[dpdk-dev] [PATCH v2 1/9] cryptodev: clarify API for AES-CCM

Trahe, Fiona fiona.trahe at intel.com
Mon Oct 9 11:57:18 CEST 2017



> -----Original Message-----
> From: De Lara Guarch, Pablo
> Sent: Thursday, September 21, 2017 2:11 PM
> To: Doherty, Declan <declan.doherty at intel.com>; Trahe, Fiona <fiona.trahe at intel.com>; Jain, Deepak K
> <deepak.k.jain at intel.com>; Griffin, John <john.griffin at intel.com>
> Cc: dev at dpdk.org; De Lara Guarch, Pablo <pablo.de.lara.guarch at intel.com>
> Subject: [PATCH v2 1/9] cryptodev: clarify API for AES-CCM
> 
> AES-CCM algorithm has some restrictions when
> handling nonce (IV) and AAD information.
> 
> As the API stated, the nonce needs to be place 1 byte
> after the start of the IV field. This field needs
> to be 16 bytes long, regardless the length of the nonce,
> but it is important to clarify that the first byte
> and the padding added after the nonce may be modified
> by the PMDs using this algorithm.
> 
> Same happens with the AAD. It needs to be placed 18 bytes
> after the start of the AAD field. The field also needs
> to be multiple of 16 bytes long and all memory reserved
> (the first bytes and the padding (may be modified by the PMDs).
> 
> Lastly, nonce is not needed to be placed in the first 16 bytes
> of the AAD, as the API stated, as that depends on the PMD
> used, so the comment has been removed.
> 
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>
Acked-by: Fiona Trahe <fiona.trahe at intel.com>



More information about the dev mailing list