[dpdk-dev] [PATCH] examples/l2fwd-crypto: remove key size validation

[dpdk-dev] [PATCH] examples/l2fwd-crypto: remove key size validation

[Shiri Kuzin]

In the example application the key can be provided by the user or
generated randomly by the example application.

Then a validation is done in order to check if the key size is
supported in the algorithm capabilities.

As a result of patch [1] application should support the case where a
user supplies a wrapped key.

In order to align with this patch and be able to use the app with
wrapped keys, app should remove the validation of key size in the
application and rely on a PMD key size validation.

The validation is removed in case the key is provided by by user, and
kept in case the key should be generated by the application.

[1] https://www.mail-archive.com/dev@dpdk.org/msg201281.html

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
---
 examples/l2fwd-crypto/main.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index a96cb94cc4..5ae2569065 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -2111,13 +2111,11 @@ check_capabilities(struct l2fwd_crypto_options *options, uint8_t cdev_id)
 					cap->sym.cipher.key_size.min,
 					cap->sym.cipher.key_size.max,
 					cap->sym.cipher.key_size.increment)
-						!= 0) {
+						!= 0)
 				RTE_LOG(DEBUG, USER1,
-					"Device %u does not support cipher "
-					"key length\n",
+					"Key length does not match the device "
+					"%u capability\n",
 					cdev_id);
-				return -1;
-			}
 		/*
 		 * Check if length of the cipher key to be randomly generated
 		 * is supported by the algorithm chosen.
-- 
2.21.0

Re: [dpdk-dev] [PATCH] examples/l2fwd-crypto: remove key size validation

[Matan Azrad]

From: Shiri Kuzin
> In the example application the key can be provided by the user or generated
> randomly by the example application.
> 
> Then a validation is done in order to check if the key size is supported in the
> algorithm capabilities.
> 
> As a result of patch [1] application should support the case where a user
> supplies a wrapped key.
> 
> In order to align with this patch and be able to use the app with wrapped keys,
> app should remove the validation of key size in the application and rely on a
> PMD key size validation.
> 
> The validation is removed in case the key is provided by by user, and kept in
> case the key should be generated by the application.
> 
> [1] https://www.mail-archive.com/dev@dpdk.org/msg201281.html
> 
> Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
> ---
>  examples/l2fwd-crypto/main.c | 8 +++-----
>  1 file changed, 3 insertions(+), 5 deletions(-)
> 
> diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
> index a96cb94cc4..5ae2569065 100644
> --- a/examples/l2fwd-crypto/main.c
> +++ b/examples/l2fwd-crypto/main.c
> @@ -2111,13 +2111,11 @@ check_capabilities(struct l2fwd_crypto_options
> *options, uint8_t cdev_id)
>  					cap->sym.cipher.key_size.min,
>  					cap->sym.cipher.key_size.max,
>  					cap->sym.cipher.key_size.increment)
> -						!= 0) {
> +						!= 0)
>  				RTE_LOG(DEBUG, USER1,
> -					"Device %u does not support cipher "
> -					"key length\n",
> +					"Key length does not match the device
> "
> +					"%u capability\n",
>  					cdev_id);
> -				return -1;
> -			}
>  		/*
>  		 * Check if length of the cipher key to be randomly generated
>  		 * is supported by the algorithm chosen.
> --
> 2.21.0

Re: [dpdk-dev] [EXT] [PATCH] examples/l2fwd-crypto: remove key size validation

[Akhil Goyal]

> In the example application the key can be provided by the user or
> generated randomly by the example application.
> 
> Then a validation is done in order to check if the key size is
> supported in the algorithm capabilities.
> 
> As a result of patch [1] application should support the case where a
> user supplies a wrapped key.
> 
> In order to align with this patch and be able to use the app with
> wrapped keys, app should remove the validation of key size in the
> application and rely on a PMD key size validation.
> 
> The validation is removed in case the key is provided by by user, and
> kept in case the key should be generated by the application.
> 
> [1] https://www.mail-archive.com/dev@dpdk.org/msg201281.html 
> 
> Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
> ---
This patch should be aligned as per the latest version of the patch.
http://patches.dpdk.org/project/dpdk/patch/20210413063718.3123698-1-matan@nvidia.com/


>  examples/l2fwd-crypto/main.c | 8 +++-----
>  1 file changed, 3 insertions(+), 5 deletions(-)
> 
> diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
> index a96cb94cc4..5ae2569065 100644
> --- a/examples/l2fwd-crypto/main.c
> +++ b/examples/l2fwd-crypto/main.c
> @@ -2111,13 +2111,11 @@ check_capabilities(struct l2fwd_crypto_options
> *options, uint8_t cdev_id)
>  					cap->sym.cipher.key_size.min,
>  					cap->sym.cipher.key_size.max,
>  					cap->sym.cipher.key_size.increment)
> -						!= 0) {
> +						!= 0)
>  				RTE_LOG(DEBUG, USER1,
> -					"Device %u does not support cipher "
> -					"key length\n",
> +					"Key length does not match the
> device "
> +					"%u capability\n",
>  					cdev_id);
> -				return -1;
> -			}
>  		/*
>  		 * Check if length of the cipher key to be randomly generated
>  		 * is supported by the algorithm chosen.
> --
> 2.21.0

[dpdk-dev] [PATCH v2] examples/l2fwd-crypto: remove key size validation

[Shiri Kuzin]

In the example application the key can be provided by the user or
generated randomly by the example application.

Then a validation is done in order to check if the key size is
supported in the algorithm capabilities.

As a result of patch [1] application should support the case where a
user supplies a wrapped key.

In order to align with this patch and be able to use the app with
wrapped keys, app should remove the validation of key size in the
application and rely on a PMD key size validation.

The validation is removed in case the key is provided by user and
the RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY feature flag is set, and
kept in case the key should be generated by the application or
RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY is not set.

[1] https://www.mail-archive.com/dev@dpdk.org/msg204836.html

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
---
V1->V2
- add RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY to validation.
- update commit log with changes and updated link to patch.

 examples/l2fwd-crypto/main.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index a96cb94cc4..dcf418ae6f 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -2112,12 +2112,21 @@ check_capabilities(struct l2fwd_crypto_options *options, uint8_t cdev_id)
 					cap->sym.cipher.key_size.max,
 					cap->sym.cipher.key_size.increment)
 						!= 0) {
-				RTE_LOG(DEBUG, USER1,
-					"Device %u does not support cipher "
-					"key length\n",
+				if (dev_info.feature_flags &
+				    RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY) {
+					RTE_LOG(DEBUG, USER1,
+					"Key length does not match the device "
+					"%u capability. Key may be wrapped\n",
 					cdev_id);
-				return -1;
+				} else {
+					RTE_LOG(DEBUG, USER1,
+					"Key length does not match the device "
+					"%u capability\n",
+					cdev_id);
+					return -1;
+				}
 			}
+
 		/*
 		 * Check if length of the cipher key to be randomly generated
 		 * is supported by the algorithm chosen.
-- 
2.21.0

Re: [dpdk-dev] [EXT] [PATCH v2] examples/l2fwd-crypto: remove key size validation

[Akhil Goyal]

> In the example application the key can be provided by the user or
> generated randomly by the example application.
> 
> Then a validation is done in order to check if the key size is
> supported in the algorithm capabilities.
> 
> As a result of patch [1] application should support the case where a
> user supplies a wrapped key.
> 
> In order to align with this patch and be able to use the app with
> wrapped keys, app should remove the validation of key size in the
> application and rely on a PMD key size validation.
> 
> The validation is removed in case the key is provided by user and
> the RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY feature flag is set, and
> kept in case the key should be generated by the application or
> RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY is not set.
> 
> [1] https://www.mail-archive.com/dev@dpdk.org/msg204836.html 
> 
> Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
> Acked-by: Matan Azrad <matan@nvidia.com>
> ---
Acked-by: Akhil Goyal <gakhil@marvell.com>

Applied to dpdk-next-crypto

Patch description is changes as below while applying.
    examples/l2fwd-crypto: remove key size validation

    In the example application the key can be provided by the user or
    generated randomly by the example application.

    Then a validation is done in order to check if the key size is
    supported in the algorithm capabilities.

    A new feature flag is added in crypto PMDs to allow wrapped keys,
    hence, to allow wrapped keys, app should remove the validation of
    key size in the application and rely on a PMD key size validation.

    The validation is removed in case the key is provided by user and
    the RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY feature flag is set, and
    kept in case the key should be generated by the application or
    RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY is not set.