1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(c) 2015-2017 Intel Corporation
5 #include <rte_common.h>
6 #include <rte_hexdump.h>
8 #include <rte_malloc.h>
9 #include <rte_memcpy.h>
10 #include <rte_pause.h>
12 #include <rte_crypto.h>
13 #include <rte_cryptodev.h>
16 #include "test_cryptodev.h"
17 #include "test_cryptodev_blockcipher.h"
18 #include "test_cryptodev_aes_test_vectors.h"
19 #include "test_cryptodev_des_test_vectors.h"
20 #include "test_cryptodev_hash_test_vectors.h"
23 verify_algo_support(const struct blockcipher_test_case *t,
24 const uint8_t dev_id, const uint32_t digest_len)
27 const struct blockcipher_test_data *tdata = t->test_data;
28 struct rte_cryptodev_sym_capability_idx cap_idx;
29 const struct rte_cryptodev_symmetric_capability *capability;
31 if (t->op_mask & BLOCKCIPHER_TEST_OP_CIPHER) {
32 cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
33 cap_idx.algo.cipher = tdata->crypto_algo;
34 capability = rte_cryptodev_sym_capability_get(dev_id, &cap_idx);
35 if (capability == NULL)
38 if (cap_idx.algo.cipher != RTE_CRYPTO_CIPHER_NULL &&
39 !(t->test_data->wrapped_key))
40 ret = rte_cryptodev_sym_capability_check_cipher(capability,
41 tdata->cipher_key.len,
47 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH) {
48 cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
49 cap_idx.algo.auth = tdata->auth_algo;
50 capability = rte_cryptodev_sym_capability_get(dev_id, &cap_idx);
51 if (capability == NULL)
54 if (cap_idx.algo.auth != RTE_CRYPTO_AUTH_NULL)
55 ret = rte_cryptodev_sym_capability_check_auth(capability,
67 test_blockcipher_one_case(const struct blockcipher_test_case *t,
68 struct rte_mempool *mbuf_pool,
69 struct rte_mempool *op_mpool,
70 struct rte_mempool *sess_mpool,
71 struct rte_mempool *sess_priv_mpool,
75 struct rte_mbuf *ibuf = NULL;
76 struct rte_mbuf *obuf = NULL;
77 struct rte_mbuf *iobuf;
78 struct rte_crypto_sym_xform *cipher_xform = NULL;
79 struct rte_crypto_sym_xform *auth_xform = NULL;
80 struct rte_crypto_sym_xform *init_xform = NULL;
81 struct rte_crypto_sym_op *sym_op = NULL;
82 struct rte_crypto_op *op = NULL;
83 struct rte_cryptodev_info dev_info;
84 struct rte_cryptodev_sym_session *sess = NULL;
86 int status = TEST_SUCCESS;
87 const struct blockcipher_test_data *tdata = t->test_data;
88 uint8_t cipher_key[tdata->cipher_key.len];
89 uint8_t auth_key[tdata->auth_key.len];
90 uint32_t buf_len = tdata->ciphertext.len;
91 uint32_t digest_len = tdata->digest.len;
93 uint8_t src_pattern = 0xa5;
94 uint8_t dst_pattern = 0xb6;
95 uint8_t tmp_src_buf[MBUF_SIZE];
96 uint8_t tmp_dst_buf[MBUF_SIZE];
100 uint32_t nb_iterates = 0;
102 rte_cryptodev_info_get(dev_id, &dev_info);
103 uint64_t feat_flags = dev_info.feature_flags;
105 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS) {
106 if (!(feat_flags & RTE_CRYPTODEV_FF_SYM_SESSIONLESS)) {
107 printf("Device doesn't support sessionless operations "
109 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
114 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_DIGEST_ENCRYPTED) {
115 if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) {
116 printf("Device doesn't support encrypted digest "
118 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
123 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SG) {
124 uint64_t oop_flag = RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT;
126 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP) {
127 if (!(feat_flags & oop_flag)) {
128 printf("Device doesn't support out-of-place "
129 "scatter-gather in input mbuf. "
131 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
136 if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) {
137 printf("Device doesn't support in-place "
138 "scatter-gather mbufs. "
140 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
148 if (!!(feat_flags & RTE_CRYPTODEV_FF_CIPHER_WRAPPED_KEY) ^
149 tdata->wrapped_key) {
150 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
155 if (global_api_test_type == CRYPTODEV_RAW_API_TEST &&
156 !(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP)) {
157 printf("Device doesn't support raw data-path APIs. "
159 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "SKIPPED");
163 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP) {
164 uint64_t oop_flags = RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
165 RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
166 RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
167 RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT;
168 if (!(feat_flags & oop_flags)) {
169 printf("Device doesn't support out-of-place operations."
171 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
175 if (global_api_test_type == CRYPTODEV_RAW_API_TEST) {
176 printf("Raw Data Path APIs do not support OOP, "
178 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "SKIPPED");
179 status = TEST_SKIPPED;
184 if (tdata->cipher_key.len)
185 memcpy(cipher_key, tdata->cipher_key.data,
186 tdata->cipher_key.len);
187 if (tdata->auth_key.len)
188 memcpy(auth_key, tdata->auth_key.data,
189 tdata->auth_key.len);
191 /* Check if PMD is capable of performing that test */
192 if (verify_algo_support(t, dev_id, digest_len) < 0) {
193 RTE_LOG(DEBUG, USER1,
194 "Device does not support this algorithm."
196 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "SKIPPED");
201 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH)
202 buf_len += digest_len;
204 pad_len = RTE_ALIGN(buf_len, 16) - buf_len;
205 if (t->op_mask & BLOCKCIPHER_TEST_OP_DIGEST_ENCRYPTED)
208 /* for contiguous mbuf, nb_segs is 1 */
209 ibuf = create_segmented_mbuf(mbuf_pool,
210 tdata->ciphertext.len, nb_segs, src_pattern);
212 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
213 "line %u FAILED: %s",
214 __LINE__, "Cannot create source mbuf");
215 status = TEST_FAILED;
219 /* only encryption requires plaintext.data input,
220 * decryption/(digest gen)/(digest verify) use ciphertext.data
223 if (t->op_mask & BLOCKCIPHER_TEST_OP_ENCRYPT)
224 pktmbuf_write(ibuf, 0, tdata->plaintext.len,
225 tdata->plaintext.data);
227 pktmbuf_write(ibuf, 0, tdata->ciphertext.len,
228 tdata->ciphertext.data);
230 buf_p = rte_pktmbuf_append(ibuf, digest_len);
231 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_VERIFY)
232 if (t->op_mask & BLOCKCIPHER_TEST_OP_DIGEST_ENCRYPTED)
234 tdata->ciphertext.data + tdata->ciphertext.len,
237 rte_memcpy(buf_p, tdata->digest.data, digest_len);
239 memset(buf_p, 0, digest_len);
240 if (t->op_mask & BLOCKCIPHER_TEST_OP_DIGEST_ENCRYPTED) {
241 buf_p = rte_pktmbuf_append(ibuf, pad_len);
243 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
244 "FAILED: %s", __LINE__,
245 "No room to append mbuf");
246 status = TEST_FAILED;
249 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_VERIFY) {
250 const uint8_t *temp_p = tdata->ciphertext.data +
251 tdata->ciphertext.len +
253 rte_memcpy(buf_p, temp_p, pad_len);
255 memset(buf_p, 0xa5, pad_len);
258 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP) {
259 obuf = rte_pktmbuf_alloc(mbuf_pool);
261 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
262 "FAILED: %s", __LINE__,
263 "Allocation of rte_mbuf failed");
264 status = TEST_FAILED;
267 memset(obuf->buf_addr, dst_pattern, obuf->buf_len);
269 if (t->op_mask & BLOCKCIPHER_TEST_OP_DIGEST_ENCRYPTED)
270 buf_p = rte_pktmbuf_append(obuf, buf_len + pad_len);
272 buf_p = rte_pktmbuf_append(obuf, buf_len);
274 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
275 "FAILED: %s", __LINE__,
276 "No room to append mbuf");
277 status = TEST_FAILED;
280 memset(buf_p, 0, buf_len);
283 /* Generate Crypto op data structure */
284 op = rte_crypto_op_alloc(op_mpool, RTE_CRYPTO_OP_TYPE_SYMMETRIC);
286 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
287 "line %u FAILED: %s",
288 __LINE__, "Failed to allocate symmetric crypto "
290 status = TEST_FAILED;
298 struct rte_mbuf *tmp_buf = ibuf;
303 rte_pktmbuf_reset(ibuf);
304 rte_pktmbuf_reset(obuf);
306 rte_pktmbuf_append(ibuf, tdata->ciphertext.len);
308 /* only encryption requires plaintext.data input,
309 * decryption/(digest gen)/(digest verify) use ciphertext.data
312 if (t->op_mask & BLOCKCIPHER_TEST_OP_ENCRYPT)
313 pktmbuf_write(ibuf, 0, tdata->plaintext.len,
314 tdata->plaintext.data);
316 pktmbuf_write(ibuf, 0, tdata->ciphertext.len,
317 tdata->ciphertext.data);
319 buf_p = rte_pktmbuf_append(ibuf, digest_len);
320 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_VERIFY)
321 rte_memcpy(buf_p, tdata->digest.data, digest_len);
323 memset(buf_p, 0, digest_len);
325 memset(obuf->buf_addr, dst_pattern, obuf->buf_len);
327 buf_p = rte_pktmbuf_append(obuf, buf_len);
329 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
330 "FAILED: %s", __LINE__,
331 "No room to append mbuf");
332 status = TEST_FAILED;
335 memset(buf_p, 0, buf_len);
338 sym_op->m_src = ibuf;
340 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP) {
341 sym_op->m_dst = obuf;
344 sym_op->m_dst = NULL;
348 /* sessionless op requires allocate xform using
349 * rte_crypto_op_sym_xforms_alloc(), otherwise rte_zmalloc()
352 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS) {
353 uint32_t n_xforms = 0;
355 if (t->op_mask & BLOCKCIPHER_TEST_OP_CIPHER)
357 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH)
360 if (rte_crypto_op_sym_xforms_alloc(op, n_xforms)
362 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
363 "FAILED: %s", __LINE__, "Failed to "
364 "allocate space for crypto transforms");
365 status = TEST_FAILED;
369 cipher_xform = rte_zmalloc(NULL,
370 sizeof(struct rte_crypto_sym_xform), 0);
372 auth_xform = rte_zmalloc(NULL,
373 sizeof(struct rte_crypto_sym_xform), 0);
375 if (!cipher_xform || !auth_xform) {
376 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
377 "FAILED: %s", __LINE__, "Failed to "
378 "allocate memory for crypto transforms");
379 status = TEST_FAILED;
384 /* preparing xform, for sessioned op, init_xform is initialized
385 * here and later as param in rte_cryptodev_sym_session_create() call
387 if (t->op_mask == BLOCKCIPHER_TEST_OP_ENC_AUTH_GEN) {
388 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS) {
389 cipher_xform = op->sym->xform;
390 auth_xform = cipher_xform->next;
391 auth_xform->next = NULL;
393 cipher_xform->next = auth_xform;
394 auth_xform->next = NULL;
395 init_xform = cipher_xform;
397 } else if (t->op_mask == BLOCKCIPHER_TEST_OP_AUTH_VERIFY_DEC) {
398 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS) {
399 auth_xform = op->sym->xform;
400 cipher_xform = auth_xform->next;
401 cipher_xform->next = NULL;
403 auth_xform->next = cipher_xform;
404 cipher_xform->next = NULL;
405 init_xform = auth_xform;
407 } else if (t->op_mask == BLOCKCIPHER_TEST_OP_AUTH_GEN_ENC) {
408 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS) {
409 auth_xform = op->sym->xform;
410 cipher_xform = auth_xform->next;
411 cipher_xform->next = NULL;
413 auth_xform->next = cipher_xform;
414 cipher_xform->next = NULL;
415 init_xform = auth_xform;
417 } else if (t->op_mask == BLOCKCIPHER_TEST_OP_DEC_AUTH_VERIFY) {
418 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS) {
419 cipher_xform = op->sym->xform;
420 auth_xform = cipher_xform->next;
421 auth_xform->next = NULL;
423 cipher_xform->next = auth_xform;
424 auth_xform->next = NULL;
425 init_xform = cipher_xform;
427 } else if ((t->op_mask == BLOCKCIPHER_TEST_OP_ENCRYPT) ||
428 (t->op_mask == BLOCKCIPHER_TEST_OP_DECRYPT)) {
429 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS)
430 cipher_xform = op->sym->xform;
432 init_xform = cipher_xform;
433 cipher_xform->next = NULL;
434 } else if ((t->op_mask == BLOCKCIPHER_TEST_OP_AUTH_GEN) ||
435 (t->op_mask == BLOCKCIPHER_TEST_OP_AUTH_VERIFY)) {
436 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS)
437 auth_xform = op->sym->xform;
439 init_xform = auth_xform;
440 auth_xform->next = NULL;
442 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
443 "line %u FAILED: %s",
444 __LINE__, "Unrecognized operation");
445 status = TEST_FAILED;
449 /*configure xforms & sym_op cipher and auth data*/
450 if (t->op_mask & BLOCKCIPHER_TEST_OP_CIPHER) {
451 cipher_xform->type = RTE_CRYPTO_SYM_XFORM_CIPHER;
452 cipher_xform->cipher.algo = tdata->crypto_algo;
453 if (t->op_mask & BLOCKCIPHER_TEST_OP_ENCRYPT)
454 cipher_xform->cipher.op =
455 RTE_CRYPTO_CIPHER_OP_ENCRYPT;
457 cipher_xform->cipher.op =
458 RTE_CRYPTO_CIPHER_OP_DECRYPT;
459 cipher_xform->cipher.key.data = cipher_key;
460 cipher_xform->cipher.key.length = tdata->cipher_key.len;
461 cipher_xform->cipher.iv.offset = IV_OFFSET;
462 cipher_xform->cipher.dataunit_len = tdata->xts_dataunit_len;
464 if (tdata->crypto_algo == RTE_CRYPTO_CIPHER_NULL)
465 cipher_xform->cipher.iv.length = 0;
467 cipher_xform->cipher.iv.length = tdata->iv.len;
469 sym_op->cipher.data.offset = tdata->cipher_offset;
470 sym_op->cipher.data.length = tdata->ciphertext.len -
471 tdata->cipher_offset;
472 if (t->op_mask & BLOCKCIPHER_TEST_OP_DIGEST_ENCRYPTED) {
473 sym_op->cipher.data.length += tdata->digest.len;
474 sym_op->cipher.data.length += pad_len;
476 rte_memcpy(rte_crypto_op_ctod_offset(op, uint8_t *, IV_OFFSET),
481 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH) {
482 uint32_t digest_offset = tdata->ciphertext.len;
484 auth_xform->type = RTE_CRYPTO_SYM_XFORM_AUTH;
485 auth_xform->auth.algo = tdata->auth_algo;
486 auth_xform->auth.key.length = tdata->auth_key.len;
487 auth_xform->auth.key.data = auth_key;
488 auth_xform->auth.digest_length = digest_len;
490 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_GEN) {
491 auth_xform->auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
492 sym_op->auth.digest.data = pktmbuf_mtod_offset
493 (iobuf, digest_offset);
494 sym_op->auth.digest.phys_addr =
495 pktmbuf_iova_offset(iobuf,
498 auth_xform->auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;
499 sym_op->auth.digest.data = pktmbuf_mtod_offset
500 (sym_op->m_src, digest_offset);
501 sym_op->auth.digest.phys_addr =
502 pktmbuf_iova_offset(sym_op->m_src,
506 sym_op->auth.data.offset = tdata->auth_offset;
507 sym_op->auth.data.length = tdata->ciphertext.len -
512 * Create session for sessioned op. For mbuf iteration test,
513 * skip the session creation for the second iteration.
515 if (!(t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS) &&
517 sess = rte_cryptodev_sym_session_create(sess_mpool);
519 status = rte_cryptodev_sym_session_init(dev_id, sess,
520 init_xform, sess_priv_mpool);
521 if (status == -ENOTSUP) {
522 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "UNSUPPORTED");
523 status = TEST_SKIPPED;
526 if (!sess || status < 0) {
527 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
528 "FAILED: %s", __LINE__,
529 "Session creation failed");
530 status = TEST_FAILED;
534 /* attach symmetric crypto session to crypto operations */
535 rte_crypto_op_attach_sym_session(op, sess);
538 debug_hexdump(stdout, "m_src(before):",
539 sym_op->m_src->buf_addr, sym_op->m_src->buf_len);
540 rte_memcpy(tmp_src_buf, sym_op->m_src->buf_addr,
541 sym_op->m_src->buf_len);
542 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP) {
543 debug_hexdump(stdout, "m_dst(before):",
544 sym_op->m_dst->buf_addr, sym_op->m_dst->buf_len);
545 rte_memcpy(tmp_dst_buf, sym_op->m_dst->buf_addr,
546 sym_op->m_dst->buf_len);
549 /* Process crypto operation */
550 if (global_api_test_type == CRYPTODEV_RAW_API_TEST) {
551 uint8_t is_cipher = 0, is_auth = 0;
552 if (t->op_mask & BLOCKCIPHER_TEST_OP_CIPHER)
554 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH)
557 process_sym_raw_dp_op(dev_id, 0, op, is_cipher, is_auth, 0,
560 if (rte_cryptodev_enqueue_burst(dev_id, 0, &op, 1) != 1) {
561 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
562 "line %u FAILED: %s",
563 __LINE__, "Error sending packet for encryption");
564 status = TEST_FAILED;
570 while (rte_cryptodev_dequeue_burst(dev_id, 0, &op, 1) == 0)
574 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
575 "line %u FAILED: %s",
576 __LINE__, "Failed to process sym crypto op");
577 status = TEST_FAILED;
582 debug_hexdump(stdout, "m_src(after):",
583 sym_op->m_src->buf_addr, sym_op->m_src->buf_len);
584 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP)
585 debug_hexdump(stdout, "m_dst(after):",
586 sym_op->m_dst->buf_addr, sym_op->m_dst->buf_len);
589 if (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
590 if ((t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_VERIFY) &&
591 (op->status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED))
592 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
593 "FAILED: Digest verification failed "
594 "(0x%X)", __LINE__, op->status);
596 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
597 "FAILED: Operation failed "
598 "(0x%X)", __LINE__, op->status);
599 status = TEST_FAILED;
603 if (t->op_mask & BLOCKCIPHER_TEST_OP_CIPHER) {
604 uint8_t buffer[2048];
605 const uint8_t *compare_ref;
606 uint32_t compare_len;
608 if (t->op_mask & BLOCKCIPHER_TEST_OP_ENCRYPT) {
609 compare_ref = tdata->ciphertext.data +
610 tdata->cipher_offset;
611 compare_len = tdata->ciphertext.len -
612 tdata->cipher_offset;
613 if (t->op_mask & BLOCKCIPHER_TEST_OP_DIGEST_ENCRYPTED)
614 compare_len += tdata->digest.len;
616 compare_ref = tdata->plaintext.data +
617 tdata->cipher_offset;
618 compare_len = tdata->plaintext.len -
619 tdata->cipher_offset;
622 if (memcmp(rte_pktmbuf_read(iobuf, tdata->cipher_offset,
623 compare_len, buffer), compare_ref,
625 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
626 "FAILED: %s", __LINE__,
627 "Crypto data not as expected");
628 status = TEST_FAILED;
633 /* Check digest data only in enc-then-auth_gen case.
634 * In auth_gen-then-enc case, cipher text contains both encrypted
635 * plain text and encrypted digest value. If cipher text is correct,
636 * it implies digest is also generated properly.
638 if (!(t->op_mask & BLOCKCIPHER_TEST_OP_DIGEST_ENCRYPTED))
639 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_GEN) {
640 uint8_t *auth_res = pktmbuf_mtod_offset(iobuf,
641 tdata->ciphertext.len);
643 if (memcmp(auth_res, tdata->digest.data, digest_len)) {
644 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
645 "FAILED: %s", __LINE__, "Generated "
646 "digest data not as expected");
647 status = TEST_FAILED;
652 /* The only parts that should have changed in the buffer are
653 * plaintext/ciphertext and digest.
654 * In OOP only the dest buffer should change.
656 if (t->feature_mask & BLOCKCIPHER_TEST_FEATURE_OOP) {
657 struct rte_mbuf *mbuf;
659 uint32_t head_unchanged_len, changed_len = 0;
661 uint32_t hdroom_used = 0, tlroom_used = 0;
664 mbuf = sym_op->m_src;
666 * Crypto PMDs specify the headroom & tailroom it would use
667 * when processing the crypto operation. PMD is free to modify
668 * this space, and so the verification check should skip that
671 hdroom_used = dev_info.min_mbuf_headroom_req;
672 tlroom_used = dev_info.min_mbuf_tailroom_req;
675 hdroom = rte_pktmbuf_headroom(mbuf);
677 head_unchanged_len = mbuf->buf_len;
679 for (i = 0; i < mbuf->buf_len; i++) {
681 /* Skip headroom used by PMD */
682 if (i == hdroom - hdroom_used)
685 /* Skip tailroom used by PMD */
686 if (i == (hdroom + mbuf->data_len))
689 value = *((uint8_t *)(mbuf->buf_addr)+i);
690 if (value != tmp_src_buf[i]) {
691 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
692 "line %u FAILED: OOP src outer mbuf data (0x%x) not as expected (0x%x)",
693 __LINE__, value, tmp_src_buf[i]);
694 status = TEST_FAILED;
699 mbuf = sym_op->m_dst;
700 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH) {
701 head_unchanged_len = hdroom + sym_op->auth.data.offset;
702 changed_len = sym_op->auth.data.length;
703 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_GEN)
704 changed_len += digest_len;
707 head_unchanged_len = hdroom +
708 sym_op->cipher.data.offset;
709 changed_len = sym_op->cipher.data.length;
712 if (t->op_mask & BLOCKCIPHER_TEST_OP_DIGEST_ENCRYPTED)
713 changed_len = sym_op->cipher.data.length +
714 digest_len + pad_len;
716 for (i = 0; i < mbuf->buf_len; i++) {
717 if (i == head_unchanged_len)
719 value = *((uint8_t *)(mbuf->buf_addr)+i);
720 if (value != tmp_dst_buf[i]) {
721 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
722 "line %u FAILED: OOP dst outer mbuf data "
723 "(0x%x) not as expected (0x%x)",
724 __LINE__, value, tmp_dst_buf[i]);
725 status = TEST_FAILED;
735 /* In-place operation */
736 struct rte_mbuf *mbuf;
738 uint32_t head_unchanged_len = 0, changed_len = 0;
740 uint32_t hdroom_used = 0, tlroom_used = 0;
744 * Crypto PMDs specify the headroom & tailroom it would use
745 * when processing the crypto operation. PMD is free to modify
746 * this space, and so the verification check should skip that
749 hdroom_used = dev_info.min_mbuf_headroom_req;
750 tlroom_used = dev_info.min_mbuf_tailroom_req;
752 mbuf = sym_op->m_src;
755 hdroom = rte_pktmbuf_headroom(mbuf);
757 if (t->op_mask & BLOCKCIPHER_TEST_OP_CIPHER) {
758 head_unchanged_len = hdroom +
759 sym_op->cipher.data.offset;
760 changed_len = sym_op->cipher.data.length;
763 head_unchanged_len = hdroom +
764 sym_op->auth.data.offset +
765 sym_op->auth.data.length;
769 if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_GEN)
770 changed_len += digest_len;
772 if (t->op_mask & BLOCKCIPHER_TEST_OP_DIGEST_ENCRYPTED)
773 changed_len = sym_op->cipher.data.length;
775 for (i = 0; i < mbuf->buf_len; i++) {
777 /* Skip headroom used by PMD */
778 if (i == hdroom - hdroom_used)
781 if (i == head_unchanged_len)
784 /* Skip tailroom used by PMD */
785 if (i == (hdroom + mbuf->data_len))
788 value = *((uint8_t *)(mbuf->buf_addr)+i);
789 if (value != tmp_src_buf[i]) {
790 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN,
791 "line %u FAILED: outer mbuf data (0x%x) "
792 "not as expected (0x%x)",
793 __LINE__, value, tmp_src_buf[i]);
794 status = TEST_FAILED;
800 snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "PASS");
803 if (!(t->feature_mask & BLOCKCIPHER_TEST_FEATURE_SESSIONLESS)) {
805 rte_cryptodev_sym_session_clear(dev_id, sess);
806 rte_cryptodev_sym_session_free(sess);
808 rte_free(cipher_xform);
809 rte_free(auth_xform);
813 rte_crypto_op_free(op);
815 rte_pktmbuf_free(obuf);
817 rte_pktmbuf_free(ibuf);
823 blockcipher_test_case_run(const void *data)
825 const struct blockcipher_test_case *tc_data = data;
827 char test_msg[BLOCKCIPHER_TEST_MSG_LEN + 1];
829 status = test_blockcipher_one_case(tc_data,
830 p_testsuite_params->mbuf_pool,
831 p_testsuite_params->op_mpool,
832 p_testsuite_params->session_mpool,
833 p_testsuite_params->session_priv_mpool,
834 p_testsuite_params->valid_devs[0],
840 aes_chain_setup(void)
842 uint8_t dev_id = p_testsuite_params->valid_devs[0];
843 struct rte_cryptodev_info dev_info;
845 const enum rte_crypto_cipher_algorithm ciphers[] = {
846 RTE_CRYPTO_CIPHER_NULL,
847 RTE_CRYPTO_CIPHER_AES_CTR,
848 RTE_CRYPTO_CIPHER_AES_CBC
850 const enum rte_crypto_auth_algorithm auths[] = {
851 RTE_CRYPTO_AUTH_NULL,
852 RTE_CRYPTO_AUTH_SHA1_HMAC,
853 RTE_CRYPTO_AUTH_AES_XCBC_MAC,
854 RTE_CRYPTO_AUTH_SHA256_HMAC,
855 RTE_CRYPTO_AUTH_SHA512_HMAC,
856 RTE_CRYPTO_AUTH_SHA224_HMAC,
857 RTE_CRYPTO_AUTH_SHA384_HMAC
860 rte_cryptodev_info_get(dev_id, &dev_info);
861 feat_flags = dev_info.feature_flags;
863 if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
864 ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
865 !(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
866 RTE_LOG(INFO, USER1, "Feature flag requirements for AES Chain "
867 "testsuite not met\n");
871 if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0
872 && check_auth_capabilities_supported(auths,
873 RTE_DIM(auths)) != 0) {
874 RTE_LOG(INFO, USER1, "Capability requirements for AES Chain "
875 "testsuite not met\n");
883 aes_cipheronly_setup(void)
885 uint8_t dev_id = p_testsuite_params->valid_devs[0];
886 struct rte_cryptodev_info dev_info;
888 const enum rte_crypto_cipher_algorithm ciphers[] = {
889 RTE_CRYPTO_CIPHER_NULL,
890 RTE_CRYPTO_CIPHER_AES_CTR,
891 RTE_CRYPTO_CIPHER_AES_CBC,
892 RTE_CRYPTO_CIPHER_AES_ECB,
893 RTE_CRYPTO_CIPHER_AES_XTS
895 const enum rte_crypto_auth_algorithm auths[] = {
896 RTE_CRYPTO_AUTH_NULL,
897 RTE_CRYPTO_AUTH_SHA1_HMAC,
898 RTE_CRYPTO_AUTH_AES_XCBC_MAC
901 rte_cryptodev_info_get(dev_id, &dev_info);
902 feat_flags = dev_info.feature_flags;
904 if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
905 ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
906 !(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
907 RTE_LOG(INFO, USER1, "Feature flag requirements for AES Cipheronly "
908 "testsuite not met\n");
912 if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0
913 && check_auth_capabilities_supported(auths,
914 RTE_DIM(auths)) != 0) {
915 RTE_LOG(INFO, USER1, "Capability requirements for AES Cipheronly "
916 "testsuite not met\n");
924 aes_docsis_setup(void)
926 uint8_t dev_id = p_testsuite_params->valid_devs[0];
927 struct rte_cryptodev_info dev_info;
929 const enum rte_crypto_cipher_algorithm ciphers[] = {
930 RTE_CRYPTO_CIPHER_AES_DOCSISBPI
933 rte_cryptodev_info_get(dev_id, &dev_info);
934 feat_flags = dev_info.feature_flags;
936 /* Data-path service does not support DOCSIS yet */
937 if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
938 (global_api_test_type == CRYPTODEV_RAW_API_TEST)) {
939 RTE_LOG(INFO, USER1, "Feature flag requirements for AES Docsis "
940 "testsuite not met\n");
944 if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0) {
945 RTE_LOG(INFO, USER1, "Capability requirements for AES Docsis "
946 "testsuite not met\n");
954 triple_des_chain_setup(void)
956 uint8_t dev_id = p_testsuite_params->valid_devs[0];
957 struct rte_cryptodev_info dev_info;
959 const enum rte_crypto_cipher_algorithm ciphers[] = {
960 RTE_CRYPTO_CIPHER_3DES_CTR,
961 RTE_CRYPTO_CIPHER_3DES_CBC
963 const enum rte_crypto_auth_algorithm auths[] = {
964 RTE_CRYPTO_AUTH_SHA1_HMAC,
968 rte_cryptodev_info_get(dev_id, &dev_info);
969 feat_flags = dev_info.feature_flags;
971 if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
972 ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
973 !(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
974 RTE_LOG(INFO, USER1, "Feature flag requirements for 3DES Chain "
975 "testsuite not met\n");
979 if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0
980 && check_auth_capabilities_supported(auths,
981 RTE_DIM(auths)) != 0) {
982 RTE_LOG(INFO, USER1, "Capability requirements for 3DES Chain "
983 "testsuite not met\n");
991 triple_des_cipheronly_setup(void)
993 uint8_t dev_id = p_testsuite_params->valid_devs[0];
994 struct rte_cryptodev_info dev_info;
996 const enum rte_crypto_cipher_algorithm ciphers[] = {
997 RTE_CRYPTO_CIPHER_3DES_CTR,
998 RTE_CRYPTO_CIPHER_3DES_CBC
1001 rte_cryptodev_info_get(dev_id, &dev_info);
1002 feat_flags = dev_info.feature_flags;
1004 if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
1005 ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
1006 !(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
1007 RTE_LOG(INFO, USER1, "Feature flag requirements for 3DES "
1008 "Cipheronly testsuite not met\n");
1009 return TEST_SKIPPED;
1012 if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0) {
1013 RTE_LOG(INFO, USER1, "Capability requirements for 3DES "
1014 "Cipheronly testsuite not met\n");
1015 return TEST_SKIPPED;
1022 des_cipheronly_setup(void)
1024 uint8_t dev_id = p_testsuite_params->valid_devs[0];
1025 struct rte_cryptodev_info dev_info;
1026 uint64_t feat_flags;
1027 const enum rte_crypto_cipher_algorithm ciphers[] = {
1028 RTE_CRYPTO_CIPHER_DES_CBC
1031 rte_cryptodev_info_get(dev_id, &dev_info);
1032 feat_flags = dev_info.feature_flags;
1034 if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
1035 ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
1036 !(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
1037 RTE_LOG(INFO, USER1, "Feature flag requirements for DES "
1038 "Cipheronly testsuite not met\n");
1039 return TEST_SKIPPED;
1042 if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0) {
1043 RTE_LOG(INFO, USER1, "Capability requirements for DES "
1044 "Cipheronly testsuite not met\n");
1045 return TEST_SKIPPED;
1052 des_docsis_setup(void)
1054 uint8_t dev_id = p_testsuite_params->valid_devs[0];
1055 struct rte_cryptodev_info dev_info;
1056 uint64_t feat_flags;
1057 const enum rte_crypto_cipher_algorithm ciphers[] = {
1058 RTE_CRYPTO_CIPHER_DES_DOCSISBPI
1061 rte_cryptodev_info_get(dev_id, &dev_info);
1062 feat_flags = dev_info.feature_flags;
1064 /* Data-path service does not support DOCSIS yet */
1065 if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
1066 (global_api_test_type == CRYPTODEV_RAW_API_TEST)) {
1067 RTE_LOG(INFO, USER1, "Feature flag requirements for DES Docsis "
1068 "testsuite not met\n");
1069 return TEST_SKIPPED;
1072 if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0) {
1073 RTE_LOG(INFO, USER1, "Capability requirements for DES Docsis "
1074 "testsuite not met\n");
1075 return TEST_SKIPPED;
1082 authonly_setup(void)
1084 uint8_t dev_id = p_testsuite_params->valid_devs[0];
1085 struct rte_cryptodev_info dev_info;
1086 uint64_t feat_flags;
1087 const enum rte_crypto_auth_algorithm auths[] = {
1088 RTE_CRYPTO_AUTH_MD5,
1089 RTE_CRYPTO_AUTH_MD5_HMAC,
1090 RTE_CRYPTO_AUTH_SHA1,
1091 RTE_CRYPTO_AUTH_SHA1_HMAC,
1092 RTE_CRYPTO_AUTH_SHA224,
1093 RTE_CRYPTO_AUTH_SHA224_HMAC,
1094 RTE_CRYPTO_AUTH_SHA256,
1095 RTE_CRYPTO_AUTH_SHA256_HMAC,
1096 RTE_CRYPTO_AUTH_SHA384,
1097 RTE_CRYPTO_AUTH_SHA384_HMAC,
1098 RTE_CRYPTO_AUTH_SHA512,
1099 RTE_CRYPTO_AUTH_SHA512_HMAC,
1100 RTE_CRYPTO_AUTH_AES_CMAC,
1101 RTE_CRYPTO_AUTH_NULL,
1102 RTE_CRYPTO_AUTH_AES_XCBC_MAC
1105 rte_cryptodev_info_get(dev_id, &dev_info);
1106 feat_flags = dev_info.feature_flags;
1108 if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) ||
1109 ((global_api_test_type == CRYPTODEV_RAW_API_TEST) &&
1110 !(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) {
1111 RTE_LOG(INFO, USER1, "Feature flag requirements for Auth Only "
1112 "testsuite not met\n");
1113 return TEST_SKIPPED;
1116 if (check_auth_capabilities_supported(auths, RTE_DIM(auths)) != 0) {
1117 RTE_LOG(INFO, USER1, "Capability requirements for Auth Only "
1118 "testsuite not met\n");
1119 return TEST_SKIPPED;
1125 struct unit_test_suite *
1126 build_blockcipher_test_suite(enum blockcipher_test_type test_type)
1128 int i, n_test_cases = 0;
1129 struct unit_test_suite *ts;
1130 const char *ts_name = NULL;
1131 const struct blockcipher_test_case *blk_tcs;
1132 struct unit_test_case *tc;
1133 int (*ts_setup)(void) = NULL;
1135 switch (test_type) {
1136 case BLKCIPHER_AES_CHAIN_TYPE:
1137 n_test_cases = RTE_DIM(aes_chain_test_cases);
1138 blk_tcs = aes_chain_test_cases;
1139 ts_name = "AES Chain";
1140 ts_setup = aes_chain_setup;
1142 case BLKCIPHER_AES_CIPHERONLY_TYPE:
1143 n_test_cases = RTE_DIM(aes_cipheronly_test_cases);
1144 blk_tcs = aes_cipheronly_test_cases;
1145 ts_name = "AES Cipher Only";
1146 ts_setup = aes_cipheronly_setup;
1148 case BLKCIPHER_AES_DOCSIS_TYPE:
1149 n_test_cases = RTE_DIM(aes_docsis_test_cases);
1150 blk_tcs = aes_docsis_test_cases;
1151 ts_name = "AES Docsis";
1152 ts_setup = aes_docsis_setup;
1154 case BLKCIPHER_3DES_CHAIN_TYPE:
1155 n_test_cases = RTE_DIM(triple_des_chain_test_cases);
1156 blk_tcs = triple_des_chain_test_cases;
1157 ts_name = "3DES Chain";
1158 ts_setup = triple_des_chain_setup;
1160 case BLKCIPHER_3DES_CIPHERONLY_TYPE:
1161 n_test_cases = RTE_DIM(triple_des_cipheronly_test_cases);
1162 blk_tcs = triple_des_cipheronly_test_cases;
1163 ts_name = "3DES Cipher Only";
1164 ts_setup = triple_des_cipheronly_setup;
1166 case BLKCIPHER_DES_CIPHERONLY_TYPE:
1167 n_test_cases = RTE_DIM(des_cipheronly_test_cases);
1168 blk_tcs = des_cipheronly_test_cases;
1169 ts_name = "DES Cipher Only";
1170 ts_setup = des_cipheronly_setup;
1172 case BLKCIPHER_DES_DOCSIS_TYPE:
1173 n_test_cases = RTE_DIM(des_docsis_test_cases);
1174 blk_tcs = des_docsis_test_cases;
1175 ts_name = "DES Docsis";
1176 ts_setup = des_docsis_setup;
1178 case BLKCIPHER_AUTHONLY_TYPE:
1179 n_test_cases = RTE_DIM(hash_test_cases);
1180 blk_tcs = hash_test_cases;
1181 ts_name = "Auth Only";
1182 ts_setup = authonly_setup;
1188 ts = calloc(1, sizeof(struct unit_test_suite) +
1189 (sizeof(struct unit_test_case) * (n_test_cases + 1)));
1190 ts->suite_name = ts_name;
1191 ts->setup = ts_setup;
1193 for (i = 0; i < n_test_cases; i++) {
1194 tc = &ts->unit_test_cases[i];
1195 tc->name = blk_tcs[i].test_descr;
1197 tc->setup = ut_setup;
1198 tc->teardown = ut_teardown;
1199 tc->testcase = NULL;
1200 tc->testcase_with_data = blockcipher_test_case_run;
1201 tc->data = &blk_tcs[i];
1203 tc = &ts->unit_test_cases[i];
1207 tc->teardown = NULL;
1208 tc->testcase = NULL;
1209 tc->testcase_with_data = NULL;
1216 free_blockcipher_test_suite(struct unit_test_suite *ts)