Hi Xin, Sorry for delay. :(
> -----Original Message----- > From: Xin Zeng [mailto:xin.z...@intel.com] > Sent: Friday, October 28, 2016 10:52 AM > To: virtio-...@lists.oasis-open.org; qemu-devel@nongnu.org > Cc: m...@redhat.com; Gonglei (Arei); brian.a.keat...@intel.com; > john.grif...@intel.com; liang.j...@intel.com; Huangweidong (C); Xin Zeng > Subject: [PATCH v1 1/1] virtio crypto device specification: asymmetric crypto > service > > This patch introduces asymmetric crypto service into virtio crypto > device spec. The asymmetric crypto service can be referred as signature, > verification, encryption, decryption, key generation and key exchange. > This patch depends on another virtio crypto device spec patch: > https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01744.html > > Changes since v0: > - Use devicenormative/drivernormative instead of self-defined > device/driver label. [Lei] > - Change the error code of verification to general virtio_crypto > error code. [Lei] > - Use macro instead of enum in verification result. [Lei] > - Fix the incorrect label value for paragraph and section. [Lei] > > Please help to review, thanks! > > Signed-off-by: Xin Zeng <xin.z...@intel.com> > --- > virtio-crypto.tex | 965 > +++++++++++++++++++++++++++++++++++++++++++++++++++++- > 1 file changed, 962 insertions(+), 3 deletions(-) > > diff --git a/virtio-crypto.tex b/virtio-crypto.tex > index 86e4869..43772da 100644 > --- a/virtio-crypto.tex > +++ b/virtio-crypto.tex > @@ -6,7 +6,7 @@ decryption requests are placed in the data queue and are > ultimately handled by t > backend crypto accelerators. The second queue is the control queue used to > create > or destroy sessions for symmetric algorithms and will control some advanced > features in the future. The virtio crypto device provides the following > crypto > -services: CIPHER, MAC, HASH, and AEAD. > +services: CIPHER, MAC, HASH, AEAD and ASYM. > > > \subsection{Device ID}\label{sec:Device Types / Crypto Device / Device ID} > @@ -44,7 +44,9 @@ struct virtio_crypto_config { > le32 mac_algo_l; > le32 mac_algo_h; > le32 aead_algo; > - le32 reserve; > + le32 asym_algo; > + le32 rsa_padding; > + le32 reserved; > }; Please rebased on the latest virtio crypto spec, the config structure had been changed. > \end{lstlisting} > > @@ -70,6 +72,8 @@ The following services are defined: > #define VIRTIO_CRYPTO_SERVICE_MAC (2) > /* AEAD (Authenticated Encryption with Associated Data) service */ > #define VIRTIO_CRYPTO_SERVICE_AEAD (3) > +/* ASYM (Asymmetric crypto algorithms) service */ > +#define VIRTIO_CRYPTO_SERVICE_ASYM (4) > \end{lstlisting} > > The last driver-read-only fields specify detailed algorithms masks > @@ -143,6 +147,28 @@ The following AEAD algorithms are defined: > #define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305 3 > \end{lstlisting} > > +The following asymmetric algorithms are defined: > + > +\begin{lstlisting} > +#define VIRTIO_CRYPTO_ASYM_NONE 0 > +#define VIRTIO_CRYPTO_ASYM_RSA 1 > +#define VIRTIO_CRYPTO_ASYM_DSA 2 > +#define VIRTIO_CRYPTO_ASYM_DH 3 > +#define VIRTIO_CRYPTO_ASYM_ECDSA 4 > +#define VIRTIO_CRYPTO_ASYM_ECDH 5 Mixing tab and space. > +\end{lstlisting} > + > +The following rsa padding capabilities are defined: > + What're the padding capabilities used for? I think we should add some explanation for them. > +\begin{lstlisting} > +#define VIRTIO_CRYPTO_RSA_NO_PADDING 0 > +#define VIRTIO_CRYPTO_RSA_PKCS1_PADDING 1 > +#define VIRTIO_CRYPTO_RSA_SSLV23_PADDING 2 > +#define VIRTIO_CRYPTO_RSA_PKCS1_OAEP_PADDING 3 > +#define VIRTIO_CRYPTO_RSA_X931_PADDING 4 > +#define VIRTIO_CRYPTO_RSA_PKCS1_PSS_PADDING 5 > +\end{lstlisting} > + > \begin{note} > Any other value is reserved for future use. > \end{note} > @@ -241,6 +267,18 @@ struct virtio_crypto_op_header { > VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00) > #define VIRTIO_CRYPTO_AEAD_DECRYPT \ > VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01) > +#define VIRTIO_CRYPTO_ASYM_SIGN \ > + VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x00) > +#define VIRTIO_CRYPTO_ASYM_VERIFY \ > + VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x01) > +#define VIRTIO_CRYPTO_ASYM_ENCRYPT \ > + VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x02) > +#define VIRTIO_CRYPTO_ASYM_DECRYPT \ > + VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x03) > +#define VIRTIO_CRYPTO_ASYM_KEY_GEN \ > + VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x04) > +#define VIRTIO_CRYPTO_ASYM_KEY_EXCHG \ > + VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x05) > le32 opcode; > /* algo should be service-specific algorithms */ > le32 algo; > @@ -548,6 +586,23 @@ struct virtio_crypto_op_data_req { > struct virtio_crypto_hash_data_req hash_req; > struct virtio_crypto_mac_data_req mac_req; > struct virtio_crypto_aead_data_req aead_req; > + > + struct virtio_crypto_ecdsa_sign_req ecdsa_sign_req; > + struct virtio_crypto_dsa_sign_req dsa_sign_req; > + struct virtio_crypto_rsa_sign_req rsa_sign_req; > + struct virtio_crypto_ecdsa_verify_req ecdsa_verify_req; > + struct virtio_crypto_dsa_verify_req dsa_verify_req; > + struct virtio_crypto_rsa_verify_req rsa_verify_req; > + struct virtio_crypto_rsa_enc_req rsa_enc_req > + struct virtio_crypto_rsa_dec_req rsa_dec_req; > + struct virtio_crypto_rsa_keygen_req rsa_keygen_req; > + struct virtio_crypto_dsa_keygen_req dsa_keygen_req; > + struct virtio_crypto_ec_keygen_req ec_keygen_req; > + struct virtio_crypto_dh_keyexchg_param_gen_req > dh_keyexchg_param_gen_req; > + struct virtio_crypto_dh_keyexchg_key_gen_req > dh_keyexchg_key_gen_req; > + struct virtio_crypto_dh_keyexchg_key_compute_req > dh_keyexchg_key_compute_req; > + struct virtio_crypto_ecdh_keyexchg_key_gen_req > ecdh_keyexchg_key_gen_req; > + struct virtio_crypto_ecdh_keyexchg_key_compute_req > ecdh_keyexchg_key_compute_req; > } u; > }; > \end{lstlisting} > @@ -996,4 +1051,908 @@ pointed by \field{dst_data_addr} and > \field{digest_result_addr} in struct virtio > \item The device MUST copy the digest result to the guest memory recorded > by \field{digest_result_addr} field in struct virtio_crypto_aead_input. > \item The device MUST set the \field{status} field in strut > virtio_crypto_aead_input: VIRTIO_CRYPTO_OK: success; VIRTIO_CRYPTO_ERR: > creation failed or device error; VIRTIO_CRYPTO_NOTSUPP: not supported. > \item When the \field{opcode} is VIRTIO_CRYPTO_AEAD_DECRYPT, the device > MUST verify and return the verification result to the driver, and if the > verification result is incorrect, VIRTIO_CRYPTO_BADMSG (bad message) MUST > be returned to the driver. > -\end{itemize*} > \ No newline at end of file > +\end{itemize*} > + > +\subsubsection{Asymmetric Crypto Service Operation}\label{sec:Device Types > / Crypto Device / Device Operation / > +Crypto operation / Asymmetric Crypto Service Operation} > + > +In general, asymmetric crypto service can be referred as signature, > verification, > +encryption, decryption, key generation and key exchange. Not each algorithm > supports > +all these services. > + > +Unlike symmetric crypto service, asymmetric crypto service normally does't > +need session operations, the request is encapsulated within one packet which > is represented > +by \field{virtio_crypto_op_data_req}. > +(see \ref{sec:Device Types / Crypto Device / Device Operation / Data > Virtqueue}). > + > +Once service request is handled by the device, the device writes back the > operation results to the corresponding > +fields in the request packet. > + > +The asymmetric crypto operation uses a virtio_crypto_buf to represent the > input/output buffer. > +\begin{lstlisting} > +struct virtio_crypto_buf { > + le32 len; > + le32 reserved; > + le64 addr; > +}; > +\end{lstlisting} > + This is the same problem with my pervious symmetric spec. Pls don't define a private structure in the virtio spec, and refer to the latest virtio crypto spec: The buffer length is stored in the para part, and the buffer content is stored in input/output parts by u8[len]. struct virtio_crypto_alg_chain_session_para { le32 alg_chain_order; le32 hash_mode; struct virtio_crypto_cipher_session_para cipher_param; union { struct virtio_crypto_hash_session_para hash_param; struct virtio_crypto_mac_session_para mac_param; } u; /* length of the additional authenticated data (AAD) in bytes */ le32 aad_len; le32 padding; }; struct virtio_crypto_alg_chain_session_req { /* Device-readable part */ struct virtio_crypto_alg_chain_session_para para; /* The cipher key */ u8 cipher_key[keylen]; /* The authenticated key */ u8 auth_key[auth_key_len]; /* Device-writable part */ struct virtio_crypto_session_input input; }; > +\devicenormative{\paragraph}{Asymmetric Crypto Service Operation}{Device > Types / Crypto Device / Device Operation / Asymmetric Crypto Service > Operation} > +\begin{itemize*} > +\item The device MUST parse the field \field{opcode} within > \field{virtio_crypto_op_header} (see \ref{sec:Device Types / Crypto Device / > Device Operation}) before > +it handles the corresponding service request. > +\item The device SHOULD set the operation status in field \field{status} > within > \field{idata}. > +\item The device SHOULD update the operation result to the fields in > \field{idata} if the operation is successful. > +\end{itemize*} > + > +\drivernormative{\paragraph}{Asymmetric Crypto Service Operation}{Device > Types / Crypto Device / Device Operation / Asymmetric Crypto Service > Operation} > +\begin{itemize*} > +\item The driver SHOULD set the corresponding \field{opcode} in > \field{virtio_crypto_op_header} according to different services. > +\item The driver SHOULD offer operatable buffer within \field{idata} if the > service request structure defines. > +\end{itemize*} > + > +\paragraph{Signature: ECDSA signature operation}\label{sec:Device Types / > Crypto Device / > +Device Operation / Crypto operation / Asymmetric Crypto Service Operation / > Signature: ECDSA signature operation} > + > +\begin{lstlisting} > +struct virtio_crypto_ec_group { > + struct virtio_crypto_buf xg; > + struct virtio_crypto_buf yg; > + struct virtio_crypto_buf n; > + struct virtio_crypto_buf q; > + struct virtio_crypto_buf a; > + struct virtio_crypto_buf b; > + struct virtio_crypto_buf h; > +}; > + > +#define VIRTIO_CRYPTO_EC_FIELD_TYPE_PRIME 0 > +#define VIRTIO_CRYPTO_EC_FIELD_TYPE_BINARY 1 > + > +struct virtio_crypto_ecdsa_sign_para{ > + /* Hash alogrithms applied to msg */ > + le32 hash_algo; > + /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */ > + le32 field_type; > + > + /* EC Group parameters */ > + struct virtio_crypto_ec_group ec; > + /* Random value */ > + struct virtio_crypto_buf k; > + /* Private Key */ > + struct virtio_crypto_buf d; > +}; > + > +struct virtio_crypto_ecdsa_sign_output { > + /* Message need to be signed */ > + struct virtio_crypto_buf msg; > +}; > + > +struct virtio_crypto_ecdsa_sign_input { > + /* operation result */ > + le32 status; > + le32 reserved; > + > + /* signature result */ > + struct virtio_crypto_buf r; > + struct virtio_crypto_buf s; > +}; > +\end{lstlisting} > + > +ECDSA signature operation request is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_ecdsa_sign_req { > + struct virtio_crypto_ecdsa_sign_para parameter; > + struct virtio_crypto_ecdsa_sign_output odata; > + > + struct virtio_crypto_ecdsa_sign_input idata; > +}; > +\end{lstlisting} > + > + > +\devicenormative{\subparagraph}{ECDSA signature operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / > ECDSA signature operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according Here you say SHOULD, but... > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{ECDSA signature operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / > ECDSA signature operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDSA. > +\item The driver SHOULD set all fields in \field{parameter} and \field{odata} > except field \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > before it operates other fields in \field{idata}. ...here is MUST. Maybe s/SHOULD/MUST/g, no? > +Only if the operation is successful, the \field{r,s} in \field{idata} are > operatable. > +\end{itemize*} > + > +\paragraph{Signature: DSA signature operation}\label{sec:Device Types / > Crypto Device / > +Device Operation / Crypto operation / Asymmetric Crypto Service Operation/ > Signature: DSA signature operation} > + > +\begin{lstlisting} > +struct virtio_crypto_dsa_group { > + struct virtio_crypto_buf p; > + struct virtio_crypto_buf q; > + struct virtio_crypto_buf g; > +}; > + Pls don't use struct virtio_crypto_buf. It seems all below algorithms have the same style, so I stop reviewing here. Regards, -Gonglei > +struct virtio_crypto_dsa_sign_para { > + /* Hash alogrithms applied to msg */ > + le32 hash_algo; > + le32 reserved; > + > + /* DSA group parameter */ > + struct virtio_crypto_dsa_group dsa; > + /* Random value */ > + struct virtio_crypto_buf k; > + /* Private Key */ > + struct virtio_crypto_buf x; > +}; > + > +struct virtio_crypto_dsa_sign_output { > + struct virtio_crypto_buf msg; > +}; > + > +struct virtio_crypto_dsa_sign_input { > + /* operation result */ > + le32 status; > + le32 reserved; > + > + /* signature result */ > + struct virtio_crypto_buf r; > + struct virtio_crypto_buf s; > +}; > +\end{lstlisting} > +DSA signature operation request is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_dsa_sign_req { > + struct virtio_crypto_dsa_sign_para parameter; > + struct virtio_crypto_dsa_sign_output odata; > + > + struct virtio_crypto_dsa_sign_input idata; > +}; > +\end{lstlisting} > + > + > +\devicenormative{\subparagraph}{DSA signature operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA > signature operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{DSA signature operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA > signature operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA. > +\item The driver SHOULD set all fields in \field{parameter} and \field{odata} > except field \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > before it operates other fields in \field{idata}. > +Only if the operation is successful, the \field{r,s} in \field{idata} are > operatable. > +\end{itemize*} > + > +\paragraph{Signature: RSA signature operation}\label{sec:Device Types / > Crypto Device / > +Device Operation / Crypto operation / Asymmetric Crypto Service Operation / > Signature: RSA signature operation} > + > +\begin{lstlisting} > +struct virtio_crypto_rsa_pub_key{ > + /* The RSA modules */ > + struct virtio_crypto_buf n; > + /* The RSA public exponent */ > + struct virtio_crypto_buf e; > +}; > + > +struct virtio_crypto_rsa_priv_key_rep1{ > + /* The RSA modules */ > + struct virtio_crypto_buf n; > + /* The RSA private exponent */ > + struct virtio_crypto_buf d; > +}; > + > +struct virtio_crypto_rsa_priv_key_rep2{ > + /* The first factor */ > + struct virtio_crypto_buf p; > + /* The second factor */ > + struct virtio_crypto_buf q; > + /* The first factor's CRT exponent */ > + struct virtio_crypto_buf dp; > + /* The second factor's CRT exponent */ > + struct virtio_crypto_buf dq; > + /* The first CRT coeffieient */ > + struct virtio_crypto_buf qinv; > + /* The factors array when prime_number > 2 */ > + struct virtio_crypto_buf r[]; > + /* The CRT exponent array when prime_number > 2 */ > + struct virtio_crypto_buf d[]; > + /* The CRT coeffieient array when prime_number > 2 */ > + struct virtio_crypto_buf t[]; > +}; > + > +struct virtio_crypto_rsa_priv_key { > + le32 prime_number; > +#define VIRTIO_CRYPTO_RSA_PRIV_KEY_REPTYPE1 0 > +#define VIRTIO_CRYPTO_RSA_PRIV_KEY_REPTYPE2 1 > + le32 priv_key_rep_type; > + union { > + struct virtio_crypto_rsa_priv_key_rep1 privkey_rep1; > + struct virtio_crypto_rsa_priv_key_rep2 privkey_rep2; > + }key; > +}; > + > +struct virtio_crypto_rsa_sign_para { > + /* Hash alogrithms applied to msg */ > + le32 hash_algo; > + le32 padding_mode; > + struct virtio_crypto_rsa_priv_key priv_key; > +}; > + > +struct virtio_crypto_rsa_sign_output { > + struct virtio_crypto_buf msg; > +}; > + > +struct virtio_crypto_rsa_sign_input { > + le32 status; > + le32 reserved; > + > + struct virtio_crypto_buf signature; > +}; > +\end{lstlisting} > + > +RSA signature operation request is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_rsa_sign_req { > + struct virtio_crypto rsa_sign_para parameter; > + struct virtio_crypto rsa_sign_output odata; > + > + struct virtio_crypto rsa_sign_input idata; > +}; > +\end{lstlisting} > + > + > +\devicenormative{\subparagraph}{ECDSA signature operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA > signature operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{ECDSA signature operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA > signature operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA. > +\item The driver SHOULD set all fields in \field{parameter} and \field{odata} > except field \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > before it operates other fields in \field{idata}. > +Only if the operation is successful, the \field{signature} in \field{idata} > is > operatable. > +\end{itemize*} > + > +\paragraph{Verification: Common Structure}\label{sec:Device Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Verification: Common Structure} > + > +The result of verification operation can be represented by structure > \field{virtio_crypto_asym_verify_gen_input}. > + > +\begin{lstlisting} > +struct virtio_crypto_asym_verify_gen_input { > + /* Operation result */ > + le32 status; > + /* Verification result, VIRTIO_CRYPTO_OK for a susscssful verification > + VIRTIO_CRYPTO_BADMSG for a failed verification */ > + le32 verify_result; > +}; > +\end{lstlisting} > + > +\paragraph{Verification: ECDSA Verification Operation}\label{sec:Device Types > / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Verification: ECDSA Verification Operation} > + > +\begin{lstlisting} > +struct virtio_crypto_ecdsa_verify_para { > + /* Hash alogrithms applied to msg */ > + le32 hash_algo; > + /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */ > + le32 field_type; > + > + /* EC Group parameters */ > + struct virtio_crypto_ec_group ec; > + > + /* Public key */ > + struct virtio_crypto_buf x; > + struct virtio_crypto_buf y; > +}; > + > +struct virtio_crypto_ecdsa_verify_output { > + /* Signature value */ > + struct virtio_crypto_buf r; > + struct virtio_crypto_buf s; > + > + struct virtio_crypto_buf msg; > +}; > +\end{lstlisting} > + > +ECDSA Verification Operation request is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_ecdsa_verify_req { > + struct virtio_crypto_ecdsa_verify_para parameter; > + struct virtio_crypto_ecdsa_verify_output odata; > + > + struct virtio_crypto_asym_verify_gen_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{ECDSA verification operation}{Device Types > / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / > ECDSA verification operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{ECDSA verification operation}{Device Types > / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / > ECDSA verification operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDSA. > +\item The driver SHOULD set all fields in \field{parameter} and \field{odata} > except field \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > before it checks \field{verify_result}. > +\end{itemize*} > + > +\paragraph{Verification: DSA Verification Operation}\label{sec:Device Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Verification: DSA Verification Operation} > + > +\begin{lstlisting} > +struct virtio_crypto_dsa_verify_para { > + le32 hash_algo; > + le32 reserved; > + > + /* DSA Group parameters */ > + struct virtio_crypto_dsa_group dsa; > + > + /* Public key */ > + struct virtio_crypto_buf y; > +}; > + > +struct virtio_crypto_dsa_verify_output { > + /* Signature value */ > + struct virtio_crypto_buf r; > + struct virtio_crypto_buf s; > + > + struct virtio_crypto_buf msg; > +}; > +\end{lstlisting} > + > +DSA Verification Operation request is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_dsa_verify_req { > + struct virtio_crypto_dsa_verify_para parameter; > + struct virtio_crypto_dsa_verify_output odata; > + > + struct virtio_crypto_asym_verify_gen_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{DSA verification operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA > verification operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata}. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{DSA verification operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA > verification operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA. > +\item The driver SHOULD set all fields in \field{parameter} and \field{odata} > except field \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > before it checks \field{verify_result}. > +\end{itemize*} > + > +\paragraph{Verification: RSA Verification Operation}\label{sec:Device Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Verification: RSA Verification Operation} > + > +\begin{lstlisting} > +struct virtio_crypto_rsa_verify_para { > + le32 hash_algo; > + le32 padding_mode; > + struct virtio_crypto_rsa_pub_key pubkey; > +}; > + > +struct virtio_crypto_rsa_verify_output { > + struct virtio_crypto_buf msg; > +}; > +\end{lstlisting} > + > +RSA verification operation request is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_rsa_verify_req { > + struct virtio_crypto_rsa_verify_para parameter; > + struct virtio_crypto_rsa_verify_output odata; > + > + struct virtio_crypto_asym_verify_gen_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{RSA verification operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA > verification operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata}. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{RSA verification operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA > verification operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA. > +\item The driver SHOULD set all fields in \field{parameter} and \field{odata} > except field \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > before it checks \field{verify_result}. > +\end{itemize*} > + > +\paragraph{Encryption: RSA Encryption Operation}\label{sec:Device Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Encryption: RSA Encryption Operation} > + > +\begin{lstlisting} > +struct virtio_crypto_rsa_enc_para { > + le32 padding_mode; > + le32 reserved; > + struct rsa_pub_key pub_key; > +}; > + > +struct virtio_crypto_rsa_enc_output { > + struct virtio_crypto_buf msg; > +}; > + > +struct virtio_crypto_rsa_enc_input { > + le32 status; > + le32 reserved; > + > + struct virtio_crypto_buf cmsg; > +}; > +\end{lstlisting} > + > +RSA encryption operation request is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_rsa_enc_req { > + struct virtio_crypto_rsa_enc_para parameter; > + struct virtio_crypto_rsa_enc_output odata; > + > + struct virtio_crypto_rsa_enc_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{RSA Encryption Operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA > Encryption Operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{RSA Encryption Operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA > Encryption Operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_ENCRYPT, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA. > +\item The driver SHOULD set all fields in \field{parameter} and \field{odata} > except field \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > before it operates other fields in \field{idata}. > +Only if the operation is successful, the \field{cmsg} in \field{idata} is > operatable. > +\end{itemize*} > + > +\paragraph{Decryption: RSA Decryption Operation}\label{sec:Device Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Decryption: RSA Decryption Operation} > + > +\begin{lstlisting} > +struct virtio_crypto_rsa_dec_para { > + le32 padding_mode; > + le32 reserved; > + struct virtio_crypto_rsa_priv_key priv_key; > +}; > + > +struct virtio_crypto_rsa_dec_output { > + struct virtio_crypto_buf cmsg; > +} > + > +struct virtio_crypto_rsa_dec_input { > + le32 status; > + le32 reserved; > + > + struct virtio_crypto_buf msg; > +}; > +\end{lstlisting} > + > +RSA decryption operation request is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_rsa_dec_req { > + struct virtio_crypto_rsa_dec_para parameter; > + struct virtio_crypto_rsa_dec_output odata; > + > + struct virtio_crypto_rsa_dec_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{RSA Decryption Operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA > Decryption Operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{RSA Decryption Operation}{Device Types / > Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA > Decryption Operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_DECRYPT, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA. > +\item The driver SHOULD set all fields in \field{parameter} and \field{odata} > except field \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > before it operates other fields in \field{idata}. > +Only if the operation is successful, the \field{msg} in \field{idata} is > operatable. > +\end{itemize*} > + > +\paragraph{Key Generation: RSA Key Generation Operation}\label{sec:Device > Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Key Generation: RSA Key Generation Operation} > + > +\begin{lstlisting} > +struct virtio_crypto_rsa_keygen_para { > + /* The modules length in bytes */ > + le32 modulus_len; > + le32 rsa_prime_number; > + le32 priv_key_rep_type; > + le32 reserved; > + > + /* the public exponent */ > + struct virtio_crypto_buf e; > +}; > + > +struct virtio_crypto_rsa_keygen_input { > + le32 status; > + le32 reserved; > + > + struct virtio_crypto_rsa_priv_key priv_key; > + struct virtio_crypto_rsa_pub_key pub_key; > +}; > +\end{lstlisting} > + > +RSA key-generation operation request is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_rsa_keygen_req { > + struct virtio_crypto_rsa_keygen_para parameter; > + > + struct virtio_crypto_rsa_keygen_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{RSA Key Generation Operation}{Device > Types / Crypto Device / Device Operation / Asymmetric Crypto Service > Operation / RSA Key Generation Operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{RSA Key Generation Operation}{Device > Types / Crypto Device / Device Operation / Asymmetric Crypto Service > Operation / RSA Key Generation Operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA. > +\item The driver SHOULD set all fields in \field{parameter} except > \field{reserved} field. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > before it operates other fields in \field{idata}. > +Only if the operation is successful, the \field{priv_key} and > \field{pub_key} in > \field{idata} are operatable. > +\end{itemize*} > + > +\paragraph{Key Generation: DSA Key Generation operation}\label{sec:Device > Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Key Generation: DSA Key Generation operation} > + > +\begin{lstlisting} > +struct virtio_crypto_dsa_keygen_para { > + le32 modulus_len; > + le32 reserved; > +}; > + > +struct virtio_crypto_dsa_keygen_input { > + le32 status; > + le32 reserved; > + > + /* DSA Group parameters */ > + struct virtio_crypto_dsa_group dsa; > + /* Private key */ > + struct virtio_crypto_buf x; > + /* Public key */ > + struct virtio_crypto_buf y; > +}; > +\end{lstlisting} > + > +DSA key-generation operation request is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_dsa_keygen_req { > + struct virtio_crypto_dsa_keygen_para parameter; > + > + struct virtio_crypto_dsa_keygen_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{DSA Key Generation Operation}{Device > Types / Crypto Device / Device Operation / Asymmetric Crypto Service > Operation / DSA Key Generation Operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{DSA Key Generation Operation}{Device > Types / Crypto Device / Device Operation / Asymmetric Crypto Service > Operation / DSA Key Generation Operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA. > +\item The driver SHOULD set all fields in \field{parameter} except > \field{reserved} field. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > before it operates other fields in \field{idata}. > +Only if the operation is successful, the \field{priv_key} and > \field{pub_key} in > \field{idata} are operatable. > +\end{itemize*} > + > +\paragraph{Key Generation: EC Key Generation operation}\label{sec:Device > Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Key Generation: EC Key Generation operation} > + > +\begin{lstlisting} > +struct virtio_crypto_ec_keygen_para { > + /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */ > + le32 field_type; > + le32 reserved; > + > + /* EC group parameters */ > + struct virtio_crypto_ec_group ec; > +}; > + > +struct virtio_crypto_ec_keygen_input { > + le32 status; > + le32 reserved; > + > + /* Private key */ > + struct virtio_crypto_buf d; > + > + /* Public key */ > + struct virtio_crypto_buf x; > + struct virtio_crypto_buf y; > +}; > +\end{lstlisting} > + > +EC key-generation operation request is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_ec_keygen_req { > + struct virtio_crypto_ec_keygen_para parameter; > + > + struct virtio_crypto_ec_keygen_input key; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{EC Key Generation Operation}{Device Types > / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / EC > Key Generation Operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{EC Key Generation Operation}{Device Types > / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / EC > Key Generation Operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH or > VIRTIO_CRYPTO_ASYM_ECDSA. > +\item The driver SHOULD set all fields in \field{parameter} except > \field{reserved} field. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > before it operates other fields in \field{idata}. > +Only if the operation is successful, the other fields in \field{idata} are > operatable. > +\end{itemize*} > + > +\paragraph{Key Exchange: Common Structure}\label{sec:Device Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Key Exchange: Common Structure} > + > +Key Exchange request has two kinds of operations in general, key generation > and key computation. > +For DH, it has additional operation: parameter generation operation. > + > +\paragraph{Key Exchange: DH Parameter Generation > Operation}\label{sec:Device Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Key Exchange: DH Parameter Generation Operation} > + > +\begin{lstlisting} > +struct virtio_crypto_dh_parameter { > + le32 modules_len; > + le32 reserved; > + > + /* random odd prime number */ > + struct virtio_crypto_buf p; > + /* base (g) */ > + struct virtio_crypto_buf g; > +}; > + > +#define VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY 0 > +#define VIRTIO_CRYPTO_KEY_EXCHANGE_COMPUTE_KEY 1 > +/* It's only valid in case algorithm is DH */ > +#define VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_DH_PARAM 2 > + > +struct virtio_crypto_dh_keyexchg_para { > + /* > + * The sub-operation in key exchange, > + * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition > + */ > + le32 keyexchg_op; > + le32 reserved; > + > + struct virtio_crypto_dh_parameter dh_param; > +}; > + > +struct virtio_crypto_dh_keyexchg_param_gen_input { > + le32 status; > + le32 reserved; > +}; > +\end{lstlisting} > + > +DH Parameter Generation Operation in Key-Exchange is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_dh_keyexchg_param_gen_req { > + struct virtio_crypto_dh_keyexchg_para parameter; > + > + struct virtio_crypto_dh_keyexchg_param_gen_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{Key Exchange: DH Parameter Generation > Operation}{Device Types / Crypto Device / Device Operation / > +Asymmetric Crypto Service Operation / Key Exchange: DH Parameter > Generation Operation} > +\begin{itemize*} > +\item The device SHOULD set the operation result in \field{idata}, and set > \field{p} and \field{g} in \field{dh_param}. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{Key Exchange: DH Parameter Generation > Operation}{Device Types / Crypto Device / Device Operation / > +Asymmetric Crypto Service Operation / Key Exchange: DH Parameter > Generation Operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH. > +\item The driver SHOULD set the \field{keyexchg_op} to > VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_DH_PARAM in \field{parameter}. > +\item The driver SHOULD set \field{modules_len} in \field{dh_param}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > firstly. > +Only if the operation is successful, the other fields in \field{idata} are > operatable. > +\end{itemize*} > + > +\paragraph{Key Exchange: DH Key Generation Operation}\label{sec:Device > Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Key Exchange: DH Key Generation Operation} > + > +\begin{lstlisting} > +struct virtio_crypto_dh_keyexchg_keygen_input { > + le32 status; > + le32 reserved; > + > + /* private key */ > + struct virtio_crypto_buf x; > + /* public key */ > + struct virtio_crypto_buf y; > +}; > +\end{lstlisting} > + > +DH Key Generation Operation in Key-Exchange is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_dh_keyexchg_key_gen_req { > + struct virtio_crypto_dh_keyexchg_para parameter; > + > + struct virtio_crypto_dh_key_exchg_keygen_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{Key Exchange: DH Key Generation > Operation}{Device Types / Crypto Device / Device Operation / > +Asymmetric Crypto Service Operation / Key Exchange: DH Key Generation > Operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{Key Exchange: DH Key Generation > Operation}{Device Types / Crypto Device / Device Operation / > +Asymmetric Crypto Service Operation / Key Exchange: DH Key Generation > Operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH. > +\item The driver SHOULD set the \field{keyexchg_op} to > VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}. > +\item The driver SHOULD set all other fields in \field{parameter} except > field > \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > firstly. > +Only if the operation is successful, the other fields in \field{idata} are > operatable. > +\end{itemize*} > + > +\paragraph{Key Exchange: DH Key Computation Operation}\label{sec:Device > Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Key Exchange: DH Key Computation Operation} > + > +\begin{lstlisting} > +struct virtio_crypto_dh_keyexchg_compute_key_output { > + /* local private key */ > + struct virtio_crypto_buf x; > + /* peer's public key */ > + struct virtio_crypto_buf y; > +}; > + > +struct virtio_crypto_dh_keyexchg_compute_key_input { > + le32 status; > + le32 reserved; > + > + struct virtio_crypto_buf shared_secret; > +}; > +\end{lstlisting} > + > +DH Key Computation Operation in Key-Exchange is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_dh_keyexchg_key_compute_req { > + struct virtio_crypto_dh_keyexchg_para parameter; > + struct virtio_crypto_dh_keyexchg_compute_key_output odata; > + > + struct virtio_crypto_dh_keyexchg_compute_key_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{Key Exchange: DH Key Computation > Operation}{Device Types / Crypto Device / Device Operation / > +Asymmetric Crypto Service Operation / Key Exchange: DH Key Computation > Operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{Key Exchange: DH Key Computation > Operation}{Device Types / Crypto Device / Device Operation / > +Asymmetric Crypto Service Operation / Key Exchange: DH Key Computation > Operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH. > +\item The driver SHOULD set the \field{keyexchg_op} to > VIRTIO_CRYPTO_KEY_EXCHANGE_COMPUTE_KEY in \field{parameter}. > +\item The driver SHOULD set all other fields in \field{parameter} except > field > \field{reserved}. > +\item The driver SHOULD set all fields in \field{odata} except field > \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > firstly. > +Only if the operation is successful, the other fields in \field{idata} are > operatable. > +\end{itemize*} > + > +\paragraph{Key Exchange: ECDH Key Generation Operation}\label{sec:Device > Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Key Exchange: ECDH Key Generation Operation} > + > +\begin{lstlisting} > +struct virtio_crypto_ecdh_keyexchg_keygen_para { > + /* > + * The sub-operation in key exchange, > + * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition > + */ > + le32 keyexchg_op; > + le32 reserved; > + > + struct virtio_crypto_ec_keygen_para parameter; > +}; > +\end{lstlisting} > + > +ECDH Key Generation Operation in Key-Exchange is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_ecdh_keyexchg_key_gen_req { > + struct virtio_crypto_ecdh_keyexchg_keygen_para parameter; > + > + struct virtio_crypto_ec_keygen_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{Key Exchange: ECDH Key Generation > Operation}{Device Types / Crypto Device / Device Operation / > +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Generation > Operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{Key Exchange: ECDH Key Generation > Operation}{Device Types / Crypto Device / Device Operation / > +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Generation > Operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH. > +\item The driver SHOULD set the \field{keyexchg_op} to > VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}. > +\item The driver SHOULD set all other fields in \field{parameter} except > field > \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > firstly. > +Only if the operation is successful, the other fields in \field{idata} are > operatable. > +\end{itemize*} > + > +\paragraph{Key Exchange: ECDH Key Computation > Operation}\label{sec:Device Types / > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto > Service Operation / Key Exchange: ECDH Key Computation Operation} > + > +\begin{lstlisting} > +struct virtio_crypto_ecdh_keyexchg_compute_key_para { > + /* > + * The sub-operation in key exchange, > + * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition > + */ > + le32 keyexchg_op; > + le32 reserved; > + > + struct virtio_crypto_ec_keygen_para parameter; > +}; > + > +struct virtio_crypto_ecdh_keyexchg_compute_key_output { > + /* local private key */ > + struct virtio_crypto_buf d; > + > + /* peer's public key */ > + struct virtio_crypto_buf x; > + struct virtio_crypto_buf y; > +}; > + > +struct virtio_crypto_ecdh_keyexchg_compute_key_input { > + le32 status; > + le32 reserved; > + > + struct virtio_crypto_buf shared_secret; > +}; > +\end{lstlisting} > + > +ECDH Key Computation Operation in Key-Exchange is defined as below: > +\begin{lstlisting} > +struct virtio_crypto_ecdh_keyexchg_key_compute_req { > + struct virtio_crypto_ecdh_keyexchg_compute_key_para parameter; > + struct virtio_crypto_ecdh_keyexchg_compute_key_output odata; > + > + struct virtio_crypto_ecdh_keyexchg_compute_key_input idata; > +}; > +\end{lstlisting} > + > +\devicenormative{\subparagraph}{Key Exchange: ECDH Key Computation > Operation}{Device Types / Crypto Device / Device Operation / > +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Computation > Operation} > +\begin{itemize*} > +\item The device SHOULD set the operation results in \field{idata} according > to the general device requirments for asymmetric crypto service. > +\end{itemize*} > + > +\drivernormative{\subparagraph}{Key Exchange: ECDH Key Computation > Operation}{Device Types / Crypto Device / Device Operation / > +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Computation > Operation} > +\begin{itemize*} > +\item The driver SHOULD set the \field{opcode} in > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG, > +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH. > +\item The driver SHOULD set the \field{keyexchg_op} to > VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}. > +\item The driver SHOULD set all other fields in \field{parameter} except > field > \field{reserved}. > +\item The driver MUST check the operation result \field{status} in > \field{idata} > firstly. > +Only if the operation is successful, the other fields in \field{idata} are > operatable. > +\end{itemize*} > -- > 1.9.3