app/test/test_cryptodev_security_ipsec_test_vectors.h

   1 /* SPDX-License-Identifier: BSD-3-Clause
   2  * Copyright(c) 2021 Marvell
   3  */
   4
   5 #ifndef TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_
   6 #define TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_
   7
   8 #include <rte_crypto.h>
   9 #include <rte_security.h>
  10
  11 #include "test_cryptodev_security_ipsec.h"
  12
  13 /*
  14  * Known vectors
  15  *
  16  * AES-GCM vectors are based on :
  17  * https://datatracker.ietf.org/doc/html/draft-mcgrew-gcm-test-01
  18  *
  19  * Vectors are updated to have corrected L4 checksum and sequence number 1.
  20  */
  21
  22 struct ipsec_test_data pkt_aes_128_gcm = {
  23         .key = {
  24                 .data = {
  25                         0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
  26                         0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
  27                 },
  28         },
  29         .input_text = {
  30                 .data = {
  31                         /* IP */
  32                         0x45, 0x00, 0x00, 0x3e, 0x69, 0x8f, 0x00, 0x00,
  33                         0x80, 0x11, 0x4d, 0xcc, 0xc0, 0xa8, 0x01, 0x02,
  34                         0xc0, 0xa8, 0x01, 0x01,
  35
  36                         /* UDP */
  37                         0x0a, 0x98, 0x00, 0x35, 0x00, 0x2a, 0x23, 0x43,
  38                         0xb2, 0xd0, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00,
  39                         0x00, 0x00, 0x00, 0x00, 0x03, 0x73, 0x69, 0x70,
  40                         0x09, 0x63, 0x79, 0x62, 0x65, 0x72, 0x63, 0x69,
  41                         0x74, 0x79, 0x02, 0x64, 0x6b, 0x00, 0x00, 0x01,
  42                         0x00, 0x01,
  43                 },
  44                 .len = 62,
  45         },
  46         .output_text = {
  47                 .data = {
  48                         /* IP - outer header */
  49                         0x45, 0x00, 0x00, 0x74, 0x69, 0x8f, 0x00, 0x00,
  50                         0x80, 0x32, 0x4d, 0x75, 0xc0, 0xa8, 0x01, 0x02,
  51                         0xc0, 0xa8, 0x01, 0x01,
  52
  53                         /* ESP */
  54                         0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x01,
  55
  56                         /* IV */
  57                         0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88,
  58
  59                         /* Data */
  60                         0xde, 0xb2, 0x2c, 0xd9, 0xb0, 0x7c, 0x72, 0xc1,
  61                         0x6e, 0x3a, 0x65, 0xbe, 0xeb, 0x8d, 0xf3, 0x04,
  62                         0xa5, 0xa5, 0x89, 0x7d, 0x33, 0xae, 0x53, 0x0f,
  63                         0x1b, 0xa7, 0x6d, 0x5d, 0x11, 0x4d, 0x2a, 0x5c,
  64                         0x3d, 0xe8, 0x18, 0x27, 0xc1, 0x0e, 0x9a, 0x4f,
  65                         0x51, 0x33, 0x0d, 0x0e, 0xec, 0x41, 0x66, 0x42,
  66                         0xcf, 0xbb, 0x85, 0xa5, 0xb4, 0x7e, 0x48, 0xa4,
  67                         0xec, 0x3b, 0x9b, 0xa9, 0x5d, 0x91, 0x8b, 0xd4,
  68                         0x29, 0xc7, 0x37, 0x57, 0x9f, 0xf1, 0x9e, 0x58,
  69                         0xcf, 0xfc, 0x60, 0x7a, 0x3b, 0xce, 0x89, 0x94,
  70
  71                 },
  72                 .len = 116,
  73         },
  74         .salt = {
  75                 .data = {
  76                         0xca, 0xfe, 0xba, 0xbe
  77                 },
  78                 .len = 4,
  79         },
  80
  81         .iv = {
  82                 .data = {
  83                         0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88
  84                 },
  85         },
  86
  87         .ipsec_xform = {
  88                 .spi = 0xa5f8,
  89                 .options.esn = 0,
  90                 .options.udp_encap = 0,
  91                 .options.copy_dscp = 0,
  92                 .options.copy_flabel = 0,
  93                 .options.copy_df = 0,
  94                 .options.dec_ttl = 0,
  95                 .options.ecn = 0,
  96                 .options.stats = 0,
  97                 .options.tunnel_hdr_verify = 0,
  98                 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
  99                 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
 100                 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
 101                 .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
 102                 .replay_win_sz = 0,
 103         },
 104
 105         .aead = true,
 106
 107         .xform = {
 108                 .aead = {
 109                         .next = NULL,
 110                         .type = RTE_CRYPTO_SYM_XFORM_AEAD,
 111                         .aead = {
 112                                 .op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
 113                                 .algo = RTE_CRYPTO_AEAD_AES_GCM,
 114                                 .key.length = 16,
 115                                 .iv.length = 12,
 116                                 .iv.offset = IV_OFFSET,
 117                                 .digest_length = 16,
 118                                 .aad_length = 12,
 119                         },
 120                 },
 121         },
 122 };
 123
 124 struct ipsec_test_data pkt_aes_192_gcm = {
 125         .key = {
 126                 .data = {
 127                         0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
 128                         0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
 129                         0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
 130                 },
 131         },
 132         .input_text = {
 133                 .data = {
 134                         /* IP */
 135                         0x45, 0x00, 0x00, 0x28, 0xa4, 0xad, 0x40, 0x00,
 136                         0x40, 0x06, 0x78, 0x80, 0x0a, 0x01, 0x03, 0x8f,
 137                         0x0a, 0x01, 0x06, 0x12,
 138
 139                         /* TCP */
 140                         0x80, 0x23, 0x06, 0xb8, 0xcb, 0x71, 0x26, 0x02,
 141                         0xdd, 0x6b, 0xb0, 0x3e, 0x50, 0x10, 0x16, 0xd0,
 142                         0x75, 0x67, 0x00, 0x01
 143                 },
 144                 .len = 40,
 145         },
 146         .output_text = {
 147                 .data = {
 148                         /* IP - outer header */
 149                         0x45, 0x00, 0x00, 0x60, 0x69, 0x8f, 0x00, 0x00,
 150                         0x80, 0x32, 0x4d, 0x89, 0xc0, 0xa8, 0x01, 0x02,
 151                         0xc0, 0xa8, 0x01, 0x01,
 152
 153                         /* ESP */
 154                         0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x01,
 155
 156                         /* IV */
 157                         0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88,
 158
 159                         /* Data */
 160                         0xa5, 0xb1, 0xf8, 0x06, 0x60, 0x29, 0xae, 0xa4,
 161                         0x0e, 0x59, 0x8b, 0x81, 0x22, 0xde, 0x02, 0x42,
 162                         0x09, 0x38, 0xb3, 0xab, 0x33, 0xf8, 0x28, 0xe6,
 163                         0x87, 0xb8, 0x85, 0x8b, 0x5b, 0xfb, 0xdb, 0xd0,
 164                         0x31, 0x5b, 0x27, 0x45, 0x21, 0x4b, 0xcc, 0x77,
 165                         0x82, 0xac, 0x91, 0x38, 0xf2, 0xbb, 0xbe, 0xe4,
 166                         0xcf, 0x03, 0x36, 0x89, 0xdd, 0x40, 0xd3, 0x6e,
 167                         0x54, 0x05, 0x22, 0x22,
 168                 },
 169                 .len = 96,
 170         },
 171         .salt = {
 172                 .data = {
 173                         0xca, 0xfe, 0xba, 0xbe
 174                 },
 175                 .len = 4,
 176         },
 177
 178         .iv = {
 179                 .data = {
 180                         0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88
 181                 },
 182         },
 183
 184         .ipsec_xform = {
 185                 .spi = 0xa5f8,
 186                 .options.esn = 0,
 187                 .options.udp_encap = 0,
 188                 .options.copy_dscp = 0,
 189                 .options.copy_flabel = 0,
 190                 .options.copy_df = 0,
 191                 .options.dec_ttl = 0,
 192                 .options.ecn = 0,
 193                 .options.stats = 0,
 194                 .options.tunnel_hdr_verify = 0,
 195                 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
 196                 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
 197                 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
 198                 .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
 199                 .replay_win_sz = 0,
 200         },
 201
 202         .aead = true,
 203
 204         .xform = {
 205                 .aead = {
 206                         .next = NULL,
 207                         .type = RTE_CRYPTO_SYM_XFORM_AEAD,
 208                         .aead = {
 209                                 .op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
 210                                 .algo = RTE_CRYPTO_AEAD_AES_GCM,
 211                                 .key.length = 24,
 212                                 .iv.length = 12,
 213                                 .iv.offset = IV_OFFSET,
 214                                 .digest_length = 16,
 215                                 .aad_length = 12,
 216                         },
 217                 },
 218         },
 219 };
 220
 221 struct ipsec_test_data pkt_aes_256_gcm = {
 222         .key = {
 223                 .data = {
 224                         0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23,
 225                         0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab,
 226                         0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23,
 227                         0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab,
 228                 },
 229         },
 230         .input_text = {
 231                 .data = {
 232                         /* IP */
 233                         0x45, 0x00, 0x00, 0x30, 0x69, 0xa6, 0x40, 0x00,
 234                         0x80, 0x06, 0x26, 0x90, 0xc0, 0xa8, 0x01, 0x02,
 235                         0x93, 0x89, 0x15, 0x5e,
 236
 237                         /* TCP */
 238                         0x0a, 0x9e, 0x00, 0x8b, 0x2d, 0xc5, 0x7e, 0xe0,
 239                         0x00, 0x00, 0x00, 0x00, 0x70, 0x02, 0x40, 0x00,
 240                         0x20, 0xbf, 0x00, 0x00, 0x02, 0x04, 0x05, 0xb4,
 241                         0x01, 0x01, 0x04, 0x02,
 242                 },
 243                 .len = 48,
 244         },
 245         .output_text = {
 246                 .data = {
 247                         /* IP - outer header */
 248                         0x45, 0x00, 0x00, 0x68, 0x69, 0x8f, 0x00, 0x00,
 249                         0x80, 0x32, 0x4d, 0x81, 0xc0, 0xa8, 0x01, 0x02,
 250                         0xc0, 0xa8, 0x01, 0x01,
 251
 252                         /* ESP */
 253                         0x4a, 0x2c, 0xbf, 0xe3, 0x00, 0x00, 0x00, 0x01,
 254
 255                         /* IV */
 256                         0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
 257
 258                         /* Data */
 259                         0xff, 0x42, 0x5c, 0x9b, 0x72, 0x45, 0x99, 0xdf,
 260                         0x7a, 0x3b, 0xcd, 0x51, 0x01, 0x94, 0xe0, 0x0d,
 261                         0x6a, 0x78, 0x10, 0x7f, 0x1b, 0x0b, 0x1c, 0xbf,
 262                         0x06, 0xef, 0xae, 0x9d, 0x65, 0xa5, 0xd7, 0x63,
 263                         0x74, 0x8a, 0x63, 0x79, 0x85, 0x77, 0x1d, 0x34,
 264                         0x7f, 0x05, 0x45, 0x65, 0x9f, 0x14, 0xe9, 0x9d,
 265                         0xef, 0x84, 0x2d, 0x8b, 0x00, 0x14, 0x4a, 0x1f,
 266                         0xec, 0x6a, 0xdf, 0x0c, 0x9a, 0x92, 0x7f, 0xee,
 267                         0xa6, 0xc5, 0x11, 0x60,
 268                 },
 269                 .len = 104,
 270         },
 271         .salt = {
 272                 .data = {
 273                         0x11, 0x22, 0x33, 0x44
 274                 },
 275                 .len = 4,
 276         },
 277
 278         .iv = {
 279                 .data = {
 280                         0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08
 281                 },
 282         },
 283
 284         .ipsec_xform = {
 285                 .spi = 0x4a2cbfe3,
 286                 .options.esn = 0,
 287                 .options.udp_encap = 0,
 288                 .options.copy_dscp = 0,
 289                 .options.copy_flabel = 0,
 290                 .options.copy_df = 0,
 291                 .options.dec_ttl = 0,
 292                 .options.ecn = 0,
 293                 .options.stats = 0,
 294                 .options.tunnel_hdr_verify = 0,
 295                 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
 296                 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
 297                 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
 298                 .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
 299                 .replay_win_sz = 0,
 300         },
 301
 302         .aead = true,
 303
 304         .xform = {
 305                 .aead = {
 306                         .next = NULL,
 307                         .type = RTE_CRYPTO_SYM_XFORM_AEAD,
 308                         .aead = {
 309                                 .op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
 310                                 .algo = RTE_CRYPTO_AEAD_AES_GCM,
 311                                 .key.length = 32,
 312                                 .iv.length = 12,
 313                                 .iv.offset = IV_OFFSET,
 314                                 .digest_length = 16,
 315                                 .aad_length = 12,
 316                         },
 317                 },
 318         },
 319 };
 320
 321 #endif /* TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_ */