+ Michael From: Kusztal, ArkadiuszX <[email protected]> Sent: Wednesday, March 20, 2019 20:47 To: [email protected]; Trahe, Fiona <[email protected]>; Doherty, Declan <[email protected]>; De Lara Guarch, Pablo <[email protected]>; [email protected]; [email protected]; [email protected]; Liron Himi <[email protected]>; Alan Winkowski <[email protected]> Subject: [EXT] [RFC] cryptodev/sym: GCM IV len != 12 byte case
External Email ________________________________ Hi all, There is a proposition to amend a bit API due to the following lines: * - For GCM mode, this is either 12 (for 96-bit IVs) * or 16, in which case data points to J0. ... } iv; /**< Initialisation vector parameters */ Problem arise when driver cannot support J0 input, right now we know that OPENSSL PMD works with IV instead of J0 when iv_len != 12. So it may be that we have to somehow support both. There are two options, and I am very curious about community opinion. 1. Add a flag to aead_xform.iv to supports IV or J0 like this: uint8_t IV_used; And this could be reflected in capabilities. Of course for 96bits IV this field would not be used, so it would had to be set only for iv.length != 12 1. Change API comments to something like: * - For GCM mode, this is either 12 (for 96-bit IVs), * - for IV length different than 96 bits it is or J0 or IV, * - refer to specific driver rst or capabilities which one * - is supported, etc. (J0 by definition is of 16 bytes len) I cc'ing maintainers of drivers that support iv_len != 16 bytes. Cannot check how it works as I have no hw. Regards, Arek
