Ping. Any comments from odp-crypto-platform implementers / odp-crypto-api consumers ?
Just want to understand the alignment restrictions of Hardware accelerated crypto implementations for cypher and then authentication operation. If there are restrictions in alignment for cypher and auth offset in majority of platforms then current odp api definition combined mode operations may not be good choice for performance effective implementation. For cavium perspective, 8 byte alignment(delta between auth and cypher offset) is required for performance effective cypher and then auth operation implementation. ________________________________________ From: [email protected] <[email protected]> on behalf of Jacob, Jerin <[email protected]> Sent: Tuesday, August 26, 2014 12:57 PM To: [email protected] Subject: [lng-odp] crypto combined mode operation performance for arbitrary cipher and authentication ranges All, "odp_crypto_operation" API definition for combined crypto operation (i.e cypher and _then_ auth operation on non-NULL auth and non-NULL cypher with overlapped range) seems to be too generic. Currently we are passing cypher offset, cypher len, auth offset and auth len parameters to define the overlapped range. Defining the overlapped region with "single byte granularity" will effect the performance in co-processor based cryto instruction implementation like ARMV8 crypto extension. I am not sure about dedicated HW based crypto mechanism, Is dedicated HW cryto implementation supports any arbitrary offset for cypher _and then_ auth operation ? So in this context, I am trying to understand any data plane use case which demands for following overlapped range 1) auth offset > cypher offset(i.e starts with ciphering bytes then authentication) 2) auth offset < cypher offset and ((auth offset - cypher offset) % 8 != 0)), i.e difference between aoffset to coffset is not 8 byte aligned. 3) (auth offset + auth len) < (cypher offset + cypher len), i.e there are bytes needs to cyphered after authentication. If there are not such use-case then its better to define authentication range(in dwords) relative to cypher range for combined crypto operation to get best platform performance. Any thoughts ? Regards, Jerin. _______________________________________________ lng-odp mailing list [email protected] http://lists.linaro.org/mailman/listinfo/lng-odp _______________________________________________ lng-odp mailing list [email protected] http://lists.linaro.org/mailman/listinfo/lng-odp
