subject:"\[virtio\-dev\] RE\: \[V0 1\/1\] virtio crypto device specification\: asymmetric crypto service"

[virtio-dev] RE: [V0 1/1] virtio crypto device specification: asymmetric crypto service

2016-09-22 Thread Zeng, Xin

On Wednesday, September 21, 2016 3:03 PM, Gonglei (Arei) Wrote:
> > -Original Message-
> > From: Xin Zeng [mailto:xin.z...@intel.com]
> > Sent: Wednesday, September 21, 2016 1:15 PM
> > To: virtio-dev@lists.oasis-open.org; qemu-de...@nongnu.org; Gonglei
> (Arei)
> > Cc: m...@redhat.com; brian.a.keat...@intel.com; john.grif...@intel.com;
> > liang.j...@intel.com; Huangweidong (C); Xin Zeng
> > Subject: [V0 1/1] virtio crypto device specification: asymmetric crypto
> service
> >
> > This patch introduces asymmetric crypto service into virtio crypto
> > device. The asymmetric crypto service can be referred as signature,
> > verification, encryption, decryption, key generation and key exchange.
> > This patch depends on another virtio crypto device spec patch:
> > https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg04563.html.
> >
> > Signed-off-by: Xin Zeng 
> > ---
> >  virtio-crypto.tex | 932
> > +-
> >  1 file changed, 931 insertions(+), 1 deletion(-)
> >
> > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > index c3554e3..699d8dc 100644
> > --- a/virtio-crypto.tex
> > +++ b/virtio-crypto.tex
> > @@ -46,6 +46,7 @@ struct virtio_crypto_config {
> >  le32 kdf_algo;
> >  le32 aead_algo;
> >  le32 primitive_algo;
> > +le32 rsa_padding;
> 
> The structure doesn't 64-bit aligned now. Please add a padding.
> 

Yes. We also need remove some fields for now as Michael suggested in another 
mail.

> >  };
> >  \end{lstlisting}
> >
> > @@ -67,6 +68,7 @@ The following services are defined:
> >  #define VIRTIO_CRYPTO_SERVICE_HASH   (1) /* HASH service */
> >  #define VIRTIO_CRYPTO_SERVICE_MAC(2) /* MAC (Message
> > Authentication Codes) service */
> >  #define VIRTIO_CRYPTO_SERVICE_AEAD   (3) /* AEAD (Authenticated
> > Encryption with Associated Data) service */
> > +#define VIRTIO_CRYPTO_SERVICE_ASYM  (4) /* Asymmetric crypto
> service*/
> >  \end{lstlisting}
> >
> >  The last driver-read-only fields specify detailed algorithms masks
> > @@ -140,6 +142,28 @@ The following AEAD algorithms are defined:
> >  #define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305  3
> >  \end{lstlisting}
> >
> > +The following asymmetric algorithms are defined:
> > +
> > +\begin{lstlisting}
> > +#define VIRTIO_CRYPTO_ASYM_NONE0
> > +#define VIRTIO_CRYPTO_ASYM_RSA 1
> > +#define VIRTIO_CRYPTO_ASYM_DSA 2
> > +#define VIRTIO_CRYPTO_ASYM_DH  3
> > +#define VIRTIO_CRYPTO_ASYM_ECDSA   4
> > +#define VIRTIO_CRYPTO_ASYM_ECDH   5
> > +\end{lstlisting}
> > +
> > +The following rsa padding capabilities are defined:
> > +
> > +\begin{lstlisting}
> > +#define VIRTIO_CRYPTO_RSA_NO_PADDING 0
> > +#define VIRTIO_CRYPTO_RSA_PKCS1_PADDING  1
> > +#define VIRTIO_CRYPTO_RSA_SSLV23_PADDING 2
> > +#define VIRTIO_CRYPTO_RSA_PKCS1_OAEP_PADDING 3
> > +#define VIRTIO_CRYPTO_RSA_X931_PADDING   4
> > +#define VIRTIO_CRYPTO_RSA_PKCS1_PSS_PADDING  5
> > +\end{lstlisting}
> > +
> >  \begin{note}
> >  More algorithms will be defined in the future.
> >  \end{note}
> > @@ -238,6 +262,18 @@ struct virtio_crypto_op_header {
> >  VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
> >  #define VIRTIO_CRYPTO_AEAD_DECRYPT \
> >  VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
> > +#define VIRTIO_CRYPTO_ASYM_SIGN\
> > +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x00)
> > +#define VIRTIO_CRYPTO_ASYM_VERIFY \
> > +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x01)
> > +#define VIRTIO_CRYPTO_ASYM_ENCRYPT  \
> > +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x02)
> > +#define VIRTIO_CRYPTO_ASYM_DECRYPT  \
> > +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x03)
> > +#define VIRTIO_CRYPTO_ASYM_KEY_GEN  \
> > +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x04)
> > +#define VIRTIO_CRYPTO_ASYM_KEY_EXCHG \
> > +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x05)
> >  le32 opcode;
> >  /* algo should be service-specific algorithms */
> >  le32 algo;
> > @@ -540,6 +576,26 @@ struct virtio_crypto_op_data_req {
> >  struct virtio_crypto_hash_data_req  hash_req;
> >  struct virtio_crypto_mac_data_req   mac_req;
> >  struct virtio_crypto_aead_data_req  aead_req;
> > +struct virtio_crypto_ecdsa_sign_req ecdsa_sign_req;
> > +struct virtio_crypto_dsa_sign_req dsa_sign_req;
> > +struct virtio_crypto_rsa_sign_req rsa_sign_req;
> > +
> > +struct virtio_crypto_ecdsa_verify_req ecdsa_verify_req;
> > +struct virtio_crypto_dsa_verify_req dsa_verify_req;
> > +struct virtio_crypto_rsa_verify_req rsa_verify_req;
> > +
> > +struct virtio_crypto_rsa_enc_req rsa_enc_req
> > +struct virtio_crypto_rsa_dec_req rsa_dec_req;
> > +
> > +struct virtio_crypto_rsa_keygen_req rsa_keygen_req;
> > +struct virtio_crypto_dsa_keygen_req dsa_keygen_req;
> > +struct

[virtio-dev] RE: [V0 1/1] virtio crypto device specification: asymmetric crypto service

2016-09-21 Thread Gonglei (Arei)


Hi Xin,

Here you go. ;)

> -Original Message-
> From: Xin Zeng [mailto:xin.z...@intel.com]
> Sent: Wednesday, September 21, 2016 1:15 PM
> To: virtio-dev@lists.oasis-open.org; qemu-de...@nongnu.org; Gonglei (Arei)
> Cc: m...@redhat.com; brian.a.keat...@intel.com; john.grif...@intel.com;
> liang.j...@intel.com; Huangweidong (C); Xin Zeng
> Subject: [V0 1/1] virtio crypto device specification: asymmetric crypto 
> service
> 
> This patch introduces asymmetric crypto service into virtio crypto
> device. The asymmetric crypto service can be referred as signature,
> verification, encryption, decryption, key generation and key exchange.
> This patch depends on another virtio crypto device spec patch:
> https://lists.gnu.org/archive/html/qemu-devel/2016-09/msg04563.html.
> 
> Signed-off-by: Xin Zeng 
> ---
>  virtio-crypto.tex | 932
> +-
>  1 file changed, 931 insertions(+), 1 deletion(-)
> 
> diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> index c3554e3..699d8dc 100644
> --- a/virtio-crypto.tex
> +++ b/virtio-crypto.tex
> @@ -46,6 +46,7 @@ struct virtio_crypto_config {
>  le32 kdf_algo;
>  le32 aead_algo;
>  le32 primitive_algo;
> +le32 rsa_padding;

The structure doesn't 64-bit aligned now. Please add a padding.

>  };
>  \end{lstlisting}
> 
> @@ -67,6 +68,7 @@ The following services are defined:
>  #define VIRTIO_CRYPTO_SERVICE_HASH   (1) /* HASH service */
>  #define VIRTIO_CRYPTO_SERVICE_MAC(2) /* MAC (Message
> Authentication Codes) service */
>  #define VIRTIO_CRYPTO_SERVICE_AEAD   (3) /* AEAD (Authenticated
> Encryption with Associated Data) service */
> +#define VIRTIO_CRYPTO_SERVICE_ASYM  (4) /* Asymmetric crypto service*/
>  \end{lstlisting}
> 
>  The last driver-read-only fields specify detailed algorithms masks
> @@ -140,6 +142,28 @@ The following AEAD algorithms are defined:
>  #define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305  3
>  \end{lstlisting}
> 
> +The following asymmetric algorithms are defined:
> +
> +\begin{lstlisting}
> +#define VIRTIO_CRYPTO_ASYM_NONE0
> +#define VIRTIO_CRYPTO_ASYM_RSA 1
> +#define VIRTIO_CRYPTO_ASYM_DSA 2
> +#define VIRTIO_CRYPTO_ASYM_DH  3
> +#define VIRTIO_CRYPTO_ASYM_ECDSA   4
> +#define VIRTIO_CRYPTO_ASYM_ECDH 5
> +\end{lstlisting}
> +
> +The following rsa padding capabilities are defined:
> +
> +\begin{lstlisting}
> +#define VIRTIO_CRYPTO_RSA_NO_PADDING 0
> +#define VIRTIO_CRYPTO_RSA_PKCS1_PADDING  1
> +#define VIRTIO_CRYPTO_RSA_SSLV23_PADDING 2
> +#define VIRTIO_CRYPTO_RSA_PKCS1_OAEP_PADDING 3
> +#define VIRTIO_CRYPTO_RSA_X931_PADDING   4
> +#define VIRTIO_CRYPTO_RSA_PKCS1_PSS_PADDING  5
> +\end{lstlisting}
> +
>  \begin{note}
>  More algorithms will be defined in the future.
>  \end{note}
> @@ -238,6 +262,18 @@ struct virtio_crypto_op_header {
>  VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
>  #define VIRTIO_CRYPTO_AEAD_DECRYPT \
>  VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
> +#define VIRTIO_CRYPTO_ASYM_SIGN\
> +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x00)
> +#define VIRTIO_CRYPTO_ASYM_VERIFY \
> +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x01)
> +#define VIRTIO_CRYPTO_ASYM_ENCRYPT  \
> +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x02)
> +#define VIRTIO_CRYPTO_ASYM_DECRYPT  \
> +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x03)
> +#define VIRTIO_CRYPTO_ASYM_KEY_GEN  \
> +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x04)
> +#define VIRTIO_CRYPTO_ASYM_KEY_EXCHG \
> +VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x05)
>  le32 opcode;
>  /* algo should be service-specific algorithms */
>  le32 algo;
> @@ -540,6 +576,26 @@ struct virtio_crypto_op_data_req {
>  struct virtio_crypto_hash_data_req  hash_req;
>  struct virtio_crypto_mac_data_req   mac_req;
>  struct virtio_crypto_aead_data_req  aead_req;
> +struct virtio_crypto_ecdsa_sign_req ecdsa_sign_req;
> +struct virtio_crypto_dsa_sign_req dsa_sign_req;
> +struct virtio_crypto_rsa_sign_req rsa_sign_req;
> +
> +struct virtio_crypto_ecdsa_verify_req ecdsa_verify_req;
> +struct virtio_crypto_dsa_verify_req dsa_verify_req;
> +struct virtio_crypto_rsa_verify_req rsa_verify_req;
> +
> +struct virtio_crypto_rsa_enc_req rsa_enc_req
> +struct virtio_crypto_rsa_dec_req rsa_dec_req;
> +
> +struct virtio_crypto_rsa_keygen_req rsa_keygen_req;
> +struct virtio_crypto_dsa_keygen_req dsa_keygen_req;
> +struct virtio_crypto_ec_keygen_req ec_keygen_req;
> +
> +struct virtio_crypto_dh_keyexchg_param_gen_req
> dh_keyexchg_param_gen_req;
> +struct virtio_crypto_dh_keyexchg_key_gen_req
> dh_keyexchg_key_gen_req;
> +struct virtio_crypto_dh_keyexchg_key_compute_req
> dh_keyexchg_key_compute_req;
> +struct

[virtio-dev] RE: [V0 1/1] virtio crypto device specification: asymmetric crypto service

[virtio-dev] RE: [V0 1/1] virtio crypto device specification: asymmetric crypto service

2 matches

Site Navigation

Mail list logo

Footer information