1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(C) 2021 Marvell.
5 #ifndef _TEST_CRYPTODEV_SECURITY_IPSEC_H_
6 #define _TEST_CRYPTODEV_SECURITY_IPSEC_H_
8 #include <rte_cryptodev.h>
9 #include <rte_security.h>
11 #define IPSEC_TEST_PACKETS_MAX 32
13 struct ipsec_test_data {
40 struct rte_security_ipsec_xform ipsec_xform;
46 struct rte_crypto_sym_xform cipher;
47 struct rte_crypto_sym_xform auth;
49 struct rte_crypto_sym_xform aead;
53 struct ipsec_test_flags {
55 bool sa_expiry_pkts_soft;
56 bool sa_expiry_pkts_hard;
59 uint32_t tunnel_hdr_verify;
61 bool udp_ports_verify;
72 enum rte_crypto_sym_xform_type type;
74 enum rte_crypto_cipher_algorithm cipher;
75 enum rte_crypto_auth_algorithm auth;
76 enum rte_crypto_aead_algorithm aead;
79 uint16_t digest_length;
82 static const struct crypto_param aead_list[] = {
84 .type = RTE_CRYPTO_SYM_XFORM_AEAD,
85 .alg.aead = RTE_CRYPTO_AEAD_AES_GCM,
89 .type = RTE_CRYPTO_SYM_XFORM_AEAD,
90 .alg.aead = RTE_CRYPTO_AEAD_AES_GCM,
94 .type = RTE_CRYPTO_SYM_XFORM_AEAD,
95 .alg.aead = RTE_CRYPTO_AEAD_AES_GCM,
100 static const struct crypto_param cipher_list[] = {
102 .type = RTE_CRYPTO_SYM_XFORM_CIPHER,
103 .alg.cipher = RTE_CRYPTO_CIPHER_AES_CBC,
108 static const struct crypto_param auth_list[] = {
110 .type = RTE_CRYPTO_SYM_XFORM_AUTH,
111 .alg.auth = RTE_CRYPTO_AUTH_NULL,
114 .type = RTE_CRYPTO_SYM_XFORM_AUTH,
115 .alg.auth = RTE_CRYPTO_AUTH_SHA256_HMAC,
120 .type = RTE_CRYPTO_SYM_XFORM_AUTH,
121 .alg.auth = RTE_CRYPTO_AUTH_SHA384_HMAC,
126 .type = RTE_CRYPTO_SYM_XFORM_AUTH,
127 .alg.auth = RTE_CRYPTO_AUTH_SHA512_HMAC,
133 struct crypto_param_comb {
134 const struct crypto_param *param1;
135 const struct crypto_param *param2;
138 extern struct ipsec_test_data pkt_aes_256_gcm;
139 extern struct ipsec_test_data pkt_aes_256_gcm_v6;
140 extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256;
141 extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256_v6;
143 extern struct crypto_param_comb alg_list[RTE_DIM(aead_list) +
144 (RTE_DIM(cipher_list) *
145 RTE_DIM(auth_list))];
147 void test_ipsec_alg_list_populate(void);
149 int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
150 const struct rte_security_capability *sec_cap,
153 int test_ipsec_crypto_caps_aead_verify(
154 const struct rte_security_capability *sec_cap,
155 struct rte_crypto_sym_xform *aead);
157 int test_ipsec_crypto_caps_cipher_verify(
158 const struct rte_security_capability *sec_cap,
159 struct rte_crypto_sym_xform *cipher);
161 int test_ipsec_crypto_caps_auth_verify(
162 const struct rte_security_capability *sec_cap,
163 struct rte_crypto_sym_xform *auth);
165 void test_ipsec_td_in_from_out(const struct ipsec_test_data *td_out,
166 struct ipsec_test_data *td_in);
168 void test_ipsec_td_prepare(const struct crypto_param *param1,
169 const struct crypto_param *param2,
170 const struct ipsec_test_flags *flags,
171 struct ipsec_test_data *td_array,
174 void test_ipsec_td_update(struct ipsec_test_data td_inb[],
175 const struct ipsec_test_data td_outb[],
177 const struct ipsec_test_flags *flags);
179 void test_ipsec_display_alg(const struct crypto_param *param1,
180 const struct crypto_param *param2);
182 int test_ipsec_post_process(struct rte_mbuf *m,
183 const struct ipsec_test_data *td,
184 struct ipsec_test_data *res_d, bool silent,
185 const struct ipsec_test_flags *flags);
187 int test_ipsec_status_check(struct rte_crypto_op *op,
188 const struct ipsec_test_flags *flags,
189 enum rte_security_ipsec_sa_direction dir,
192 int test_ipsec_stats_verify(struct rte_security_ctx *ctx,
193 struct rte_security_session *sess,
194 const struct ipsec_test_flags *flags,
195 enum rte_security_ipsec_sa_direction dir);