X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=doc%2Fguides%2Fcryptodevs%2Fopenssl.rst;h=848a2e8eb8bf9606df655c8b93a04905bbb19ec1;hb=205708169132d6f3496a3dd64955d6d7db418aef;hp=f6ed6eaa7bea0a0192aaa83518459dd579fb884b;hpb=8f675fc72d5ce44867296b4030d54ce0f210f363;p=dpdk.git diff --git a/doc/guides/cryptodevs/openssl.rst b/doc/guides/cryptodevs/openssl.rst index f6ed6eaa7b..848a2e8eb8 100644 --- a/doc/guides/cryptodevs/openssl.rst +++ b/doc/guides/cryptodevs/openssl.rst @@ -1,31 +1,5 @@ -.. BSD LICENSE - Copyright(c) 2016 Intel Corporation. All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions - are met: - - * Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in - the documentation and/or other materials provided with the - distribution. - * Neither the name of Intel Corporation nor the names of its - contributors may be used to endorse or promote products derived - from this software without specific prior written permission. - - THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.. SPDX-License-Identifier: BSD-3-Clause + Copyright(c) 2016 Intel Corporation. OpenSSL Crypto Poll Mode Driver =============================== @@ -44,13 +18,15 @@ Features OpenSSL PMD has support for: Supported cipher algorithms: + * ``RTE_CRYPTO_CIPHER_3DES_CBC`` * ``RTE_CRYPTO_CIPHER_AES_CBC`` * ``RTE_CRYPTO_CIPHER_AES_CTR`` * ``RTE_CRYPTO_CIPHER_3DES_CTR`` -* ``RTE_CRYPTO_CIPHER_AES_GCM`` +* ``RTE_CRYPTO_CIPHER_DES_DOCSISBPI`` Supported authentication algorithms: + * ``RTE_CRYPTO_AUTH_AES_GMAC`` * ``RTE_CRYPTO_AUTH_MD5`` * ``RTE_CRYPTO_AUTH_SHA1`` @@ -65,25 +41,30 @@ Supported authentication algorithms: * ``RTE_CRYPTO_AUTH_SHA384_HMAC`` * ``RTE_CRYPTO_AUTH_SHA512_HMAC`` +Supported AEAD algorithms: + +* ``RTE_CRYPTO_AEAD_AES_GCM`` +* ``RTE_CRYPTO_AEAD_AES_CCM`` + +Supported Asymmetric Crypto algorithms: + +* ``RTE_CRYPTO_ASYM_XFORM_RSA`` +* ``RTE_CRYPTO_ASYM_XFORM_DSA`` +* ``RTE_CRYPTO_ASYM_XFORM_DH`` +* ``RTE_CRYPTO_ASYM_XFORM_MODINV`` +* ``RTE_CRYPTO_ASYM_XFORM_MODEX`` + Installation ------------ -To compile openssl PMD, it has to be enabled in the config/common_base file -and appropriate openssl packages have to be installed in the build environment. - -The newest openssl library version is supported: -* 1.0.2h-fips 3 May 2016. -Older versions that were also verified: -* 1.0.1f 6 Jan 2014 -* 1.0.1 14 Mar 2012 +To compile the OpenSSL PMD the openssl library must be installed. It will +then be picked up by the Meson/Ninja build system. -For Ubuntu 14.04 LTS these packages have to be installed in the build system: -sudo apt-get install openssl -sudo apt-get install libc6-dev-i386 (for i686-native-linuxapp-gcc target) +To ensure that you have the latest security fixes it is recommended that you +use version 1.1.1g or newer. -This code was also verified on Fedora 24. -This code was NOT yet verified on FreeBSD. +* 1.1.1g, 2020-Apr-21. https://www.openssl.org/source/ Initialization -------------- @@ -92,13 +73,13 @@ User can use app/test application to check how to use this pmd and to verify crypto processing. Test name is cryptodev_openssl_autotest. -For performance test cryptodev_openssl_perftest can be used. +For asymmetric crypto operations testing, run cryptodev_openssl_asym_autotest. To verify real traffic l2fwd-crypto example can be used with this command: .. code-block:: console - sudo ./build/l2fwd-crypto -c 0x3 -n 4 --vdev "crypto_openssl" + sudo .//examples/dpdk-l2fwd-crypto -l 0-1 -n 4 --vdev "crypto_openssl" --vdev "crypto_openssl"-- -p 0x3 --chain CIPHER_HASH --cipher_op ENCRYPT --cipher_algo AES_CBC --cipher_key 00:01:02:03:04:05:06:07:08:09:0a:0b:0c:0d:0e:0f