diff mbox

[v1,1/1] virtio crypto device specification: asymmetric crypto service

Message ID 1477623130-21062-1-git-send-email-xin.zeng@intel.com (mailing list archive)
State New, archived
Headers show

Commit Message

Xin Zeng Oct. 28, 2016, 2:52 a.m. UTC
This patch introduces asymmetric crypto service into virtio crypto
device spec. The asymmetric crypto service can be referred as signature,
verification, encryption, decryption, key generation and key exchange.
This patch depends on another virtio crypto device spec patch:
https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01744.html

Changes since v0:
- Use devicenormative/drivernormative instead of self-defined
  device/driver label.  [Lei]
- Change the error code of verification to general virtio_crypto
  error code. [Lei]
- Use macro instead of enum in verification result. [Lei]
- Fix the incorrect label value for paragraph and section. [Lei]

Please help to review, thanks!

Signed-off-by: Xin Zeng <xin.zeng@intel.com>
---
 virtio-crypto.tex | 965 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 962 insertions(+), 3 deletions(-)

Comments

Xin Zeng Nov. 3, 2016, 12:19 p.m. UTC | #1
Ping....
Is there any comment for this patch? 

thanks

> -----Original Message-----
> From: Zeng, Xin
> Sent: Friday, October 28, 2016 10:52 AM
> To: virtio-dev@lists.oasis-open.org; qemu-devel@nongnu.org
> Cc: mst@redhat.com; arei.gonglei@huawei.com; Keating, Brian A
> <brian.a.keating@intel.com>; Griffin, John <john.griffin@intel.com>; Ma,
> Liang J <liang.j.ma@intel.com>; weidong.huang@huawei.com; Zeng, Xin
> <xin.zeng@intel.com>
> Subject: [PATCH v1 1/1] virtio crypto device specification: asymmetric crypto
> service
> 
> This patch introduces asymmetric crypto service into virtio crypto
> device spec. The asymmetric crypto service can be referred as signature,
> verification, encryption, decryption, key generation and key exchange.
> This patch depends on another virtio crypto device spec patch:
> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01744.html
> 
> Changes since v0:
> - Use devicenormative/drivernormative instead of self-defined
>   device/driver label.  [Lei]
> - Change the error code of verification to general virtio_crypto
>   error code. [Lei]
> - Use macro instead of enum in verification result. [Lei]
> - Fix the incorrect label value for paragraph and section. [Lei]
> 
> Please help to review, thanks!
> 
> Signed-off-by: Xin Zeng <xin.zeng@intel.com>
> ---
>  virtio-crypto.tex | 965
> +++++++++++++++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 962 insertions(+), 3 deletions(-)
> 
> diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> index 86e4869..43772da 100644
> --- a/virtio-crypto.tex
> +++ b/virtio-crypto.tex
> @@ -6,7 +6,7 @@ decryption requests are placed in the data queue and are
> ultimately handled by t
>  backend crypto accelerators. The second queue is the control queue used to
> create
>  or destroy sessions for symmetric algorithms and will control some advanced
>  features in the future. The virtio crypto device provides the following crypto
> -services: CIPHER, MAC, HASH, and AEAD.
> +services: CIPHER, MAC, HASH, AEAD and ASYM.
> 
> 
>  \subsection{Device ID}\label{sec:Device Types / Crypto Device / Device ID}
> @@ -44,7 +44,9 @@ struct virtio_crypto_config {
>      le32 mac_algo_l;
>      le32 mac_algo_h;
>      le32 aead_algo;
> -    le32 reserve;
> +    le32 asym_algo;
> +    le32 rsa_padding;
> +    le32 reserved;
>  };
>  \end{lstlisting}
> 
> @@ -70,6 +72,8 @@ The following services are defined:
>  #define VIRTIO_CRYPTO_SERVICE_MAC    (2)
>  /* AEAD (Authenticated Encryption with Associated Data) service */
>  #define VIRTIO_CRYPTO_SERVICE_AEAD   (3)
> +/* ASYM (Asymmetric crypto algorithms) service */
> +#define VIRTIO_CRYPTO_SERVICE_ASYM   (4)
>  \end{lstlisting}
> 
>  The last driver-read-only fields specify detailed algorithms masks
> @@ -143,6 +147,28 @@ The following AEAD algorithms are defined:
>  #define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305  3
>  \end{lstlisting}
> 
> +The following asymmetric algorithms are defined:
> +
> +\begin{lstlisting}
> +#define VIRTIO_CRYPTO_ASYM_NONE        0
> +#define VIRTIO_CRYPTO_ASYM_RSA         1
> +#define VIRTIO_CRYPTO_ASYM_DSA         2
> +#define VIRTIO_CRYPTO_ASYM_DH          3
> +#define VIRTIO_CRYPTO_ASYM_ECDSA       4
> +#define VIRTIO_CRYPTO_ASYM_ECDH	       5
> +\end{lstlisting}
> +
> +The following rsa padding capabilities are defined:
> +
> +\begin{lstlisting}
> +#define VIRTIO_CRYPTO_RSA_NO_PADDING         0
> +#define VIRTIO_CRYPTO_RSA_PKCS1_PADDING      1
> +#define VIRTIO_CRYPTO_RSA_SSLV23_PADDING     2
> +#define VIRTIO_CRYPTO_RSA_PKCS1_OAEP_PADDING 3
> +#define VIRTIO_CRYPTO_RSA_X931_PADDING       4
> +#define VIRTIO_CRYPTO_RSA_PKCS1_PSS_PADDING  5
> +\end{lstlisting}
> +
>  \begin{note}
>  Any other value is reserved for future use.
>  \end{note}
> @@ -241,6 +267,18 @@ struct virtio_crypto_op_header {
>      VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
>  #define VIRTIO_CRYPTO_AEAD_DECRYPT \
>      VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
> +#define VIRTIO_CRYPTO_ASYM_SIGN    \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x00)
> +#define VIRTIO_CRYPTO_ASYM_VERIFY \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x01)
> +#define VIRTIO_CRYPTO_ASYM_ENCRYPT  \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x02)
> +#define VIRTIO_CRYPTO_ASYM_DECRYPT  \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x03)
> +#define VIRTIO_CRYPTO_ASYM_KEY_GEN  \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x04)
> +#define VIRTIO_CRYPTO_ASYM_KEY_EXCHG \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x05)
>      le32 opcode;
>      /* algo should be service-specific algorithms */
>      le32 algo;
> @@ -548,6 +586,23 @@ struct virtio_crypto_op_data_req {
>          struct virtio_crypto_hash_data_req  hash_req;
>          struct virtio_crypto_mac_data_req   mac_req;
>          struct virtio_crypto_aead_data_req  aead_req;
> +
> +        struct virtio_crypto_ecdsa_sign_req ecdsa_sign_req;
> +        struct virtio_crypto_dsa_sign_req dsa_sign_req;
> +        struct virtio_crypto_rsa_sign_req rsa_sign_req;
> +        struct virtio_crypto_ecdsa_verify_req ecdsa_verify_req;
> +        struct virtio_crypto_dsa_verify_req dsa_verify_req;
> +        struct virtio_crypto_rsa_verify_req rsa_verify_req;
> +        struct virtio_crypto_rsa_enc_req rsa_enc_req
> +        struct virtio_crypto_rsa_dec_req rsa_dec_req;
> +        struct virtio_crypto_rsa_keygen_req rsa_keygen_req;
> +        struct virtio_crypto_dsa_keygen_req dsa_keygen_req;
> +        struct virtio_crypto_ec_keygen_req ec_keygen_req;
> +        struct virtio_crypto_dh_keyexchg_param_gen_req
> dh_keyexchg_param_gen_req;
> +        struct virtio_crypto_dh_keyexchg_key_gen_req
> dh_keyexchg_key_gen_req;
> +        struct virtio_crypto_dh_keyexchg_key_compute_req
> dh_keyexchg_key_compute_req;
> +        struct virtio_crypto_ecdh_keyexchg_key_gen_req
> ecdh_keyexchg_key_gen_req;
> +        struct virtio_crypto_ecdh_keyexchg_key_compute_req
> ecdh_keyexchg_key_compute_req;
>      } u;
>  };
>  \end{lstlisting}
> @@ -996,4 +1051,908 @@ pointed by \field{dst_data_addr} and
> \field{digest_result_addr} in struct virtio
>  \item The device MUST copy the digest result to the guest memory
> recorded by \field{digest_result_addr} field in struct
> virtio_crypto_aead_input.
>  \item The device MUST set the \field{status} field in strut
> virtio_crypto_aead_input: VIRTIO_CRYPTO_OK: success;
> VIRTIO_CRYPTO_ERR: creation failed or device error;
> VIRTIO_CRYPTO_NOTSUPP: not supported.
>  \item When the \field{opcode} is VIRTIO_CRYPTO_AEAD_DECRYPT, the
> device MUST verify and return the verification result to the driver, and if the
> verification result is incorrect, VIRTIO_CRYPTO_BADMSG (bad message)
> MUST be returned to the driver.
> -\end{itemize*}
> \ No newline at end of file
> +\end{itemize*}
> +
> +\subsubsection{Asymmetric Crypto Service Operation}\label{sec:Device
> Types / Crypto Device / Device Operation /
> +Crypto operation / Asymmetric Crypto Service Operation}
> +
> +In general, asymmetric crypto service can be referred as signature,
> verification,
> +encryption, decryption, key generation and key exchange. Not each
> algorithm supports
> +all these services.
> +
> +Unlike symmetric crypto service, asymmetric crypto service normally does't
> +need session operations, the request is encapsulated within one packet
> which is represented
> +by \field{virtio_crypto_op_data_req}.
> +(see \ref{sec:Device Types / Crypto Device / Device Operation / Data
> Virtqueue}).
> +
> +Once service request is handled by the device, the device writes back the
> operation results to the corresponding
> +fields in the request packet.
> +
> +The asymmetric crypto operation uses a virtio_crypto_buf to represent the
> input/output buffer.
> +\begin{lstlisting}
> +struct virtio_crypto_buf {
> +    le32 len;
> +    le32 reserved;
> +    le64 addr;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\paragraph}{Asymmetric Crypto Service
> Operation}{Device Types / Crypto Device / Device Operation / Asymmetric
> Crypto Service Operation}
> +\begin{itemize*}
> +\item The device MUST parse the field \field{opcode} within
> \field{virtio_crypto_op_header} (see \ref{sec:Device Types / Crypto Device /
> Device Operation}) before
> +it handles the corresponding service request.
> +\item The device SHOULD set the operation status in field \field{status}
> within \field{idata}.
> +\item The device SHOULD update the operation result to the fields in
> \field{idata} if the operation is successful.
> +\end{itemize*}
> +
> +\drivernormative{\paragraph}{Asymmetric Crypto Service
> Operation}{Device Types / Crypto Device / Device Operation / Asymmetric
> Crypto Service Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the corresponding \field{opcode} in
> \field{virtio_crypto_op_header} according to different services.
> +\item The driver SHOULD offer operatable buffer within \field{idata} if the
> service request structure defines.
> +\end{itemize*}
> +
> +\paragraph{Signature: ECDSA signature operation}\label{sec:Device Types /
> Crypto Device /
> +Device Operation / Crypto operation / Asymmetric Crypto Service
> Operation / Signature: ECDSA signature operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_ec_group {
> +    struct virtio_crypto_buf xg;
> +    struct virtio_crypto_buf yg;
> +    struct virtio_crypto_buf n;
> +    struct virtio_crypto_buf q;
> +    struct virtio_crypto_buf a;
> +    struct virtio_crypto_buf b;
> +    struct virtio_crypto_buf h;
> +};
> +
> +#define VIRTIO_CRYPTO_EC_FIELD_TYPE_PRIME 0
> +#define VIRTIO_CRYPTO_EC_FIELD_TYPE_BINARY 1
> +
> +struct virtio_crypto_ecdsa_sign_para{
> +    /* Hash alogrithms applied to msg */
> +    le32 hash_algo;
> +    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
> +    le32 field_type;
> +
> +    /* EC Group parameters */
> +    struct virtio_crypto_ec_group ec;
> +    /* Random value */
> +    struct virtio_crypto_buf k;
> +    /* Private Key */
> +    struct virtio_crypto_buf d;
> +};
> +
> +struct virtio_crypto_ecdsa_sign_output {
> +    /* Message need to be signed */
> +    struct virtio_crypto_buf msg;
> +};
> +
> +struct virtio_crypto_ecdsa_sign_input {
> +    /* operation result */
> +    le32 status;
> +    le32 reserved;
> +
> +    /* signature result */
> +    struct virtio_crypto_buf r;
> +    struct virtio_crypto_buf s;
> +};
> +\end{lstlisting}
> +
> +ECDSA signature operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_ecdsa_sign_req {
> +    struct virtio_crypto_ecdsa_sign_para parameter;
> +    struct virtio_crypto_ecdsa_sign_output odata;
> +
> +    struct virtio_crypto_ecdsa_sign_input idata;
> +};
> +\end{lstlisting}
> +
> +
> +\devicenormative{\subparagraph}{ECDSA signature operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / ECDSA signature operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{ECDSA signature operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / ECDSA signature operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{r,s} in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Signature: DSA signature operation}\label{sec:Device Types /
> Crypto Device /
> +Device Operation / Crypto operation / Asymmetric Crypto Service
> Operation/ Signature: DSA signature operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_group {
> +    struct virtio_crypto_buf p;
> +    struct virtio_crypto_buf q;
> +    struct virtio_crypto_buf g;
> +};
> +
> +struct virtio_crypto_dsa_sign_para {
> +    /* Hash alogrithms applied to msg */
> +    le32 hash_algo;
> +    le32 reserved;
> +
> +    /* DSA group parameter */
> +    struct virtio_crypto_dsa_group dsa;
> +    /* Random value */
> +    struct virtio_crypto_buf k;
> +    /* Private Key */
> +    struct virtio_crypto_buf x;
> +};
> +
> +struct virtio_crypto_dsa_sign_output {
> +    struct virtio_crypto_buf msg;
> +};
> +
> +struct virtio_crypto_dsa_sign_input  {
> +    /* operation result */
> +    le32 status;
> +    le32 reserved;
> +
> +    /* signature result */
> +    struct virtio_crypto_buf r;
> +    struct virtio_crypto_buf s;
> +};
> +\end{lstlisting}
> +DSA signature operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_sign_req {
> +    struct virtio_crypto_dsa_sign_para parameter;
> +    struct virtio_crypto_dsa_sign_output odata;
> +
> +    struct virtio_crypto_dsa_sign_input idata;
> +};
> +\end{lstlisting}
> +
> +
> +\devicenormative{\subparagraph}{DSA signature operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> DSA signature operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{DSA signature operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> DSA signature operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{r,s} in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Signature: RSA signature operation}\label{sec:Device Types /
> Crypto Device /
> +Device Operation / Crypto operation / Asymmetric Crypto Service
> Operation / Signature: RSA signature operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_pub_key{
> +    /* The RSA modules */
> +    struct virtio_crypto_buf n;
> +    /* The RSA public exponent */
> +    struct virtio_crypto_buf e;
> +};
> +
> +struct virtio_crypto_rsa_priv_key_rep1{
> +    /* The RSA modules */
> +    struct virtio_crypto_buf n;
> +    /* The RSA private exponent */
> +    struct virtio_crypto_buf d;
> +};
> +
> +struct virtio_crypto_rsa_priv_key_rep2{
> +    /* The first factor */
> +    struct virtio_crypto_buf p;
> +    /* The second factor */
> +    struct virtio_crypto_buf q;
> +    /* The first factor's CRT exponent */
> +    struct virtio_crypto_buf dp;
> +    /* The second factor's CRT exponent */
> +    struct virtio_crypto_buf dq;
> +    /* The first CRT coeffieient */
> +    struct virtio_crypto_buf qinv;
> +    /* The factors array when prime_number > 2 */
> +    struct virtio_crypto_buf r[];
> +    /* The CRT exponent array when prime_number > 2 */
> +    struct virtio_crypto_buf d[];
> +    /* The CRT coeffieient array when prime_number > 2 */
> +    struct virtio_crypto_buf t[];
> +};
> +
> +struct virtio_crypto_rsa_priv_key {
> +    le32 prime_number;
> +#define VIRTIO_CRYPTO_RSA_PRIV_KEY_REPTYPE1 0
> +#define VIRTIO_CRYPTO_RSA_PRIV_KEY_REPTYPE2 1
> +    le32 priv_key_rep_type;
> +    union {
> +        struct virtio_crypto_rsa_priv_key_rep1 privkey_rep1;
> +        struct virtio_crypto_rsa_priv_key_rep2 privkey_rep2;
> +    }key;
> +};
> +
> +struct virtio_crypto_rsa_sign_para {
> +    /* Hash alogrithms applied to msg */
> +    le32 hash_algo;
> +    le32 padding_mode;
> +    struct virtio_crypto_rsa_priv_key priv_key;
> +};
> +
> +struct virtio_crypto_rsa_sign_output {
> +    struct virtio_crypto_buf msg;
> +};
> +
> +struct virtio_crypto_rsa_sign_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_buf signature;
> +};
> +\end{lstlisting}
> +
> +RSA signature operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_sign_req {
> +    struct virtio_crypto rsa_sign_para parameter;
> +    struct virtio_crypto rsa_sign_output odata;
> +
> +    struct virtio_crypto rsa_sign_input idata;
> +};
> +\end{lstlisting}
> +
> +
> +\devicenormative{\subparagraph}{ECDSA signature operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / RSA signature operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{ECDSA signature operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / RSA signature operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{signature} in \field{idata} is
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Verification: Common Structure}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Verification: Common Structure}
> +
> +The result of verification operation can be represented by structure
> \field{virtio_crypto_asym_verify_gen_input}.
> +
> +\begin{lstlisting}
> +struct virtio_crypto_asym_verify_gen_input {
> +    /* Operation result */
> +    le32 status;
> +    /* Verification result, VIRTIO_CRYPTO_OK for a susscssful verification
> +     VIRTIO_CRYPTO_BADMSG for a failed verification */
> +    le32 verify_result;
> +};
> +\end{lstlisting}
> +
> +\paragraph{Verification: ECDSA Verification Operation}\label{sec:Device
> Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Verification: ECDSA Verification Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_ecdsa_verify_para {
> +    /* Hash alogrithms applied to msg */
> +    le32 hash_algo;
> +    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
> +    le32 field_type;
> +
> +    /* EC Group parameters */
> +    struct virtio_crypto_ec_group ec;
> +
> +    /* Public key */
> +    struct virtio_crypto_buf x;
> +    struct virtio_crypto_buf y;
> +};
> +
> +struct virtio_crypto_ecdsa_verify_output {
> +    /* Signature value */
> +    struct virtio_crypto_buf r;
> +    struct virtio_crypto_buf s;
> +
> +    struct virtio_crypto_buf msg;
> +};
> +\end{lstlisting}
> +
> +ECDSA Verification Operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_ecdsa_verify_req {
> +    struct virtio_crypto_ecdsa_verify_para parameter;
> +    struct virtio_crypto_ecdsa_verify_output odata;
> +
> +    struct virtio_crypto_asym_verify_gen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{ECDSA verification operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / ECDSA verification operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{ECDSA verification operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / ECDSA verification operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} before it checks \field{verify_result}.
> +\end{itemize*}
> +
> +\paragraph{Verification: DSA Verification Operation}\label{sec:Device Types
> /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Verification: DSA Verification Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_verify_para {
> +    le32 hash_algo;
> +    le32 reserved;
> +
> +    /* DSA Group parameters */
> +    struct virtio_crypto_dsa_group dsa;
> +
> +    /* Public key */
> +    struct virtio_crypto_buf y;
> +};
> +
> +struct virtio_crypto_dsa_verify_output {
> +    /* Signature value */
> +    struct virtio_crypto_buf r;
> +    struct virtio_crypto_buf s;
> +
> +    struct virtio_crypto_buf msg;
> +};
> +\end{lstlisting}
> +
> +DSA Verification Operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_verify_req {
> +    struct virtio_crypto_dsa_verify_para parameter;
> +    struct virtio_crypto_dsa_verify_output odata;
> +
> +    struct virtio_crypto_asym_verify_gen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{DSA verification operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / DSA verification operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata}.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{DSA verification operation}{Device Types
> / Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> DSA verification operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} before it checks \field{verify_result}.
> +\end{itemize*}
> +
> +\paragraph{Verification: RSA Verification Operation}\label{sec:Device Types
> /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Verification: RSA Verification Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_verify_para {
> +    le32 hash_algo;
> +    le32 padding_mode;
> +    struct virtio_crypto_rsa_pub_key pubkey;
> +};
> +
> +struct virtio_crypto_rsa_verify_output {
> +    struct virtio_crypto_buf msg;
> +};
> +\end{lstlisting}
> +
> +RSA verification operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_verify_req {
> +    struct virtio_crypto_rsa_verify_para parameter;
> +    struct virtio_crypto_rsa_verify_output odata;
> +
> +    struct virtio_crypto_asym_verify_gen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{RSA verification operation}{Device Types
> / Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> RSA verification operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata}.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{RSA verification operation}{Device Types
> / Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> RSA verification operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} before it checks \field{verify_result}.
> +\end{itemize*}
> +
> +\paragraph{Encryption: RSA Encryption Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Encryption: RSA Encryption Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_enc_para {
> +    le32 padding_mode;
> +    le32 reserved;
> +    struct rsa_pub_key pub_key;
> +};
> +
> +struct virtio_crypto_rsa_enc_output {
> +    struct virtio_crypto_buf msg;
> +};
> +
> +struct virtio_crypto_rsa_enc_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_buf cmsg;
> +};
> +\end{lstlisting}
> +
> +RSA encryption operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_enc_req {
> +    struct virtio_crypto_rsa_enc_para parameter;
> +    struct virtio_crypto_rsa_enc_output odata;
> +
> +    struct virtio_crypto_rsa_enc_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{RSA Encryption Operation}{Device Types
> / Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> RSA Encryption Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{RSA Encryption Operation}{Device Types
> / Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> RSA Encryption Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_ENCRYPT,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{cmsg} in \field{idata} is
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Decryption: RSA Decryption Operation}\label{sec:Device Types
> /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Decryption: RSA Decryption Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_dec_para {
> +    le32 padding_mode;
> +    le32 reserved;
> +    struct virtio_crypto_rsa_priv_key priv_key;
> +};
> +
> +struct virtio_crypto_rsa_dec_output {
> +    struct virtio_crypto_buf cmsg;
> +}
> +
> +struct virtio_crypto_rsa_dec_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_buf msg;
> +};
> +\end{lstlisting}
> +
> +RSA decryption operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_dec_req {
> +    struct virtio_crypto_rsa_dec_para parameter;
> +    struct virtio_crypto_rsa_dec_output odata;
> +
> +    struct virtio_crypto_rsa_dec_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{RSA Decryption Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / RSA Decryption Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{RSA Decryption Operation}{Device Types
> / Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> RSA Decryption Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_DECRYPT,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{msg} in \field{idata} is
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Generation: RSA Key Generation
> Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Generation: RSA Key Generation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_keygen_para {
> +    /* The modules length in bytes */
> +    le32 modulus_len;
> +    le32 rsa_prime_number;
> +    le32 priv_key_rep_type;
> +    le32 reserved;
> +
> +    /* the public exponent */
> +    struct virtio_crypto_buf e;
> +};
> +
> +struct virtio_crypto_rsa_keygen_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_rsa_priv_key priv_key;
> +    struct virtio_crypto_rsa_pub_key pub_key;
> +};
> +\end{lstlisting}
> +
> +RSA key-generation operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_keygen_req {
> +    struct virtio_crypto_rsa_keygen_para parameter;
> +
> +    struct virtio_crypto_rsa_keygen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{RSA Key Generation Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / RSA Key Generation Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{RSA Key Generation Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / RSA Key Generation Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> +\item The driver SHOULD set all fields in \field{parameter} except
> \field{reserved} field.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{priv_key} and \field{pub_key}
> in \field{idata} are operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Generation: DSA Key Generation
> operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Generation: DSA Key Generation operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_keygen_para {
> +    le32 modulus_len;
> +    le32 reserved;
> +};
> +
> +struct virtio_crypto_dsa_keygen_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    /* DSA Group parameters */
> +    struct virtio_crypto_dsa_group dsa;
> +    /* Private key */
> +    struct virtio_crypto_buf x;
> +    /* Public key */
> +    struct virtio_crypto_buf y;
> +};
> +\end{lstlisting}
> +
> +DSA key-generation operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_keygen_req {
> +    struct virtio_crypto_dsa_keygen_para parameter;
> +
> +    struct virtio_crypto_dsa_keygen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{DSA Key Generation Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / DSA Key Generation Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{DSA Key Generation Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / DSA Key Generation Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
> +\item The driver SHOULD set all fields in \field{parameter} except
> \field{reserved} field.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{priv_key} and \field{pub_key}
> in \field{idata} are operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Generation: EC Key Generation
> operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Generation: EC Key Generation operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_ec_keygen_para {
> +    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
> +    le32 field_type;
> +    le32 reserved;
> +
> +    /* EC group parameters */
> +    struct virtio_crypto_ec_group ec;
> +};
> +
> +struct virtio_crypto_ec_keygen_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    /* Private key */
> +    struct virtio_crypto_buf d;
> +
> +    /* Public key */
> +    struct virtio_crypto_buf x;
> +    struct virtio_crypto_buf y;
> +};
> +\end{lstlisting}
> +
> +EC key-generation operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_ec_keygen_req {
> +    struct virtio_crypto_ec_keygen_para parameter;
> +
> +    struct virtio_crypto_ec_keygen_input key;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{EC Key Generation Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / EC Key Generation Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{EC Key Generation Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / EC Key Generation Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH or
> VIRTIO_CRYPTO_ASYM_ECDSA.
> +\item The driver SHOULD set all fields in \field{parameter} except
> \field{reserved} field.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} before it operates other fields in \field{idata}.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Exchange: Common Structure}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: Common Structure}
> +
> +Key Exchange request has two kinds of operations in general, key
> generation and key computation.
> +For DH, it has additional operation: parameter generation operation.
> +
> +\paragraph{Key Exchange: DH Parameter Generation
> Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: DH Parameter Generation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dh_parameter {
> +    le32 modules_len;
> +    le32 reserved;
> +
> +    /* random odd prime number */
> +    struct virtio_crypto_buf p;
> +    /* base (g) */
> +    struct virtio_crypto_buf g;
> +};
> +
> +#define VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY 0
> +#define VIRTIO_CRYPTO_KEY_EXCHANGE_COMPUTE_KEY 1
> +/* It's only valid in case algorithm is DH */
> +#define VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_DH_PARAM 2
> +
> +struct virtio_crypto_dh_keyexchg_para {
> +    /*
> +    * The sub-operation in key exchange,
> +    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
> +    */
> +    le32 keyexchg_op;
> +    le32 reserved;
> +
> +    struct virtio_crypto_dh_parameter dh_param;
> +};
> +
> +struct virtio_crypto_dh_keyexchg_param_gen_input {
> +    le32 status;
> +    le32 reserved;
> +};
> +\end{lstlisting}
> +
> +DH Parameter Generation Operation in Key-Exchange is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dh_keyexchg_param_gen_req {
> +    struct virtio_crypto_dh_keyexchg_para parameter;
> +
> +    struct virtio_crypto_dh_keyexchg_param_gen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{Key Exchange: DH Parameter
> Generation Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Parameter
> Generation Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation result in \field{idata}, and set
> \field{p} and \field{g} in \field{dh_param}.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{Key Exchange: DH Parameter Generation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Parameter
> Generation Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
> +\item The driver SHOULD set the \field{keyexchg_op} to
> VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_DH_PARAM in \field{parameter}.
> +\item The driver SHOULD set \field{modules_len} in \field{dh_param}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} firstly.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Exchange: DH Key Generation Operation}\label{sec:Device
> Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: DH Key Generation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dh_keyexchg_keygen_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    /* private key */
> +    struct virtio_crypto_buf x;
> +    /* public key */
> +    struct virtio_crypto_buf y;
> +};
> +\end{lstlisting}
> +
> +DH Key Generation Operation in Key-Exchange is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dh_keyexchg_key_gen_req {
> +    struct virtio_crypto_dh_keyexchg_para parameter;
> +
> +    struct virtio_crypto_dh_key_exchg_keygen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{Key Exchange: DH Key Generation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Key Generation
> Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{Key Exchange: DH Key Generation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Key Generation
> Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
> +\item The driver SHOULD set the \field{keyexchg_op} to
> VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
> +\item The driver SHOULD set all other fields in \field{parameter} except
> field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} firstly.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Exchange: DH Key Computation
> Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: DH Key Computation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dh_keyexchg_compute_key_output {
> +    /* local private key */
> +    struct virtio_crypto_buf x;
> +    /* peer's public key */
> +    struct virtio_crypto_buf y;
> +};
> +
> +struct virtio_crypto_dh_keyexchg_compute_key_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_buf shared_secret;
> +};
> +\end{lstlisting}
> +
> +DH Key Computation Operation in Key-Exchange is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dh_keyexchg_key_compute_req {
> +    struct virtio_crypto_dh_keyexchg_para parameter;
> +    struct virtio_crypto_dh_keyexchg_compute_key_output odata;
> +
> +    struct virtio_crypto_dh_keyexchg_compute_key_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{Key Exchange: DH Key Computation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Key Computation
> Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{Key Exchange: DH Key Computation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Key Computation
> Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
> +\item The driver SHOULD set the \field{keyexchg_op} to
> VIRTIO_CRYPTO_KEY_EXCHANGE_COMPUTE_KEY in \field{parameter}.
> +\item The driver SHOULD set all other fields in \field{parameter} except
> field \field{reserved}.
> +\item The driver SHOULD set all fields in \field{odata} except field
> \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} firstly.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Exchange: ECDH Key Generation
> Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: ECDH Key Generation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_ecdh_keyexchg_keygen_para {
> +    /*
> +    * The sub-operation in key exchange,
> +    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
> +    */
> +    le32 keyexchg_op;
> +    le32 reserved;
> +
> +    struct virtio_crypto_ec_keygen_para parameter;
> +};
> +\end{lstlisting}
> +
> +ECDH Key Generation Operation in Key-Exchange is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_ecdh_keyexchg_key_gen_req {
> +    struct virtio_crypto_ecdh_keyexchg_keygen_para parameter;
> +
> +    struct virtio_crypto_ec_keygen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{Key Exchange: ECDH Key Generation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key
> Generation Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{Key Exchange: ECDH Key Generation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key
> Generation Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH.
> +\item The driver SHOULD set the \field{keyexchg_op} to
> VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
> +\item The driver SHOULD set all other fields in \field{parameter} except
> field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} firstly.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Exchange: ECDH Key Computation
> Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: ECDH Key Computation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_ecdh_keyexchg_compute_key_para {
> +    /*
> +    * The sub-operation in key exchange,
> +    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
> +    */
> +    le32 keyexchg_op;
> +    le32 reserved;
> +
> +    struct virtio_crypto_ec_keygen_para parameter;
> +};
> +
> +struct virtio_crypto_ecdh_keyexchg_compute_key_output {
> +    /* local private key */
> +    struct virtio_crypto_buf d;
> +
> +    /* peer's public key */
> +    struct virtio_crypto_buf x;
> +    struct virtio_crypto_buf y;
> +};
> +
> +struct virtio_crypto_ecdh_keyexchg_compute_key_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_buf shared_secret;
> +};
> +\end{lstlisting}
> +
> +ECDH Key Computation Operation in Key-Exchange is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_ecdh_keyexchg_key_compute_req {
> +    struct virtio_crypto_ecdh_keyexchg_compute_key_para parameter;
> +    struct virtio_crypto_ecdh_keyexchg_compute_key_output odata;
> +
> +    struct virtio_crypto_ecdh_keyexchg_compute_key_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{Key Exchange: ECDH Key Computation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key
> Computation Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{Key Exchange: ECDH Key Computation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key
> Computation Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH.
> +\item The driver SHOULD set the \field{keyexchg_op} to
> VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
> +\item The driver SHOULD set all other fields in \field{parameter} except
> field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in
> \field{idata} firstly.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> --
> 1.9.3
Xin Zeng Nov. 10, 2016, 1:10 p.m. UTC | #2
Ping...

Appreciate for any comments for this patch!

Thanks

> -----Original Message-----
> From: virtio-dev@lists.oasis-open.org [mailto:virtio-dev@lists.oasis-open.org]
> On Behalf Of Zeng, Xin
> Sent: Thursday, November 3, 2016 8:19 PM
> To: virtio-dev@lists.oasis-open.org; qemu-devel@nongnu.org
> Cc: mst@redhat.com; arei.gonglei@huawei.com; Keating, Brian A
> <brian.a.keating@intel.com>; Griffin, John <john.griffin@intel.com>; Ma,
> Liang J <liang.j.ma@intel.com>; weidong.huang@huawei.com
> Subject: [virtio-dev] RE: [PATCH v1 1/1] virtio crypto device specification:
> asymmetric crypto service
> 
> Ping....
> Is there any comment for this patch?
> 
> thanks
> 
> > -----Original Message-----
> > From: Zeng, Xin
> > Sent: Friday, October 28, 2016 10:52 AM
> > To: virtio-dev@lists.oasis-open.org; qemu-devel@nongnu.org
> > Cc: mst@redhat.com; arei.gonglei@huawei.com; Keating, Brian A
> > <brian.a.keating@intel.com>; Griffin, John <john.griffin@intel.com>; Ma,
> > Liang J <liang.j.ma@intel.com>; weidong.huang@huawei.com; Zeng, Xin
> > <xin.zeng@intel.com>
> > Subject: [PATCH v1 1/1] virtio crypto device specification: asymmetric
> crypto
> > service
> >
> > This patch introduces asymmetric crypto service into virtio crypto
> > device spec. The asymmetric crypto service can be referred as signature,
> > verification, encryption, decryption, key generation and key exchange.
> > This patch depends on another virtio crypto device spec patch:
> > https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01744.html
> >
> > Changes since v0:
> > - Use devicenormative/drivernormative instead of self-defined
> >   device/driver label.  [Lei]
> > - Change the error code of verification to general virtio_crypto
> >   error code. [Lei]
> > - Use macro instead of enum in verification result. [Lei]
> > - Fix the incorrect label value for paragraph and section. [Lei]
> >
> > Please help to review, thanks!
> >
> > Signed-off-by: Xin Zeng <xin.zeng@intel.com>
> > ---
> >  virtio-crypto.tex | 965
> > +++++++++++++++++++++++++++++++++++++++++++++++++++++-
> >  1 file changed, 962 insertions(+), 3 deletions(-)
> >
> > diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> > index 86e4869..43772da 100644
> > --- a/virtio-crypto.tex
> > +++ b/virtio-crypto.tex
> > @@ -6,7 +6,7 @@ decryption requests are placed in the data queue and
> are
> > ultimately handled by t
> >  backend crypto accelerators. The second queue is the control queue used
> to
> > create
> >  or destroy sessions for symmetric algorithms and will control some
> advanced
> >  features in the future. The virtio crypto device provides the following
> crypto
> > -services: CIPHER, MAC, HASH, and AEAD.
> > +services: CIPHER, MAC, HASH, AEAD and ASYM.
> >
> >
> >  \subsection{Device ID}\label{sec:Device Types / Crypto Device / Device ID}
> > @@ -44,7 +44,9 @@ struct virtio_crypto_config {
> >      le32 mac_algo_l;
> >      le32 mac_algo_h;
> >      le32 aead_algo;
> > -    le32 reserve;
> > +    le32 asym_algo;
> > +    le32 rsa_padding;
> > +    le32 reserved;
> >  };
> >  \end{lstlisting}
> >
> > @@ -70,6 +72,8 @@ The following services are defined:
> >  #define VIRTIO_CRYPTO_SERVICE_MAC    (2)
> >  /* AEAD (Authenticated Encryption with Associated Data) service */
> >  #define VIRTIO_CRYPTO_SERVICE_AEAD   (3)
> > +/* ASYM (Asymmetric crypto algorithms) service */
> > +#define VIRTIO_CRYPTO_SERVICE_ASYM   (4)
> >  \end{lstlisting}
> >
> >  The last driver-read-only fields specify detailed algorithms masks
> > @@ -143,6 +147,28 @@ The following AEAD algorithms are defined:
> >  #define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305  3
> >  \end{lstlisting}
> >
> > +The following asymmetric algorithms are defined:
> > +
> > +\begin{lstlisting}
> > +#define VIRTIO_CRYPTO_ASYM_NONE        0
> > +#define VIRTIO_CRYPTO_ASYM_RSA         1
> > +#define VIRTIO_CRYPTO_ASYM_DSA         2
> > +#define VIRTIO_CRYPTO_ASYM_DH          3
> > +#define VIRTIO_CRYPTO_ASYM_ECDSA       4
> > +#define VIRTIO_CRYPTO_ASYM_ECDH	       5
> > +\end{lstlisting}
> > +
> > +The following rsa padding capabilities are defined:
> > +
> > +\begin{lstlisting}
> > +#define VIRTIO_CRYPTO_RSA_NO_PADDING         0
> > +#define VIRTIO_CRYPTO_RSA_PKCS1_PADDING      1
> > +#define VIRTIO_CRYPTO_RSA_SSLV23_PADDING     2
> > +#define VIRTIO_CRYPTO_RSA_PKCS1_OAEP_PADDING 3
> > +#define VIRTIO_CRYPTO_RSA_X931_PADDING       4
> > +#define VIRTIO_CRYPTO_RSA_PKCS1_PSS_PADDING  5
> > +\end{lstlisting}
> > +
> >  \begin{note}
> >  Any other value is reserved for future use.
> >  \end{note}
> > @@ -241,6 +267,18 @@ struct virtio_crypto_op_header {
> >      VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
> >  #define VIRTIO_CRYPTO_AEAD_DECRYPT \
> >      VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
> > +#define VIRTIO_CRYPTO_ASYM_SIGN    \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x00)
> > +#define VIRTIO_CRYPTO_ASYM_VERIFY \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x01)
> > +#define VIRTIO_CRYPTO_ASYM_ENCRYPT  \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x02)
> > +#define VIRTIO_CRYPTO_ASYM_DECRYPT  \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x03)
> > +#define VIRTIO_CRYPTO_ASYM_KEY_GEN  \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x04)
> > +#define VIRTIO_CRYPTO_ASYM_KEY_EXCHG \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x05)
> >      le32 opcode;
> >      /* algo should be service-specific algorithms */
> >      le32 algo;
> > @@ -548,6 +586,23 @@ struct virtio_crypto_op_data_req {
> >          struct virtio_crypto_hash_data_req  hash_req;
> >          struct virtio_crypto_mac_data_req   mac_req;
> >          struct virtio_crypto_aead_data_req  aead_req;
> > +
> > +        struct virtio_crypto_ecdsa_sign_req ecdsa_sign_req;
> > +        struct virtio_crypto_dsa_sign_req dsa_sign_req;
> > +        struct virtio_crypto_rsa_sign_req rsa_sign_req;
> > +        struct virtio_crypto_ecdsa_verify_req ecdsa_verify_req;
> > +        struct virtio_crypto_dsa_verify_req dsa_verify_req;
> > +        struct virtio_crypto_rsa_verify_req rsa_verify_req;
> > +        struct virtio_crypto_rsa_enc_req rsa_enc_req
> > +        struct virtio_crypto_rsa_dec_req rsa_dec_req;
> > +        struct virtio_crypto_rsa_keygen_req rsa_keygen_req;
> > +        struct virtio_crypto_dsa_keygen_req dsa_keygen_req;
> > +        struct virtio_crypto_ec_keygen_req ec_keygen_req;
> > +        struct virtio_crypto_dh_keyexchg_param_gen_req
> > dh_keyexchg_param_gen_req;
> > +        struct virtio_crypto_dh_keyexchg_key_gen_req
> > dh_keyexchg_key_gen_req;
> > +        struct virtio_crypto_dh_keyexchg_key_compute_req
> > dh_keyexchg_key_compute_req;
> > +        struct virtio_crypto_ecdh_keyexchg_key_gen_req
> > ecdh_keyexchg_key_gen_req;
> > +        struct virtio_crypto_ecdh_keyexchg_key_compute_req
> > ecdh_keyexchg_key_compute_req;
> >      } u;
> >  };
> >  \end{lstlisting}
> > @@ -996,4 +1051,908 @@ pointed by \field{dst_data_addr} and
> > \field{digest_result_addr} in struct virtio
> >  \item The device MUST copy the digest result to the guest memory
> > recorded by \field{digest_result_addr} field in struct
> > virtio_crypto_aead_input.
> >  \item The device MUST set the \field{status} field in strut
> > virtio_crypto_aead_input: VIRTIO_CRYPTO_OK: success;
> > VIRTIO_CRYPTO_ERR: creation failed or device error;
> > VIRTIO_CRYPTO_NOTSUPP: not supported.
> >  \item When the \field{opcode} is VIRTIO_CRYPTO_AEAD_DECRYPT, the
> > device MUST verify and return the verification result to the driver, and if
> the
> > verification result is incorrect, VIRTIO_CRYPTO_BADMSG (bad message)
> > MUST be returned to the driver.
> > -\end{itemize*}
> > \ No newline at end of file
> > +\end{itemize*}
> > +
> > +\subsubsection{Asymmetric Crypto Service Operation}\label{sec:Device
> > Types / Crypto Device / Device Operation /
> > +Crypto operation / Asymmetric Crypto Service Operation}
> > +
> > +In general, asymmetric crypto service can be referred as signature,
> > verification,
> > +encryption, decryption, key generation and key exchange. Not each
> > algorithm supports
> > +all these services.
> > +
> > +Unlike symmetric crypto service, asymmetric crypto service normally
> does't
> > +need session operations, the request is encapsulated within one packet
> > which is represented
> > +by \field{virtio_crypto_op_data_req}.
> > +(see \ref{sec:Device Types / Crypto Device / Device Operation / Data
> > Virtqueue}).
> > +
> > +Once service request is handled by the device, the device writes back the
> > operation results to the corresponding
> > +fields in the request packet.
> > +
> > +The asymmetric crypto operation uses a virtio_crypto_buf to represent
> the
> > input/output buffer.
> > +\begin{lstlisting}
> > +struct virtio_crypto_buf {
> > +    le32 len;
> > +    le32 reserved;
> > +    le64 addr;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\paragraph}{Asymmetric Crypto Service
> > Operation}{Device Types / Crypto Device / Device Operation / Asymmetric
> > Crypto Service Operation}
> > +\begin{itemize*}
> > +\item The device MUST parse the field \field{opcode} within
> > \field{virtio_crypto_op_header} (see \ref{sec:Device Types / Crypto
> Device /
> > Device Operation}) before
> > +it handles the corresponding service request.
> > +\item The device SHOULD set the operation status in field \field{status}
> > within \field{idata}.
> > +\item The device SHOULD update the operation result to the fields in
> > \field{idata} if the operation is successful.
> > +\end{itemize*}
> > +
> > +\drivernormative{\paragraph}{Asymmetric Crypto Service
> > Operation}{Device Types / Crypto Device / Device Operation / Asymmetric
> > Crypto Service Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the corresponding \field{opcode} in
> > \field{virtio_crypto_op_header} according to different services.
> > +\item The driver SHOULD offer operatable buffer within \field{idata} if the
> > service request structure defines.
> > +\end{itemize*}
> > +
> > +\paragraph{Signature: ECDSA signature operation}\label{sec:Device Types
> /
> > Crypto Device /
> > +Device Operation / Crypto operation / Asymmetric Crypto Service
> > Operation / Signature: ECDSA signature operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_ec_group {
> > +    struct virtio_crypto_buf xg;
> > +    struct virtio_crypto_buf yg;
> > +    struct virtio_crypto_buf n;
> > +    struct virtio_crypto_buf q;
> > +    struct virtio_crypto_buf a;
> > +    struct virtio_crypto_buf b;
> > +    struct virtio_crypto_buf h;
> > +};
> > +
> > +#define VIRTIO_CRYPTO_EC_FIELD_TYPE_PRIME 0
> > +#define VIRTIO_CRYPTO_EC_FIELD_TYPE_BINARY 1
> > +
> > +struct virtio_crypto_ecdsa_sign_para{
> > +    /* Hash alogrithms applied to msg */
> > +    le32 hash_algo;
> > +    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
> > +    le32 field_type;
> > +
> > +    /* EC Group parameters */
> > +    struct virtio_crypto_ec_group ec;
> > +    /* Random value */
> > +    struct virtio_crypto_buf k;
> > +    /* Private Key */
> > +    struct virtio_crypto_buf d;
> > +};
> > +
> > +struct virtio_crypto_ecdsa_sign_output {
> > +    /* Message need to be signed */
> > +    struct virtio_crypto_buf msg;
> > +};
> > +
> > +struct virtio_crypto_ecdsa_sign_input {
> > +    /* operation result */
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    /* signature result */
> > +    struct virtio_crypto_buf r;
> > +    struct virtio_crypto_buf s;
> > +};
> > +\end{lstlisting}
> > +
> > +ECDSA signature operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_ecdsa_sign_req {
> > +    struct virtio_crypto_ecdsa_sign_para parameter;
> > +    struct virtio_crypto_ecdsa_sign_output odata;
> > +
> > +    struct virtio_crypto_ecdsa_sign_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +
> > +\devicenormative{\subparagraph}{ECDSA signature operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / ECDSA signature operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{ECDSA signature operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / ECDSA signature operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDSA.
> > +\item The driver SHOULD set all fields in \field{parameter} and
> \field{odata}
> > except field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} before it operates other fields in \field{idata}.
> > +Only if the operation is successful, the \field{r,s} in \field{idata} are
> > operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Signature: DSA signature operation}\label{sec:Device Types /
> > Crypto Device /
> > +Device Operation / Crypto operation / Asymmetric Crypto Service
> > Operation/ Signature: DSA signature operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_dsa_group {
> > +    struct virtio_crypto_buf p;
> > +    struct virtio_crypto_buf q;
> > +    struct virtio_crypto_buf g;
> > +};
> > +
> > +struct virtio_crypto_dsa_sign_para {
> > +    /* Hash alogrithms applied to msg */
> > +    le32 hash_algo;
> > +    le32 reserved;
> > +
> > +    /* DSA group parameter */
> > +    struct virtio_crypto_dsa_group dsa;
> > +    /* Random value */
> > +    struct virtio_crypto_buf k;
> > +    /* Private Key */
> > +    struct virtio_crypto_buf x;
> > +};
> > +
> > +struct virtio_crypto_dsa_sign_output {
> > +    struct virtio_crypto_buf msg;
> > +};
> > +
> > +struct virtio_crypto_dsa_sign_input  {
> > +    /* operation result */
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    /* signature result */
> > +    struct virtio_crypto_buf r;
> > +    struct virtio_crypto_buf s;
> > +};
> > +\end{lstlisting}
> > +DSA signature operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_dsa_sign_req {
> > +    struct virtio_crypto_dsa_sign_para parameter;
> > +    struct virtio_crypto_dsa_sign_output odata;
> > +
> > +    struct virtio_crypto_dsa_sign_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +
> > +\devicenormative{\subparagraph}{DSA signature operation}{Device
> Types /
> > Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> > DSA signature operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{DSA signature operation}{Device Types
> /
> > Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> > DSA signature operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
> > +\item The driver SHOULD set all fields in \field{parameter} and
> \field{odata}
> > except field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} before it operates other fields in \field{idata}.
> > +Only if the operation is successful, the \field{r,s} in \field{idata} are
> > operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Signature: RSA signature operation}\label{sec:Device Types /
> > Crypto Device /
> > +Device Operation / Crypto operation / Asymmetric Crypto Service
> > Operation / Signature: RSA signature operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_rsa_pub_key{
> > +    /* The RSA modules */
> > +    struct virtio_crypto_buf n;
> > +    /* The RSA public exponent */
> > +    struct virtio_crypto_buf e;
> > +};
> > +
> > +struct virtio_crypto_rsa_priv_key_rep1{
> > +    /* The RSA modules */
> > +    struct virtio_crypto_buf n;
> > +    /* The RSA private exponent */
> > +    struct virtio_crypto_buf d;
> > +};
> > +
> > +struct virtio_crypto_rsa_priv_key_rep2{
> > +    /* The first factor */
> > +    struct virtio_crypto_buf p;
> > +    /* The second factor */
> > +    struct virtio_crypto_buf q;
> > +    /* The first factor's CRT exponent */
> > +    struct virtio_crypto_buf dp;
> > +    /* The second factor's CRT exponent */
> > +    struct virtio_crypto_buf dq;
> > +    /* The first CRT coeffieient */
> > +    struct virtio_crypto_buf qinv;
> > +    /* The factors array when prime_number > 2 */
> > +    struct virtio_crypto_buf r[];
> > +    /* The CRT exponent array when prime_number > 2 */
> > +    struct virtio_crypto_buf d[];
> > +    /* The CRT coeffieient array when prime_number > 2 */
> > +    struct virtio_crypto_buf t[];
> > +};
> > +
> > +struct virtio_crypto_rsa_priv_key {
> > +    le32 prime_number;
> > +#define VIRTIO_CRYPTO_RSA_PRIV_KEY_REPTYPE1 0
> > +#define VIRTIO_CRYPTO_RSA_PRIV_KEY_REPTYPE2 1
> > +    le32 priv_key_rep_type;
> > +    union {
> > +        struct virtio_crypto_rsa_priv_key_rep1 privkey_rep1;
> > +        struct virtio_crypto_rsa_priv_key_rep2 privkey_rep2;
> > +    }key;
> > +};
> > +
> > +struct virtio_crypto_rsa_sign_para {
> > +    /* Hash alogrithms applied to msg */
> > +    le32 hash_algo;
> > +    le32 padding_mode;
> > +    struct virtio_crypto_rsa_priv_key priv_key;
> > +};
> > +
> > +struct virtio_crypto_rsa_sign_output {
> > +    struct virtio_crypto_buf msg;
> > +};
> > +
> > +struct virtio_crypto_rsa_sign_input {
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    struct virtio_crypto_buf signature;
> > +};
> > +\end{lstlisting}
> > +
> > +RSA signature operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_rsa_sign_req {
> > +    struct virtio_crypto rsa_sign_para parameter;
> > +    struct virtio_crypto rsa_sign_output odata;
> > +
> > +    struct virtio_crypto rsa_sign_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +
> > +\devicenormative{\subparagraph}{ECDSA signature operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / RSA signature operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{ECDSA signature operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / RSA signature operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> > +\item The driver SHOULD set all fields in \field{parameter} and
> \field{odata}
> > except field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} before it operates other fields in \field{idata}.
> > +Only if the operation is successful, the \field{signature} in \field{idata} is
> > operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Verification: Common Structure}\label{sec:Device Types /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Verification: Common Structure}
> > +
> > +The result of verification operation can be represented by structure
> > \field{virtio_crypto_asym_verify_gen_input}.
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_asym_verify_gen_input {
> > +    /* Operation result */
> > +    le32 status;
> > +    /* Verification result, VIRTIO_CRYPTO_OK for a susscssful verification
> > +     VIRTIO_CRYPTO_BADMSG for a failed verification */
> > +    le32 verify_result;
> > +};
> > +\end{lstlisting}
> > +
> > +\paragraph{Verification: ECDSA Verification Operation}\label{sec:Device
> > Types /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Verification: ECDSA Verification Operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_ecdsa_verify_para {
> > +    /* Hash alogrithms applied to msg */
> > +    le32 hash_algo;
> > +    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
> > +    le32 field_type;
> > +
> > +    /* EC Group parameters */
> > +    struct virtio_crypto_ec_group ec;
> > +
> > +    /* Public key */
> > +    struct virtio_crypto_buf x;
> > +    struct virtio_crypto_buf y;
> > +};
> > +
> > +struct virtio_crypto_ecdsa_verify_output {
> > +    /* Signature value */
> > +    struct virtio_crypto_buf r;
> > +    struct virtio_crypto_buf s;
> > +
> > +    struct virtio_crypto_buf msg;
> > +};
> > +\end{lstlisting}
> > +
> > +ECDSA Verification Operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_ecdsa_verify_req {
> > +    struct virtio_crypto_ecdsa_verify_para parameter;
> > +    struct virtio_crypto_ecdsa_verify_output odata;
> > +
> > +    struct virtio_crypto_asym_verify_gen_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{ECDSA verification operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / ECDSA verification operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{ECDSA verification operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / ECDSA verification operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDSA.
> > +\item The driver SHOULD set all fields in \field{parameter} and
> \field{odata}
> > except field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} before it checks \field{verify_result}.
> > +\end{itemize*}
> > +
> > +\paragraph{Verification: DSA Verification Operation}\label{sec:Device
> Types
> > /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Verification: DSA Verification Operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_dsa_verify_para {
> > +    le32 hash_algo;
> > +    le32 reserved;
> > +
> > +    /* DSA Group parameters */
> > +    struct virtio_crypto_dsa_group dsa;
> > +
> > +    /* Public key */
> > +    struct virtio_crypto_buf y;
> > +};
> > +
> > +struct virtio_crypto_dsa_verify_output {
> > +    /* Signature value */
> > +    struct virtio_crypto_buf r;
> > +    struct virtio_crypto_buf s;
> > +
> > +    struct virtio_crypto_buf msg;
> > +};
> > +\end{lstlisting}
> > +
> > +DSA Verification Operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_dsa_verify_req {
> > +    struct virtio_crypto_dsa_verify_para parameter;
> > +    struct virtio_crypto_dsa_verify_output odata;
> > +
> > +    struct virtio_crypto_asym_verify_gen_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{DSA verification operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / DSA verification operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{DSA verification operation}{Device
> Types
> > / Crypto Device / Device Operation / Asymmetric Crypto Service Operation
> /
> > DSA verification operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
> > +\item The driver SHOULD set all fields in \field{parameter} and
> \field{odata}
> > except field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} before it checks \field{verify_result}.
> > +\end{itemize*}
> > +
> > +\paragraph{Verification: RSA Verification Operation}\label{sec:Device
> Types
> > /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Verification: RSA Verification Operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_rsa_verify_para {
> > +    le32 hash_algo;
> > +    le32 padding_mode;
> > +    struct virtio_crypto_rsa_pub_key pubkey;
> > +};
> > +
> > +struct virtio_crypto_rsa_verify_output {
> > +    struct virtio_crypto_buf msg;
> > +};
> > +\end{lstlisting}
> > +
> > +RSA verification operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_rsa_verify_req {
> > +    struct virtio_crypto_rsa_verify_para parameter;
> > +    struct virtio_crypto_rsa_verify_output odata;
> > +
> > +    struct virtio_crypto_asym_verify_gen_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{RSA verification operation}{Device
> Types
> > / Crypto Device / Device Operation / Asymmetric Crypto Service Operation
> /
> > RSA verification operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{RSA verification operation}{Device
> Types
> > / Crypto Device / Device Operation / Asymmetric Crypto Service Operation
> /
> > RSA verification operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> > +\item The driver SHOULD set all fields in \field{parameter} and
> \field{odata}
> > except field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} before it checks \field{verify_result}.
> > +\end{itemize*}
> > +
> > +\paragraph{Encryption: RSA Encryption Operation}\label{sec:Device Types
> /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Encryption: RSA Encryption Operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_rsa_enc_para {
> > +    le32 padding_mode;
> > +    le32 reserved;
> > +    struct rsa_pub_key pub_key;
> > +};
> > +
> > +struct virtio_crypto_rsa_enc_output {
> > +    struct virtio_crypto_buf msg;
> > +};
> > +
> > +struct virtio_crypto_rsa_enc_input {
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    struct virtio_crypto_buf cmsg;
> > +};
> > +\end{lstlisting}
> > +
> > +RSA encryption operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_rsa_enc_req {
> > +    struct virtio_crypto_rsa_enc_para parameter;
> > +    struct virtio_crypto_rsa_enc_output odata;
> > +
> > +    struct virtio_crypto_rsa_enc_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{RSA Encryption Operation}{Device
> Types
> > / Crypto Device / Device Operation / Asymmetric Crypto Service Operation
> /
> > RSA Encryption Operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{RSA Encryption Operation}{Device
> Types
> > / Crypto Device / Device Operation / Asymmetric Crypto Service Operation
> /
> > RSA Encryption Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_ENCRYPT,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> > +\item The driver SHOULD set all fields in \field{parameter} and
> \field{odata}
> > except field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} before it operates other fields in \field{idata}.
> > +Only if the operation is successful, the \field{cmsg} in \field{idata} is
> > operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Decryption: RSA Decryption Operation}\label{sec:Device
> Types
> > /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Decryption: RSA Decryption Operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_rsa_dec_para {
> > +    le32 padding_mode;
> > +    le32 reserved;
> > +    struct virtio_crypto_rsa_priv_key priv_key;
> > +};
> > +
> > +struct virtio_crypto_rsa_dec_output {
> > +    struct virtio_crypto_buf cmsg;
> > +}
> > +
> > +struct virtio_crypto_rsa_dec_input {
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    struct virtio_crypto_buf msg;
> > +};
> > +\end{lstlisting}
> > +
> > +RSA decryption operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_rsa_dec_req {
> > +    struct virtio_crypto_rsa_dec_para parameter;
> > +    struct virtio_crypto_rsa_dec_output odata;
> > +
> > +    struct virtio_crypto_rsa_dec_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{RSA Decryption Operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / RSA Decryption Operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{RSA Decryption Operation}{Device
> Types
> > / Crypto Device / Device Operation / Asymmetric Crypto Service Operation
> /
> > RSA Decryption Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_DECRYPT,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> > +\item The driver SHOULD set all fields in \field{parameter} and
> \field{odata}
> > except field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} before it operates other fields in \field{idata}.
> > +Only if the operation is successful, the \field{msg} in \field{idata} is
> > operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Key Generation: RSA Key Generation
> > Operation}\label{sec:Device Types /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Key Generation: RSA Key Generation Operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_rsa_keygen_para {
> > +    /* The modules length in bytes */
> > +    le32 modulus_len;
> > +    le32 rsa_prime_number;
> > +    le32 priv_key_rep_type;
> > +    le32 reserved;
> > +
> > +    /* the public exponent */
> > +    struct virtio_crypto_buf e;
> > +};
> > +
> > +struct virtio_crypto_rsa_keygen_input {
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    struct virtio_crypto_rsa_priv_key priv_key;
> > +    struct virtio_crypto_rsa_pub_key pub_key;
> > +};
> > +\end{lstlisting}
> > +
> > +RSA key-generation operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_rsa_keygen_req {
> > +    struct virtio_crypto_rsa_keygen_para parameter;
> > +
> > +    struct virtio_crypto_rsa_keygen_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{RSA Key Generation
> Operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / RSA Key Generation Operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{RSA Key Generation Operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / RSA Key Generation Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> > +\item The driver SHOULD set all fields in \field{parameter} except
> > \field{reserved} field.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} before it operates other fields in \field{idata}.
> > +Only if the operation is successful, the \field{priv_key} and \field{pub_key}
> > in \field{idata} are operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Key Generation: DSA Key Generation
> > operation}\label{sec:Device Types /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Key Generation: DSA Key Generation operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_dsa_keygen_para {
> > +    le32 modulus_len;
> > +    le32 reserved;
> > +};
> > +
> > +struct virtio_crypto_dsa_keygen_input {
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    /* DSA Group parameters */
> > +    struct virtio_crypto_dsa_group dsa;
> > +    /* Private key */
> > +    struct virtio_crypto_buf x;
> > +    /* Public key */
> > +    struct virtio_crypto_buf y;
> > +};
> > +\end{lstlisting}
> > +
> > +DSA key-generation operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_dsa_keygen_req {
> > +    struct virtio_crypto_dsa_keygen_para parameter;
> > +
> > +    struct virtio_crypto_dsa_keygen_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{DSA Key Generation
> Operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / DSA Key Generation Operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{DSA Key Generation Operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / DSA Key Generation Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
> > +\item The driver SHOULD set all fields in \field{parameter} except
> > \field{reserved} field.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} before it operates other fields in \field{idata}.
> > +Only if the operation is successful, the \field{priv_key} and \field{pub_key}
> > in \field{idata} are operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Key Generation: EC Key Generation
> > operation}\label{sec:Device Types /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Key Generation: EC Key Generation operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_ec_keygen_para {
> > +    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
> > +    le32 field_type;
> > +    le32 reserved;
> > +
> > +    /* EC group parameters */
> > +    struct virtio_crypto_ec_group ec;
> > +};
> > +
> > +struct virtio_crypto_ec_keygen_input {
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    /* Private key */
> > +    struct virtio_crypto_buf d;
> > +
> > +    /* Public key */
> > +    struct virtio_crypto_buf x;
> > +    struct virtio_crypto_buf y;
> > +};
> > +\end{lstlisting}
> > +
> > +EC key-generation operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_ec_keygen_req {
> > +    struct virtio_crypto_ec_keygen_para parameter;
> > +
> > +    struct virtio_crypto_ec_keygen_input key;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{EC Key Generation Operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / EC Key Generation Operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{EC Key Generation Operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation / EC Key Generation Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH or
> > VIRTIO_CRYPTO_ASYM_ECDSA.
> > +\item The driver SHOULD set all fields in \field{parameter} except
> > \field{reserved} field.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} before it operates other fields in \field{idata}.
> > +Only if the operation is successful, the other fields in \field{idata} are
> > operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Key Exchange: Common Structure}\label{sec:Device Types /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Key Exchange: Common Structure}
> > +
> > +Key Exchange request has two kinds of operations in general, key
> > generation and key computation.
> > +For DH, it has additional operation: parameter generation operation.
> > +
> > +\paragraph{Key Exchange: DH Parameter Generation
> > Operation}\label{sec:Device Types /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Key Exchange: DH Parameter Generation Operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_dh_parameter {
> > +    le32 modules_len;
> > +    le32 reserved;
> > +
> > +    /* random odd prime number */
> > +    struct virtio_crypto_buf p;
> > +    /* base (g) */
> > +    struct virtio_crypto_buf g;
> > +};
> > +
> > +#define VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY 0
> > +#define VIRTIO_CRYPTO_KEY_EXCHANGE_COMPUTE_KEY 1
> > +/* It's only valid in case algorithm is DH */
> > +#define VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_DH_PARAM 2
> > +
> > +struct virtio_crypto_dh_keyexchg_para {
> > +    /*
> > +    * The sub-operation in key exchange,
> > +    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
> > +    */
> > +    le32 keyexchg_op;
> > +    le32 reserved;
> > +
> > +    struct virtio_crypto_dh_parameter dh_param;
> > +};
> > +
> > +struct virtio_crypto_dh_keyexchg_param_gen_input {
> > +    le32 status;
> > +    le32 reserved;
> > +};
> > +\end{lstlisting}
> > +
> > +DH Parameter Generation Operation in Key-Exchange is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_dh_keyexchg_param_gen_req {
> > +    struct virtio_crypto_dh_keyexchg_para parameter;
> > +
> > +    struct virtio_crypto_dh_keyexchg_param_gen_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{Key Exchange: DH Parameter
> > Generation Operation}{Device Types / Crypto Device / Device Operation /
> > +Asymmetric Crypto Service Operation / Key Exchange: DH Parameter
> > Generation Operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation result in \field{idata}, and set
> > \field{p} and \field{g} in \field{dh_param}.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{Key Exchange: DH Parameter
> Generation
> > Operation}{Device Types / Crypto Device / Device Operation /
> > +Asymmetric Crypto Service Operation / Key Exchange: DH Parameter
> > Generation Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
> > +\item The driver SHOULD set the \field{keyexchg_op} to
> > VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_DH_PARAM in \field{parameter}.
> > +\item The driver SHOULD set \field{modules_len} in \field{dh_param}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} firstly.
> > +Only if the operation is successful, the other fields in \field{idata} are
> > operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Key Exchange: DH Key Generation
> Operation}\label{sec:Device
> > Types /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Key Exchange: DH Key Generation Operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_dh_keyexchg_keygen_input {
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    /* private key */
> > +    struct virtio_crypto_buf x;
> > +    /* public key */
> > +    struct virtio_crypto_buf y;
> > +};
> > +\end{lstlisting}
> > +
> > +DH Key Generation Operation in Key-Exchange is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_dh_keyexchg_key_gen_req {
> > +    struct virtio_crypto_dh_keyexchg_para parameter;
> > +
> > +    struct virtio_crypto_dh_key_exchg_keygen_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{Key Exchange: DH Key Generation
> > Operation}{Device Types / Crypto Device / Device Operation /
> > +Asymmetric Crypto Service Operation / Key Exchange: DH Key Generation
> > Operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{Key Exchange: DH Key Generation
> > Operation}{Device Types / Crypto Device / Device Operation /
> > +Asymmetric Crypto Service Operation / Key Exchange: DH Key Generation
> > Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
> > +\item The driver SHOULD set the \field{keyexchg_op} to
> > VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
> > +\item The driver SHOULD set all other fields in \field{parameter} except
> > field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} firstly.
> > +Only if the operation is successful, the other fields in \field{idata} are
> > operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Key Exchange: DH Key Computation
> > Operation}\label{sec:Device Types /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Key Exchange: DH Key Computation Operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_dh_keyexchg_compute_key_output {
> > +    /* local private key */
> > +    struct virtio_crypto_buf x;
> > +    /* peer's public key */
> > +    struct virtio_crypto_buf y;
> > +};
> > +
> > +struct virtio_crypto_dh_keyexchg_compute_key_input {
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    struct virtio_crypto_buf shared_secret;
> > +};
> > +\end{lstlisting}
> > +
> > +DH Key Computation Operation in Key-Exchange is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_dh_keyexchg_key_compute_req {
> > +    struct virtio_crypto_dh_keyexchg_para parameter;
> > +    struct virtio_crypto_dh_keyexchg_compute_key_output odata;
> > +
> > +    struct virtio_crypto_dh_keyexchg_compute_key_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{Key Exchange: DH Key Computation
> > Operation}{Device Types / Crypto Device / Device Operation /
> > +Asymmetric Crypto Service Operation / Key Exchange: DH Key
> Computation
> > Operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{Key Exchange: DH Key Computation
> > Operation}{Device Types / Crypto Device / Device Operation /
> > +Asymmetric Crypto Service Operation / Key Exchange: DH Key
> Computation
> > Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
> > +\item The driver SHOULD set the \field{keyexchg_op} to
> > VIRTIO_CRYPTO_KEY_EXCHANGE_COMPUTE_KEY in \field{parameter}.
> > +\item The driver SHOULD set all other fields in \field{parameter} except
> > field \field{reserved}.
> > +\item The driver SHOULD set all fields in \field{odata} except field
> > \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} firstly.
> > +Only if the operation is successful, the other fields in \field{idata} are
> > operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Key Exchange: ECDH Key Generation
> > Operation}\label{sec:Device Types /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Key Exchange: ECDH Key Generation Operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_ecdh_keyexchg_keygen_para {
> > +    /*
> > +    * The sub-operation in key exchange,
> > +    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
> > +    */
> > +    le32 keyexchg_op;
> > +    le32 reserved;
> > +
> > +    struct virtio_crypto_ec_keygen_para parameter;
> > +};
> > +\end{lstlisting}
> > +
> > +ECDH Key Generation Operation in Key-Exchange is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_ecdh_keyexchg_key_gen_req {
> > +    struct virtio_crypto_ecdh_keyexchg_keygen_para parameter;
> > +
> > +    struct virtio_crypto_ec_keygen_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{Key Exchange: ECDH Key Generation
> > Operation}{Device Types / Crypto Device / Device Operation /
> > +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key
> > Generation Operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{Key Exchange: ECDH Key Generation
> > Operation}{Device Types / Crypto Device / Device Operation /
> > +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key
> > Generation Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH.
> > +\item The driver SHOULD set the \field{keyexchg_op} to
> > VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
> > +\item The driver SHOULD set all other fields in \field{parameter} except
> > field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} firstly.
> > +Only if the operation is successful, the other fields in \field{idata} are
> > operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Key Exchange: ECDH Key Computation
> > Operation}\label{sec:Device Types /
> > +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> > Service Operation / Key Exchange: ECDH Key Computation Operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_ecdh_keyexchg_compute_key_para {
> > +    /*
> > +    * The sub-operation in key exchange,
> > +    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
> > +    */
> > +    le32 keyexchg_op;
> > +    le32 reserved;
> > +
> > +    struct virtio_crypto_ec_keygen_para parameter;
> > +};
> > +
> > +struct virtio_crypto_ecdh_keyexchg_compute_key_output {
> > +    /* local private key */
> > +    struct virtio_crypto_buf d;
> > +
> > +    /* peer's public key */
> > +    struct virtio_crypto_buf x;
> > +    struct virtio_crypto_buf y;
> > +};
> > +
> > +struct virtio_crypto_ecdh_keyexchg_compute_key_input {
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    struct virtio_crypto_buf shared_secret;
> > +};
> > +\end{lstlisting}
> > +
> > +ECDH Key Computation Operation in Key-Exchange is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_ecdh_keyexchg_key_compute_req {
> > +    struct virtio_crypto_ecdh_keyexchg_compute_key_para parameter;
> > +    struct virtio_crypto_ecdh_keyexchg_compute_key_output odata;
> > +
> > +    struct virtio_crypto_ecdh_keyexchg_compute_key_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +\devicenormative{\subparagraph}{Key Exchange: ECDH Key Computation
> > Operation}{Device Types / Crypto Device / Device Operation /
> > +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key
> > Computation Operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{Key Exchange: ECDH Key Computation
> > Operation}{Device Types / Crypto Device / Device Operation /
> > +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key
> > Computation Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH.
> > +\item The driver SHOULD set the \field{keyexchg_op} to
> > VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
> > +\item The driver SHOULD set all other fields in \field{parameter} except
> > field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> > \field{idata} firstly.
> > +Only if the operation is successful, the other fields in \field{idata} are
> > operatable.
> > +\end{itemize*}
> > --
> > 1.9.3
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: virtio-dev-unsubscribe@lists.oasis-open.org
> For additional commands, e-mail: virtio-dev-help@lists.oasis-open.org
Gonglei (Arei) Nov. 30, 2016, 1:25 a.m. UTC | #3
Hi Xin,

Sorry for delay. :(


> -----Original Message-----
> From: Xin Zeng [mailto:xin.zeng@intel.com]
> Sent: Friday, October 28, 2016 10:52 AM
> To: virtio-dev@lists.oasis-open.org; qemu-devel@nongnu.org
> Cc: mst@redhat.com; Gonglei (Arei); brian.a.keating@intel.com;
> john.griffin@intel.com; liang.j.ma@intel.com; Huangweidong (C); Xin Zeng
> Subject: [PATCH v1 1/1] virtio crypto device specification: asymmetric crypto
> service
> 
> This patch introduces asymmetric crypto service into virtio crypto
> device spec. The asymmetric crypto service can be referred as signature,
> verification, encryption, decryption, key generation and key exchange.
> This patch depends on another virtio crypto device spec patch:
> https://lists.gnu.org/archive/html/qemu-devel/2016-10/msg01744.html
> 
> Changes since v0:
> - Use devicenormative/drivernormative instead of self-defined
>   device/driver label.  [Lei]
> - Change the error code of verification to general virtio_crypto
>   error code. [Lei]
> - Use macro instead of enum in verification result. [Lei]
> - Fix the incorrect label value for paragraph and section. [Lei]
> 
> Please help to review, thanks!
> 
> Signed-off-by: Xin Zeng <xin.zeng@intel.com>
> ---
>  virtio-crypto.tex | 965
> +++++++++++++++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 962 insertions(+), 3 deletions(-)
> 
> diff --git a/virtio-crypto.tex b/virtio-crypto.tex
> index 86e4869..43772da 100644
> --- a/virtio-crypto.tex
> +++ b/virtio-crypto.tex
> @@ -6,7 +6,7 @@ decryption requests are placed in the data queue and are
> ultimately handled by t
>  backend crypto accelerators. The second queue is the control queue used to
> create
>  or destroy sessions for symmetric algorithms and will control some advanced
>  features in the future. The virtio crypto device provides the following crypto
> -services: CIPHER, MAC, HASH, and AEAD.
> +services: CIPHER, MAC, HASH, AEAD and ASYM.
> 
> 
>  \subsection{Device ID}\label{sec:Device Types / Crypto Device / Device ID}
> @@ -44,7 +44,9 @@ struct virtio_crypto_config {
>      le32 mac_algo_l;
>      le32 mac_algo_h;
>      le32 aead_algo;
> -    le32 reserve;
> +    le32 asym_algo;
> +    le32 rsa_padding;
> +    le32 reserved;
>  };

Please rebased on the latest virtio crypto spec, 
the config structure had been changed.

>  \end{lstlisting}
> 
> @@ -70,6 +72,8 @@ The following services are defined:
>  #define VIRTIO_CRYPTO_SERVICE_MAC    (2)
>  /* AEAD (Authenticated Encryption with Associated Data) service */
>  #define VIRTIO_CRYPTO_SERVICE_AEAD   (3)
> +/* ASYM (Asymmetric crypto algorithms) service */
> +#define VIRTIO_CRYPTO_SERVICE_ASYM   (4)
>  \end{lstlisting}
> 
>  The last driver-read-only fields specify detailed algorithms masks
> @@ -143,6 +147,28 @@ The following AEAD algorithms are defined:
>  #define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305  3
>  \end{lstlisting}
> 
> +The following asymmetric algorithms are defined:
> +
> +\begin{lstlisting}
> +#define VIRTIO_CRYPTO_ASYM_NONE        0
> +#define VIRTIO_CRYPTO_ASYM_RSA         1
> +#define VIRTIO_CRYPTO_ASYM_DSA         2
> +#define VIRTIO_CRYPTO_ASYM_DH          3
> +#define VIRTIO_CRYPTO_ASYM_ECDSA       4
> +#define VIRTIO_CRYPTO_ASYM_ECDH	       5

Mixing tab and space.

> +\end{lstlisting}
> +
> +The following rsa padding capabilities are defined:
> +

What're the padding capabilities used for?
I think we should add some explanation for them.

> +\begin{lstlisting}
> +#define VIRTIO_CRYPTO_RSA_NO_PADDING         0
> +#define VIRTIO_CRYPTO_RSA_PKCS1_PADDING      1
> +#define VIRTIO_CRYPTO_RSA_SSLV23_PADDING     2
> +#define VIRTIO_CRYPTO_RSA_PKCS1_OAEP_PADDING 3
> +#define VIRTIO_CRYPTO_RSA_X931_PADDING       4
> +#define VIRTIO_CRYPTO_RSA_PKCS1_PSS_PADDING  5
> +\end{lstlisting}
> +
>  \begin{note}
>  Any other value is reserved for future use.
>  \end{note}
> @@ -241,6 +267,18 @@ struct virtio_crypto_op_header {
>      VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
>  #define VIRTIO_CRYPTO_AEAD_DECRYPT \
>      VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
> +#define VIRTIO_CRYPTO_ASYM_SIGN    \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x00)
> +#define VIRTIO_CRYPTO_ASYM_VERIFY \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x01)
> +#define VIRTIO_CRYPTO_ASYM_ENCRYPT  \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x02)
> +#define VIRTIO_CRYPTO_ASYM_DECRYPT  \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x03)
> +#define VIRTIO_CRYPTO_ASYM_KEY_GEN  \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x04)
> +#define VIRTIO_CRYPTO_ASYM_KEY_EXCHG \
> +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x05)
>      le32 opcode;
>      /* algo should be service-specific algorithms */
>      le32 algo;
> @@ -548,6 +586,23 @@ struct virtio_crypto_op_data_req {
>          struct virtio_crypto_hash_data_req  hash_req;
>          struct virtio_crypto_mac_data_req   mac_req;
>          struct virtio_crypto_aead_data_req  aead_req;
> +
> +        struct virtio_crypto_ecdsa_sign_req ecdsa_sign_req;
> +        struct virtio_crypto_dsa_sign_req dsa_sign_req;
> +        struct virtio_crypto_rsa_sign_req rsa_sign_req;
> +        struct virtio_crypto_ecdsa_verify_req ecdsa_verify_req;
> +        struct virtio_crypto_dsa_verify_req dsa_verify_req;
> +        struct virtio_crypto_rsa_verify_req rsa_verify_req;
> +        struct virtio_crypto_rsa_enc_req rsa_enc_req
> +        struct virtio_crypto_rsa_dec_req rsa_dec_req;
> +        struct virtio_crypto_rsa_keygen_req rsa_keygen_req;
> +        struct virtio_crypto_dsa_keygen_req dsa_keygen_req;
> +        struct virtio_crypto_ec_keygen_req ec_keygen_req;
> +        struct virtio_crypto_dh_keyexchg_param_gen_req
> dh_keyexchg_param_gen_req;
> +        struct virtio_crypto_dh_keyexchg_key_gen_req
> dh_keyexchg_key_gen_req;
> +        struct virtio_crypto_dh_keyexchg_key_compute_req
> dh_keyexchg_key_compute_req;
> +        struct virtio_crypto_ecdh_keyexchg_key_gen_req
> ecdh_keyexchg_key_gen_req;
> +        struct virtio_crypto_ecdh_keyexchg_key_compute_req
> ecdh_keyexchg_key_compute_req;
>      } u;
>  };
>  \end{lstlisting}
> @@ -996,4 +1051,908 @@ pointed by \field{dst_data_addr} and
> \field{digest_result_addr} in struct virtio
>  \item The device MUST copy the digest result to the guest memory recorded
> by \field{digest_result_addr} field in struct virtio_crypto_aead_input.
>  \item The device MUST set the \field{status} field in strut
> virtio_crypto_aead_input: VIRTIO_CRYPTO_OK: success; VIRTIO_CRYPTO_ERR:
> creation failed or device error; VIRTIO_CRYPTO_NOTSUPP: not supported.
>  \item When the \field{opcode} is VIRTIO_CRYPTO_AEAD_DECRYPT, the device
> MUST verify and return the verification result to the driver, and if the
> verification result is incorrect, VIRTIO_CRYPTO_BADMSG (bad message) MUST
> be returned to the driver.
> -\end{itemize*}
> \ No newline at end of file
> +\end{itemize*}
> +
> +\subsubsection{Asymmetric Crypto Service Operation}\label{sec:Device Types
> / Crypto Device / Device Operation /
> +Crypto operation / Asymmetric Crypto Service Operation}
> +
> +In general, asymmetric crypto service can be referred as signature,
> verification,
> +encryption, decryption, key generation and key exchange. Not each algorithm
> supports
> +all these services.
> +
> +Unlike symmetric crypto service, asymmetric crypto service normally does't
> +need session operations, the request is encapsulated within one packet which
> is represented
> +by \field{virtio_crypto_op_data_req}.
> +(see \ref{sec:Device Types / Crypto Device / Device Operation / Data
> Virtqueue}).
> +
> +Once service request is handled by the device, the device writes back the
> operation results to the corresponding
> +fields in the request packet.
> +
> +The asymmetric crypto operation uses a virtio_crypto_buf to represent the
> input/output buffer.
> +\begin{lstlisting}
> +struct virtio_crypto_buf {
> +    le32 len;
> +    le32 reserved;
> +    le64 addr;
> +};
> +\end{lstlisting}
> +

This is the same problem with my pervious symmetric spec.
Pls don't define a private structure in the virtio spec,
and refer to the latest virtio crypto spec:

The buffer length is stored in the para part, and
the buffer content is stored in input/output parts by u8[len].

struct virtio_crypto_alg_chain_session_para {
    le32 alg_chain_order;
    le32 hash_mode;
    struct virtio_crypto_cipher_session_para cipher_param;
    union {
        struct virtio_crypto_hash_session_para hash_param;
        struct virtio_crypto_mac_session_para mac_param;
    } u;
    /* length of the additional authenticated data (AAD) in bytes */
    le32 aad_len;
    le32 padding;
};

struct virtio_crypto_alg_chain_session_req {
    /* Device-readable part */
    struct virtio_crypto_alg_chain_session_para para;
    /* The cipher key */
    u8 cipher_key[keylen];
    /* The authenticated key */
    u8 auth_key[auth_key_len];

    /* Device-writable part */
    struct virtio_crypto_session_input input;
};

> +\devicenormative{\paragraph}{Asymmetric Crypto Service Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation}
> +\begin{itemize*}
> +\item The device MUST parse the field \field{opcode} within
> \field{virtio_crypto_op_header} (see \ref{sec:Device Types / Crypto Device /
> Device Operation}) before
> +it handles the corresponding service request.
> +\item The device SHOULD set the operation status in field \field{status} within
> \field{idata}.
> +\item The device SHOULD update the operation result to the fields in
> \field{idata} if the operation is successful.
> +\end{itemize*}
> +
> +\drivernormative{\paragraph}{Asymmetric Crypto Service Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the corresponding \field{opcode} in
> \field{virtio_crypto_op_header} according to different services.
> +\item The driver SHOULD offer operatable buffer within \field{idata} if the
> service request structure defines.
> +\end{itemize*}
> +
> +\paragraph{Signature: ECDSA signature operation}\label{sec:Device Types /
> Crypto Device /
> +Device Operation / Crypto operation / Asymmetric Crypto Service Operation /
> Signature: ECDSA signature operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_ec_group {
> +    struct virtio_crypto_buf xg;
> +    struct virtio_crypto_buf yg;
> +    struct virtio_crypto_buf n;
> +    struct virtio_crypto_buf q;
> +    struct virtio_crypto_buf a;
> +    struct virtio_crypto_buf b;
> +    struct virtio_crypto_buf h;
> +};
> +
> +#define VIRTIO_CRYPTO_EC_FIELD_TYPE_PRIME 0
> +#define VIRTIO_CRYPTO_EC_FIELD_TYPE_BINARY 1
> +
> +struct virtio_crypto_ecdsa_sign_para{
> +    /* Hash alogrithms applied to msg */
> +    le32 hash_algo;
> +    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
> +    le32 field_type;
> +
> +    /* EC Group parameters */
> +    struct virtio_crypto_ec_group ec;
> +    /* Random value */
> +    struct virtio_crypto_buf k;
> +    /* Private Key */
> +    struct virtio_crypto_buf d;
> +};
> +
> +struct virtio_crypto_ecdsa_sign_output {
> +    /* Message need to be signed */
> +    struct virtio_crypto_buf msg;
> +};
> +
> +struct virtio_crypto_ecdsa_sign_input {
> +    /* operation result */
> +    le32 status;
> +    le32 reserved;
> +
> +    /* signature result */
> +    struct virtio_crypto_buf r;
> +    struct virtio_crypto_buf s;
> +};
> +\end{lstlisting}
> +
> +ECDSA signature operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_ecdsa_sign_req {
> +    struct virtio_crypto_ecdsa_sign_para parameter;
> +    struct virtio_crypto_ecdsa_sign_output odata;
> +
> +    struct virtio_crypto_ecdsa_sign_input idata;
> +};
> +\end{lstlisting}
> +
> +
> +\devicenormative{\subparagraph}{ECDSA signature operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> ECDSA signature operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according

Here you say SHOULD, but...

> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{ECDSA signature operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> ECDSA signature operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> before it operates other fields in \field{idata}.

...here is MUST.

Maybe s/SHOULD/MUST/g, no?

> +Only if the operation is successful, the \field{r,s} in \field{idata} are operatable.
> +\end{itemize*}
> +
> +\paragraph{Signature: DSA signature operation}\label{sec:Device Types /
> Crypto Device /
> +Device Operation / Crypto operation / Asymmetric Crypto Service Operation/
> Signature: DSA signature operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_group {
> +    struct virtio_crypto_buf p;
> +    struct virtio_crypto_buf q;
> +    struct virtio_crypto_buf g;
> +};
> +

Pls don't use struct virtio_crypto_buf. 

It seems all below algorithms have the same style,
so I stop reviewing here.

Regards,
-Gonglei

> +struct virtio_crypto_dsa_sign_para {
> +    /* Hash alogrithms applied to msg */
> +    le32 hash_algo;
> +    le32 reserved;
> +
> +    /* DSA group parameter */
> +    struct virtio_crypto_dsa_group dsa;
> +    /* Random value */
> +    struct virtio_crypto_buf k;
> +    /* Private Key */
> +    struct virtio_crypto_buf x;
> +};
> +
> +struct virtio_crypto_dsa_sign_output {
> +    struct virtio_crypto_buf msg;
> +};
> +
> +struct virtio_crypto_dsa_sign_input  {
> +    /* operation result */
> +    le32 status;
> +    le32 reserved;
> +
> +    /* signature result */
> +    struct virtio_crypto_buf r;
> +    struct virtio_crypto_buf s;
> +};
> +\end{lstlisting}
> +DSA signature operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_sign_req {
> +    struct virtio_crypto_dsa_sign_para parameter;
> +    struct virtio_crypto_dsa_sign_output odata;
> +
> +    struct virtio_crypto_dsa_sign_input idata;
> +};
> +\end{lstlisting}
> +
> +
> +\devicenormative{\subparagraph}{DSA signature operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA
> signature operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{DSA signature operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA
> signature operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{r,s} in \field{idata} are operatable.
> +\end{itemize*}
> +
> +\paragraph{Signature: RSA signature operation}\label{sec:Device Types /
> Crypto Device /
> +Device Operation / Crypto operation / Asymmetric Crypto Service Operation /
> Signature: RSA signature operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_pub_key{
> +    /* The RSA modules */
> +    struct virtio_crypto_buf n;
> +    /* The RSA public exponent */
> +    struct virtio_crypto_buf e;
> +};
> +
> +struct virtio_crypto_rsa_priv_key_rep1{
> +    /* The RSA modules */
> +    struct virtio_crypto_buf n;
> +    /* The RSA private exponent */
> +    struct virtio_crypto_buf d;
> +};
> +
> +struct virtio_crypto_rsa_priv_key_rep2{
> +    /* The first factor */
> +    struct virtio_crypto_buf p;
> +    /* The second factor */
> +    struct virtio_crypto_buf q;
> +    /* The first factor's CRT exponent */
> +    struct virtio_crypto_buf dp;
> +    /* The second factor's CRT exponent */
> +    struct virtio_crypto_buf dq;
> +    /* The first CRT coeffieient */
> +    struct virtio_crypto_buf qinv;
> +    /* The factors array when prime_number > 2 */
> +    struct virtio_crypto_buf r[];
> +    /* The CRT exponent array when prime_number > 2 */
> +    struct virtio_crypto_buf d[];
> +    /* The CRT coeffieient array when prime_number > 2 */
> +    struct virtio_crypto_buf t[];
> +};
> +
> +struct virtio_crypto_rsa_priv_key {
> +    le32 prime_number;
> +#define VIRTIO_CRYPTO_RSA_PRIV_KEY_REPTYPE1 0
> +#define VIRTIO_CRYPTO_RSA_PRIV_KEY_REPTYPE2 1
> +    le32 priv_key_rep_type;
> +    union {
> +        struct virtio_crypto_rsa_priv_key_rep1 privkey_rep1;
> +        struct virtio_crypto_rsa_priv_key_rep2 privkey_rep2;
> +    }key;
> +};
> +
> +struct virtio_crypto_rsa_sign_para {
> +    /* Hash alogrithms applied to msg */
> +    le32 hash_algo;
> +    le32 padding_mode;
> +    struct virtio_crypto_rsa_priv_key priv_key;
> +};
> +
> +struct virtio_crypto_rsa_sign_output {
> +    struct virtio_crypto_buf msg;
> +};
> +
> +struct virtio_crypto_rsa_sign_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_buf signature;
> +};
> +\end{lstlisting}
> +
> +RSA signature operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_sign_req {
> +    struct virtio_crypto rsa_sign_para parameter;
> +    struct virtio_crypto rsa_sign_output odata;
> +
> +    struct virtio_crypto rsa_sign_input idata;
> +};
> +\end{lstlisting}
> +
> +
> +\devicenormative{\subparagraph}{ECDSA signature operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA
> signature operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{ECDSA signature operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA
> signature operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{signature} in \field{idata} is
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Verification: Common Structure}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Verification: Common Structure}
> +
> +The result of verification operation can be represented by structure
> \field{virtio_crypto_asym_verify_gen_input}.
> +
> +\begin{lstlisting}
> +struct virtio_crypto_asym_verify_gen_input {
> +    /* Operation result */
> +    le32 status;
> +    /* Verification result, VIRTIO_CRYPTO_OK for a susscssful verification
> +     VIRTIO_CRYPTO_BADMSG for a failed verification */
> +    le32 verify_result;
> +};
> +\end{lstlisting}
> +
> +\paragraph{Verification: ECDSA Verification Operation}\label{sec:Device Types
> /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Verification: ECDSA Verification Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_ecdsa_verify_para {
> +    /* Hash alogrithms applied to msg */
> +    le32 hash_algo;
> +    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
> +    le32 field_type;
> +
> +    /* EC Group parameters */
> +    struct virtio_crypto_ec_group ec;
> +
> +    /* Public key */
> +    struct virtio_crypto_buf x;
> +    struct virtio_crypto_buf y;
> +};
> +
> +struct virtio_crypto_ecdsa_verify_output {
> +    /* Signature value */
> +    struct virtio_crypto_buf r;
> +    struct virtio_crypto_buf s;
> +
> +    struct virtio_crypto_buf msg;
> +};
> +\end{lstlisting}
> +
> +ECDSA Verification Operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_ecdsa_verify_req {
> +    struct virtio_crypto_ecdsa_verify_para parameter;
> +    struct virtio_crypto_ecdsa_verify_output odata;
> +
> +    struct virtio_crypto_asym_verify_gen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{ECDSA verification operation}{Device Types
> / Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> ECDSA verification operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{ECDSA verification operation}{Device Types
> / Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> ECDSA verification operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> before it checks \field{verify_result}.
> +\end{itemize*}
> +
> +\paragraph{Verification: DSA Verification Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Verification: DSA Verification Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_verify_para {
> +    le32 hash_algo;
> +    le32 reserved;
> +
> +    /* DSA Group parameters */
> +    struct virtio_crypto_dsa_group dsa;
> +
> +    /* Public key */
> +    struct virtio_crypto_buf y;
> +};
> +
> +struct virtio_crypto_dsa_verify_output {
> +    /* Signature value */
> +    struct virtio_crypto_buf r;
> +    struct virtio_crypto_buf s;
> +
> +    struct virtio_crypto_buf msg;
> +};
> +\end{lstlisting}
> +
> +DSA Verification Operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_verify_req {
> +    struct virtio_crypto_dsa_verify_para parameter;
> +    struct virtio_crypto_dsa_verify_output odata;
> +
> +    struct virtio_crypto_asym_verify_gen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{DSA verification operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA
> verification operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata}.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{DSA verification operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA
> verification operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> before it checks \field{verify_result}.
> +\end{itemize*}
> +
> +\paragraph{Verification: RSA Verification Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Verification: RSA Verification Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_verify_para {
> +    le32 hash_algo;
> +    le32 padding_mode;
> +    struct virtio_crypto_rsa_pub_key pubkey;
> +};
> +
> +struct virtio_crypto_rsa_verify_output {
> +    struct virtio_crypto_buf msg;
> +};
> +\end{lstlisting}
> +
> +RSA verification operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_verify_req {
> +    struct virtio_crypto_rsa_verify_para parameter;
> +    struct virtio_crypto_rsa_verify_output odata;
> +
> +    struct virtio_crypto_asym_verify_gen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{RSA verification operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA
> verification operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata}.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{RSA verification operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA
> verification operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> before it checks \field{verify_result}.
> +\end{itemize*}
> +
> +\paragraph{Encryption: RSA Encryption Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Encryption: RSA Encryption Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_enc_para {
> +    le32 padding_mode;
> +    le32 reserved;
> +    struct rsa_pub_key pub_key;
> +};
> +
> +struct virtio_crypto_rsa_enc_output {
> +    struct virtio_crypto_buf msg;
> +};
> +
> +struct virtio_crypto_rsa_enc_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_buf cmsg;
> +};
> +\end{lstlisting}
> +
> +RSA encryption operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_enc_req {
> +    struct virtio_crypto_rsa_enc_para parameter;
> +    struct virtio_crypto_rsa_enc_output odata;
> +
> +    struct virtio_crypto_rsa_enc_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{RSA Encryption Operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA
> Encryption Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{RSA Encryption Operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA
> Encryption Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_ENCRYPT,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{cmsg} in \field{idata} is
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Decryption: RSA Decryption Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Decryption: RSA Decryption Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_dec_para {
> +    le32 padding_mode;
> +    le32 reserved;
> +    struct virtio_crypto_rsa_priv_key priv_key;
> +};
> +
> +struct virtio_crypto_rsa_dec_output {
> +    struct virtio_crypto_buf cmsg;
> +}
> +
> +struct virtio_crypto_rsa_dec_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_buf msg;
> +};
> +\end{lstlisting}
> +
> +RSA decryption operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_dec_req {
> +    struct virtio_crypto_rsa_dec_para parameter;
> +    struct virtio_crypto_rsa_dec_output odata;
> +
> +    struct virtio_crypto_rsa_dec_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{RSA Decryption Operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA
> Decryption Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{RSA Decryption Operation}{Device Types /
> Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA
> Decryption Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_DECRYPT,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> +\item The driver SHOULD set all fields in \field{parameter} and \field{odata}
> except field \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{msg} in \field{idata} is operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Generation: RSA Key Generation Operation}\label{sec:Device
> Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Generation: RSA Key Generation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_keygen_para {
> +    /* The modules length in bytes */
> +    le32 modulus_len;
> +    le32 rsa_prime_number;
> +    le32 priv_key_rep_type;
> +    le32 reserved;
> +
> +    /* the public exponent */
> +    struct virtio_crypto_buf e;
> +};
> +
> +struct virtio_crypto_rsa_keygen_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_rsa_priv_key priv_key;
> +    struct virtio_crypto_rsa_pub_key pub_key;
> +};
> +\end{lstlisting}
> +
> +RSA key-generation operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_rsa_keygen_req {
> +    struct virtio_crypto_rsa_keygen_para parameter;
> +
> +    struct virtio_crypto_rsa_keygen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{RSA Key Generation Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / RSA Key Generation Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{RSA Key Generation Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / RSA Key Generation Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
> +\item The driver SHOULD set all fields in \field{parameter} except
> \field{reserved} field.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{priv_key} and \field{pub_key} in
> \field{idata} are operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Generation: DSA Key Generation operation}\label{sec:Device
> Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Generation: DSA Key Generation operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_keygen_para {
> +    le32 modulus_len;
> +    le32 reserved;
> +};
> +
> +struct virtio_crypto_dsa_keygen_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    /* DSA Group parameters */
> +    struct virtio_crypto_dsa_group dsa;
> +    /* Private key */
> +    struct virtio_crypto_buf x;
> +    /* Public key */
> +    struct virtio_crypto_buf y;
> +};
> +\end{lstlisting}
> +
> +DSA key-generation operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dsa_keygen_req {
> +    struct virtio_crypto_dsa_keygen_para parameter;
> +
> +    struct virtio_crypto_dsa_keygen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{DSA Key Generation Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / DSA Key Generation Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{DSA Key Generation Operation}{Device
> Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> Operation / DSA Key Generation Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
> +\item The driver SHOULD set all fields in \field{parameter} except
> \field{reserved} field.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> before it operates other fields in \field{idata}.
> +Only if the operation is successful, the \field{priv_key} and \field{pub_key} in
> \field{idata} are operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Generation: EC Key Generation operation}\label{sec:Device
> Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Generation: EC Key Generation operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_ec_keygen_para {
> +    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
> +    le32 field_type;
> +    le32 reserved;
> +
> +    /* EC group parameters */
> +    struct virtio_crypto_ec_group ec;
> +};
> +
> +struct virtio_crypto_ec_keygen_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    /* Private key */
> +    struct virtio_crypto_buf d;
> +
> +    /* Public key */
> +    struct virtio_crypto_buf x;
> +    struct virtio_crypto_buf y;
> +};
> +\end{lstlisting}
> +
> +EC key-generation operation request is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_ec_keygen_req {
> +    struct virtio_crypto_ec_keygen_para parameter;
> +
> +    struct virtio_crypto_ec_keygen_input key;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{EC Key Generation Operation}{Device Types
> / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / EC
> Key Generation Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{EC Key Generation Operation}{Device Types
> / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / EC
> Key Generation Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH or
> VIRTIO_CRYPTO_ASYM_ECDSA.
> +\item The driver SHOULD set all fields in \field{parameter} except
> \field{reserved} field.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> before it operates other fields in \field{idata}.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Exchange: Common Structure}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: Common Structure}
> +
> +Key Exchange request has two kinds of operations in general, key generation
> and key computation.
> +For DH, it has additional operation: parameter generation operation.
> +
> +\paragraph{Key Exchange: DH Parameter Generation
> Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: DH Parameter Generation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dh_parameter {
> +    le32 modules_len;
> +    le32 reserved;
> +
> +    /* random odd prime number */
> +    struct virtio_crypto_buf p;
> +    /* base (g) */
> +    struct virtio_crypto_buf g;
> +};
> +
> +#define VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY 0
> +#define VIRTIO_CRYPTO_KEY_EXCHANGE_COMPUTE_KEY 1
> +/* It's only valid in case algorithm is DH */
> +#define VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_DH_PARAM 2
> +
> +struct virtio_crypto_dh_keyexchg_para {
> +    /*
> +    * The sub-operation in key exchange,
> +    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
> +    */
> +    le32 keyexchg_op;
> +    le32 reserved;
> +
> +    struct virtio_crypto_dh_parameter dh_param;
> +};
> +
> +struct virtio_crypto_dh_keyexchg_param_gen_input {
> +    le32 status;
> +    le32 reserved;
> +};
> +\end{lstlisting}
> +
> +DH Parameter Generation Operation in Key-Exchange is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dh_keyexchg_param_gen_req {
> +    struct virtio_crypto_dh_keyexchg_para parameter;
> +
> +    struct virtio_crypto_dh_keyexchg_param_gen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{Key Exchange: DH Parameter Generation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Parameter
> Generation Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation result in \field{idata}, and set
> \field{p} and \field{g} in \field{dh_param}.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{Key Exchange: DH Parameter Generation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Parameter
> Generation Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
> +\item The driver SHOULD set the \field{keyexchg_op} to
> VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_DH_PARAM in \field{parameter}.
> +\item The driver SHOULD set \field{modules_len} in \field{dh_param}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> firstly.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Exchange: DH Key Generation Operation}\label{sec:Device
> Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: DH Key Generation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dh_keyexchg_keygen_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    /* private key */
> +    struct virtio_crypto_buf x;
> +    /* public key */
> +    struct virtio_crypto_buf y;
> +};
> +\end{lstlisting}
> +
> +DH Key Generation Operation in Key-Exchange is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dh_keyexchg_key_gen_req {
> +    struct virtio_crypto_dh_keyexchg_para parameter;
> +
> +    struct virtio_crypto_dh_key_exchg_keygen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{Key Exchange: DH Key Generation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Key Generation
> Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{Key Exchange: DH Key Generation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Key Generation
> Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
> +\item The driver SHOULD set the \field{keyexchg_op} to
> VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
> +\item The driver SHOULD set all other fields in \field{parameter} except field
> \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> firstly.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Exchange: DH Key Computation Operation}\label{sec:Device
> Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: DH Key Computation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_dh_keyexchg_compute_key_output {
> +    /* local private key */
> +    struct virtio_crypto_buf x;
> +    /* peer's public key */
> +    struct virtio_crypto_buf y;
> +};
> +
> +struct virtio_crypto_dh_keyexchg_compute_key_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_buf shared_secret;
> +};
> +\end{lstlisting}
> +
> +DH Key Computation Operation in Key-Exchange is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_dh_keyexchg_key_compute_req {
> +    struct virtio_crypto_dh_keyexchg_para parameter;
> +    struct virtio_crypto_dh_keyexchg_compute_key_output odata;
> +
> +    struct virtio_crypto_dh_keyexchg_compute_key_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{Key Exchange: DH Key Computation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Key Computation
> Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{Key Exchange: DH Key Computation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: DH Key Computation
> Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
> +\item The driver SHOULD set the \field{keyexchg_op} to
> VIRTIO_CRYPTO_KEY_EXCHANGE_COMPUTE_KEY in \field{parameter}.
> +\item The driver SHOULD set all other fields in \field{parameter} except field
> \field{reserved}.
> +\item The driver SHOULD set all fields in \field{odata} except field
> \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> firstly.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Exchange: ECDH Key Generation Operation}\label{sec:Device
> Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: ECDH Key Generation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_ecdh_keyexchg_keygen_para {
> +    /*
> +    * The sub-operation in key exchange,
> +    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
> +    */
> +    le32 keyexchg_op;
> +    le32 reserved;
> +
> +    struct virtio_crypto_ec_keygen_para parameter;
> +};
> +\end{lstlisting}
> +
> +ECDH Key Generation Operation in Key-Exchange is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_ecdh_keyexchg_key_gen_req {
> +    struct virtio_crypto_ecdh_keyexchg_keygen_para parameter;
> +
> +    struct virtio_crypto_ec_keygen_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{Key Exchange: ECDH Key Generation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Generation
> Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{Key Exchange: ECDH Key Generation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Generation
> Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH.
> +\item The driver SHOULD set the \field{keyexchg_op} to
> VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
> +\item The driver SHOULD set all other fields in \field{parameter} except field
> \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> firstly.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> +
> +\paragraph{Key Exchange: ECDH Key Computation
> Operation}\label{sec:Device Types /
> +Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto
> Service Operation / Key Exchange: ECDH Key Computation Operation}
> +
> +\begin{lstlisting}
> +struct virtio_crypto_ecdh_keyexchg_compute_key_para {
> +    /*
> +    * The sub-operation in key exchange,
> +    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
> +    */
> +    le32 keyexchg_op;
> +    le32 reserved;
> +
> +    struct virtio_crypto_ec_keygen_para parameter;
> +};
> +
> +struct virtio_crypto_ecdh_keyexchg_compute_key_output {
> +    /* local private key */
> +    struct virtio_crypto_buf d;
> +
> +    /* peer's public key */
> +    struct virtio_crypto_buf x;
> +    struct virtio_crypto_buf y;
> +};
> +
> +struct virtio_crypto_ecdh_keyexchg_compute_key_input {
> +    le32 status;
> +    le32 reserved;
> +
> +    struct virtio_crypto_buf shared_secret;
> +};
> +\end{lstlisting}
> +
> +ECDH Key Computation Operation in Key-Exchange is defined as below:
> +\begin{lstlisting}
> +struct virtio_crypto_ecdh_keyexchg_key_compute_req {
> +    struct virtio_crypto_ecdh_keyexchg_compute_key_para parameter;
> +    struct virtio_crypto_ecdh_keyexchg_compute_key_output odata;
> +
> +    struct virtio_crypto_ecdh_keyexchg_compute_key_input idata;
> +};
> +\end{lstlisting}
> +
> +\devicenormative{\subparagraph}{Key Exchange: ECDH Key Computation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Computation
> Operation}
> +\begin{itemize*}
> +\item The device SHOULD set the operation results in \field{idata} according
> to the general device requirments for asymmetric crypto service.
> +\end{itemize*}
> +
> +\drivernormative{\subparagraph}{Key Exchange: ECDH Key Computation
> Operation}{Device Types / Crypto Device / Device Operation /
> +Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Computation
> Operation}
> +\begin{itemize*}
> +\item The driver SHOULD set the \field{opcode} in
> \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
> +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH.
> +\item The driver SHOULD set the \field{keyexchg_op} to
> VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
> +\item The driver SHOULD set all other fields in \field{parameter} except field
> \field{reserved}.
> +\item The driver MUST check the operation result \field{status} in \field{idata}
> firstly.
> +Only if the operation is successful, the other fields in \field{idata} are
> operatable.
> +\end{itemize*}
> --
> 1.9.3
Xin Zeng Dec. 3, 2016, 3:23 p.m. UTC | #4
Hi, Lei:
   Thanks for the comments. 

On Wednesday, November 30, 2016 9:25 AM, Gonglei (Arei) wrote:
> >
> >
> >  \subsection{Device ID}\label{sec:Device Types / Crypto Device / Device ID}
> > @@ -44,7 +44,9 @@ struct virtio_crypto_config {
> >      le32 mac_algo_l;
> >      le32 mac_algo_h;
> >      le32 aead_algo;
> > -    le32 reserve;
> > +    le32 asym_algo;
> > +    le32 rsa_padding;
> > +    le32 reserved;
> >  };
> 
> Please rebased on the latest virtio crypto spec,
> the config structure had been changed.
> 

Sure.

> >  \end{lstlisting}
> >
> > @@ -70,6 +72,8 @@ The following services are defined:
> >  #define VIRTIO_CRYPTO_SERVICE_MAC    (2)
> >  /* AEAD (Authenticated Encryption with Associated Data) service */
> >  #define VIRTIO_CRYPTO_SERVICE_AEAD   (3)
> > +/* ASYM (Asymmetric crypto algorithms) service */
> > +#define VIRTIO_CRYPTO_SERVICE_ASYM   (4)
> >  \end{lstlisting}
> >
> >  The last driver-read-only fields specify detailed algorithms masks
> > @@ -143,6 +147,28 @@ The following AEAD algorithms are defined:
> >  #define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305  3
> >  \end{lstlisting}
> >
> > +The following asymmetric algorithms are defined:
> > +
> > +\begin{lstlisting}
> > +#define VIRTIO_CRYPTO_ASYM_NONE        0
> > +#define VIRTIO_CRYPTO_ASYM_RSA         1
> > +#define VIRTIO_CRYPTO_ASYM_DSA         2
> > +#define VIRTIO_CRYPTO_ASYM_DH          3
> > +#define VIRTIO_CRYPTO_ASYM_ECDSA       4
> > +#define VIRTIO_CRYPTO_ASYM_ECDH	       5
> 
> Mixing tab and space.
> 

Will fix it in next version.

> > +\end{lstlisting}
> > +
> > +The following rsa padding capabilities are defined:
> > +
> 
> What're the padding capabilities used for?
> I think we should add some explanation for them.
> 

Makes sense, let's explain it more.

> > +\begin{lstlisting}
> > +#define VIRTIO_CRYPTO_RSA_NO_PADDING         0
> > +#define VIRTIO_CRYPTO_RSA_PKCS1_PADDING      1
> > +#define VIRTIO_CRYPTO_RSA_SSLV23_PADDING     2
> > +#define VIRTIO_CRYPTO_RSA_PKCS1_OAEP_PADDING 3
> > +#define VIRTIO_CRYPTO_RSA_X931_PADDING       4
> > +#define VIRTIO_CRYPTO_RSA_PKCS1_PSS_PADDING  5
> > +\end{lstlisting}
> > +
> >  \begin{note}
> >  Any other value is reserved for future use.
> >  \end{note}
> > @@ -241,6 +267,18 @@ struct virtio_crypto_op_header {
> >      VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
> >  #define VIRTIO_CRYPTO_AEAD_DECRYPT \
> >      VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
> > +#define VIRTIO_CRYPTO_ASYM_SIGN    \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x00)
> > +#define VIRTIO_CRYPTO_ASYM_VERIFY \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x01)
> > +#define VIRTIO_CRYPTO_ASYM_ENCRYPT  \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x02)
> > +#define VIRTIO_CRYPTO_ASYM_DECRYPT  \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x03)
> > +#define VIRTIO_CRYPTO_ASYM_KEY_GEN  \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x04)
> > +#define VIRTIO_CRYPTO_ASYM_KEY_EXCHG \
> > +    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x05)
> >      le32 opcode;
> >      /* algo should be service-specific algorithms */
> >      le32 algo;
> > @@ -548,6 +586,23 @@ struct virtio_crypto_op_data_req {
> >          struct virtio_crypto_hash_data_req  hash_req;
> >          struct virtio_crypto_mac_data_req   mac_req;
> >          struct virtio_crypto_aead_data_req  aead_req;
> > +
> > +        struct virtio_crypto_ecdsa_sign_req ecdsa_sign_req;
> > +        struct virtio_crypto_dsa_sign_req dsa_sign_req;
> > +        struct virtio_crypto_rsa_sign_req rsa_sign_req;
> > +        struct virtio_crypto_ecdsa_verify_req ecdsa_verify_req;
> > +        struct virtio_crypto_dsa_verify_req dsa_verify_req;
> > +        struct virtio_crypto_rsa_verify_req rsa_verify_req;
> > +        struct virtio_crypto_rsa_enc_req rsa_enc_req
> > +        struct virtio_crypto_rsa_dec_req rsa_dec_req;
> > +        struct virtio_crypto_rsa_keygen_req rsa_keygen_req;
> > +        struct virtio_crypto_dsa_keygen_req dsa_keygen_req;
> > +        struct virtio_crypto_ec_keygen_req ec_keygen_req;
> > +        struct virtio_crypto_dh_keyexchg_param_gen_req
> > dh_keyexchg_param_gen_req;
> > +        struct virtio_crypto_dh_keyexchg_key_gen_req
> > dh_keyexchg_key_gen_req;
> > +        struct virtio_crypto_dh_keyexchg_key_compute_req
> > dh_keyexchg_key_compute_req;
> > +        struct virtio_crypto_ecdh_keyexchg_key_gen_req
> > ecdh_keyexchg_key_gen_req;
> > +        struct virtio_crypto_ecdh_keyexchg_key_compute_req
> > ecdh_keyexchg_key_compute_req;
> >      } u;
> >  };
> >  \end{lstlisting}
> > @@ -996,4 +1051,908 @@ pointed by \field{dst_data_addr} and
> > \field{digest_result_addr} in struct virtio
> >  \item The device MUST copy the digest result to the guest memory
> recorded
> > by \field{digest_result_addr} field in struct virtio_crypto_aead_input.
> >  \item The device MUST set the \field{status} field in strut
> > virtio_crypto_aead_input: VIRTIO_CRYPTO_OK: success;
> VIRTIO_CRYPTO_ERR:
> > creation failed or device error; VIRTIO_CRYPTO_NOTSUPP: not supported.
> >  \item When the \field{opcode} is VIRTIO_CRYPTO_AEAD_DECRYPT, the
> device
> > MUST verify and return the verification result to the driver, and if the
> > verification result is incorrect, VIRTIO_CRYPTO_BADMSG (bad message)
> MUST
> > be returned to the driver.
> > -\end{itemize*}
> > \ No newline at end of file
> > +\end{itemize*}
> > +
> > +\subsubsection{Asymmetric Crypto Service Operation}\label{sec:Device
> Types
> > / Crypto Device / Device Operation /
> > +Crypto operation / Asymmetric Crypto Service Operation}
> > +
> > +In general, asymmetric crypto service can be referred as signature,
> > verification,
> > +encryption, decryption, key generation and key exchange. Not each
> algorithm
> > supports
> > +all these services.
> > +
> > +Unlike symmetric crypto service, asymmetric crypto service normally
> does't
> > +need session operations, the request is encapsulated within one packet
> which
> > is represented
> > +by \field{virtio_crypto_op_data_req}.
> > +(see \ref{sec:Device Types / Crypto Device / Device Operation / Data
> > Virtqueue}).
> > +
> > +Once service request is handled by the device, the device writes back the
> > operation results to the corresponding
> > +fields in the request packet.
> > +
> > +The asymmetric crypto operation uses a virtio_crypto_buf to represent
> the
> > input/output buffer.
> > +\begin{lstlisting}
> > +struct virtio_crypto_buf {
> > +    le32 len;
> > +    le32 reserved;
> > +    le64 addr;
> > +};
> > +\end{lstlisting}
> > +
> 
> This is the same problem with my pervious symmetric spec.
> Pls don't define a private structure in the virtio spec,
> and refer to the latest virtio crypto spec:
> 
> The buffer length is stored in the para part, and
> the buffer content is stored in input/output parts by u8[len].
> 

Right, will update those.

> struct virtio_crypto_alg_chain_session_para {
>     le32 alg_chain_order;
>     le32 hash_mode;
>     struct virtio_crypto_cipher_session_para cipher_param;
>     union {
>         struct virtio_crypto_hash_session_para hash_param;
>         struct virtio_crypto_mac_session_para mac_param;
>     } u;
>     /* length of the additional authenticated data (AAD) in bytes */
>     le32 aad_len;
>     le32 padding;
> };
> 
> struct virtio_crypto_alg_chain_session_req {
>     /* Device-readable part */
>     struct virtio_crypto_alg_chain_session_para para;
>     /* The cipher key */
>     u8 cipher_key[keylen];
>     /* The authenticated key */
>     u8 auth_key[auth_key_len];
> 
>     /* Device-writable part */
>     struct virtio_crypto_session_input input;
> };
> 
> > +\devicenormative{\paragraph}{Asymmetric Crypto Service
> Operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation}
> > +\begin{itemize*}
> > +\item The device MUST parse the field \field{opcode} within
> > \field{virtio_crypto_op_header} (see \ref{sec:Device Types / Crypto
> Device /
> > Device Operation}) before
> > +it handles the corresponding service request.
> > +\item The device SHOULD set the operation status in field \field{status}
> within
> > \field{idata}.
> > +\item The device SHOULD update the operation result to the fields in
> > \field{idata} if the operation is successful.
> > +\end{itemize*}
> > +
> > +\drivernormative{\paragraph}{Asymmetric Crypto Service
> Operation}{Device
> > Types / Crypto Device / Device Operation / Asymmetric Crypto Service
> > Operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the corresponding \field{opcode} in
> > \field{virtio_crypto_op_header} according to different services.
> > +\item The driver SHOULD offer operatable buffer within \field{idata} if the
> > service request structure defines.
> > +\end{itemize*}
> > +
> > +\paragraph{Signature: ECDSA signature operation}\label{sec:Device Types
> /
> > Crypto Device /
> > +Device Operation / Crypto operation / Asymmetric Crypto Service
> Operation /
> > Signature: ECDSA signature operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_ec_group {
> > +    struct virtio_crypto_buf xg;
> > +    struct virtio_crypto_buf yg;
> > +    struct virtio_crypto_buf n;
> > +    struct virtio_crypto_buf q;
> > +    struct virtio_crypto_buf a;
> > +    struct virtio_crypto_buf b;
> > +    struct virtio_crypto_buf h;
> > +};
> > +
> > +#define VIRTIO_CRYPTO_EC_FIELD_TYPE_PRIME 0
> > +#define VIRTIO_CRYPTO_EC_FIELD_TYPE_BINARY 1
> > +
> > +struct virtio_crypto_ecdsa_sign_para{
> > +    /* Hash alogrithms applied to msg */
> > +    le32 hash_algo;
> > +    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
> > +    le32 field_type;
> > +
> > +    /* EC Group parameters */
> > +    struct virtio_crypto_ec_group ec;
> > +    /* Random value */
> > +    struct virtio_crypto_buf k;
> > +    /* Private Key */
> > +    struct virtio_crypto_buf d;
> > +};
> > +
> > +struct virtio_crypto_ecdsa_sign_output {
> > +    /* Message need to be signed */
> > +    struct virtio_crypto_buf msg;
> > +};
> > +
> > +struct virtio_crypto_ecdsa_sign_input {
> > +    /* operation result */
> > +    le32 status;
> > +    le32 reserved;
> > +
> > +    /* signature result */
> > +    struct virtio_crypto_buf r;
> > +    struct virtio_crypto_buf s;
> > +};
> > +\end{lstlisting}
> > +
> > +ECDSA signature operation request is defined as below:
> > +\begin{lstlisting}
> > +struct virtio_crypto_ecdsa_sign_req {
> > +    struct virtio_crypto_ecdsa_sign_para parameter;
> > +    struct virtio_crypto_ecdsa_sign_output odata;
> > +
> > +    struct virtio_crypto_ecdsa_sign_input idata;
> > +};
> > +\end{lstlisting}
> > +
> > +
> > +\devicenormative{\subparagraph}{ECDSA signature operation}{Device
> Types /
> > Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> > ECDSA signature operation}
> > +\begin{itemize*}
> > +\item The device SHOULD set the operation results in \field{idata}
> according
> 
> Here you say SHOULD, but...
> 
> > to the general device requirments for asymmetric crypto service.
> > +\end{itemize*}
> > +
> > +\drivernormative{\subparagraph}{ECDSA signature operation}{Device
> Types /
> > Crypto Device / Device Operation / Asymmetric Crypto Service Operation /
> > ECDSA signature operation}
> > +\begin{itemize*}
> > +\item The driver SHOULD set the \field{opcode} in
> > \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
> > +set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDSA.
> > +\item The driver SHOULD set all fields in \field{parameter} and
> \field{odata}
> > except field \field{reserved}.
> > +\item The driver MUST check the operation result \field{status} in
> \field{idata}
> > before it operates other fields in \field{idata}.
> 
> ...here is MUST.
> 
> Maybe s/SHOULD/MUST/g, no?
> 

Yes, will fix them in next version.

> > +Only if the operation is successful, the \field{r,s} in \field{idata} are
> operatable.
> > +\end{itemize*}
> > +
> > +\paragraph{Signature: DSA signature operation}\label{sec:Device Types /
> > Crypto Device /
> > +Device Operation / Crypto operation / Asymmetric Crypto Service
> Operation/
> > Signature: DSA signature operation}
> > +
> > +\begin{lstlisting}
> > +struct virtio_crypto_dsa_group {
> > +    struct virtio_crypto_buf p;
> > +    struct virtio_crypto_buf q;
> > +    struct virtio_crypto_buf g;
> > +};
> > +
> 
> Pls don't use struct virtio_crypto_buf.
> 
> It seems all below algorithms have the same style,
> so I stop reviewing here.
> 
> Regards,
> -Gonglei
> 
> > +struct virtio_crypto_dsa_sign_para {
> > +    /* Hash alogrithms applied to msg */
> > +    le32 hash_algo;
> > +    le32 reserved;
> > +
> > +    /* DSA group parameter */
> > +    struct virtio_crypto_dsa_group dsa;
> > +    /* Random value */
> > +    struct virtio_crypto_buf k;
> > +    /* Private Key */
> > +    struct virtio_crypto_buf x;
> > +};
> > +
diff mbox

Patch

diff --git a/virtio-crypto.tex b/virtio-crypto.tex
index 86e4869..43772da 100644
--- a/virtio-crypto.tex
+++ b/virtio-crypto.tex
@@ -6,7 +6,7 @@  decryption requests are placed in the data queue and are ultimately handled by t
 backend crypto accelerators. The second queue is the control queue used to create 
 or destroy sessions for symmetric algorithms and will control some advanced
 features in the future. The virtio crypto device provides the following crypto
-services: CIPHER, MAC, HASH, and AEAD.
+services: CIPHER, MAC, HASH, AEAD and ASYM.
 
 
 \subsection{Device ID}\label{sec:Device Types / Crypto Device / Device ID}
@@ -44,7 +44,9 @@  struct virtio_crypto_config {
     le32 mac_algo_l;
     le32 mac_algo_h;
     le32 aead_algo;
-    le32 reserve;
+    le32 asym_algo;
+    le32 rsa_padding;
+    le32 reserved;
 };
 \end{lstlisting}
 
@@ -70,6 +72,8 @@  The following services are defined:
 #define VIRTIO_CRYPTO_SERVICE_MAC    (2)
 /* AEAD (Authenticated Encryption with Associated Data) service */
 #define VIRTIO_CRYPTO_SERVICE_AEAD   (3)
+/* ASYM (Asymmetric crypto algorithms) service */
+#define VIRTIO_CRYPTO_SERVICE_ASYM   (4)
 \end{lstlisting}
 
 The last driver-read-only fields specify detailed algorithms masks 
@@ -143,6 +147,28 @@  The following AEAD algorithms are defined:
 #define VIRTIO_CRYPTO_AEAD_CHACHA20_POLY1305  3
 \end{lstlisting}
 
+The following asymmetric algorithms are defined:
+
+\begin{lstlisting}
+#define VIRTIO_CRYPTO_ASYM_NONE        0
+#define VIRTIO_CRYPTO_ASYM_RSA         1
+#define VIRTIO_CRYPTO_ASYM_DSA         2
+#define VIRTIO_CRYPTO_ASYM_DH          3
+#define VIRTIO_CRYPTO_ASYM_ECDSA       4
+#define VIRTIO_CRYPTO_ASYM_ECDH	       5
+\end{lstlisting}
+
+The following rsa padding capabilities are defined:
+
+\begin{lstlisting}
+#define VIRTIO_CRYPTO_RSA_NO_PADDING         0
+#define VIRTIO_CRYPTO_RSA_PKCS1_PADDING      1
+#define VIRTIO_CRYPTO_RSA_SSLV23_PADDING     2
+#define VIRTIO_CRYPTO_RSA_PKCS1_OAEP_PADDING 3
+#define VIRTIO_CRYPTO_RSA_X931_PADDING       4
+#define VIRTIO_CRYPTO_RSA_PKCS1_PSS_PADDING  5
+\end{lstlisting}
+
 \begin{note}
 Any other value is reserved for future use.
 \end{note}
@@ -241,6 +267,18 @@  struct virtio_crypto_op_header {
     VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x00)
 #define VIRTIO_CRYPTO_AEAD_DECRYPT \
     VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_AEAD, 0x01)
+#define VIRTIO_CRYPTO_ASYM_SIGN    \
+    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x00)
+#define VIRTIO_CRYPTO_ASYM_VERIFY \
+    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x01)
+#define VIRTIO_CRYPTO_ASYM_ENCRYPT  \
+    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x02)
+#define VIRTIO_CRYPTO_ASYM_DECRYPT  \
+    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x03)
+#define VIRTIO_CRYPTO_ASYM_KEY_GEN  \
+    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x04)
+#define VIRTIO_CRYPTO_ASYM_KEY_EXCHG \
+    VIRTIO_CRYPTO_OPCODE(VIRTIO_CRYPTO_SERVICE_ASYM, 0x05)
     le32 opcode;
     /* algo should be service-specific algorithms */
     le32 algo;
@@ -548,6 +586,23 @@  struct virtio_crypto_op_data_req {
         struct virtio_crypto_hash_data_req  hash_req;
         struct virtio_crypto_mac_data_req   mac_req;
         struct virtio_crypto_aead_data_req  aead_req;
+                
+        struct virtio_crypto_ecdsa_sign_req ecdsa_sign_req;
+        struct virtio_crypto_dsa_sign_req dsa_sign_req;
+        struct virtio_crypto_rsa_sign_req rsa_sign_req;
+        struct virtio_crypto_ecdsa_verify_req ecdsa_verify_req;
+        struct virtio_crypto_dsa_verify_req dsa_verify_req;
+        struct virtio_crypto_rsa_verify_req rsa_verify_req;
+        struct virtio_crypto_rsa_enc_req rsa_enc_req
+        struct virtio_crypto_rsa_dec_req rsa_dec_req;
+        struct virtio_crypto_rsa_keygen_req rsa_keygen_req;
+        struct virtio_crypto_dsa_keygen_req dsa_keygen_req;
+        struct virtio_crypto_ec_keygen_req ec_keygen_req;
+        struct virtio_crypto_dh_keyexchg_param_gen_req dh_keyexchg_param_gen_req;
+        struct virtio_crypto_dh_keyexchg_key_gen_req dh_keyexchg_key_gen_req;
+        struct virtio_crypto_dh_keyexchg_key_compute_req dh_keyexchg_key_compute_req;
+        struct virtio_crypto_ecdh_keyexchg_key_gen_req ecdh_keyexchg_key_gen_req;
+        struct virtio_crypto_ecdh_keyexchg_key_compute_req ecdh_keyexchg_key_compute_req;
     } u;
 };
 \end{lstlisting}
@@ -996,4 +1051,908 @@  pointed by \field{dst_data_addr} and \field{digest_result_addr} in struct virtio
 \item The device MUST copy the digest result to the guest memory recorded by \field{digest_result_addr} field in struct virtio_crypto_aead_input.
 \item The device MUST set the \field{status} field in strut virtio_crypto_aead_input: VIRTIO_CRYPTO_OK: success; VIRTIO_CRYPTO_ERR: creation failed or device error; VIRTIO_CRYPTO_NOTSUPP: not supported.
 \item When the \field{opcode} is VIRTIO_CRYPTO_AEAD_DECRYPT, the device MUST verify and return the verification result to the driver, and if the verification result is incorrect, VIRTIO_CRYPTO_BADMSG (bad message) MUST be returned to the driver.
-\end{itemize*}
\ No newline at end of file
+\end{itemize*}
+   
+\subsubsection{Asymmetric Crypto Service Operation}\label{sec:Device Types / Crypto Device / Device Operation /
+Crypto operation / Asymmetric Crypto Service Operation}
+
+In general, asymmetric crypto service can be referred as signature, verification,
+encryption, decryption, key generation and key exchange. Not each algorithm supports
+all these services.
+
+Unlike symmetric crypto service, asymmetric crypto service normally does't
+need session operations, the request is encapsulated within one packet which is represented 
+by \field{virtio_crypto_op_data_req}.
+(see \ref{sec:Device Types / Crypto Device / Device Operation / Data Virtqueue}).
+
+Once service request is handled by the device, the device writes back the operation results to the corresponding
+fields in the request packet.
+
+The asymmetric crypto operation uses a virtio_crypto_buf to represent the input/output buffer.
+\begin{lstlisting}
+struct virtio_crypto_buf {
+    le32 len;
+    le32 reserved;
+    le64 addr;
+};
+\end{lstlisting}
+
+\devicenormative{\paragraph}{Asymmetric Crypto Service Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation}
+\begin{itemize*}
+\item The device MUST parse the field \field{opcode} within \field{virtio_crypto_op_header} (see \ref{sec:Device Types / Crypto Device / Device Operation}) before
+it handles the corresponding service request.
+\item The device SHOULD set the operation status in field \field{status} within \field{idata}.
+\item The device SHOULD update the operation result to the fields in \field{idata} if the operation is successful.
+\end{itemize*}
+
+\drivernormative{\paragraph}{Asymmetric Crypto Service Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation}
+\begin{itemize*}
+\item The driver SHOULD set the corresponding \field{opcode} in \field{virtio_crypto_op_header} according to different services.
+\item The driver SHOULD offer operatable buffer within \field{idata} if the service request structure defines.
+\end{itemize*}
+
+\paragraph{Signature: ECDSA signature operation}\label{sec:Device Types / Crypto Device /
+Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Signature: ECDSA signature operation}
+
+\begin{lstlisting}
+struct virtio_crypto_ec_group {
+    struct virtio_crypto_buf xg;
+    struct virtio_crypto_buf yg;
+    struct virtio_crypto_buf n;
+    struct virtio_crypto_buf q;
+    struct virtio_crypto_buf a;
+    struct virtio_crypto_buf b;
+    struct virtio_crypto_buf h;
+};
+
+#define VIRTIO_CRYPTO_EC_FIELD_TYPE_PRIME 0
+#define VIRTIO_CRYPTO_EC_FIELD_TYPE_BINARY 1
+
+struct virtio_crypto_ecdsa_sign_para{
+    /* Hash alogrithms applied to msg */
+    le32 hash_algo;
+    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
+    le32 field_type;
+
+    /* EC Group parameters */
+    struct virtio_crypto_ec_group ec;
+    /* Random value */
+    struct virtio_crypto_buf k;
+    /* Private Key */
+    struct virtio_crypto_buf d;
+};
+
+struct virtio_crypto_ecdsa_sign_output {
+    /* Message need to be signed */
+    struct virtio_crypto_buf msg;
+};
+
+struct virtio_crypto_ecdsa_sign_input {
+    /* operation result */
+    le32 status;
+    le32 reserved;
+
+    /* signature result */
+    struct virtio_crypto_buf r;
+    struct virtio_crypto_buf s;
+};
+\end{lstlisting}
+
+ECDSA signature operation request is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_ecdsa_sign_req {
+    struct virtio_crypto_ecdsa_sign_para parameter;
+    struct virtio_crypto_ecdsa_sign_output odata;
+
+    struct virtio_crypto_ecdsa_sign_input idata;
+};
+\end{lstlisting}
+
+
+\devicenormative{\subparagraph}{ECDSA signature operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / ECDSA signature operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{ECDSA signature operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / ECDSA signature operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDSA.
+\item The driver SHOULD set all fields in \field{parameter} and \field{odata} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} before it operates other fields in \field{idata}.
+Only if the operation is successful, the \field{r,s} in \field{idata} are operatable.
+\end{itemize*}
+
+\paragraph{Signature: DSA signature operation}\label{sec:Device Types / Crypto Device /
+Device Operation / Crypto operation / Asymmetric Crypto Service Operation/ Signature: DSA signature operation}
+
+\begin{lstlisting}
+struct virtio_crypto_dsa_group {
+    struct virtio_crypto_buf p;
+    struct virtio_crypto_buf q;
+    struct virtio_crypto_buf g;
+};
+
+struct virtio_crypto_dsa_sign_para {
+    /* Hash alogrithms applied to msg */
+    le32 hash_algo;
+    le32 reserved;
+
+    /* DSA group parameter */
+    struct virtio_crypto_dsa_group dsa;
+    /* Random value */
+    struct virtio_crypto_buf k;
+    /* Private Key */
+    struct virtio_crypto_buf x;
+};
+
+struct virtio_crypto_dsa_sign_output {
+    struct virtio_crypto_buf msg;
+};
+
+struct virtio_crypto_dsa_sign_input  {
+    /* operation result */
+    le32 status;
+    le32 reserved;
+
+    /* signature result */
+    struct virtio_crypto_buf r;
+    struct virtio_crypto_buf s;
+};
+\end{lstlisting}
+DSA signature operation request is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_dsa_sign_req {
+    struct virtio_crypto_dsa_sign_para parameter;
+    struct virtio_crypto_dsa_sign_output odata;
+
+    struct virtio_crypto_dsa_sign_input idata;
+};
+\end{lstlisting}
+
+
+\devicenormative{\subparagraph}{DSA signature operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA signature operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{DSA signature operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA signature operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
+\item The driver SHOULD set all fields in \field{parameter} and \field{odata} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} before it operates other fields in \field{idata}.
+Only if the operation is successful, the \field{r,s} in \field{idata} are operatable.
+\end{itemize*}
+
+\paragraph{Signature: RSA signature operation}\label{sec:Device Types / Crypto Device /
+Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Signature: RSA signature operation}
+
+\begin{lstlisting}
+struct virtio_crypto_rsa_pub_key{
+    /* The RSA modules */
+    struct virtio_crypto_buf n;
+    /* The RSA public exponent */
+    struct virtio_crypto_buf e;
+};
+
+struct virtio_crypto_rsa_priv_key_rep1{
+    /* The RSA modules */
+    struct virtio_crypto_buf n;
+    /* The RSA private exponent */
+    struct virtio_crypto_buf d;
+};
+
+struct virtio_crypto_rsa_priv_key_rep2{
+    /* The first factor */
+    struct virtio_crypto_buf p;
+    /* The second factor */
+    struct virtio_crypto_buf q;
+    /* The first factor's CRT exponent */
+    struct virtio_crypto_buf dp;
+    /* The second factor's CRT exponent */
+    struct virtio_crypto_buf dq;
+    /* The first CRT coeffieient */
+    struct virtio_crypto_buf qinv;
+    /* The factors array when prime_number > 2 */
+    struct virtio_crypto_buf r[];
+    /* The CRT exponent array when prime_number > 2 */
+    struct virtio_crypto_buf d[];
+    /* The CRT coeffieient array when prime_number > 2 */
+    struct virtio_crypto_buf t[];
+};
+
+struct virtio_crypto_rsa_priv_key {
+    le32 prime_number;
+#define VIRTIO_CRYPTO_RSA_PRIV_KEY_REPTYPE1 0
+#define VIRTIO_CRYPTO_RSA_PRIV_KEY_REPTYPE2 1
+    le32 priv_key_rep_type;
+    union {
+        struct virtio_crypto_rsa_priv_key_rep1 privkey_rep1;
+        struct virtio_crypto_rsa_priv_key_rep2 privkey_rep2;
+    }key;
+};
+
+struct virtio_crypto_rsa_sign_para {
+    /* Hash alogrithms applied to msg */
+    le32 hash_algo;
+    le32 padding_mode;
+    struct virtio_crypto_rsa_priv_key priv_key;
+};
+
+struct virtio_crypto_rsa_sign_output {
+    struct virtio_crypto_buf msg;
+};
+
+struct virtio_crypto_rsa_sign_input {
+    le32 status;
+    le32 reserved;
+
+    struct virtio_crypto_buf signature;
+};
+\end{lstlisting}
+
+RSA signature operation request is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_rsa_sign_req {
+    struct virtio_crypto rsa_sign_para parameter;
+    struct virtio_crypto rsa_sign_output odata;
+
+    struct virtio_crypto rsa_sign_input idata;
+};
+\end{lstlisting}
+
+
+\devicenormative{\subparagraph}{ECDSA signature operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA signature operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{ECDSA signature operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA signature operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_SIGN,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
+\item The driver SHOULD set all fields in \field{parameter} and \field{odata} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} before it operates other fields in \field{idata}.
+Only if the operation is successful, the \field{signature} in \field{idata} is operatable.
+\end{itemize*}
+
+\paragraph{Verification: Common Structure}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Verification: Common Structure}
+
+The result of verification operation can be represented by structure \field{virtio_crypto_asym_verify_gen_input}.
+
+\begin{lstlisting}
+struct virtio_crypto_asym_verify_gen_input {
+    /* Operation result */
+    le32 status;    
+    /* Verification result, VIRTIO_CRYPTO_OK for a susscssful verification
+     VIRTIO_CRYPTO_BADMSG for a failed verification */
+    le32 verify_result;
+};
+\end{lstlisting}
+
+\paragraph{Verification: ECDSA Verification Operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Verification: ECDSA Verification Operation}
+
+\begin{lstlisting}
+struct virtio_crypto_ecdsa_verify_para {
+    /* Hash alogrithms applied to msg */
+    le32 hash_algo;
+    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
+    le32 field_type;
+    
+    /* EC Group parameters */
+    struct virtio_crypto_ec_group ec;
+
+    /* Public key */
+    struct virtio_crypto_buf x;
+    struct virtio_crypto_buf y;
+};
+
+struct virtio_crypto_ecdsa_verify_output {
+    /* Signature value */
+    struct virtio_crypto_buf r;
+    struct virtio_crypto_buf s;
+ 
+    struct virtio_crypto_buf msg;
+};
+\end{lstlisting}
+
+ECDSA Verification Operation request is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_ecdsa_verify_req {
+    struct virtio_crypto_ecdsa_verify_para parameter;
+    struct virtio_crypto_ecdsa_verify_output odata;
+
+    struct virtio_crypto_asym_verify_gen_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{ECDSA verification operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / ECDSA verification operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{ECDSA verification operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / ECDSA verification operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDSA.
+\item The driver SHOULD set all fields in \field{parameter} and \field{odata} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} before it checks \field{verify_result}.
+\end{itemize*}
+
+\paragraph{Verification: DSA Verification Operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Verification: DSA Verification Operation}
+
+\begin{lstlisting}
+struct virtio_crypto_dsa_verify_para {
+    le32 hash_algo;
+    le32 reserved;
+
+    /* DSA Group parameters */
+    struct virtio_crypto_dsa_group dsa;
+
+    /* Public key */
+    struct virtio_crypto_buf y;
+};
+
+struct virtio_crypto_dsa_verify_output {
+    /* Signature value */
+    struct virtio_crypto_buf r;
+    struct virtio_crypto_buf s;
+
+    struct virtio_crypto_buf msg;
+};
+\end{lstlisting}
+
+DSA Verification Operation request is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_dsa_verify_req {
+    struct virtio_crypto_dsa_verify_para parameter;
+    struct virtio_crypto_dsa_verify_output odata;
+
+    struct virtio_crypto_asym_verify_gen_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{DSA verification operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA verification operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata}.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{DSA verification operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA verification operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
+\item The driver SHOULD set all fields in \field{parameter} and \field{odata} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} before it checks \field{verify_result}.
+\end{itemize*}
+
+\paragraph{Verification: RSA Verification Operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Verification: RSA Verification Operation}
+
+\begin{lstlisting}
+struct virtio_crypto_rsa_verify_para {
+    le32 hash_algo;
+    le32 padding_mode;
+    struct virtio_crypto_rsa_pub_key pubkey;
+};
+
+struct virtio_crypto_rsa_verify_output {
+    struct virtio_crypto_buf msg;
+};
+\end{lstlisting}
+
+RSA verification operation request is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_rsa_verify_req {
+    struct virtio_crypto_rsa_verify_para parameter;
+    struct virtio_crypto_rsa_verify_output odata;    
+
+    struct virtio_crypto_asym_verify_gen_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{RSA verification operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA verification operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata}.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{RSA verification operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA verification operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_VERIFY,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
+\item The driver SHOULD set all fields in \field{parameter} and \field{odata} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} before it checks \field{verify_result}.
+\end{itemize*}
+
+\paragraph{Encryption: RSA Encryption Operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Encryption: RSA Encryption Operation}
+
+\begin{lstlisting}
+struct virtio_crypto_rsa_enc_para {
+    le32 padding_mode;
+    le32 reserved;
+    struct rsa_pub_key pub_key;
+};
+
+struct virtio_crypto_rsa_enc_output {
+    struct virtio_crypto_buf msg;
+};
+
+struct virtio_crypto_rsa_enc_input {
+    le32 status;
+    le32 reserved;
+
+    struct virtio_crypto_buf cmsg;
+};
+\end{lstlisting}
+
+RSA encryption operation request is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_rsa_enc_req {
+    struct virtio_crypto_rsa_enc_para parameter;
+    struct virtio_crypto_rsa_enc_output odata;
+    
+    struct virtio_crypto_rsa_enc_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{RSA Encryption Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA Encryption Operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{RSA Encryption Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA Encryption Operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_ENCRYPT,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
+\item The driver SHOULD set all fields in \field{parameter} and \field{odata} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} before it operates other fields in \field{idata}.
+Only if the operation is successful, the \field{cmsg} in \field{idata} is operatable.
+\end{itemize*}
+
+\paragraph{Decryption: RSA Decryption Operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Decryption: RSA Decryption Operation}
+
+\begin{lstlisting}
+struct virtio_crypto_rsa_dec_para {
+    le32 padding_mode;
+    le32 reserved;
+    struct virtio_crypto_rsa_priv_key priv_key;
+};
+
+struct virtio_crypto_rsa_dec_output {
+    struct virtio_crypto_buf cmsg;
+}
+
+struct virtio_crypto_rsa_dec_input {
+    le32 status;
+    le32 reserved;
+
+    struct virtio_crypto_buf msg;
+};
+\end{lstlisting}
+
+RSA decryption operation request is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_rsa_dec_req {
+    struct virtio_crypto_rsa_dec_para parameter;
+    struct virtio_crypto_rsa_dec_output odata;
+
+    struct virtio_crypto_rsa_dec_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{RSA Decryption Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA Decryption Operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{RSA Decryption Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA Decryption Operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_DECRYPT,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
+\item The driver SHOULD set all fields in \field{parameter} and \field{odata} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} before it operates other fields in \field{idata}.
+Only if the operation is successful, the \field{msg} in \field{idata} is operatable.
+\end{itemize*}
+
+\paragraph{Key Generation: RSA Key Generation Operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Key Generation: RSA Key Generation Operation}
+
+\begin{lstlisting}
+struct virtio_crypto_rsa_keygen_para {
+    /* The modules length in bytes */
+    le32 modulus_len;
+    le32 rsa_prime_number;
+    le32 priv_key_rep_type;
+    le32 reserved;
+
+    /* the public exponent */
+    struct virtio_crypto_buf e;
+};
+
+struct virtio_crypto_rsa_keygen_input {
+    le32 status;
+    le32 reserved;
+
+    struct virtio_crypto_rsa_priv_key priv_key;
+    struct virtio_crypto_rsa_pub_key pub_key;
+};
+\end{lstlisting}
+
+RSA key-generation operation request is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_rsa_keygen_req {
+    struct virtio_crypto_rsa_keygen_para parameter;
+
+    struct virtio_crypto_rsa_keygen_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{RSA Key Generation Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA Key Generation Operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{RSA Key Generation Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / RSA Key Generation Operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_RSA.
+\item The driver SHOULD set all fields in \field{parameter} except \field{reserved} field.
+\item The driver MUST check the operation result \field{status} in \field{idata} before it operates other fields in \field{idata}.
+Only if the operation is successful, the \field{priv_key} and \field{pub_key} in \field{idata} are operatable.
+\end{itemize*}
+
+\paragraph{Key Generation: DSA Key Generation operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Key Generation: DSA Key Generation operation}
+
+\begin{lstlisting}
+struct virtio_crypto_dsa_keygen_para {
+    le32 modulus_len;
+    le32 reserved;
+};
+
+struct virtio_crypto_dsa_keygen_input {
+    le32 status;
+    le32 reserved;
+
+    /* DSA Group parameters */
+    struct virtio_crypto_dsa_group dsa;
+    /* Private key */
+    struct virtio_crypto_buf x;
+    /* Public key */
+    struct virtio_crypto_buf y;
+};
+\end{lstlisting}
+
+DSA key-generation operation request is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_dsa_keygen_req {
+    struct virtio_crypto_dsa_keygen_para parameter;
+
+    struct virtio_crypto_dsa_keygen_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{DSA Key Generation Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA Key Generation Operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{DSA Key Generation Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / DSA Key Generation Operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_DSA.
+\item The driver SHOULD set all fields in \field{parameter} except \field{reserved} field.
+\item The driver MUST check the operation result \field{status} in \field{idata} before it operates other fields in \field{idata}.
+Only if the operation is successful, the \field{priv_key} and \field{pub_key} in \field{idata} are operatable.
+\end{itemize*}
+
+\paragraph{Key Generation: EC Key Generation operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Key Generation: EC Key Generation operation}
+
+\begin{lstlisting}
+struct virtio_crypto_ec_keygen_para {
+    /* EC field_type, see VIRTIO_CRYPTO_EC_FIELD_TYPE_* definition */
+    le32 field_type;
+    le32 reserved;
+
+    /* EC group parameters */
+    struct virtio_crypto_ec_group ec;
+};
+
+struct virtio_crypto_ec_keygen_input {
+    le32 status;
+    le32 reserved;
+
+    /* Private key */
+    struct virtio_crypto_buf d;
+
+    /* Public key */
+    struct virtio_crypto_buf x;
+    struct virtio_crypto_buf y;
+};
+\end{lstlisting}
+
+EC key-generation operation request is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_ec_keygen_req {
+    struct virtio_crypto_ec_keygen_para parameter;
+
+    struct virtio_crypto_ec_keygen_input key;    
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{EC Key Generation Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / EC Key Generation Operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{EC Key Generation Operation}{Device Types / Crypto Device / Device Operation / Asymmetric Crypto Service Operation / EC Key Generation Operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_GEN,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH or VIRTIO_CRYPTO_ASYM_ECDSA.
+\item The driver SHOULD set all fields in \field{parameter} except \field{reserved} field.
+\item The driver MUST check the operation result \field{status} in \field{idata} before it operates other fields in \field{idata}.
+Only if the operation is successful, the other fields in \field{idata} are operatable.
+\end{itemize*}
+
+\paragraph{Key Exchange: Common Structure}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Key Exchange: Common Structure}
+
+Key Exchange request has two kinds of operations in general, key generation and key computation.
+For DH, it has additional operation: parameter generation operation.
+
+\paragraph{Key Exchange: DH Parameter Generation Operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Key Exchange: DH Parameter Generation Operation}
+
+\begin{lstlisting}
+struct virtio_crypto_dh_parameter {
+    le32 modules_len;
+    le32 reserved;
+
+    /* random odd prime number */
+    struct virtio_crypto_buf p;
+    /* base (g) */
+    struct virtio_crypto_buf g;
+};
+
+#define VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY 0
+#define VIRTIO_CRYPTO_KEY_EXCHANGE_COMPUTE_KEY 1
+/* It's only valid in case algorithm is DH */
+#define VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_DH_PARAM 2
+
+struct virtio_crypto_dh_keyexchg_para {
+    /* 
+    * The sub-operation in key exchange, 
+    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
+    */
+    le32 keyexchg_op;
+    le32 reserved;
+
+    struct virtio_crypto_dh_parameter dh_param;
+};
+
+struct virtio_crypto_dh_keyexchg_param_gen_input {
+    le32 status;
+    le32 reserved;
+};
+\end{lstlisting}
+
+DH Parameter Generation Operation in Key-Exchange is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_dh_keyexchg_param_gen_req {
+    struct virtio_crypto_dh_keyexchg_para parameter;
+
+    struct virtio_crypto_dh_keyexchg_param_gen_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{Key Exchange: DH Parameter Generation Operation}{Device Types / Crypto Device / Device Operation /
+Asymmetric Crypto Service Operation / Key Exchange: DH Parameter Generation Operation}
+\begin{itemize*}
+\item The device SHOULD set the operation result in \field{idata}, and set \field{p} and \field{g} in \field{dh_param}.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{Key Exchange: DH Parameter Generation Operation}{Device Types / Crypto Device / Device Operation /
+Asymmetric Crypto Service Operation / Key Exchange: DH Parameter Generation Operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
+\item The driver SHOULD set the \field{keyexchg_op} to VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_DH_PARAM in \field{parameter}.
+\item The driver SHOULD set \field{modules_len} in \field{dh_param}.
+\item The driver MUST check the operation result \field{status} in \field{idata} firstly.
+Only if the operation is successful, the other fields in \field{idata} are operatable.
+\end{itemize*}
+
+\paragraph{Key Exchange: DH Key Generation Operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Key Exchange: DH Key Generation Operation}
+
+\begin{lstlisting}
+struct virtio_crypto_dh_keyexchg_keygen_input {
+    le32 status;
+    le32 reserved;
+
+    /* private key */
+    struct virtio_crypto_buf x;
+    /* public key */
+    struct virtio_crypto_buf y;
+};
+\end{lstlisting}
+
+DH Key Generation Operation in Key-Exchange is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_dh_keyexchg_key_gen_req {
+    struct virtio_crypto_dh_keyexchg_para parameter;
+
+    struct virtio_crypto_dh_key_exchg_keygen_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{Key Exchange: DH Key Generation Operation}{Device Types / Crypto Device / Device Operation /
+Asymmetric Crypto Service Operation / Key Exchange: DH Key Generation Operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{Key Exchange: DH Key Generation Operation}{Device Types / Crypto Device / Device Operation /
+Asymmetric Crypto Service Operation / Key Exchange: DH Key Generation Operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
+\item The driver SHOULD set the \field{keyexchg_op} to VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
+\item The driver SHOULD set all other fields in \field{parameter} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} firstly.
+Only if the operation is successful, the other fields in \field{idata} are operatable.
+\end{itemize*}
+
+\paragraph{Key Exchange: DH Key Computation Operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Key Exchange: DH Key Computation Operation}
+
+\begin{lstlisting}
+struct virtio_crypto_dh_keyexchg_compute_key_output {
+    /* local private key */
+    struct virtio_crypto_buf x;
+    /* peer's public key */
+    struct virtio_crypto_buf y;
+};
+
+struct virtio_crypto_dh_keyexchg_compute_key_input {
+    le32 status;
+    le32 reserved;
+
+    struct virtio_crypto_buf shared_secret;
+};
+\end{lstlisting}
+
+DH Key Computation Operation in Key-Exchange is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_dh_keyexchg_key_compute_req {
+    struct virtio_crypto_dh_keyexchg_para parameter;
+    struct virtio_crypto_dh_keyexchg_compute_key_output odata;
+
+    struct virtio_crypto_dh_keyexchg_compute_key_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{Key Exchange: DH Key Computation Operation}{Device Types / Crypto Device / Device Operation /
+Asymmetric Crypto Service Operation / Key Exchange: DH Key Computation Operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{Key Exchange: DH Key Computation Operation}{Device Types / Crypto Device / Device Operation /
+Asymmetric Crypto Service Operation / Key Exchange: DH Key Computation Operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_DH.
+\item The driver SHOULD set the \field{keyexchg_op} to VIRTIO_CRYPTO_KEY_EXCHANGE_COMPUTE_KEY in \field{parameter}.
+\item The driver SHOULD set all other fields in \field{parameter} except field \field{reserved}.
+\item The driver SHOULD set all fields in \field{odata} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} firstly.
+Only if the operation is successful, the other fields in \field{idata} are operatable.
+\end{itemize*}
+
+\paragraph{Key Exchange: ECDH Key Generation Operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Generation Operation}
+
+\begin{lstlisting}
+struct virtio_crypto_ecdh_keyexchg_keygen_para {
+    /* 
+    * The sub-operation in key exchange, 
+    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
+    */
+    le32 keyexchg_op;
+    le32 reserved;
+    
+    struct virtio_crypto_ec_keygen_para parameter;
+};
+\end{lstlisting}
+
+ECDH Key Generation Operation in Key-Exchange is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_ecdh_keyexchg_key_gen_req {
+    struct virtio_crypto_ecdh_keyexchg_keygen_para parameter;
+
+    struct virtio_crypto_ec_keygen_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{Key Exchange: ECDH Key Generation Operation}{Device Types / Crypto Device / Device Operation /
+Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Generation Operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{Key Exchange: ECDH Key Generation Operation}{Device Types / Crypto Device / Device Operation /
+Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Generation Operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH.
+\item The driver SHOULD set the \field{keyexchg_op} to VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
+\item The driver SHOULD set all other fields in \field{parameter} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} firstly.
+Only if the operation is successful, the other fields in \field{idata} are operatable.
+\end{itemize*}
+
+\paragraph{Key Exchange: ECDH Key Computation Operation}\label{sec:Device Types /
+Crypto Device / Device Operation / Crypto operation / Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Computation Operation}
+
+\begin{lstlisting}
+struct virtio_crypto_ecdh_keyexchg_compute_key_para {
+    /* 
+    * The sub-operation in key exchange, 
+    * see VIRTIO_CRYPTO_KEY_EXCHANGE_ definition
+    */
+    le32 keyexchg_op;
+    le32 reserved;
+    
+    struct virtio_crypto_ec_keygen_para parameter;
+};
+
+struct virtio_crypto_ecdh_keyexchg_compute_key_output {
+    /* local private key */
+    struct virtio_crypto_buf d;
+
+    /* peer's public key */
+    struct virtio_crypto_buf x;
+    struct virtio_crypto_buf y;
+};
+
+struct virtio_crypto_ecdh_keyexchg_compute_key_input {
+    le32 status;
+    le32 reserved;
+
+    struct virtio_crypto_buf shared_secret;
+};
+\end{lstlisting}
+
+ECDH Key Computation Operation in Key-Exchange is defined as below:
+\begin{lstlisting}
+struct virtio_crypto_ecdh_keyexchg_key_compute_req {
+    struct virtio_crypto_ecdh_keyexchg_compute_key_para parameter;
+    struct virtio_crypto_ecdh_keyexchg_compute_key_output odata;
+
+    struct virtio_crypto_ecdh_keyexchg_compute_key_input idata;
+};
+\end{lstlisting}
+
+\devicenormative{\subparagraph}{Key Exchange: ECDH Key Computation Operation}{Device Types / Crypto Device / Device Operation /
+Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Computation Operation}
+\begin{itemize*}
+\item The device SHOULD set the operation results in \field{idata} according to the general device requirments for asymmetric crypto service.
+\end{itemize*}
+
+\drivernormative{\subparagraph}{Key Exchange: ECDH Key Computation Operation}{Device Types / Crypto Device / Device Operation /
+Asymmetric Crypto Service Operation / Key Exchange: ECDH Key Computation Operation}
+\begin{itemize*}
+\item The driver SHOULD set the \field{opcode} in \field{virtio_crypto_op_header} to VIRTIO_CRYPTO_ASYM_KEY_EXCHG,
+set \field{algo} to VIRTIO_CRYPTO_ASYM_ECDH.
+\item The driver SHOULD set the \field{keyexchg_op} to VIRTIO_CRYPTO_KEY_EXCHANGE_GEN_KEY in \field{parameter}.
+\item The driver SHOULD set all other fields in \field{parameter} except field \field{reserved}.
+\item The driver MUST check the operation result \field{status} in \field{idata} firstly.
+Only if the operation is successful, the other fields in \field{idata} are operatable.
+\end{itemize*}