[dpdk-dev] [PATCH] [RFC] cryptodev: move AES-GMAC to aead algorithms

[Akhil Goyal]

Hi Arek,

> 
> Hi Akhil,
> 
> @Akhil: Is there a chance getting this change into 20.11?
> 
> Any more comments or anyone see any potential issues with this approach?
> 

I am ok to take this patch in 20.11 release. Could you please send a new version
With complete patch, removing all references of RTE_CRYPTO_AUTH_AES_GMAC.

Please explain in the release notes and deprecation notice as well.


> Subject: Re: [PATCH] [RFC] cryptodev: move AES-GMAC to aead algorithms
> 
> On 29/07/2020 3:22 PM, Arek Kusztal wrote:
> > This is proposal to move AES-GMAC algorithm to AEAD set of algorithms.
> > It is however not 100% conformant GMAC as instead of aad pointer data
> > to be authenticated is passed normally and  aead.data.length field is
> > used to specify length of data to be authenticated.
> > Reason behind this move is that GMAC is variant of GCM so it may
> > simplify implementations that are using these algorithms (mainly IPsec).
> > AES-GMAC therefore needs to be removed from auth algorithms.
> >
> > Signed-off-by: Arek Kusztal <arkadiuszx.kusztal at intel.com>
> > ---
> ..
> >
> 
> I think  this makes sense in light of how AES-GMAC support is specified in the
> IPsec GMAC rfc
> (https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftools.iet
> f.org%2Fhtml%2Frfc4543&data=02%7C01%7Cakhil.goyal%40nxp.com%7Cf
> 0aec031674e4832272108d838f7e961%7C686ea1d3bc2b4c6fa92cd99c5c301635
> %7C0%7C0%7C637321984712376305&sdata=OgaLnAqcAGg1xzD8QfSWn%
> 2F9Qa8vOkqEiZutDZcz5JLo%3D&reserved=0)
> 
> Acked-by: Declan Doherty <declan.doherty at intel.com>