[dpdk-dev] [RFC] cryptodev/sym: GCM IV len != 12 byte case

Kusztal, ArkadiuszX arkadiuszx.kusztal at intel.com
Wed Mar 20 19:47:26 CET 2019

Previous message: [dpdk-dev] [PATCH v2 7/7] ipsec: reorder packet process for esp inbound
Next message: [dpdk-dev] [RFC] cryptodev/sym: GCM IV len != 12 byte case
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi all,

There is a proposition to amend a bit API due to the following lines:

* - For GCM mode, this is either 12 (for 96-bit IVs)

 * or 16, in which case data points to J0.

...

} iv;   /**< Initialisation vector parameters */


Problem arise when driver cannot support J0 input, right now we know that OPENSSL PMD works with IV instead of J0 when iv_len != 12.
So it may be that we have to somehow support both. There are two options, and I am very curious about community opinion.


1)      Add a flag to aead_xform.iv to supports IV or J0 like this:

uint8_t IV_used;

And this could be reflected in capabilities. Of course for 96bits IV this field would not be used, so it would had to be set only for iv.length != 12

2)      Change API comments to something like:

* - For GCM mode, this is either 12 (for 96-bit IVs),

* - for IV length different than 96 bits it is or J0 or IV,

* - refer to specific driver rst or capabilities which one

* - is supported, etc. (J0 by definition is of 16 bytes len)

I cc'ing maintainers of drivers that support iv_len != 16 bytes.
Cannot check how it works as I have no hw.

Regards,
Arek

Previous message: [dpdk-dev] [PATCH v2 7/7] ipsec: reorder packet process for esp inbound
Next message: [dpdk-dev] [RFC] cryptodev/sym: GCM IV len != 12 byte case
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list