[dpdk-dev] [RFC] cryptodev/sym: GCM IV len != 12 byte case
Trahe, Fiona
fiona.trahe at intel.com
Fri Mar 29 19:02:38 CET 2019
Hi Arek,
> -----Original Message-----
> From: Kusztal, ArkadiuszX
> Sent: Wednesday, March 20, 2019 6:47 PM
> To: dev at dpdk.org; Trahe, Fiona <fiona.trahe at intel.com>; Doherty, Declan <declan.doherty at intel.com>;
> De Lara Guarch, Pablo <pablo.de.lara.guarch at intel.com>; akhil.goyal at nxp.com; ravi1.kumar at amd.com;
> tdu at semihalf.com; lironh at marvell.com; walan at marvell.com
> Subject: [RFC] cryptodev/sym: GCM IV len != 12 byte case
>
> Hi all,
>
> There is a proposition to amend a bit API due to the following lines:
>
> * - For GCM mode, this is either 12 (for 96-bit IVs)
> * or 16, in which case data points to J0.
> ...
> } iv; /**< Initialisation vector parameters */
>
>
> Problem arise when driver cannot support J0 input, right now we know that OPENSSL PMD works with IV
> instead of J0 when iv_len != 12.
> So it may be that we have to somehow support both. There are two options, and I am very curious about
> community opinion.
>
> 1) Add a flag to aead_xform.iv to supports IV or J0 like this:
> uint8_t IV_used;
> And this could be reflected in capabilities. Of course for 96bits IV this field would not be used, so it would
> had to be set only for iv.length != 12
> 2) Change API comments to something like:
> * - For GCM mode, this is either 12 (for 96-bit IVs),
> * - for IV length different than 96 bits it is or J0 or IV,
> * - refer to specific driver rst or capabilities which one
> * - is supported, etc. (J0 by definition is of 16 bytes len)
>
> I cc'ing maintainers of drivers that support iv_len != 12 bytes.
> Cannot check how it works as I have no hw.
>
> Regards,
> Arek
[Fiona] Pablo suggested a simpler approach. Same functional change in API - i.e. support input in both J0 and IV formats, but different implementation, no need for new flags in session or capabilities. Proposal is to use special value 0 to indicate J0 format, in both capabilities and xform, i.e.
appl passes in rte_crypto_cipher_xform.iv.length = 0
=> J0 format, already known to be 16bytes, so no need for explicit length info
appl passes in iv.length > 0
=> IV, so PMD must derive J0. (current API, no change here)
Capability example1: PMD can accept a 16-byte J0 OR a 12 byte IV
.iv_size = {
.min = 0,
.max = 12,
.increment = 12
}
Capability example2: PMD can accept IV of length 12 and 16, but not J0.
.iv_size = {
.min = 12,
.max = 16,
.increment = 4
}
Capability example3: PMD can accept IV of length between 8 and 128, but not J0.
.iv_size = {
.min = 8,
.max = 128,
.increment = 1
}
Capability example4: PMD can accept IV of length between 1 and 128, and also J0.
.iv_size = {
.min = 0,
.max = 128,
.increment = 1
}
What do you think?
More information about the dev
mailing list