merged GCM in MB API(PoC)

[deadcafe]

The PoC cord which made GCM correspond to MB API was made. But a part of a C language was rewritten except for MD5. Can't it be used for the next edition?

[tkanteck]

Thanks for your interest in the library. I really appreciate your ideas and enthusiasm. At the moment we don't see a value in adding GCM under common MB API. This is because GCM implementation doesn't use multi-buffer technology and there is no benefit from putting it under MB API.

[deadcafe]

Thank you for your reply. I am using this library for DPDK APP, but there are some problems. In order to keep the execution completion order and AUTH-TAG and IV (counter block) in CTR mode, an upper layer for managing the session is required.It is my proposed implementation to solve this problem.

Modification of the security library is very troublesome for export control, so I do not want to do it as an enterprise activity.

[deadcafe]

Can't context be separated from key information on gcm_data? gcm_data { cipher_key; -> cipher_key_ptr; hash_key; -> hash_key_ptr; context; } This is also capable of maintenance of the compatibility.

The Key information is usually maintained in IPsec SA, these are handled as const information. IPsec SA sometimes disposes of more than one packet at the same time, so crytpo session information should be independent with a key.

[tkanteck]

Thanks again for your contributions to the project. They are highly appreciated. I see you have valid, real life use cases and you have very good knowledge of the library.

For big patches and API improvements/changes I suggest to file an issue at https://github.com/01org/intel-ipsec-mb/issues to describe problem to address. Once there is agreement about the problem and solution for it then it will be much easier to review code changes. It is also easier to tackle problems one by one rather than in groups.

I am open to meet and discuss details in relation to this patch - please contact me over email.

[deadcafe]

OK. I move to issue page.