crypto: add support for ECDSA

Anoob Joseph Thu, 05 Dec 2019 03:44:59 -0800

From: Ayuj Verma <ayve...@marvell.com>

Elliptic curve xform and ECDSA op params are added.


Signed-off-by: Anoob Joseph <ano...@marvell.com>
Signed-off-by: Ayuj Verma <ayve...@marvell.com>
Signed-off-by: Sunila Sahu <ss...@marvell.com>
---
 doc/guides/cryptodevs/features/default.ini | 11 ++--
 lib/librte_cryptodev/rte_crypto_asym.h     | 83 ++++++++++++++++++++++++++++++
 lib/librte_cryptodev/rte_cryptodev.c       |  1 +
 3 files changed, 90 insertions(+), 5 deletions(-)

diff --git a/doc/guides/cryptodevs/features/default.ini 
b/doc/guides/cryptodevs/features/default.ini
index b7f9a0a..2f6c785 100644
--- a/doc/guides/cryptodevs/features/default.ini
+++ b/doc/guides/cryptodevs/features/default.ini
@@ -103,8 +103,9 @@ AES CCM (256) =
 ; Supported Asymmetric algorithms of a default crypto driver.
 ;
 [Asymmetric]
-RSA =
-DSA =
-Modular Exponentiation =
-Modular Inversion =
-Diffie-hellman =
\ No newline at end of file
+RSA                     =
+DSA                     =
+Modular Exponentiation  =
+Modular Inversion       =
+Diffie-hellman          =
+ECDSA                   =
diff --git a/lib/librte_cryptodev/rte_crypto_asym.h 
b/lib/librte_cryptodev/rte_crypto_asym.h
index 0d34ce8..dd5e6e3 100644
--- a/lib/librte_cryptodev/rte_crypto_asym.h
+++ b/lib/librte_cryptodev/rte_crypto_asym.h
@@ -81,6 +81,10 @@ enum rte_crypto_asym_xform_type {
        /**< Modular Exponentiation
         * Perform Modular Exponentiation b^e mod n
         */
+       RTE_CRYPTO_ASYM_XFORM_ECDSA,
+       /**< Elliptic Curve Digital Signature Algorithm
+        * Perform Signature Generation and Verification.
+        */
        RTE_CRYPTO_ASYM_XFORM_TYPE_LIST_END
        /**< End of list */
 };
@@ -319,6 +323,46 @@ struct rte_crypto_dsa_xform {
 };
 
 /**
+ * TLS named curves
+ * https://www.iana.org/assignments/tls-parameters/
+ * tls-parameters.xhtml#tls-parameters-8
+ * secp192r1 = 19,
+ * secp224r1 = 21,
+ * secp256r1 = 23,
+ * secp384r1 = 24,
+ * secp521r1 = 25,
+ */
+enum rte_crypto_ec_group {
+       RTE_CRYPTO_EC_GROUP_UNKNOWN  = 0,
+       RTE_CRYPTO_EC_GROUP_NISTP192 = 19,
+       RTE_CRYPTO_EC_GROUP_NISTP224 = 21,
+       RTE_CRYPTO_EC_GROUP_NISTP256 = 23,
+       RTE_CRYPTO_EC_GROUP_NISTP384 = 24,
+       RTE_CRYPTO_EC_GROUP_NISTP521 = 25,
+};
+
+/**
+ * Structure for elliptic curve point
+ */
+struct rte_crypto_ec_point {
+       rte_crypto_param x;
+       /**< X coordinate */
+       rte_crypto_param y;
+       /**< Y coordinate */
+};
+
+/**
+ * Asymmetric elliptic curve transform data
+ *
+ * Structure describing all EC based xform params
+ *
+ */
+struct rte_crypto_ec_xform {
+       enum rte_crypto_ec_group curve_id;
+       /**< Pre-defined ec groups */
+};
+
+/**
  * Operations params for modular operations:
  * exponentiation and multiplicative inverse
  *
@@ -372,6 +416,11 @@ struct rte_crypto_asym_xform {
 
                struct rte_crypto_dsa_xform dsa;
                /**< DSA xform parameters */
+
+               struct rte_crypto_ec_xform ec;
+               /**< EC xform parameters, used by elliptic curve based
+                * operations.
+                */
        };
 };
 
@@ -516,6 +565,39 @@ struct rte_crypto_dsa_op_param {
 };
 
 /**
+ * ECDSA operation params
+ */
+struct rte_crypto_ecdsa_op_param {
+       enum rte_crypto_asym_op_type op_type;
+       /**< Signature generation or verification */
+
+       rte_crypto_param pkey;
+       /**< Private key of the signer for signature generation */
+
+       struct rte_crypto_ec_point q;
+       /**< Public key of the signer for verification */
+
+       rte_crypto_param message;
+       /**< Input message to be signed or verified */
+
+       rte_crypto_param k;
+       /**< The ECDSA per-message secret number, which is an integer
+        * in the interval (1, n-1)
+        */
+
+       rte_crypto_param r;
+       /**< r component of elliptic curve signature
+        *     output : for signature generation
+        *     input  : for signature verification
+        */
+       rte_crypto_param s;
+       /**< s component of elliptic curve signature
+        *     output : for signature generation
+        *     input  : for signature verification
+        */
+};
+
+/**
  * Asymmetric Cryptographic Operation.
  *
  * Structure describing asymmetric crypto operation params.
@@ -537,6 +619,7 @@ struct rte_crypto_asym_op {
                struct rte_crypto_mod_op_param modinv;
                struct rte_crypto_dh_op_param dh;
                struct rte_crypto_dsa_op_param dsa;
+               struct rte_crypto_ecdsa_op_param ecdsa;
        };
 };
 
diff --git a/lib/librte_cryptodev/rte_cryptodev.c 
b/lib/librte_cryptodev/rte_cryptodev.c
index 89aa2ed..0d6babb 100644
--- a/lib/librte_cryptodev/rte_cryptodev.c
+++ b/lib/librte_cryptodev/rte_cryptodev.c
@@ -173,6 +173,7 @@ const char *rte_crypto_asym_xform_strings[] = {
        [RTE_CRYPTO_ASYM_XFORM_MODINV]  = "modinv",
        [RTE_CRYPTO_ASYM_XFORM_DH]      = "dh",
        [RTE_CRYPTO_ASYM_XFORM_DSA]     = "dsa",
+       [RTE_CRYPTO_ASYM_XFORM_ECDSA]   = "ecdsa",
 };
 
 /**
-- 
2.7.4

[dpdk-dev] [PATCH 1/4] lib/crypto: add support for ECDSA

Reply via email to