1 /* SPDX-License-Identifier: BSD-3-Clause
2 * Copyright(c) 2021 Marvell
5 #ifndef TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_
6 #define TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_
8 #include <rte_crypto.h>
9 #include <rte_security.h>
11 #include "test_cryptodev_security_ipsec.h"
16 * AES-GCM vectors are based on :
17 * https://datatracker.ietf.org/doc/html/draft-mcgrew-gcm-test-01
19 * Vectors are updated to have corrected L4 checksum and sequence number 1.
22 struct ipsec_test_data pkt_aes_128_gcm = {
25 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
26 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
32 0x45, 0x00, 0x00, 0x3e, 0x69, 0x8f, 0x00, 0x00,
33 0x80, 0x11, 0x4d, 0xcc, 0xc0, 0xa8, 0x01, 0x02,
34 0xc0, 0xa8, 0x01, 0x01,
37 0x0a, 0x98, 0x00, 0x35, 0x00, 0x2a, 0x23, 0x43,
38 0xb2, 0xd0, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00,
39 0x00, 0x00, 0x00, 0x00, 0x03, 0x73, 0x69, 0x70,
40 0x09, 0x63, 0x79, 0x62, 0x65, 0x72, 0x63, 0x69,
41 0x74, 0x79, 0x02, 0x64, 0x6b, 0x00, 0x00, 0x01,
48 /* IP - outer header */
49 0x45, 0x00, 0x00, 0x74, 0x69, 0x8f, 0x00, 0x00,
50 0x80, 0x32, 0x4d, 0x75, 0xc0, 0xa8, 0x01, 0x02,
51 0xc0, 0xa8, 0x01, 0x01,
54 0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x01,
57 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88,
60 0xde, 0xb2, 0x2c, 0xd9, 0xb0, 0x7c, 0x72, 0xc1,
61 0x6e, 0x3a, 0x65, 0xbe, 0xeb, 0x8d, 0xf3, 0x04,
62 0xa5, 0xa5, 0x89, 0x7d, 0x33, 0xae, 0x53, 0x0f,
63 0x1b, 0xa7, 0x6d, 0x5d, 0x11, 0x4d, 0x2a, 0x5c,
64 0x3d, 0xe8, 0x18, 0x27, 0xc1, 0x0e, 0x9a, 0x4f,
65 0x51, 0x33, 0x0d, 0x0e, 0xec, 0x41, 0x66, 0x42,
66 0xcf, 0xbb, 0x85, 0xa5, 0xb4, 0x7e, 0x48, 0xa4,
67 0xec, 0x3b, 0x9b, 0xa9, 0x5d, 0x91, 0x8b, 0xd4,
68 0x29, 0xc7, 0x37, 0x57, 0x9f, 0xf1, 0x9e, 0x58,
69 0xcf, 0xfc, 0x60, 0x7a, 0x3b, 0xce, 0x89, 0x94,
76 0xca, 0xfe, 0xba, 0xbe
83 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88
90 .options.udp_encap = 0,
91 .options.copy_dscp = 0,
92 .options.copy_flabel = 0,
97 .options.tunnel_hdr_verify = 0,
98 .options.ip_csum_enable = 0,
99 .options.l4_csum_enable = 0,
100 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
101 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
102 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
103 .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
112 .type = RTE_CRYPTO_SYM_XFORM_AEAD,
114 .op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
115 .algo = RTE_CRYPTO_AEAD_AES_GCM,
118 .iv.offset = IV_OFFSET,
126 struct ipsec_test_data pkt_aes_192_gcm = {
129 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
130 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
131 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
137 0x45, 0x00, 0x00, 0x28, 0xa4, 0xad, 0x40, 0x00,
138 0x40, 0x06, 0x78, 0x80, 0x0a, 0x01, 0x03, 0x8f,
139 0x0a, 0x01, 0x06, 0x12,
142 0x80, 0x23, 0x06, 0xb8, 0xcb, 0x71, 0x26, 0x02,
143 0xdd, 0x6b, 0xb0, 0x3e, 0x50, 0x10, 0x16, 0xd0,
144 0x75, 0x67, 0x00, 0x01
150 /* IP - outer header */
151 0x45, 0x00, 0x00, 0x60, 0x69, 0x8f, 0x00, 0x00,
152 0x80, 0x32, 0x4d, 0x89, 0xc0, 0xa8, 0x01, 0x02,
153 0xc0, 0xa8, 0x01, 0x01,
156 0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x01,
159 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88,
162 0xa5, 0xb1, 0xf8, 0x06, 0x60, 0x29, 0xae, 0xa4,
163 0x0e, 0x59, 0x8b, 0x81, 0x22, 0xde, 0x02, 0x42,
164 0x09, 0x38, 0xb3, 0xab, 0x33, 0xf8, 0x28, 0xe6,
165 0x87, 0xb8, 0x85, 0x8b, 0x5b, 0xfb, 0xdb, 0xd0,
166 0x31, 0x5b, 0x27, 0x45, 0x21, 0x4b, 0xcc, 0x77,
167 0x82, 0xac, 0x91, 0x38, 0xf2, 0xbb, 0xbe, 0xe4,
168 0xcf, 0x03, 0x36, 0x89, 0xdd, 0x40, 0xd3, 0x6e,
169 0x54, 0x05, 0x22, 0x22,
175 0xca, 0xfe, 0xba, 0xbe
182 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88
189 .options.udp_encap = 0,
190 .options.copy_dscp = 0,
191 .options.copy_flabel = 0,
192 .options.copy_df = 0,
193 .options.dec_ttl = 0,
196 .options.tunnel_hdr_verify = 0,
197 .options.ip_csum_enable = 0,
198 .options.l4_csum_enable = 0,
199 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
200 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
201 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
202 .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
211 .type = RTE_CRYPTO_SYM_XFORM_AEAD,
213 .op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
214 .algo = RTE_CRYPTO_AEAD_AES_GCM,
217 .iv.offset = IV_OFFSET,
225 struct ipsec_test_data pkt_aes_256_gcm = {
228 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23,
229 0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab,
230 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23,
231 0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab,
237 0x45, 0x00, 0x00, 0x30, 0x69, 0xa6, 0x40, 0x00,
238 0x80, 0x06, 0x26, 0x90, 0xc0, 0xa8, 0x01, 0x02,
239 0x93, 0x89, 0x15, 0x5e,
242 0x0a, 0x9e, 0x00, 0x8b, 0x2d, 0xc5, 0x7e, 0xe0,
243 0x00, 0x00, 0x00, 0x00, 0x70, 0x02, 0x40, 0x00,
244 0x20, 0xbf, 0x00, 0x00, 0x02, 0x04, 0x05, 0xb4,
245 0x01, 0x01, 0x04, 0x02,
251 /* IP - outer header */
252 0x45, 0x00, 0x00, 0x68, 0x69, 0x8f, 0x00, 0x00,
253 0x80, 0x32, 0x4d, 0x81, 0xc0, 0xa8, 0x01, 0x02,
254 0xc0, 0xa8, 0x01, 0x01,
257 0x4a, 0x2c, 0xbf, 0xe3, 0x00, 0x00, 0x00, 0x01,
260 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
263 0xff, 0x42, 0x5c, 0x9b, 0x72, 0x45, 0x99, 0xdf,
264 0x7a, 0x3b, 0xcd, 0x51, 0x01, 0x94, 0xe0, 0x0d,
265 0x6a, 0x78, 0x10, 0x7f, 0x1b, 0x0b, 0x1c, 0xbf,
266 0x06, 0xef, 0xae, 0x9d, 0x65, 0xa5, 0xd7, 0x63,
267 0x74, 0x8a, 0x63, 0x79, 0x85, 0x77, 0x1d, 0x34,
268 0x7f, 0x05, 0x45, 0x65, 0x9f, 0x14, 0xe9, 0x9d,
269 0xef, 0x84, 0x2d, 0x8b, 0x00, 0x14, 0x4a, 0x1f,
270 0xec, 0x6a, 0xdf, 0x0c, 0x9a, 0x92, 0x7f, 0xee,
271 0xa6, 0xc5, 0x11, 0x60,
277 0x11, 0x22, 0x33, 0x44
284 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08
291 .options.udp_encap = 0,
292 .options.copy_dscp = 0,
293 .options.copy_flabel = 0,
294 .options.copy_df = 0,
295 .options.dec_ttl = 0,
298 .options.tunnel_hdr_verify = 0,
299 .options.ip_csum_enable = 0,
300 .options.l4_csum_enable = 0,
301 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
302 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
303 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
304 .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
313 .type = RTE_CRYPTO_SYM_XFORM_AEAD,
315 .op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
316 .algo = RTE_CRYPTO_AEAD_AES_GCM,
319 .iv.offset = IV_OFFSET,
327 /* Known vectors for AES-CBC
328 * https://datatracker.ietf.org/doc/html/rfc3602#section-4
331 struct ipsec_test_data pkt_aes_128_cbc_null = {
334 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
335 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
340 /* IP - outer header */
341 0x45, 0x00, 0x00, 0x8c, 0x00, 0x02, 0x00, 0x00,
342 0x40, 0x32, 0x27, 0xbc, 0x00, 0x01, 0xa8, 0xc0,
343 0x01, 0x01, 0xa8, 0xc0,
346 0x00, 0x00, 0x87, 0x65, 0x00, 0x00, 0x00, 0x02,
349 0xf4, 0xe7, 0x65, 0x24, 0x4f, 0x64, 0x07, 0xad,
350 0xf1, 0x3d, 0xc1, 0x38, 0x0f, 0x67, 0x3f, 0x37,
353 0x77, 0x3b, 0x52, 0x41, 0xa4, 0xc4, 0x49, 0x22,
354 0x5e, 0x4f, 0x3c, 0xe5, 0xed, 0x61, 0x1b, 0x0c,
355 0x23, 0x7c, 0xa9, 0x6c, 0xf7, 0x4a, 0x93, 0x01,
356 0x3c, 0x1b, 0x0e, 0xa1, 0xa0, 0xcf, 0x70, 0xf8,
357 0xe4, 0xec, 0xae, 0xc7, 0x8a, 0xc5, 0x3a, 0xad,
358 0x7a, 0x0f, 0x02, 0x2b, 0x85, 0x92, 0x43, 0xc6,
359 0x47, 0x75, 0x2e, 0x94, 0xa8, 0x59, 0x35, 0x2b,
360 0x8a, 0x4d, 0x4d, 0x2d, 0xec, 0xd1, 0x36, 0xe5,
361 0xc1, 0x77, 0xf1, 0x32, 0xad, 0x3f, 0xbf, 0xb2,
362 0x20, 0x1a, 0xc9, 0x90, 0x4c, 0x74, 0xee, 0x0a,
363 0x10, 0x9e, 0x0c, 0xa1, 0xe4, 0xdf, 0xe9, 0xd5,
364 0xa1, 0x00, 0xb8, 0x42, 0xf1, 0xc2, 0x2f, 0x0d,
371 0x45, 0x00, 0x00, 0x54, 0x09, 0x04, 0x00, 0x00,
372 0x40, 0x01, 0xf9, 0x88, 0xc0, 0xa8, 0x7b, 0x03,
373 0xc0, 0xa8, 0x7b, 0xc8,
376 0x08, 0x00, 0x9f, 0x76, 0xa9, 0x0a, 0x01, 0x00,
377 0xb4, 0x9c, 0x08, 0x3d, 0x02, 0xa2, 0x04, 0x00,
378 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
379 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
380 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
381 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
382 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
383 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
384 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
385 0x09, 0x0a, 0x0a, 0x04,
391 0xf4, 0xe7, 0x65, 0x24, 0x4f, 0x64, 0x07, 0xad,
392 0xf1, 0x3d, 0xc1, 0x38, 0x0f, 0x67, 0x3f, 0x37,
399 .options.udp_encap = 0,
400 .options.copy_dscp = 0,
401 .options.copy_flabel = 0,
402 .options.copy_df = 0,
403 .options.dec_ttl = 0,
406 .options.tunnel_hdr_verify = 0,
407 .direction = RTE_SECURITY_IPSEC_SA_DIR_INGRESS,
408 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
409 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
410 .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
419 .type = RTE_CRYPTO_SYM_XFORM_CIPHER,
421 .op = RTE_CRYPTO_CIPHER_OP_DECRYPT,
422 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
429 .type = RTE_CRYPTO_SYM_XFORM_AUTH,
431 .algo = RTE_CRYPTO_AUTH_NULL,
437 struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256 = {
440 0x00, 0x04, 0x05, 0x01, 0x23, 0x00, 0x00, 0x00,
441 0x00, 0x00, 0x0a, 0x0b, 0x0c, 0x0f, 0x00, 0x00,
446 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00,
447 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02,
448 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04,
449 0x0a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08,
455 0x45, 0x00, 0x00, 0x32, 0x00, 0x01, 0x00, 0x00,
456 0x1f, 0x11, 0x17, 0x8b, 0xc0, 0xa8, 0x01, 0x6f,
457 0xc0, 0xa8, 0x01, 0x70,
460 0x00, 0x09, 0x00, 0x09, 0x00, 0x1e, 0x00, 0x00,
461 0xbe, 0x9b, 0xe9, 0x55, 0x00, 0x00, 0x00, 0x21,
462 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
463 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
469 /* IP - outer header */
470 0x45, 0x00, 0x00, 0x7c, 0x00, 0x01, 0x00, 0x00,
471 0x40, 0x32, 0x52, 0x4d, 0x14, 0x00, 0x00, 0x01,
472 0x14, 0x00, 0x00, 0x02,
475 0x00, 0x00, 0x00, 0x34, 0x00, 0x00, 0x00, 0x01,
478 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00,
479 0x20, 0xbf, 0xe8, 0x39, 0x00, 0x00, 0x00, 0x00,
482 0x67, 0xb5, 0x46, 0x6e, 0x78, 0x17, 0xd3, 0x5a,
483 0xac, 0x62, 0x62, 0x62, 0xb0, 0x57, 0x9b, 0x09,
484 0x19, 0x4f, 0x06, 0x59, 0xc8, 0xb0, 0x30, 0x65,
485 0x1f, 0x45, 0x57, 0x41, 0x72, 0x17, 0x28, 0xe9,
486 0xad, 0x50, 0xbe, 0x44, 0x1d, 0x2d, 0x9a, 0xd0,
487 0x48, 0x75, 0x0d, 0x1c, 0x8d, 0x24, 0xa8, 0x6f,
488 0x6b, 0x24, 0xb6, 0x5d, 0x43, 0x1e, 0x55, 0xf0,
489 0xf7, 0x14, 0x1f, 0xf2, 0x61, 0xd4, 0xe0, 0x30,
490 0x16, 0xbe, 0x1b, 0x5c, 0xcc, 0xb7, 0x66, 0x1c,
491 0x47, 0xad, 0x07, 0x6c, 0xd5, 0xcb, 0xce, 0x6c,
497 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00,
498 0x20, 0xbf, 0xe8, 0x39, 0x00, 0x00, 0x00, 0x00,
505 .options.udp_encap = 0,
506 .options.copy_dscp = 0,
507 .options.copy_flabel = 0,
508 .options.copy_df = 0,
509 .options.dec_ttl = 0,
512 .options.tunnel_hdr_verify = 0,
513 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
514 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
515 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
516 .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
525 .type = RTE_CRYPTO_SYM_XFORM_CIPHER,
527 .op = RTE_CRYPTO_CIPHER_OP_ENCRYPT,
528 .algo = RTE_CRYPTO_CIPHER_AES_CBC,
535 .type = RTE_CRYPTO_SYM_XFORM_AUTH,
537 .op = RTE_CRYPTO_AUTH_OP_GENERATE,
538 .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
546 #endif /* TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_ */