From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 859FFA0577; Mon, 6 Apr 2020 08:46:20 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 053D81BEDF; Mon, 6 Apr 2020 08:46:20 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by dpdk.org (Postfix) with ESMTP id E57782BE9 for ; Mon, 6 Apr 2020 08:46:18 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 0366jl9H032723; Sun, 5 Apr 2020 23:46:18 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=pfpt0818; bh=qzwy9gFoUOT/D5LMyIjXHvbNoEwZNex2QOfl8QwbRoU=; b=Rt3EyS0yN0gN2xRN1hpD2fUvbJ7EJoMtk8Bq8zKYx6SvYtdnOx+Fk6yaUCM8SPdIXnGB x7YEmPoxEEad0i4CwZJvuiPtQ6EV7fKz9X62Ky+iPsmRsZQKjtjT+x8HUB64I/Y3Cl/W sCC0tRNLxqEKtuZfje5aKNulBskSdZH9gsJ77a8JDGp3MW49YaEqy7gajyJ8IKa7Ejgt inADcRlloqqscR8F9rsvIRnt05vJvrJ03Dvdt6107Ci4ICHe8Yt8jRbtnFmEsQpt08Dh ZhF5+7TfiDZRNTl7KezfMQ0DNi12vOVK1fnHDMBPPHE0BFMsJhjE8sszNiGL8EtEa7/f TQ== Received: from sc-exch02.marvell.com ([199.233.58.182]) by mx0b-0016f401.pphosted.com with ESMTP id 306srm4mw6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Sun, 05 Apr 2020 23:46:18 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by SC-EXCH02.marvell.com (10.93.176.82) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sun, 5 Apr 2020 23:46:16 -0700 Received: from SC-EXCH02.marvell.com (10.93.176.82) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sun, 5 Apr 2020 23:46:15 -0700 Received: from NAM11-CO1-obe.outbound.protection.outlook.com (104.47.56.169) by SC-EXCH02.marvell.com (10.93.176.82) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Sun, 5 Apr 2020 23:46:15 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hk+ad9UXPmLKhi9ZirBaxEATJq0PvYG3z6ZLhT/A8CEOpxD/HtVzPPoLoKQAdu1v/Wi80xS4SWbyihltswtYAUouQn3rABa0salKqKg27ZMxftXajD57mloB38uzSDKhGu8I14oqhcZYnHKnaRtDKBG2E/XrtVd9hVwg8dzQjspEog7XytQIOND1IsmXBRTqD9yKGpuAH7QZAz3a+vNteUbslWMZQlIvDpFi0KSD5p9BcIrVRwwrwnt3vbz5E2WApjARtKRlg+0Xin77YrWkyswsmdo7YAaPpKkSGqGH/BKj+0MJ5Rm/v0sVNIrKIwB7EsElC0GbuoJQIwapfliqew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qzwy9gFoUOT/D5LMyIjXHvbNoEwZNex2QOfl8QwbRoU=; b=YRE3Ic/7NV8U6wDrGTQfeaSCe+NVhv63Bi6ZlaZoOFs0MPDwUgPjWwxGN/E3iecORpBp7CKfVSOvUcoh7QyAsRgpSZbI1cxTukRqm84wIXVltuBDba6IFjoFwf2pBe39RjAALz+t86s59QGuzgBUF3lrVHtADeGYhCCQ96KAywxGoSfVBeMTJlu5uHEzuMjZ2QAEDCaN/kRXAt0+PqTepSQ0xkYbXt0G47eWniaw1oKB7Qh7mJI9tahqd0Ok/psK83dNV0gjuu5CIlOuhnAYEhVdR1oMKueF6tKsjM9xuWhUwyQnBzGDuxdCnqjpupW+ZlbN2wC1y3ZqV3hXsE2dDQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marvell.com; dmarc=pass action=none header.from=marvell.com; dkim=pass header.d=marvell.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.onmicrosoft.com; s=selector1-marvell-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qzwy9gFoUOT/D5LMyIjXHvbNoEwZNex2QOfl8QwbRoU=; b=GhPzAmJYdTp97rozXafzzq12x/rFAu8/dY87YGFrc9ThcPBoipmMtC/CYnRHKQUSKkdxnorr7JT7MSRCK8UPelatQfCcaVus5VD9AgXH7PHFoc1RHWUw/++vWRlyxPHCSQ6umtHKqbwXmtLT52zPc9vYuE3la24OFh7KL2+iUSo= Received: from MN2PR18MB2877.namprd18.prod.outlook.com (2603:10b6:208:3b::26) by MN2PR18MB2991.namprd18.prod.outlook.com (2603:10b6:208:a4::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2878.20; Mon, 6 Apr 2020 06:46:14 +0000 Received: from MN2PR18MB2877.namprd18.prod.outlook.com ([fe80::648f:e7fa:f95e:191b]) by MN2PR18MB2877.namprd18.prod.outlook.com ([fe80::648f:e7fa:f95e:191b%2]) with mapi id 15.20.2878.016; Mon, 6 Apr 2020 06:46:14 +0000 From: Anoob Joseph To: Akhil Goyal , Radu Nicolau CC: Narayana Prasad Raju Athreya , Tejasree Kondoj , "dev@dpdk.org" Thread-Topic: [PATCH v3] examples/ipsec-secgw: support 192/256 AES key sizes Thread-Index: AQHWCWMKGDDWiADXCkCNPAf0PSDq8ahqqdKAgAAa7hCAAOVtgIAAAEhA Date: Mon, 6 Apr 2020 06:46:13 +0000 Message-ID: References: <1585221759-23016-1-git-send-email-anoobj@marvell.com> <1585882384-28213-1-git-send-email-anoobj@marvell.com> In-Reply-To: Accept-Language: en-IN, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [27.34.244.203] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: f09eda3d-c1b9-4af4-d2fa-08d7d9f63341 x-ms-traffictypediagnostic: MN2PR18MB2991: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-forefront-prvs: 0365C0E14B x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR18MB2877.namprd18.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(39850400004)(136003)(396003)(366004)(346002)(376002)(66446008)(66556008)(66476007)(81156014)(86362001)(81166006)(8936002)(71200400001)(8676002)(6506007)(53546011)(478600001)(64756008)(316002)(54906003)(110136005)(76116006)(33656002)(4326008)(2906002)(186003)(66946007)(7696005)(26005)(5660300002)(55016002)(52536014)(9686003); DIR:OUT; SFP:1101; received-spf: None (protection.outlook.com: marvell.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: OVyjsCFGoK2zEp+tF4u5DTM6IPa+SfzI6vY7ICFkwl3kVr3rzL+opxk163b7zbUiVdHWwmuQ8IRLZIEAX+TuR5MTd1POBOerSANo4psjoq7MCW5a2JnG/pLNAOUlEFSQx2GnG6d3SYhPMeGVJ+ZDlrCoxG7vLN2JG2woHESECbi74Msvmpy67ZlbwRlnwbrNAYW6vwf4AgiUZ0c39+StZy3IWEc/3L3kJHzqyjxxXzFt1FGAtNvURZaTCiPEWyJBTlFhzymHfQBdD/ENYeeppOgB//TQpix/aVSksnmfnRTSjjiUzCyrzTKeGXY2D93/EV410xBMr5hje8/tK8nY5FvDFTayRYB9UT/sb3aJeiWqtXTeF3PytIULllvrC7v7HRybhA7d63R5F7NpXK2BbBsQ6OCHNHc3NQDllLnMhe0a6fRBbUiueKEijLPr94lT x-ms-exchange-antispam-messagedata: CjR7tC5ARaUmyTmtW8TUIXc5XWtvzsGLgMCsKN96Hk7ituWWzt6FcapAVOc81g02uG8ImJUWXr+dpQYlUIW6FvmQDyeuAKlRPYw9kllIMqyT0c5hqjUf5Wg0eTsrIo9iKWqAZ8bjbglf20lYMDJB1w== Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: f09eda3d-c1b9-4af4-d2fa-08d7d9f63341 X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Apr 2020 06:46:13.9509 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 70e1fb47-1155-421d-87fc-2e58f638b6e0 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: tfxSj5qvOoTc3XXtHy3zGkAogGqA6+E0qAIe4VJpA6bj0y1l3KUZM0nHKEvceAQSvqt1Aezb4FwSu5jfVruOvw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR18MB2991 X-OriginatorOrg: marvell.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138, 18.0.676 definitions=2020-04-06_02:2020-04-03, 2020-04-06 signatures=0 Subject: Re: [dpdk-dev] [PATCH v3] examples/ipsec-secgw: support 192/256 AES key sizes X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Hi Akhil, Please see inline. Thanks, Anoob > -----Original Message----- > From: Akhil Goyal > Sent: Monday, April 6, 2020 12:12 PM > To: Anoob Joseph ; Radu Nicolau > > Cc: Narayana Prasad Raju Athreya ; Tejasree Kondoj > ; dev@dpdk.org > Subject: [EXT] RE: [PATCH v3] examples/ipsec-secgw: support 192/256 AES k= ey > sizes >=20 > External Email >=20 > ---------------------------------------------------------------------- > > > Hi Anoob, > > > > > > > > > > > Adding support for the following, > > > > 1. AES-192-GCM > > > > 2. AES-256-GCM > > > > 3. AES-192-CBC > > > > > > > > Signed-off-by: Anoob Joseph > > > > Signed-off-by: Tejasree Kondoj > > > > --- > > > > v3: > > > > * Fixed incorrect AES-GCM key length being printed during app > > > > startup > > > > * Introduced new macro 'SALT_SIZE' to make the usage more obvious > > > > (AES- > > > GCM > > > > key has key following 4 byte salt) > > > > * Minor cleanup for the existing code. > > > > > > I believe GCM keys are extended by 4 bytes to include the SALT value > > > in many apps. > > > We may add a comment that it is including the SALT value, but it > > > makes more confusing now. > > > > > > The length which is being printed is 16Bytes but we expect the user > > > to have 20Bytes In the ep0.cfg file. This will be confusing also to > > > configure the packet capturing APPs Like wireshark which accepts 20By= te > keys in case of GCM. > > > > [Anoob] The ones I've edited is just internal data structures. These > > are not exposed and not directly printed anywhere. > > > > spi_in( 51):aes-128-gcm mode:IP4Tunnel 10.0.10.1 10.0.10.2 > > type:inline- protocol-offload spi_in( 52):aes-192-gcm mode:IP4Tunnel > > 10.0.20.1 10.0.20.2 type:inline- protocol-offload spi_in( > > 53):aes-256-gcm mode:IP4Tunnel 10.0.30.1 10.0.30.2 type:inline- > > protocol-offload > > > > Also, my initial patch didn't try to address this aspect. In that > > patch, I had the following addition, in which key length was clearly no= t > matching the string. > > > > { > > .keyword =3D "aes-192-gcm", > > .algo =3D RTE_CRYPTO_AEAD_AES_GCM, > > .iv_len =3D 8, > > .block_size =3D 4, > > .key_len =3D 28, > > .digest_len =3D 16, > > .aad_len =3D 8, > > }, > > > > In either case, the "misleading" part in config file would stay as the > > string would be "aes-128-gcm"/"aes-192-gcm"/"aes-256-gcm", and the key > > specified will have additional 4 bytes. Please do comment inline on > > what you think is the right approach. You can check if you are fine > > with v2 approach. I can resend that with a minor change required in the= print. > > > > One more thing. I was just checking the ipsec-secgw documentation of > > AEAD keys. I think we need to update that as well. > > > > Syntax: Hexadecimal bytes (0x0-0xFF) concatenate by colon symbol ':'. > > The number of bytes should be as same as the specified AEAD algorithm k= ey > size. > > > > For example: aead_key A1:B2:C3:D4:A1:B2:C3:D4:A1:B2:C3:D4: A1:B2:C3:D4 > > > > Can you advice on what should be the approach here? > > > I think it is better to have the key len include the 4 bytes of SALT and = cfg file has > those 4 bytes Inline with the key. We can add a print to specify that las= t 4 bytes > are salt. > And Yes for AEAD doc, we can add a statement that keylen should include t= he > the 4bytes of SALT. > And user should specify the extra 4 bytes. >=20 > So I believe your v2 was good enough with some additional documentations. [Anoob] Will submit v2 with the changes discussed.