2018-01-31 1:43 GMT+03:00 Dmitry Eremin-Solenikov <dbarysh...@gmail.com>: > Hello, > > 2018-01-04 18:22 GMT+03:00 Christian Ehrhardt > <christian.ehrha...@canonical.com>: >> On Tue, Jan 2, 2018 at 6:26 PM, Dmitry Eremin-Solenikov >> <dbarysh...@gmail.com> wrote: >>> Source: dpdk >>> Version: 17.11-3 >>> Severity: wishlist >>> >>> Hello, >>> >>> Could you please enable CONFIG_RTE_LIBRTE_PMD_OPENSSL (Software backed >>> crypto driver). It will make it possible to use DPDK crypto >>> transformations without actual hardware support). >> >> there are certain constraints applying. >> >> 1. none of the DEB_DPDK maintainers has used this so it would be great >> if you could provide a set of testcases to ensure things work. > > Hmm. I think usual crypto test cases should work.
Following commands should work with crypto_openssl: dpdk-test-crypto-perf --vdev crypto_openssl -- --devtype crypto_openssl --digest-sz 20 dpdk-test-crypto-perf --vdev crypto_openssl -- --devtype crypto_openssl --optype aead --aead-algo aes-gcm --aead-key-sz 16 --aead-iv-sz 12 --digest-sz 16 >> 2. furthermore we learned (the hard way) that enabling non default >> enabled drivers break us often. >> This is due to them being exposed to way less testing and verification. > > OpenSSL PMD driver is regularly used on our project (ODP). It is supported > by upstream, we never had any issues. > >> 3. Also we here have the special case that if possible it has to work >> with openssl 1.0 (Ubuntu) AND 1.1 (Debian) >> According to the docs currently it does only the former. DPDK 17.11 properly support OpenSSL 1.0. Verified that by building it from source and testing. -- With best wishes Dmitry
