[dpdk-dev] [PATCH] [RFC] cryptodev: move AES-GMAC to aead algorithms
Trahe, Fiona
fiona.trahe at intel.com
Wed Jul 29 18:20:52 CEST 2020
Hi Arek,
Small typo below.
> -----Original Message-----
> From: Kusztal, ArkadiuszX <arkadiuszx.kusztal at intel.com>
> Sent: Wednesday, July 29, 2020 3:22 PM
> To: dev at dpdk.org
> Cc: akhil.goyal at nxp.com; Trahe, Fiona <fiona.trahe at intel.com>; anoobj at marvell.com;
> shallyv at marvell.com; Doherty, Declan <declan.doherty at intel.com>; Zhang, Roy Fan
> <roy.fan.zhang at intel.com>; Ananyev, Konstantin <konstantin.ananyev at intel.com>; Kusztal, ArkadiuszX
> <arkadiuszx.kusztal at intel.com>
> Subject: [PATCH] [RFC] cryptodev: move AES-GMAC to aead algorithms
>
> This is proposal to move AES-GMAC algorithm to AEAD set
> of algorithms. It is however not 100% conformant GMAC as instead of aad pointer
> data to be authenticated is passed normally and aead.data.length field
> is used to specify length of data to be authenticated.
> Reason behind this move is that GMAC is variant of GCM so it may
> simplify implementations that are using these algorithms (mainly IPsec).
> AES-GMAC therefore needs to be removed from auth algorithms.
>
> Signed-off-by: Arek Kusztal <arkadiuszx.kusztal at intel.com>
> ---
> lib/librte_cryptodev/rte_crypto_sym.h | 15 +++++++++++----
> lib/librte_cryptodev/rte_cryptodev.c | 4 ++--
> 2 files changed, 13 insertions(+), 6 deletions(-)
>
> diff --git a/lib/librte_cryptodev/rte_crypto_sym.h b/lib/librte_cryptodev/rte_crypto_sym.h
> index f29c980..1b43c6e 100644
> --- a/lib/librte_cryptodev/rte_crypto_sym.h
> +++ b/lib/librte_cryptodev/rte_crypto_sym.h
> @@ -255,8 +255,6 @@ enum rte_crypto_auth_algorithm {
> /**< AES-CBC-MAC algorithm. Only 128-bit keys are supported. */
> RTE_CRYPTO_AUTH_AES_CMAC,
> /**< AES CMAC algorithm. */
> - RTE_CRYPTO_AUTH_AES_GMAC,
> - /**< AES GMAC algorithm. */
> RTE_CRYPTO_AUTH_AES_XCBC_MAC,
> /**< AES XCBC algorithm. */
>
> @@ -414,6 +412,8 @@ enum rte_crypto_aead_algorithm {
> /**< AES algorithm in GCM mode. */
> RTE_CRYPTO_AEAD_CHACHA20_POLY1305,
> /**< Chacha20 cipher with poly1305 authenticator */
> + RTE_CRYPTO_AEAD_AES_GMAC,
> + /**< AES-GCM algorithm in GMAC mode. */
> RTE_CRYPTO_AEAD_LIST_END
> };
>
> @@ -468,7 +468,7 @@ struct rte_crypto_aead_xform {
> uint16_t length;
> /**< Length of valid IV data.
> *
> - * - For GCM mode, this is either:
> + * - For GCM and GMAC mode, this is either:
> * 1) Number greater or equal to one, which means that IV
> * is used and J0 will be computed internally, a minimum
> * of 16 bytes must be allocated.
> @@ -490,6 +490,8 @@ struct rte_crypto_aead_xform {
> * For CCM mode, this is the length of the actual AAD, even though
> * it is required to reserve 18 bytes before the AAD and padding
> * at the end of it, so a multiple of 16 bytes is allocated.
> + *
> + * For RTE_CRYPTO_AEAD_AES_GMAC this field should be set to 0.
> */
> };
>
> @@ -584,7 +586,10 @@ struct rte_crypto_sym_op {
> uint32_t length;
> /**< The message length, in bytes, of the source buffer
> * on which the cryptographic operation will be
> - * computed. This must be a multiple of the block size
> + * computed.
> + *
> + * For RTE_CRYPTO_AEAD_AES_GMAC this is length of data to be
> + * authenticated.
> */
> } data; /**< Data offsets and length for AEAD */
> struct {
> @@ -617,6 +622,8 @@ struct rte_crypto_sym_op {
> * needed for authenticated cipher mechanisms (CCM and
> * GCM)
> *
> + * For GCM this field is unused
[Fiona] typo GCM->GMAC
More information about the dev
mailing list