From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Subject: Re: Asymmetric cryptography HW offloading
Date: Mon, 23 Sep 2013 15:28:14 +0200
Message-ID: <524041EE.5070209@gnutls.org>
References: <524034A1.70204@freescale.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: QUOTED-PRINTABLE
Cc: "linux-crypto@vger.kernel.org" <linux-crypto@vger.kernel.org>
To: =?UTF-8?B?SG9yaWEgR2VhbnTEgw==?= <horia.geanta@freescale.com>
In-Reply-To: <524034A1.70204@freescale.com>
Sender: linux-crypto-owner@vger.kernel.org

On 09/23/2013 02:31 PM, Horia Geant=C4=83 wrote:
> Hi,
>=20
> CAAM crypto engine (drivers/crypto/caam/*) is capable of asymmetric
> operations, like: modular exponentiation, RSA
> sign/verify/encrypt/decrypt, (EC)DSA sign etc.
> I would appreciate some design guidelines on how to harness these
> capabilities, for crypto engines in general.
>=20
> 1. In-kernel interface for asymmetric crypto
> Should crypto/asymmetric_keys/* be used, i.e. appended with modular
> exponentiation, other asymmetric operations?=20

The BSD's cryptodev supports the following operations which may help in
that aspect (no elliptic curve operations present). I don't know if all
of them worth the context switch.

#define CRK_MOD_EXP		0
#define CRK_MOD_EXP_CRT		1
#define CRK_DSA_SIGN		2
#define CRK_DSA_VERIFY		3
#define CRK_DH_COMPUTE_KEY	4
#define CRK_MOD_ADD		5
#define CRK_MOD_ADDINV		6
#define CRK_MOD_SUB		7
#define CRK_MOD_MULT		8
#define CRK_MOD_MULTINV		9
#define CRK_MOD			10

> 2. User space interface
> Should AF_ALG be expanded to provide access to this new asymmetric cy=
pto
> API? The API would allow user space applications to offload PKC opera=
tions in
> HW.

I'd be interested into adding this support into cryptodev-linux once
present in kernel.

regards,
Nikos