RE: [v1 3/6] cryptodev: add hash support in asymmetric capability
From: Gowrishankar Muthukrishnan <hidden>
Date: 2023-09-27 05:55:12
Hi Arek,
quoted
rte_crypto_ec_xform { enum rte_crypto_curve_id curve_id; /**< Pre-defined ec groups */ + + enum rte_crypto_auth_algorithm hash;[Arek] I think that session should only contain information that are constant across its lifetime. Here we decided to have a curve id, but this could be curve + key. But hash may be different for any op, additionally this xform is used for key exchange; multiplication or potentially encryption/decryption., which usually does not need any hash. I would have it in the op.
Ack. I will send next version of this series with this modification. Reason we had in xform is to stop app not to process enq if session creation itself would fail (without required capability). In the next version of patch, you would see (2/7), you keys moved into session. Thanks, Gowrishankar
quoted
+ /**< Hash algorithm used in EC op. */ }; /**diff --git a/lib/cryptodev/rte_cryptodev.cb/lib/cryptodev/rte_cryptodev.c index c49d342b17..041d3074db 100644--- a/lib/cryptodev/rte_cryptodev.c +++ b/lib/cryptodev/rte_cryptodev.c@@ -718,6 +718,22 @@rte_cryptodev_asym_xform_capability_check_modlen(quoted
return ret; } +bool +rte_cryptodev_asym_xform_capability_check_hash( + const struct rte_cryptodev_asymmetric_xform_capability*capability,quoted
+ enum rte_crypto_auth_algorithm hash) { + bool ret = false; + + if (capability->hash_algos & (1 << hash)) + ret = true; + + rte_cryptodev_trace_asym_xform_capability_check_hash( + capability->hash_algos, hash, ret); + + return ret; +} + /* spinlock for crypto device enq callbacks */ static rte_spinlock_t rte_cryptodev_callback_lock = RTE_SPINLOCK_INITIALIZER;diff --git a/lib/cryptodev/rte_cryptodev.hb/lib/cryptodev/rte_cryptodev.h index 64810c9ec4..536e082244 100644--- a/lib/cryptodev/rte_cryptodev.h +++ b/lib/cryptodev/rte_cryptodev.h@@ -189,6 +189,9 @@ struct rte_cryptodev_asymmetric_xform_capability{quoted
* random value. Otherwise, PMD would internally computethe randomquoted
number. */ }; + + uint64_t hash_algos; + /**< Bitmask of hash algorithms supported for op_type. */ }; /**@@ -348,6 +351,22 @@rte_cryptodev_asym_xform_capability_check_modlen(quoted
const struct rte_cryptodev_asymmetric_xform_capability*capability,quoted
uint16_t modlen); +/** + * Check if hash algorithm is supported. + * + * @param capability Asymmetric crypto capability. + * @param hash Hash algorithm. + * + * @return + * - Return true if the hash algorithm is supported. + * - Return false if the hash algorithm is not supported. + */ +__rte_experimental +bool +rte_cryptodev_asym_xform_capability_check_hash( + const struct rte_cryptodev_asymmetric_xform_capability*capability,quoted
+ enum rte_crypto_auth_algorithm hash); + /** * Provide the cipher algorithm enum, given an algorithm string *diff --git a/lib/cryptodev/version.map b/lib/cryptodev/version.mapindex ae8d9327b4..3c2d1780e0 100644--- a/lib/cryptodev/version.map +++ b/lib/cryptodev/version.map@@ -54,6 +54,7 @@ EXPERIMENTAL { rte_cryptodev_asym_get_xform_enum; rte_cryptodev_asym_session_create; rte_cryptodev_asym_session_free; + rte_cryptodev_asym_xform_capability_check_hash; rte_cryptodev_asym_xform_capability_check_modlen; rte_cryptodev_asym_xform_capability_check_optype; rte_cryptodev_sym_cpu_crypto_process; --2.25.1