All, "odp_crypto_operation" API definition for combined crypto operation (i.e cypher and _then_ auth operation on non-NULL auth and non-NULL cypher with overlapped range) seems to be too generic. Currently we are passing cypher offset, cypher len, auth offset and auth len parameters to define the overlapped range.
Defining the overlapped region with "single byte granularity" will effect the performance in co-processor based cryto instruction implementation like ARMV8 crypto extension. I am not sure about dedicated HW based crypto mechanism, Is dedicated HW cryto implementation supports any arbitrary offset for cypher _and then_ auth operation ? So in this context, I am trying to understand any data plane use case which demands for following overlapped range 1) auth offset > cypher offset(i.e starts with ciphering bytes then authentication) 2) auth offset < cypher offset and ((auth offset - cypher offset) % 8 != 0)), i.e difference between aoffset to coffset is not 8 byte aligned. 3) (auth offset + auth len) < (cypher offset + cypher len), i.e there are bytes needs to cyphered after authentication. If there are not such use-case then its better to define authentication range(in dwords) relative to cypher range for combined crypto operation to get best platform performance. Any thoughts ? Regards, Jerin. _______________________________________________ lng-odp mailing list [email protected] http://lists.linaro.org/mailman/listinfo/lng-odp
