diff mbox series

[v2] examples/l2fwd-crypto: remove key size validation

Message ID 20210413162452.17168-1-shirik@nvidia.com (mailing list archive)
State Accepted
Delegated to: akhil goyal
Headers show
Series [v2] examples/l2fwd-crypto: remove key size validation | expand

Checks

Context Check Description
ci/iol-testing fail Testing issues
ci/Intel-compilation fail Compilation issues
ci/github-robot fail github build: failed
ci/travis-robot fail travis build: failed
ci/checkpatch success coding style OK

Commit Message

Shiri Kuzin April 13, 2021, 4:24 p.m. UTC
In the example application the key can be provided by the user or
generated randomly by the example application.

Then a validation is done in order to check if the key size is
supported in the algorithm capabilities.

As a result of patch [1] application should support the case where a
user supplies a wrapped key.

In order to align with this patch and be able to use the app with
wrapped keys, app should remove the validation of key size in the
application and rely on a PMD key size validation.

The validation is removed in case the key is provided by user and
the RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY feature flag is set, and
kept in case the key should be generated by the application or
RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY is not set.

[1] https://www.mail-archive.com/dev@dpdk.org/msg204836.html

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
---
V1->V2
- add RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY to validation.
- update commit log with changes and updated link to patch.

 examples/l2fwd-crypto/main.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

Comments

Akhil Goyal April 16, 2021, 10:38 a.m. UTC | #1
> In the example application the key can be provided by the user or
> generated randomly by the example application.
> 
> Then a validation is done in order to check if the key size is
> supported in the algorithm capabilities.
> 
> As a result of patch [1] application should support the case where a
> user supplies a wrapped key.
> 
> In order to align with this patch and be able to use the app with
> wrapped keys, app should remove the validation of key size in the
> application and rely on a PMD key size validation.
> 
> The validation is removed in case the key is provided by user and
> the RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY feature flag is set, and
> kept in case the key should be generated by the application or
> RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY is not set.
> 
> [1] https://www.mail-archive.com/dev@dpdk.org/msg204836.html 
> 
> Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
> Acked-by: Matan Azrad <matan@nvidia.com>
> ---
Acked-by: Akhil Goyal <gakhil@marvell.com>

Applied to dpdk-next-crypto

Patch description is changes as below while applying.
    examples/l2fwd-crypto: remove key size validation

    In the example application the key can be provided by the user or
    generated randomly by the example application.

    Then a validation is done in order to check if the key size is
    supported in the algorithm capabilities.

    A new feature flag is added in crypto PMDs to allow wrapped keys,
    hence, to allow wrapped keys, app should remove the validation of
    key size in the application and rely on a PMD key size validation.

    The validation is removed in case the key is provided by user and
    the RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY feature flag is set, and
    kept in case the key should be generated by the application or
    RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY is not set.
diff mbox series

Patch

diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index a96cb94cc4..dcf418ae6f 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -2112,12 +2112,21 @@  check_capabilities(struct l2fwd_crypto_options *options, uint8_t cdev_id)
 					cap->sym.cipher.key_size.max,
 					cap->sym.cipher.key_size.increment)
 						!= 0) {
-				RTE_LOG(DEBUG, USER1,
-					"Device %u does not support cipher "
-					"key length\n",
+				if (dev_info.feature_flags &
+				    RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY) {
+					RTE_LOG(DEBUG, USER1,
+					"Key length does not match the device "
+					"%u capability. Key may be wrapped\n",
 					cdev_id);
-				return -1;
+				} else {
+					RTE_LOG(DEBUG, USER1,
+					"Key length does not match the device "
+					"%u capability\n",
+					cdev_id);
+					return -1;
+				}
 			}
+
 		/*
 		 * Check if length of the cipher key to be randomly generated
 		 * is supported by the algorithm chosen.