From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9D639A3160 for ; Wed, 9 Oct 2019 17:49:03 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 5FC871E9AA; Wed, 9 Oct 2019 17:49:02 +0200 (CEST) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by dpdk.org (Postfix) with ESMTP id B5F301E9A9 for ; Wed, 9 Oct 2019 17:49:00 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Oct 2019 08:48:59 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,276,1566889200"; d="scan'208";a="184102414" Received: from irsmsx107.ger.corp.intel.com ([163.33.3.99]) by orsmga007.jf.intel.com with ESMTP; 09 Oct 2019 08:48:57 -0700 Received: from irsmsx101.ger.corp.intel.com ([169.254.1.129]) by IRSMSX107.ger.corp.intel.com ([169.254.10.7]) with mapi id 14.03.0439.000; Wed, 9 Oct 2019 16:48:57 +0100 From: "Trahe, Fiona" To: "Kusztal, ArkadiuszX" , "dev@dpdk.org" CC: "akhil.goyal@nxp.com" , "Zhang, Roy Fan" , Shally Verma , Anoob Joseph , "De Lara Guarch, Pablo" , "Doherty, Declan" , "tdu@semihalf.com" , "Trahe, Fiona" Thread-Topic: [RFC] Chacha20 Poly1305 Support Thread-Index: AdV+edRLvl/CZXEDQ/uoyGQBqnN5NQAPhsIQ Date: Wed, 9 Oct 2019 15:48:56 +0000 Message-ID: <348A99DA5F5B7549AA880327E580B43589831A03@IRSMSX101.ger.corp.intel.com> References: <06EE24DD0B19E248B53F6DC8657831551B29FD13@hasmsx109.ger.corp.intel.com> In-Reply-To: <06EE24DD0B19E248B53F6DC8657831551B29FD13@hasmsx109.ger.corp.intel.com> Accept-Language: en-IE, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiYzdkY2UyODEtYzc2OS00ZmMxLWFiNjQtMTUwYzUxMDFkYzA3IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoia1gyUW1YOUpUY2lcL3BXUXdnMzJEckxVd1F5NHpjQWw4OFwvRzdraWlJTE1BWk5UXC95eVwvRGtZd08yVVo2YytyMDQifQ== x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.2.0.6 dlp-reaction: no-action x-originating-ip: [163.33.239.182] Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dpdk-dev] [RFC] Chacha20 Poly1305 Support X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Hi Arek, ------ From: Kusztal, ArkadiuszX=20 Sent: Wednesday, October 9, 2019 9:30 AM To: dev@dpdk.org Cc: akhil.goyal@nxp.com; Zhang, Roy Fan ; Shally V= erma ; Trahe, Fiona ; Anoob Jos= eph ; De Lara Guarch, Pablo ; Doherty, Declan ; tdu@semihalf.com Subject: [RFC] Chacha20 Poly1305 Support Hi, due to increasing interest of crypto protocols in Chacha20-Poly1305 algorit= hm I would like to start discussion about adding it to cryptodev. I would suggest adding something like: @@ -348,6 +348,8 @@ enum rte_crypto_aead_algorithm { =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 /**< AES algorithm in CCM mode. */ =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 RTE_CRYPTO_AEAD_AES_GCM, =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 /**< AES algorithm in GCM mode. */ +=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 RTE_CRYPTO_AEAD_CHACHA20_POLY1305, +=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 /**< Chacha20 encryption cipher with pol= y1305 authenticator */ In 'iv offset' of aead xform +=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0 * - For Chacha20-Poly1305 it is 96-bit nonce. Initial counter +=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0 * value for Chacha20 encryption is set by PMD to 1, meanwhile + =A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0 =A0* for Poly1305 is set to 0 as per rfc7539 2.8. AEAD construction. [Fiona] I'd suggest moving initial counter description to next line as sepa= rate from nonce. And as Poly1305 is used twice in the procedure, maybe reword as: PMD sets initial counter for Poly1305 key generation part to 0 and for Chac= ha20 encryption=20 to 1 as per rfc7539 2.8. AEAD construction. In 'iv length' of aead xform +=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0= =A0=A0 * - For Chacha20-Poly1305 this field is always 12. It is AEAD instead of cipher + auth as rfc7539 explicitly specifies initial= counters to one and zero with AEAD construction, which is not done for Chacha and Poly separately. If in future someone would like to add thes= e algorithms to cipher and auth enums additional field that holds initial c= ounter should be added as well. I have tested it with openssl pmd implementation I have created for test pu= rposes (Chacha Poly is supported since OpenSSL 1.1.0 version) which I may a= ttach if needed. (Sorry if I have not included someone in cc, please cc any interested perso= n) Regards, Arek