numam-dpdk/doc/guides/cryptodevs/aesni_mb.rst

151 lines
5.4 KiB
ReStructuredText
Raw Normal View History

aesni_mb: add driver for multi buffer based crypto This patch provides the initial implementation of the AES-NI multi-buffer based crypto poll mode driver using DPDK's new cryptodev framework. This PMD is dependent on Intel's multibuffer library, see the whitepaper "Fast Multi-buffer IPsec Implementations on Intel® Architecture Processors", see ref 1 for details on the library's design and ref 2 to download the library itself. This initial implementation is limited to supporting the chained operations of "hash then cipher" or "cipher then hash" for the following cipher and hash algorithms: Cipher algorithms: - RTE_CRYPTO_CIPHER_AES_CBC (with 128-bit, 192-bit and 256-bit keys supported) Authentication algorithms: - RTE_CRYPTO_AUTH_SHA1_HMAC - RTE_CRYPTO_AUTH_SHA256_HMAC - RTE_CRYPTO_AUTH_SHA512_HMAC - RTE_CRYPTO_AUTH_AES_XCBC_MAC Important Note: Due to the fact that the multi-buffer library is designed for accelerating IPsec crypto operation, the digest's generated for the HMAC functions are truncated to lengths specified by IPsec RFC's, ie RFC2404 for using HMAC-SHA-1 with IPsec specifies that the digest is truncate from 20 to 12 bytes. Build instructions: To build DPDK with the AESNI_MB_PMD the user is required to download (ref 2) and compile the multi-buffer library on there system before building DPDK. The environmental variable AESNI_MULTI_BUFFER_LIB_PATH must be exported with the path where you extracted and built the multi buffer library and finally set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_linuxapp. Current status: It's doesn't support crypto operation across chained mbufs, or cipher only or hash only operations. ref 1: https://www-ssl.intel.com/content/www/us/en/intelligent-systems/intel-technology/fast-multi-buffer-ipsec-implementations-ia-processors-p ref 2: https://downloadcenter.intel.com/download/22972 Signed-off-by: Declan Doherty <declan.doherty@intel.com> Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2015-11-25 13:25:15 +00:00
.. BSD LICENSE
Copyright(c) 2015-2017 Intel Corporation. All rights reserved.
aesni_mb: add driver for multi buffer based crypto This patch provides the initial implementation of the AES-NI multi-buffer based crypto poll mode driver using DPDK's new cryptodev framework. This PMD is dependent on Intel's multibuffer library, see the whitepaper "Fast Multi-buffer IPsec Implementations on Intel® Architecture Processors", see ref 1 for details on the library's design and ref 2 to download the library itself. This initial implementation is limited to supporting the chained operations of "hash then cipher" or "cipher then hash" for the following cipher and hash algorithms: Cipher algorithms: - RTE_CRYPTO_CIPHER_AES_CBC (with 128-bit, 192-bit and 256-bit keys supported) Authentication algorithms: - RTE_CRYPTO_AUTH_SHA1_HMAC - RTE_CRYPTO_AUTH_SHA256_HMAC - RTE_CRYPTO_AUTH_SHA512_HMAC - RTE_CRYPTO_AUTH_AES_XCBC_MAC Important Note: Due to the fact that the multi-buffer library is designed for accelerating IPsec crypto operation, the digest's generated for the HMAC functions are truncated to lengths specified by IPsec RFC's, ie RFC2404 for using HMAC-SHA-1 with IPsec specifies that the digest is truncate from 20 to 12 bytes. Build instructions: To build DPDK with the AESNI_MB_PMD the user is required to download (ref 2) and compile the multi-buffer library on there system before building DPDK. The environmental variable AESNI_MULTI_BUFFER_LIB_PATH must be exported with the path where you extracted and built the multi buffer library and finally set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_linuxapp. Current status: It's doesn't support crypto operation across chained mbufs, or cipher only or hash only operations. ref 1: https://www-ssl.intel.com/content/www/us/en/intelligent-systems/intel-technology/fast-multi-buffer-ipsec-implementations-ia-processors-p ref 2: https://downloadcenter.intel.com/download/22972 Signed-off-by: Declan Doherty <declan.doherty@intel.com> Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2015-11-25 13:25:15 +00:00
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the
distribution.
* Neither the name of Intel Corporation nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
AESN-NI Multi Buffer Crypto Poll Mode Driver
aesni_mb: add driver for multi buffer based crypto This patch provides the initial implementation of the AES-NI multi-buffer based crypto poll mode driver using DPDK's new cryptodev framework. This PMD is dependent on Intel's multibuffer library, see the whitepaper "Fast Multi-buffer IPsec Implementations on Intel® Architecture Processors", see ref 1 for details on the library's design and ref 2 to download the library itself. This initial implementation is limited to supporting the chained operations of "hash then cipher" or "cipher then hash" for the following cipher and hash algorithms: Cipher algorithms: - RTE_CRYPTO_CIPHER_AES_CBC (with 128-bit, 192-bit and 256-bit keys supported) Authentication algorithms: - RTE_CRYPTO_AUTH_SHA1_HMAC - RTE_CRYPTO_AUTH_SHA256_HMAC - RTE_CRYPTO_AUTH_SHA512_HMAC - RTE_CRYPTO_AUTH_AES_XCBC_MAC Important Note: Due to the fact that the multi-buffer library is designed for accelerating IPsec crypto operation, the digest's generated for the HMAC functions are truncated to lengths specified by IPsec RFC's, ie RFC2404 for using HMAC-SHA-1 with IPsec specifies that the digest is truncate from 20 to 12 bytes. Build instructions: To build DPDK with the AESNI_MB_PMD the user is required to download (ref 2) and compile the multi-buffer library on there system before building DPDK. The environmental variable AESNI_MULTI_BUFFER_LIB_PATH must be exported with the path where you extracted and built the multi buffer library and finally set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_linuxapp. Current status: It's doesn't support crypto operation across chained mbufs, or cipher only or hash only operations. ref 1: https://www-ssl.intel.com/content/www/us/en/intelligent-systems/intel-technology/fast-multi-buffer-ipsec-implementations-ia-processors-p ref 2: https://downloadcenter.intel.com/download/22972 Signed-off-by: Declan Doherty <declan.doherty@intel.com> Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2015-11-25 13:25:15 +00:00
============================================
The AESNI MB PMD (**librte_pmd_aesni_mb**) provides poll mode crypto driver
support for utilizing Intel multi buffer library, see the white paper
aesni_mb: add driver for multi buffer based crypto This patch provides the initial implementation of the AES-NI multi-buffer based crypto poll mode driver using DPDK's new cryptodev framework. This PMD is dependent on Intel's multibuffer library, see the whitepaper "Fast Multi-buffer IPsec Implementations on Intel® Architecture Processors", see ref 1 for details on the library's design and ref 2 to download the library itself. This initial implementation is limited to supporting the chained operations of "hash then cipher" or "cipher then hash" for the following cipher and hash algorithms: Cipher algorithms: - RTE_CRYPTO_CIPHER_AES_CBC (with 128-bit, 192-bit and 256-bit keys supported) Authentication algorithms: - RTE_CRYPTO_AUTH_SHA1_HMAC - RTE_CRYPTO_AUTH_SHA256_HMAC - RTE_CRYPTO_AUTH_SHA512_HMAC - RTE_CRYPTO_AUTH_AES_XCBC_MAC Important Note: Due to the fact that the multi-buffer library is designed for accelerating IPsec crypto operation, the digest's generated for the HMAC functions are truncated to lengths specified by IPsec RFC's, ie RFC2404 for using HMAC-SHA-1 with IPsec specifies that the digest is truncate from 20 to 12 bytes. Build instructions: To build DPDK with the AESNI_MB_PMD the user is required to download (ref 2) and compile the multi-buffer library on there system before building DPDK. The environmental variable AESNI_MULTI_BUFFER_LIB_PATH must be exported with the path where you extracted and built the multi buffer library and finally set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_linuxapp. Current status: It's doesn't support crypto operation across chained mbufs, or cipher only or hash only operations. ref 1: https://www-ssl.intel.com/content/www/us/en/intelligent-systems/intel-technology/fast-multi-buffer-ipsec-implementations-ia-processors-p ref 2: https://downloadcenter.intel.com/download/22972 Signed-off-by: Declan Doherty <declan.doherty@intel.com> Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2015-11-25 13:25:15 +00:00
`Fast Multi-buffer IPsec Implementations on Intel® Architecture Processors
<https://www-ssl.intel.com/content/www/us/en/intelligent-systems/intel-technology/fast-multi-buffer-ipsec-implementations-ia-processors-paper.html?wapkw=multi+buffer>`_.
The AES-NI MB PMD has current only been tested on Fedora 21 64-bit with gcc.
Features
--------
AESNI MB PMD has support for:
Cipher algorithms:
* RTE_CRYPTO_CIPHER_AES128_CBC
* RTE_CRYPTO_CIPHER_AES192_CBC
* RTE_CRYPTO_CIPHER_AES256_CBC
* RTE_CRYPTO_CIPHER_AES128_CTR
* RTE_CRYPTO_CIPHER_AES192_CTR
* RTE_CRYPTO_CIPHER_AES256_CTR
* RTE_CRYPTO_CIPHER_AES_DOCSISBPI
* RTE_CRYPTO_CIPHER_DES_CBC
* RTE_CRYPTO_CIPHER_DES_DOCSISBPI
aesni_mb: add driver for multi buffer based crypto This patch provides the initial implementation of the AES-NI multi-buffer based crypto poll mode driver using DPDK's new cryptodev framework. This PMD is dependent on Intel's multibuffer library, see the whitepaper "Fast Multi-buffer IPsec Implementations on Intel® Architecture Processors", see ref 1 for details on the library's design and ref 2 to download the library itself. This initial implementation is limited to supporting the chained operations of "hash then cipher" or "cipher then hash" for the following cipher and hash algorithms: Cipher algorithms: - RTE_CRYPTO_CIPHER_AES_CBC (with 128-bit, 192-bit and 256-bit keys supported) Authentication algorithms: - RTE_CRYPTO_AUTH_SHA1_HMAC - RTE_CRYPTO_AUTH_SHA256_HMAC - RTE_CRYPTO_AUTH_SHA512_HMAC - RTE_CRYPTO_AUTH_AES_XCBC_MAC Important Note: Due to the fact that the multi-buffer library is designed for accelerating IPsec crypto operation, the digest's generated for the HMAC functions are truncated to lengths specified by IPsec RFC's, ie RFC2404 for using HMAC-SHA-1 with IPsec specifies that the digest is truncate from 20 to 12 bytes. Build instructions: To build DPDK with the AESNI_MB_PMD the user is required to download (ref 2) and compile the multi-buffer library on there system before building DPDK. The environmental variable AESNI_MULTI_BUFFER_LIB_PATH must be exported with the path where you extracted and built the multi buffer library and finally set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_linuxapp. Current status: It's doesn't support crypto operation across chained mbufs, or cipher only or hash only operations. ref 1: https://www-ssl.intel.com/content/www/us/en/intelligent-systems/intel-technology/fast-multi-buffer-ipsec-implementations-ia-processors-p ref 2: https://downloadcenter.intel.com/download/22972 Signed-off-by: Declan Doherty <declan.doherty@intel.com> Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2015-11-25 13:25:15 +00:00
Hash algorithms:
* RTE_CRYPTO_HASH_MD5_HMAC
* RTE_CRYPTO_HASH_SHA1_HMAC
* RTE_CRYPTO_HASH_SHA224_HMAC
* RTE_CRYPTO_HASH_SHA256_HMAC
* RTE_CRYPTO_HASH_SHA384_HMAC
* RTE_CRYPTO_HASH_SHA512_HMAC
* RTE_CRYPTO_HASH_AES_XCBC_HMAC
aesni_mb: add driver for multi buffer based crypto This patch provides the initial implementation of the AES-NI multi-buffer based crypto poll mode driver using DPDK's new cryptodev framework. This PMD is dependent on Intel's multibuffer library, see the whitepaper "Fast Multi-buffer IPsec Implementations on Intel® Architecture Processors", see ref 1 for details on the library's design and ref 2 to download the library itself. This initial implementation is limited to supporting the chained operations of "hash then cipher" or "cipher then hash" for the following cipher and hash algorithms: Cipher algorithms: - RTE_CRYPTO_CIPHER_AES_CBC (with 128-bit, 192-bit and 256-bit keys supported) Authentication algorithms: - RTE_CRYPTO_AUTH_SHA1_HMAC - RTE_CRYPTO_AUTH_SHA256_HMAC - RTE_CRYPTO_AUTH_SHA512_HMAC - RTE_CRYPTO_AUTH_AES_XCBC_MAC Important Note: Due to the fact that the multi-buffer library is designed for accelerating IPsec crypto operation, the digest's generated for the HMAC functions are truncated to lengths specified by IPsec RFC's, ie RFC2404 for using HMAC-SHA-1 with IPsec specifies that the digest is truncate from 20 to 12 bytes. Build instructions: To build DPDK with the AESNI_MB_PMD the user is required to download (ref 2) and compile the multi-buffer library on there system before building DPDK. The environmental variable AESNI_MULTI_BUFFER_LIB_PATH must be exported with the path where you extracted and built the multi buffer library and finally set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_linuxapp. Current status: It's doesn't support crypto operation across chained mbufs, or cipher only or hash only operations. ref 1: https://www-ssl.intel.com/content/www/us/en/intelligent-systems/intel-technology/fast-multi-buffer-ipsec-implementations-ia-processors-p ref 2: https://downloadcenter.intel.com/download/22972 Signed-off-by: Declan Doherty <declan.doherty@intel.com> Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2015-11-25 13:25:15 +00:00
Limitations
-----------
* Chained mbufs are not supported.
* Only in-place is currently supported (destination address is the same as source address).
aesni_mb: add driver for multi buffer based crypto This patch provides the initial implementation of the AES-NI multi-buffer based crypto poll mode driver using DPDK's new cryptodev framework. This PMD is dependent on Intel's multibuffer library, see the whitepaper "Fast Multi-buffer IPsec Implementations on Intel® Architecture Processors", see ref 1 for details on the library's design and ref 2 to download the library itself. This initial implementation is limited to supporting the chained operations of "hash then cipher" or "cipher then hash" for the following cipher and hash algorithms: Cipher algorithms: - RTE_CRYPTO_CIPHER_AES_CBC (with 128-bit, 192-bit and 256-bit keys supported) Authentication algorithms: - RTE_CRYPTO_AUTH_SHA1_HMAC - RTE_CRYPTO_AUTH_SHA256_HMAC - RTE_CRYPTO_AUTH_SHA512_HMAC - RTE_CRYPTO_AUTH_AES_XCBC_MAC Important Note: Due to the fact that the multi-buffer library is designed for accelerating IPsec crypto operation, the digest's generated for the HMAC functions are truncated to lengths specified by IPsec RFC's, ie RFC2404 for using HMAC-SHA-1 with IPsec specifies that the digest is truncate from 20 to 12 bytes. Build instructions: To build DPDK with the AESNI_MB_PMD the user is required to download (ref 2) and compile the multi-buffer library on there system before building DPDK. The environmental variable AESNI_MULTI_BUFFER_LIB_PATH must be exported with the path where you extracted and built the multi buffer library and finally set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_linuxapp. Current status: It's doesn't support crypto operation across chained mbufs, or cipher only or hash only operations. ref 1: https://www-ssl.intel.com/content/www/us/en/intelligent-systems/intel-technology/fast-multi-buffer-ipsec-implementations-ia-processors-p ref 2: https://downloadcenter.intel.com/download/22972 Signed-off-by: Declan Doherty <declan.doherty@intel.com> Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2015-11-25 13:25:15 +00:00
Installation
------------
To build DPDK with the AESNI_MB_PMD the user is required to download the multi-buffer
library from `here <https://github.com/01org/intel-ipsec-mb>`_
and compile it on their user system before building DPDK.
The latest version of the library supported by this PMD is v0.47, which
can be downloaded from `<https://github.com/01org/intel-ipsec-mb/archive/v0.47.zip>`_.
aesni_mb: add driver for multi buffer based crypto This patch provides the initial implementation of the AES-NI multi-buffer based crypto poll mode driver using DPDK's new cryptodev framework. This PMD is dependent on Intel's multibuffer library, see the whitepaper "Fast Multi-buffer IPsec Implementations on Intel® Architecture Processors", see ref 1 for details on the library's design and ref 2 to download the library itself. This initial implementation is limited to supporting the chained operations of "hash then cipher" or "cipher then hash" for the following cipher and hash algorithms: Cipher algorithms: - RTE_CRYPTO_CIPHER_AES_CBC (with 128-bit, 192-bit and 256-bit keys supported) Authentication algorithms: - RTE_CRYPTO_AUTH_SHA1_HMAC - RTE_CRYPTO_AUTH_SHA256_HMAC - RTE_CRYPTO_AUTH_SHA512_HMAC - RTE_CRYPTO_AUTH_AES_XCBC_MAC Important Note: Due to the fact that the multi-buffer library is designed for accelerating IPsec crypto operation, the digest's generated for the HMAC functions are truncated to lengths specified by IPsec RFC's, ie RFC2404 for using HMAC-SHA-1 with IPsec specifies that the digest is truncate from 20 to 12 bytes. Build instructions: To build DPDK with the AESNI_MB_PMD the user is required to download (ref 2) and compile the multi-buffer library on there system before building DPDK. The environmental variable AESNI_MULTI_BUFFER_LIB_PATH must be exported with the path where you extracted and built the multi buffer library and finally set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_linuxapp. Current status: It's doesn't support crypto operation across chained mbufs, or cipher only or hash only operations. ref 1: https://www-ssl.intel.com/content/www/us/en/intelligent-systems/intel-technology/fast-multi-buffer-ipsec-implementations-ia-processors-p ref 2: https://downloadcenter.intel.com/download/22972 Signed-off-by: Declan Doherty <declan.doherty@intel.com> Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2015-11-25 13:25:15 +00:00
.. code-block:: console
make
aesni_mb: add driver for multi buffer based crypto This patch provides the initial implementation of the AES-NI multi-buffer based crypto poll mode driver using DPDK's new cryptodev framework. This PMD is dependent on Intel's multibuffer library, see the whitepaper "Fast Multi-buffer IPsec Implementations on Intel® Architecture Processors", see ref 1 for details on the library's design and ref 2 to download the library itself. This initial implementation is limited to supporting the chained operations of "hash then cipher" or "cipher then hash" for the following cipher and hash algorithms: Cipher algorithms: - RTE_CRYPTO_CIPHER_AES_CBC (with 128-bit, 192-bit and 256-bit keys supported) Authentication algorithms: - RTE_CRYPTO_AUTH_SHA1_HMAC - RTE_CRYPTO_AUTH_SHA256_HMAC - RTE_CRYPTO_AUTH_SHA512_HMAC - RTE_CRYPTO_AUTH_AES_XCBC_MAC Important Note: Due to the fact that the multi-buffer library is designed for accelerating IPsec crypto operation, the digest's generated for the HMAC functions are truncated to lengths specified by IPsec RFC's, ie RFC2404 for using HMAC-SHA-1 with IPsec specifies that the digest is truncate from 20 to 12 bytes. Build instructions: To build DPDK with the AESNI_MB_PMD the user is required to download (ref 2) and compile the multi-buffer library on there system before building DPDK. The environmental variable AESNI_MULTI_BUFFER_LIB_PATH must be exported with the path where you extracted and built the multi buffer library and finally set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_linuxapp. Current status: It's doesn't support crypto operation across chained mbufs, or cipher only or hash only operations. ref 1: https://www-ssl.intel.com/content/www/us/en/intelligent-systems/intel-technology/fast-multi-buffer-ipsec-implementations-ia-processors-p ref 2: https://downloadcenter.intel.com/download/22972 Signed-off-by: Declan Doherty <declan.doherty@intel.com> Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2015-11-25 13:25:15 +00:00
As a reference, the following table shows a mapping between the past DPDK versions
and the Multi-Buffer library version supported by them:
.. _table_aesni_mb_versions:
.. table:: DPDK and Multi-Buffer library version compatibility
============== ============================
DPDK version Multi-buffer library version
============== ============================
2.2 - 16.11 0.43 - 0.44
17.02 0.44
17.05 - 17.08 0.45 - 0.47
17.11+ 0.47
============== ============================
Initialization
--------------
In order to enable this virtual crypto PMD, user must:
* Export the environmental variable AESNI_MULTI_BUFFER_LIB_PATH with the path where
the library was extracted.
* Build the multi buffer library (explained in Installation section).
* Set CONFIG_RTE_LIBRTE_PMD_AESNI_MB=y in config/common_base.
To use the PMD in an application, user must:
* Call rte_vdev_init("crypto_aesni_mb") within the application.
* Use --vdev="crypto_aesni_mb" in the EAL options, which will call rte_vdev_init() internally.
The following parameters (all optional) can be provided in the previous two calls:
* socket_id: Specify the socket where the memory for the device is going to be allocated
(by default, socket_id will be the socket where the core that is creating the PMD is running on).
* max_nb_queue_pairs: Specify the maximum number of queue pairs in the device (8 by default).
* max_nb_sessions: Specify the maximum number of sessions that can be created (2048 by default).
Example:
.. code-block:: console
./l2fwd-crypto -l 1 -n 4 --vdev="crypto_aesni_mb,socket_id=0,max_nb_sessions=128" \
-- -p 1 --cdev SW --chain CIPHER_HASH --cipher_algo "aes-cbc" --auth_algo "sha1-hmac"
Extra notes
-----------
For AES Counter mode (AES-CTR), the library supports two different sizes for Initialization
Vector (IV):
* 12 bytes: used mainly for IPSec, as it requires 12 bytes from the user, which internally
are appended the counter block (4 bytes), which is set to 1 for the first block
(no padding required from the user)
* 16 bytes: when passing 16 bytes, the library will take them and use the last 4 bytes
as the initial counter block for the first block.