app/test/test_cryptodev_security_ipsec.h

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  * Copyright(C) 2021 Marvell.
   3  */
   4
   5 #ifndef _TEST_CRYPTODEV_SECURITY_IPSEC_H_
   6 #define _TEST_CRYPTODEV_SECURITY_IPSEC_H_
   7
   8 #include <rte_cryptodev.h>
   9 #include <rte_security.h>
  10
  11 #define IPSEC_TEST_PACKETS_MAX 32
  12
  13 struct ipsec_test_data {
  14         struct {
  15                 uint8_t data[32];
  16         } key;
  17         struct {
  18                 uint8_t data[32];
  19         } auth_key;
  20
  21         struct {
  22                 uint8_t data[1024];
  23                 unsigned int len;
  24         } input_text;
  25
  26         struct {
  27                 uint8_t data[1024];
  28                 unsigned int len;
  29         } output_text;
  30
  31         struct {
  32                 uint8_t data[4];
  33                 unsigned int len;
  34         } salt;
  35
  36         struct {
  37                 uint8_t data[16];
  38         } iv;
  39
  40         struct rte_security_ipsec_xform ipsec_xform;
  41
  42         bool aead;
  43
  44         union {
  45                 struct {
  46                         struct rte_crypto_sym_xform cipher;
  47                         struct rte_crypto_sym_xform auth;
  48                 } chain;
  49                 struct rte_crypto_sym_xform aead;
  50         } xform;
  51 };
  52
  53 struct ipsec_test_flags {
  54         bool display_alg;
  55         bool sa_expiry_pkts_soft;
  56         bool sa_expiry_pkts_hard;
  57         bool icv_corrupt;
  58         bool iv_gen;
  59         uint32_t tunnel_hdr_verify;
  60         bool udp_encap;
  61         bool udp_ports_verify;
  62         bool ip_csum;
  63         bool l4_csum;
  64         bool ipv6;
  65         bool tunnel_ipv6;
  66 };
  67
  68 struct crypto_param {
  69         enum rte_crypto_sym_xform_type type;
  70         union {
  71                 enum rte_crypto_cipher_algorithm cipher;
  72                 enum rte_crypto_auth_algorithm auth;
  73                 enum rte_crypto_aead_algorithm aead;
  74         } alg;
  75         uint16_t key_length;
  76         uint16_t digest_length;
  77 };
  78
  79 static const struct crypto_param aead_list[] = {
  80         {
  81                 .type = RTE_CRYPTO_SYM_XFORM_AEAD,
  82                 .alg.aead =  RTE_CRYPTO_AEAD_AES_GCM,
  83                 .key_length = 16,
  84         },
  85         {
  86                 .type = RTE_CRYPTO_SYM_XFORM_AEAD,
  87                 .alg.aead = RTE_CRYPTO_AEAD_AES_GCM,
  88                 .key_length = 24,
  89         },
  90         {
  91                 .type = RTE_CRYPTO_SYM_XFORM_AEAD,
  92                 .alg.aead = RTE_CRYPTO_AEAD_AES_GCM,
  93                 .key_length = 32
  94         },
  95 };
  96
  97 static const struct crypto_param cipher_list[] = {
  98         {
  99                 .type = RTE_CRYPTO_SYM_XFORM_CIPHER,
 100                 .alg.cipher =  RTE_CRYPTO_CIPHER_AES_CBC,
 101                 .key_length = 16,
 102         },
 103 };
 104
 105 static const struct crypto_param auth_list[] = {
 106         {
 107                 .type = RTE_CRYPTO_SYM_XFORM_AUTH,
 108                 .alg.auth =  RTE_CRYPTO_AUTH_NULL,
 109         },
 110         {
 111                 .type = RTE_CRYPTO_SYM_XFORM_AUTH,
 112                 .alg.auth =  RTE_CRYPTO_AUTH_SHA256_HMAC,
 113                 .key_length = 32,
 114                 .digest_length = 16,
 115         },
 116 };
 117
 118 struct crypto_param_comb {
 119         const struct crypto_param *param1;
 120         const struct crypto_param *param2;
 121 };
 122
 123 extern struct ipsec_test_data pkt_aes_256_gcm;
 124 extern struct ipsec_test_data pkt_aes_256_gcm_v6;
 125 extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256;
 126 extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256_v6;
 127
 128 extern struct crypto_param_comb alg_list[RTE_DIM(aead_list) +
 129                                          (RTE_DIM(cipher_list) *
 130                                           RTE_DIM(auth_list))];
 131
 132 void test_ipsec_alg_list_populate(void);
 133
 134 int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
 135                                const struct rte_security_capability *sec_cap,
 136                                bool silent);
 137
 138 int test_ipsec_crypto_caps_aead_verify(
 139                 const struct rte_security_capability *sec_cap,
 140                 struct rte_crypto_sym_xform *aead);
 141
 142 int test_ipsec_crypto_caps_cipher_verify(
 143                 const struct rte_security_capability *sec_cap,
 144                 struct rte_crypto_sym_xform *cipher);
 145
 146 int test_ipsec_crypto_caps_auth_verify(
 147                 const struct rte_security_capability *sec_cap,
 148                 struct rte_crypto_sym_xform *auth);
 149
 150 void test_ipsec_td_in_from_out(const struct ipsec_test_data *td_out,
 151                                struct ipsec_test_data *td_in);
 152
 153 void test_ipsec_td_prepare(const struct crypto_param *param1,
 154                            const struct crypto_param *param2,
 155                            const struct ipsec_test_flags *flags,
 156                            struct ipsec_test_data *td_array,
 157                            int nb_td);
 158
 159 void test_ipsec_td_update(struct ipsec_test_data td_inb[],
 160                           const struct ipsec_test_data td_outb[],
 161                           int nb_td,
 162                           const struct ipsec_test_flags *flags);
 163
 164 void test_ipsec_display_alg(const struct crypto_param *param1,
 165                             const struct crypto_param *param2);
 166
 167 int test_ipsec_post_process(struct rte_mbuf *m,
 168                             const struct ipsec_test_data *td,
 169                             struct ipsec_test_data *res_d, bool silent,
 170                             const struct ipsec_test_flags *flags);
 171
 172 int test_ipsec_status_check(struct rte_crypto_op *op,
 173                             const struct ipsec_test_flags *flags,
 174                             enum rte_security_ipsec_sa_direction dir,
 175                             int pkt_num);
 176
 177 #endif