X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;ds=sidebyside;f=app%2Ftest%2Ftest_cryptodev_security_ipsec.h;h=7529d2ae50c5b2a7661f6cc7b52eb28452d2aff7;hb=ecdc927b99f2bdf3e5951998c7fda9726071bc38;hp=134fc3aa1c141a408e2afc37c93d5e716a3cfff1;hpb=0f4531903acb42d894ff5bd4373a222400837315;p=dpdk.git

diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h
index 134fc3aa1c..7529d2ae50 100644
--- a/app/test/test_cryptodev_security_ipsec.h
+++ b/app/test/test_cryptodev_security_ipsec.h
@@ -14,6 +14,9 @@ struct ipsec_test_data {
 	struct {
 		uint8_t data[32];
 	} key;
+	struct {
+		uint8_t data[64];
+	} auth_key;
 
 	struct {
 		uint8_t data[1024];
@@ -37,6 +40,8 @@ struct ipsec_test_data {
 	struct rte_security_ipsec_xform ipsec_xform;
 
 	bool aead;
+	/* Antireplay packet */
+	bool ar_packet;
 
 	union {
 		struct {
@@ -47,9 +52,42 @@ struct ipsec_test_data {
 	} xform;
 };
 
+enum df_flags {
+	TEST_IPSEC_COPY_DF_INNER_0 = 1,
+	TEST_IPSEC_COPY_DF_INNER_1,
+	TEST_IPSEC_SET_DF_0_INNER_1,
+	TEST_IPSEC_SET_DF_1_INNER_0,
+};
+
+#define TEST_IPSEC_DSCP_VAL 0x12
+
+enum dscp_flags {
+	TEST_IPSEC_COPY_DSCP_INNER_0 = 1,
+	TEST_IPSEC_COPY_DSCP_INNER_1,
+	TEST_IPSEC_SET_DSCP_0_INNER_1,
+	TEST_IPSEC_SET_DSCP_1_INNER_0,
+};
+
 struct ipsec_test_flags {
 	bool display_alg;
+	bool sa_expiry_pkts_soft;
+	bool sa_expiry_pkts_hard;
 	bool icv_corrupt;
+	bool iv_gen;
+	uint32_t tunnel_hdr_verify;
+	bool udp_encap;
+	bool udp_ports_verify;
+	bool ip_csum;
+	bool l4_csum;
+	bool ipv6;
+	bool tunnel_ipv6;
+	bool transport;
+	bool fragment;
+	bool stats_success;
+	bool antireplay;
+	enum df_flags df;
+	enum dscp_flags dscp;
+	bool dec_ttl_or_hop_limit;
 };
 
 struct crypto_param {
@@ -60,6 +98,8 @@ struct crypto_param {
 		enum rte_crypto_aead_algorithm aead;
 	} alg;
 	uint16_t key_length;
+	uint16_t iv_length;
+	uint16_t digest_length;
 };
 
 static const struct crypto_param aead_list[] = {
@@ -80,6 +120,86 @@ static const struct crypto_param aead_list[] = {
 	},
 };
 
+static const struct crypto_param cipher_list[] = {
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+		.alg.cipher =  RTE_CRYPTO_CIPHER_NULL,
+		.key_length = 0,
+		.iv_length = 0,
+	},
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+		.alg.cipher =  RTE_CRYPTO_CIPHER_AES_CBC,
+		.key_length = 16,
+		.iv_length = 16,
+	},
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+		.alg.cipher =  RTE_CRYPTO_CIPHER_AES_CTR,
+		.key_length = 16,
+		.iv_length = 16,
+	},
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+		.alg.cipher =  RTE_CRYPTO_CIPHER_AES_CTR,
+		.key_length = 24,
+		.iv_length = 16,
+	},
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+		.alg.cipher =  RTE_CRYPTO_CIPHER_AES_CTR,
+		.key_length = 32,
+		.iv_length = 16,
+	},
+};
+
+static const struct crypto_param auth_list[] = {
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_AUTH,
+		.alg.auth =  RTE_CRYPTO_AUTH_NULL,
+	},
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_AUTH,
+		.alg.auth =  RTE_CRYPTO_AUTH_SHA256_HMAC,
+		.key_length = 32,
+		.digest_length = 16,
+	},
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_AUTH,
+		.alg.auth =  RTE_CRYPTO_AUTH_SHA384_HMAC,
+		.key_length = 48,
+		.digest_length = 24,
+	},
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_AUTH,
+		.alg.auth =  RTE_CRYPTO_AUTH_SHA512_HMAC,
+		.key_length = 64,
+		.digest_length = 32,
+	},
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_AUTH,
+		.alg.auth =  RTE_CRYPTO_AUTH_AES_XCBC_MAC,
+		.key_length = 16,
+		.digest_length = 12,
+	},
+};
+
+struct crypto_param_comb {
+	const struct crypto_param *param1;
+	const struct crypto_param *param2;
+};
+
+extern struct ipsec_test_data pkt_aes_256_gcm;
+extern struct ipsec_test_data pkt_aes_256_gcm_v6;
+extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256;
+extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256_v6;
+
+extern struct crypto_param_comb alg_list[RTE_DIM(aead_list) +
+					 (RTE_DIM(cipher_list) *
+					  RTE_DIM(auth_list))];
+
+void test_ipsec_alg_list_populate(void);
+
 int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
 			       const struct rte_security_capability *sec_cap,
 			       bool silent);
@@ -88,6 +208,14 @@ int test_ipsec_crypto_caps_aead_verify(
 		const struct rte_security_capability *sec_cap,
 		struct rte_crypto_sym_xform *aead);
 
+int test_ipsec_crypto_caps_cipher_verify(
+		const struct rte_security_capability *sec_cap,
+		struct rte_crypto_sym_xform *cipher);
+
+int test_ipsec_crypto_caps_auth_verify(
+		const struct rte_security_capability *sec_cap,
+		struct rte_crypto_sym_xform *auth);
+
 void test_ipsec_td_in_from_out(const struct ipsec_test_data *td_out,
 			       struct ipsec_test_data *td_in);
 
@@ -110,8 +238,17 @@ int test_ipsec_post_process(struct rte_mbuf *m,
 			    struct ipsec_test_data *res_d, bool silent,
 			    const struct ipsec_test_flags *flags);
 
-int test_ipsec_status_check(struct rte_crypto_op *op,
+int test_ipsec_status_check(const struct ipsec_test_data *td,
+			    struct rte_crypto_op *op,
+			    const struct ipsec_test_flags *flags,
+			    enum rte_security_ipsec_sa_direction dir,
+			    int pkt_num);
+
+int test_ipsec_stats_verify(struct rte_security_ctx *ctx,
+			    struct rte_security_session *sess,
 			    const struct ipsec_test_flags *flags,
 			    enum rte_security_ipsec_sa_direction dir);
 
+int test_ipsec_pkt_update(uint8_t *pkt, const struct ipsec_test_flags *flags);
+
 #endif