464 * with enough memory to hold signature output (i.e. must be 465 * at least RSA key size). The sign.length field could be 466 * either 0 or minimal length expected from PMD. 467 * This could be validated and overwritten by the PMD 468 * with the signature length. 469 */ 470 }; 471 472 /** 473 * Diffie-Hellman Operations params. 474 * @note: 475 */ 476 struct rte_crypto_dh_op_param { 477 enum rte_crypto_asym_ke_type ke_type; 478 /**< Key exchange operation type */ 479 rte_crypto_uint priv_key; 480 /**< 481 * Output - generated private key when ke_type is 482 * RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE. 483 * 484 * Input - private key when ke_type is one of: 485 * RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE, 486 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE. 487 * 488 * In case priv_key.length is 0 and ke_type is set with 489 * RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE, CSRNG capable 490 * device will generate a private key and use it for public 491 * key generation. 492 */ 493 rte_crypto_uint pub_key; 494 /**< 495 * Output - generated public key when ke_type is 496 * RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE. 497 * 498 * Input - peer's public key when ke_type is 499 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE. 500 */ 501 rte_crypto_uint shared_secret; 502 /**< 503 * Output - calculated shared secret when ke_type is 504 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE. 505 */ 506 }; 507 508 /** 509 * Elliptic Curve Diffie-Hellman Operations params. 510 */ 511 struct rte_crypto_ecdh_op_param { 512 enum rte_crypto_asym_ke_type ke_type; 513 /**< Key exchange operation type */ 514 rte_crypto_uint priv_key; 515 /**< 516 * Output - generated private key when ke_type is 517 * RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE. 518 * 519 * Input - private key when ke_type is one of: 520 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE, 521 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE. 522 * 523 * In case priv_key.length is 0 and ke_type is set with 524 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE, CSRNG capable 525 * device will generate private key and use it for public 526 * key generation. 527 */ 528 struct rte_crypto_ec_point pub_key; 529 /**< 530 * Output - generated public key when ke_type is 531 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE. 532 * 533 * Input - peer's public key, when ke_type is one of: 534 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE, 535 * RTE_CRYPTO_ASYM_KE_EC_PUBLIC_KEY_VERIFY. 536 */ 537 struct rte_crypto_ec_point shared_secret; 538 /**< 539 * Output - calculated shared secret when ke_type is 540 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE. 541 */ 542 }; 543 544 /** 545 * DSA Operations params 546 */ 547 struct rte_crypto_dsa_op_param { 548 enum rte_crypto_asym_op_type op_type; 549 /**< Signature Generation or Verification */ 550 rte_crypto_param message; 551 /**< input message to be signed or verified */ 552 rte_crypto_uint k; 553 /**< Per-message secret number, which is an integer 554 * in the interval (1, q-1). 555 * If the random number is generated by the PMD, 556 * the 'rte_crypto_param.data' parameter should be set to NULL. 557 */ 558 rte_crypto_uint r; 559 /**< dsa sign component 'r' value 560 * 561 * output if op_type = sign generate, 562 * input if op_type = sign verify 563 */ 564 rte_crypto_uint s; 565 /**< dsa sign component 's' value 566 * 567 * output if op_type = sign generate, 568 * input if op_type = sign verify 569 */ 570 rte_crypto_uint y; 571 /**< y : Public key of the signer. 572 * y = g^x mod p 573 */ 574 }; 575 576 /** 577 * ECDSA operation params 578 */ 579 struct rte_crypto_ecdsa_op_param { 580 enum rte_crypto_asym_op_type op_type; 581 /**< Signature generation or verification */ 582 583 rte_crypto_param message; 584 /**< Input message digest to be signed or verified */ 585 586 rte_crypto_uint k; 587 /**< The ECDSA per-message secret number, which is an integer 588 * in the interval (1, n-1). 589 * If the random number is generated by the PMD, 590 * the 'rte_crypto_param.data' parameter should be set to NULL. 591 */ 592 593 rte_crypto_uint r; 594 /**< r component of elliptic curve signature 595 * output : for signature generation 596 * input : for signature verification 597 */ 598 rte_crypto_uint s; 599 /**< s component of elliptic curve signature 600 * output : for signature generation 601 * input : for signature verification 602 */ 603 }; 604 605 /** 606 * EdDSA operation params 607 */ 608 struct rte_crypto_eddsa_op_param { 609 enum rte_crypto_asym_op_type op_type; 610 /**< Signature generation or verification */ 611 612 rte_crypto_param message; 613 /**< Input message digest to be signed or verified */ 614 615 rte_crypto_param context; 616 /**< Context value for the sign op. 617 * Must not be empty for Ed25519ctx instance. 618 */ 619 620 enum rte_crypto_edward_instance instance; 621 /**< Type of Edwards curve. */ 622 623 rte_crypto_uint sign; 624 /**< Edward curve signature 625 * output : for signature generation 626 * input : for signature verification 627 */ 628 }; 629 630 /** 631 * Structure for EC point multiplication operation param 632 */ 633 struct rte_crypto_ecpm_op_param { 634 struct rte_crypto_ec_point p; 635 /**< x and y coordinates of input point */ 636 637 struct rte_crypto_ec_point r; 638 /**< x and y coordinates of resultant point */ 639 640 rte_crypto_param scalar; 641 /**< Scalar to multiply the input point */ 642 }; 643 644 /** 645 * Asymmetric crypto transform data 646 * 647 * Structure describing asym xforms. 648 */ 649 struct rte_crypto_asym_xform { 650 struct rte_crypto_asym_xform *next; 651 /**< Pointer to next xform to set up xform chain.*/ 652 enum rte_crypto_asym_xform_type xform_type; 653 /**< Asymmetric crypto transform */ 654 655 union { 656 struct rte_crypto_rsa_xform rsa; 657 /**< RSA xform parameters */ 658 659 struct rte_crypto_modex_xform modex; 660 /**< Modular Exponentiation xform parameters */ 661 662 struct rte_crypto_modinv_xform modinv; 663 /**< Modular Multiplicative Inverse xform parameters */ 664 665 struct rte_crypto_dh_xform dh; 666 /**< DH xform parameters */ 667 668 struct rte_crypto_dsa_xform dsa; 669 /**< DSA xform parameters */ 670 671 struct rte_crypto_ec_xform ec; 672 /**< EC xform parameters, used by elliptic curve based 673 * operations. 674 */ 675 }; 676 }; 677 678 /** 679 * SM2 operation capabilities 680 */ 681 enum rte_crypto_sm2_op_capa { 682 RTE_CRYPTO_SM2_RNG, 683 /**< Random number generator supported in SM2 ops. */ 684 RTE_CRYPTO_SM2_PH, 685 /**< Prehash message before crypto op. */ 686 }; 687 688 /** 689 * SM2 operation params. 690 */ 691 struct rte_crypto_sm2_op_param { 692 enum rte_crypto_asym_op_type op_type; 693 /**< Signature generation or verification. */ 694 695 enum rte_crypto_auth_algorithm hash; 696 /**< Hash algorithm used in EC op. */ 697 698 rte_crypto_param message; 699 /**< 700 * Pointer to input data 701 * - to be encrypted for SM2 public encrypt. 702 * - to be signed for SM2 sign generation. 703 * - to be authenticated for SM2 sign verification. 704 * 705 * Pointer to output data 706 * - for SM2 private decrypt. 707 * In this case the underlying array should have been 708 * allocated with enough memory to hold plaintext output 709 * (at least encrypted text length). The message.length field 710 * will be overwritten by the PMD with the decrypted length. 711 */ 712 713 rte_crypto_param cipher; 714 /**< 715 * Pointer to input data 716 * - to be decrypted for SM2 private decrypt. 717 * 718 * Pointer to output data 719 * - for SM2 public encrypt. 720 * In this case the underlying array should have been allocated 721 * with enough memory to hold ciphertext output (at least X bytes 722 * for prime field curve of N bytes and for message M bytes, 723 * where X = (C1 || C2 || C3) and computed based on SM2 RFC as 724 * C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will 725 * be overwritten by the PMD with the encrypted length. 726 */ 727 728 rte_crypto_uint id; 729 /**< The SM2 id used by signer and verifier. */ 730 731 rte_crypto_uint k; 732 /**< The SM2 per-message secret number, which is an integer 733 * in the interval (1, n-1). 734 * If the random number is generated by the PMD, 735 * the 'rte_crypto_param.data' parameter should be set to NULL. 736 */ 737 738 rte_crypto_uint r; 739 /**< r component of elliptic curve signature 740 * output : for signature generation (of at least N bytes 741 * where prime field length is N bytes) 742 * input : for signature verification 743 */ 744 rte_crypto_uint s; 745 /**< s component of elliptic curve signature 746 * output : for signature generation (of at least N bytes 747 * where prime field length is N bytes) 748 * input : for signature verification 749 */ 750 }; 751 752 /** 753 * Asymmetric Cryptographic Operation. 754 * 755 * Structure describing asymmetric crypto operation params. 756 */ 757 struct rte_crypto_asym_op { 758 union { 759 struct rte_cryptodev_asym_session *session; 760 /**< Handle for the initialised session context */ 761 struct rte_crypto_asym_xform *xform; 762 /**< Session-less API crypto operation parameters */ 763 }; 764 765 union { 766 struct rte_crypto_rsa_op_param rsa; 767 struct rte_crypto_mod_op_param modex; 768 struct rte_crypto_mod_op_param modinv; 769 struct rte_crypto_dh_op_param dh; 770 struct rte_crypto_ecdh_op_param ecdh; 771 struct rte_crypto_dsa_op_param dsa; 772 struct rte_crypto_ecdsa_op_param ecdsa; 773 struct rte_crypto_ecpm_op_param ecpm; 774 struct rte_crypto_sm2_op_param sm2; 775 struct rte_crypto_eddsa_op_param eddsa; 776 }; 777 uint16_t flags; 778 /**< 779 * Asymmetric crypto operation flags. 780 * Please refer to the RTE_CRYPTO_ASYM_FLAG_*. 781 */ 782 }; 783 784 #endif /* _RTE_CRYPTO_ASYM_H_ */ 785