Hi, > -----Original Message----- > From: Akhil Goyal [mailto:akhil.go...@nxp.com] > Sent: Monday, June 18, 2018 8:35 AM > To: Verma, Shally <shally.ve...@cavium.com>; Akhil Goyal > <akhil.go...@nxp.com>; De Lara Guarch, Pablo > <pablo.de.lara.gua...@intel.com> > Cc: Trahe, Fiona <fiona.tr...@intel.com>; dev@dpdk.org; Athreya, Narayana > Prasad <narayanaprasad.athr...@cavium.com>; Sahu, Sunila > <sunila.s...@cavium.com>; Gupta, Ashish <ashish.gu...@cavium.com> > Subject: Re: [dpdk-dev] [PATCH v3 4/6] test/crypto: add unit testcase for asym > crypto > > Hi Shally, > On 6/18/2018 12:18 PM, Verma, Shally wrote: > > Hi > > > >> -----Original Message----- > >> From: Akhil Goyal [mailto:akhil.go...@nxp.com] > >> Sent: 18 June 2018 12:10 > >> To: Verma, Shally <shally.ve...@cavium.com>; De Lara Guarch, Pablo > >> <pablo.de.lara.gua...@intel.com> > >> Cc: Trahe, Fiona <fiona.tr...@intel.com>; akhil.go...@nxp.com; > >> dev@dpdk.org; Athreya, Narayana Prasad > >> <narayanaprasad.athr...@cavium.com>; Sahu, Sunila > >> <sunila.s...@cavium.com>; Gupta, Ashish <ashish.gu...@cavium.com> > >> Subject: Re: [dpdk-dev] [PATCH v3 4/6] test/crypto: add unit testcase > >> for asym crypto > >> > > > > //snip > > > >>>>>>> +static int > >>>>>>> +test_rsa(struct rsa_test_data *t) > >>>>>> > >>>>>> ... > >>>>>> > >>>>>>> + rsa->n = > >>>>>>> + BN_bin2bn( > >>>>>>> + (const unsigned char *)rsa_xform.rsa.n.data, > >>>>>>> + rsa_xform.rsa.n.length, > >>>>>>> + rsa->n); > >>>>>> > >>>>>> I am getting a compilation error: > >>>>>> > >>>>>> /test/test/test_cryptodev_asym.c:322:5: error: > >>>>>> dereferencing pointer to incomplete type 'RSA {aka struct rsa_st}' > >>>>>> rsa->n = > >>>>>> ^~ > >>>>>> > >>>>>> My OpenSSL version is 1.1.0h. > >>>>>> > >>>>> [Shally] This library is tested with version 1.0.2m (mentioned > >>>>> above) and also one supported by openssl PMD . So, you need to take > similar version. > >>>> > >>>> I'd say we should support the latest stable version of OpenSSL. > >>>> Could you get the latest 1.1.0? > >>> [Shally] Openssl PMD uses 1.0.2h. If we move test to 1.1.0 then dpdk > >>> would need to be set to link to two different version of libcrypto > >>> whenever > openssl PMD is enabled which seems like a cumbersome process for users. > >>> So I recommend for now to stick to one version. > >>> > >> > >> OpenSSL PMD can get compiled/linked with any of the versions 1.0.2 or > >> 1.1. We cannot control the above applications which version it is using. > >> So we should not add limitation for openssl version. Please check > >> below snippet in the PMD if this is suitable in your case. > >> > >> +#if (OPENSSL_VERSION_NUMBER < 0x10100000L) static HMAC_CTX > >> +*HMAC_CTX_new(void) { > >> + HMAC_CTX *ctx = OPENSSL_malloc(sizeof(*ctx)); > >> + > >> + if (ctx != NULL) > >> + HMAC_CTX_init(ctx); > >> + return ctx; > >> +} > >> + > >> +static void HMAC_CTX_free(HMAC_CTX *ctx) { > >> + if (ctx != NULL) { > >> + HMAC_CTX_cleanup(ctx); > >> + OPENSSL_free(ctx); > >> + } > >> +} > >> +#endif > >> > > [Shally] Are we just planning to make PMD/test compatible for all lib > > versions? > Won't it then be too many version compatibility checks in PMD/test and a > maintainability issue than having implementation mentioned to be compatible > with specific version? > > > > I think we should at least support the latest stable version. As per the > openssl > website "The latest stable version is the 1.1.0 series. The > 1.0.2 series is our Long Term Support (LTS) release, supported until 31st > December 2019". I think Pablo also suggested to support openssl 1.1.
I think we should keep supporting OpenSSL 1.1, even though our documentation says that we support up to 1.0.2 (which we should fix!). Knowing that Ubuntu and Fedora have 1.1 version in their latest versions, I think it is a good idea to keep supporting this, As many users will be using this version and we would be breaking their code if he change this. Thanks, Pablo > > Thanks, > Akhil > >> > >>> Thanks > >>> Shally > >>> > >>>> > >>>> Thanks, > >>>> Pablo > >
