From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 2A4BFA034F; Mon, 11 Oct 2021 17:54:12 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id A1D9A4117D; Mon, 11 Oct 2021 17:52:49 +0200 (CEST) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by mails.dpdk.org (Postfix) with ESMTP id 20C0D41165 for ; Mon, 11 Oct 2021 17:52:46 +0200 (CEST) X-IronPort-AV: E=McAfee;i="6200,9189,10134"; a="225675438" X-IronPort-AV: E=Sophos;i="5.85,364,1624345200"; d="scan'208";a="225675438" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Oct 2021 08:40:35 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,364,1624345200"; d="scan'208";a="490525800" Received: from fmsmsx604.amr.corp.intel.com ([10.18.126.84]) by orsmga008.jf.intel.com with ESMTP; 11 Oct 2021 08:40:34 -0700 Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by fmsmsx604.amr.corp.intel.com (10.18.126.84) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Mon, 11 Oct 2021 08:40:34 -0700 Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Mon, 11 Oct 2021 08:40:33 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12 via Frontend Transport; Mon, 11 Oct 2021 08:40:33 -0700 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.173) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.12; Mon, 11 Oct 2021 08:40:33 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AgzXpny/nw6rOxrcfoj4bcEuhJHWeu9PEKoA9/hKaXhakTbVpd6ITOK70FqN233PY6OhA915eHsQMbRIbYdyfre6rCba1C4NpbtB/0sXRdByFNXFB/qCkCwHyZFiHAI4DOQbZoTGairTIy30+hg0IIajckWaE0usvu0t3FoHhyt+Rkj3lvieu7spPTEkQLHkTFeFfea+HwTj9bWXq5yeH9Gv3I8Q708j9Tuax8CQMqsOs/+kra+qTVZst6sLYWN7OBtFot5mZ2/qzdMviOYq8HQQJFIKGqAKh8R2AM/1I8Tm7bH1smbpqoevLYHiYZmr23fVJwqJCZG3c3MiK43PbQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Y73fDGRv78VLLecz8h+Pe6VZ/7L3LS/GRbbJlDL6Dgk=; b=BahY3qjq5oVt5+upcRitqzwqvARvmuqdtlXYUMQQC2EUtFibA0otsnFPfb7uiTxDtML9LP43ioR7y41fBB/lRgSBD1zdX3prsXSFPJdEJs17x0e1ouLyZKxfW7dPYjhnsgkqRp95rJ6tXiAJfmmCrpK4GVkz1aSUHAX2Qpt0SwZNLrLHJiLqTX0bJfqrNdBabm1ceT3a6vLFirdJAI7Ke+G790Y3CtneYavZxzA1th83F+Os0IS4T2PZpXOClPWDv4CgPsibK7tsTVYyN9hYJB+og5zmTu8/2C23J1jivC8BHA1gfZlNBC/wUh0UPYhtAVYTNomUGPQf58+h2PZE7A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Y73fDGRv78VLLecz8h+Pe6VZ/7L3LS/GRbbJlDL6Dgk=; b=WON1AsKi01eI4ApT2HagHSFEhQbsJ8vREV+q2eDFhjYkwAC+ZtCvJ2lyzH4m2RANRh9G9ZBRQIDw9lcC8fIAIVLS+itXuaEdBo+m2DTQ+ijVCEWlyN9VZLeSSoSlW7A0RmB6L5G/rb84b4xW/ZI9gIenUr7QuxIrLwqsIpNNqhg= Authentication-Results: oss.nxp.com; dkim=none (message not signed) header.d=none;oss.nxp.com; dmarc=none action=none header.from=intel.com; Received: from CO1PR11MB4868.namprd11.prod.outlook.com (2603:10b6:303:90::19) by MWHPR11MB1293.namprd11.prod.outlook.com (2603:10b6:300:1e::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.20; Mon, 11 Oct 2021 15:40:31 +0000 Received: from CO1PR11MB4868.namprd11.prod.outlook.com ([fe80::7c6e:d458:33ed:e579]) by CO1PR11MB4868.namprd11.prod.outlook.com ([fe80::7c6e:d458:33ed:e579%8]) with mapi id 15.20.4587.026; Mon, 11 Oct 2021 15:40:31 +0000 To: Akhil Goyal CC: "dev@dpdk.org" , "declan.doherty@intel.com" , "hemant.agrawal@oss.nxp.com" References: <20210903112257.303961-1-radu.nicolau@intel.com> <20211001095202.3343782-1-radu.nicolau@intel.com> <20211001095202.3343782-9-radu.nicolau@intel.com> From: "Nicolau, Radu" Message-ID: Date: Mon, 11 Oct 2021 16:40:25 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0 Thunderbird/78.14.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-GB X-ClientProxiedBy: DU2PR04CA0358.eurprd04.prod.outlook.com (2603:10a6:10:2b4::31) To CO1PR11MB4868.namprd11.prod.outlook.com (2603:10b6:303:90::19) MIME-Version: 1.0 Received: from [192.168.1.21] (109.255.186.106) by DU2PR04CA0358.eurprd04.prod.outlook.com (2603:10a6:10:2b4::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.21 via Frontend Transport; Mon, 11 Oct 2021 15:40:30 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 7ff8e793-1bc1-452a-6634-08d98ccd7578 X-MS-TrafficTypeDiagnostic: MWHPR11MB1293: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: /KvgE/WtwJKlJcmUvPZ2XLTbmV3lpBzAui9CX7dMrf6wNEX3b3zmLTivVx2xLqdW0qEvlilshRf8YxNa71KmGjA+gsR1C1DpKji+8KsaKAA8iD7rE1QNzYHIkL4Uj/3f/P9/SKYItgOVSIdpuz5kYN6dt464lsptJgPP3GXAQEV2ngETZRcFjoOpmvMQWIph+8vjblAmy8qIhgvDiveCZ/+wXYbUnjVtdhA0D45WH4/KzkwP0fj+cJ1ZZslQFIGMUVTUkNYc6g0X5BRAqiAp1eqJr2r+G7UacvnVL9S4xD6SJopjtxOR45MyDrZ/GHAm+GguIW0jgCGRIzhJXu7lRgHDezpEVABkXESvfzvSK8HrhVEbwn6cWiQi+cYYtINXNDAq9x67l47D8fygEb/+ATpMrRX5WTryE73BcY6gW42Qq6G0grLMIf3/Dopo/1DrAqA5/5T223Xr9f9ANzIfulyZDzvhP62qsaeUwFVHL6U0qyE5MspHjzBjNHmKFAvIvHv0F62D4ap5skEkb20kvJpJLD7xwP5qVIqzZujggSrNEDAMq1zv8IpI4XHTZZB5CSNCA56ws2G3EMGLDt7Ppammn6OPdn8HxbflQb4IFFDe57CgnNN8Do531f/M+9mds7o53y9AUMRzQYsVHltxXaszU8ivw7m9hUY2kdThtwpz1UcAAJ4Rr8+Om5Cbo1Y3s6e3CWDbZfzAt+RYqHcz3ITskWRfH4nZY/zQ/n31Y3I= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO1PR11MB4868.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(5660300002)(66476007)(86362001)(66946007)(26005)(6916009)(2616005)(31686004)(16576012)(38100700002)(66556008)(54906003)(508600001)(956004)(4326008)(31696002)(186003)(83380400001)(8676002)(36756003)(55236004)(316002)(6666004)(6486002)(8936002)(53546011)(2906002)(45980500001)(43740500002); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?TW10anE4L3dkZ0FoUFZhUG5teUlKK0xJNzNnUFJlMmZUdGxkWjc4QVJVUUY4?= =?utf-8?B?ZkpqMlBwSTZwdnhIT3J5TFF0K3VEaEppTmg3TzVhSE5oQkdyVU9CeHR0cjEw?= =?utf-8?B?OGR6YmVoejI3V0dyZVhCdEJFMGFOdEE3bGtjYW0wUHJjSUEwZS91Y0hkZGo3?= =?utf-8?B?Z1VKZjZSYU5rM1J5bWJ4aXRzQ04rZjhHN0E1b09TU2h4Nm5HOTRyU3dzcGFV?= =?utf-8?B?NWxDajRoVFIreElmdnRCMUJ3b2RQYk5xalE2THNuVng0UlVEZGVxMkNlelFX?= =?utf-8?B?cjRZSDEvYTQ0S3pwenFZMkpSWG5sNmM4TG9HSFNMUnZJSXBkQVlWbWRpckl6?= =?utf-8?B?cmlLT1dpKzlxM1I3bGRUMVZGVDcwWVE5WUx1TXJaamRGS0lCZWdXZ1NtRjE1?= =?utf-8?B?aHlEOFdZUEdYZ1pRcm8rSXhSRFBUeVhoK25zWW5mY05GWXJzUGYrVGhnMW5q?= =?utf-8?B?ZUdNaTR2V1dIRFk3TjllUEVpU3NvTDl0eDJKRkFWSUtHQ2ozVk0yUVBUTVI3?= =?utf-8?B?MncrMDJrTUJpcTZQVmFOM0dxSjliM3ZZMHZJbnJaaEZxL0crQm8rZndlY1lQ?= =?utf-8?B?VEN0SzRqdSttUVgvMlY2Y0tHL21mNEFpaWMyL2FwM1RVcFRXeTBVbjQzY0tF?= =?utf-8?B?cUtDT1FmNW9icEh6Yk5DKzQ4U2FvczVtMFU4WVRCblQ1cEwwLzJHdWJWQ2x2?= =?utf-8?B?SEM2S0VvcHZxRnNqVE11c0RZVm1SWDl6Z05nUzVtREE5bGU1TkdYTHpGd04r?= =?utf-8?B?anA2TXBEeEdJeml0UXdLdmVSZEhudnF5ZnpLeGZ2dDJFNFVaMklIRWVwYVF6?= =?utf-8?B?aUZzZTNjekhjMkNvZm1lRVRvTFFhKzRCQXBxUVVnRkVNNDlhMlNvTmJRWFNm?= =?utf-8?B?WmM4U1B0S0Q0dDAyQ3U2V055VmVpa21mQWY1Q0RtVzVYaFVxVVRuMmxGV1Jn?= =?utf-8?B?OFJTZ0VrWUJtd0NrM29tSjZhb1p0czhpNytYaW5zQlppdnY4Vyt4TXEvdjRl?= =?utf-8?B?Ry9QUjJyWUJzUlJtQlpWTmdJVkx3eFdXN2hEdVB0MTJVYjFIMWdzQzE0blBx?= =?utf-8?B?ZDJNcjNGK1dOdjdzWGRycG1ldnVLeEIrYW9VWWhiZXNuaWFvVFVuVlFKMVVa?= =?utf-8?B?MHpyNjlPakpDazdwT3BQZkRPMU1ONmgxTnl0a2RNQ1FXczh0UEcwVTMyTFNx?= =?utf-8?B?YU1Cc0NsOTErWEpKY0F3aVdTQzBvMEp1Y2RtNW9SZ0ZSVE00bGRyTjUyc01o?= =?utf-8?B?ZFV0RitLYUQ4cS91OGcyQTZEZUJEbndSMG9zMGZja3hNRlF4ZGVKWDlyOUhW?= =?utf-8?B?MXF1OHRrQnBQWWlIVzZqbG9ENDI5K0Nvc1ZTQ1J5S0FNSWVuL0dVVHZYazdw?= =?utf-8?B?c1gzM1hRb3NGcFAxS3ZPemR0OXJZTHFmYlhIamJWam1zbHQ3czN0ZXVET1JE?= =?utf-8?B?R09XaWRRWGZxZnpEYkFtWC9RK2lucHdLTUw3OTNBOU1yeGNlaHozVTU4OXRl?= =?utf-8?B?YU1NSnBPRHZoWll4Z2pNNmtvY3hmRDdpSTRuSytUalI3c3dOS2dZcGkwRWla?= =?utf-8?B?WThmZFVhNHVqY05LbVdaQ0plbG5CRWx2VnZZVzhUeGVIRVBmUWFESElyQ0tT?= =?utf-8?B?dE5HOSt0dmJ6SjgySHNZOFNZVldoQnNTdHJra3c3cWlLcFR3YlF6Nm05ZjFm?= =?utf-8?B?RlcrZWpMUEJmeDUwQmxJUWttK3Z1VXdlRUlZRVJ2Mkd3Y2FjWXJhQzZIMnZn?= =?utf-8?Q?kdGy1b+BYTF7W87SYxILUepO7duDUYRUOQt8h5m?= X-MS-Exchange-CrossTenant-Network-Message-Id: 7ff8e793-1bc1-452a-6634-08d98ccd7578 X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB4868.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Oct 2021 15:40:31.7829 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: PnBrlzb0zANbn47LRs5EmH/hucx4AU7XZGeA5rZW5gKkbWHXeqhfzhOdSuxFPdfrXtwrnGAmzCsJRrJDlxp8Yw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR11MB1293 X-OriginatorOrg: intel.com Subject: Re: [dpdk-dev] [EXT] [PATCH v3 8/8] examples/ipsec-secgw: add support for additional algorithms X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" Hi Akhil, thanks for the feedback, some comments below. On 10/8/2021 8:07 PM, Akhil Goyal wrote: >> Add support for AES-GMAC, AES_CTR, AES_XCBC_MAC, >> AES_CCM, CHACHA20_POLY1305 >> >> Signed-off-by: Declan Doherty >> Signed-off-by: Radu Nicolau >> --- >> examples/ipsec-secgw/ipsec.h | 3 +- >> examples/ipsec-secgw/sa.c | 133 ++++++++++++++++++++++++++++++++--- >> 2 files changed, 126 insertions(+), 10 deletions(-) >> > Documentation? > Release notes? I will follow up with an updated patchset. >> - >> +#define MAX_KEY_SIZE 96 > Max key length defined below is 64, then why 96? I guess just to have some room, I will set it back to 64. > >> /* >> } >> >> - if (sa->aead_algo == RTE_CRYPTO_AEAD_AES_GCM) { >> - iv_length = 12; >> + >> + if (sa->aead_algo == RTE_CRYPTO_AEAD_AES_GCM || >> + sa->aead_algo == RTE_CRYPTO_AEAD_AES_CCM || >> + sa->aead_algo == >> RTE_CRYPTO_AEAD_CHACHA20_POLY1305) { >> + >> + if (ips->type == >> + >> RTE_SECURITY_ACTION_TYPE_INLINE_CRYPTO) { >> + iv_length = 8; > How is IV length dependent on the action type? > It should be same for all modes for a particular algorithm. Right? The issue here with inline crypto and AEAD algorithms is that we have the IV and the salt used for building the nonce but only the IV is included in the ESP header. And technically and according to the RFCs the value in the inline branch is the correct one, the other is actually the nonce buffer length, not the IV length. I'm not sure if this is the proper fix, probably it's not, but it's probably a change that will not break it for other crypto devices.