1 /* SPDX-License-Identifier: BSD-3-Clause 2 * Copyright(c) 2018 Cavium Networks 3 */ 4 5 #ifndef _RTE_CRYPTO_ASYM_H_ 6 #define _RTE_CRYPTO_ASYM_H_ 7 8 /** 9 * @file rte_crypto_asym.h 10 * 11 * RTE Definitions for Asymmetric Cryptography 12 * 13 * Defines asymmetric algorithms and modes, as well as supported 14 * asymmetric crypto operations. 15 */ 16 17 #ifdef __cplusplus 18 extern "C" { 19 #endif 20 21 #include <string.h> 22 #include <stdint.h> 23 24 #include <rte_memory.h> 25 #include <rte_mempool.h> 26 #include <rte_common.h> 27 28 #include "rte_crypto_sym.h" 29 30 struct rte_cryptodev_asym_session; 31 32 /** asym key exchange operation type name strings */ 33 extern const char * 34 rte_crypto_asym_ke_strings[]; 35 36 /** asym operations type name strings */ 37 extern const char * 38 rte_crypto_asym_op_strings[]; 39 40 #define RTE_CRYPTO_ASYM_FLAG_PUB_KEY_NO_PADDING RTE_BIT32(0) 41 /**< 42 * Flag to denote public key will be returned without leading zero bytes 43 * and if the flag is not set, public key will be padded to the left with 44 * zeros to the size of the underlying algorithm (default) 45 */ 46 #define RTE_CRYPTO_ASYM_FLAG_SHARED_KEY_NO_PADDING RTE_BIT32(1) 47 /**< 48 * Flag to denote shared secret will be returned without leading zero bytes 49 * and if the flag is not set, shared secret will be padded to the left with 50 * zeros to the size of the underlying algorithm (default) 51 */ 52 53 /** 54 * List of elliptic curves. This enum aligns with 55 * TLS "Supported Groups" registry (previously known as 56 * NamedCurve registry). FFDH groups are not, and will not 57 * be included in this list. 58 * Deprecation for selected curve in TLS does not deprecate 59 * the selected curve in Cryptodev. 60 * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml 61 */ 62 enum rte_crypto_curve_id { 63 RTE_CRYPTO_EC_GROUP_SECP192R1 = 19, 64 RTE_CRYPTO_EC_GROUP_SECP224R1 = 21, 65 RTE_CRYPTO_EC_GROUP_SECP256R1 = 23, 66 RTE_CRYPTO_EC_GROUP_SECP384R1 = 24, 67 RTE_CRYPTO_EC_GROUP_SECP521R1 = 25, 68 RTE_CRYPTO_EC_GROUP_SM2 = 41, 69 }; 70 71 /** 72 * Asymmetric crypto transformation types. 73 * Each xform type maps to one asymmetric algorithm 74 * performing specific operation 75 */ 76 enum rte_crypto_asym_xform_type { 77 RTE_CRYPTO_ASYM_XFORM_UNSPECIFIED = 0, 78 /**< Invalid xform. */ 79 RTE_CRYPTO_ASYM_XFORM_NONE, 80 /**< Xform type None. 81 * May be supported by PMD to support 82 * passthrough op for debugging purpose. 83 * if xform_type none , op_type is disregarded. 84 */ 85 RTE_CRYPTO_ASYM_XFORM_RSA, 86 /**< RSA. Performs Encrypt, Decrypt, Sign and Verify. 87 * Refer to rte_crypto_asym_op_type 88 */ 89 RTE_CRYPTO_ASYM_XFORM_DH, 90 /**< Diffie-Hellman. 91 * Performs Key Generate and Shared Secret Compute. 92 * Refer to rte_crypto_asym_op_type 93 */ 94 RTE_CRYPTO_ASYM_XFORM_DSA, 95 /**< Digital Signature Algorithm 96 * Performs Signature Generation and Verification. 97 * Refer to rte_crypto_asym_op_type 98 */ 99 RTE_CRYPTO_ASYM_XFORM_MODINV, 100 /**< Modular Multiplicative Inverse 101 * Perform Modular Multiplicative Inverse b^(-1) mod n 102 */ 103 RTE_CRYPTO_ASYM_XFORM_MODEX, 104 /**< Modular Exponentiation 105 * Perform Modular Exponentiation b^e mod n 106 */ 107 RTE_CRYPTO_ASYM_XFORM_ECDSA, 108 /**< Elliptic Curve Digital Signature Algorithm 109 * Perform Signature Generation and Verification. 110 */ 111 RTE_CRYPTO_ASYM_XFORM_ECDH, 112 /**< Elliptic Curve Diffie Hellman */ 113 RTE_CRYPTO_ASYM_XFORM_ECPM, 114 /**< Elliptic Curve Point Multiplication */ 115 RTE_CRYPTO_ASYM_XFORM_ECFPM, 116 /**< Elliptic Curve Fixed Point Multiplication */ 117 RTE_CRYPTO_ASYM_XFORM_SM2, 118 /**< ShangMi 2 119 * Performs Encrypt, Decrypt, Sign and Verify. 120 * Refer to rte_crypto_asym_op_type. 121 */ 122 RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END 123 /**< End of list */ 124 }; 125 126 /** 127 * Asymmetric crypto operation type variants 128 */ 129 enum rte_crypto_asym_op_type { 130 RTE_CRYPTO_ASYM_OP_ENCRYPT, 131 /**< Asymmetric Encrypt operation */ 132 RTE_CRYPTO_ASYM_OP_DECRYPT, 133 /**< Asymmetric Decrypt operation */ 134 RTE_CRYPTO_ASYM_OP_SIGN, 135 /**< Signature Generation operation */ 136 RTE_CRYPTO_ASYM_OP_VERIFY, 137 /**< Signature Verification operation */ 138 RTE_CRYPTO_ASYM_OP_LIST_END 139 }; 140 141 /** 142 * Asymmetric crypto key exchange operation type 143 */ 144 enum rte_crypto_asym_ke_type { 145 RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE, 146 /**< Private Key generation operation */ 147 RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE, 148 /**< Public Key generation operation */ 149 RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE, 150 /**< Shared Secret compute operation */ 151 RTE_CRYPTO_ASYM_KE_PUB_KEY_VERIFY 152 /**< Public Key Verification - can be used for 153 * elliptic curve point validation. 154 */ 155 }; 156 157 /** 158 * Padding types for RSA signature. 159 */ 160 enum rte_crypto_rsa_padding_type { 161 RTE_CRYPTO_RSA_PADDING_NONE = 0, 162 /**< RSA no padding scheme */ 163 RTE_CRYPTO_RSA_PADDING_PKCS1_5, 164 /**< RSA PKCS#1 PKCS1-v1_5 padding scheme. For signatures block type 01, 165 * for encryption block type 02 are used. 166 */ 167 RTE_CRYPTO_RSA_PADDING_OAEP, 168 /**< RSA PKCS#1 OAEP padding scheme */ 169 RTE_CRYPTO_RSA_PADDING_PSS, 170 /**< RSA PKCS#1 PSS padding scheme */ 171 RTE_CRYPTO_RSA_PADDING_TYPE_LIST_END 172 }; 173 174 /** 175 * RSA private key type enumeration 176 * 177 * enumerates private key format required to perform RSA crypto 178 * transform. 179 */ 180 enum rte_crypto_rsa_priv_key_type { 181 RTE_RSA_KEY_TYPE_EXP, 182 /**< RSA private key is an exponent */ 183 RTE_RSA_KEY_TYPE_QT, 184 /**< RSA private key is in quintuple format 185 * See rte_crypto_rsa_priv_key_qt 186 */ 187 }; 188 189 /** 190 * Buffer to hold crypto params required for asym operations. 191 * 192 * These buffers can be used for both input to PMD and output from PMD. When 193 * used for output from PMD, application has to ensure the buffer is large 194 * enough to hold the target data. 195 * 196 * If an operation requires the PMD to generate a random number, 197 * and the device supports CSRNG, 'data' should be set to NULL. 198 * The crypto parameter in question will not be used by the PMD, 199 * as it is internally generated. 200 */ 201 typedef struct rte_crypto_param_t { 202 uint8_t *data; 203 /**< pointer to buffer holding data */ 204 rte_iova_t iova; 205 /**< IO address of data buffer */ 206 size_t length; 207 /**< length of data in bytes */ 208 } rte_crypto_param; 209 210 /** Unsigned big-integer in big-endian format */ 211 typedef rte_crypto_param rte_crypto_uint; 212 213 /** 214 * Structure for elliptic curve point 215 */ 216 struct rte_crypto_ec_point { 217 rte_crypto_param x; 218 /**< X coordinate */ 219 rte_crypto_param y; 220 /**< Y coordinate */ 221 }; 222 223 /** 224 * Structure describing RSA private key in quintuple format. 225 * See PKCS V1.5 RSA Cryptography Standard. 226 */ 227 struct rte_crypto_rsa_priv_key_qt { 228 rte_crypto_uint p; 229 /**< the first factor */ 230 rte_crypto_uint q; 231 /**< the second factor */ 232 rte_crypto_uint dP; 233 /**< the first factor's CRT exponent */ 234 rte_crypto_uint dQ; 235 /**< the second's factor's CRT exponent */ 236 rte_crypto_uint qInv; 237 /**< the CRT coefficient */ 238 }; 239 240 /** 241 * RSA padding type 242 */ 243 struct rte_crypto_rsa_padding { 244 enum rte_crypto_rsa_padding_type type; 245 /**< RSA padding scheme to be used for transform */ 246 enum rte_crypto_auth_algorithm hash; 247 /**< 248 * RSA padding hash algorithm 249 * Valid hash algorithms are: 250 * MD5, SHA1, SHA224, SHA256, SHA384, SHA512 251 * 252 * When a specific padding type is selected, the following rules apply: 253 * - RTE_CRYPTO_RSA_PADDING_NONE: 254 * This field is ignored by the PMD 255 * 256 * - RTE_CRYPTO_RSA_PADDING_PKCS1_5: 257 * When signing an operation this field is used to determine value 258 * of the DigestInfo structure, therefore specifying which algorithm 259 * was used to create the message digest. 260 * When doing encryption/decryption this field is ignored for this 261 * padding type. 262 * 263 * - RTE_CRYPTO_RSA_PADDING_OAEP 264 * This field shall be set with the hash algorithm used 265 * in the padding scheme 266 * 267 * - RTE_CRYPTO_RSA_PADDING_PSS 268 * This field shall be set with the hash algorithm used 269 * in the padding scheme (and to create the input message digest) 270 */ 271 enum rte_crypto_auth_algorithm mgf1hash; 272 /**< 273 * Hash algorithm to be used for mask generation if the 274 * padding scheme is either OAEP or PSS. If the padding 275 * scheme is unspecified a data hash algorithm is used 276 * for mask generation. Valid hash algorithms are: 277 * MD5, SHA1, SHA224, SHA256, SHA384, SHA512 278 */ 279 uint16_t pss_saltlen; 280 /**< 281 * RSA PSS padding salt length 282 * 283 * Used only when RTE_CRYPTO_RSA_PADDING_PSS padding is selected, 284 * otherwise ignored. 285 */ 286 rte_crypto_param oaep_label; 287 /**< 288 * RSA OAEP padding optional label 289 * 290 * Used only when RTE_CRYPTO_RSA_PADDING_OAEP padding is selected, 291 * otherwise ignored. If label.data == NULL, a default 292 * label (empty string) is used. 293 */ 294 }; 295 296 /** 297 * Asymmetric RSA transform data 298 * 299 * Structure describing RSA xform params 300 */ 301 struct rte_crypto_rsa_xform { 302 rte_crypto_uint n; 303 /**< the RSA modulus */ 304 rte_crypto_uint e; 305 /**< the RSA public exponent */ 306 307 enum rte_crypto_rsa_priv_key_type key_type; 308 309 union { 310 rte_crypto_uint d; 311 /**< the RSA private exponent */ 312 struct rte_crypto_rsa_priv_key_qt qt; 313 /**< qt - Private key in quintuple format */ 314 }; 315 }; 316 317 /** 318 * Asymmetric Modular exponentiation transform data 319 * 320 * Structure describing modular exponentiation xform param 321 */ 322 struct rte_crypto_modex_xform { 323 rte_crypto_uint modulus; 324 /**< Modulus data for modexp transform operation */ 325 rte_crypto_uint exponent; 326 /**< Exponent of the modexp transform operation */ 327 }; 328 329 /** 330 * Asymmetric modular multiplicative inverse transform operation 331 * 332 * Structure describing modular multiplicative inverse transform 333 */ 334 struct rte_crypto_modinv_xform { 335 rte_crypto_uint modulus; 336 /**< Modulus data for modular multiplicative inverse operation */ 337 }; 338 339 /** 340 * Asymmetric DH transform data 341 * 342 * Structure describing deffie-hellman xform params 343 */ 344 struct rte_crypto_dh_xform { 345 rte_crypto_uint p; 346 /**< Prime modulus data */ 347 rte_crypto_uint g; 348 /**< DH Generator */ 349 }; 350 351 /** 352 * Asymmetric Digital Signature transform operation 353 * 354 * Structure describing DSA xform params 355 */ 356 struct rte_crypto_dsa_xform { 357 rte_crypto_uint p; 358 /**< Prime modulus */ 359 rte_crypto_uint q; 360 /**< Order of the subgroup */ 361 rte_crypto_uint g; 362 /**< Generator of the subgroup */ 363 rte_crypto_uint x; 364 /**< x: Private key of the signer */ 365 }; 366 367 /** 368 * Asymmetric elliptic curve transform data 369 * 370 * Structure describing all EC based xform params 371 */ 372 struct rte_crypto_ec_xform { 373 enum rte_crypto_curve_id curve_id; 374 /**< Pre-defined ec groups */ 375 376 rte_crypto_uint pkey; 377 /**< Private key */ 378 379 struct rte_crypto_ec_point q; 380 /**< Public key */ 381 }; 382 383 /** 384 * Operations params for modular operations: 385 * exponentiation and multiplicative inverse 386 */ 387 struct rte_crypto_mod_op_param { 388 rte_crypto_uint base; 389 /**< Base of modular exponentiation/multiplicative inverse. */ 390 rte_crypto_uint result; 391 /**< Result of modular exponentiation/multiplicative inverse. */ 392 }; 393 394 /** 395 * RSA operation params 396 */ 397 struct rte_crypto_rsa_op_param { 398 enum rte_crypto_asym_op_type op_type; 399 /**< Type of RSA operation for transform */ 400 401 rte_crypto_param message; 402 /**< 403 * Pointer to input data 404 * - to be encrypted for RSA public encrypt. 405 * - to be signed for RSA sign generation. 406 * - to be authenticated for RSA sign verification. 407 * 408 * Pointer to output data 409 * - for RSA private decrypt. 410 * In this case the underlying array should have been 411 * allocated with enough memory to hold plaintext output 412 * (i.e. must be at least RSA key size). The message.length 413 * field could be either 0 or minimal length expected from PMD. 414 * This could be validated and overwritten by the PMD 415 * with the decrypted length. 416 */ 417 418 rte_crypto_param cipher; 419 /**< 420 * Pointer to input data 421 * - to be decrypted for RSA private decrypt. 422 * 423 * Pointer to output data 424 * - for RSA public encrypt. 425 * In this case the underlying array should have been allocated 426 * with enough memory to hold ciphertext output (i.e. must be 427 * at least RSA key size). The cipher.length field could be 428 * either 0 or minimal length expected from PMD. 429 * This could be validated and overwritten by the PMD 430 * with the encrypted length. 431 * 432 * When RTE_CRYPTO_RSA_PADDING_NONE and RTE_CRYPTO_ASYM_OP_VERIFY 433 * selected, this is an output of decrypted signature. 434 */ 435 436 rte_crypto_param sign; 437 /**< 438 * Pointer to input data 439 * - to be verified for RSA public decrypt. 440 * 441 * Pointer to output data 442 * - for RSA private encrypt. 443 * In this case the underlying array should have been allocated 444 * with enough memory to hold signature output (i.e. must be 445 * at least RSA key size). The sign.length field could be 446 * either 0 or minimal length expected from PMD. 447 * This could be validated and overwritten by the PMD 448 * with the signature length. 449 */ 450 451 struct rte_crypto_rsa_padding padding; 452 /**< RSA padding information */ 453 }; 454 455 /** 456 * Diffie-Hellman Operations params. 457 * @note: 458 */ 459 struct rte_crypto_dh_op_param { 460 enum rte_crypto_asym_ke_type ke_type; 461 /**< Key exchange operation type */ 462 rte_crypto_uint priv_key; 463 /**< 464 * Output - generated private key when ke_type is 465 * RTE_CRYPTO_ASYM_KE_PRIV_KEY_GENERATE. 466 * 467 * Input - private key when ke_type is one of: 468 * RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE, 469 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE. 470 * 471 * In case priv_key.length is 0 and ke_type is set with 472 * RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE, CSRNG capable 473 * device will generate a private key and use it for public 474 * key generation. 475 */ 476 rte_crypto_uint pub_key; 477 /**< 478 * Output - generated public key when ke_type is 479 * RTE_CRYPTO_ASYM_KE_PUB_KEY_GENERATE. 480 * 481 * Input - peer's public key when ke_type is 482 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE. 483 */ 484 rte_crypto_uint shared_secret; 485 /**< 486 * Output - calculated shared secret when ke_type is 487 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE. 488 */ 489 }; 490 491 /** 492 * Elliptic Curve Diffie-Hellman Operations params. 493 */ 494 struct rte_crypto_ecdh_op_param { 495 enum rte_crypto_asym_ke_type ke_type; 496 /**< Key exchange operation type */ 497 rte_crypto_uint priv_key; 498 /**< 499 * Output - generated private key when ke_type is 500 * RTE_CRYPTO_ASYM_KE_PRIVATE_KEY_GENERATE. 501 * 502 * Input - private key when ke_type is one of: 503 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE, 504 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE. 505 * 506 * In case priv_key.length is 0 and ke_type is set with 507 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE, CSRNG capable 508 * device will generate private key and use it for public 509 * key generation. 510 */ 511 struct rte_crypto_ec_point pub_key; 512 /**< 513 * Output - generated public key when ke_type is 514 * RTE_CRYPTO_ASYM_KE_PUBLIC_KEY_GENERATE. 515 * 516 * Input - peer's public key, when ke_type is one of: 517 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE, 518 * RTE_CRYPTO_ASYM_KE_EC_PUBLIC_KEY_VERIFY. 519 */ 520 struct rte_crypto_ec_point shared_secret; 521 /**< 522 * Output - calculated shared secret when ke_type is 523 * RTE_CRYPTO_ASYM_KE_SHARED_SECRET_COMPUTE. 524 */ 525 }; 526 527 /** 528 * DSA Operations params 529 */ 530 struct rte_crypto_dsa_op_param { 531 enum rte_crypto_asym_op_type op_type; 532 /**< Signature Generation or Verification */ 533 rte_crypto_param message; 534 /**< input message to be signed or verified */ 535 rte_crypto_uint k; 536 /**< Per-message secret number, which is an integer 537 * in the interval (1, q-1). 538 * If the random number is generated by the PMD, 539 * the 'rte_crypto_param.data' parameter should be set to NULL. 540 */ 541 rte_crypto_uint r; 542 /**< dsa sign component 'r' value 543 * 544 * output if op_type = sign generate, 545 * input if op_type = sign verify 546 */ 547 rte_crypto_uint s; 548 /**< dsa sign component 's' value 549 * 550 * output if op_type = sign generate, 551 * input if op_type = sign verify 552 */ 553 rte_crypto_uint y; 554 /**< y : Public key of the signer. 555 * y = g^x mod p 556 */ 557 }; 558 559 /** 560 * ECDSA operation params 561 */ 562 struct rte_crypto_ecdsa_op_param { 563 enum rte_crypto_asym_op_type op_type; 564 /**< Signature generation or verification */ 565 566 rte_crypto_param message; 567 /**< Input message digest to be signed or verified */ 568 569 rte_crypto_uint k; 570 /**< The ECDSA per-message secret number, which is an integer 571 * in the interval (1, n-1). 572 * If the random number is generated by the PMD, 573 * the 'rte_crypto_param.data' parameter should be set to NULL. 574 */ 575 576 rte_crypto_uint r; 577 /**< r component of elliptic curve signature 578 * output : for signature generation 579 * input : for signature verification 580 */ 581 rte_crypto_uint s; 582 /**< s component of elliptic curve signature 583 * output : for signature generation 584 * input : for signature verification 585 */ 586 }; 587 588 /** 589 * Structure for EC point multiplication operation param 590 */ 591 struct rte_crypto_ecpm_op_param { 592 struct rte_crypto_ec_point p; 593 /**< x and y coordinates of input point */ 594 595 struct rte_crypto_ec_point r; 596 /**< x and y coordinates of resultant point */ 597 598 rte_crypto_param scalar; 599 /**< Scalar to multiply the input point */ 600 }; 601 602 /** 603 * Asymmetric crypto transform data 604 * 605 * Structure describing asym xforms. 606 */ 607 struct rte_crypto_asym_xform { 608 struct rte_crypto_asym_xform *next; 609 /**< Pointer to next xform to set up xform chain.*/ 610 enum rte_crypto_asym_xform_type xform_type; 611 /**< Asymmetric crypto transform */ 612 613 union { 614 struct rte_crypto_rsa_xform rsa; 615 /**< RSA xform parameters */ 616 617 struct rte_crypto_modex_xform modex; 618 /**< Modular Exponentiation xform parameters */ 619 620 struct rte_crypto_modinv_xform modinv; 621 /**< Modular Multiplicative Inverse xform parameters */ 622 623 struct rte_crypto_dh_xform dh; 624 /**< DH xform parameters */ 625 626 struct rte_crypto_dsa_xform dsa; 627 /**< DSA xform parameters */ 628 629 struct rte_crypto_ec_xform ec; 630 /**< EC xform parameters, used by elliptic curve based 631 * operations. 632 */ 633 }; 634 }; 635 636 /** 637 * SM2 operation params. 638 */ 639 struct rte_crypto_sm2_op_param { 640 enum rte_crypto_asym_op_type op_type; 641 /**< Signature generation or verification. */ 642 643 enum rte_crypto_auth_algorithm hash; 644 /**< Hash algorithm used in EC op. */ 645 646 rte_crypto_param message; 647 /**< 648 * Pointer to input data 649 * - to be encrypted for SM2 public encrypt. 650 * - to be signed for SM2 sign generation. 651 * - to be authenticated for SM2 sign verification. 652 * 653 * Pointer to output data 654 * - for SM2 private decrypt. 655 * In this case the underlying array should have been 656 * allocated with enough memory to hold plaintext output 657 * (at least encrypted text length). The message.length field 658 * will be overwritten by the PMD with the decrypted length. 659 */ 660 661 rte_crypto_param cipher; 662 /**< 663 * Pointer to input data 664 * - to be decrypted for SM2 private decrypt. 665 * 666 * Pointer to output data 667 * - for SM2 public encrypt. 668 * In this case the underlying array should have been allocated 669 * with enough memory to hold ciphertext output (at least X bytes 670 * for prime field curve of N bytes and for message M bytes, 671 * where X = (C1 || C2 || C3) and computed based on SM2 RFC as 672 * C1 (1 + N + N), C2 = M, C3 = N. The cipher.length field will 673 * be overwritten by the PMD with the encrypted length. 674 */ 675 676 rte_crypto_uint id; 677 /**< The SM2 id used by signer and verifier. */ 678 679 rte_crypto_uint k; 680 /**< The SM2 per-message secret number, which is an integer 681 * in the interval (1, n-1). 682 * If the random number is generated by the PMD, 683 * the 'rte_crypto_param.data' parameter should be set to NULL. 684 */ 685 686 rte_crypto_uint r; 687 /**< r component of elliptic curve signature 688 * output : for signature generation (of at least N bytes 689 * where prime field length is N bytes) 690 * input : for signature verification 691 */ 692 rte_crypto_uint s; 693 /**< s component of elliptic curve signature 694 * output : for signature generation (of at least N bytes 695 * where prime field length is N bytes) 696 * input : for signature verification 697 */ 698 }; 699 700 /** 701 * Asymmetric Cryptographic Operation. 702 * 703 * Structure describing asymmetric crypto operation params. 704 */ 705 struct rte_crypto_asym_op { 706 union { 707 struct rte_cryptodev_asym_session *session; 708 /**< Handle for the initialised session context */ 709 struct rte_crypto_asym_xform *xform; 710 /**< Session-less API crypto operation parameters */ 711 }; 712 713 union { 714 struct rte_crypto_rsa_op_param rsa; 715 struct rte_crypto_mod_op_param modex; 716 struct rte_crypto_mod_op_param modinv; 717 struct rte_crypto_dh_op_param dh; 718 struct rte_crypto_ecdh_op_param ecdh; 719 struct rte_crypto_dsa_op_param dsa; 720 struct rte_crypto_ecdsa_op_param ecdsa; 721 struct rte_crypto_ecpm_op_param ecpm; 722 struct rte_crypto_sm2_op_param sm2; 723 }; 724 uint16_t flags; 725 /**< 726 * Asymmetric crypto operation flags. 727 * Please refer to the RTE_CRYPTO_ASYM_FLAG_*. 728 */ 729 }; 730 731 #ifdef __cplusplus 732 } 733 #endif 734 735 #endif /* _RTE_CRYPTO_ASYM_H_ */ 736