summaryrefslogtreecommitdiff
path: root/examples
diff options
context:
space:
mode:
authorPiotr Azarewicz <piotrx.t.azarewicz@intel.com>2016-05-25 15:34:52 +0200
committerThomas Monjalon <thomas.monjalon@6wind.com>2016-07-16 00:08:13 +0200
commit6dad6e692bd74ea8ade42dd3c8a27264027c659c (patch)
tree341d6e397111bed61b73ea2306b61b4178c42d49 /examples
parent2b41fac55911d92084988f15bdfc312d44b87599 (diff)
downloaddpdk-6dad6e692bd74ea8ade42dd3c8a27264027c659c.zip
dpdk-6dad6e692bd74ea8ade42dd3c8a27264027c659c.tar.gz
dpdk-6dad6e692bd74ea8ade42dd3c8a27264027c659c.tar.xz
examples/l2fwd-crypto: improve random key generator
This patch improve generate_random_key() function by replacing rand() function with reading from /dev/urandom. CID 120136 : Calling risky function (DC.WEAK_CRYPTO) dont_call: rand should not be used for security related applications, as linear congruential algorithms are too easy to break Coverity issue: 120136 Signed-off-by: Piotr Azarewicz <piotrx.t.azarewicz@intel.com> Acked-by: Declan Doherty <declan.doherty@intel.com>
Diffstat (limited to 'examples')
-rw-r--r--examples/l2fwd-crypto/main.c18
1 files changed, 13 insertions, 5 deletions
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index a1ce712..dd39cc1 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -45,6 +45,8 @@
#include <ctype.h>
#include <errno.h>
#include <getopt.h>
+#include <fcntl.h>
+#include <unistd.h>
#include <rte_atomic.h>
#include <rte_branch_prediction.h>
@@ -588,10 +590,18 @@ l2fwd_simple_forward(struct rte_mbuf *m, unsigned portid)
static void
generate_random_key(uint8_t *key, unsigned length)
{
- unsigned i;
+ int fd;
+ int ret;
+
+ fd = open("/dev/urandom", O_RDONLY);
+ if (fd < 0)
+ rte_exit(EXIT_FAILURE, "Failed to generate random key\n");
- for (i = 0; i < length; i++)
- key[i] = rand() % 0xff;
+ ret = read(fd, key, length);
+ close(fd);
+
+ if (ret != (signed)length)
+ rte_exit(EXIT_FAILURE, "Failed to generate random key\n");
}
static struct rte_cryptodev_sym_session *
@@ -1195,8 +1205,6 @@ l2fwd_crypto_parse_timer_period(struct l2fwd_crypto_options *options,
static void
l2fwd_crypto_default_options(struct l2fwd_crypto_options *options)
{
- srand(time(NULL));
-
options->portmask = 0xffffffff;
options->nb_ports_per_lcore = 1;
options->refresh_period = 10000;