[dpdk-dev] [PATCH] [RFC] cryptodev: move AES-GMAC to aead algorithms

[Kusztal, ArkadiuszX]

Hi Akhil,

@Akhil: Is there a chance getting this change into 20.11?

Any more comments or anyone see any potential issues with this approach?

Regards,
Arek

-----Original Message-----
From: Doherty, Declan <declan.doherty at intel.com> 
Sent: piątek, 31 lipca 2020 16:34
To: Kusztal, ArkadiuszX <arkadiuszx.kusztal at intel.com>; dev at dpdk.org
Cc: akhil.goyal at nxp.com; Trahe, Fiona <fiona.trahe at intel.com>; anoobj at marvell.com; shallyv at marvell.com; Zhang, Roy Fan <roy.fan.zhang at intel.com>; Ananyev, Konstantin <konstantin.ananyev at intel.com>
Subject: Re: [PATCH] [RFC] cryptodev: move AES-GMAC to aead algorithms

On 29/07/2020 3:22 PM, Arek Kusztal wrote:
> This is proposal to move AES-GMAC algorithm to AEAD set of algorithms. 
> It is however not 100% conformant GMAC as instead of aad pointer data 
> to be authenticated is passed normally and  aead.data.length field is 
> used to specify length of data to be authenticated.
> Reason behind this move is that GMAC is variant of GCM so it may 
> simplify implementations that are using these algorithms (mainly IPsec).
> AES-GMAC therefore needs to be removed from auth algorithms.
> 
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal at intel.com>
> ---
..
> 

I think  this makes sense in light of how AES-GMAC support is specified in the IPsec GMAC rfc (https://tools.ietf.org/html/rfc4543)

Acked-by: Declan Doherty <declan.doherty at intel.com>