.. BSD LICENSE
- Copyright(c) 2016 Intel Corporation. All rights reserved.
+ Copyright(c) 2016-2017 Intel Corporation. All rights reserved.
All rights reserved.
Redistribution and use in source and binary forms, with or without
Overview
--------
-The L2 Forwarding with Crypto sample appplication performs a crypto operation (cipher/hash)
+The L2 Forwarding with Crypto sample application performs a crypto operation (cipher/hash)
specified by the user from command line (or using the default values),
with a crypto device capable of doing that operation,
for each packet that is received on a RX_PORT and performs L2 forwarding.
./build/l2fwd-crypto [EAL options] -- [-p PORTMASK] [-q NQ] [-s] [-T PERIOD] /
[--cdev_type HW/SW/ANY] [--chain HASH_CIPHER/CIPHER_HASH/CIPHER_ONLY/HASH_ONLY] /
[--cipher_algo ALGO] [--cipher_op ENCRYPT/DECRYPT] [--cipher_key KEY] /
- [--cipher_key_random_size SIZE] [--iv IV] [--iv_random_size SIZE] /
+ [--cipher_key_random_size SIZE] [--cipher_iv IV] [--cipher_iv_random_size SIZE] /
[--auth_algo ALGO] [--auth_op GENERATE/VERIFY] [--auth_key KEY] /
- [--auth_key_random_size SIZE] [--aad AAD] [--aad_random_size SIZE] /
- [--digest size SIZE] [--sessionless]
+ [--auth_key_random_size SIZE] [--auth_iv IV] [--auth_iv_random_size SIZE] /
+ [--aad AAD] [--aad_random_size SIZE] /
+ [--digest size SIZE] [--sessionless] [--cryptodev_mask MASK]
where,
* chain: select the operation chaining to perform: Cipher->Hash (CIPHER_HASH),
- Hash->Cipher (HASH_CIPHER), Cipher (CIPHER_ONLY), Hash(HASH_ONLY)
+ Hash->Cipher (HASH_CIPHER), Cipher (CIPHER_ONLY), Hash (HASH_ONLY)
+
+ or AEAD (AEAD)
(default is Cipher->Hash)
-* cipher_algo: select the ciphering algorithm (default is AES CBC)
+* cipher_algo: select the ciphering algorithm (default is aes-cbc)
* cipher_op: select the ciphering operation to perform: ENCRYPT or DECRYPT
Note that if --cipher_key is used, this will be ignored.
-* iv: set the IV to be used. Bytes has to be separated with ":"
+* cipher_iv: set the cipher IV to be used. Bytes has to be separated with ":"
-* iv_random_size: set the size of the IV, which will be generated randomly.
+* cipher_iv_random_size: set the size of the cipher IV, which will be generated randomly.
- Note that if --iv is used, this will be ignored.
+ Note that if --cipher_iv is used, this will be ignored.
-* auth_algo: select the authentication algorithm (default is SHA1-HMAC)
+* auth_algo: select the authentication algorithm (default is sha1-hmac)
-* cipher_op: select the authentication operation to perform: GENERATE or VERIFY
+* auth_op: select the authentication operation to perform: GENERATE or VERIFY
(default is GENERATE)
Note that if --auth_key is used, this will be ignored.
+* auth_iv: set the auth IV to be used. Bytes has to be separated with ":"
+
+* auth_iv_random_size: set the size of the auth IV, which will be generated randomly.
+
+ Note that if --auth_iv is used, this will be ignored.
+
+* aead_algo: select the AEAD algorithm
+
+* aead_op: select the AEAD operation to perform: ENCRYPT or DECRYPT
+
+ (default is ENCRYPT)
+
+* aead_key: set the AEAD key to be used. Bytes has to be separated with ":"
+
+* aead_key_random_size: set the size of the AEAD key,
+
+ which will be generated randomly.
+
+ Note that if --aead_key is used, this will be ignored.
+
+* aead_iv: set the AEAD IV to be used. Bytes has to be separated with ":"
+
+* aead_iv_random_size: set the size of the AEAD IV, which will be generated randomly.
+
+ Note that if --aead_iv is used, this will be ignored.
+
* aad: set the AAD to be used. Bytes has to be separated with ":"
* aad_random_size: set the size of the AAD, which will be generated randomly.
* sessionless: no crypto session will be created.
+* cryptodev_mask: A hexadecimal bitmask of the cryptodevs to be used by the
+ application.
+
+ (default is all cryptodevs).
+
The application requires that crypto devices capable of performing
the specified crypto operation are available on application initialization.
.. code-block:: console
- $ ./build/l2fwd -c 0x3 -n 4 --vdev "cryptodev_aesni_mb_pmd" \
+ $ ./build/l2fwd-crypto -l 0-1 -n 4 --vdev "cryptodev_aesni_mb_pmd" \
--vdev "cryptodev_aesni_mb_pmd" -- -p 0x3 --chain CIPHER_HASH \
- --cipher_op ENCRYPT --cipher_algo AES_CBC \
+ --cipher_op ENCRYPT --cipher_algo aes-cbc \
--cipher_key 00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f \
- --auth_op GENERATE --auth_algo SHA1_HMAC \
+ --auth_op GENERATE --auth_algo aes-xcbc-mac \
--auth_key 10:11:12:13:14:15:16:17:18:19:1a:1b:1c:1d:1e:1f
Refer to the *DPDK Getting Started Guide* for general information on running applications
Crypto device initialization
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Once the cryption operation is defined, crypto devices are initialized.
+Once the encryption operation is defined, crypto devices are initialized.
The crypto devices must be either bound to a DPDK driver (if they are physical devices)
or created using the EAL option --vdev (if they are virtual devices),
when running the application.
Since no destination mbuf is set, the source mbuf will be overwritten
after the operation is done (in-place).
-Crypto operation enqueueing/dequeueing
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+Crypto operation enqueuing/dequeuing
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Once the operation has been created, it has to be enqueued in one of the crypto devices.
Before doing so, for performance reasons, the operation stays in a buffer.
git.droids-corp.org / dpdk.git / blobdiff