cryptomb: support ECDSA (#31789)

Additional Description: The CryptoMB private key provider only supports RSA at the time, the patch adds ECDSA support to it. Risk Level: Low (as contrib extension) Testing: Unit and integration tests Docs Changes: N/A Release Notes: N/A Platform Specific Features: Requires AVX512 or equivalent CPU instruction set Signed-off-by: Xie Zhihao <zhihao.xie@intel.com> Mirrored from https://github.com/envoyproxy/envoy @ 8dcb3165334b8d9fdec7bb9f5f0b103d97f858d3
10 months ago · 4269156324
parent 78221529ed
commit 4269156324
1 changed files with 4 additions and 4 deletions
--- a/contrib/envoy/extensions/private_key_providers/cryptomb/v3alpha/cryptomb.proto
+++ b/contrib/envoy/extensions/private_key_providers/cryptomb/v3alpha/cryptomb.proto
@ -21,10 +21,10 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE;

 // A CryptoMbPrivateKeyMethodConfig message specifies how the CryptoMb private
 // key provider is configured. The private key provider provides ``SIMD``
-// processing for RSA sign and decrypt operations (ECDSA signing uses regular
-// BoringSSL functions). The provider works by gathering the operations into a
-// worker-thread specific queue, and processing the queue using ``ipp-crypto``
-// library when the queue is full or when a timer expires.
+// processing for ECDSA sign operations and RSA sign and decrypt operations.
+// The provider works by gathering the operations into a worker-thread specific
+// queue, and processing the queue using ``ipp-crypto`` library when the queue
+// is full or when a timer expires.
 // [#extension-category: envoy.tls.key_providers]
 message CryptoMbPrivateKeyMethodConfig {
  // Private key to use in the private key provider. If set to inline_bytes or