X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=app%2Ftest%2Ftest_cryptodev.c;h=4ffaadc008dc4f06d9275c5841d91fe98031651e;hb=e6d37ffa69ac7fb4eec9580af5b005e6c130b79d;hp=1d4c46f08839049be9963b4bd7da11dc14bce5a7;hpb=e7794508aef926a9e6528b6c7cc8df731a92ca43;p=dpdk.git diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 1d4c46f088..4ffaadc008 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -3,6 +3,8 @@ * Copyright 2020 NXP */ +#ifndef RTE_EXEC_ENV_WINDOWS + #include #include @@ -16,10 +18,12 @@ #include #include -#include +#include #include +#include +#include -#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER +#ifdef RTE_CRYPTO_SCHEDULER #include #include #endif @@ -41,7 +45,9 @@ #include "test_cryptodev_aead_test_vectors.h" #include "test_cryptodev_hmac_test_vectors.h" #include "test_cryptodev_mixed_test_vectors.h" -#ifdef RTE_LIBRTE_SECURITY +#ifdef RTE_LIB_SECURITY +#include "test_cryptodev_security_ipsec.h" +#include "test_cryptodev_security_ipsec_test_vectors.h" #include "test_cryptodev_security_pdcp_test_vectors.h" #include "test_cryptodev_security_pdcp_sdap_test_vectors.h" #include "test_cryptodev_security_pdcp_test_func.h" @@ -61,10 +67,6 @@ #define IN_PLACE 0 #define OUT_OF_PLACE 1 -#ifndef ARRAY_SIZE -#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0])) -#endif - static int gbl_driver_id; static enum rte_security_session_action_type gbl_action_type = @@ -72,34 +74,21 @@ static enum rte_security_session_action_type gbl_action_type = enum cryptodev_api_test_type global_api_test_type = CRYPTODEV_API_TEST; -struct crypto_testsuite_params { - struct rte_mempool *mbuf_pool; - struct rte_mempool *large_mbuf_pool; - struct rte_mempool *op_mpool; - struct rte_mempool *session_mpool; - struct rte_mempool *session_priv_mpool; - struct rte_cryptodev_config conf; - struct rte_cryptodev_qp_conf qp_conf; - - uint8_t valid_devs[RTE_CRYPTO_MAX_DEVS]; - uint8_t valid_dev_count; -}; - struct crypto_unittest_params { struct rte_crypto_sym_xform cipher_xform; struct rte_crypto_sym_xform auth_xform; struct rte_crypto_sym_xform aead_xform; -#ifdef RTE_LIBRTE_SECURITY +#ifdef RTE_LIB_SECURITY struct rte_security_docsis_xform docsis_xform; #endif union { struct rte_cryptodev_sym_session *sess; -#ifdef RTE_LIBRTE_SECURITY +#ifdef RTE_LIB_SECURITY struct rte_security_session *sec_session; #endif }; -#ifdef RTE_LIBRTE_SECURITY +#ifdef RTE_LIB_SECURITY enum rte_security_session_action_type type; #endif struct rte_crypto_op *op; @@ -112,6 +101,19 @@ struct crypto_unittest_params { #define ALIGN_POW2_ROUNDUP(num, align) \ (((num) + (align) - 1) & ~((align) - 1)) +#define ADD_STATIC_TESTSUITE(index, parent_ts, child_ts, num_child_ts) \ + for (j = 0; j < num_child_ts; index++, j++) \ + parent_ts.unit_test_suites[index] = child_ts[j] + +#define ADD_BLOCKCIPHER_TESTSUITE(index, parent_ts, blk_types, num_blk_types) \ + for (j = 0; j < num_blk_types; index++, j++) \ + parent_ts.unit_test_suites[index] = \ + build_blockcipher_test_suite(blk_types[j]) + +#define FREE_BLOCKCIPHER_TESTSUITE(index, parent_ts, num_blk_types) \ + for (j = index; j < index + num_blk_types; j++) \ + free_blockcipher_test_suite(parent_ts.unit_test_suites[j]) + /* * Forward declarations. */ @@ -128,6 +130,13 @@ test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess, const uint8_t *digest, const uint8_t *iv); +static int +security_proto_supported(enum rte_security_session_action_type action, + enum rte_security_session_protocol proto); + +static int +dev_configure_and_start(uint64_t ff_disable); + static struct rte_mbuf * setup_test_string(struct rte_mempool *mpool, const char *string, size_t len, uint8_t blocksize) @@ -135,10 +144,11 @@ setup_test_string(struct rte_mempool *mpool, struct rte_mbuf *m = rte_pktmbuf_alloc(mpool); size_t t_len = len - (blocksize ? (len % blocksize) : 0); - memset(m->buf_addr, 0, m->buf_len); if (m) { - char *dst = rte_pktmbuf_append(m, t_len); + char *dst; + memset(m->buf_addr, 0, m->buf_len); + dst = rte_pktmbuf_append(m, t_len); if (!dst) { rte_pktmbuf_free(m); return NULL; @@ -162,12 +172,6 @@ ceil_byte_length(uint32_t num_bits) return (num_bits >> 3); } -static uint32_t -get_raw_dp_dequeue_count(void *user_data __rte_unused) -{ - return 1; -} - static void post_process_raw_dp_op(void *user_data, uint32_t index __rte_unused, uint8_t is_op_success) @@ -177,6 +181,10 @@ post_process_raw_dp_op(void *user_data, uint32_t index __rte_unused, RTE_CRYPTO_OP_STATUS_ERROR; } +static struct crypto_testsuite_params testsuite_params = { NULL }; +struct crypto_testsuite_params *p_testsuite_params = &testsuite_params; +static struct crypto_unittest_params unittest_params; + void process_sym_raw_dp_op(uint8_t dev_id, uint16_t qp_id, struct rte_crypto_op *op, uint8_t is_cipher, uint8_t is_auth, @@ -184,13 +192,14 @@ process_sym_raw_dp_op(uint8_t dev_id, uint16_t qp_id, { struct rte_crypto_sym_op *sop = op->sym; struct rte_crypto_op *ret_op = NULL; - struct rte_crypto_vec data_vec[UINT8_MAX]; + struct rte_crypto_vec data_vec[UINT8_MAX], dest_data_vec[UINT8_MAX]; struct rte_crypto_va_iova_ptr cipher_iv, digest, aad_auth_iv; union rte_crypto_sym_ofs ofs; struct rte_crypto_sym_vec vec; - struct rte_crypto_sgl sgl; + struct rte_crypto_sgl sgl, dest_sgl; uint32_t max_len; union rte_cryptodev_session_ctx sess; + uint64_t auth_end_iova; uint32_t count = 0; struct rte_crypto_raw_dp_ctx *ctx; uint32_t cipher_offset = 0, cipher_len = 0, auth_offset = 0, @@ -200,6 +209,9 @@ process_sym_raw_dp_op(uint8_t dev_id, uint16_t qp_id, int ctx_service_size; int32_t status = 0; int enqueue_status, dequeue_status; + struct crypto_unittest_params *ut_params = &unittest_params; + int is_sgl = sop->m_src->nb_segs > 1; + int is_oop = 0; ctx_service_size = rte_cryptodev_get_raw_dp_ctx_size(dev_id); if (ctx_service_size < 0) { @@ -230,7 +242,7 @@ process_sym_raw_dp_op(uint8_t dev_id, uint16_t qp_id, digest.va = NULL; sgl.vec = data_vec; vec.num = 1; - vec.sgl = &sgl; + vec.src_sgl = &sgl; vec.iv = &cipher_iv; vec.digest = &digest; vec.aad = &aad_auth_iv; @@ -238,6 +250,9 @@ process_sym_raw_dp_op(uint8_t dev_id, uint16_t qp_id, ofs.raw = 0; + if ((sop->m_dst != NULL) && (sop->m_dst != sop->m_src)) + is_oop = 1; + if (is_cipher && is_auth) { cipher_offset = sop->cipher.data.offset; cipher_len = sop->cipher.data.length; @@ -265,6 +280,31 @@ process_sym_raw_dp_op(uint8_t dev_id, uint16_t qp_id, digest.va = (void *)sop->auth.digest.data; digest.iova = sop->auth.digest.phys_addr; + if (is_sgl) { + uint32_t remaining_off = auth_offset + auth_len; + struct rte_mbuf *sgl_buf = sop->m_src; + if (is_oop) + sgl_buf = sop->m_dst; + + while (remaining_off >= rte_pktmbuf_data_len(sgl_buf) + && sgl_buf->next != NULL) { + remaining_off -= rte_pktmbuf_data_len(sgl_buf); + sgl_buf = sgl_buf->next; + } + + auth_end_iova = (uint64_t)rte_pktmbuf_iova_offset( + sgl_buf, remaining_off); + } else { + auth_end_iova = rte_pktmbuf_iova(op->sym->m_src) + + auth_offset + auth_len; + } + /* Then check if digest-encrypted conditions are met */ + if ((auth_offset + auth_len < cipher_offset + cipher_len) && + (digest.iova == auth_end_iova) && is_sgl) + max_len = RTE_MAX(max_len, + auth_offset + auth_len + + ut_params->auth_xform.auth.digest_length); + } else if (is_cipher) { cipher_offset = sop->cipher.data.offset; cipher_len = sop->cipher.data.length; @@ -324,6 +364,19 @@ process_sym_raw_dp_op(uint8_t dev_id, uint16_t qp_id, } sgl.num = n; + /* Out of place */ + if (is_oop) { + dest_sgl.vec = dest_data_vec; + vec.dest_sgl = &dest_sgl; + n = rte_crypto_mbuf_to_vec(sop->m_dst, 0, max_len, + dest_data_vec, RTE_DIM(dest_data_vec)); + if (n < 0 || n > sop->m_dst->nb_segs) { + op->status = RTE_CRYPTO_OP_STATUS_ERROR; + goto exit; + } + dest_sgl.num = n; + } else + vec.dest_sgl = NULL; if (rte_cryptodev_raw_enqueue_burst(ctx, &vec, ofs, (void **)&op, &enqueue_status) < 1) { @@ -345,7 +398,7 @@ process_sym_raw_dp_op(uint8_t dev_id, uint16_t qp_id, n = n_success = 0; while (count++ < MAX_RAW_DEQUEUE_COUNT && n == 0) { n = rte_cryptodev_raw_dequeue_burst(ctx, - get_raw_dp_dequeue_count, post_process_raw_dp_op, + NULL, 1, post_process_raw_dp_op, (void **)&ret_op, 0, &n_success, &dequeue_status); if (dequeue_status < 0) { @@ -364,6 +417,7 @@ process_sym_raw_dp_op(uint8_t dev_id, uint16_t qp_id, } op->status = (count == MAX_RAW_DEQUEUE_COUNT + 1 || ret_op != op || + ret_op->status == RTE_CRYPTO_OP_STATUS_ERROR || n_success < 1) ? RTE_CRYPTO_OP_STATUS_ERROR : RTE_CRYPTO_OP_STATUS_SUCCESS; @@ -394,7 +448,7 @@ process_cpu_aead_op(uint8_t dev_id, struct rte_crypto_op *op) sgl.vec = vec; sgl.num = n; - symvec.sgl = &sgl; + symvec.src_sgl = &sgl; symvec.iv = &iv_ptr; symvec.digest = &digest_ptr; symvec.aad = &aad_ptr; @@ -440,7 +494,7 @@ process_cpu_crypt_auth_op(uint8_t dev_id, struct rte_crypto_op *op) sgl.vec = vec; sgl.num = n; - symvec.sgl = &sgl; + symvec.src_sgl = &sgl; symvec.iv = &iv_ptr; symvec.digest = &digest_ptr; symvec.status = &st; @@ -487,16 +541,12 @@ process_crypto_request(uint8_t dev_id, struct rte_crypto_op *op) return op; } -static struct crypto_testsuite_params testsuite_params = { NULL }; -static struct crypto_unittest_params unittest_params; - static int testsuite_setup(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct rte_cryptodev_info info; uint32_t i = 0, nb_devs, dev_id; - int ret; uint16_t qp_id; memset(ts_params, 0, sizeof(*ts_params)); @@ -542,223 +592,18 @@ testsuite_setup(void) return TEST_FAILED; } - /* Create an AESNI MB device if required */ - if (gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD))) { - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD))); - if (nb_devs < 1) { - ret = rte_vdev_init( - RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD), NULL); - - TEST_ASSERT(ret == 0, - "Failed to create instance of" - " pmd : %s", - RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)); - } - } - - /* Create an AESNI GCM device if required */ - if (gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD))) { - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD))); - if (nb_devs < 1) { - TEST_ASSERT_SUCCESS(rte_vdev_init( - RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD), NULL), - "Failed to create instance of" - " pmd : %s", - RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD)); - } - } - - /* Create a SNOW 3G device if required */ - if (gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_SNOW3G_PMD))) { - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_SNOW3G_PMD))); - if (nb_devs < 1) { - TEST_ASSERT_SUCCESS(rte_vdev_init( - RTE_STR(CRYPTODEV_NAME_SNOW3G_PMD), NULL), - "Failed to create instance of" - " pmd : %s", - RTE_STR(CRYPTODEV_NAME_SNOW3G_PMD)); - } - } - - /* Create a KASUMI device if required */ - if (gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_KASUMI_PMD))) { - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_KASUMI_PMD))); - if (nb_devs < 1) { - TEST_ASSERT_SUCCESS(rte_vdev_init( - RTE_STR(CRYPTODEV_NAME_KASUMI_PMD), NULL), - "Failed to create instance of" - " pmd : %s", - RTE_STR(CRYPTODEV_NAME_KASUMI_PMD)); - } - } - - /* Create a ZUC device if required */ - if (gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_ZUC_PMD))) { - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_ZUC_PMD))); - if (nb_devs < 1) { - TEST_ASSERT_SUCCESS(rte_vdev_init( - RTE_STR(CRYPTODEV_NAME_ZUC_PMD), NULL), - "Failed to create instance of" - " pmd : %s", - RTE_STR(CRYPTODEV_NAME_ZUC_PMD)); - } - } - - /* Create a NULL device if required */ - if (gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_NULL_PMD))) { - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_NULL_PMD))); - if (nb_devs < 1) { - ret = rte_vdev_init( - RTE_STR(CRYPTODEV_NAME_NULL_PMD), NULL); - - TEST_ASSERT(ret == 0, - "Failed to create instance of" - " pmd : %s", - RTE_STR(CRYPTODEV_NAME_NULL_PMD)); - } - } - - /* Create an OPENSSL device if required */ - if (gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD))) { - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD))); - if (nb_devs < 1) { - ret = rte_vdev_init( - RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD), - NULL); - - TEST_ASSERT(ret == 0, "Failed to create " - "instance of pmd : %s", - RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD)); - } - } - - /* Create a ARMv8 device if required */ - if (gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_ARMV8_PMD))) { - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_ARMV8_PMD))); - if (nb_devs < 1) { - ret = rte_vdev_init( - RTE_STR(CRYPTODEV_NAME_ARMV8_PMD), - NULL); - - TEST_ASSERT(ret == 0, "Failed to create " - "instance of pmd : %s", - RTE_STR(CRYPTODEV_NAME_ARMV8_PMD)); - } - } - - /* Create a MVSAM device if required */ - if (gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_MVSAM_PMD))) { - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_MVSAM_PMD))); - if (nb_devs < 1) { - ret = rte_vdev_init( - RTE_STR(CRYPTODEV_NAME_MVSAM_PMD), - NULL); - - TEST_ASSERT(ret == 0, "Failed to create " - "instance of pmd : %s", - RTE_STR(CRYPTODEV_NAME_MVSAM_PMD)); - } - } - - /* Create an CCP device if required */ - if (gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_CCP_PMD))) { - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_CCP_PMD))); - if (nb_devs < 1) { - ret = rte_vdev_init( - RTE_STR(CRYPTODEV_NAME_CCP_PMD), - NULL); - - TEST_ASSERT(ret == 0, "Failed to create " - "instance of pmd : %s", - RTE_STR(CRYPTODEV_NAME_CCP_PMD)); - } - } - -#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER - char vdev_args[VDEV_ARGS_SIZE] = {""}; - char temp_str[VDEV_ARGS_SIZE] = {"mode=multi-core," - "ordering=enable,name=cryptodev_test_scheduler,corelist="}; - uint16_t worker_core_count = 0; - uint16_t socket_id = 0; - - if (gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD))) { - - /* Identify the Worker Cores - * Use 2 worker cores for the device args - */ - RTE_LCORE_FOREACH_SLAVE(i) { - if (worker_core_count > 1) - break; - snprintf(vdev_args, sizeof(vdev_args), - "%s%d", temp_str, i); - strcpy(temp_str, vdev_args); - strlcat(temp_str, ";", sizeof(temp_str)); - worker_core_count++; - socket_id = rte_lcore_to_socket_id(i); - } - if (worker_core_count != 2) { - RTE_LOG(ERR, USER1, - "Cryptodev scheduler test require at least " - "two worker cores to run. " - "Please use the correct coremask.\n"); - return TEST_FAILED; - } - strcpy(temp_str, vdev_args); - snprintf(vdev_args, sizeof(vdev_args), "%s,socket_id=%d", - temp_str, socket_id); - RTE_LOG(DEBUG, USER1, "vdev_args: %s\n", vdev_args); - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD))); - if (nb_devs < 1) { - ret = rte_vdev_init( - RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD), - vdev_args); - TEST_ASSERT(ret == 0, - "Failed to create instance %u of" - " pmd : %s", - i, RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD)); - } - } -#endif /* RTE_LIBRTE_PMD_CRYPTO_SCHEDULER */ - nb_devs = rte_cryptodev_count(); if (nb_devs < 1) { RTE_LOG(WARNING, USER1, "No crypto devices found?\n"); return TEST_SKIPPED; } + if (rte_cryptodev_device_count_by_driver(gbl_driver_id) < 1) { + RTE_LOG(WARNING, USER1, "No %s devices found?\n", + rte_cryptodev_driver_name_get(gbl_driver_id)); + return TEST_SKIPPED; + } + /* Create list of valid crypto devs */ for (i = 0; i < nb_devs; i++) { rte_cryptodev_info_get(i, &info); @@ -782,9 +627,15 @@ testsuite_setup(void) unsigned int session_size = rte_cryptodev_sym_get_private_session_size(dev_id); +#ifdef RTE_LIB_SECURITY + unsigned int security_session_size = rte_security_session_get_size( + rte_cryptodev_get_sec_ctx(dev_id)); + + if (session_size < security_session_size) + session_size = security_session_size; +#endif /* - * Create mempool with maximum number of sessions * 2, - * to include the session headers + * Create mempool with maximum number of sessions. */ if (info.sym.max_nb_sessions != 0 && info.sym.max_nb_sessions < MAX_NB_SESSIONS) { @@ -836,6 +687,7 @@ static void testsuite_teardown(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; + int res; if (ts_params->mbuf_pool != NULL) { RTE_LOG(DEBUG, USER1, "CRYPTO_MBUFPOOL count %u\n", @@ -857,541 +709,1194 @@ testsuite_teardown(void) rte_mempool_free(ts_params->session_mpool); ts_params->session_mpool = NULL; } + + res = rte_cryptodev_close(ts_params->valid_devs[0]); + if (res) + RTE_LOG(ERR, USER1, "Crypto device close error %d\n", res); } static int -dev_configure_and_start(uint64_t ff_disable) +check_capabilities_supported(enum rte_crypto_sym_xform_type type, + const int *algs, uint16_t num_algs) { - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; - - uint16_t qp_id; - - /* Clear unit test parameters before running test */ - memset(ut_params, 0, sizeof(*ut_params)); - - /* Reconfigure device to default parameters */ - ts_params->conf.socket_id = SOCKET_ID_ANY; - ts_params->conf.ff_disable = ff_disable; - ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT; - ts_params->qp_conf.mp_session = ts_params->session_mpool; - ts_params->qp_conf.mp_session_private = ts_params->session_priv_mpool; - - TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0], - &ts_params->conf), - "Failed to configure cryptodev %u", - ts_params->valid_devs[0]); + uint8_t dev_id = testsuite_params.valid_devs[0]; + bool some_alg_supported = FALSE; + uint16_t i; - for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs ; qp_id++) { - TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( - ts_params->valid_devs[0], qp_id, - &ts_params->qp_conf, - rte_cryptodev_socket_id(ts_params->valid_devs[0])), - "Failed to setup queue pair %u on cryptodev %u", - qp_id, ts_params->valid_devs[0]); + for (i = 0; i < num_algs && !some_alg_supported; i++) { + struct rte_cryptodev_sym_capability_idx alg = { + type, {algs[i]} + }; + if (rte_cryptodev_sym_capability_get(dev_id, + &alg) != NULL) + some_alg_supported = TRUE; } + if (!some_alg_supported) + return TEST_SKIPPED; + return 0; +} - rte_cryptodev_stats_reset(ts_params->valid_devs[0]); +int +check_cipher_capabilities_supported(const enum rte_crypto_cipher_algorithm *ciphers, + uint16_t num_ciphers) +{ + return check_capabilities_supported(RTE_CRYPTO_SYM_XFORM_CIPHER, + (const int *) ciphers, num_ciphers); +} - /* Start the device */ - TEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_devs[0]), - "Failed to start cryptodev %u", - ts_params->valid_devs[0]); +int +check_auth_capabilities_supported(const enum rte_crypto_auth_algorithm *auths, + uint16_t num_auths) +{ + return check_capabilities_supported(RTE_CRYPTO_SYM_XFORM_AUTH, + (const int *) auths, num_auths); +} - return TEST_SUCCESS; +int +check_aead_capabilities_supported(const enum rte_crypto_aead_algorithm *aeads, + uint16_t num_aeads) +{ + return check_capabilities_supported(RTE_CRYPTO_SYM_XFORM_AEAD, + (const int *) aeads, num_aeads); } static int -ut_setup(void) +null_testsuite_setup(void) { - /* Configure and start the device with security feature disabled */ - return dev_configure_and_start(RTE_CRYPTODEV_FF_SECURITY); + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_cipher_algorithm ciphers[] = { + RTE_CRYPTO_CIPHER_NULL + }; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_NULL + }; + + rte_cryptodev_info_get(dev_id, &dev_info); + + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO)) { + RTE_LOG(INFO, USER1, "Feature flag requirements for NULL " + "testsuite not met\n"); + return TEST_SKIPPED; + } + + if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0 + && check_auth_capabilities_supported(auths, + RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for NULL " + "testsuite not met\n"); + return TEST_SKIPPED; + } + + return 0; } static int -ut_setup_security(void) +crypto_gen_testsuite_setup(void) { - /* Configure and start the device with no features disabled */ - return dev_configure_and_start(0); + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + + rte_cryptodev_info_get(dev_id, &dev_info); + + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO)) { + RTE_LOG(INFO, USER1, "Feature flag requirements for Crypto Gen " + "testsuite not met\n"); + return TEST_SKIPPED; + } + + return 0; } -static void -ut_teardown(void) +#ifdef RTE_LIB_SECURITY +static int +ipsec_proto_testsuite_setup(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - struct rte_cryptodev_stats stats; + struct rte_cryptodev_info dev_info; + int ret = 0; - /* free crypto session structure */ -#ifdef RTE_LIBRTE_SECURITY - if (ut_params->type == RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) { - if (ut_params->sec_session) { - rte_security_session_destroy(rte_cryptodev_get_sec_ctx - (ts_params->valid_devs[0]), - ut_params->sec_session); - ut_params->sec_session = NULL; - } - } else -#endif - { - if (ut_params->sess) { - rte_cryptodev_sym_session_clear( - ts_params->valid_devs[0], - ut_params->sess); - rte_cryptodev_sym_session_free(ut_params->sess); - ut_params->sess = NULL; - } + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SECURITY)) { + RTE_LOG(INFO, USER1, "Feature flag requirements for IPsec Proto " + "testsuite not met\n"); + return TEST_SKIPPED; } - /* free crypto operation structure */ - if (ut_params->op) - rte_crypto_op_free(ut_params->op); + /* Reconfigure to enable security */ + ret = dev_configure_and_start(0); + if (ret != TEST_SUCCESS) + return ret; - /* - * free mbuf - both obuf and ibuf are usually the same, - * so check if they point at the same address is necessary, - * to avoid freeing the mbuf twice. - */ - if (ut_params->obuf) { - rte_pktmbuf_free(ut_params->obuf); - if (ut_params->ibuf == ut_params->obuf) - ut_params->ibuf = 0; - ut_params->obuf = 0; - } - if (ut_params->ibuf) { - rte_pktmbuf_free(ut_params->ibuf); - ut_params->ibuf = 0; + /* Set action type */ + ut_params->type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL; + + if (security_proto_supported( + RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL, + RTE_SECURITY_PROTOCOL_IPSEC) < 0) { + RTE_LOG(INFO, USER1, "Capability requirements for IPsec Proto " + "test not met\n"); + ret = TEST_SKIPPED; } - if (ts_params->mbuf_pool != NULL) - RTE_LOG(DEBUG, USER1, "CRYPTO_MBUFPOOL count %u\n", - rte_mempool_avail_count(ts_params->mbuf_pool)); - - rte_cryptodev_stats_get(ts_params->valid_devs[0], &stats); + test_ipsec_alg_list_populate(); + test_ipsec_ah_alg_list_populate(); - /* Stop the device */ + /* + * Stop the device. Device would be started again by individual test + * case setup routine. + */ rte_cryptodev_stop(ts_params->valid_devs[0]); + + return ret; } static int -test_device_configure_invalid_dev_id(void) +pdcp_proto_testsuite_setup(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; - uint16_t dev_id, num_devs = 0; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_cipher_algorithm ciphers[] = { + RTE_CRYPTO_CIPHER_NULL, + RTE_CRYPTO_CIPHER_AES_CTR, + RTE_CRYPTO_CIPHER_ZUC_EEA3, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2 + }; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_NULL, + RTE_CRYPTO_AUTH_SNOW3G_UIA2, + RTE_CRYPTO_AUTH_AES_CMAC, + RTE_CRYPTO_AUTH_ZUC_EIA3 + }; - TEST_ASSERT((num_devs = rte_cryptodev_count()) >= 1, - "Need at least %d devices for test", 1); + rte_cryptodev_info_get(dev_id, &dev_info); - /* valid dev_id values */ - dev_id = ts_params->valid_devs[0]; + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + !(dev_info.feature_flags & + RTE_CRYPTODEV_FF_SECURITY)) { + RTE_LOG(INFO, USER1, "Feature flag requirements for PDCP Proto " + "testsuite not met\n"); + return TEST_SKIPPED; + } - /* Stop the device in case it's started so it can be configured */ - rte_cryptodev_stop(dev_id); + if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0 + && check_auth_capabilities_supported(auths, + RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for PDCP Proto " + "testsuite not met\n"); + return TEST_SKIPPED; + } - TEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id, &ts_params->conf), - "Failed test for rte_cryptodev_configure: " - "invalid dev_num %u", dev_id); + return 0; +} - /* invalid dev_id values */ - dev_id = num_devs; +static int +docsis_proto_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_cipher_algorithm ciphers[] = { + RTE_CRYPTO_CIPHER_AES_DOCSISBPI + }; - TEST_ASSERT_FAIL(rte_cryptodev_configure(dev_id, &ts_params->conf), - "Failed test for rte_cryptodev_configure: " - "invalid dev_num %u", dev_id); + rte_cryptodev_info_get(dev_id, &dev_info); - dev_id = 0xff; + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + !(dev_info.feature_flags & + RTE_CRYPTODEV_FF_SECURITY)) { + RTE_LOG(INFO, USER1, "Feature flag requirements for DOCSIS " + "Proto testsuite not met\n"); + return TEST_SKIPPED; + } - TEST_ASSERT_FAIL(rte_cryptodev_configure(dev_id, &ts_params->conf), - "Failed test for rte_cryptodev_configure:" - "invalid dev_num %u", dev_id); + if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for DOCSIS Proto " + "testsuite not met\n"); + return TEST_SKIPPED; + } - return TEST_SUCCESS; + return 0; } +#endif static int -test_device_configure_invalid_queue_pair_ids(void) +aes_ccm_auth_testsuite_setup(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; - uint16_t orig_nb_qps = ts_params->conf.nb_queue_pairs; - - /* Stop the device in case it's started so it can be configured */ - rte_cryptodev_stop(ts_params->valid_devs[0]); - - /* valid - max value queue pairs */ - ts_params->conf.nb_queue_pairs = orig_nb_qps; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_aead_algorithm aeads[] = { + RTE_CRYPTO_AEAD_AES_CCM + }; - TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0], - &ts_params->conf), - "Failed to configure cryptodev: dev_id %u, qp_id %u", - ts_params->valid_devs[0], ts_params->conf.nb_queue_pairs); + rte_cryptodev_info_get(dev_id, &dev_info); - /* valid - one queue pairs */ - ts_params->conf.nb_queue_pairs = 1; + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + !(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + RTE_LOG(INFO, USER1, "Feature flag requirements for AES CCM " + "testsuite not met\n"); + return TEST_SKIPPED; + } - TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0], - &ts_params->conf), - "Failed to configure cryptodev: dev_id %u, qp_id %u", - ts_params->valid_devs[0], - ts_params->conf.nb_queue_pairs); + if (check_aead_capabilities_supported(aeads, RTE_DIM(aeads)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for AES CCM " + "testsuite not met\n"); + return TEST_SKIPPED; + } + return 0; +} - /* invalid - zero queue pairs */ - ts_params->conf.nb_queue_pairs = 0; +static int +aes_gcm_auth_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_aead_algorithm aeads[] = { + RTE_CRYPTO_AEAD_AES_GCM + }; - TEST_ASSERT_FAIL(rte_cryptodev_configure(ts_params->valid_devs[0], - &ts_params->conf), - "Failed test for rte_cryptodev_configure, dev_id %u," - " invalid qps: %u", - ts_params->valid_devs[0], - ts_params->conf.nb_queue_pairs); + rte_cryptodev_info_get(dev_id, &dev_info); + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO)) { + RTE_LOG(INFO, USER1, "Feature flag requirements for AES GCM " + "testsuite not met\n"); + return TEST_SKIPPED; + } - /* invalid - max value supported by field queue pairs */ - ts_params->conf.nb_queue_pairs = UINT16_MAX; + if (check_aead_capabilities_supported(aeads, RTE_DIM(aeads)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for AES GCM " + "testsuite not met\n"); + return TEST_SKIPPED; + } - TEST_ASSERT_FAIL(rte_cryptodev_configure(ts_params->valid_devs[0], - &ts_params->conf), - "Failed test for rte_cryptodev_configure, dev_id %u," - " invalid qps: %u", - ts_params->valid_devs[0], - ts_params->conf.nb_queue_pairs); + return 0; +} +static int +aes_gmac_auth_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_AES_GMAC + }; - /* invalid - max value + 1 queue pairs */ - ts_params->conf.nb_queue_pairs = orig_nb_qps + 1; + rte_cryptodev_info_get(dev_id, &dev_info); - TEST_ASSERT_FAIL(rte_cryptodev_configure(ts_params->valid_devs[0], - &ts_params->conf), - "Failed test for rte_cryptodev_configure, dev_id %u," - " invalid qps: %u", - ts_params->valid_devs[0], - ts_params->conf.nb_queue_pairs); + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + !(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + RTE_LOG(INFO, USER1, "Feature flag requirements for AES GMAC " + "testsuite not met\n"); + return TEST_SKIPPED; + } - /* revert to original testsuite value */ - ts_params->conf.nb_queue_pairs = orig_nb_qps; + if (check_auth_capabilities_supported(auths, RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for AES GMAC " + "testsuite not met\n"); + return TEST_SKIPPED; + } - return TEST_SUCCESS; + return 0; } static int -test_queue_pair_descriptor_setup(void) +chacha20_poly1305_testsuite_setup(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; - struct rte_cryptodev_qp_conf qp_conf = { - .nb_descriptors = MAX_NUM_OPS_INFLIGHT + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_aead_algorithm aeads[] = { + RTE_CRYPTO_AEAD_CHACHA20_POLY1305 }; - uint16_t qp_id; - /* Stop the device in case it's started so it can be configured */ - rte_cryptodev_stop(ts_params->valid_devs[0]); - - TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0], - &ts_params->conf), - "Failed to configure cryptodev %u", - ts_params->valid_devs[0]); + rte_cryptodev_info_get(dev_id, &dev_info); - /* - * Test various ring sizes on this device. memzones can't be - * freed so are re-used if ring is released and re-created. - */ - qp_conf.nb_descriptors = MIN_NUM_OPS_INFLIGHT; /* min size*/ - qp_conf.mp_session = ts_params->session_mpool; - qp_conf.mp_session_private = ts_params->session_priv_mpool; + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + !(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + RTE_LOG(INFO, USER1, "Feature flag requirements for " + "Chacha20-Poly1305 testsuite not met\n"); + return TEST_SKIPPED; + } - for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) { - TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( - ts_params->valid_devs[0], qp_id, &qp_conf, - rte_cryptodev_socket_id( - ts_params->valid_devs[0])), - "Failed test for " - "rte_cryptodev_queue_pair_setup: num_inflights " - "%u on qp %u on cryptodev %u", - qp_conf.nb_descriptors, qp_id, - ts_params->valid_devs[0]); + if (check_aead_capabilities_supported(aeads, RTE_DIM(aeads)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for " + "Chacha20-Poly1305 testsuite not met\n"); + return TEST_SKIPPED; } - qp_conf.nb_descriptors = (uint32_t)(MAX_NUM_OPS_INFLIGHT / 2); + return 0; +} - for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) { - TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( - ts_params->valid_devs[0], qp_id, &qp_conf, - rte_cryptodev_socket_id( - ts_params->valid_devs[0])), - "Failed test for" - " rte_cryptodev_queue_pair_setup: num_inflights" - " %u on qp %u on cryptodev %u", - qp_conf.nb_descriptors, qp_id, - ts_params->valid_devs[0]); - } +static int +snow3g_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_cipher_algorithm ciphers[] = { + RTE_CRYPTO_CIPHER_SNOW3G_UEA2 - qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT; /* valid */ + }; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_SNOW3G_UIA2 + }; - for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) { - TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( - ts_params->valid_devs[0], qp_id, &qp_conf, - rte_cryptodev_socket_id( - ts_params->valid_devs[0])), - "Failed test for " - "rte_cryptodev_queue_pair_setup: num_inflights" - " %u on qp %u on cryptodev %u", - qp_conf.nb_descriptors, qp_id, - ts_params->valid_devs[0]); - } + rte_cryptodev_info_get(dev_id, &dev_info); - qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT; + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO)) { + RTE_LOG(INFO, USER1, "Feature flag requirements for Snow3G " + "testsuite not met\n"); + return TEST_SKIPPED; + } - for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) { - TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( - ts_params->valid_devs[0], qp_id, &qp_conf, - rte_cryptodev_socket_id( - ts_params->valid_devs[0])), - "Failed test for" - " rte_cryptodev_queue_pair_setup:" - "num_inflights %u on qp %u on cryptodev %u", - qp_conf.nb_descriptors, qp_id, - ts_params->valid_devs[0]); + if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0 + && check_auth_capabilities_supported(auths, + RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for Snow3G " + "testsuite not met\n"); + return TEST_SKIPPED; } - /* test invalid queue pair id */ - qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT; /*valid */ + return 0; +} - qp_id = ts_params->conf.nb_queue_pairs; /*invalid */ +static int +zuc_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_cipher_algorithm ciphers[] = { + RTE_CRYPTO_CIPHER_ZUC_EEA3 + }; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_ZUC_EIA3 + }; - TEST_ASSERT_FAIL(rte_cryptodev_queue_pair_setup( - ts_params->valid_devs[0], - qp_id, &qp_conf, - rte_cryptodev_socket_id(ts_params->valid_devs[0])), - "Failed test for rte_cryptodev_queue_pair_setup:" - "invalid qp %u on cryptodev %u", - qp_id, ts_params->valid_devs[0]); + rte_cryptodev_info_get(dev_id, &dev_info); - qp_id = 0xffff; /*invalid*/ + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO)) { + RTE_LOG(INFO, USER1, "Feature flag requirements for ZUC " + "testsuite not met\n"); + return TEST_SKIPPED; + } - TEST_ASSERT_FAIL(rte_cryptodev_queue_pair_setup( - ts_params->valid_devs[0], - qp_id, &qp_conf, - rte_cryptodev_socket_id(ts_params->valid_devs[0])), - "Failed test for rte_cryptodev_queue_pair_setup:" - "invalid qp %u on cryptodev %u", - qp_id, ts_params->valid_devs[0]); + if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0 + && check_auth_capabilities_supported(auths, + RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for ZUC " + "testsuite not met\n"); + return TEST_SKIPPED; + } - return TEST_SUCCESS; + return 0; } -/* ***** Plaintext data for tests ***** */ +static int +hmac_md5_auth_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_MD5_HMAC + }; -const char catch_22_quote_1[] = - "There was only one catch and that was Catch-22, which " - "specified that a concern for one's safety in the face of " - "dangers that were real and immediate was the process of a " - "rational mind. Orr was crazy and could be grounded. All he " - "had to do was ask; and as soon as he did, he would no longer " - "be crazy and would have to fly more missions. Orr would be " - "crazy to fly more missions and sane if he didn't, but if he " - "was sane he had to fly them. If he flew them he was crazy " - "and didn't have to; but if he didn't want to he was sane and " - "had to. Yossarian was moved very deeply by the absolute " - "simplicity of this clause of Catch-22 and let out a " - "respectful whistle. \"That's some catch, that Catch-22\", he " - "observed. \"It's the best there is,\" Doc Daneeka agreed."; + rte_cryptodev_info_get(dev_id, &dev_info); -const char catch_22_quote[] = - "What a lousy earth! He wondered how many people were " - "destitute that same night even in his own prosperous country, " - "how many homes were shanties, how many husbands were drunk " - "and wives socked, and how many children were bullied, abused, " - "or abandoned. How many families hungered for food they could " - "not afford to buy? How many hearts were broken? How many " - "suicides would take place that same night, how many people " - "would go insane? How many cockroaches and landlords would " - "triumph? How many winners were losers, successes failures, " - "and rich men poor men? How many wise guys were stupid? How " - "many happy endings were unhappy endings? How many honest men " - "were liars, brave men cowards, loyal men traitors, how many " - "sainted men were corrupt, how many people in positions of " - "trust had sold their souls to bodyguards, how many had never " - "had souls? How many straight-and-narrow paths were crooked " - "paths? How many best families were worst families and how " - "many good people were bad people? When you added them all up " - "and then subtracted, you might be left with only the children, " - "and perhaps with Albert Einstein and an old violinist or " - "sculptor somewhere."; + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + !(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + RTE_LOG(INFO, USER1, "Feature flag requirements for HMAC MD5 " + "Auth testsuite not met\n"); + return TEST_SKIPPED; + } -#define QUOTE_480_BYTES (480) -#define QUOTE_512_BYTES (512) -#define QUOTE_768_BYTES (768) -#define QUOTE_1024_BYTES (1024) + if (check_auth_capabilities_supported(auths, RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for HMAC MD5 " + "testsuite not met\n"); + return TEST_SKIPPED; + } + return 0; +} +static int +kasumi_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_cipher_algorithm ciphers[] = { + RTE_CRYPTO_CIPHER_KASUMI_F8 + }; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_KASUMI_F9 + }; -/* ***** SHA1 Hash Tests ***** */ + rte_cryptodev_info_get(dev_id, &dev_info); -#define HMAC_KEY_LENGTH_SHA1 (DIGEST_BYTE_LENGTH_SHA1) + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + !(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + RTE_LOG(INFO, USER1, "Feature flag requirements for Kasumi " + "testsuite not met\n"); + return TEST_SKIPPED; + } -static uint8_t hmac_sha1_key[] = { - 0xF8, 0x2A, 0xC7, 0x54, 0xDB, 0x96, 0x18, 0xAA, - 0xC3, 0xA1, 0x53, 0xF6, 0x1F, 0x17, 0x60, 0xBD, - 0xDE, 0xF4, 0xDE, 0xAD }; + if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0 + && check_auth_capabilities_supported(auths, + RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for Kasumi " + "testsuite not met\n"); + return TEST_SKIPPED; + } -/* ***** SHA224 Hash Tests ***** */ + return 0; +} -#define HMAC_KEY_LENGTH_SHA224 (DIGEST_BYTE_LENGTH_SHA224) +static int +negative_aes_gcm_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_aead_algorithm aeads[] = { + RTE_CRYPTO_AEAD_AES_GCM + }; + rte_cryptodev_info_get(dev_id, &dev_info); -/* ***** AES-CBC Cipher Tests ***** */ + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + !(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + RTE_LOG(INFO, USER1, "Feature flag requirements for Negative " + "AES GCM testsuite not met\n"); + return TEST_SKIPPED; + } -#define CIPHER_KEY_LENGTH_AES_CBC (16) -#define CIPHER_IV_LENGTH_AES_CBC (CIPHER_KEY_LENGTH_AES_CBC) + if (check_aead_capabilities_supported(aeads, RTE_DIM(aeads)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for Negative " + "AES GCM testsuite not met\n"); + return TEST_SKIPPED; + } -static uint8_t aes_cbc_key[] = { - 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, - 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A }; + return 0; +} -static uint8_t aes_cbc_iv[] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; +static int +negative_aes_gmac_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_AES_GMAC + }; + rte_cryptodev_info_get(dev_id, &dev_info); -/* ***** AES-CBC / HMAC-SHA1 Hash Tests ***** */ + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + !(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + RTE_LOG(INFO, USER1, "Feature flag requirements for Negative " + "AES GMAC testsuite not met\n"); + return TEST_SKIPPED; + } -static const uint8_t catch_22_quote_2_512_bytes_AES_CBC_ciphertext[] = { - 0x8B, 0x4D, 0xDA, 0x1B, 0xCF, 0x04, 0xA0, 0x31, - 0xB4, 0xBF, 0xBD, 0x68, 0x43, 0x20, 0x7E, 0x76, - 0xB1, 0x96, 0x8B, 0xA2, 0x7C, 0xA2, 0x83, 0x9E, - 0x39, 0x5A, 0x2F, 0x7E, 0x92, 0xB4, 0x48, 0x1A, - 0x3F, 0x6B, 0x5D, 0xDF, 0x52, 0x85, 0x5F, 0x8E, - 0x42, 0x3C, 0xFB, 0xE9, 0x1A, 0x24, 0xD6, 0x08, - 0xDD, 0xFD, 0x16, 0xFB, 0xE9, 0x55, 0xEF, 0xF0, - 0xA0, 0x8D, 0x13, 0xAB, 0x81, 0xC6, 0x90, 0x01, - 0xB5, 0x18, 0x84, 0xB3, 0xF6, 0xE6, 0x11, 0x57, - 0xD6, 0x71, 0xC6, 0x3C, 0x3F, 0x2F, 0x33, 0xEE, - 0x24, 0x42, 0x6E, 0xAC, 0x0B, 0xCA, 0xEC, 0xF9, - 0x84, 0xF8, 0x22, 0xAA, 0x60, 0xF0, 0x32, 0xA9, - 0x75, 0x75, 0x3B, 0xCB, 0x70, 0x21, 0x0A, 0x8D, - 0x0F, 0xE0, 0xC4, 0x78, 0x2B, 0xF8, 0x97, 0xE3, - 0xE4, 0x26, 0x4B, 0x29, 0xDA, 0x88, 0xCD, 0x46, - 0xEC, 0xAA, 0xF9, 0x7F, 0xF1, 0x15, 0xEA, 0xC3, - 0x87, 0xE6, 0x31, 0xF2, 0xCF, 0xDE, 0x4D, 0x80, - 0x70, 0x91, 0x7E, 0x0C, 0xF7, 0x26, 0x3A, 0x92, - 0x4F, 0x18, 0x83, 0xC0, 0x8F, 0x59, 0x01, 0xA5, - 0x88, 0xD1, 0xDB, 0x26, 0x71, 0x27, 0x16, 0xF5, - 0xEE, 0x10, 0x82, 0xAC, 0x68, 0x26, 0x9B, 0xE2, - 0x6D, 0xD8, 0x9A, 0x80, 0xDF, 0x04, 0x31, 0xD5, - 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, - 0x58, 0x34, 0x85, 0x61, 0x1C, 0x42, 0x10, 0x76, - 0x73, 0x02, 0x42, 0xC9, 0x23, 0x18, 0x8E, 0xB4, - 0x6F, 0xB4, 0xA3, 0x54, 0x6E, 0x88, 0x3B, 0x62, - 0x7C, 0x02, 0x8D, 0x4C, 0x9F, 0xC8, 0x45, 0xF4, - 0xC9, 0xDE, 0x4F, 0xEB, 0x22, 0x83, 0x1B, 0xE4, - 0x49, 0x37, 0xE4, 0xAD, 0xE7, 0xCD, 0x21, 0x54, - 0xBC, 0x1C, 0xC2, 0x04, 0x97, 0xB4, 0x10, 0x61, - 0xF0, 0xE4, 0xEF, 0x27, 0x63, 0x3A, 0xDA, 0x91, - 0x41, 0x25, 0x62, 0x1C, 0x5C, 0xB6, 0x38, 0x4A, - 0x88, 0x71, 0x59, 0x5A, 0x8D, 0xA0, 0x09, 0xAF, - 0x72, 0x94, 0xD7, 0x79, 0x5C, 0x60, 0x7C, 0x8F, - 0x4C, 0xF5, 0xD9, 0xA1, 0x39, 0x6D, 0x81, 0x28, - 0xEF, 0x13, 0x28, 0xDF, 0xF5, 0x3E, 0xF7, 0x8E, - 0x09, 0x9C, 0x78, 0x18, 0x79, 0xB8, 0x68, 0xD7, - 0xA8, 0x29, 0x62, 0xAD, 0xDE, 0xE1, 0x61, 0x76, - 0x1B, 0x05, 0x16, 0xCD, 0xBF, 0x02, 0x8E, 0xA6, - 0x43, 0x6E, 0x92, 0x55, 0x4F, 0x60, 0x9C, 0x03, - 0xB8, 0x4F, 0xA3, 0x02, 0xAC, 0xA8, 0xA7, 0x0C, - 0x1E, 0xB5, 0x6B, 0xF8, 0xC8, 0x4D, 0xDE, 0xD2, - 0xB0, 0x29, 0x6E, 0x40, 0xE6, 0xD6, 0xC9, 0xE6, - 0xB9, 0x0F, 0xB6, 0x63, 0xF5, 0xAA, 0x2B, 0x96, - 0xA7, 0x16, 0xAC, 0x4E, 0x0A, 0x33, 0x1C, 0xA6, - 0xE6, 0xBD, 0x8A, 0xCF, 0x40, 0xA9, 0xB2, 0xFA, - 0x63, 0x27, 0xFD, 0x9B, 0xD9, 0xFC, 0xD5, 0x87, - 0x8D, 0x4C, 0xB6, 0xA4, 0xCB, 0xE7, 0x74, 0x55, - 0xF4, 0xFB, 0x41, 0x25, 0xB5, 0x4B, 0x0A, 0x1B, - 0xB1, 0xD6, 0xB7, 0xD9, 0x47, 0x2A, 0xC3, 0x98, - 0x6A, 0xC4, 0x03, 0x73, 0x1F, 0x93, 0x6E, 0x53, - 0x19, 0x25, 0x64, 0x15, 0x83, 0xF9, 0x73, 0x2A, - 0x74, 0xB4, 0x93, 0x69, 0xC4, 0x72, 0xFC, 0x26, - 0xA2, 0x9F, 0x43, 0x45, 0xDD, 0xB9, 0xEF, 0x36, - 0xC8, 0x3A, 0xCD, 0x99, 0x9B, 0x54, 0x1A, 0x36, - 0xC1, 0x59, 0xF8, 0x98, 0xA8, 0xCC, 0x28, 0x0D, - 0x73, 0x4C, 0xEE, 0x98, 0xCB, 0x7C, 0x58, 0x7E, - 0x20, 0x75, 0x1E, 0xB7, 0xC9, 0xF8, 0xF2, 0x0E, - 0x63, 0x9E, 0x05, 0x78, 0x1A, 0xB6, 0xA8, 0x7A, - 0xF9, 0x98, 0x6A, 0xA6, 0x46, 0x84, 0x2E, 0xF6, - 0x4B, 0xDC, 0x9B, 0x8F, 0x9B, 0x8F, 0xEE, 0xB4, - 0xAA, 0x3F, 0xEE, 0xC0, 0x37, 0x27, 0x76, 0xC7, - 0x95, 0xBB, 0x26, 0x74, 0x69, 0x12, 0x7F, 0xF1, - 0xBB, 0xFF, 0xAE, 0xB5, 0x99, 0x6E, 0xCB, 0x0C -}; + if (check_auth_capabilities_supported(auths, RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for Negative " + "AES GMAC testsuite not met\n"); + return TEST_SKIPPED; + } -static const uint8_t catch_22_quote_2_512_bytes_AES_CBC_HMAC_SHA1_digest[] = { - 0x9a, 0x4f, 0x88, 0x1b, 0xb6, 0x8f, 0xd8, 0x60, - 0x42, 0x1a, 0x7d, 0x3d, 0xf5, 0x82, 0x80, 0xf1, - 0x18, 0x8c, 0x1d, 0x32 -}; + return 0; +} +static int +mixed_cipher_hash_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + uint64_t feat_flags; + const enum rte_crypto_cipher_algorithm ciphers[] = { + RTE_CRYPTO_CIPHER_NULL, + RTE_CRYPTO_CIPHER_AES_CTR, + RTE_CRYPTO_CIPHER_ZUC_EEA3, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2 + }; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_NULL, + RTE_CRYPTO_AUTH_SNOW3G_UIA2, + RTE_CRYPTO_AUTH_AES_CMAC, + RTE_CRYPTO_AUTH_ZUC_EIA3 + }; -/* Multisession Vector context Test */ -/*Begin Session 0 */ -static uint8_t ms_aes_cbc_key0[] = { - 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, - 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff -}; + rte_cryptodev_info_get(dev_id, &dev_info); + feat_flags = dev_info.feature_flags; -static uint8_t ms_aes_cbc_iv0[] = { - 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, - 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff -}; + if (!(feat_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + (global_api_test_type == CRYPTODEV_RAW_API_TEST)) { + RTE_LOG(INFO, USER1, "Feature flag requirements for Mixed " + "Cipher Hash testsuite not met\n"); + return TEST_SKIPPED; + } -static const uint8_t ms_aes_cbc_cipher0[] = { - 0x3C, 0xE4, 0xEE, 0x42, 0xB6, 0x9B, 0xC3, 0x38, - 0x5F, 0xAD, 0x54, 0xDC, 0xA8, 0x32, 0x81, 0xDC, - 0x7A, 0x6F, 0x85, 0x58, 0x07, 0x35, 0xED, 0xEB, - 0xAD, 0x79, 0x79, 0x96, 0xD3, 0x0E, 0xA6, 0xD9, - 0xAA, 0x86, 0xA4, 0x8F, 0xB5, 0xD6, 0x6E, 0x6D, - 0x0C, 0x91, 0x2F, 0xC4, 0x67, 0x98, 0x0E, 0xC4, - 0x8D, 0x83, 0x68, 0x69, 0xC4, 0xD3, 0x94, 0x34, - 0xC4, 0x5D, 0x60, 0x55, 0x22, 0x87, 0x8F, 0x6F, - 0x17, 0x8E, 0x75, 0xE4, 0x02, 0xF5, 0x1B, 0x99, - 0xC8, 0x39, 0xA9, 0xAB, 0x23, 0x91, 0x12, 0xED, - 0x08, 0xE7, 0xD9, 0x25, 0x89, 0x24, 0x4F, 0x8D, - 0x68, 0xF3, 0x10, 0x39, 0x0A, 0xEE, 0x45, 0x24, - 0xDF, 0x7A, 0x9D, 0x00, 0x25, 0xE5, 0x35, 0x71, - 0x4E, 0x40, 0x59, 0x6F, 0x0A, 0x13, 0xB3, 0x72, - 0x1D, 0x98, 0x63, 0x94, 0x89, 0xA5, 0x39, 0x8E, - 0xD3, 0x9C, 0x8A, 0x7F, 0x71, 0x2F, 0xC7, 0xCD, - 0x81, 0x05, 0xDC, 0xC0, 0x8D, 0xCE, 0x6D, 0x18, - 0x30, 0xC4, 0x72, 0x51, 0xF0, 0x27, 0xC8, 0xF6, - 0x60, 0x5B, 0x7C, 0xB2, 0xE3, 0x49, 0x0C, 0x29, - 0xC6, 0x9F, 0x39, 0x57, 0x80, 0x55, 0x24, 0x2C, - 0x9B, 0x0F, 0x5A, 0xB3, 0x89, 0x55, 0x31, 0x96, - 0x0D, 0xCD, 0xF6, 0x51, 0x03, 0x2D, 0x89, 0x26, - 0x74, 0x44, 0xD6, 0xE8, 0xDC, 0xEA, 0x44, 0x55, - 0x64, 0x71, 0x9C, 0x9F, 0x5D, 0xBA, 0x39, 0x46, - 0xA8, 0x17, 0xA1, 0x9C, 0x52, 0x9D, 0xBC, 0x6B, - 0x4A, 0x98, 0xE6, 0xEA, 0x33, 0xEC, 0x58, 0xB4, - 0x43, 0xF0, 0x32, 0x45, 0xA4, 0xC1, 0x55, 0xB7, - 0x5D, 0xB5, 0x59, 0xB2, 0xE3, 0x96, 0xFF, 0xA5, - 0xAF, 0xE1, 0x86, 0x1B, 0x42, 0xE6, 0x3B, 0xA0, - 0x90, 0x4A, 0xE8, 0x8C, 0x21, 0x7F, 0x36, 0x1E, - 0x5B, 0x65, 0x25, 0xD1, 0xC1, 0x5A, 0xCA, 0x3D, - 0x10, 0xED, 0x2D, 0x79, 0xD0, 0x0F, 0x58, 0x44, - 0x69, 0x81, 0xF5, 0xD4, 0xC9, 0x0F, 0x90, 0x76, - 0x1F, 0x54, 0xD2, 0xD5, 0x97, 0xCE, 0x2C, 0xE3, - 0xEF, 0xF4, 0xB7, 0xC6, 0x3A, 0x87, 0x7F, 0x83, - 0x2A, 0xAF, 0xCD, 0x90, 0x12, 0xA7, 0x7D, 0x85, - 0x1D, 0x62, 0xD3, 0x85, 0x25, 0x05, 0xDB, 0x45, - 0x92, 0xA3, 0xF6, 0xA2, 0xA8, 0x41, 0xE4, 0x25, - 0x86, 0x87, 0x67, 0x24, 0xEC, 0x89, 0x23, 0x2A, - 0x9B, 0x20, 0x4D, 0x93, 0xEE, 0xE2, 0x2E, 0xC1, - 0x0B, 0x15, 0x33, 0xCF, 0x00, 0xD1, 0x1A, 0xDA, - 0x93, 0xFD, 0x28, 0x21, 0x5B, 0xCF, 0xD1, 0xF3, - 0x5A, 0x81, 0xBA, 0x82, 0x5E, 0x2F, 0x61, 0xB4, - 0x05, 0x71, 0xB5, 0xF4, 0x39, 0x3C, 0x1F, 0x60, - 0x00, 0x7A, 0xC4, 0xF8, 0x35, 0x20, 0x6C, 0x3A, - 0xCC, 0x03, 0x8F, 0x7B, 0xA2, 0xB6, 0x65, 0x8A, - 0xB6, 0x5F, 0xFD, 0x25, 0xD3, 0x5F, 0x92, 0xF9, - 0xAE, 0x17, 0x9B, 0x5E, 0x6E, 0x9A, 0xE4, 0x55, - 0x10, 0x25, 0x07, 0xA4, 0xAF, 0x21, 0x69, 0x13, - 0xD8, 0xFA, 0x31, 0xED, 0xF7, 0xA7, 0xA7, 0x3B, + if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0 + && check_auth_capabilities_supported(auths, + RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for Mixed " + "Cipher Hash testsuite not met\n"); + return TEST_SKIPPED; + } + + return 0; +} + +static int +esn_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_cipher_algorithm ciphers[] = { + RTE_CRYPTO_CIPHER_AES_CBC + }; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_SHA1_HMAC + }; + + rte_cryptodev_info_get(dev_id, &dev_info); + + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + !(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + RTE_LOG(INFO, USER1, "Feature flag requirements for ESN " + "testsuite not met\n"); + return TEST_SKIPPED; + } + + if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0 + && check_auth_capabilities_supported(auths, + RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for ESN " + "testsuite not met\n"); + return TEST_SKIPPED; + } + + return 0; +} + +static int +multi_session_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_cipher_algorithm ciphers[] = { + RTE_CRYPTO_CIPHER_AES_CBC + }; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_SHA512_HMAC + }; + + rte_cryptodev_info_get(dev_id, &dev_info); + + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO)) { + RTE_LOG(INFO, USER1, "Feature flag requirements for Multi " + "Session testsuite not met\n"); + return TEST_SKIPPED; + } + + if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0 + && check_auth_capabilities_supported(auths, + RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for Multi " + "Session testsuite not met\n"); + return TEST_SKIPPED; + } + + return 0; +} + +static int +negative_hmac_sha1_testsuite_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint8_t dev_id = ts_params->valid_devs[0]; + struct rte_cryptodev_info dev_info; + const enum rte_crypto_cipher_algorithm ciphers[] = { + RTE_CRYPTO_CIPHER_AES_CBC + }; + const enum rte_crypto_auth_algorithm auths[] = { + RTE_CRYPTO_AUTH_SHA1_HMAC + }; + + rte_cryptodev_info_get(dev_id, &dev_info); + + if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYMMETRIC_CRYPTO) || + ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + !(dev_info.feature_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + RTE_LOG(INFO, USER1, "Feature flag requirements for Negative " + "HMAC SHA1 testsuite not met\n"); + return TEST_SKIPPED; + } + + if (check_cipher_capabilities_supported(ciphers, RTE_DIM(ciphers)) != 0 + && check_auth_capabilities_supported(auths, + RTE_DIM(auths)) != 0) { + RTE_LOG(INFO, USER1, "Capability requirements for Negative " + "HMAC SHA1 testsuite not met\n"); + return TEST_SKIPPED; + } + + return 0; +} + +static int +dev_configure_and_start(uint64_t ff_disable) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + uint16_t qp_id; + + /* Clear unit test parameters before running test */ + memset(ut_params, 0, sizeof(*ut_params)); + + /* Reconfigure device to default parameters */ + ts_params->conf.socket_id = SOCKET_ID_ANY; + ts_params->conf.ff_disable = ff_disable; + ts_params->qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT; + ts_params->qp_conf.mp_session = ts_params->session_mpool; + ts_params->qp_conf.mp_session_private = ts_params->session_priv_mpool; + + TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0], + &ts_params->conf), + "Failed to configure cryptodev %u", + ts_params->valid_devs[0]); + + for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs ; qp_id++) { + TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( + ts_params->valid_devs[0], qp_id, + &ts_params->qp_conf, + rte_cryptodev_socket_id(ts_params->valid_devs[0])), + "Failed to setup queue pair %u on cryptodev %u", + qp_id, ts_params->valid_devs[0]); + } + + + rte_cryptodev_stats_reset(ts_params->valid_devs[0]); + + /* Start the device */ + TEST_ASSERT_SUCCESS(rte_cryptodev_start(ts_params->valid_devs[0]), + "Failed to start cryptodev %u", + ts_params->valid_devs[0]); + + return TEST_SUCCESS; +} + +int +ut_setup(void) +{ + /* Configure and start the device with security feature disabled */ + return dev_configure_and_start(RTE_CRYPTODEV_FF_SECURITY); +} + +static int +ut_setup_security(void) +{ + /* Configure and start the device with no features disabled */ + return dev_configure_and_start(0); +} + +void +ut_teardown(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + /* free crypto session structure */ +#ifdef RTE_LIB_SECURITY + if (ut_params->type == RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL) { + if (ut_params->sec_session) { + rte_security_session_destroy(rte_cryptodev_get_sec_ctx + (ts_params->valid_devs[0]), + ut_params->sec_session); + ut_params->sec_session = NULL; + } + } else +#endif + { + if (ut_params->sess) { + rte_cryptodev_sym_session_clear( + ts_params->valid_devs[0], + ut_params->sess); + rte_cryptodev_sym_session_free(ut_params->sess); + ut_params->sess = NULL; + } + } + + /* free crypto operation structure */ + if (ut_params->op) + rte_crypto_op_free(ut_params->op); + + /* + * free mbuf - both obuf and ibuf are usually the same, + * so check if they point at the same address is necessary, + * to avoid freeing the mbuf twice. + */ + if (ut_params->obuf) { + rte_pktmbuf_free(ut_params->obuf); + if (ut_params->ibuf == ut_params->obuf) + ut_params->ibuf = 0; + ut_params->obuf = 0; + } + if (ut_params->ibuf) { + rte_pktmbuf_free(ut_params->ibuf); + ut_params->ibuf = 0; + } + + if (ts_params->mbuf_pool != NULL) + RTE_LOG(DEBUG, USER1, "CRYPTO_MBUFPOOL count %u\n", + rte_mempool_avail_count(ts_params->mbuf_pool)); + + /* Stop the device */ + rte_cryptodev_stop(ts_params->valid_devs[0]); +} + +static int +test_device_configure_invalid_dev_id(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint16_t dev_id, num_devs = 0; + + TEST_ASSERT((num_devs = rte_cryptodev_count()) >= 1, + "Need at least %d devices for test", 1); + + /* valid dev_id values */ + dev_id = ts_params->valid_devs[0]; + + /* Stop the device in case it's started so it can be configured */ + rte_cryptodev_stop(dev_id); + + TEST_ASSERT_SUCCESS(rte_cryptodev_configure(dev_id, &ts_params->conf), + "Failed test for rte_cryptodev_configure: " + "invalid dev_num %u", dev_id); + + /* invalid dev_id values */ + dev_id = num_devs; + + TEST_ASSERT_FAIL(rte_cryptodev_configure(dev_id, &ts_params->conf), + "Failed test for rte_cryptodev_configure: " + "invalid dev_num %u", dev_id); + + dev_id = 0xff; + + TEST_ASSERT_FAIL(rte_cryptodev_configure(dev_id, &ts_params->conf), + "Failed test for rte_cryptodev_configure:" + "invalid dev_num %u", dev_id); + + return TEST_SUCCESS; +} + +static int +test_device_configure_invalid_queue_pair_ids(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + uint16_t orig_nb_qps = ts_params->conf.nb_queue_pairs; + + /* Stop the device in case it's started so it can be configured */ + rte_cryptodev_stop(ts_params->valid_devs[0]); + + /* valid - max value queue pairs */ + ts_params->conf.nb_queue_pairs = orig_nb_qps; + + TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0], + &ts_params->conf), + "Failed to configure cryptodev: dev_id %u, qp_id %u", + ts_params->valid_devs[0], ts_params->conf.nb_queue_pairs); + + /* valid - one queue pairs */ + ts_params->conf.nb_queue_pairs = 1; + + TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0], + &ts_params->conf), + "Failed to configure cryptodev: dev_id %u, qp_id %u", + ts_params->valid_devs[0], + ts_params->conf.nb_queue_pairs); + + + /* invalid - zero queue pairs */ + ts_params->conf.nb_queue_pairs = 0; + + TEST_ASSERT_FAIL(rte_cryptodev_configure(ts_params->valid_devs[0], + &ts_params->conf), + "Failed test for rte_cryptodev_configure, dev_id %u," + " invalid qps: %u", + ts_params->valid_devs[0], + ts_params->conf.nb_queue_pairs); + + + /* invalid - max value supported by field queue pairs */ + ts_params->conf.nb_queue_pairs = UINT16_MAX; + + TEST_ASSERT_FAIL(rte_cryptodev_configure(ts_params->valid_devs[0], + &ts_params->conf), + "Failed test for rte_cryptodev_configure, dev_id %u," + " invalid qps: %u", + ts_params->valid_devs[0], + ts_params->conf.nb_queue_pairs); + + + /* invalid - max value + 1 queue pairs */ + ts_params->conf.nb_queue_pairs = orig_nb_qps + 1; + + TEST_ASSERT_FAIL(rte_cryptodev_configure(ts_params->valid_devs[0], + &ts_params->conf), + "Failed test for rte_cryptodev_configure, dev_id %u," + " invalid qps: %u", + ts_params->valid_devs[0], + ts_params->conf.nb_queue_pairs); + + /* revert to original testsuite value */ + ts_params->conf.nb_queue_pairs = orig_nb_qps; + + return TEST_SUCCESS; +} + +static int +test_queue_pair_descriptor_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct rte_cryptodev_qp_conf qp_conf = { + .nb_descriptors = MAX_NUM_OPS_INFLIGHT + }; + uint16_t qp_id; + + /* Stop the device in case it's started so it can be configured */ + rte_cryptodev_stop(ts_params->valid_devs[0]); + + TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0], + &ts_params->conf), + "Failed to configure cryptodev %u", + ts_params->valid_devs[0]); + + /* + * Test various ring sizes on this device. memzones can't be + * freed so are re-used if ring is released and re-created. + */ + qp_conf.nb_descriptors = MIN_NUM_OPS_INFLIGHT; /* min size*/ + qp_conf.mp_session = ts_params->session_mpool; + qp_conf.mp_session_private = ts_params->session_priv_mpool; + + for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) { + TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( + ts_params->valid_devs[0], qp_id, &qp_conf, + rte_cryptodev_socket_id( + ts_params->valid_devs[0])), + "Failed test for " + "rte_cryptodev_queue_pair_setup: num_inflights " + "%u on qp %u on cryptodev %u", + qp_conf.nb_descriptors, qp_id, + ts_params->valid_devs[0]); + } + + qp_conf.nb_descriptors = (uint32_t)(MAX_NUM_OPS_INFLIGHT / 2); + + for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) { + TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( + ts_params->valid_devs[0], qp_id, &qp_conf, + rte_cryptodev_socket_id( + ts_params->valid_devs[0])), + "Failed test for" + " rte_cryptodev_queue_pair_setup: num_inflights" + " %u on qp %u on cryptodev %u", + qp_conf.nb_descriptors, qp_id, + ts_params->valid_devs[0]); + } + + qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT; /* valid */ + + for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) { + TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( + ts_params->valid_devs[0], qp_id, &qp_conf, + rte_cryptodev_socket_id( + ts_params->valid_devs[0])), + "Failed test for " + "rte_cryptodev_queue_pair_setup: num_inflights" + " %u on qp %u on cryptodev %u", + qp_conf.nb_descriptors, qp_id, + ts_params->valid_devs[0]); + } + + qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT; + + for (qp_id = 0; qp_id < ts_params->conf.nb_queue_pairs; qp_id++) { + TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( + ts_params->valid_devs[0], qp_id, &qp_conf, + rte_cryptodev_socket_id( + ts_params->valid_devs[0])), + "Failed test for" + " rte_cryptodev_queue_pair_setup:" + "num_inflights %u on qp %u on cryptodev %u", + qp_conf.nb_descriptors, qp_id, + ts_params->valid_devs[0]); + } + + /* test invalid queue pair id */ + qp_conf.nb_descriptors = DEFAULT_NUM_OPS_INFLIGHT; /*valid */ + + qp_id = ts_params->conf.nb_queue_pairs; /*invalid */ + + TEST_ASSERT_FAIL(rte_cryptodev_queue_pair_setup( + ts_params->valid_devs[0], + qp_id, &qp_conf, + rte_cryptodev_socket_id(ts_params->valid_devs[0])), + "Failed test for rte_cryptodev_queue_pair_setup:" + "invalid qp %u on cryptodev %u", + qp_id, ts_params->valid_devs[0]); + + qp_id = 0xffff; /*invalid*/ + + TEST_ASSERT_FAIL(rte_cryptodev_queue_pair_setup( + ts_params->valid_devs[0], + qp_id, &qp_conf, + rte_cryptodev_socket_id(ts_params->valid_devs[0])), + "Failed test for rte_cryptodev_queue_pair_setup:" + "invalid qp %u on cryptodev %u", + qp_id, ts_params->valid_devs[0]); + + return TEST_SUCCESS; +} + +/* ***** Plaintext data for tests ***** */ + +const char catch_22_quote_1[] = + "There was only one catch and that was Catch-22, which " + "specified that a concern for one's safety in the face of " + "dangers that were real and immediate was the process of a " + "rational mind. Orr was crazy and could be grounded. All he " + "had to do was ask; and as soon as he did, he would no longer " + "be crazy and would have to fly more missions. Orr would be " + "crazy to fly more missions and sane if he didn't, but if he " + "was sane he had to fly them. If he flew them he was crazy " + "and didn't have to; but if he didn't want to he was sane and " + "had to. Yossarian was moved very deeply by the absolute " + "simplicity of this clause of Catch-22 and let out a " + "respectful whistle. \"That's some catch, that Catch-22\", he " + "observed. \"It's the best there is,\" Doc Daneeka agreed."; + +const char catch_22_quote[] = + "What a lousy earth! He wondered how many people were " + "destitute that same night even in his own prosperous country, " + "how many homes were shanties, how many husbands were drunk " + "and wives socked, and how many children were bullied, abused, " + "or abandoned. How many families hungered for food they could " + "not afford to buy? How many hearts were broken? How many " + "suicides would take place that same night, how many people " + "would go insane? How many cockroaches and landlords would " + "triumph? How many winners were losers, successes failures, " + "and rich men poor men? How many wise guys were stupid? How " + "many happy endings were unhappy endings? How many honest men " + "were liars, brave men cowards, loyal men traitors, how many " + "sainted men were corrupt, how many people in positions of " + "trust had sold their souls to bodyguards, how many had never " + "had souls? How many straight-and-narrow paths were crooked " + "paths? How many best families were worst families and how " + "many good people were bad people? When you added them all up " + "and then subtracted, you might be left with only the children, " + "and perhaps with Albert Einstein and an old violinist or " + "sculptor somewhere."; + +#define QUOTE_480_BYTES (480) +#define QUOTE_512_BYTES (512) +#define QUOTE_768_BYTES (768) +#define QUOTE_1024_BYTES (1024) + + + +/* ***** SHA1 Hash Tests ***** */ + +#define HMAC_KEY_LENGTH_SHA1 (DIGEST_BYTE_LENGTH_SHA1) + +static uint8_t hmac_sha1_key[] = { + 0xF8, 0x2A, 0xC7, 0x54, 0xDB, 0x96, 0x18, 0xAA, + 0xC3, 0xA1, 0x53, 0xF6, 0x1F, 0x17, 0x60, 0xBD, + 0xDE, 0xF4, 0xDE, 0xAD }; + +/* ***** SHA224 Hash Tests ***** */ + +#define HMAC_KEY_LENGTH_SHA224 (DIGEST_BYTE_LENGTH_SHA224) + + +/* ***** AES-CBC Cipher Tests ***** */ + +#define CIPHER_KEY_LENGTH_AES_CBC (16) +#define CIPHER_IV_LENGTH_AES_CBC (CIPHER_KEY_LENGTH_AES_CBC) + +static uint8_t aes_cbc_key[] = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A }; + +static uint8_t aes_cbc_iv[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f }; + + +/* ***** AES-CBC / HMAC-SHA1 Hash Tests ***** */ + +static const uint8_t catch_22_quote_2_512_bytes_AES_CBC_ciphertext[] = { + 0x8B, 0x4D, 0xDA, 0x1B, 0xCF, 0x04, 0xA0, 0x31, + 0xB4, 0xBF, 0xBD, 0x68, 0x43, 0x20, 0x7E, 0x76, + 0xB1, 0x96, 0x8B, 0xA2, 0x7C, 0xA2, 0x83, 0x9E, + 0x39, 0x5A, 0x2F, 0x7E, 0x92, 0xB4, 0x48, 0x1A, + 0x3F, 0x6B, 0x5D, 0xDF, 0x52, 0x85, 0x5F, 0x8E, + 0x42, 0x3C, 0xFB, 0xE9, 0x1A, 0x24, 0xD6, 0x08, + 0xDD, 0xFD, 0x16, 0xFB, 0xE9, 0x55, 0xEF, 0xF0, + 0xA0, 0x8D, 0x13, 0xAB, 0x81, 0xC6, 0x90, 0x01, + 0xB5, 0x18, 0x84, 0xB3, 0xF6, 0xE6, 0x11, 0x57, + 0xD6, 0x71, 0xC6, 0x3C, 0x3F, 0x2F, 0x33, 0xEE, + 0x24, 0x42, 0x6E, 0xAC, 0x0B, 0xCA, 0xEC, 0xF9, + 0x84, 0xF8, 0x22, 0xAA, 0x60, 0xF0, 0x32, 0xA9, + 0x75, 0x75, 0x3B, 0xCB, 0x70, 0x21, 0x0A, 0x8D, + 0x0F, 0xE0, 0xC4, 0x78, 0x2B, 0xF8, 0x97, 0xE3, + 0xE4, 0x26, 0x4B, 0x29, 0xDA, 0x88, 0xCD, 0x46, + 0xEC, 0xAA, 0xF9, 0x7F, 0xF1, 0x15, 0xEA, 0xC3, + 0x87, 0xE6, 0x31, 0xF2, 0xCF, 0xDE, 0x4D, 0x80, + 0x70, 0x91, 0x7E, 0x0C, 0xF7, 0x26, 0x3A, 0x92, + 0x4F, 0x18, 0x83, 0xC0, 0x8F, 0x59, 0x01, 0xA5, + 0x88, 0xD1, 0xDB, 0x26, 0x71, 0x27, 0x16, 0xF5, + 0xEE, 0x10, 0x82, 0xAC, 0x68, 0x26, 0x9B, 0xE2, + 0x6D, 0xD8, 0x9A, 0x80, 0xDF, 0x04, 0x31, 0xD5, + 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, + 0x58, 0x34, 0x85, 0x61, 0x1C, 0x42, 0x10, 0x76, + 0x73, 0x02, 0x42, 0xC9, 0x23, 0x18, 0x8E, 0xB4, + 0x6F, 0xB4, 0xA3, 0x54, 0x6E, 0x88, 0x3B, 0x62, + 0x7C, 0x02, 0x8D, 0x4C, 0x9F, 0xC8, 0x45, 0xF4, + 0xC9, 0xDE, 0x4F, 0xEB, 0x22, 0x83, 0x1B, 0xE4, + 0x49, 0x37, 0xE4, 0xAD, 0xE7, 0xCD, 0x21, 0x54, + 0xBC, 0x1C, 0xC2, 0x04, 0x97, 0xB4, 0x10, 0x61, + 0xF0, 0xE4, 0xEF, 0x27, 0x63, 0x3A, 0xDA, 0x91, + 0x41, 0x25, 0x62, 0x1C, 0x5C, 0xB6, 0x38, 0x4A, + 0x88, 0x71, 0x59, 0x5A, 0x8D, 0xA0, 0x09, 0xAF, + 0x72, 0x94, 0xD7, 0x79, 0x5C, 0x60, 0x7C, 0x8F, + 0x4C, 0xF5, 0xD9, 0xA1, 0x39, 0x6D, 0x81, 0x28, + 0xEF, 0x13, 0x28, 0xDF, 0xF5, 0x3E, 0xF7, 0x8E, + 0x09, 0x9C, 0x78, 0x18, 0x79, 0xB8, 0x68, 0xD7, + 0xA8, 0x29, 0x62, 0xAD, 0xDE, 0xE1, 0x61, 0x76, + 0x1B, 0x05, 0x16, 0xCD, 0xBF, 0x02, 0x8E, 0xA6, + 0x43, 0x6E, 0x92, 0x55, 0x4F, 0x60, 0x9C, 0x03, + 0xB8, 0x4F, 0xA3, 0x02, 0xAC, 0xA8, 0xA7, 0x0C, + 0x1E, 0xB5, 0x6B, 0xF8, 0xC8, 0x4D, 0xDE, 0xD2, + 0xB0, 0x29, 0x6E, 0x40, 0xE6, 0xD6, 0xC9, 0xE6, + 0xB9, 0x0F, 0xB6, 0x63, 0xF5, 0xAA, 0x2B, 0x96, + 0xA7, 0x16, 0xAC, 0x4E, 0x0A, 0x33, 0x1C, 0xA6, + 0xE6, 0xBD, 0x8A, 0xCF, 0x40, 0xA9, 0xB2, 0xFA, + 0x63, 0x27, 0xFD, 0x9B, 0xD9, 0xFC, 0xD5, 0x87, + 0x8D, 0x4C, 0xB6, 0xA4, 0xCB, 0xE7, 0x74, 0x55, + 0xF4, 0xFB, 0x41, 0x25, 0xB5, 0x4B, 0x0A, 0x1B, + 0xB1, 0xD6, 0xB7, 0xD9, 0x47, 0x2A, 0xC3, 0x98, + 0x6A, 0xC4, 0x03, 0x73, 0x1F, 0x93, 0x6E, 0x53, + 0x19, 0x25, 0x64, 0x15, 0x83, 0xF9, 0x73, 0x2A, + 0x74, 0xB4, 0x93, 0x69, 0xC4, 0x72, 0xFC, 0x26, + 0xA2, 0x9F, 0x43, 0x45, 0xDD, 0xB9, 0xEF, 0x36, + 0xC8, 0x3A, 0xCD, 0x99, 0x9B, 0x54, 0x1A, 0x36, + 0xC1, 0x59, 0xF8, 0x98, 0xA8, 0xCC, 0x28, 0x0D, + 0x73, 0x4C, 0xEE, 0x98, 0xCB, 0x7C, 0x58, 0x7E, + 0x20, 0x75, 0x1E, 0xB7, 0xC9, 0xF8, 0xF2, 0x0E, + 0x63, 0x9E, 0x05, 0x78, 0x1A, 0xB6, 0xA8, 0x7A, + 0xF9, 0x98, 0x6A, 0xA6, 0x46, 0x84, 0x2E, 0xF6, + 0x4B, 0xDC, 0x9B, 0x8F, 0x9B, 0x8F, 0xEE, 0xB4, + 0xAA, 0x3F, 0xEE, 0xC0, 0x37, 0x27, 0x76, 0xC7, + 0x95, 0xBB, 0x26, 0x74, 0x69, 0x12, 0x7F, 0xF1, + 0xBB, 0xFF, 0xAE, 0xB5, 0x99, 0x6E, 0xCB, 0x0C +}; + +static const uint8_t catch_22_quote_2_512_bytes_AES_CBC_HMAC_SHA1_digest[] = { + 0x9a, 0x4f, 0x88, 0x1b, 0xb6, 0x8f, 0xd8, 0x60, + 0x42, 0x1a, 0x7d, 0x3d, 0xf5, 0x82, 0x80, 0xf1, + 0x18, 0x8c, 0x1d, 0x32 +}; + + +/* Multisession Vector context Test */ +/*Begin Session 0 */ +static uint8_t ms_aes_cbc_key0[] = { + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff +}; + +static uint8_t ms_aes_cbc_iv0[] = { + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff +}; + +static const uint8_t ms_aes_cbc_cipher0[] = { + 0x3C, 0xE4, 0xEE, 0x42, 0xB6, 0x9B, 0xC3, 0x38, + 0x5F, 0xAD, 0x54, 0xDC, 0xA8, 0x32, 0x81, 0xDC, + 0x7A, 0x6F, 0x85, 0x58, 0x07, 0x35, 0xED, 0xEB, + 0xAD, 0x79, 0x79, 0x96, 0xD3, 0x0E, 0xA6, 0xD9, + 0xAA, 0x86, 0xA4, 0x8F, 0xB5, 0xD6, 0x6E, 0x6D, + 0x0C, 0x91, 0x2F, 0xC4, 0x67, 0x98, 0x0E, 0xC4, + 0x8D, 0x83, 0x68, 0x69, 0xC4, 0xD3, 0x94, 0x34, + 0xC4, 0x5D, 0x60, 0x55, 0x22, 0x87, 0x8F, 0x6F, + 0x17, 0x8E, 0x75, 0xE4, 0x02, 0xF5, 0x1B, 0x99, + 0xC8, 0x39, 0xA9, 0xAB, 0x23, 0x91, 0x12, 0xED, + 0x08, 0xE7, 0xD9, 0x25, 0x89, 0x24, 0x4F, 0x8D, + 0x68, 0xF3, 0x10, 0x39, 0x0A, 0xEE, 0x45, 0x24, + 0xDF, 0x7A, 0x9D, 0x00, 0x25, 0xE5, 0x35, 0x71, + 0x4E, 0x40, 0x59, 0x6F, 0x0A, 0x13, 0xB3, 0x72, + 0x1D, 0x98, 0x63, 0x94, 0x89, 0xA5, 0x39, 0x8E, + 0xD3, 0x9C, 0x8A, 0x7F, 0x71, 0x2F, 0xC7, 0xCD, + 0x81, 0x05, 0xDC, 0xC0, 0x8D, 0xCE, 0x6D, 0x18, + 0x30, 0xC4, 0x72, 0x51, 0xF0, 0x27, 0xC8, 0xF6, + 0x60, 0x5B, 0x7C, 0xB2, 0xE3, 0x49, 0x0C, 0x29, + 0xC6, 0x9F, 0x39, 0x57, 0x80, 0x55, 0x24, 0x2C, + 0x9B, 0x0F, 0x5A, 0xB3, 0x89, 0x55, 0x31, 0x96, + 0x0D, 0xCD, 0xF6, 0x51, 0x03, 0x2D, 0x89, 0x26, + 0x74, 0x44, 0xD6, 0xE8, 0xDC, 0xEA, 0x44, 0x55, + 0x64, 0x71, 0x9C, 0x9F, 0x5D, 0xBA, 0x39, 0x46, + 0xA8, 0x17, 0xA1, 0x9C, 0x52, 0x9D, 0xBC, 0x6B, + 0x4A, 0x98, 0xE6, 0xEA, 0x33, 0xEC, 0x58, 0xB4, + 0x43, 0xF0, 0x32, 0x45, 0xA4, 0xC1, 0x55, 0xB7, + 0x5D, 0xB5, 0x59, 0xB2, 0xE3, 0x96, 0xFF, 0xA5, + 0xAF, 0xE1, 0x86, 0x1B, 0x42, 0xE6, 0x3B, 0xA0, + 0x90, 0x4A, 0xE8, 0x8C, 0x21, 0x7F, 0x36, 0x1E, + 0x5B, 0x65, 0x25, 0xD1, 0xC1, 0x5A, 0xCA, 0x3D, + 0x10, 0xED, 0x2D, 0x79, 0xD0, 0x0F, 0x58, 0x44, + 0x69, 0x81, 0xF5, 0xD4, 0xC9, 0x0F, 0x90, 0x76, + 0x1F, 0x54, 0xD2, 0xD5, 0x97, 0xCE, 0x2C, 0xE3, + 0xEF, 0xF4, 0xB7, 0xC6, 0x3A, 0x87, 0x7F, 0x83, + 0x2A, 0xAF, 0xCD, 0x90, 0x12, 0xA7, 0x7D, 0x85, + 0x1D, 0x62, 0xD3, 0x85, 0x25, 0x05, 0xDB, 0x45, + 0x92, 0xA3, 0xF6, 0xA2, 0xA8, 0x41, 0xE4, 0x25, + 0x86, 0x87, 0x67, 0x24, 0xEC, 0x89, 0x23, 0x2A, + 0x9B, 0x20, 0x4D, 0x93, 0xEE, 0xE2, 0x2E, 0xC1, + 0x0B, 0x15, 0x33, 0xCF, 0x00, 0xD1, 0x1A, 0xDA, + 0x93, 0xFD, 0x28, 0x21, 0x5B, 0xCF, 0xD1, 0xF3, + 0x5A, 0x81, 0xBA, 0x82, 0x5E, 0x2F, 0x61, 0xB4, + 0x05, 0x71, 0xB5, 0xF4, 0x39, 0x3C, 0x1F, 0x60, + 0x00, 0x7A, 0xC4, 0xF8, 0x35, 0x20, 0x6C, 0x3A, + 0xCC, 0x03, 0x8F, 0x7B, 0xA2, 0xB6, 0x65, 0x8A, + 0xB6, 0x5F, 0xFD, 0x25, 0xD3, 0x5F, 0x92, 0xF9, + 0xAE, 0x17, 0x9B, 0x5E, 0x6E, 0x9A, 0xE4, 0x55, + 0x10, 0x25, 0x07, 0xA4, 0xAF, 0x21, 0x69, 0x13, + 0xD8, 0xFA, 0x31, 0xED, 0xF7, 0xA7, 0xA7, 0x3B, 0xB8, 0x96, 0x8E, 0x10, 0x86, 0x74, 0xD8, 0xB1, 0x34, 0x9E, 0x9B, 0x6A, 0x26, 0xA8, 0xD4, 0xD0, 0xB5, 0xF6, 0xDE, 0xE7, 0xCA, 0x06, 0xDC, 0xA3, @@ -1409,298 +1914,616 @@ static const uint8_t ms_aes_cbc_cipher0[] = { }; -static uint8_t ms_hmac_key0[] = { - 0xFF, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1, - 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, - 0x58, 0x34, 0x85, 0x65, 0x1C, 0x42, 0x50, 0x76, - 0x9A, 0xAF, 0x88, 0x1B, 0xB6, 0x8F, 0xF8, 0x60, - 0xA2, 0x5A, 0x7F, 0x3F, 0xF4, 0x72, 0x70, 0xF1, - 0xF5, 0x35, 0x4C, 0x3B, 0xDD, 0x90, 0x65, 0xB0, - 0x47, 0x3A, 0x75, 0x61, 0x5C, 0xA2, 0x10, 0x76, - 0x9A, 0xAF, 0x77, 0x5B, 0xB6, 0x7F, 0xF7, 0x60 -}; +static uint8_t ms_hmac_key0[] = { + 0xFF, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1, + 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, + 0x58, 0x34, 0x85, 0x65, 0x1C, 0x42, 0x50, 0x76, + 0x9A, 0xAF, 0x88, 0x1B, 0xB6, 0x8F, 0xF8, 0x60, + 0xA2, 0x5A, 0x7F, 0x3F, 0xF4, 0x72, 0x70, 0xF1, + 0xF5, 0x35, 0x4C, 0x3B, 0xDD, 0x90, 0x65, 0xB0, + 0x47, 0x3A, 0x75, 0x61, 0x5C, 0xA2, 0x10, 0x76, + 0x9A, 0xAF, 0x77, 0x5B, 0xB6, 0x7F, 0xF7, 0x60 +}; + +static const uint8_t ms_hmac_digest0[] = { + 0x43, 0x52, 0xED, 0x34, 0xAB, 0x36, 0xB2, 0x51, + 0xFB, 0xA3, 0xA6, 0x7C, 0x38, 0xFC, 0x42, 0x8F, + 0x57, 0x64, 0xAB, 0x81, 0xA7, 0x89, 0xB7, 0x6C, + 0xA0, 0xDC, 0xB9, 0x4D, 0xC4, 0x30, 0xF9, 0xD4, + 0x10, 0x82, 0x55, 0xD0, 0xAB, 0x32, 0xFB, 0x56, + 0x0D, 0xE4, 0x68, 0x3D, 0x76, 0xD0, 0x7B, 0xE4, + 0xA6, 0x2C, 0x34, 0x9E, 0x8C, 0x41, 0xF8, 0x23, + 0x28, 0x1B, 0x3A, 0x90, 0x26, 0x34, 0x47, 0x90 + }; + +/* End Session 0 */ +/* Begin session 1 */ + +static uint8_t ms_aes_cbc_key1[] = { + 0xf1, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff +}; + +static uint8_t ms_aes_cbc_iv1[] = { + 0xf1, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff +}; + +static const uint8_t ms_aes_cbc_cipher1[] = { + 0x5A, 0x7A, 0x67, 0x5D, 0xB8, 0xE1, 0xDC, 0x71, + 0x39, 0xA8, 0x74, 0x93, 0x9C, 0x4C, 0xFE, 0x23, + 0x61, 0xCD, 0xA4, 0xB3, 0xD9, 0xCE, 0x99, 0x09, + 0x2A, 0x23, 0xF3, 0x29, 0xBF, 0x4C, 0xB4, 0x6A, + 0x1B, 0x6B, 0x73, 0x4D, 0x48, 0x0C, 0xCF, 0x6C, + 0x5E, 0x34, 0x9E, 0x7F, 0xBC, 0x8F, 0xCC, 0x8F, + 0x75, 0x1D, 0x3D, 0x77, 0x10, 0x76, 0xC8, 0xB9, + 0x99, 0x6F, 0xD6, 0x56, 0x75, 0xA9, 0xB2, 0x66, + 0xC2, 0x24, 0x2B, 0x9C, 0xFE, 0x40, 0x8E, 0x43, + 0x20, 0x97, 0x1B, 0xFA, 0xD0, 0xCF, 0x04, 0xAB, + 0xBB, 0xF6, 0x5D, 0xF5, 0xA0, 0x19, 0x7C, 0x23, + 0x5D, 0x80, 0x8C, 0x49, 0xF6, 0x76, 0x88, 0x29, + 0x27, 0x4C, 0x59, 0x2B, 0x43, 0xA6, 0xB2, 0x26, + 0x27, 0x78, 0xBE, 0x1B, 0xE1, 0x4F, 0x5A, 0x1F, + 0xFC, 0x68, 0x08, 0xE7, 0xC4, 0xD1, 0x34, 0x68, + 0xB7, 0x13, 0x14, 0x41, 0x62, 0x6B, 0x1F, 0x77, + 0x0C, 0x68, 0x1D, 0x0D, 0xED, 0x89, 0xAA, 0xD8, + 0x97, 0x02, 0xBA, 0x5E, 0xD4, 0x84, 0x25, 0x97, + 0x03, 0xA5, 0xA6, 0x13, 0x66, 0x02, 0xF4, 0xC3, + 0xF3, 0xD3, 0xCC, 0x95, 0xC3, 0x87, 0x46, 0x90, + 0x1F, 0x6E, 0x14, 0xA8, 0x00, 0xF2, 0x6F, 0xD5, + 0xA1, 0xAD, 0xD5, 0x40, 0xA2, 0x0F, 0x32, 0x7E, + 0x99, 0xA3, 0xF5, 0x53, 0xC3, 0x26, 0xA1, 0x45, + 0x01, 0x88, 0x57, 0x84, 0x3E, 0x7B, 0x4E, 0x0B, + 0x3C, 0xB5, 0x3E, 0x9E, 0xE9, 0x78, 0x77, 0xC5, + 0xC0, 0x89, 0xA8, 0xF8, 0xF1, 0xA5, 0x2D, 0x5D, + 0xF9, 0xC6, 0xFB, 0xCB, 0x05, 0x23, 0xBD, 0x6E, + 0x5E, 0x14, 0xC6, 0x57, 0x73, 0xCF, 0x98, 0xBD, + 0x10, 0x8B, 0x18, 0xA6, 0x01, 0x5B, 0x13, 0xAE, + 0x8E, 0xDE, 0x1F, 0xB5, 0xB7, 0x40, 0x6C, 0xC1, + 0x1E, 0xA1, 0x19, 0x20, 0x9E, 0x95, 0xE0, 0x2F, + 0x1C, 0xF5, 0xD9, 0xD0, 0x2B, 0x1E, 0x82, 0x25, + 0x62, 0xB4, 0xEB, 0xA1, 0x1F, 0xCE, 0x44, 0xA1, + 0xCB, 0x92, 0x01, 0x6B, 0xE4, 0x26, 0x23, 0xE3, + 0xC5, 0x67, 0x35, 0x55, 0xDA, 0xE5, 0x27, 0xEE, + 0x8D, 0x12, 0x84, 0xB7, 0xBA, 0xA7, 0x1C, 0xD6, + 0x32, 0x3F, 0x67, 0xED, 0xFB, 0x5B, 0x8B, 0x52, + 0x46, 0x8C, 0xF9, 0x69, 0xCD, 0xAE, 0x79, 0xAA, + 0x37, 0x78, 0x49, 0xEB, 0xC6, 0x8E, 0x76, 0x63, + 0x84, 0xFF, 0x9D, 0x22, 0x99, 0x51, 0xB7, 0x5E, + 0x83, 0x4C, 0x8B, 0xDF, 0x5A, 0x07, 0xCC, 0xBA, + 0x42, 0xA5, 0x98, 0xB6, 0x47, 0x0E, 0x66, 0xEB, + 0x23, 0x0E, 0xBA, 0x44, 0xA8, 0xAA, 0x20, 0x71, + 0x79, 0x9C, 0x77, 0x5F, 0xF5, 0xFE, 0xEC, 0xEF, + 0xC6, 0x64, 0x3D, 0x84, 0xD0, 0x2B, 0xA7, 0x0A, + 0xC3, 0x72, 0x5B, 0x9C, 0xFA, 0xA8, 0x87, 0x95, + 0x94, 0x11, 0x38, 0xA7, 0x1E, 0x58, 0xE3, 0x73, + 0xC6, 0xC9, 0xD1, 0x7B, 0x92, 0xDB, 0x0F, 0x49, + 0x74, 0xC2, 0xA2, 0x0E, 0x35, 0x57, 0xAC, 0xDB, + 0x9A, 0x1C, 0xCF, 0x5A, 0x32, 0x3E, 0x26, 0x9B, + 0xEC, 0xB3, 0xEF, 0x9C, 0xFE, 0xBE, 0x52, 0xAC, + 0xB1, 0x29, 0xDD, 0xFD, 0x07, 0xE2, 0xEE, 0xED, + 0xE4, 0x46, 0x37, 0xFE, 0xD1, 0xDC, 0xCD, 0x02, + 0xF9, 0x31, 0xB0, 0xFB, 0x36, 0xB7, 0x34, 0xA4, + 0x76, 0xE8, 0x57, 0xBF, 0x99, 0x92, 0xC7, 0xAF, + 0x98, 0x10, 0xE2, 0x70, 0xCA, 0xC9, 0x2B, 0x82, + 0x06, 0x96, 0x88, 0x0D, 0xB3, 0xAC, 0x9E, 0x6D, + 0x43, 0xBC, 0x5B, 0x31, 0xCF, 0x65, 0x8D, 0xA6, + 0xC7, 0xFE, 0x73, 0xE1, 0x54, 0xF7, 0x10, 0xF9, + 0x86, 0xF7, 0xDF, 0xA1, 0xA1, 0xD8, 0xAE, 0x35, + 0xB3, 0x90, 0xDC, 0x6F, 0x43, 0x7A, 0x8B, 0xE0, + 0xFE, 0x8F, 0x33, 0x4D, 0x29, 0x6C, 0x45, 0x53, + 0x73, 0xDD, 0x21, 0x0B, 0x85, 0x30, 0xB5, 0xA5, + 0xF3, 0x5D, 0xEC, 0x79, 0x61, 0x9D, 0x9E, 0xB3 + +}; + +static uint8_t ms_hmac_key1[] = { + 0xFE, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1, + 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, + 0x58, 0x34, 0x85, 0x65, 0x1C, 0x42, 0x50, 0x76, + 0x9A, 0xAF, 0x88, 0x1B, 0xB6, 0x8F, 0xF8, 0x60, + 0xA2, 0x5A, 0x7F, 0x3F, 0xF4, 0x72, 0x70, 0xF1, + 0xF5, 0x35, 0x4C, 0x3B, 0xDD, 0x90, 0x65, 0xB0, + 0x47, 0x3A, 0x75, 0x61, 0x5C, 0xA2, 0x10, 0x76, + 0x9A, 0xAF, 0x77, 0x5B, 0xB6, 0x7F, 0xF7, 0x60 +}; + +static const uint8_t ms_hmac_digest1[] = { + 0xCE, 0x6E, 0x5F, 0x77, 0x96, 0x9A, 0xB1, 0x69, + 0x2D, 0x5E, 0xF3, 0x2F, 0x32, 0x10, 0xCB, 0x50, + 0x0E, 0x09, 0x56, 0x25, 0x07, 0x34, 0xC9, 0x20, + 0xEC, 0x13, 0x43, 0x23, 0x5C, 0x08, 0x8B, 0xCD, + 0xDC, 0x86, 0x8C, 0xEE, 0x0A, 0x95, 0x2E, 0xB9, + 0x8C, 0x7B, 0x02, 0x7A, 0xD4, 0xE1, 0x49, 0xB4, + 0x45, 0xB5, 0x52, 0x37, 0xC6, 0xFF, 0xFE, 0xAA, + 0x0A, 0x87, 0xB8, 0x51, 0xF9, 0x2A, 0x01, 0x8F +}; +/* End Session 1 */ +/* Begin Session 2 */ +static uint8_t ms_aes_cbc_key2[] = { + 0xff, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff +}; + +static uint8_t ms_aes_cbc_iv2[] = { + 0xff, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff +}; + +static const uint8_t ms_aes_cbc_cipher2[] = { + 0xBB, 0x3C, 0x68, 0x25, 0xFD, 0xB6, 0xA2, 0x91, + 0x20, 0x56, 0xF6, 0x30, 0x35, 0xFC, 0x9E, 0x97, + 0xF2, 0x90, 0xFC, 0x7E, 0x3E, 0x0A, 0x75, 0xC8, + 0x4C, 0xF2, 0x2D, 0xAC, 0xD3, 0x93, 0xF0, 0xC5, + 0x14, 0x88, 0x8A, 0x23, 0xC2, 0x59, 0x9A, 0x98, + 0x4B, 0xD5, 0x2C, 0xDA, 0x43, 0xA9, 0x34, 0x69, + 0x7C, 0x6D, 0xDB, 0xDC, 0xCB, 0xC0, 0xA0, 0x09, + 0xA7, 0x86, 0x16, 0x4B, 0xBF, 0xA8, 0xB6, 0xCF, + 0x7F, 0x74, 0x1F, 0x22, 0xF0, 0xF6, 0xBB, 0x44, + 0x8B, 0x4C, 0x9E, 0x23, 0xF8, 0x9F, 0xFC, 0x5B, + 0x9E, 0x9C, 0x2A, 0x79, 0x30, 0x8F, 0xBF, 0xA9, + 0x68, 0xA1, 0x20, 0x71, 0x7C, 0x77, 0x22, 0x34, + 0x07, 0xCD, 0xC6, 0xF6, 0x50, 0x0A, 0x08, 0x99, + 0x17, 0x98, 0xE3, 0x93, 0x8A, 0xB0, 0xEE, 0xDF, + 0xC2, 0xBA, 0x3B, 0x44, 0x73, 0xDF, 0xDD, 0xDC, + 0x14, 0x4D, 0x3B, 0xBB, 0x5E, 0x58, 0xC1, 0x26, + 0xA7, 0xAE, 0x47, 0xF3, 0x24, 0x6D, 0x4F, 0xD3, + 0x6E, 0x3E, 0x33, 0xE6, 0x7F, 0xCA, 0x50, 0xAF, + 0x5D, 0x3D, 0xA0, 0xDD, 0xC9, 0xF3, 0x30, 0xD3, + 0x6E, 0x8B, 0x2E, 0x12, 0x24, 0x34, 0xF0, 0xD3, + 0xC7, 0x8D, 0x23, 0x29, 0xAA, 0x05, 0xE1, 0xFA, + 0x2E, 0xF6, 0x8D, 0x37, 0x86, 0xC0, 0x6D, 0x13, + 0x2D, 0x98, 0xF3, 0x52, 0x39, 0x22, 0xCE, 0x38, + 0xC2, 0x1A, 0x72, 0xED, 0xFB, 0xCC, 0xE4, 0x71, + 0x5A, 0x0C, 0x0D, 0x09, 0xF8, 0xE8, 0x1B, 0xBC, + 0x53, 0xC8, 0xD8, 0x8F, 0xE5, 0x98, 0x5A, 0xB1, + 0x06, 0xA6, 0x5B, 0xE6, 0xA2, 0x88, 0x21, 0x9E, + 0x36, 0xC0, 0x34, 0xF9, 0xFB, 0x3B, 0x0A, 0x22, + 0x00, 0x00, 0x39, 0x48, 0x8D, 0x23, 0x74, 0x62, + 0x72, 0x91, 0xE6, 0x36, 0xAA, 0x77, 0x9C, 0x72, + 0x9D, 0xA8, 0xC3, 0xA9, 0xD5, 0x44, 0x72, 0xA6, + 0xB9, 0x28, 0x8F, 0x64, 0x4C, 0x8A, 0x64, 0xE6, + 0x4E, 0xFA, 0xEF, 0x87, 0xDE, 0x7B, 0x22, 0x44, + 0xB0, 0xDF, 0x2E, 0x5F, 0x0B, 0xA5, 0xF2, 0x24, + 0x07, 0x5C, 0x2D, 0x39, 0xB7, 0x3D, 0x8A, 0xE5, + 0x0E, 0x9D, 0x4E, 0x50, 0xED, 0x03, 0x99, 0x8E, + 0xF0, 0x06, 0x55, 0x4E, 0xA2, 0x24, 0xE7, 0x17, + 0x46, 0xDF, 0x6C, 0xCD, 0xC6, 0x44, 0xE8, 0xF9, + 0xB9, 0x1B, 0x36, 0xF6, 0x7F, 0x10, 0xA4, 0x7D, + 0x90, 0xBD, 0xE4, 0xAA, 0xD6, 0x9E, 0x18, 0x9D, + 0x22, 0x35, 0xD6, 0x55, 0x54, 0xAA, 0xF7, 0x22, + 0xA3, 0x3E, 0xEF, 0xC8, 0xA2, 0x34, 0x8D, 0xA9, + 0x37, 0x63, 0xA6, 0xC3, 0x57, 0xCB, 0x0C, 0x49, + 0x7D, 0x02, 0xBE, 0xAA, 0x13, 0x75, 0xB7, 0x4E, + 0x52, 0x62, 0xA5, 0xC2, 0x33, 0xC7, 0x6C, 0x1B, + 0xF6, 0x34, 0xF6, 0x09, 0xA5, 0x0C, 0xC7, 0xA2, + 0x61, 0x48, 0x62, 0x7D, 0x17, 0x15, 0xE3, 0x95, + 0xC8, 0x63, 0xD2, 0xA4, 0x43, 0xA9, 0x49, 0x07, + 0xB2, 0x3B, 0x2B, 0x62, 0x7D, 0xCB, 0x51, 0xB3, + 0x25, 0x33, 0x47, 0x0E, 0x14, 0x67, 0xDC, 0x6A, + 0x9B, 0x51, 0xAC, 0x9D, 0x8F, 0xA2, 0x2B, 0x57, + 0x8C, 0x5C, 0x5F, 0x76, 0x23, 0x92, 0x0F, 0x84, + 0x46, 0x0E, 0x40, 0x85, 0x38, 0x60, 0xFA, 0x61, + 0x20, 0xC5, 0xE3, 0xF1, 0x70, 0xAC, 0x1B, 0xBF, + 0xC4, 0x2B, 0xC5, 0x67, 0xD1, 0x43, 0xC5, 0x17, + 0x74, 0x71, 0x69, 0x6F, 0x82, 0x89, 0x19, 0x8A, + 0x70, 0x43, 0x92, 0x01, 0xC4, 0x63, 0x7E, 0xB1, + 0x59, 0x4E, 0xCD, 0xEA, 0x93, 0xA4, 0x52, 0x53, + 0x9B, 0x61, 0x5B, 0xD2, 0x3E, 0x19, 0x39, 0xB7, + 0x32, 0xEA, 0x8E, 0xF8, 0x1D, 0x76, 0x5C, 0xB2, + 0x73, 0x2D, 0x91, 0xC0, 0x18, 0xED, 0x25, 0x2A, + 0x53, 0x64, 0xF0, 0x92, 0x31, 0x55, 0x21, 0xA8, + 0x24, 0xA9, 0xD1, 0x02, 0xF6, 0x6C, 0x2B, 0x70, + 0xA9, 0x59, 0xC1, 0xD6, 0xC3, 0x57, 0x5B, 0x92 +}; + +static uint8_t ms_hmac_key2[] = { + 0xFC, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1, + 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, + 0x58, 0x34, 0x85, 0x65, 0x1C, 0x42, 0x50, 0x76, + 0x9A, 0xAF, 0x88, 0x1B, 0xB6, 0x8F, 0xF8, 0x60, + 0xA2, 0x5A, 0x7F, 0x3F, 0xF4, 0x72, 0x70, 0xF1, + 0xF5, 0x35, 0x4C, 0x3B, 0xDD, 0x90, 0x65, 0xB0, + 0x47, 0x3A, 0x75, 0x61, 0x5C, 0xA2, 0x10, 0x76, + 0x9A, 0xAF, 0x77, 0x5B, 0xB6, 0x7F, 0xF7, 0x60 +}; + +static const uint8_t ms_hmac_digest2[] = { + 0xA5, 0x0F, 0x9C, 0xFB, 0x08, 0x62, 0x59, 0xFF, + 0x80, 0x2F, 0xEB, 0x4B, 0xE1, 0x46, 0x21, 0xD6, + 0x02, 0x98, 0xF2, 0x8E, 0xF4, 0xEC, 0xD4, 0x77, + 0x86, 0x4C, 0x31, 0x28, 0xC8, 0x25, 0x80, 0x27, + 0x3A, 0x72, 0x5D, 0x6A, 0x56, 0x8A, 0xD3, 0x82, + 0xB0, 0xEC, 0x31, 0x6D, 0x8B, 0x6B, 0xB4, 0x24, + 0xE7, 0x62, 0xC1, 0x52, 0xBC, 0x14, 0x1B, 0x8E, + 0xEC, 0x9A, 0xF1, 0x47, 0x80, 0xD2, 0xB0, 0x59 +}; + +/* End Session 2 */ + + +static int +test_AES_CBC_HMAC_SHA1_encrypt_digest(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + int status; + + /* Verify the capabilities */ + struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_SHA1_HMAC; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_AES_CBC; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; + + /* Generate test mbuf data and space for digest */ + ut_params->ibuf = setup_test_string(ts_params->mbuf_pool, + catch_22_quote, QUOTE_512_BYTES, 0); + + ut_params->digest = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + DIGEST_BYTE_LENGTH_SHA1); + TEST_ASSERT_NOT_NULL(ut_params->digest, "no room to append digest"); -static const uint8_t ms_hmac_digest0[] = { - 0x43, 0x52, 0xED, 0x34, 0xAB, 0x36, 0xB2, 0x51, - 0xFB, 0xA3, 0xA6, 0x7C, 0x38, 0xFC, 0x42, 0x8F, - 0x57, 0x64, 0xAB, 0x81, 0xA7, 0x89, 0xB7, 0x6C, - 0xA0, 0xDC, 0xB9, 0x4D, 0xC4, 0x30, 0xF9, 0xD4, - 0x10, 0x82, 0x55, 0xD0, 0xAB, 0x32, 0xFB, 0x56, - 0x0D, 0xE4, 0x68, 0x3D, 0x76, 0xD0, 0x7B, 0xE4, - 0xA6, 0x2C, 0x34, 0x9E, 0x8C, 0x41, 0xF8, 0x23, - 0x28, 0x1B, 0x3A, 0x90, 0x26, 0x34, 0x47, 0x90 - }; + /* Setup Cipher Parameters */ + ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + ut_params->cipher_xform.next = &ut_params->auth_xform; + + ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CBC; + ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT; + ut_params->cipher_xform.cipher.key.data = aes_cbc_key; + ut_params->cipher_xform.cipher.key.length = CIPHER_KEY_LENGTH_AES_CBC; + ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; + ut_params->cipher_xform.cipher.iv.length = CIPHER_IV_LENGTH_AES_CBC; + + /* Setup HMAC Parameters */ + ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; + + ut_params->auth_xform.next = NULL; + + ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE; + ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_SHA1_HMAC; + ut_params->auth_xform.auth.key.length = HMAC_KEY_LENGTH_SHA1; + ut_params->auth_xform.auth.key.data = hmac_sha1_key; + ut_params->auth_xform.auth.digest_length = DIGEST_BYTE_LENGTH_SHA1; + + ut_params->sess = rte_cryptodev_sym_session_create( + ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + + /* Create crypto session*/ + status = rte_cryptodev_sym_session_init(ts_params->valid_devs[0], + ut_params->sess, &ut_params->cipher_xform, + ts_params->session_priv_mpool); + + if (status == -ENOTSUP) + return TEST_SKIPPED; + + TEST_ASSERT_EQUAL(status, 0, "Session init failed"); + + /* Generate crypto op data structure */ + ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, + RTE_CRYPTO_OP_TYPE_SYMMETRIC); + TEST_ASSERT_NOT_NULL(ut_params->op, + "Failed to allocate symmetric crypto operation struct"); + + rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); + + struct rte_crypto_sym_op *sym_op = ut_params->op->sym; + + /* set crypto operation source mbuf */ + sym_op->m_src = ut_params->ibuf; + + /* Set crypto operation authentication parameters */ + sym_op->auth.digest.data = ut_params->digest; + sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( + ut_params->ibuf, QUOTE_512_BYTES); + + sym_op->auth.data.offset = 0; + sym_op->auth.data.length = QUOTE_512_BYTES; + + /* Copy IV at the end of the crypto operation */ + rte_memcpy(rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, IV_OFFSET), + aes_cbc_iv, CIPHER_IV_LENGTH_AES_CBC); + + /* Set crypto operation cipher parameters */ + sym_op->cipher.data.offset = 0; + sym_op->cipher.data.length = QUOTE_512_BYTES; + + /* Process crypto operation */ + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + process_cpu_crypt_auth_op(ts_params->valid_devs[0], + ut_params->op); + else + TEST_ASSERT_NOT_NULL( + process_crypto_request(ts_params->valid_devs[0], + ut_params->op), + "failed to process sym crypto op"); + + TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, + "crypto op processing failed"); + + /* Validate obuf */ + uint8_t *ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_src, + uint8_t *); + + TEST_ASSERT_BUFFERS_ARE_EQUAL(ciphertext, + catch_22_quote_2_512_bytes_AES_CBC_ciphertext, + QUOTE_512_BYTES, + "ciphertext data not as expected"); + + uint8_t *digest = ciphertext + QUOTE_512_BYTES; + + TEST_ASSERT_BUFFERS_ARE_EQUAL(digest, + catch_22_quote_2_512_bytes_AES_CBC_HMAC_SHA1_digest, + gbl_driver_id == rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)) ? + TRUNCATED_DIGEST_BYTE_LENGTH_SHA1 : + DIGEST_BYTE_LENGTH_SHA1, + "Generated digest data not as expected"); + + return TEST_SUCCESS; +} + +/* ***** AES-CBC / HMAC-SHA512 Hash Tests ***** */ + +#define HMAC_KEY_LENGTH_SHA512 (DIGEST_BYTE_LENGTH_SHA512) + +static uint8_t hmac_sha512_key[] = { + 0x42, 0x1a, 0x7d, 0x3d, 0xf5, 0x82, 0x80, 0xf1, + 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, + 0x58, 0x34, 0x85, 0x65, 0x1C, 0x42, 0x50, 0x76, + 0x9a, 0xaf, 0x88, 0x1b, 0xb6, 0x8f, 0xf8, 0x60, + 0xa2, 0x5a, 0x7f, 0x3f, 0xf4, 0x72, 0x70, 0xf1, + 0xF5, 0x35, 0x4C, 0x3B, 0xDD, 0x90, 0x65, 0xB0, + 0x47, 0x3a, 0x75, 0x61, 0x5C, 0xa2, 0x10, 0x76, + 0x9a, 0xaf, 0x77, 0x5b, 0xb6, 0x7f, 0xf7, 0x60 }; + +static const uint8_t catch_22_quote_2_512_bytes_AES_CBC_HMAC_SHA512_digest[] = { + 0x5D, 0x54, 0x66, 0xC1, 0x6E, 0xBC, 0x04, 0xB8, + 0x46, 0xB8, 0x08, 0x6E, 0xE0, 0xF0, 0x43, 0x48, + 0x37, 0x96, 0x9C, 0xC6, 0x9C, 0xC2, 0x1E, 0xE8, + 0xF2, 0x0C, 0x0B, 0xEF, 0x86, 0xA2, 0xE3, 0x70, + 0x95, 0xC8, 0xB3, 0x06, 0x47, 0xA9, 0x90, 0xE8, + 0xA0, 0xC6, 0x72, 0x69, 0x05, 0xC0, 0x0D, 0x0E, + 0x21, 0x96, 0x65, 0x93, 0x74, 0x43, 0x2A, 0x1D, + 0x2E, 0xBF, 0xC2, 0xC2, 0xEE, 0xCC, 0x2F, 0x0A }; + + + +static int +test_AES_CBC_HMAC_SHA512_decrypt_create_session_params( + struct crypto_unittest_params *ut_params, + uint8_t *cipher_key, + uint8_t *hmac_key); + +static int +test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess, + struct crypto_unittest_params *ut_params, + struct crypto_testsuite_params *ts_params, + const uint8_t *cipher, + const uint8_t *digest, + const uint8_t *iv); + + +static int +test_AES_CBC_HMAC_SHA512_decrypt_create_session_params( + struct crypto_unittest_params *ut_params, + uint8_t *cipher_key, + uint8_t *hmac_key) +{ + + /* Setup Cipher Parameters */ + ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + ut_params->cipher_xform.next = NULL; + + ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CBC; + ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_DECRYPT; + ut_params->cipher_xform.cipher.key.data = cipher_key; + ut_params->cipher_xform.cipher.key.length = CIPHER_KEY_LENGTH_AES_CBC; + ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; + ut_params->cipher_xform.cipher.iv.length = CIPHER_IV_LENGTH_AES_CBC; + + /* Setup HMAC Parameters */ + ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; + ut_params->auth_xform.next = &ut_params->cipher_xform; + + ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY; + ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_SHA512_HMAC; + ut_params->auth_xform.auth.key.data = hmac_key; + ut_params->auth_xform.auth.key.length = HMAC_KEY_LENGTH_SHA512; + ut_params->auth_xform.auth.digest_length = DIGEST_BYTE_LENGTH_SHA512; + + return TEST_SUCCESS; +} + + +static int +test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess, + struct crypto_unittest_params *ut_params, + struct crypto_testsuite_params *ts_params, + const uint8_t *cipher, + const uint8_t *digest, + const uint8_t *iv) +{ + /* Generate test mbuf data and digest */ + ut_params->ibuf = setup_test_string(ts_params->mbuf_pool, + (const char *) + cipher, + QUOTE_512_BYTES, 0); + + ut_params->digest = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + DIGEST_BYTE_LENGTH_SHA512); + TEST_ASSERT_NOT_NULL(ut_params->digest, "no room to append digest"); + + rte_memcpy(ut_params->digest, + digest, + DIGEST_BYTE_LENGTH_SHA512); + + /* Generate Crypto op data structure */ + ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, + RTE_CRYPTO_OP_TYPE_SYMMETRIC); + TEST_ASSERT_NOT_NULL(ut_params->op, + "Failed to allocate symmetric crypto operation struct"); + + rte_crypto_op_attach_sym_session(ut_params->op, sess); + + struct rte_crypto_sym_op *sym_op = ut_params->op->sym; + + /* set crypto operation source mbuf */ + sym_op->m_src = ut_params->ibuf; + + sym_op->auth.digest.data = ut_params->digest; + sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( + ut_params->ibuf, QUOTE_512_BYTES); + + sym_op->auth.data.offset = 0; + sym_op->auth.data.length = QUOTE_512_BYTES; + + /* Copy IV at the end of the crypto operation */ + rte_memcpy(rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, IV_OFFSET), + iv, CIPHER_IV_LENGTH_AES_CBC); + + sym_op->cipher.data.offset = 0; + sym_op->cipher.data.length = QUOTE_512_BYTES; + + /* Process crypto operation */ + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + process_cpu_crypt_auth_op(ts_params->valid_devs[0], + ut_params->op); + else if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 1, 0, 0); + else + TEST_ASSERT_NOT_NULL( + process_crypto_request(ts_params->valid_devs[0], + ut_params->op), + "failed to process sym crypto op"); -/* End Session 0 */ -/* Begin session 1 */ + TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, + "crypto op processing failed"); -static uint8_t ms_aes_cbc_key1[] = { - 0xf1, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, - 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff -}; + ut_params->obuf = ut_params->op->sym->m_src; -static uint8_t ms_aes_cbc_iv1[] = { - 0xf1, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, - 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff -}; + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL( + rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), + catch_22_quote, + QUOTE_512_BYTES, + "Plaintext data not as expected"); -static const uint8_t ms_aes_cbc_cipher1[] = { - 0x5A, 0x7A, 0x67, 0x5D, 0xB8, 0xE1, 0xDC, 0x71, - 0x39, 0xA8, 0x74, 0x93, 0x9C, 0x4C, 0xFE, 0x23, - 0x61, 0xCD, 0xA4, 0xB3, 0xD9, 0xCE, 0x99, 0x09, - 0x2A, 0x23, 0xF3, 0x29, 0xBF, 0x4C, 0xB4, 0x6A, - 0x1B, 0x6B, 0x73, 0x4D, 0x48, 0x0C, 0xCF, 0x6C, - 0x5E, 0x34, 0x9E, 0x7F, 0xBC, 0x8F, 0xCC, 0x8F, - 0x75, 0x1D, 0x3D, 0x77, 0x10, 0x76, 0xC8, 0xB9, - 0x99, 0x6F, 0xD6, 0x56, 0x75, 0xA9, 0xB2, 0x66, - 0xC2, 0x24, 0x2B, 0x9C, 0xFE, 0x40, 0x8E, 0x43, - 0x20, 0x97, 0x1B, 0xFA, 0xD0, 0xCF, 0x04, 0xAB, - 0xBB, 0xF6, 0x5D, 0xF5, 0xA0, 0x19, 0x7C, 0x23, - 0x5D, 0x80, 0x8C, 0x49, 0xF6, 0x76, 0x88, 0x29, - 0x27, 0x4C, 0x59, 0x2B, 0x43, 0xA6, 0xB2, 0x26, - 0x27, 0x78, 0xBE, 0x1B, 0xE1, 0x4F, 0x5A, 0x1F, - 0xFC, 0x68, 0x08, 0xE7, 0xC4, 0xD1, 0x34, 0x68, - 0xB7, 0x13, 0x14, 0x41, 0x62, 0x6B, 0x1F, 0x77, - 0x0C, 0x68, 0x1D, 0x0D, 0xED, 0x89, 0xAA, 0xD8, - 0x97, 0x02, 0xBA, 0x5E, 0xD4, 0x84, 0x25, 0x97, - 0x03, 0xA5, 0xA6, 0x13, 0x66, 0x02, 0xF4, 0xC3, - 0xF3, 0xD3, 0xCC, 0x95, 0xC3, 0x87, 0x46, 0x90, - 0x1F, 0x6E, 0x14, 0xA8, 0x00, 0xF2, 0x6F, 0xD5, - 0xA1, 0xAD, 0xD5, 0x40, 0xA2, 0x0F, 0x32, 0x7E, - 0x99, 0xA3, 0xF5, 0x53, 0xC3, 0x26, 0xA1, 0x45, - 0x01, 0x88, 0x57, 0x84, 0x3E, 0x7B, 0x4E, 0x0B, - 0x3C, 0xB5, 0x3E, 0x9E, 0xE9, 0x78, 0x77, 0xC5, - 0xC0, 0x89, 0xA8, 0xF8, 0xF1, 0xA5, 0x2D, 0x5D, - 0xF9, 0xC6, 0xFB, 0xCB, 0x05, 0x23, 0xBD, 0x6E, - 0x5E, 0x14, 0xC6, 0x57, 0x73, 0xCF, 0x98, 0xBD, - 0x10, 0x8B, 0x18, 0xA6, 0x01, 0x5B, 0x13, 0xAE, - 0x8E, 0xDE, 0x1F, 0xB5, 0xB7, 0x40, 0x6C, 0xC1, - 0x1E, 0xA1, 0x19, 0x20, 0x9E, 0x95, 0xE0, 0x2F, - 0x1C, 0xF5, 0xD9, 0xD0, 0x2B, 0x1E, 0x82, 0x25, - 0x62, 0xB4, 0xEB, 0xA1, 0x1F, 0xCE, 0x44, 0xA1, - 0xCB, 0x92, 0x01, 0x6B, 0xE4, 0x26, 0x23, 0xE3, - 0xC5, 0x67, 0x35, 0x55, 0xDA, 0xE5, 0x27, 0xEE, - 0x8D, 0x12, 0x84, 0xB7, 0xBA, 0xA7, 0x1C, 0xD6, - 0x32, 0x3F, 0x67, 0xED, 0xFB, 0x5B, 0x8B, 0x52, - 0x46, 0x8C, 0xF9, 0x69, 0xCD, 0xAE, 0x79, 0xAA, - 0x37, 0x78, 0x49, 0xEB, 0xC6, 0x8E, 0x76, 0x63, - 0x84, 0xFF, 0x9D, 0x22, 0x99, 0x51, 0xB7, 0x5E, - 0x83, 0x4C, 0x8B, 0xDF, 0x5A, 0x07, 0xCC, 0xBA, - 0x42, 0xA5, 0x98, 0xB6, 0x47, 0x0E, 0x66, 0xEB, - 0x23, 0x0E, 0xBA, 0x44, 0xA8, 0xAA, 0x20, 0x71, - 0x79, 0x9C, 0x77, 0x5F, 0xF5, 0xFE, 0xEC, 0xEF, - 0xC6, 0x64, 0x3D, 0x84, 0xD0, 0x2B, 0xA7, 0x0A, - 0xC3, 0x72, 0x5B, 0x9C, 0xFA, 0xA8, 0x87, 0x95, - 0x94, 0x11, 0x38, 0xA7, 0x1E, 0x58, 0xE3, 0x73, - 0xC6, 0xC9, 0xD1, 0x7B, 0x92, 0xDB, 0x0F, 0x49, - 0x74, 0xC2, 0xA2, 0x0E, 0x35, 0x57, 0xAC, 0xDB, - 0x9A, 0x1C, 0xCF, 0x5A, 0x32, 0x3E, 0x26, 0x9B, - 0xEC, 0xB3, 0xEF, 0x9C, 0xFE, 0xBE, 0x52, 0xAC, - 0xB1, 0x29, 0xDD, 0xFD, 0x07, 0xE2, 0xEE, 0xED, - 0xE4, 0x46, 0x37, 0xFE, 0xD1, 0xDC, 0xCD, 0x02, - 0xF9, 0x31, 0xB0, 0xFB, 0x36, 0xB7, 0x34, 0xA4, - 0x76, 0xE8, 0x57, 0xBF, 0x99, 0x92, 0xC7, 0xAF, - 0x98, 0x10, 0xE2, 0x70, 0xCA, 0xC9, 0x2B, 0x82, - 0x06, 0x96, 0x88, 0x0D, 0xB3, 0xAC, 0x9E, 0x6D, - 0x43, 0xBC, 0x5B, 0x31, 0xCF, 0x65, 0x8D, 0xA6, - 0xC7, 0xFE, 0x73, 0xE1, 0x54, 0xF7, 0x10, 0xF9, - 0x86, 0xF7, 0xDF, 0xA1, 0xA1, 0xD8, 0xAE, 0x35, - 0xB3, 0x90, 0xDC, 0x6F, 0x43, 0x7A, 0x8B, 0xE0, - 0xFE, 0x8F, 0x33, 0x4D, 0x29, 0x6C, 0x45, 0x53, - 0x73, 0xDD, 0x21, 0x0B, 0x85, 0x30, 0xB5, 0xA5, - 0xF3, 0x5D, 0xEC, 0x79, 0x61, 0x9D, 0x9E, 0xB3 + /* Validate obuf */ + TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, + "Digest verification failed"); -}; + return TEST_SUCCESS; +} -static uint8_t ms_hmac_key1[] = { - 0xFE, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1, - 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, - 0x58, 0x34, 0x85, 0x65, 0x1C, 0x42, 0x50, 0x76, - 0x9A, 0xAF, 0x88, 0x1B, 0xB6, 0x8F, 0xF8, 0x60, - 0xA2, 0x5A, 0x7F, 0x3F, 0xF4, 0x72, 0x70, 0xF1, - 0xF5, 0x35, 0x4C, 0x3B, 0xDD, 0x90, 0x65, 0xB0, - 0x47, 0x3A, 0x75, 0x61, 0x5C, 0xA2, 0x10, 0x76, - 0x9A, 0xAF, 0x77, 0x5B, 0xB6, 0x7F, 0xF7, 0x60 -}; +/* ***** SNOW 3G Tests ***** */ +static int +create_wireless_algo_hash_session(uint8_t dev_id, + const uint8_t *key, const uint8_t key_len, + const uint8_t iv_len, const uint8_t auth_len, + enum rte_crypto_auth_operation op, + enum rte_crypto_auth_algorithm algo) +{ + uint8_t hash_key[key_len]; + int status; -static const uint8_t ms_hmac_digest1[] = { - 0xCE, 0x6E, 0x5F, 0x77, 0x96, 0x9A, 0xB1, 0x69, - 0x2D, 0x5E, 0xF3, 0x2F, 0x32, 0x10, 0xCB, 0x50, - 0x0E, 0x09, 0x56, 0x25, 0x07, 0x34, 0xC9, 0x20, - 0xEC, 0x13, 0x43, 0x23, 0x5C, 0x08, 0x8B, 0xCD, - 0xDC, 0x86, 0x8C, 0xEE, 0x0A, 0x95, 0x2E, 0xB9, - 0x8C, 0x7B, 0x02, 0x7A, 0xD4, 0xE1, 0x49, 0xB4, - 0x45, 0xB5, 0x52, 0x37, 0xC6, 0xFF, 0xFE, 0xAA, - 0x0A, 0x87, 0xB8, 0x51, 0xF9, 0x2A, 0x01, 0x8F -}; -/* End Session 1 */ -/* Begin Session 2 */ -static uint8_t ms_aes_cbc_key2[] = { - 0xff, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, - 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff -}; + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; -static uint8_t ms_aes_cbc_iv2[] = { - 0xff, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, - 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff -}; + memcpy(hash_key, key, key_len); -static const uint8_t ms_aes_cbc_cipher2[] = { - 0xBB, 0x3C, 0x68, 0x25, 0xFD, 0xB6, 0xA2, 0x91, - 0x20, 0x56, 0xF6, 0x30, 0x35, 0xFC, 0x9E, 0x97, - 0xF2, 0x90, 0xFC, 0x7E, 0x3E, 0x0A, 0x75, 0xC8, - 0x4C, 0xF2, 0x2D, 0xAC, 0xD3, 0x93, 0xF0, 0xC5, - 0x14, 0x88, 0x8A, 0x23, 0xC2, 0x59, 0x9A, 0x98, - 0x4B, 0xD5, 0x2C, 0xDA, 0x43, 0xA9, 0x34, 0x69, - 0x7C, 0x6D, 0xDB, 0xDC, 0xCB, 0xC0, 0xA0, 0x09, - 0xA7, 0x86, 0x16, 0x4B, 0xBF, 0xA8, 0xB6, 0xCF, - 0x7F, 0x74, 0x1F, 0x22, 0xF0, 0xF6, 0xBB, 0x44, - 0x8B, 0x4C, 0x9E, 0x23, 0xF8, 0x9F, 0xFC, 0x5B, - 0x9E, 0x9C, 0x2A, 0x79, 0x30, 0x8F, 0xBF, 0xA9, - 0x68, 0xA1, 0x20, 0x71, 0x7C, 0x77, 0x22, 0x34, - 0x07, 0xCD, 0xC6, 0xF6, 0x50, 0x0A, 0x08, 0x99, - 0x17, 0x98, 0xE3, 0x93, 0x8A, 0xB0, 0xEE, 0xDF, - 0xC2, 0xBA, 0x3B, 0x44, 0x73, 0xDF, 0xDD, 0xDC, - 0x14, 0x4D, 0x3B, 0xBB, 0x5E, 0x58, 0xC1, 0x26, - 0xA7, 0xAE, 0x47, 0xF3, 0x24, 0x6D, 0x4F, 0xD3, - 0x6E, 0x3E, 0x33, 0xE6, 0x7F, 0xCA, 0x50, 0xAF, - 0x5D, 0x3D, 0xA0, 0xDD, 0xC9, 0xF3, 0x30, 0xD3, - 0x6E, 0x8B, 0x2E, 0x12, 0x24, 0x34, 0xF0, 0xD3, - 0xC7, 0x8D, 0x23, 0x29, 0xAA, 0x05, 0xE1, 0xFA, - 0x2E, 0xF6, 0x8D, 0x37, 0x86, 0xC0, 0x6D, 0x13, - 0x2D, 0x98, 0xF3, 0x52, 0x39, 0x22, 0xCE, 0x38, - 0xC2, 0x1A, 0x72, 0xED, 0xFB, 0xCC, 0xE4, 0x71, - 0x5A, 0x0C, 0x0D, 0x09, 0xF8, 0xE8, 0x1B, 0xBC, - 0x53, 0xC8, 0xD8, 0x8F, 0xE5, 0x98, 0x5A, 0xB1, - 0x06, 0xA6, 0x5B, 0xE6, 0xA2, 0x88, 0x21, 0x9E, - 0x36, 0xC0, 0x34, 0xF9, 0xFB, 0x3B, 0x0A, 0x22, - 0x00, 0x00, 0x39, 0x48, 0x8D, 0x23, 0x74, 0x62, - 0x72, 0x91, 0xE6, 0x36, 0xAA, 0x77, 0x9C, 0x72, - 0x9D, 0xA8, 0xC3, 0xA9, 0xD5, 0x44, 0x72, 0xA6, - 0xB9, 0x28, 0x8F, 0x64, 0x4C, 0x8A, 0x64, 0xE6, - 0x4E, 0xFA, 0xEF, 0x87, 0xDE, 0x7B, 0x22, 0x44, - 0xB0, 0xDF, 0x2E, 0x5F, 0x0B, 0xA5, 0xF2, 0x24, - 0x07, 0x5C, 0x2D, 0x39, 0xB7, 0x3D, 0x8A, 0xE5, - 0x0E, 0x9D, 0x4E, 0x50, 0xED, 0x03, 0x99, 0x8E, - 0xF0, 0x06, 0x55, 0x4E, 0xA2, 0x24, 0xE7, 0x17, - 0x46, 0xDF, 0x6C, 0xCD, 0xC6, 0x44, 0xE8, 0xF9, - 0xB9, 0x1B, 0x36, 0xF6, 0x7F, 0x10, 0xA4, 0x7D, - 0x90, 0xBD, 0xE4, 0xAA, 0xD6, 0x9E, 0x18, 0x9D, - 0x22, 0x35, 0xD6, 0x55, 0x54, 0xAA, 0xF7, 0x22, - 0xA3, 0x3E, 0xEF, 0xC8, 0xA2, 0x34, 0x8D, 0xA9, - 0x37, 0x63, 0xA6, 0xC3, 0x57, 0xCB, 0x0C, 0x49, - 0x7D, 0x02, 0xBE, 0xAA, 0x13, 0x75, 0xB7, 0x4E, - 0x52, 0x62, 0xA5, 0xC2, 0x33, 0xC7, 0x6C, 0x1B, - 0xF6, 0x34, 0xF6, 0x09, 0xA5, 0x0C, 0xC7, 0xA2, - 0x61, 0x48, 0x62, 0x7D, 0x17, 0x15, 0xE3, 0x95, - 0xC8, 0x63, 0xD2, 0xA4, 0x43, 0xA9, 0x49, 0x07, - 0xB2, 0x3B, 0x2B, 0x62, 0x7D, 0xCB, 0x51, 0xB3, - 0x25, 0x33, 0x47, 0x0E, 0x14, 0x67, 0xDC, 0x6A, - 0x9B, 0x51, 0xAC, 0x9D, 0x8F, 0xA2, 0x2B, 0x57, - 0x8C, 0x5C, 0x5F, 0x76, 0x23, 0x92, 0x0F, 0x84, - 0x46, 0x0E, 0x40, 0x85, 0x38, 0x60, 0xFA, 0x61, - 0x20, 0xC5, 0xE3, 0xF1, 0x70, 0xAC, 0x1B, 0xBF, - 0xC4, 0x2B, 0xC5, 0x67, 0xD1, 0x43, 0xC5, 0x17, - 0x74, 0x71, 0x69, 0x6F, 0x82, 0x89, 0x19, 0x8A, - 0x70, 0x43, 0x92, 0x01, 0xC4, 0x63, 0x7E, 0xB1, - 0x59, 0x4E, 0xCD, 0xEA, 0x93, 0xA4, 0x52, 0x53, - 0x9B, 0x61, 0x5B, 0xD2, 0x3E, 0x19, 0x39, 0xB7, - 0x32, 0xEA, 0x8E, 0xF8, 0x1D, 0x76, 0x5C, 0xB2, - 0x73, 0x2D, 0x91, 0xC0, 0x18, 0xED, 0x25, 0x2A, - 0x53, 0x64, 0xF0, 0x92, 0x31, 0x55, 0x21, 0xA8, - 0x24, 0xA9, 0xD1, 0x02, 0xF6, 0x6C, 0x2B, 0x70, - 0xA9, 0x59, 0xC1, 0xD6, 0xC3, 0x57, 0x5B, 0x92 -}; + debug_hexdump(stdout, "key:", key, key_len); -static uint8_t ms_hmac_key2[] = { - 0xFC, 0x1A, 0x7D, 0x3D, 0xF5, 0x82, 0x80, 0xF1, - 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, - 0x58, 0x34, 0x85, 0x65, 0x1C, 0x42, 0x50, 0x76, - 0x9A, 0xAF, 0x88, 0x1B, 0xB6, 0x8F, 0xF8, 0x60, - 0xA2, 0x5A, 0x7F, 0x3F, 0xF4, 0x72, 0x70, 0xF1, - 0xF5, 0x35, 0x4C, 0x3B, 0xDD, 0x90, 0x65, 0xB0, - 0x47, 0x3A, 0x75, 0x61, 0x5C, 0xA2, 0x10, 0x76, - 0x9A, 0xAF, 0x77, 0x5B, 0xB6, 0x7F, 0xF7, 0x60 -}; + /* Setup Authentication Parameters */ + ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; + ut_params->auth_xform.next = NULL; -static const uint8_t ms_hmac_digest2[] = { - 0xA5, 0x0F, 0x9C, 0xFB, 0x08, 0x62, 0x59, 0xFF, - 0x80, 0x2F, 0xEB, 0x4B, 0xE1, 0x46, 0x21, 0xD6, - 0x02, 0x98, 0xF2, 0x8E, 0xF4, 0xEC, 0xD4, 0x77, - 0x86, 0x4C, 0x31, 0x28, 0xC8, 0x25, 0x80, 0x27, - 0x3A, 0x72, 0x5D, 0x6A, 0x56, 0x8A, 0xD3, 0x82, - 0xB0, 0xEC, 0x31, 0x6D, 0x8B, 0x6B, 0xB4, 0x24, - 0xE7, 0x62, 0xC1, 0x52, 0xBC, 0x14, 0x1B, 0x8E, - 0xEC, 0x9A, 0xF1, 0x47, 0x80, 0xD2, 0xB0, 0x59 -}; + ut_params->auth_xform.auth.op = op; + ut_params->auth_xform.auth.algo = algo; + ut_params->auth_xform.auth.key.length = key_len; + ut_params->auth_xform.auth.key.data = hash_key; + ut_params->auth_xform.auth.digest_length = auth_len; + ut_params->auth_xform.auth.iv.offset = IV_OFFSET; + ut_params->auth_xform.auth.iv.length = iv_len; + ut_params->sess = rte_cryptodev_sym_session_create( + ts_params->session_mpool); -/* End Session 2 */ + status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, + &ut_params->auth_xform, + ts_params->session_priv_mpool); + if (status == -ENOTSUP) + return TEST_SKIPPED; + TEST_ASSERT_EQUAL(status, 0, "session init failed"); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + return 0; +} static int -test_AES_CBC_HMAC_SHA1_encrypt_digest(void) +create_wireless_algo_cipher_session(uint8_t dev_id, + enum rte_crypto_cipher_operation op, + enum rte_crypto_cipher_algorithm algo, + const uint8_t *key, const uint8_t key_len, + uint8_t iv_len) { + uint8_t cipher_key[key_len]; + int status; struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - /* Verify the capabilities */ - struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_SHA1_HMAC; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_AES_CBC; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; - - /* Generate test mbuf data and space for digest */ - ut_params->ibuf = setup_test_string(ts_params->mbuf_pool, - catch_22_quote, QUOTE_512_BYTES, 0); - - ut_params->digest = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - DIGEST_BYTE_LENGTH_SHA1); - TEST_ASSERT_NOT_NULL(ut_params->digest, "no room to append digest"); + memcpy(cipher_key, key, key_len); /* Setup Cipher Parameters */ ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - ut_params->cipher_xform.next = &ut_params->auth_xform; + ut_params->cipher_xform.next = NULL; - ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CBC; - ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT; - ut_params->cipher_xform.cipher.key.data = aes_cbc_key; - ut_params->cipher_xform.cipher.key.length = CIPHER_KEY_LENGTH_AES_CBC; + ut_params->cipher_xform.cipher.algo = algo; + ut_params->cipher_xform.cipher.op = op; + ut_params->cipher_xform.cipher.key.data = cipher_key; + ut_params->cipher_xform.cipher.key.length = key_len; ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; - ut_params->cipher_xform.cipher.iv.length = CIPHER_IV_LENGTH_AES_CBC; - - /* Setup HMAC Parameters */ - ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; - - ut_params->auth_xform.next = NULL; + ut_params->cipher_xform.cipher.iv.length = iv_len; - ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE; - ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_SHA1_HMAC; - ut_params->auth_xform.auth.key.length = HMAC_KEY_LENGTH_SHA1; - ut_params->auth_xform.auth.key.data = hmac_sha1_key; - ut_params->auth_xform.auth.digest_length = DIGEST_BYTE_LENGTH_SHA1; + debug_hexdump(stdout, "key:", key, key_len); + /* Create Crypto session */ ut_params->sess = rte_cryptodev_sym_session_create( ts_params->session_mpool); - /* Create crypto session*/ - rte_cryptodev_sym_session_init(ts_params->valid_devs[0], - ut_params->sess, &ut_params->cipher_xform, + status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, + &ut_params->cipher_xform, ts_params->session_priv_mpool); + if (status == -ENOTSUP) + return TEST_SKIPPED; + + TEST_ASSERT_EQUAL(status, 0, "session init failed"); TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + return 0; +} - /* Generate crypto op data structure */ +static int +create_wireless_algo_cipher_operation(const uint8_t *iv, uint8_t iv_len, + unsigned int cipher_len, + unsigned int cipher_offset) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + /* Generate Crypto op data structure */ ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, - RTE_CRYPTO_OP_TYPE_SYMMETRIC); + RTE_CRYPTO_OP_TYPE_SYMMETRIC); TEST_ASSERT_NOT_NULL(ut_params->op, - "Failed to allocate symmetric crypto operation struct"); + "Failed to allocate pktmbuf offload"); + /* Set crypto operation data parameters */ rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); struct rte_crypto_sym_op *sym_op = ut_params->op->sym; @@ -1708,1217 +2531,1543 @@ test_AES_CBC_HMAC_SHA1_encrypt_digest(void) /* set crypto operation source mbuf */ sym_op->m_src = ut_params->ibuf; - /* Set crypto operation authentication parameters */ - sym_op->auth.digest.data = ut_params->digest; - sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( - ut_params->ibuf, QUOTE_512_BYTES); + /* iv */ + rte_memcpy(rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, IV_OFFSET), + iv, iv_len); + sym_op->cipher.data.length = cipher_len; + sym_op->cipher.data.offset = cipher_offset; + return 0; +} - sym_op->auth.data.offset = 0; - sym_op->auth.data.length = QUOTE_512_BYTES; +static int +create_wireless_algo_cipher_operation_oop(const uint8_t *iv, uint8_t iv_len, + unsigned int cipher_len, + unsigned int cipher_offset) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; - /* Copy IV at the end of the crypto operation */ + /* Generate Crypto op data structure */ + ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, + RTE_CRYPTO_OP_TYPE_SYMMETRIC); + TEST_ASSERT_NOT_NULL(ut_params->op, + "Failed to allocate pktmbuf offload"); + + /* Set crypto operation data parameters */ + rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); + + struct rte_crypto_sym_op *sym_op = ut_params->op->sym; + + /* set crypto operation source mbuf */ + sym_op->m_src = ut_params->ibuf; + sym_op->m_dst = ut_params->obuf; + + /* iv */ rte_memcpy(rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, IV_OFFSET), - aes_cbc_iv, CIPHER_IV_LENGTH_AES_CBC); + iv, iv_len); + sym_op->cipher.data.length = cipher_len; + sym_op->cipher.data.offset = cipher_offset; + return 0; +} - /* Set crypto operation cipher parameters */ - sym_op->cipher.data.offset = 0; - sym_op->cipher.data.length = QUOTE_512_BYTES; +static int +create_wireless_algo_cipher_auth_session(uint8_t dev_id, + enum rte_crypto_cipher_operation cipher_op, + enum rte_crypto_auth_operation auth_op, + enum rte_crypto_auth_algorithm auth_algo, + enum rte_crypto_cipher_algorithm cipher_algo, + const uint8_t *key, uint8_t key_len, + uint8_t auth_iv_len, uint8_t auth_len, + uint8_t cipher_iv_len) - /* Process crypto operation */ - if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) - process_cpu_crypt_auth_op(ts_params->valid_devs[0], - ut_params->op); - else - TEST_ASSERT_NOT_NULL( - process_crypto_request(ts_params->valid_devs[0], - ut_params->op), - "failed to process sym crypto op"); +{ + uint8_t cipher_auth_key[key_len]; + int status; - TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, - "crypto op processing failed"); + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; - /* Validate obuf */ - uint8_t *ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_src, - uint8_t *); + memcpy(cipher_auth_key, key, key_len); - TEST_ASSERT_BUFFERS_ARE_EQUAL(ciphertext, - catch_22_quote_2_512_bytes_AES_CBC_ciphertext, - QUOTE_512_BYTES, - "ciphertext data not as expected"); + /* Setup Authentication Parameters */ + ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; + ut_params->auth_xform.next = NULL; - uint8_t *digest = ciphertext + QUOTE_512_BYTES; + ut_params->auth_xform.auth.op = auth_op; + ut_params->auth_xform.auth.algo = auth_algo; + ut_params->auth_xform.auth.key.length = key_len; + /* Hash key = cipher key */ + ut_params->auth_xform.auth.key.data = cipher_auth_key; + ut_params->auth_xform.auth.digest_length = auth_len; + /* Auth IV will be after cipher IV */ + ut_params->auth_xform.auth.iv.offset = IV_OFFSET + cipher_iv_len; + ut_params->auth_xform.auth.iv.length = auth_iv_len; - TEST_ASSERT_BUFFERS_ARE_EQUAL(digest, - catch_22_quote_2_512_bytes_AES_CBC_HMAC_SHA1_digest, - gbl_driver_id == rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)) ? - TRUNCATED_DIGEST_BYTE_LENGTH_SHA1 : - DIGEST_BYTE_LENGTH_SHA1, - "Generated digest data not as expected"); + /* Setup Cipher Parameters */ + ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + ut_params->cipher_xform.next = &ut_params->auth_xform; - return TEST_SUCCESS; + ut_params->cipher_xform.cipher.algo = cipher_algo; + ut_params->cipher_xform.cipher.op = cipher_op; + ut_params->cipher_xform.cipher.key.data = cipher_auth_key; + ut_params->cipher_xform.cipher.key.length = key_len; + ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; + ut_params->cipher_xform.cipher.iv.length = cipher_iv_len; + + debug_hexdump(stdout, "key:", key, key_len); + + /* Create Crypto session*/ + ut_params->sess = rte_cryptodev_sym_session_create( + ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + + status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, + &ut_params->cipher_xform, + ts_params->session_priv_mpool); + if (status == -ENOTSUP) + return TEST_SKIPPED; + + TEST_ASSERT_EQUAL(status, 0, "session init failed"); + return 0; } -/* ***** AES-CBC / HMAC-SHA512 Hash Tests ***** */ +static int +create_wireless_cipher_auth_session(uint8_t dev_id, + enum rte_crypto_cipher_operation cipher_op, + enum rte_crypto_auth_operation auth_op, + enum rte_crypto_auth_algorithm auth_algo, + enum rte_crypto_cipher_algorithm cipher_algo, + const struct wireless_test_data *tdata) +{ + const uint8_t key_len = tdata->key.len; + uint8_t cipher_auth_key[key_len]; + int status; -#define HMAC_KEY_LENGTH_SHA512 (DIGEST_BYTE_LENGTH_SHA512) + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + const uint8_t *key = tdata->key.data; + const uint8_t auth_len = tdata->digest.len; + uint8_t cipher_iv_len = tdata->cipher_iv.len; + uint8_t auth_iv_len = tdata->auth_iv.len; -static uint8_t hmac_sha512_key[] = { - 0x42, 0x1a, 0x7d, 0x3d, 0xf5, 0x82, 0x80, 0xf1, - 0xF1, 0x35, 0x5C, 0x3B, 0xDD, 0x9A, 0x65, 0xBA, - 0x58, 0x34, 0x85, 0x65, 0x1C, 0x42, 0x50, 0x76, - 0x9a, 0xaf, 0x88, 0x1b, 0xb6, 0x8f, 0xf8, 0x60, - 0xa2, 0x5a, 0x7f, 0x3f, 0xf4, 0x72, 0x70, 0xf1, - 0xF5, 0x35, 0x4C, 0x3B, 0xDD, 0x90, 0x65, 0xB0, - 0x47, 0x3a, 0x75, 0x61, 0x5C, 0xa2, 0x10, 0x76, - 0x9a, 0xaf, 0x77, 0x5b, 0xb6, 0x7f, 0xf7, 0x60 }; + memcpy(cipher_auth_key, key, key_len); -static const uint8_t catch_22_quote_2_512_bytes_AES_CBC_HMAC_SHA512_digest[] = { - 0x5D, 0x54, 0x66, 0xC1, 0x6E, 0xBC, 0x04, 0xB8, - 0x46, 0xB8, 0x08, 0x6E, 0xE0, 0xF0, 0x43, 0x48, - 0x37, 0x96, 0x9C, 0xC6, 0x9C, 0xC2, 0x1E, 0xE8, - 0xF2, 0x0C, 0x0B, 0xEF, 0x86, 0xA2, 0xE3, 0x70, - 0x95, 0xC8, 0xB3, 0x06, 0x47, 0xA9, 0x90, 0xE8, - 0xA0, 0xC6, 0x72, 0x69, 0x05, 0xC0, 0x0D, 0x0E, - 0x21, 0x96, 0x65, 0x93, 0x74, 0x43, 0x2A, 0x1D, - 0x2E, 0xBF, 0xC2, 0xC2, 0xEE, 0xCC, 0x2F, 0x0A }; + /* Setup Authentication Parameters */ + ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; + ut_params->auth_xform.next = NULL; + + ut_params->auth_xform.auth.op = auth_op; + ut_params->auth_xform.auth.algo = auth_algo; + ut_params->auth_xform.auth.key.length = key_len; + /* Hash key = cipher key */ + ut_params->auth_xform.auth.key.data = cipher_auth_key; + ut_params->auth_xform.auth.digest_length = auth_len; + /* Auth IV will be after cipher IV */ + ut_params->auth_xform.auth.iv.offset = IV_OFFSET + cipher_iv_len; + ut_params->auth_xform.auth.iv.length = auth_iv_len; + + /* Setup Cipher Parameters */ + ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + ut_params->cipher_xform.next = &ut_params->auth_xform; + + ut_params->cipher_xform.cipher.algo = cipher_algo; + ut_params->cipher_xform.cipher.op = cipher_op; + ut_params->cipher_xform.cipher.key.data = cipher_auth_key; + ut_params->cipher_xform.cipher.key.length = key_len; + ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; + ut_params->cipher_xform.cipher.iv.length = cipher_iv_len; + debug_hexdump(stdout, "key:", key, key_len); -static int -test_AES_CBC_HMAC_SHA512_decrypt_create_session_params( - struct crypto_unittest_params *ut_params, - uint8_t *cipher_key, - uint8_t *hmac_key); + /* Create Crypto session*/ + ut_params->sess = rte_cryptodev_sym_session_create( + ts_params->session_mpool); -static int -test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess, - struct crypto_unittest_params *ut_params, - struct crypto_testsuite_params *ts_params, - const uint8_t *cipher, - const uint8_t *digest, - const uint8_t *iv); + status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, + &ut_params->cipher_xform, + ts_params->session_priv_mpool); + if (status == -ENOTSUP) + return TEST_SKIPPED; + TEST_ASSERT_EQUAL(status, 0, "session init failed"); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + return 0; +} static int -test_AES_CBC_HMAC_SHA512_decrypt_create_session_params( - struct crypto_unittest_params *ut_params, - uint8_t *cipher_key, - uint8_t *hmac_key) +create_zuc_cipher_auth_encrypt_generate_session(uint8_t dev_id, + const struct wireless_test_data *tdata) +{ + return create_wireless_cipher_auth_session(dev_id, + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_AUTH_OP_GENERATE, RTE_CRYPTO_AUTH_ZUC_EIA3, + RTE_CRYPTO_CIPHER_ZUC_EEA3, tdata); +} + +static int +create_wireless_algo_auth_cipher_session(uint8_t dev_id, + enum rte_crypto_cipher_operation cipher_op, + enum rte_crypto_auth_operation auth_op, + enum rte_crypto_auth_algorithm auth_algo, + enum rte_crypto_cipher_algorithm cipher_algo, + const uint8_t *key, const uint8_t key_len, + uint8_t auth_iv_len, uint8_t auth_len, + uint8_t cipher_iv_len) { + uint8_t auth_cipher_key[key_len]; + int status; + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + memcpy(auth_cipher_key, key, key_len); + + /* Setup Authentication Parameters */ + ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; + ut_params->auth_xform.auth.op = auth_op; + ut_params->auth_xform.next = &ut_params->cipher_xform; + ut_params->auth_xform.auth.algo = auth_algo; + ut_params->auth_xform.auth.key.length = key_len; + ut_params->auth_xform.auth.key.data = auth_cipher_key; + ut_params->auth_xform.auth.digest_length = auth_len; + /* Auth IV will be after cipher IV */ + ut_params->auth_xform.auth.iv.offset = IV_OFFSET + cipher_iv_len; + ut_params->auth_xform.auth.iv.length = auth_iv_len; /* Setup Cipher Parameters */ ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; ut_params->cipher_xform.next = NULL; - - ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CBC; - ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_DECRYPT; - ut_params->cipher_xform.cipher.key.data = cipher_key; - ut_params->cipher_xform.cipher.key.length = CIPHER_KEY_LENGTH_AES_CBC; + ut_params->cipher_xform.cipher.algo = cipher_algo; + ut_params->cipher_xform.cipher.op = cipher_op; + ut_params->cipher_xform.cipher.key.data = auth_cipher_key; + ut_params->cipher_xform.cipher.key.length = key_len; ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; - ut_params->cipher_xform.cipher.iv.length = CIPHER_IV_LENGTH_AES_CBC; + ut_params->cipher_xform.cipher.iv.length = cipher_iv_len; - /* Setup HMAC Parameters */ - ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; - ut_params->auth_xform.next = &ut_params->cipher_xform; + debug_hexdump(stdout, "key:", key, key_len); - ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY; - ut_params->auth_xform.auth.algo = RTE_CRYPTO_AUTH_SHA512_HMAC; - ut_params->auth_xform.auth.key.data = hmac_key; - ut_params->auth_xform.auth.key.length = HMAC_KEY_LENGTH_SHA512; - ut_params->auth_xform.auth.digest_length = DIGEST_BYTE_LENGTH_SHA512; + /* Create Crypto session*/ + ut_params->sess = rte_cryptodev_sym_session_create( + ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); - return TEST_SUCCESS; -} + if (cipher_op == RTE_CRYPTO_CIPHER_OP_DECRYPT) { + ut_params->auth_xform.next = NULL; + ut_params->cipher_xform.next = &ut_params->auth_xform; + status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, + &ut_params->cipher_xform, + ts_params->session_priv_mpool); + + } else + status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, + &ut_params->auth_xform, + ts_params->session_priv_mpool); + + if (status == -ENOTSUP) + return TEST_SKIPPED; + TEST_ASSERT_EQUAL(status, 0, "session init failed"); + + return 0; +} static int -test_AES_CBC_HMAC_SHA512_decrypt_perform(struct rte_cryptodev_sym_session *sess, - struct crypto_unittest_params *ut_params, - struct crypto_testsuite_params *ts_params, - const uint8_t *cipher, - const uint8_t *digest, - const uint8_t *iv) +create_wireless_algo_hash_operation(const uint8_t *auth_tag, + unsigned int auth_tag_len, + const uint8_t *iv, unsigned int iv_len, + unsigned int data_pad_len, + enum rte_crypto_auth_operation op, + unsigned int auth_len, unsigned int auth_offset) { - /* Generate test mbuf data and digest */ - ut_params->ibuf = setup_test_string(ts_params->mbuf_pool, - (const char *) - cipher, - QUOTE_512_BYTES, 0); - - ut_params->digest = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - DIGEST_BYTE_LENGTH_SHA512); - TEST_ASSERT_NOT_NULL(ut_params->digest, "no room to append digest"); + struct crypto_testsuite_params *ts_params = &testsuite_params; - rte_memcpy(ut_params->digest, - digest, - DIGEST_BYTE_LENGTH_SHA512); + struct crypto_unittest_params *ut_params = &unittest_params; /* Generate Crypto op data structure */ ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, RTE_CRYPTO_OP_TYPE_SYMMETRIC); TEST_ASSERT_NOT_NULL(ut_params->op, - "Failed to allocate symmetric crypto operation struct"); + "Failed to allocate pktmbuf offload"); - rte_crypto_op_attach_sym_session(ut_params->op, sess); + /* Set crypto operation data parameters */ + rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); struct rte_crypto_sym_op *sym_op = ut_params->op->sym; /* set crypto operation source mbuf */ sym_op->m_src = ut_params->ibuf; - sym_op->auth.digest.data = ut_params->digest; - sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( - ut_params->ibuf, QUOTE_512_BYTES); - - sym_op->auth.data.offset = 0; - sym_op->auth.data.length = QUOTE_512_BYTES; - - /* Copy IV at the end of the crypto operation */ + /* iv */ rte_memcpy(rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, IV_OFFSET), - iv, CIPHER_IV_LENGTH_AES_CBC); - - sym_op->cipher.data.offset = 0; - sym_op->cipher.data.length = QUOTE_512_BYTES; + iv, iv_len); + /* digest */ + sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append( + ut_params->ibuf, auth_tag_len); - /* Process crypto operation */ - if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) - process_cpu_crypt_auth_op(ts_params->valid_devs[0], - ut_params->op); - else if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 1, 0, 0); + TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data, + "no room to append auth tag"); + ut_params->digest = sym_op->auth.digest.data; + sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( + ut_params->ibuf, data_pad_len); + if (op == RTE_CRYPTO_AUTH_OP_GENERATE) + memset(sym_op->auth.digest.data, 0, auth_tag_len); else - TEST_ASSERT_NOT_NULL( - process_crypto_request(ts_params->valid_devs[0], - ut_params->op), - "failed to process sym crypto op"); - - TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, - "crypto op processing failed"); - - ut_params->obuf = ut_params->op->sym->m_src; + rte_memcpy(sym_op->auth.digest.data, auth_tag, auth_tag_len); - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL( - rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), - catch_22_quote, - QUOTE_512_BYTES, - "Plaintext data not as expected"); + debug_hexdump(stdout, "digest:", + sym_op->auth.digest.data, + auth_tag_len); - /* Validate obuf */ - TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, - "Digest verification failed"); + sym_op->auth.data.length = auth_len; + sym_op->auth.data.offset = auth_offset; - return TEST_SUCCESS; + return 0; } static int -test_blockcipher(enum blockcipher_test_type test_type) +create_wireless_cipher_hash_operation(const struct wireless_test_data *tdata, + enum rte_crypto_auth_operation op) { struct crypto_testsuite_params *ts_params = &testsuite_params; - int status; + struct crypto_unittest_params *ut_params = &unittest_params; + + const uint8_t *auth_tag = tdata->digest.data; + const unsigned int auth_tag_len = tdata->digest.len; + unsigned int plaintext_len = ceil_byte_length(tdata->plaintext.len); + unsigned int data_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); - status = test_blockcipher_all_tests(ts_params->mbuf_pool, - ts_params->op_mpool, - ts_params->session_mpool, ts_params->session_priv_mpool, - ts_params->valid_devs[0], - test_type); + const uint8_t *cipher_iv = tdata->cipher_iv.data; + const uint8_t cipher_iv_len = tdata->cipher_iv.len; + const uint8_t *auth_iv = tdata->auth_iv.data; + const uint8_t auth_iv_len = tdata->auth_iv.len; + const unsigned int cipher_len = tdata->validCipherLenInBits.len; + const unsigned int auth_len = tdata->validAuthLenInBits.len; - if (status == -ENOTSUP) - return status; + /* Generate Crypto op data structure */ + ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, + RTE_CRYPTO_OP_TYPE_SYMMETRIC); + TEST_ASSERT_NOT_NULL(ut_params->op, + "Failed to allocate pktmbuf offload"); + /* Set crypto operation data parameters */ + rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); + + struct rte_crypto_sym_op *sym_op = ut_params->op->sym; + + /* set crypto operation source mbuf */ + sym_op->m_src = ut_params->ibuf; + + /* digest */ + sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append( + ut_params->ibuf, auth_tag_len); + + TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data, + "no room to append auth tag"); + ut_params->digest = sym_op->auth.digest.data; + sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( + ut_params->ibuf, data_pad_len); + if (op == RTE_CRYPTO_AUTH_OP_GENERATE) + memset(sym_op->auth.digest.data, 0, auth_tag_len); + else + rte_memcpy(sym_op->auth.digest.data, auth_tag, auth_tag_len); + + debug_hexdump(stdout, "digest:", + sym_op->auth.digest.data, + auth_tag_len); + + /* Copy cipher and auth IVs at the end of the crypto operation */ + uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, + IV_OFFSET); + rte_memcpy(iv_ptr, cipher_iv, cipher_iv_len); + iv_ptr += cipher_iv_len; + rte_memcpy(iv_ptr, auth_iv, auth_iv_len); - TEST_ASSERT_EQUAL(status, 0, "Test failed"); + sym_op->cipher.data.length = cipher_len; + sym_op->cipher.data.offset = 0; + sym_op->auth.data.length = auth_len; + sym_op->auth.data.offset = 0; - return TEST_SUCCESS; + return 0; } static int -test_AES_cipheronly_all(void) +create_zuc_cipher_hash_generate_operation( + const struct wireless_test_data *tdata) { - return test_blockcipher(BLKCIPHER_AES_CIPHERONLY_TYPE); + return create_wireless_cipher_hash_operation(tdata, + RTE_CRYPTO_AUTH_OP_GENERATE); } static int -test_AES_docsis_all(void) +create_wireless_algo_cipher_hash_operation(const uint8_t *auth_tag, + const unsigned auth_tag_len, + const uint8_t *auth_iv, uint8_t auth_iv_len, + unsigned data_pad_len, + enum rte_crypto_auth_operation op, + const uint8_t *cipher_iv, uint8_t cipher_iv_len, + const unsigned cipher_len, const unsigned cipher_offset, + const unsigned auth_len, const unsigned auth_offset) { - /* Data-path service does not support DOCSIS yet */ - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; - return test_blockcipher(BLKCIPHER_AES_DOCSIS_TYPE); -} + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; -static int -test_DES_docsis_all(void) -{ - /* Data-path service does not support DOCSIS yet */ - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; - return test_blockcipher(BLKCIPHER_DES_DOCSIS_TYPE); -} + enum rte_crypto_cipher_algorithm cipher_algo = + ut_params->cipher_xform.cipher.algo; + enum rte_crypto_auth_algorithm auth_algo = + ut_params->auth_xform.auth.algo; -static int -test_DES_cipheronly_all(void) -{ - return test_blockcipher(BLKCIPHER_DES_CIPHERONLY_TYPE); -} + /* Generate Crypto op data structure */ + ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, + RTE_CRYPTO_OP_TYPE_SYMMETRIC); + TEST_ASSERT_NOT_NULL(ut_params->op, + "Failed to allocate pktmbuf offload"); + /* Set crypto operation data parameters */ + rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); -static int -test_authonly_all(void) -{ - return test_blockcipher(BLKCIPHER_AUTHONLY_TYPE); -} + struct rte_crypto_sym_op *sym_op = ut_params->op->sym; -static int -test_AES_chain_all(void) -{ - return test_blockcipher(BLKCIPHER_AES_CHAIN_TYPE); -} + /* set crypto operation source mbuf */ + sym_op->m_src = ut_params->ibuf; -static int -test_3DES_chain_all(void) -{ - return test_blockcipher(BLKCIPHER_3DES_CHAIN_TYPE); -} + /* digest */ + sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append( + ut_params->ibuf, auth_tag_len); -static int -test_3DES_cipheronly_all(void) -{ - return test_blockcipher(BLKCIPHER_3DES_CIPHERONLY_TYPE); -} + TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data, + "no room to append auth tag"); + ut_params->digest = sym_op->auth.digest.data; -/* ***** SNOW 3G Tests ***** */ -static int -create_wireless_algo_hash_session(uint8_t dev_id, - const uint8_t *key, const uint8_t key_len, - const uint8_t iv_len, const uint8_t auth_len, - enum rte_crypto_auth_operation op, - enum rte_crypto_auth_algorithm algo) -{ - uint8_t hash_key[key_len]; - int status; + if (rte_pktmbuf_is_contiguous(ut_params->ibuf)) { + sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( + ut_params->ibuf, data_pad_len); + } else { + struct rte_mbuf *m = ut_params->ibuf; + unsigned int offset = data_pad_len; - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; + while (offset > m->data_len && m->next != NULL) { + offset -= m->data_len; + m = m->next; + } + sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( + m, offset); + } - memcpy(hash_key, key, key_len); + if (op == RTE_CRYPTO_AUTH_OP_GENERATE) + memset(sym_op->auth.digest.data, 0, auth_tag_len); + else + rte_memcpy(sym_op->auth.digest.data, auth_tag, auth_tag_len); - debug_hexdump(stdout, "key:", key, key_len); + debug_hexdump(stdout, "digest:", + sym_op->auth.digest.data, + auth_tag_len); - /* Setup Authentication Parameters */ - ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; - ut_params->auth_xform.next = NULL; + /* Copy cipher and auth IVs at the end of the crypto operation */ + uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, + IV_OFFSET); + rte_memcpy(iv_ptr, cipher_iv, cipher_iv_len); + iv_ptr += cipher_iv_len; + rte_memcpy(iv_ptr, auth_iv, auth_iv_len); - ut_params->auth_xform.auth.op = op; - ut_params->auth_xform.auth.algo = algo; - ut_params->auth_xform.auth.key.length = key_len; - ut_params->auth_xform.auth.key.data = hash_key; - ut_params->auth_xform.auth.digest_length = auth_len; - ut_params->auth_xform.auth.iv.offset = IV_OFFSET; - ut_params->auth_xform.auth.iv.length = iv_len; - ut_params->sess = rte_cryptodev_sym_session_create( - ts_params->session_mpool); + if (cipher_algo == RTE_CRYPTO_CIPHER_SNOW3G_UEA2 || + cipher_algo == RTE_CRYPTO_CIPHER_KASUMI_F8 || + cipher_algo == RTE_CRYPTO_CIPHER_ZUC_EEA3) { + sym_op->cipher.data.length = cipher_len; + sym_op->cipher.data.offset = cipher_offset; + } else { + sym_op->cipher.data.length = cipher_len >> 3; + sym_op->cipher.data.offset = cipher_offset >> 3; + } + + if (auth_algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2 || + auth_algo == RTE_CRYPTO_AUTH_KASUMI_F9 || + auth_algo == RTE_CRYPTO_AUTH_ZUC_EIA3) { + sym_op->auth.data.length = auth_len; + sym_op->auth.data.offset = auth_offset; + } else { + sym_op->auth.data.length = auth_len >> 3; + sym_op->auth.data.offset = auth_offset >> 3; + } - status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, - &ut_params->auth_xform, - ts_params->session_priv_mpool); - TEST_ASSERT_EQUAL(status, 0, "session init failed"); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); return 0; } static int -create_wireless_algo_cipher_session(uint8_t dev_id, - enum rte_crypto_cipher_operation op, - enum rte_crypto_cipher_algorithm algo, - const uint8_t *key, const uint8_t key_len, - uint8_t iv_len) +create_wireless_algo_auth_cipher_operation( + const uint8_t *auth_tag, unsigned int auth_tag_len, + const uint8_t *cipher_iv, uint8_t cipher_iv_len, + const uint8_t *auth_iv, uint8_t auth_iv_len, + unsigned int data_pad_len, + unsigned int cipher_len, unsigned int cipher_offset, + unsigned int auth_len, unsigned int auth_offset, + uint8_t op_mode, uint8_t do_sgl, uint8_t verify) { - uint8_t cipher_key[key_len]; - int status; struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - memcpy(cipher_key, key, key_len); + enum rte_crypto_cipher_algorithm cipher_algo = + ut_params->cipher_xform.cipher.algo; + enum rte_crypto_auth_algorithm auth_algo = + ut_params->auth_xform.auth.algo; - /* Setup Cipher Parameters */ - ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - ut_params->cipher_xform.next = NULL; + /* Generate Crypto op data structure */ + ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, + RTE_CRYPTO_OP_TYPE_SYMMETRIC); + TEST_ASSERT_NOT_NULL(ut_params->op, + "Failed to allocate pktmbuf offload"); - ut_params->cipher_xform.cipher.algo = algo; - ut_params->cipher_xform.cipher.op = op; - ut_params->cipher_xform.cipher.key.data = cipher_key; - ut_params->cipher_xform.cipher.key.length = key_len; - ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; - ut_params->cipher_xform.cipher.iv.length = iv_len; + /* Set crypto operation data parameters */ + rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); - debug_hexdump(stdout, "key:", key, key_len); + struct rte_crypto_sym_op *sym_op = ut_params->op->sym; - /* Create Crypto session */ - ut_params->sess = rte_cryptodev_sym_session_create( - ts_params->session_mpool); + /* set crypto operation mbufs */ + sym_op->m_src = ut_params->ibuf; + if (op_mode == OUT_OF_PLACE) + sym_op->m_dst = ut_params->obuf; + + /* digest */ + if (!do_sgl) { + sym_op->auth.digest.data = rte_pktmbuf_mtod_offset( + (op_mode == IN_PLACE ? + ut_params->ibuf : ut_params->obuf), + uint8_t *, data_pad_len); + sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( + (op_mode == IN_PLACE ? + ut_params->ibuf : ut_params->obuf), + data_pad_len); + memset(sym_op->auth.digest.data, 0, auth_tag_len); + } else { + uint16_t remaining_off = (auth_offset >> 3) + (auth_len >> 3); + struct rte_mbuf *sgl_buf = (op_mode == IN_PLACE ? + sym_op->m_src : sym_op->m_dst); + while (remaining_off >= rte_pktmbuf_data_len(sgl_buf)) { + remaining_off -= rte_pktmbuf_data_len(sgl_buf); + sgl_buf = sgl_buf->next; + } + sym_op->auth.digest.data = rte_pktmbuf_mtod_offset(sgl_buf, + uint8_t *, remaining_off); + sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset(sgl_buf, + remaining_off); + memset(sym_op->auth.digest.data, 0, remaining_off); + while (sgl_buf->next != NULL) { + memset(rte_pktmbuf_mtod(sgl_buf, uint8_t *), + 0, rte_pktmbuf_data_len(sgl_buf)); + sgl_buf = sgl_buf->next; + } + } + + /* Copy digest for the verification */ + if (verify) + memcpy(sym_op->auth.digest.data, auth_tag, auth_tag_len); + + /* Copy cipher and auth IVs at the end of the crypto operation */ + uint8_t *iv_ptr = rte_crypto_op_ctod_offset( + ut_params->op, uint8_t *, IV_OFFSET); + + rte_memcpy(iv_ptr, cipher_iv, cipher_iv_len); + iv_ptr += cipher_iv_len; + rte_memcpy(iv_ptr, auth_iv, auth_iv_len); + + /* Only copy over the offset data needed from src to dst in OOP, + * if the auth and cipher offsets are not aligned + */ + if (op_mode == OUT_OF_PLACE) { + if (cipher_offset > auth_offset) + rte_memcpy( + rte_pktmbuf_mtod_offset( + sym_op->m_dst, + uint8_t *, auth_offset >> 3), + rte_pktmbuf_mtod_offset( + sym_op->m_src, + uint8_t *, auth_offset >> 3), + ((cipher_offset >> 3) - (auth_offset >> 3))); + } + + if (cipher_algo == RTE_CRYPTO_CIPHER_SNOW3G_UEA2 || + cipher_algo == RTE_CRYPTO_CIPHER_KASUMI_F8 || + cipher_algo == RTE_CRYPTO_CIPHER_ZUC_EEA3) { + sym_op->cipher.data.length = cipher_len; + sym_op->cipher.data.offset = cipher_offset; + } else { + sym_op->cipher.data.length = cipher_len >> 3; + sym_op->cipher.data.offset = cipher_offset >> 3; + } + + if (auth_algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2 || + auth_algo == RTE_CRYPTO_AUTH_KASUMI_F9 || + auth_algo == RTE_CRYPTO_AUTH_ZUC_EIA3) { + sym_op->auth.data.length = auth_len; + sym_op->auth.data.offset = auth_offset; + } else { + sym_op->auth.data.length = auth_len >> 3; + sym_op->auth.data.offset = auth_offset >> 3; + } - status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, - &ut_params->cipher_xform, - ts_params->session_priv_mpool); - TEST_ASSERT_EQUAL(status, 0, "session init failed"); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); return 0; } static int -create_wireless_algo_cipher_operation(const uint8_t *iv, uint8_t iv_len, - unsigned int cipher_len, - unsigned int cipher_offset) +test_snow3g_authentication(const struct snow3g_hash_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - /* Generate Crypto op data structure */ - ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, - RTE_CRYPTO_OP_TYPE_SYMMETRIC); - TEST_ASSERT_NOT_NULL(ut_params->op, - "Failed to allocate pktmbuf offload"); + int retval; + unsigned plaintext_pad_len; + unsigned plaintext_len; + uint8_t *plaintext; + struct rte_cryptodev_info dev_info; - /* Set crypto operation data parameters */ - rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; - struct rte_crypto_sym_op *sym_op = ut_params->op->sym; + if (!(feat_flags & RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA) && + ((tdata->validAuthLenInBits.len % 8) != 0)) { + printf("Device doesn't support NON-Byte Aligned Data.\n"); + return TEST_SKIPPED; + } - /* set crypto operation source mbuf */ - sym_op->m_src = ut_params->ibuf; + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } - /* iv */ - rte_memcpy(rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, IV_OFFSET), - iv, iv_len); - sym_op->cipher.data.length = cipher_len; - sym_op->cipher.data.offset = cipher_offset; - return 0; -} + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; -static int -create_wireless_algo_cipher_operation_oop(const uint8_t *iv, uint8_t iv_len, - unsigned int cipher_len, - unsigned int cipher_offset) -{ - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; + /* Verify the capabilities */ + struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; - /* Generate Crypto op data structure */ - ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, - RTE_CRYPTO_OP_TYPE_SYMMETRIC); - TEST_ASSERT_NOT_NULL(ut_params->op, - "Failed to allocate pktmbuf offload"); + /* Create SNOW 3G session */ + retval = create_wireless_algo_hash_session(ts_params->valid_devs[0], + tdata->key.data, tdata->key.len, + tdata->auth_iv.len, tdata->digest.len, + RTE_CRYPTO_AUTH_OP_GENERATE, + RTE_CRYPTO_AUTH_SNOW3G_UIA2); + if (retval < 0) + return retval; - /* Set crypto operation data parameters */ - rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); + /* alloc mbuf and set payload */ + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - struct rte_crypto_sym_op *sym_op = ut_params->op->sym; + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); - /* set crypto operation source mbuf */ - sym_op->m_src = ut_params->ibuf; - sym_op->m_dst = ut_params->obuf; + plaintext_len = ceil_byte_length(tdata->plaintext.len); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); + + /* Create SNOW 3G operation */ + retval = create_wireless_algo_hash_operation(NULL, tdata->digest.len, + tdata->auth_iv.data, tdata->auth_iv.len, + plaintext_pad_len, RTE_CRYPTO_AUTH_OP_GENERATE, + tdata->validAuthLenInBits.len, + 0); + if (retval < 0) + return retval; + + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 0, 1, 1, 0); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + ut_params->obuf = ut_params->op->sym->m_src; + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); + ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) + + plaintext_pad_len; + + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ut_params->digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_SNOW3G_UIA2, + "SNOW 3G Generated auth tag not as expected"); - /* iv */ - rte_memcpy(rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, IV_OFFSET), - iv, iv_len); - sym_op->cipher.data.length = cipher_len; - sym_op->cipher.data.offset = cipher_offset; return 0; } static int -create_wireless_algo_cipher_auth_session(uint8_t dev_id, - enum rte_crypto_cipher_operation cipher_op, - enum rte_crypto_auth_operation auth_op, - enum rte_crypto_auth_algorithm auth_algo, - enum rte_crypto_cipher_algorithm cipher_algo, - const uint8_t *key, uint8_t key_len, - uint8_t auth_iv_len, uint8_t auth_len, - uint8_t cipher_iv_len) - +test_snow3g_authentication_verify(const struct snow3g_hash_test_data *tdata) { - uint8_t cipher_auth_key[key_len]; - int status; - struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - memcpy(cipher_auth_key, key, key_len); + int retval; + unsigned plaintext_pad_len; + unsigned plaintext_len; + uint8_t *plaintext; + struct rte_cryptodev_info dev_info; - /* Setup Authentication Parameters */ - ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; - ut_params->auth_xform.next = NULL; + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; - ut_params->auth_xform.auth.op = auth_op; - ut_params->auth_xform.auth.algo = auth_algo; - ut_params->auth_xform.auth.key.length = key_len; - /* Hash key = cipher key */ - ut_params->auth_xform.auth.key.data = cipher_auth_key; - ut_params->auth_xform.auth.digest_length = auth_len; - /* Auth IV will be after cipher IV */ - ut_params->auth_xform.auth.iv.offset = IV_OFFSET + cipher_iv_len; - ut_params->auth_xform.auth.iv.length = auth_iv_len; + if (!(feat_flags & RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA) && + ((tdata->validAuthLenInBits.len % 8) != 0)) { + printf("Device doesn't support NON-Byte Aligned Data.\n"); + return TEST_SKIPPED; + } - /* Setup Cipher Parameters */ - ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - ut_params->cipher_xform.next = &ut_params->auth_xform; + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } - ut_params->cipher_xform.cipher.algo = cipher_algo; - ut_params->cipher_xform.cipher.op = cipher_op; - ut_params->cipher_xform.cipher.key.data = cipher_auth_key; - ut_params->cipher_xform.cipher.key.length = key_len; - ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; - ut_params->cipher_xform.cipher.iv.length = cipher_iv_len; + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; - debug_hexdump(stdout, "key:", key, key_len); + /* Verify the capabilities */ + struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; - /* Create Crypto session*/ - ut_params->sess = rte_cryptodev_sym_session_create( - ts_params->session_mpool); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + /* Create SNOW 3G session */ + retval = create_wireless_algo_hash_session(ts_params->valid_devs[0], + tdata->key.data, tdata->key.len, + tdata->auth_iv.len, tdata->digest.len, + RTE_CRYPTO_AUTH_OP_VERIFY, + RTE_CRYPTO_AUTH_SNOW3G_UIA2); + if (retval < 0) + return retval; + /* alloc mbuf and set payload */ + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, - &ut_params->cipher_xform, - ts_params->session_priv_mpool); - if (status == -ENOTSUP) - return status; + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); + + plaintext_len = ceil_byte_length(tdata->plaintext.len); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); + + /* Create SNOW 3G operation */ + retval = create_wireless_algo_hash_operation(tdata->digest.data, + tdata->digest.len, + tdata->auth_iv.data, tdata->auth_iv.len, + plaintext_pad_len, + RTE_CRYPTO_AUTH_OP_VERIFY, + tdata->validAuthLenInBits.len, + 0); + if (retval < 0) + return retval; + + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 0, 1, 1, 0); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); + ut_params->obuf = ut_params->op->sym->m_src; + ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) + + plaintext_pad_len; + + /* Validate obuf */ + if (ut_params->op->status == RTE_CRYPTO_OP_STATUS_SUCCESS) + return 0; + else + return -1; - TEST_ASSERT_EQUAL(status, 0, "session init failed"); return 0; } static int -create_wireless_cipher_auth_session(uint8_t dev_id, - enum rte_crypto_cipher_operation cipher_op, - enum rte_crypto_auth_operation auth_op, - enum rte_crypto_auth_algorithm auth_algo, - enum rte_crypto_cipher_algorithm cipher_algo, - const struct wireless_test_data *tdata) +test_kasumi_authentication(const struct kasumi_hash_test_data *tdata) { - const uint8_t key_len = tdata->key.len; - uint8_t cipher_auth_key[key_len]; - int status; + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + int retval; + unsigned plaintext_pad_len; + unsigned plaintext_len; + uint8_t *plaintext; + struct rte_cryptodev_info dev_info; + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; + + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; - const uint8_t *key = tdata->key.data; - const uint8_t auth_len = tdata->digest.len; - uint8_t cipher_iv_len = tdata->cipher_iv.len; - uint8_t auth_iv_len = tdata->auth_iv.len; + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; - memcpy(cipher_auth_key, key, key_len); + /* Verify the capabilities */ + struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; - /* Setup Authentication Parameters */ - ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; - ut_params->auth_xform.next = NULL; + /* Create KASUMI session */ + retval = create_wireless_algo_hash_session(ts_params->valid_devs[0], + tdata->key.data, tdata->key.len, + 0, tdata->digest.len, + RTE_CRYPTO_AUTH_OP_GENERATE, + RTE_CRYPTO_AUTH_KASUMI_F9); + if (retval < 0) + return retval; - ut_params->auth_xform.auth.op = auth_op; - ut_params->auth_xform.auth.algo = auth_algo; - ut_params->auth_xform.auth.key.length = key_len; - /* Hash key = cipher key */ - ut_params->auth_xform.auth.key.data = cipher_auth_key; - ut_params->auth_xform.auth.digest_length = auth_len; - /* Auth IV will be after cipher IV */ - ut_params->auth_xform.auth.iv.offset = IV_OFFSET + cipher_iv_len; - ut_params->auth_xform.auth.iv.length = auth_iv_len; + /* alloc mbuf and set payload */ + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - /* Setup Cipher Parameters */ - ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - ut_params->cipher_xform.next = &ut_params->auth_xform; + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); - ut_params->cipher_xform.cipher.algo = cipher_algo; - ut_params->cipher_xform.cipher.op = cipher_op; - ut_params->cipher_xform.cipher.key.data = cipher_auth_key; - ut_params->cipher_xform.cipher.key.length = key_len; - ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; - ut_params->cipher_xform.cipher.iv.length = cipher_iv_len; + plaintext_len = ceil_byte_length(tdata->plaintext.len); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); + /* Create KASUMI operation */ + retval = create_wireless_algo_hash_operation(NULL, tdata->digest.len, + NULL, 0, + plaintext_pad_len, RTE_CRYPTO_AUTH_OP_GENERATE, + tdata->plaintext.len, + 0); + if (retval < 0) + return retval; - debug_hexdump(stdout, "key:", key, key_len); + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + process_cpu_crypt_auth_op(ts_params->valid_devs[0], + ut_params->op); + else if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 0, 1, 1, 0); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); - /* Create Crypto session*/ - ut_params->sess = rte_cryptodev_sym_session_create( - ts_params->session_mpool); + ut_params->obuf = ut_params->op->sym->m_src; + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); + ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) + + plaintext_pad_len; - status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, - &ut_params->cipher_xform, - ts_params->session_priv_mpool); - if (status == -ENOTSUP) - return status; + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ut_params->digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_KASUMI_F9, + "KASUMI Generated auth tag not as expected"); - TEST_ASSERT_EQUAL(status, 0, "session init failed"); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); return 0; } static int -create_zuc_cipher_auth_encrypt_generate_session(uint8_t dev_id, - const struct wireless_test_data *tdata) -{ - return create_wireless_cipher_auth_session(dev_id, - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, RTE_CRYPTO_AUTH_ZUC_EIA3, - RTE_CRYPTO_CIPHER_ZUC_EEA3, tdata); -} - -static int -create_wireless_algo_auth_cipher_session(uint8_t dev_id, - enum rte_crypto_cipher_operation cipher_op, - enum rte_crypto_auth_operation auth_op, - enum rte_crypto_auth_algorithm auth_algo, - enum rte_crypto_cipher_algorithm cipher_algo, - const uint8_t *key, const uint8_t key_len, - uint8_t auth_iv_len, uint8_t auth_len, - uint8_t cipher_iv_len) +test_kasumi_authentication_verify(const struct kasumi_hash_test_data *tdata) { - uint8_t auth_cipher_key[key_len]; - int status; struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - memcpy(auth_cipher_key, key, key_len); + int retval; + unsigned plaintext_pad_len; + unsigned plaintext_len; + uint8_t *plaintext; + struct rte_cryptodev_info dev_info; - /* Setup Authentication Parameters */ - ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; - ut_params->auth_xform.auth.op = auth_op; - ut_params->auth_xform.next = &ut_params->cipher_xform; - ut_params->auth_xform.auth.algo = auth_algo; - ut_params->auth_xform.auth.key.length = key_len; - ut_params->auth_xform.auth.key.data = auth_cipher_key; - ut_params->auth_xform.auth.digest_length = auth_len; - /* Auth IV will be after cipher IV */ - ut_params->auth_xform.auth.iv.offset = IV_OFFSET + cipher_iv_len; - ut_params->auth_xform.auth.iv.length = auth_iv_len; + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; - /* Setup Cipher Parameters */ - ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - ut_params->cipher_xform.next = NULL; - ut_params->cipher_xform.cipher.algo = cipher_algo; - ut_params->cipher_xform.cipher.op = cipher_op; - ut_params->cipher_xform.cipher.key.data = auth_cipher_key; - ut_params->cipher_xform.cipher.key.length = key_len; - ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; - ut_params->cipher_xform.cipher.iv.length = cipher_iv_len; + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } - debug_hexdump(stdout, "key:", key, key_len); + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; - /* Create Crypto session*/ - ut_params->sess = rte_cryptodev_sym_session_create( - ts_params->session_mpool); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + /* Verify the capabilities */ + struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; - if (cipher_op == RTE_CRYPTO_CIPHER_OP_DECRYPT) { - ut_params->auth_xform.next = NULL; - ut_params->cipher_xform.next = &ut_params->auth_xform; - status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, - &ut_params->cipher_xform, - ts_params->session_priv_mpool); + /* Create KASUMI session */ + retval = create_wireless_algo_hash_session(ts_params->valid_devs[0], + tdata->key.data, tdata->key.len, + 0, tdata->digest.len, + RTE_CRYPTO_AUTH_OP_VERIFY, + RTE_CRYPTO_AUTH_KASUMI_F9); + if (retval < 0) + return retval; + /* alloc mbuf and set payload */ + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - } else - status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, - &ut_params->auth_xform, - ts_params->session_priv_mpool); + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); - if (status == -ENOTSUP) - return status; + plaintext_len = ceil_byte_length(tdata->plaintext.len); + /* Append data which is padded to a multiple */ + /* of the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); - TEST_ASSERT_EQUAL(status, 0, "session init failed"); + /* Create KASUMI operation */ + retval = create_wireless_algo_hash_operation(tdata->digest.data, + tdata->digest.len, + NULL, 0, + plaintext_pad_len, + RTE_CRYPTO_AUTH_OP_VERIFY, + tdata->plaintext.len, + 0); + if (retval < 0) + return retval; + + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 0, 1, 1, 0); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); + ut_params->obuf = ut_params->op->sym->m_src; + ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) + + plaintext_pad_len; + + /* Validate obuf */ + if (ut_params->op->status == RTE_CRYPTO_OP_STATUS_SUCCESS) + return 0; + else + return -1; return 0; } static int -create_wireless_algo_hash_operation(const uint8_t *auth_tag, - unsigned int auth_tag_len, - const uint8_t *iv, unsigned int iv_len, - unsigned int data_pad_len, - enum rte_crypto_auth_operation op, - unsigned int auth_len, unsigned int auth_offset) +test_snow3g_hash_generate_test_case_1(void) { - struct crypto_testsuite_params *ts_params = &testsuite_params; + return test_snow3g_authentication(&snow3g_hash_test_case_1); +} - struct crypto_unittest_params *ut_params = &unittest_params; +static int +test_snow3g_hash_generate_test_case_2(void) +{ + return test_snow3g_authentication(&snow3g_hash_test_case_2); +} - /* Generate Crypto op data structure */ - ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, - RTE_CRYPTO_OP_TYPE_SYMMETRIC); - TEST_ASSERT_NOT_NULL(ut_params->op, - "Failed to allocate pktmbuf offload"); +static int +test_snow3g_hash_generate_test_case_3(void) +{ + return test_snow3g_authentication(&snow3g_hash_test_case_3); +} - /* Set crypto operation data parameters */ - rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); +static int +test_snow3g_hash_generate_test_case_4(void) +{ + return test_snow3g_authentication(&snow3g_hash_test_case_4); +} - struct rte_crypto_sym_op *sym_op = ut_params->op->sym; +static int +test_snow3g_hash_generate_test_case_5(void) +{ + return test_snow3g_authentication(&snow3g_hash_test_case_5); +} - /* set crypto operation source mbuf */ - sym_op->m_src = ut_params->ibuf; +static int +test_snow3g_hash_generate_test_case_6(void) +{ + return test_snow3g_authentication(&snow3g_hash_test_case_6); +} - /* iv */ - rte_memcpy(rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, IV_OFFSET), - iv, iv_len); - /* digest */ - sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append( - ut_params->ibuf, auth_tag_len); +static int +test_snow3g_hash_verify_test_case_1(void) +{ + return test_snow3g_authentication_verify(&snow3g_hash_test_case_1); - TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data, - "no room to append auth tag"); - ut_params->digest = sym_op->auth.digest.data; - sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( - ut_params->ibuf, data_pad_len); - if (op == RTE_CRYPTO_AUTH_OP_GENERATE) - memset(sym_op->auth.digest.data, 0, auth_tag_len); - else - rte_memcpy(sym_op->auth.digest.data, auth_tag, auth_tag_len); +} - debug_hexdump(stdout, "digest:", - sym_op->auth.digest.data, - auth_tag_len); +static int +test_snow3g_hash_verify_test_case_2(void) +{ + return test_snow3g_authentication_verify(&snow3g_hash_test_case_2); +} - sym_op->auth.data.length = auth_len; - sym_op->auth.data.offset = auth_offset; +static int +test_snow3g_hash_verify_test_case_3(void) +{ + return test_snow3g_authentication_verify(&snow3g_hash_test_case_3); +} - return 0; +static int +test_snow3g_hash_verify_test_case_4(void) +{ + return test_snow3g_authentication_verify(&snow3g_hash_test_case_4); } static int -create_wireless_cipher_hash_operation(const struct wireless_test_data *tdata, - enum rte_crypto_auth_operation op) +test_snow3g_hash_verify_test_case_5(void) { - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; + return test_snow3g_authentication_verify(&snow3g_hash_test_case_5); +} - const uint8_t *auth_tag = tdata->digest.data; - const unsigned int auth_tag_len = tdata->digest.len; - unsigned int plaintext_len = ceil_byte_length(tdata->plaintext.len); - unsigned int data_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); +static int +test_snow3g_hash_verify_test_case_6(void) +{ + return test_snow3g_authentication_verify(&snow3g_hash_test_case_6); +} - const uint8_t *cipher_iv = tdata->cipher_iv.data; - const uint8_t cipher_iv_len = tdata->cipher_iv.len; - const uint8_t *auth_iv = tdata->auth_iv.data; - const uint8_t auth_iv_len = tdata->auth_iv.len; - const unsigned int cipher_len = tdata->validCipherLenInBits.len; - const unsigned int auth_len = tdata->validAuthLenInBits.len; +static int +test_kasumi_hash_generate_test_case_1(void) +{ + return test_kasumi_authentication(&kasumi_hash_test_case_1); +} - /* Generate Crypto op data structure */ - ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, - RTE_CRYPTO_OP_TYPE_SYMMETRIC); - TEST_ASSERT_NOT_NULL(ut_params->op, - "Failed to allocate pktmbuf offload"); - /* Set crypto operation data parameters */ - rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); +static int +test_kasumi_hash_generate_test_case_2(void) +{ + return test_kasumi_authentication(&kasumi_hash_test_case_2); +} - struct rte_crypto_sym_op *sym_op = ut_params->op->sym; +static int +test_kasumi_hash_generate_test_case_3(void) +{ + return test_kasumi_authentication(&kasumi_hash_test_case_3); +} - /* set crypto operation source mbuf */ - sym_op->m_src = ut_params->ibuf; +static int +test_kasumi_hash_generate_test_case_4(void) +{ + return test_kasumi_authentication(&kasumi_hash_test_case_4); +} - /* digest */ - sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append( - ut_params->ibuf, auth_tag_len); +static int +test_kasumi_hash_generate_test_case_5(void) +{ + return test_kasumi_authentication(&kasumi_hash_test_case_5); +} - TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data, - "no room to append auth tag"); - ut_params->digest = sym_op->auth.digest.data; - sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( - ut_params->ibuf, data_pad_len); - if (op == RTE_CRYPTO_AUTH_OP_GENERATE) - memset(sym_op->auth.digest.data, 0, auth_tag_len); - else - rte_memcpy(sym_op->auth.digest.data, auth_tag, auth_tag_len); +static int +test_kasumi_hash_generate_test_case_6(void) +{ + return test_kasumi_authentication(&kasumi_hash_test_case_6); +} - debug_hexdump(stdout, "digest:", - sym_op->auth.digest.data, - auth_tag_len); +static int +test_kasumi_hash_verify_test_case_1(void) +{ + return test_kasumi_authentication_verify(&kasumi_hash_test_case_1); +} - /* Copy cipher and auth IVs at the end of the crypto operation */ - uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, - IV_OFFSET); - rte_memcpy(iv_ptr, cipher_iv, cipher_iv_len); - iv_ptr += cipher_iv_len; - rte_memcpy(iv_ptr, auth_iv, auth_iv_len); +static int +test_kasumi_hash_verify_test_case_2(void) +{ + return test_kasumi_authentication_verify(&kasumi_hash_test_case_2); +} - sym_op->cipher.data.length = cipher_len; - sym_op->cipher.data.offset = 0; - sym_op->auth.data.length = auth_len; - sym_op->auth.data.offset = 0; +static int +test_kasumi_hash_verify_test_case_3(void) +{ + return test_kasumi_authentication_verify(&kasumi_hash_test_case_3); +} - return 0; +static int +test_kasumi_hash_verify_test_case_4(void) +{ + return test_kasumi_authentication_verify(&kasumi_hash_test_case_4); } static int -create_zuc_cipher_hash_generate_operation( - const struct wireless_test_data *tdata) +test_kasumi_hash_verify_test_case_5(void) { - return create_wireless_cipher_hash_operation(tdata, - RTE_CRYPTO_AUTH_OP_GENERATE); + return test_kasumi_authentication_verify(&kasumi_hash_test_case_5); } static int -create_wireless_algo_cipher_hash_operation(const uint8_t *auth_tag, - const unsigned auth_tag_len, - const uint8_t *auth_iv, uint8_t auth_iv_len, - unsigned data_pad_len, - enum rte_crypto_auth_operation op, - const uint8_t *cipher_iv, uint8_t cipher_iv_len, - const unsigned cipher_len, const unsigned cipher_offset, - const unsigned auth_len, const unsigned auth_offset) +test_kasumi_encryption(const struct kasumi_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - enum rte_crypto_cipher_algorithm cipher_algo = - ut_params->cipher_xform.cipher.algo; - enum rte_crypto_auth_algorithm auth_algo = - ut_params->auth_xform.auth.algo; + int retval; + uint8_t *plaintext, *ciphertext; + unsigned plaintext_pad_len; + unsigned plaintext_len; + struct rte_cryptodev_info dev_info; - /* Generate Crypto op data structure */ - ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, - RTE_CRYPTO_OP_TYPE_SYMMETRIC); - TEST_ASSERT_NOT_NULL(ut_params->op, - "Failed to allocate pktmbuf offload"); - /* Set crypto operation data parameters */ - rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; - struct rte_crypto_sym_op *sym_op = ut_params->op->sym; + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } - /* set crypto operation source mbuf */ - sym_op->m_src = ut_params->ibuf; + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; - /* digest */ - sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append( - ut_params->ibuf, auth_tag_len); + /* Verify the capabilities */ + struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; - TEST_ASSERT_NOT_NULL(sym_op->auth.digest.data, - "no room to append auth tag"); - ut_params->digest = sym_op->auth.digest.data; + /* Create KASUMI session */ + retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_CIPHER_KASUMI_F8, + tdata->key.data, tdata->key.len, + tdata->cipher_iv.len); + if (retval < 0) + return retval; - if (rte_pktmbuf_is_contiguous(ut_params->ibuf)) { - sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( - ut_params->ibuf, data_pad_len); - } else { - struct rte_mbuf *m = ut_params->ibuf; - unsigned int offset = data_pad_len; + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - while (offset > m->data_len && m->next != NULL) { - offset -= m->data_len; - m = m->next; - } - sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( - m, offset); - } + /* Clear mbuf payload */ + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); + + plaintext_len = ceil_byte_length(tdata->plaintext.len); + /* Append data which is padded to a multiple */ + /* of the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); + + debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); + + /* Create KASUMI operation */ + retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, + tdata->cipher_iv.len, + RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), + tdata->validCipherOffsetInBits.len); + if (retval < 0) + return retval; - if (op == RTE_CRYPTO_AUTH_OP_GENERATE) - memset(sym_op->auth.digest.data, 0, auth_tag_len); + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 0, 1, tdata->cipher_iv.len); else - rte_memcpy(sym_op->auth.digest.data, auth_tag, auth_tag_len); - - debug_hexdump(stdout, "digest:", - sym_op->auth.digest.data, - auth_tag_len); - - /* Copy cipher and auth IVs at the end of the crypto operation */ - uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op, uint8_t *, - IV_OFFSET); - rte_memcpy(iv_ptr, cipher_iv, cipher_iv_len); - iv_ptr += cipher_iv_len; - rte_memcpy(iv_ptr, auth_iv, auth_iv_len); + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - if (cipher_algo == RTE_CRYPTO_CIPHER_SNOW3G_UEA2 || - cipher_algo == RTE_CRYPTO_CIPHER_KASUMI_F8 || - cipher_algo == RTE_CRYPTO_CIPHER_ZUC_EEA3) { - sym_op->cipher.data.length = cipher_len; - sym_op->cipher.data.offset = cipher_offset; - } else { - sym_op->cipher.data.length = cipher_len >> 3; - sym_op->cipher.data.offset = cipher_offset >> 3; - } + ut_params->obuf = ut_params->op->sym->m_dst; + if (ut_params->obuf) + ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); + else + ciphertext = plaintext + (tdata->validCipherOffsetInBits.len >> 3); - if (auth_algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2 || - auth_algo == RTE_CRYPTO_AUTH_KASUMI_F9 || - auth_algo == RTE_CRYPTO_AUTH_ZUC_EIA3) { - sym_op->auth.data.length = auth_len; - sym_op->auth.data.offset = auth_offset; - } else { - sym_op->auth.data.length = auth_len >> 3; - sym_op->auth.data.offset = auth_offset >> 3; - } + debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); + const uint8_t *reference_ciphertext = tdata->ciphertext.data + + (tdata->validCipherOffsetInBits.len >> 3); + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + reference_ciphertext, + tdata->validCipherLenInBits.len, + "KASUMI Ciphertext data not as expected"); return 0; } static int -create_wireless_algo_auth_cipher_operation( - const uint8_t *auth_tag, unsigned int auth_tag_len, - const uint8_t *cipher_iv, uint8_t cipher_iv_len, - const uint8_t *auth_iv, uint8_t auth_iv_len, - unsigned int data_pad_len, - unsigned int cipher_len, unsigned int cipher_offset, - unsigned int auth_len, unsigned int auth_offset, - uint8_t op_mode, uint8_t do_sgl, uint8_t verify) +test_kasumi_encryption_sgl(const struct kasumi_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - enum rte_crypto_cipher_algorithm cipher_algo = - ut_params->cipher_xform.cipher.algo; - enum rte_crypto_auth_algorithm auth_algo = - ut_params->auth_xform.auth.algo; + int retval; - /* Generate Crypto op data structure */ - ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, - RTE_CRYPTO_OP_TYPE_SYMMETRIC); - TEST_ASSERT_NOT_NULL(ut_params->op, - "Failed to allocate pktmbuf offload"); + unsigned int plaintext_pad_len; + unsigned int plaintext_len; - /* Set crypto operation data parameters */ - rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); + uint8_t buffer[10000]; + const uint8_t *ciphertext; - struct rte_crypto_sym_op *sym_op = ut_params->op->sym; + struct rte_cryptodev_info dev_info; - /* set crypto operation mbufs */ - sym_op->m_src = ut_params->ibuf; - if (op_mode == OUT_OF_PLACE) - sym_op->m_dst = ut_params->obuf; + /* Verify the capabilities */ + struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; - /* digest */ - if (!do_sgl) { - sym_op->auth.digest.data = rte_pktmbuf_mtod_offset( - (op_mode == IN_PLACE ? - ut_params->ibuf : ut_params->obuf), - uint8_t *, data_pad_len); - sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset( - (op_mode == IN_PLACE ? - ut_params->ibuf : ut_params->obuf), - data_pad_len); - memset(sym_op->auth.digest.data, 0, auth_tag_len); - } else { - uint16_t remaining_off = (auth_offset >> 3) + (auth_len >> 3); - struct rte_mbuf *sgl_buf = (op_mode == IN_PLACE ? - sym_op->m_src : sym_op->m_dst); - while (remaining_off >= rte_pktmbuf_data_len(sgl_buf)) { - remaining_off -= rte_pktmbuf_data_len(sgl_buf); - sgl_buf = sgl_buf->next; - } - sym_op->auth.digest.data = rte_pktmbuf_mtod_offset(sgl_buf, - uint8_t *, remaining_off); - sym_op->auth.digest.phys_addr = rte_pktmbuf_iova_offset(sgl_buf, - remaining_off); - memset(sym_op->auth.digest.data, 0, remaining_off); - while (sgl_buf->next != NULL) { - memset(rte_pktmbuf_mtod(sgl_buf, uint8_t *), - 0, rte_pktmbuf_data_len(sgl_buf)); - sgl_buf = sgl_buf->next; - } + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + + uint64_t feat_flags = dev_info.feature_flags; + + if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { + printf("Device doesn't support in-place scatter-gather. " + "Test Skipped.\n"); + return TEST_SKIPPED; } - /* Copy digest for the verification */ - if (verify) - memcpy(sym_op->auth.digest.data, auth_tag, auth_tag_len); + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } - /* Copy cipher and auth IVs at the end of the crypto operation */ - uint8_t *iv_ptr = rte_crypto_op_ctod_offset( - ut_params->op, uint8_t *, IV_OFFSET); + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; - rte_memcpy(iv_ptr, cipher_iv, cipher_iv_len); - iv_ptr += cipher_iv_len; - rte_memcpy(iv_ptr, auth_iv, auth_iv_len); + /* Create KASUMI session */ + retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_CIPHER_KASUMI_F8, + tdata->key.data, tdata->key.len, + tdata->cipher_iv.len); + if (retval < 0) + return retval; - if (cipher_algo == RTE_CRYPTO_CIPHER_SNOW3G_UEA2 || - cipher_algo == RTE_CRYPTO_CIPHER_KASUMI_F8 || - cipher_algo == RTE_CRYPTO_CIPHER_ZUC_EEA3) { - sym_op->cipher.data.length = cipher_len; - sym_op->cipher.data.offset = cipher_offset; - } else { - sym_op->cipher.data.length = cipher_len >> 3; - sym_op->cipher.data.offset = cipher_offset >> 3; - } + plaintext_len = ceil_byte_length(tdata->plaintext.len); - if (auth_algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2 || - auth_algo == RTE_CRYPTO_AUTH_KASUMI_F9 || - auth_algo == RTE_CRYPTO_AUTH_ZUC_EIA3) { - sym_op->auth.data.length = auth_len; - sym_op->auth.data.offset = auth_offset; - } else { - sym_op->auth.data.length = auth_len >> 3; - sym_op->auth.data.offset = auth_offset >> 3; - } + /* Append data which is padded to a multiple */ + /* of the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); + + ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, + plaintext_pad_len, 10, 0); + + pktmbuf_write(ut_params->ibuf, 0, plaintext_len, tdata->plaintext.data); + + /* Create KASUMI operation */ + retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, + tdata->cipher_iv.len, + RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), + tdata->validCipherOffsetInBits.len); + if (retval < 0) + return retval; + + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 0, 1, tdata->cipher_iv.len); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); + + ut_params->obuf = ut_params->op->sym->m_dst; + + if (ut_params->obuf) + ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, + plaintext_len, buffer); + else + ciphertext = rte_pktmbuf_read(ut_params->ibuf, + tdata->validCipherOffsetInBits.len >> 3, + plaintext_len, buffer); + + /* Validate obuf */ + debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); + + const uint8_t *reference_ciphertext = tdata->ciphertext.data + + (tdata->validCipherOffsetInBits.len >> 3); + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + reference_ciphertext, + tdata->validCipherLenInBits.len, + "KASUMI Ciphertext data not as expected"); return 0; } static int -test_snow3g_authentication(const struct snow3g_hash_test_data *tdata) +test_kasumi_encryption_oop(const struct kasumi_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; + uint8_t *plaintext, *ciphertext; unsigned plaintext_pad_len; unsigned plaintext_len; - uint8_t *plaintext; - struct rte_cryptodev_info dev_info; - - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - uint64_t feat_flags = dev_info.feature_flags; - - if (!(feat_flags & RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA) && - ((tdata->validAuthLenInBits.len % 8) != 0)) { - printf("Device doesn't support NON-Byte Aligned Data.\n"); - return -ENOTSUP; - } - - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; - } /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; + /* Data-path service does not support OOP */ if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; - /* Create SNOW 3G session */ - retval = create_wireless_algo_hash_session(ts_params->valid_devs[0], - tdata->key.data, tdata->key.len, - tdata->auth_iv.len, tdata->digest.len, - RTE_CRYPTO_AUTH_OP_GENERATE, - RTE_CRYPTO_AUTH_SNOW3G_UIA2); + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + + /* Create KASUMI session */ + retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_CIPHER_KASUMI_F8, + tdata->key.data, tdata->key.len, + tdata->cipher_iv.len); if (retval < 0) return retval; - /* alloc mbuf and set payload */ ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + /* Clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + rte_pktmbuf_tailroom(ut_params->ibuf)); plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple of */ - /* the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + /* Append data which is padded to a multiple */ + /* of the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, plaintext_pad_len); + rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); memcpy(plaintext, tdata->plaintext.data, plaintext_len); - /* Create SNOW 3G operation */ - retval = create_wireless_algo_hash_operation(NULL, tdata->digest.len, - tdata->auth_iv.data, tdata->auth_iv.len, - plaintext_pad_len, RTE_CRYPTO_AUTH_OP_GENERATE, - tdata->validAuthLenInBits.len, - 0); + debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); + + /* Create KASUMI operation */ + retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, + tdata->cipher_iv.len, + RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), + tdata->validCipherOffsetInBits.len); if (retval < 0) return retval; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 0, 1, 1, 0); - else - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); - ut_params->obuf = ut_params->op->sym->m_src; + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) - + plaintext_pad_len; - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL( - ut_params->digest, - tdata->digest.data, - DIGEST_BYTE_LENGTH_SNOW3G_UIA2, - "SNOW 3G Generated auth tag not as expected"); + ut_params->obuf = ut_params->op->sym->m_dst; + if (ut_params->obuf) + ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); + else + ciphertext = plaintext + (tdata->validCipherOffsetInBits.len >> 3); + + debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); + const uint8_t *reference_ciphertext = tdata->ciphertext.data + + (tdata->validCipherOffsetInBits.len >> 3); + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + reference_ciphertext, + tdata->validCipherLenInBits.len, + "KASUMI Ciphertext data not as expected"); return 0; } static int -test_snow3g_authentication_verify(const struct snow3g_hash_test_data *tdata) +test_kasumi_encryption_oop_sgl(const struct kasumi_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - unsigned plaintext_pad_len; - unsigned plaintext_len; - uint8_t *plaintext; - struct rte_cryptodev_info dev_info; - - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - uint64_t feat_flags = dev_info.feature_flags; + unsigned int plaintext_pad_len; + unsigned int plaintext_len; - if (!(feat_flags & RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA) && - ((tdata->validAuthLenInBits.len % 8) != 0)) { - printf("Device doesn't support NON-Byte Aligned Data.\n"); - return -ENOTSUP; - } + const uint8_t *ciphertext; + uint8_t buffer[2048]; - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; - } + struct rte_cryptodev_info dev_info; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; - /* Create SNOW 3G session */ - retval = create_wireless_algo_hash_session(ts_params->valid_devs[0], - tdata->key.data, tdata->key.len, - tdata->auth_iv.len, tdata->digest.len, - RTE_CRYPTO_AUTH_OP_VERIFY, - RTE_CRYPTO_AUTH_SNOW3G_UIA2); + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + + uint64_t feat_flags = dev_info.feature_flags; + if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { + printf("Device doesn't support out-of-place scatter-gather " + "in both input and output mbufs. " + "Test Skipped.\n"); + return TEST_SKIPPED; + } + + /* Create KASUMI session */ + retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_CIPHER_KASUMI_F8, + tdata->key.data, tdata->key.len, + tdata->cipher_iv.len); if (retval < 0) return retval; - /* alloc mbuf and set payload */ - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - - memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple of */ - /* the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); + /* Append data which is padded to a multiple */ + /* of the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); - /* Create SNOW 3G operation */ - retval = create_wireless_algo_hash_operation(tdata->digest.data, - tdata->digest.len, - tdata->auth_iv.data, tdata->auth_iv.len, - plaintext_pad_len, - RTE_CRYPTO_AUTH_OP_VERIFY, - tdata->validAuthLenInBits.len, - 0); + ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, + plaintext_pad_len, 10, 0); + ut_params->obuf = create_segmented_mbuf(ts_params->mbuf_pool, + plaintext_pad_len, 3, 0); + + /* Append data which is padded to a multiple */ + /* of the algorithms block size */ + pktmbuf_write(ut_params->ibuf, 0, plaintext_len, tdata->plaintext.data); + + /* Create KASUMI operation */ + retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, + tdata->cipher_iv.len, + RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), + tdata->validCipherOffsetInBits.len); if (retval < 0) return retval; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 0, 1, 1, 0); - else - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_src; - ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) - + plaintext_pad_len; - /* Validate obuf */ - if (ut_params->op->status == RTE_CRYPTO_OP_STATUS_SUCCESS) - return 0; + ut_params->obuf = ut_params->op->sym->m_dst; + if (ut_params->obuf) + ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, + plaintext_pad_len, buffer); else - return -1; + ciphertext = rte_pktmbuf_read(ut_params->ibuf, + tdata->validCipherOffsetInBits.len >> 3, + plaintext_pad_len, buffer); + const uint8_t *reference_ciphertext = tdata->ciphertext.data + + (tdata->validCipherOffsetInBits.len >> 3); + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + reference_ciphertext, + tdata->validCipherLenInBits.len, + "KASUMI Ciphertext data not as expected"); return 0; } + static int -test_kasumi_authentication(const struct kasumi_hash_test_data *tdata) +test_kasumi_decryption_oop(const struct kasumi_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - unsigned plaintext_pad_len; - unsigned plaintext_len; - uint8_t *plaintext; - struct rte_cryptodev_info dev_info; - - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - uint64_t feat_flags = dev_info.feature_flags; - - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; - } + uint8_t *ciphertext, *plaintext; + unsigned ciphertext_pad_len; + unsigned ciphertext_len; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; + + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; /* Create KASUMI session */ - retval = create_wireless_algo_hash_session(ts_params->valid_devs[0], - tdata->key.data, tdata->key.len, - 0, tdata->digest.len, - RTE_CRYPTO_AUTH_OP_GENERATE, - RTE_CRYPTO_AUTH_KASUMI_F9); + retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_DECRYPT, + RTE_CRYPTO_CIPHER_KASUMI_F8, + tdata->key.data, tdata->key.len, + tdata->cipher_iv.len); if (retval < 0) return retval; - /* alloc mbuf and set payload */ ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + /* Clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + rte_pktmbuf_tailroom(ut_params->ibuf)); - plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple of */ - /* the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); + /* Append data which is padded to a multiple */ + /* of the algorithms block size */ + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 8); + ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + ciphertext_pad_len); + rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); + memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); + + debug_hexdump(stdout, "ciphertext:", ciphertext, ciphertext_len); /* Create KASUMI operation */ - retval = create_wireless_algo_hash_operation(NULL, tdata->digest.len, - NULL, 0, - plaintext_pad_len, RTE_CRYPTO_AUTH_OP_GENERATE, - tdata->plaintext.len, - 0); + retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, + tdata->cipher_iv.len, + RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), + tdata->validCipherOffsetInBits.len); if (retval < 0) return retval; - if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) - process_cpu_crypt_auth_op(ts_params->valid_devs[0], - ut_params->op); - else if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 0, 1, 1, 0); + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); + + ut_params->obuf = ut_params->op->sym->m_dst; + if (ut_params->obuf) + plaintext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); else - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + plaintext = ciphertext + (tdata->validCipherOffsetInBits.len >> 3); - ut_params->obuf = ut_params->op->sym->m_src; - TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) - + plaintext_pad_len; + debug_hexdump(stdout, "plaintext:", plaintext, ciphertext_len); + const uint8_t *reference_plaintext = tdata->plaintext.data + + (tdata->validCipherOffsetInBits.len >> 3); /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL( - ut_params->digest, - tdata->digest.data, - DIGEST_BYTE_LENGTH_KASUMI_F9, - "KASUMI Generated auth tag not as expected"); - + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + plaintext, + reference_plaintext, + tdata->validCipherLenInBits.len, + "KASUMI Plaintext data not as expected"); return 0; } static int -test_kasumi_authentication_verify(const struct kasumi_hash_test_data *tdata) +test_kasumi_decryption(const struct kasumi_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - unsigned plaintext_pad_len; - unsigned plaintext_len; - uint8_t *plaintext; + uint8_t *ciphertext, *plaintext; + unsigned ciphertext_pad_len; + unsigned ciphertext_len; struct rte_cryptodev_info dev_info; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); @@ -2927,217 +4076,179 @@ test_kasumi_authentication_verify(const struct kasumi_hash_test_data *tdata) if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; /* Create KASUMI session */ - retval = create_wireless_algo_hash_session(ts_params->valid_devs[0], - tdata->key.data, tdata->key.len, - 0, tdata->digest.len, - RTE_CRYPTO_AUTH_OP_VERIFY, - RTE_CRYPTO_AUTH_KASUMI_F9); + retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_DECRYPT, + RTE_CRYPTO_CIPHER_KASUMI_F8, + tdata->key.data, tdata->key.len, + tdata->cipher_iv.len); if (retval < 0) return retval; - /* alloc mbuf and set payload */ + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + /* Clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + rte_pktmbuf_tailroom(ut_params->ibuf)); - plaintext_len = ceil_byte_length(tdata->plaintext.len); + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); /* Append data which is padded to a multiple */ /* of the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 8); + ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + ciphertext_pad_len); + memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); + + debug_hexdump(stdout, "ciphertext:", ciphertext, ciphertext_len); /* Create KASUMI operation */ - retval = create_wireless_algo_hash_operation(tdata->digest.data, - tdata->digest.len, - NULL, 0, - plaintext_pad_len, - RTE_CRYPTO_AUTH_OP_VERIFY, - tdata->plaintext.len, - 0); + retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, + tdata->cipher_iv.len, + RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), + tdata->validCipherOffsetInBits.len); if (retval < 0) return retval; if (global_api_test_type == CRYPTODEV_RAW_API_TEST) process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 0, 1, 1, 0); + ut_params->op, 1, 0, 1, 0); else ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_src; - ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) - + plaintext_pad_len; - /* Validate obuf */ - if (ut_params->op->status == RTE_CRYPTO_OP_STATUS_SUCCESS) - return 0; + ut_params->obuf = ut_params->op->sym->m_dst; + if (ut_params->obuf) + plaintext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); else - return -1; - - return 0; -} - -static int -test_snow3g_hash_generate_test_case_1(void) -{ - return test_snow3g_authentication(&snow3g_hash_test_case_1); -} - -static int -test_snow3g_hash_generate_test_case_2(void) -{ - return test_snow3g_authentication(&snow3g_hash_test_case_2); -} - -static int -test_snow3g_hash_generate_test_case_3(void) -{ - return test_snow3g_authentication(&snow3g_hash_test_case_3); -} - -static int -test_snow3g_hash_generate_test_case_4(void) -{ - return test_snow3g_authentication(&snow3g_hash_test_case_4); -} + plaintext = ciphertext + (tdata->validCipherOffsetInBits.len >> 3); -static int -test_snow3g_hash_generate_test_case_5(void) -{ - return test_snow3g_authentication(&snow3g_hash_test_case_5); -} + debug_hexdump(stdout, "plaintext:", plaintext, ciphertext_len); -static int -test_snow3g_hash_generate_test_case_6(void) -{ - return test_snow3g_authentication(&snow3g_hash_test_case_6); + const uint8_t *reference_plaintext = tdata->plaintext.data + + (tdata->validCipherOffsetInBits.len >> 3); + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + plaintext, + reference_plaintext, + tdata->validCipherLenInBits.len, + "KASUMI Plaintext data not as expected"); + return 0; } static int -test_snow3g_hash_verify_test_case_1(void) +test_snow3g_encryption(const struct snow3g_test_data *tdata) { - return test_snow3g_authentication_verify(&snow3g_hash_test_case_1); - -} + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; -static int -test_snow3g_hash_verify_test_case_2(void) -{ - return test_snow3g_authentication_verify(&snow3g_hash_test_case_2); -} + int retval; + uint8_t *plaintext, *ciphertext; + unsigned plaintext_pad_len; + unsigned plaintext_len; + struct rte_cryptodev_info dev_info; -static int -test_snow3g_hash_verify_test_case_3(void) -{ - return test_snow3g_authentication_verify(&snow3g_hash_test_case_3); -} + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; -static int -test_snow3g_hash_verify_test_case_4(void) -{ - return test_snow3g_authentication_verify(&snow3g_hash_test_case_4); -} + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } -static int -test_snow3g_hash_verify_test_case_5(void) -{ - return test_snow3g_authentication_verify(&snow3g_hash_test_case_5); -} + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; -static int -test_snow3g_hash_verify_test_case_6(void) -{ - return test_snow3g_authentication_verify(&snow3g_hash_test_case_6); -} + /* Verify the capabilities */ + struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; -static int -test_kasumi_hash_generate_test_case_1(void) -{ - return test_kasumi_authentication(&kasumi_hash_test_case_1); -} + /* Create SNOW 3G session */ + retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2, + tdata->key.data, tdata->key.len, + tdata->cipher_iv.len); + if (retval < 0) + return retval; -static int -test_kasumi_hash_generate_test_case_2(void) -{ - return test_kasumi_authentication(&kasumi_hash_test_case_2); -} + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); -static int -test_kasumi_hash_generate_test_case_3(void) -{ - return test_kasumi_authentication(&kasumi_hash_test_case_3); -} + /* Clear mbuf payload */ + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); -static int -test_kasumi_hash_generate_test_case_4(void) -{ - return test_kasumi_authentication(&kasumi_hash_test_case_4); -} + plaintext_len = ceil_byte_length(tdata->plaintext.len); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); -static int -test_kasumi_hash_generate_test_case_5(void) -{ - return test_kasumi_authentication(&kasumi_hash_test_case_5); -} + debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); -static int -test_kasumi_hash_generate_test_case_6(void) -{ - return test_kasumi_authentication(&kasumi_hash_test_case_6); -} + /* Create SNOW 3G operation */ + retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, + tdata->cipher_iv.len, + tdata->validCipherLenInBits.len, + 0); + if (retval < 0) + return retval; -static int -test_kasumi_hash_verify_test_case_1(void) -{ - return test_kasumi_authentication_verify(&kasumi_hash_test_case_1); -} + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 0, 1, tdata->cipher_iv.len); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); -static int -test_kasumi_hash_verify_test_case_2(void) -{ - return test_kasumi_authentication_verify(&kasumi_hash_test_case_2); -} + ut_params->obuf = ut_params->op->sym->m_dst; + if (ut_params->obuf) + ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); + else + ciphertext = plaintext; -static int -test_kasumi_hash_verify_test_case_3(void) -{ - return test_kasumi_authentication_verify(&kasumi_hash_test_case_3); -} + debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); -static int -test_kasumi_hash_verify_test_case_4(void) -{ - return test_kasumi_authentication_verify(&kasumi_hash_test_case_4); + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + tdata->ciphertext.data, + tdata->validDataLenInBits.len, + "SNOW 3G Ciphertext data not as expected"); + return 0; } -static int -test_kasumi_hash_verify_test_case_5(void) -{ - return test_kasumi_authentication_verify(&kasumi_hash_test_case_5); -} static int -test_kasumi_encryption(const struct kasumi_test_data *tdata) +test_snow3g_encryption_oop(const struct snow3g_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; + uint8_t *plaintext, *ciphertext; int retval; - uint8_t *plaintext, *ciphertext; unsigned plaintext_pad_len; unsigned plaintext_len; struct rte_cryptodev_info dev_info; @@ -3147,89 +4258,98 @@ test_kasumi_encryption(const struct kasumi_test_data *tdata) if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); + printf("Device does not support RAW data-path APIs.\n"); return -ENOTSUP; } /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; - /* Create KASUMI session */ + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + + /* Create SNOW 3G session */ retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_CIPHER_KASUMI_F8, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2, tdata->key.data, tdata->key.len, tdata->cipher_iv.len); if (retval < 0) return retval; ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + + TEST_ASSERT_NOT_NULL(ut_params->ibuf, + "Failed to allocate input buffer in mempool"); + TEST_ASSERT_NOT_NULL(ut_params->obuf, + "Failed to allocate output buffer in mempool"); /* Clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, rte_pktmbuf_tailroom(ut_params->ibuf)); plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple */ - /* of the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, plaintext_pad_len); + rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); memcpy(plaintext, tdata->plaintext.data, plaintext_len); debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); - /* Create KASUMI operation */ - retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, - tdata->cipher_iv.len, - RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), - tdata->validCipherOffsetInBits.len); + /* Create SNOW 3G operation */ + retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, + tdata->cipher_iv.len, + tdata->validCipherLenInBits.len, + 0); if (retval < 0) return retval; if (global_api_test_type == CRYPTODEV_RAW_API_TEST) process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 0, 1, tdata->cipher_iv.len); + ut_params->op, 1, 0, 1, tdata->cipher_iv.len); else ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); ut_params->obuf = ut_params->op->sym->m_dst; if (ut_params->obuf) ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); else - ciphertext = plaintext + (tdata->validCipherOffsetInBits.len >> 3); + ciphertext = plaintext; debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); - const uint8_t *reference_ciphertext = tdata->ciphertext.data + - (tdata->validCipherOffsetInBits.len >> 3); /* Validate obuf */ TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( ciphertext, - reference_ciphertext, - tdata->validCipherLenInBits.len, - "KASUMI Ciphertext data not as expected"); + tdata->ciphertext.data, + tdata->validDataLenInBits.len, + "SNOW 3G Ciphertext data not as expected"); return 0; } static int -test_kasumi_encryption_sgl(const struct kasumi_test_data *tdata) +test_snow3g_encryption_oop_sgl(const struct snow3g_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - unsigned int plaintext_pad_len; unsigned int plaintext_len; - uint8_t buffer[10000]; const uint8_t *ciphertext; @@ -3238,115 +4358,156 @@ test_kasumi_encryption_sgl(const struct kasumi_test_data *tdata) /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; + + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); uint64_t feat_flags = dev_info.feature_flags; - if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { - printf("Device doesn't support in-place scatter-gather. " + if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { + printf("Device doesn't support out-of-place scatter-gather " + "in both input and output mbufs. " "Test Skipped.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); + printf("Device does not support RAW data-path APIs.\n"); return -ENOTSUP; } - /* Create KASUMI session */ + /* Create SNOW 3G session */ retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_CIPHER_KASUMI_F8, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2, tdata->key.data, tdata->key.len, tdata->cipher_iv.len); if (retval < 0) return retval; plaintext_len = ceil_byte_length(tdata->plaintext.len); - - - /* Append data which is padded to a multiple */ - /* of the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, plaintext_pad_len, 10, 0); + ut_params->obuf = create_segmented_mbuf(ts_params->mbuf_pool, + plaintext_pad_len, 3, 0); + + TEST_ASSERT_NOT_NULL(ut_params->ibuf, + "Failed to allocate input buffer in mempool"); + TEST_ASSERT_NOT_NULL(ut_params->obuf, + "Failed to allocate output buffer in mempool"); pktmbuf_write(ut_params->ibuf, 0, plaintext_len, tdata->plaintext.data); - /* Create KASUMI operation */ - retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, - tdata->cipher_iv.len, - RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), - tdata->validCipherOffsetInBits.len); + /* Create SNOW 3G operation */ + retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, + tdata->cipher_iv.len, + tdata->validCipherLenInBits.len, + 0); if (retval < 0) return retval; if (global_api_test_type == CRYPTODEV_RAW_API_TEST) process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 0, 1, tdata->cipher_iv.len); + ut_params->op, 1, 0, 1, tdata->cipher_iv.len); else ut_params->op = process_crypto_request(ts_params->valid_devs[0], ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); ut_params->obuf = ut_params->op->sym->m_dst; - if (ut_params->obuf) ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, plaintext_len, buffer); else - ciphertext = rte_pktmbuf_read(ut_params->ibuf, - tdata->validCipherOffsetInBits.len >> 3, + ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, plaintext_len, buffer); - /* Validate obuf */ debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); - const uint8_t *reference_ciphertext = tdata->ciphertext.data + - (tdata->validCipherOffsetInBits.len >> 3); /* Validate obuf */ TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( ciphertext, - reference_ciphertext, - tdata->validCipherLenInBits.len, - "KASUMI Ciphertext data not as expected"); + tdata->ciphertext.data, + tdata->validDataLenInBits.len, + "SNOW 3G Ciphertext data not as expected"); + return 0; } +/* Shift right a buffer by "offset" bits, "offset" < 8 */ +static void +buffer_shift_right(uint8_t *buffer, uint32_t length, uint8_t offset) +{ + uint8_t curr_byte, prev_byte; + uint32_t length_in_bytes = ceil_byte_length(length + offset); + uint8_t lower_byte_mask = (1 << offset) - 1; + unsigned i; + + prev_byte = buffer[0]; + buffer[0] >>= offset; + + for (i = 1; i < length_in_bytes; i++) { + curr_byte = buffer[i]; + buffer[i] = ((prev_byte & lower_byte_mask) << (8 - offset)) | + (curr_byte >> offset); + prev_byte = curr_byte; + } +} + static int -test_kasumi_encryption_oop(const struct kasumi_test_data *tdata) +test_snow3g_encryption_offset_oop(const struct snow3g_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - - int retval; uint8_t *plaintext, *ciphertext; - unsigned plaintext_pad_len; - unsigned plaintext_len; + int retval; + uint32_t plaintext_len; + uint32_t plaintext_pad_len; + uint8_t extra_offset = 4; + uint8_t *expected_ciphertext_shifted; + struct rte_cryptodev_info dev_info; + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; + + if (!(feat_flags & RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA) && + ((tdata->validDataLenInBits.len % 8) != 0)) { + printf("Device doesn't support NON-Byte Aligned Data.\n"); + return TEST_SKIPPED; + } /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; - /* Data-path service does not support OOP */ + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + return TEST_SKIPPED; - /* Create KASUMI session */ + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + + /* Create SNOW 3G session */ retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_CIPHER_KASUMI_F8, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2, tdata->key.data, tdata->key.len, tdata->cipher_iv.len); if (retval < 0) @@ -3355,30 +4516,46 @@ test_kasumi_encryption_oop(const struct kasumi_test_data *tdata) ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + TEST_ASSERT_NOT_NULL(ut_params->ibuf, + "Failed to allocate input buffer in mempool"); + TEST_ASSERT_NOT_NULL(ut_params->obuf, + "Failed to allocate output buffer in mempool"); + /* Clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, rte_pktmbuf_tailroom(ut_params->ibuf)); - plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple */ - /* of the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); + plaintext_len = ceil_byte_length(tdata->plaintext.len + extra_offset); + /* + * Append data which is padded to a + * multiple of the algorithms block size + */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + + plaintext = (uint8_t *) rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); - debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); + memcpy(plaintext, tdata->plaintext.data, (tdata->plaintext.len >> 3)); + buffer_shift_right(plaintext, tdata->plaintext.len, extra_offset); - /* Create KASUMI operation */ +#ifdef RTE_APP_TEST_DEBUG + rte_hexdump(stdout, "plaintext:", plaintext, tdata->plaintext.len); +#endif + /* Create SNOW 3G operation */ retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, - tdata->cipher_iv.len, - RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), - tdata->validCipherOffsetInBits.len); + tdata->cipher_iv.len, + tdata->validCipherLenInBits.len, + extra_offset); if (retval < 0) return retval; - ut_params->op = process_crypto_request(ts_params->valid_devs[0], + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 0, 1, tdata->cipher_iv.len); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); @@ -3386,139 +4563,157 @@ test_kasumi_encryption_oop(const struct kasumi_test_data *tdata) if (ut_params->obuf) ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); else - ciphertext = plaintext + (tdata->validCipherOffsetInBits.len >> 3); + ciphertext = plaintext; - debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); +#ifdef RTE_APP_TEST_DEBUG + rte_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); +#endif - const uint8_t *reference_ciphertext = tdata->ciphertext.data + - (tdata->validCipherOffsetInBits.len >> 3); + expected_ciphertext_shifted = rte_malloc(NULL, plaintext_len, 8); + + TEST_ASSERT_NOT_NULL(expected_ciphertext_shifted, + "failed to reserve memory for ciphertext shifted\n"); + + memcpy(expected_ciphertext_shifted, tdata->ciphertext.data, + ceil_byte_length(tdata->ciphertext.len)); + buffer_shift_right(expected_ciphertext_shifted, tdata->ciphertext.len, + extra_offset); /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT_OFFSET( ciphertext, - reference_ciphertext, - tdata->validCipherLenInBits.len, - "KASUMI Ciphertext data not as expected"); + expected_ciphertext_shifted, + tdata->validDataLenInBits.len, + extra_offset, + "SNOW 3G Ciphertext data not as expected"); return 0; } -static int -test_kasumi_encryption_oop_sgl(const struct kasumi_test_data *tdata) +static int test_snow3g_decryption(const struct snow3g_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - unsigned int plaintext_pad_len; - unsigned int plaintext_len; - - const uint8_t *ciphertext; - uint8_t buffer[2048]; + uint8_t *plaintext, *ciphertext; + unsigned ciphertext_pad_len; + unsigned ciphertext_len; struct rte_cryptodev_info dev_info; + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; + + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } + + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; - - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; - - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - - uint64_t feat_flags = dev_info.feature_flags; - if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { - printf("Device doesn't support out-of-place scatter-gather " - "in both input and output mbufs. " - "Test Skipped.\n"); - return -ENOTSUP; - } + return TEST_SKIPPED; - /* Create KASUMI session */ + /* Create SNOW 3G session */ retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_CIPHER_KASUMI_F8, + RTE_CRYPTO_CIPHER_OP_DECRYPT, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2, tdata->key.data, tdata->key.len, tdata->cipher_iv.len); if (retval < 0) return retval; - plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple */ - /* of the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, - plaintext_pad_len, 10, 0); - ut_params->obuf = create_segmented_mbuf(ts_params->mbuf_pool, - plaintext_pad_len, 3, 0); + /* Clear mbuf payload */ + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); - /* Append data which is padded to a multiple */ - /* of the algorithms block size */ - pktmbuf_write(ut_params->ibuf, 0, plaintext_len, tdata->plaintext.data); + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); + ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + ciphertext_pad_len); + memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); - /* Create KASUMI operation */ - retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, - tdata->cipher_iv.len, - RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), - tdata->validCipherOffsetInBits.len); + debug_hexdump(stdout, "ciphertext:", ciphertext, ciphertext_len); + + /* Create SNOW 3G operation */ + retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, + tdata->cipher_iv.len, + tdata->validCipherLenInBits.len, + tdata->cipher.offset_bits); if (retval < 0) return retval; - ut_params->op = process_crypto_request(ts_params->valid_devs[0], + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 0, 1, tdata->cipher_iv.len); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_dst; if (ut_params->obuf) - ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, - plaintext_pad_len, buffer); + plaintext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); else - ciphertext = rte_pktmbuf_read(ut_params->ibuf, - tdata->validCipherOffsetInBits.len >> 3, - plaintext_pad_len, buffer); + plaintext = ciphertext; + + debug_hexdump(stdout, "plaintext:", plaintext, ciphertext_len); - const uint8_t *reference_ciphertext = tdata->ciphertext.data + - (tdata->validCipherOffsetInBits.len >> 3); /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - reference_ciphertext, - tdata->validCipherLenInBits.len, - "KASUMI Ciphertext data not as expected"); + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT(plaintext, + tdata->plaintext.data, + tdata->validDataLenInBits.len, + "SNOW 3G Plaintext data not as expected"); return 0; } - -static int -test_kasumi_decryption_oop(const struct kasumi_test_data *tdata) +static int test_snow3g_decryption_oop(const struct snow3g_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - uint8_t *ciphertext, *plaintext; + + uint8_t *plaintext, *ciphertext; unsigned ciphertext_pad_len; unsigned ciphertext_len; + struct rte_cryptodev_info dev_info; + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device does not support RAW data-path APIs.\n"); + return -ENOTSUP; + } /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + return TEST_SKIPPED; - /* Create KASUMI session */ + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + + /* Create SNOW 3G session */ retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], RTE_CRYPTO_CIPHER_OP_DECRYPT, - RTE_CRYPTO_CIPHER_KASUMI_F8, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2, tdata->key.data, tdata->key.len, tdata->cipher_iv.len); if (retval < 0) @@ -3527,14 +4722,22 @@ test_kasumi_decryption_oop(const struct kasumi_test_data *tdata) ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + TEST_ASSERT_NOT_NULL(ut_params->ibuf, + "Failed to allocate input buffer"); + TEST_ASSERT_NOT_NULL(ut_params->obuf, + "Failed to allocate output buffer"); + /* Clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, rte_pktmbuf_tailroom(ut_params->ibuf)); + memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->obuf)); + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); - /* Append data which is padded to a multiple */ - /* of the algorithms block size */ - ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 8); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, ciphertext_pad_len); rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); @@ -3542,133 +4745,155 @@ test_kasumi_decryption_oop(const struct kasumi_test_data *tdata) debug_hexdump(stdout, "ciphertext:", ciphertext, ciphertext_len); - /* Create KASUMI operation */ + /* Create SNOW 3G operation */ retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, - tdata->cipher_iv.len, - RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), - tdata->validCipherOffsetInBits.len); + tdata->cipher_iv.len, + tdata->validCipherLenInBits.len, + 0); if (retval < 0) return retval; - ut_params->op = process_crypto_request(ts_params->valid_devs[0], + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 0, 1, tdata->cipher_iv.len); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_dst; if (ut_params->obuf) plaintext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); else - plaintext = ciphertext + (tdata->validCipherOffsetInBits.len >> 3); + plaintext = ciphertext; debug_hexdump(stdout, "plaintext:", plaintext, ciphertext_len); - const uint8_t *reference_plaintext = tdata->plaintext.data + - (tdata->validCipherOffsetInBits.len >> 3); /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - plaintext, - reference_plaintext, - tdata->validCipherLenInBits.len, - "KASUMI Plaintext data not as expected"); + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT(plaintext, + tdata->plaintext.data, + tdata->validDataLenInBits.len, + "SNOW 3G Plaintext data not as expected"); return 0; } static int -test_kasumi_decryption(const struct kasumi_test_data *tdata) +test_zuc_cipher_auth(const struct wireless_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - uint8_t *ciphertext, *plaintext; - unsigned ciphertext_pad_len; - unsigned ciphertext_len; + + uint8_t *plaintext, *ciphertext; + unsigned int plaintext_pad_len; + unsigned int plaintext_len; + struct rte_cryptodev_info dev_info; + struct rte_cryptodev_sym_capability_idx cap_idx; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); uint64_t feat_flags = dev_info.feature_flags; + if (!(feat_flags & RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA) && + ((tdata->validAuthLenInBits.len % 8 != 0) || + (tdata->validDataLenInBits.len % 8 != 0))) { + printf("Device doesn't support NON-Byte Aligned Data.\n"); + return TEST_SKIPPED; + } + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } - /* Verify the capabilities */ - struct rte_cryptodev_sym_capability_idx cap_idx; + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + + /* Check if device supports ZUC EEA3 */ cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_ZUC_EEA3; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; - /* Create KASUMI session */ - retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_DECRYPT, - RTE_CRYPTO_CIPHER_KASUMI_F8, - tdata->key.data, tdata->key.len, - tdata->cipher_iv.len); - if (retval < 0) - return retval; + /* Check if device supports ZUC EIA3 */ + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_ZUC_EIA3; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; + + /* Create ZUC session */ + retval = create_zuc_cipher_auth_encrypt_generate_session( + ts_params->valid_devs[0], + tdata); + if (retval != 0) + return retval; ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - /* Clear mbuf payload */ + /* clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + rte_pktmbuf_tailroom(ut_params->ibuf)); - ciphertext_len = ceil_byte_length(tdata->ciphertext.len); - /* Append data which is padded to a multiple */ - /* of the algorithms block size */ - ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 8); - ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - ciphertext_pad_len); - memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); + plaintext_len = ceil_byte_length(tdata->plaintext.len); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); - debug_hexdump(stdout, "ciphertext:", ciphertext, ciphertext_len); + debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); - /* Create KASUMI operation */ - retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, - tdata->cipher_iv.len, - tdata->ciphertext.len, - tdata->validCipherOffsetInBits.len); + /* Create ZUC operation */ + retval = create_zuc_cipher_hash_generate_operation(tdata); if (retval < 0) return retval; if (global_api_test_type == CRYPTODEV_RAW_API_TEST) process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 0, 1, 0); + ut_params->op, 1, 1, 1, tdata->cipher_iv.len); else ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - - ut_params->obuf = ut_params->op->sym->m_dst; + ut_params->obuf = ut_params->op->sym->m_src; if (ut_params->obuf) - plaintext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); + ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); else - plaintext = ciphertext + (tdata->validCipherOffsetInBits.len >> 3); - - debug_hexdump(stdout, "plaintext:", plaintext, ciphertext_len); + ciphertext = plaintext; - const uint8_t *reference_plaintext = tdata->plaintext.data + - (tdata->validCipherOffsetInBits.len >> 3); + debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); /* Validate obuf */ TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - plaintext, - reference_plaintext, - tdata->validCipherLenInBits.len, - "KASUMI Plaintext data not as expected"); + ciphertext, + tdata->ciphertext.data, + tdata->validDataLenInBits.len, + "ZUC Ciphertext data not as expected"); + + ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) + + plaintext_pad_len; + + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ut_params->digest, + tdata->digest.data, + 4, + "ZUC Generated auth tag not as expected"); return 0; } static int -test_snow3g_encryption(const struct snow3g_test_data *tdata) +test_snow3g_cipher_auth(const struct snow3g_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; + uint8_t *plaintext, *ciphertext; unsigned plaintext_pad_len; unsigned plaintext_len; @@ -3680,31 +4905,41 @@ test_snow3g_encryption(const struct snow3g_test_data *tdata) if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; /* Create SNOW 3G session */ - retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_CIPHER_SNOW3G_UEA2, - tdata->key.data, tdata->key.len, - tdata->cipher_iv.len); - if (retval < 0) + retval = create_wireless_algo_cipher_auth_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_AUTH_OP_GENERATE, + RTE_CRYPTO_AUTH_SNOW3G_UIA2, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2, + tdata->key.data, tdata->key.len, + tdata->auth_iv.len, tdata->digest.len, + tdata->cipher_iv.len); + if (retval != 0) return retval; - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - /* Clear mbuf payload */ + /* clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + rte_pktmbuf_tailroom(ut_params->ibuf)); plaintext_len = ceil_byte_length(tdata->plaintext.len); /* Append data which is padded to a multiple of */ @@ -3717,520 +4952,861 @@ test_snow3g_encryption(const struct snow3g_test_data *tdata) debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); /* Create SNOW 3G operation */ - retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, - tdata->cipher_iv.len, - tdata->validCipherLenInBits.len, - 0); + retval = create_wireless_algo_cipher_hash_operation(tdata->digest.data, + tdata->digest.len, tdata->auth_iv.data, + tdata->auth_iv.len, + plaintext_pad_len, RTE_CRYPTO_AUTH_OP_GENERATE, + tdata->cipher_iv.data, tdata->cipher_iv.len, + tdata->validCipherLenInBits.len, + 0, + tdata->validAuthLenInBits.len, + 0 + ); if (retval < 0) return retval; if (global_api_test_type == CRYPTODEV_RAW_API_TEST) process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 0, 1, tdata->cipher_iv.len); + ut_params->op, 1, 1, 1, tdata->cipher_iv.len); else ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - - ut_params->obuf = ut_params->op->sym->m_dst; + ut_params->obuf = ut_params->op->sym->m_src; if (ut_params->obuf) ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); else ciphertext = plaintext; debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); - /* Validate obuf */ TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLenInBits.len, - "SNOW 3G Ciphertext data not as expected"); + ciphertext, + tdata->ciphertext.data, + tdata->validDataLenInBits.len, + "SNOW 3G Ciphertext data not as expected"); + + ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) + + plaintext_pad_len; + + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ut_params->digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_SNOW3G_UIA2, + "SNOW 3G Generated auth tag not as expected"); return 0; } - static int -test_snow3g_encryption_oop(const struct snow3g_test_data *tdata) +test_snow3g_auth_cipher(const struct snow3g_test_data *tdata, + uint8_t op_mode, uint8_t verify) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - uint8_t *plaintext, *ciphertext; int retval; - unsigned plaintext_pad_len; - unsigned plaintext_len; + + uint8_t *plaintext = NULL, *ciphertext = NULL; + unsigned int plaintext_pad_len; + unsigned int plaintext_len; + unsigned int ciphertext_pad_len; + unsigned int ciphertext_len; + + struct rte_cryptodev_info dev_info; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + + uint64_t feat_flags = dev_info.feature_flags; + + if (op_mode == OUT_OF_PLACE) { + if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { + printf("Device doesn't support digest encrypted.\n"); + return TEST_SKIPPED; + } + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + } + + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } /* Create SNOW 3G session */ - retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_CIPHER_SNOW3G_UEA2, - tdata->key.data, tdata->key.len, - tdata->cipher_iv.len); - if (retval < 0) + retval = create_wireless_algo_auth_cipher_session( + ts_params->valid_devs[0], + (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT + : RTE_CRYPTO_CIPHER_OP_ENCRYPT), + (verify ? RTE_CRYPTO_AUTH_OP_VERIFY + : RTE_CRYPTO_AUTH_OP_GENERATE), + RTE_CRYPTO_AUTH_SNOW3G_UIA2, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2, + tdata->key.data, tdata->key.len, + tdata->auth_iv.len, tdata->digest.len, + tdata->cipher_iv.len); + if (retval != 0) return retval; ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - - TEST_ASSERT_NOT_NULL(ut_params->ibuf, - "Failed to allocate input buffer in mempool"); - TEST_ASSERT_NOT_NULL(ut_params->obuf, - "Failed to allocate output buffer in mempool"); + if (op_mode == OUT_OF_PLACE) + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - /* Clear mbuf payload */ + /* clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + rte_pktmbuf_tailroom(ut_params->ibuf)); + if (op_mode == OUT_OF_PLACE) + memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->obuf)); + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple of */ - /* the algorithms block size */ + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); - debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); + if (verify) { + ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + ciphertext_pad_len); + memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + } else { + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); + debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); + } /* Create SNOW 3G operation */ - retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, - tdata->cipher_iv.len, - tdata->validCipherLenInBits.len, - 0); + retval = create_wireless_algo_auth_cipher_operation( + tdata->digest.data, tdata->digest.len, + tdata->cipher_iv.data, tdata->cipher_iv.len, + tdata->auth_iv.data, tdata->auth_iv.len, + (tdata->digest.offset_bytes == 0 ? + (verify ? ciphertext_pad_len : plaintext_pad_len) + : tdata->digest.offset_bytes), + tdata->validCipherLenInBits.len, + tdata->cipher.offset_bits, + tdata->validAuthLenInBits.len, + tdata->auth.offset_bits, + op_mode, 0, verify); + if (retval < 0) return retval; - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 1, 1, tdata->cipher_iv.len); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_dst; - if (ut_params->obuf) - ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); - else - ciphertext = plaintext; + ut_params->obuf = (op_mode == IN_PLACE ? + ut_params->op->sym->m_src : ut_params->op->sym->m_dst); - debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); + if (verify) { + if (ut_params->obuf) + plaintext = rte_pktmbuf_mtod(ut_params->obuf, + uint8_t *); + else + plaintext = ciphertext + + (tdata->cipher.offset_bits >> 3); + + debug_hexdump(stdout, "plaintext:", plaintext, + (tdata->plaintext.len >> 3) - tdata->digest.len); + debug_hexdump(stdout, "plaintext expected:", + tdata->plaintext.data, + (tdata->plaintext.len >> 3) - tdata->digest.len); + } else { + if (ut_params->obuf) + ciphertext = rte_pktmbuf_mtod(ut_params->obuf, + uint8_t *); + else + ciphertext = plaintext; + + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + debug_hexdump(stdout, "ciphertext expected:", + tdata->ciphertext.data, tdata->ciphertext.len >> 3); + + ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) + + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes); + + debug_hexdump(stdout, "digest:", ut_params->digest, + tdata->digest.len); + debug_hexdump(stdout, "digest expected:", tdata->digest.data, + tdata->digest.len); + } /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLenInBits.len, - "SNOW 3G Ciphertext data not as expected"); + if (verify) { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT_OFFSET( + plaintext, + tdata->plaintext.data, + (tdata->plaintext.len - tdata->cipher.offset_bits - + (tdata->digest.len << 3)), + tdata->cipher.offset_bits, + "SNOW 3G Plaintext data not as expected"); + } else { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT_OFFSET( + ciphertext, + tdata->ciphertext.data, + (tdata->validDataLenInBits.len - + tdata->cipher.offset_bits), + tdata->cipher.offset_bits, + "SNOW 3G Ciphertext data not as expected"); + + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ut_params->digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_SNOW3G_UIA2, + "SNOW 3G Generated auth tag not as expected"); + } return 0; } static int -test_snow3g_encryption_oop_sgl(const struct snow3g_test_data *tdata) +test_snow3g_auth_cipher_sgl(const struct snow3g_test_data *tdata, + uint8_t op_mode, uint8_t verify) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; + + const uint8_t *plaintext = NULL; + const uint8_t *ciphertext = NULL; + const uint8_t *digest = NULL; unsigned int plaintext_pad_len; unsigned int plaintext_len; + unsigned int ciphertext_pad_len; + unsigned int ciphertext_len; uint8_t buffer[10000]; - const uint8_t *ciphertext; + uint8_t digest_buffer[10000]; struct rte_cryptodev_info dev_info; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); uint64_t feat_flags = dev_info.feature_flags; - if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { - printf("Device doesn't support out-of-place scatter-gather " - "in both input and output mbufs. " - "Test Skipped.\n"); - return -ENOTSUP; + if (op_mode == IN_PLACE) { + if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { + printf("Device doesn't support in-place scatter-gather " + "in both input and output mbufs.\n"); + return TEST_SKIPPED; + } + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } + } else { + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { + printf("Device doesn't support out-of-place scatter-gather " + "in both input and output mbufs.\n"); + return TEST_SKIPPED; + } + if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { + printf("Device doesn't support digest encrypted.\n"); + return TEST_SKIPPED; + } } /* Create SNOW 3G session */ - retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_CIPHER_SNOW3G_UEA2, - tdata->key.data, tdata->key.len, - tdata->cipher_iv.len); - if (retval < 0) + retval = create_wireless_algo_auth_cipher_session( + ts_params->valid_devs[0], + (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT + : RTE_CRYPTO_CIPHER_OP_ENCRYPT), + (verify ? RTE_CRYPTO_AUTH_OP_VERIFY + : RTE_CRYPTO_AUTH_OP_GENERATE), + RTE_CRYPTO_AUTH_SNOW3G_UIA2, + RTE_CRYPTO_CIPHER_SNOW3G_UEA2, + tdata->key.data, tdata->key.len, + tdata->auth_iv.len, tdata->digest.len, + tdata->cipher_iv.len); + + if (retval != 0) return retval; + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple of */ - /* the algorithms block size */ + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, - plaintext_pad_len, 10, 0); - ut_params->obuf = create_segmented_mbuf(ts_params->mbuf_pool, - plaintext_pad_len, 3, 0); - + plaintext_pad_len, 15, 0); TEST_ASSERT_NOT_NULL(ut_params->ibuf, "Failed to allocate input buffer in mempool"); - TEST_ASSERT_NOT_NULL(ut_params->obuf, - "Failed to allocate output buffer in mempool"); - pktmbuf_write(ut_params->ibuf, 0, plaintext_len, tdata->plaintext.data); + if (op_mode == OUT_OF_PLACE) { + ut_params->obuf = create_segmented_mbuf(ts_params->mbuf_pool, + plaintext_pad_len, 15, 0); + TEST_ASSERT_NOT_NULL(ut_params->obuf, + "Failed to allocate output buffer in mempool"); + } + + if (verify) { + pktmbuf_write(ut_params->ibuf, 0, ciphertext_len, + tdata->ciphertext.data); + ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, + ciphertext_len, buffer); + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + } else { + pktmbuf_write(ut_params->ibuf, 0, plaintext_len, + tdata->plaintext.data); + plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, + plaintext_len, buffer); + debug_hexdump(stdout, "plaintext:", plaintext, + plaintext_len); + } + memset(buffer, 0, sizeof(buffer)); /* Create SNOW 3G operation */ - retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, - tdata->cipher_iv.len, - tdata->validCipherLenInBits.len, - 0); + retval = create_wireless_algo_auth_cipher_operation( + tdata->digest.data, tdata->digest.len, + tdata->cipher_iv.data, tdata->cipher_iv.len, + tdata->auth_iv.data, tdata->auth_iv.len, + (tdata->digest.offset_bytes == 0 ? + (verify ? ciphertext_pad_len : plaintext_pad_len) + : tdata->digest.offset_bytes), + tdata->validCipherLenInBits.len, + tdata->cipher.offset_bits, + tdata->validAuthLenInBits.len, + tdata->auth.offset_bits, + op_mode, 1, verify); + if (retval < 0) return retval; - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 1, 1, tdata->cipher_iv.len); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_dst; - if (ut_params->obuf) - ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, - plaintext_len, buffer); - else - ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, - plaintext_len, buffer); + ut_params->obuf = (op_mode == IN_PLACE ? + ut_params->op->sym->m_src : ut_params->op->sym->m_dst); - debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); + if (verify) { + if (ut_params->obuf) + plaintext = rte_pktmbuf_read(ut_params->obuf, 0, + plaintext_len, buffer); + else + plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, + plaintext_len, buffer); - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLenInBits.len, - "SNOW 3G Ciphertext data not as expected"); + debug_hexdump(stdout, "plaintext:", plaintext, + (tdata->plaintext.len >> 3) - tdata->digest.len); + debug_hexdump(stdout, "plaintext expected:", + tdata->plaintext.data, + (tdata->plaintext.len >> 3) - tdata->digest.len); + } else { + if (ut_params->obuf) + ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, + ciphertext_len, buffer); + else + ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, + ciphertext_len, buffer); - return 0; -} + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + debug_hexdump(stdout, "ciphertext expected:", + tdata->ciphertext.data, tdata->ciphertext.len >> 3); -/* Shift right a buffer by "offset" bits, "offset" < 8 */ -static void -buffer_shift_right(uint8_t *buffer, uint32_t length, uint8_t offset) -{ - uint8_t curr_byte, prev_byte; - uint32_t length_in_bytes = ceil_byte_length(length + offset); - uint8_t lower_byte_mask = (1 << offset) - 1; - unsigned i; + if (ut_params->obuf) + digest = rte_pktmbuf_read(ut_params->obuf, + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes), + tdata->digest.len, digest_buffer); + else + digest = rte_pktmbuf_read(ut_params->ibuf, + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes), + tdata->digest.len, digest_buffer); - prev_byte = buffer[0]; - buffer[0] >>= offset; + debug_hexdump(stdout, "digest:", digest, + tdata->digest.len); + debug_hexdump(stdout, "digest expected:", + tdata->digest.data, tdata->digest.len); + } - for (i = 1; i < length_in_bytes; i++) { - curr_byte = buffer[i]; - buffer[i] = ((prev_byte & lower_byte_mask) << (8 - offset)) | - (curr_byte >> offset); - prev_byte = curr_byte; + /* Validate obuf */ + if (verify) { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT_OFFSET( + plaintext, + tdata->plaintext.data, + (tdata->plaintext.len - tdata->cipher.offset_bits - + (tdata->digest.len << 3)), + tdata->cipher.offset_bits, + "SNOW 3G Plaintext data not as expected"); + } else { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT_OFFSET( + ciphertext, + tdata->ciphertext.data, + (tdata->validDataLenInBits.len - + tdata->cipher.offset_bits), + tdata->cipher.offset_bits, + "SNOW 3G Ciphertext data not as expected"); + + TEST_ASSERT_BUFFERS_ARE_EQUAL( + digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_SNOW3G_UIA2, + "SNOW 3G Generated auth tag not as expected"); } + return 0; } static int -test_snow3g_encryption_offset_oop(const struct snow3g_test_data *tdata) +test_kasumi_auth_cipher(const struct kasumi_test_data *tdata, + uint8_t op_mode, uint8_t verify) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - uint8_t *plaintext, *ciphertext; + int retval; - uint32_t plaintext_len; - uint32_t plaintext_pad_len; - uint8_t extra_offset = 4; - uint8_t *expected_ciphertext_shifted; - struct rte_cryptodev_info dev_info; - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - uint64_t feat_flags = dev_info.feature_flags; + uint8_t *plaintext = NULL, *ciphertext = NULL; + unsigned int plaintext_pad_len; + unsigned int plaintext_len; + unsigned int ciphertext_pad_len; + unsigned int ciphertext_len; - if (!(feat_flags & RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA) && - ((tdata->validDataLenInBits.len % 8) != 0)) { - printf("Device doesn't support NON-Byte Aligned Data.\n"); - return -ENOTSUP; - } + struct rte_cryptodev_info dev_info; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - /* Create SNOW 3G session */ - retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_CIPHER_SNOW3G_UEA2, - tdata->key.data, tdata->key.len, - tdata->cipher_iv.len); - if (retval < 0) + uint64_t feat_flags = dev_info.feature_flags; + + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } + + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + + if (op_mode == OUT_OF_PLACE) { + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { + printf("Device doesn't support digest encrypted.\n"); + return TEST_SKIPPED; + } + } + + /* Create KASUMI session */ + retval = create_wireless_algo_auth_cipher_session( + ts_params->valid_devs[0], + (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT + : RTE_CRYPTO_CIPHER_OP_ENCRYPT), + (verify ? RTE_CRYPTO_AUTH_OP_VERIFY + : RTE_CRYPTO_AUTH_OP_GENERATE), + RTE_CRYPTO_AUTH_KASUMI_F9, + RTE_CRYPTO_CIPHER_KASUMI_F8, + tdata->key.data, tdata->key.len, + 0, tdata->digest.len, + tdata->cipher_iv.len); + + if (retval != 0) return retval; ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - - TEST_ASSERT_NOT_NULL(ut_params->ibuf, - "Failed to allocate input buffer in mempool"); - TEST_ASSERT_NOT_NULL(ut_params->obuf, - "Failed to allocate output buffer in mempool"); + if (op_mode == OUT_OF_PLACE) + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - /* Clear mbuf payload */ + /* clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + rte_pktmbuf_tailroom(ut_params->ibuf)); + if (op_mode == OUT_OF_PLACE) + memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->obuf)); - plaintext_len = ceil_byte_length(tdata->plaintext.len + extra_offset); - /* - * Append data which is padded to a - * multiple of the algorithms block size - */ + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); + plaintext_len = ceil_byte_length(tdata->plaintext.len); + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); - plaintext = (uint8_t *) rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - - rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); + if (verify) { + ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + ciphertext_pad_len); + memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + } else { + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); + debug_hexdump(stdout, "plaintext:", plaintext, + plaintext_len); + } - memcpy(plaintext, tdata->plaintext.data, (tdata->plaintext.len >> 3)); - buffer_shift_right(plaintext, tdata->plaintext.len, extra_offset); + /* Create KASUMI operation */ + retval = create_wireless_algo_auth_cipher_operation( + tdata->digest.data, tdata->digest.len, + tdata->cipher_iv.data, tdata->cipher_iv.len, + NULL, 0, + (tdata->digest.offset_bytes == 0 ? + (verify ? ciphertext_pad_len : plaintext_pad_len) + : tdata->digest.offset_bytes), + tdata->validCipherLenInBits.len, + tdata->validCipherOffsetInBits.len, + tdata->validAuthLenInBits.len, + 0, + op_mode, 0, verify); -#ifdef RTE_APP_TEST_DEBUG - rte_hexdump(stdout, "plaintext:", plaintext, tdata->plaintext.len); -#endif - /* Create SNOW 3G operation */ - retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, - tdata->cipher_iv.len, - tdata->validCipherLenInBits.len, - extra_offset); if (retval < 0) return retval; - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 1, 1, tdata->cipher_iv.len); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_dst; - if (ut_params->obuf) - ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); - else - ciphertext = plaintext; + ut_params->obuf = (op_mode == IN_PLACE ? + ut_params->op->sym->m_src : ut_params->op->sym->m_dst); -#ifdef RTE_APP_TEST_DEBUG - rte_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); -#endif - expected_ciphertext_shifted = rte_malloc(NULL, plaintext_len, 8); + if (verify) { + if (ut_params->obuf) + plaintext = rte_pktmbuf_mtod(ut_params->obuf, + uint8_t *); + else + plaintext = ciphertext; - TEST_ASSERT_NOT_NULL(expected_ciphertext_shifted, - "failed to reserve memory for ciphertext shifted\n"); + debug_hexdump(stdout, "plaintext:", plaintext, + (tdata->plaintext.len >> 3) - tdata->digest.len); + debug_hexdump(stdout, "plaintext expected:", + tdata->plaintext.data, + (tdata->plaintext.len >> 3) - tdata->digest.len); + } else { + if (ut_params->obuf) + ciphertext = rte_pktmbuf_mtod(ut_params->obuf, + uint8_t *); + else + ciphertext = plaintext; + + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + debug_hexdump(stdout, "ciphertext expected:", + tdata->ciphertext.data, tdata->ciphertext.len >> 3); + + ut_params->digest = rte_pktmbuf_mtod( + ut_params->obuf, uint8_t *) + + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes); + + debug_hexdump(stdout, "digest:", ut_params->digest, + tdata->digest.len); + debug_hexdump(stdout, "digest expected:", + tdata->digest.data, tdata->digest.len); + } - memcpy(expected_ciphertext_shifted, tdata->ciphertext.data, - ceil_byte_length(tdata->ciphertext.len)); - buffer_shift_right(expected_ciphertext_shifted, tdata->ciphertext.len, - extra_offset); /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT_OFFSET( - ciphertext, - expected_ciphertext_shifted, - tdata->validDataLenInBits.len, - extra_offset, - "SNOW 3G Ciphertext data not as expected"); + if (verify) { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + plaintext, + tdata->plaintext.data, + tdata->plaintext.len >> 3, + "KASUMI Plaintext data not as expected"); + } else { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + tdata->ciphertext.data, + tdata->ciphertext.len >> 3, + "KASUMI Ciphertext data not as expected"); + + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ut_params->digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_KASUMI_F9, + "KASUMI Generated auth tag not as expected"); + } return 0; } -static int test_snow3g_decryption(const struct snow3g_test_data *tdata) +static int +test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata, + uint8_t op_mode, uint8_t verify) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - uint8_t *plaintext, *ciphertext; - unsigned ciphertext_pad_len; - unsigned ciphertext_len; - struct rte_cryptodev_info dev_info; - - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - uint64_t feat_flags = dev_info.feature_flags; + const uint8_t *plaintext = NULL; + const uint8_t *ciphertext = NULL; + const uint8_t *digest = NULL; + unsigned int plaintext_pad_len; + unsigned int plaintext_len; + unsigned int ciphertext_pad_len; + unsigned int ciphertext_len; + uint8_t buffer[10000]; + uint8_t digest_buffer[10000]; - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; - } + struct rte_cryptodev_info dev_info; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9; + if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx) == NULL) + return TEST_SKIPPED; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; - /* Create SNOW 3G session */ - retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_DECRYPT, - RTE_CRYPTO_CIPHER_SNOW3G_UEA2, - tdata->key.data, tdata->key.len, - tdata->cipher_iv.len); - if (retval < 0) - return retval; + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - /* Clear mbuf payload */ - memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + uint64_t feat_flags = dev_info.feature_flags; - ciphertext_len = ceil_byte_length(tdata->ciphertext.len); - /* Append data which is padded to a multiple of */ - /* the algorithms block size */ - ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); - ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - ciphertext_pad_len); - memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); + if (op_mode == IN_PLACE) { + if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { + printf("Device doesn't support in-place scatter-gather " + "in both input and output mbufs.\n"); + return TEST_SKIPPED; + } + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } + } else { + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { + printf("Device doesn't support out-of-place scatter-gather " + "in both input and output mbufs.\n"); + return TEST_SKIPPED; + } + if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { + printf("Device doesn't support digest encrypted.\n"); + return TEST_SKIPPED; + } + } - debug_hexdump(stdout, "ciphertext:", ciphertext, ciphertext_len); + /* Create KASUMI session */ + retval = create_wireless_algo_auth_cipher_session( + ts_params->valid_devs[0], + (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT + : RTE_CRYPTO_CIPHER_OP_ENCRYPT), + (verify ? RTE_CRYPTO_AUTH_OP_VERIFY + : RTE_CRYPTO_AUTH_OP_GENERATE), + RTE_CRYPTO_AUTH_KASUMI_F9, + RTE_CRYPTO_CIPHER_KASUMI_F8, + tdata->key.data, tdata->key.len, + 0, tdata->digest.len, + tdata->cipher_iv.len); - /* Create SNOW 3G operation */ - retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, - tdata->cipher_iv.len, - tdata->validCipherLenInBits.len, - tdata->cipher.offset_bits); - if (retval < 0) + if (retval != 0) return retval; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 0, 1, tdata->cipher_iv.len); - else - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); - TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_dst; - if (ut_params->obuf) - plaintext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); - else - plaintext = ciphertext; - - debug_hexdump(stdout, "plaintext:", plaintext, ciphertext_len); - - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT(plaintext, - tdata->plaintext.data, - tdata->validDataLenInBits.len, - "SNOW 3G Plaintext data not as expected"); - return 0; -} - -static int test_snow3g_decryption_oop(const struct snow3g_test_data *tdata) -{ - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; + ciphertext_len = ceil_byte_length(tdata->ciphertext.len); + plaintext_len = ceil_byte_length(tdata->plaintext.len); + ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); - int retval; + ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, + plaintext_pad_len, 15, 0); + TEST_ASSERT_NOT_NULL(ut_params->ibuf, + "Failed to allocate input buffer in mempool"); - uint8_t *plaintext, *ciphertext; - unsigned ciphertext_pad_len; - unsigned ciphertext_len; + if (op_mode == OUT_OF_PLACE) { + ut_params->obuf = create_segmented_mbuf(ts_params->mbuf_pool, + plaintext_pad_len, 15, 0); + TEST_ASSERT_NOT_NULL(ut_params->obuf, + "Failed to allocate output buffer in mempool"); + } - /* Verify the capabilities */ - struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; + if (verify) { + pktmbuf_write(ut_params->ibuf, 0, ciphertext_len, + tdata->ciphertext.data); + ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, + ciphertext_len, buffer); + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + } else { + pktmbuf_write(ut_params->ibuf, 0, plaintext_len, + tdata->plaintext.data); + plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, + plaintext_len, buffer); + debug_hexdump(stdout, "plaintext:", plaintext, + plaintext_len); + } + memset(buffer, 0, sizeof(buffer)); - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + /* Create KASUMI operation */ + retval = create_wireless_algo_auth_cipher_operation( + tdata->digest.data, tdata->digest.len, + tdata->cipher_iv.data, tdata->cipher_iv.len, + NULL, 0, + (tdata->digest.offset_bytes == 0 ? + (verify ? ciphertext_pad_len : plaintext_pad_len) + : tdata->digest.offset_bytes), + tdata->validCipherLenInBits.len, + tdata->validCipherOffsetInBits.len, + tdata->validAuthLenInBits.len, + 0, + op_mode, 1, verify); - /* Create SNOW 3G session */ - retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_DECRYPT, - RTE_CRYPTO_CIPHER_SNOW3G_UEA2, - tdata->key.data, tdata->key.len, - tdata->cipher_iv.len); if (retval < 0) return retval; - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - - TEST_ASSERT_NOT_NULL(ut_params->ibuf, - "Failed to allocate input buffer"); - TEST_ASSERT_NOT_NULL(ut_params->obuf, - "Failed to allocate output buffer"); + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 1, 1, tdata->cipher_iv.len); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); - /* Clear mbuf payload */ - memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->obuf)); + ut_params->obuf = (op_mode == IN_PLACE ? + ut_params->op->sym->m_src : ut_params->op->sym->m_dst); - ciphertext_len = ceil_byte_length(tdata->ciphertext.len); - /* Append data which is padded to a multiple of */ - /* the algorithms block size */ - ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); - ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - ciphertext_pad_len); - rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); - memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); + if (verify) { + if (ut_params->obuf) + plaintext = rte_pktmbuf_read(ut_params->obuf, 0, + plaintext_len, buffer); + else + plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, + plaintext_len, buffer); - debug_hexdump(stdout, "ciphertext:", ciphertext, ciphertext_len); + debug_hexdump(stdout, "plaintext:", plaintext, + (tdata->plaintext.len >> 3) - tdata->digest.len); + debug_hexdump(stdout, "plaintext expected:", + tdata->plaintext.data, + (tdata->plaintext.len >> 3) - tdata->digest.len); + } else { + if (ut_params->obuf) + ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, + ciphertext_len, buffer); + else + ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, + ciphertext_len, buffer); - /* Create SNOW 3G operation */ - retval = create_wireless_algo_cipher_operation_oop(tdata->cipher_iv.data, - tdata->cipher_iv.len, - tdata->validCipherLenInBits.len, - 0); - if (retval < 0) - return retval; + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + debug_hexdump(stdout, "ciphertext expected:", + tdata->ciphertext.data, tdata->ciphertext.len >> 3); - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); - TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_dst; - if (ut_params->obuf) - plaintext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); - else - plaintext = ciphertext; + if (ut_params->obuf) + digest = rte_pktmbuf_read(ut_params->obuf, + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes), + tdata->digest.len, digest_buffer); + else + digest = rte_pktmbuf_read(ut_params->ibuf, + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes), + tdata->digest.len, digest_buffer); - debug_hexdump(stdout, "plaintext:", plaintext, ciphertext_len); + debug_hexdump(stdout, "digest:", digest, + tdata->digest.len); + debug_hexdump(stdout, "digest expected:", + tdata->digest.data, tdata->digest.len); + } /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT(plaintext, - tdata->plaintext.data, - tdata->validDataLenInBits.len, - "SNOW 3G Plaintext data not as expected"); + if (verify) { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + plaintext, + tdata->plaintext.data, + tdata->plaintext.len >> 3, + "KASUMI Plaintext data not as expected"); + } else { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + tdata->ciphertext.data, + tdata->validDataLenInBits.len, + "KASUMI Ciphertext data not as expected"); + + TEST_ASSERT_BUFFERS_ARE_EQUAL( + digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_KASUMI_F9, + "KASUMI Generated auth tag not as expected"); + } return 0; } static int -test_zuc_cipher_auth(const struct wireless_test_data *tdata) +test_kasumi_cipher_auth(const struct kasumi_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; @@ -4238,50 +5814,48 @@ test_zuc_cipher_auth(const struct wireless_test_data *tdata) int retval; uint8_t *plaintext, *ciphertext; - unsigned int plaintext_pad_len; - unsigned int plaintext_len; - + unsigned plaintext_pad_len; + unsigned plaintext_len; struct rte_cryptodev_info dev_info; - struct rte_cryptodev_sym_capability_idx cap_idx; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); uint64_t feat_flags = dev_info.feature_flags; - if (!(feat_flags & RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA) && - ((tdata->validAuthLenInBits.len % 8 != 0) || - (tdata->validDataLenInBits.len % 8 != 0))) { - printf("Device doesn't support NON-Byte Aligned Data.\n"); - return -ENOTSUP; - } - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } - /* Check if device supports ZUC EEA3 */ - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_ZUC_EEA3; + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + /* Verify the capabilities */ + struct rte_cryptodev_sym_capability_idx cap_idx; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; - - /* Check if device supports ZUC EIA3 */ - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_ZUC_EIA3; - + return TEST_SKIPPED; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; - /* Create ZUC session */ - retval = create_zuc_cipher_auth_encrypt_generate_session( + /* Create KASUMI session */ + retval = create_wireless_algo_cipher_auth_session( ts_params->valid_devs[0], - tdata); - if (retval < 0) + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_AUTH_OP_GENERATE, + RTE_CRYPTO_AUTH_KASUMI_F9, + RTE_CRYPTO_CIPHER_KASUMI_F8, + tdata->key.data, tdata->key.len, + 0, tdata->digest.len, + tdata->cipher_iv.len); + if (retval != 0) return retval; + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); /* clear mbuf payload */ @@ -4298,8 +5872,16 @@ test_zuc_cipher_auth(const struct wireless_test_data *tdata) debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); - /* Create ZUC operation */ - retval = create_zuc_cipher_hash_generate_operation(tdata); + /* Create KASUMI operation */ + retval = create_wireless_algo_cipher_hash_operation(tdata->digest.data, + tdata->digest.len, NULL, 0, + plaintext_pad_len, RTE_CRYPTO_AUTH_OP_GENERATE, + tdata->cipher_iv.data, tdata->cipher_iv.len, + RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), + tdata->validCipherOffsetInBits.len, + tdata->validAuthLenInBits.len, + 0 + ); if (retval < 0) return retval; @@ -4310,40 +5892,98 @@ test_zuc_cipher_auth(const struct wireless_test_data *tdata) ut_params->op = process_crypto_request(ts_params->valid_devs[0], ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_src; - if (ut_params->obuf) - ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); + + if (ut_params->op->sym->m_dst) + ut_params->obuf = ut_params->op->sym->m_dst; else - ciphertext = plaintext; + ut_params->obuf = ut_params->op->sym->m_src; - debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLenInBits.len, - "ZUC Ciphertext data not as expected"); + ciphertext = rte_pktmbuf_mtod_offset(ut_params->obuf, uint8_t *, + tdata->validCipherOffsetInBits.len >> 3); ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) - + plaintext_pad_len; + + plaintext_pad_len; + + const uint8_t *reference_ciphertext = tdata->ciphertext.data + + (tdata->validCipherOffsetInBits.len >> 3); + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + reference_ciphertext, + tdata->validCipherLenInBits.len, + "KASUMI Ciphertext data not as expected"); /* Validate obuf */ TEST_ASSERT_BUFFERS_ARE_EQUAL( - ut_params->digest, - tdata->digest.data, - 4, - "ZUC Generated auth tag not as expected"); + ut_params->digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_SNOW3G_UIA2, + "KASUMI Generated auth tag not as expected"); return 0; } static int -test_snow3g_cipher_auth(const struct snow3g_test_data *tdata) +check_cipher_capability(const struct crypto_testsuite_params *ts_params, + const enum rte_crypto_cipher_algorithm cipher_algo, + const uint16_t key_size, const uint16_t iv_size) +{ + struct rte_cryptodev_sym_capability_idx cap_idx; + const struct rte_cryptodev_symmetric_capability *cap; + + /* Check if device supports the algorithm */ + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cap_idx.algo.cipher = cipher_algo; + + cap = rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx); + + if (cap == NULL) + return -1; + + /* Check if device supports key size and IV size */ + if (rte_cryptodev_sym_capability_check_cipher(cap, key_size, + iv_size) < 0) { + return -1; + } + + return 0; +} + +static int +check_auth_capability(const struct crypto_testsuite_params *ts_params, + const enum rte_crypto_auth_algorithm auth_algo, + const uint16_t key_size, const uint16_t iv_size, + const uint16_t tag_size) +{ + struct rte_cryptodev_sym_capability_idx cap_idx; + const struct rte_cryptodev_symmetric_capability *cap; + + /* Check if device supports the algorithm */ + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = auth_algo; + + cap = rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], + &cap_idx); + + if (cap == NULL) + return -1; + + /* Check if device supports key size and IV size */ + if (rte_cryptodev_sym_capability_check_auth(cap, key_size, + tag_size, iv_size) < 0) { + return -1; + } + + return 0; +} + +static int +test_zuc_encryption(const struct wireless_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - uint8_t *plaintext, *ciphertext; unsigned plaintext_pad_len; unsigned plaintext_len; @@ -4355,491 +5995,266 @@ test_snow3g_cipher_auth(const struct snow3g_test_data *tdata) if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } - /* Verify the capabilities */ - struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; - /* Create SNOW 3G session */ - retval = create_wireless_algo_cipher_auth_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, - RTE_CRYPTO_AUTH_SNOW3G_UIA2, - RTE_CRYPTO_CIPHER_SNOW3G_UEA2, - tdata->key.data, tdata->key.len, - tdata->auth_iv.len, tdata->digest.len, - tdata->cipher_iv.len); - if (retval < 0) + /* Check if device supports ZUC EEA3 */ + if (check_cipher_capability(ts_params, RTE_CRYPTO_CIPHER_ZUC_EEA3, + tdata->key.len, tdata->cipher_iv.len) < 0) + return TEST_SKIPPED; + + /* Create ZUC session */ + retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_CIPHER_ZUC_EEA3, + tdata->key.data, tdata->key.len, + tdata->cipher_iv.len); + if (retval != 0) return retval; + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - /* clear mbuf payload */ + /* Clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + rte_pktmbuf_tailroom(ut_params->ibuf)); plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple of */ - /* the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + /* Append data which is padded to a multiple */ + /* of the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, plaintext_pad_len); memcpy(plaintext, tdata->plaintext.data, plaintext_len); debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); - /* Create SNOW 3G operation */ - retval = create_wireless_algo_cipher_hash_operation(tdata->digest.data, - tdata->digest.len, tdata->auth_iv.data, - tdata->auth_iv.len, - plaintext_pad_len, RTE_CRYPTO_AUTH_OP_GENERATE, - tdata->cipher_iv.data, tdata->cipher_iv.len, - tdata->validCipherLenInBits.len, - 0, - tdata->validAuthLenInBits.len, - 0 - ); + /* Create ZUC operation */ + retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, + tdata->cipher_iv.len, + tdata->plaintext.len, + 0); if (retval < 0) return retval; if (global_api_test_type == CRYPTODEV_RAW_API_TEST) process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 1, 1, tdata->cipher_iv.len); + ut_params->op, 1, 0, 1, tdata->cipher_iv.len); else ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = ut_params->op->sym->m_src; + + ut_params->obuf = ut_params->op->sym->m_dst; if (ut_params->obuf) ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); else ciphertext = plaintext; debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLenInBits.len, - "SNOW 3G Ciphertext data not as expected"); - - ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) - + plaintext_pad_len; /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL( - ut_params->digest, - tdata->digest.data, - DIGEST_BYTE_LENGTH_SNOW3G_UIA2, - "SNOW 3G Generated auth tag not as expected"); + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + tdata->ciphertext.data, + tdata->validCipherLenInBits.len, + "ZUC Ciphertext data not as expected"); return 0; } static int -test_snow3g_auth_cipher(const struct snow3g_test_data *tdata, - uint8_t op_mode, uint8_t verify) +test_zuc_encryption_sgl(const struct wireless_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; int retval; - uint8_t *plaintext = NULL, *ciphertext = NULL; unsigned int plaintext_pad_len; unsigned int plaintext_len; - unsigned int ciphertext_pad_len; - unsigned int ciphertext_len; - + const uint8_t *ciphertext; + uint8_t ciphertext_buffer[2048]; struct rte_cryptodev_info dev_info; - /* Verify the capabilities */ - struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; + /* Check if device supports ZUC EEA3 */ + if (check_cipher_capability(ts_params, RTE_CRYPTO_CIPHER_ZUC_EEA3, + tdata->key.len, tdata->cipher_iv.len) < 0) + return TEST_SKIPPED; + + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); uint64_t feat_flags = dev_info.feature_flags; - if (op_mode == OUT_OF_PLACE) { - if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { - printf("Device doesn't support digest encrypted.\n"); - return -ENOTSUP; - } - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { + printf("Device doesn't support in-place scatter-gather. " + "Test Skipped.\n"); + return TEST_SKIPPED; } if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } - /* Create SNOW 3G session */ - retval = create_wireless_algo_auth_cipher_session( - ts_params->valid_devs[0], - (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT - : RTE_CRYPTO_CIPHER_OP_ENCRYPT), - (verify ? RTE_CRYPTO_AUTH_OP_VERIFY - : RTE_CRYPTO_AUTH_OP_GENERATE), - RTE_CRYPTO_AUTH_SNOW3G_UIA2, - RTE_CRYPTO_CIPHER_SNOW3G_UEA2, - tdata->key.data, tdata->key.len, - tdata->auth_iv.len, tdata->digest.len, - tdata->cipher_iv.len); + plaintext_len = ceil_byte_length(tdata->plaintext.len); - if (retval < 0) - return retval; + /* Append data which is padded to a multiple */ + /* of the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - if (op_mode == OUT_OF_PLACE) - ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, + plaintext_pad_len, 10, 0); - /* clear mbuf payload */ - memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); - if (op_mode == OUT_OF_PLACE) - memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->obuf)); + pktmbuf_write(ut_params->ibuf, 0, plaintext_len, + tdata->plaintext.data); - ciphertext_len = ceil_byte_length(tdata->ciphertext.len); - plaintext_len = ceil_byte_length(tdata->plaintext.len); - ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + /* Create ZUC session */ + retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_CIPHER_ZUC_EEA3, + tdata->key.data, tdata->key.len, + tdata->cipher_iv.len); + if (retval < 0) + return retval; - if (verify) { - ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - ciphertext_pad_len); - memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); - if (op_mode == OUT_OF_PLACE) - rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); - debug_hexdump(stdout, "ciphertext:", ciphertext, - ciphertext_len); - } else { - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); - if (op_mode == OUT_OF_PLACE) - rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); - debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); - } + /* Clear mbuf payload */ - /* Create SNOW 3G operation */ - retval = create_wireless_algo_auth_cipher_operation( - tdata->digest.data, tdata->digest.len, - tdata->cipher_iv.data, tdata->cipher_iv.len, - tdata->auth_iv.data, tdata->auth_iv.len, - (tdata->digest.offset_bytes == 0 ? - (verify ? ciphertext_pad_len : plaintext_pad_len) - : tdata->digest.offset_bytes), - tdata->validCipherLenInBits.len, - tdata->cipher.offset_bits, - tdata->validAuthLenInBits.len, - tdata->auth.offset_bits, - op_mode, 0, verify); + pktmbuf_write(ut_params->ibuf, 0, plaintext_len, tdata->plaintext.data); + /* Create ZUC operation */ + retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, + tdata->cipher_iv.len, tdata->plaintext.len, + 0); if (retval < 0) return retval; if (global_api_test_type == CRYPTODEV_RAW_API_TEST) process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 1, 1, tdata->cipher_iv.len); + ut_params->op, 1, 0, 1, tdata->cipher_iv.len); else ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); - + ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->obuf = (op_mode == IN_PLACE ? - ut_params->op->sym->m_src : ut_params->op->sym->m_dst); - - if (verify) { - if (ut_params->obuf) - plaintext = rte_pktmbuf_mtod(ut_params->obuf, - uint8_t *); - else - plaintext = ciphertext + - (tdata->cipher.offset_bits >> 3); - - debug_hexdump(stdout, "plaintext:", plaintext, - (tdata->plaintext.len >> 3) - tdata->digest.len); - debug_hexdump(stdout, "plaintext expected:", - tdata->plaintext.data, - (tdata->plaintext.len >> 3) - tdata->digest.len); - } else { - if (ut_params->obuf) - ciphertext = rte_pktmbuf_mtod(ut_params->obuf, - uint8_t *); - else - ciphertext = plaintext; - - debug_hexdump(stdout, "ciphertext:", ciphertext, - ciphertext_len); - debug_hexdump(stdout, "ciphertext expected:", - tdata->ciphertext.data, tdata->ciphertext.len >> 3); - - ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) - + (tdata->digest.offset_bytes == 0 ? - plaintext_pad_len : tdata->digest.offset_bytes); + ut_params->obuf = ut_params->op->sym->m_dst; + if (ut_params->obuf) + ciphertext = rte_pktmbuf_read(ut_params->obuf, + 0, plaintext_len, ciphertext_buffer); + else + ciphertext = rte_pktmbuf_read(ut_params->ibuf, + 0, plaintext_len, ciphertext_buffer); - debug_hexdump(stdout, "digest:", ut_params->digest, - tdata->digest.len); - debug_hexdump(stdout, "digest expected:", tdata->digest.data, - tdata->digest.len); - } + /* Validate obuf */ + debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); /* Validate obuf */ - if (verify) { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - plaintext, - tdata->plaintext.data, - tdata->plaintext.len >> 3, - "SNOW 3G Plaintext data not as expected"); - } else { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLenInBits.len, - "SNOW 3G Ciphertext data not as expected"); + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + tdata->ciphertext.data, + tdata->validCipherLenInBits.len, + "ZUC Ciphertext data not as expected"); - TEST_ASSERT_BUFFERS_ARE_EQUAL( - ut_params->digest, - tdata->digest.data, - DIGEST_BYTE_LENGTH_SNOW3G_UIA2, - "SNOW 3G Generated auth tag not as expected"); - } return 0; } static int -test_snow3g_auth_cipher_sgl(const struct snow3g_test_data *tdata, - uint8_t op_mode, uint8_t verify) +test_zuc_authentication(const struct wireless_test_data *tdata) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - int retval; - - const uint8_t *plaintext = NULL; - const uint8_t *ciphertext = NULL; - const uint8_t *digest = NULL; - unsigned int plaintext_pad_len; - unsigned int plaintext_len; - unsigned int ciphertext_pad_len; - unsigned int ciphertext_len; - uint8_t buffer[10000]; - uint8_t digest_buffer[10000]; - - struct rte_cryptodev_info dev_info; - - /* Verify the capabilities */ - struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_SNOW3G_UIA2; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_SNOW3G_UEA2; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; - - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - - uint64_t feat_flags = dev_info.feature_flags; - - if (op_mode == IN_PLACE) { - if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { - printf("Device doesn't support in-place scatter-gather " - "in both input and output mbufs.\n"); - return -ENOTSUP; - } - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; - } - } else { - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; - if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { - printf("Device doesn't support out-of-place scatter-gather " - "in both input and output mbufs.\n"); - return -ENOTSUP; - } - if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { - printf("Device doesn't support digest encrypted.\n"); - return -ENOTSUP; - } - } - - /* Create SNOW 3G session */ - retval = create_wireless_algo_auth_cipher_session( - ts_params->valid_devs[0], - (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT - : RTE_CRYPTO_CIPHER_OP_ENCRYPT), - (verify ? RTE_CRYPTO_AUTH_OP_VERIFY - : RTE_CRYPTO_AUTH_OP_GENERATE), - RTE_CRYPTO_AUTH_SNOW3G_UIA2, - RTE_CRYPTO_CIPHER_SNOW3G_UEA2, - tdata->key.data, tdata->key.len, - tdata->auth_iv.len, tdata->digest.len, - tdata->cipher_iv.len); - - if (retval < 0) - return retval; + int retval; + unsigned plaintext_pad_len; + unsigned plaintext_len; + uint8_t *plaintext; - ciphertext_len = ceil_byte_length(tdata->ciphertext.len); - plaintext_len = ceil_byte_length(tdata->plaintext.len); - ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + struct rte_cryptodev_info dev_info; - ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, - plaintext_pad_len, 15, 0); - TEST_ASSERT_NOT_NULL(ut_params->ibuf, - "Failed to allocate input buffer in mempool"); + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; - if (op_mode == OUT_OF_PLACE) { - ut_params->obuf = create_segmented_mbuf(ts_params->mbuf_pool, - plaintext_pad_len, 15, 0); - TEST_ASSERT_NOT_NULL(ut_params->obuf, - "Failed to allocate output buffer in mempool"); + if (!(feat_flags & RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA) && + (tdata->validAuthLenInBits.len % 8 != 0)) { + printf("Device doesn't support NON-Byte Aligned Data.\n"); + return TEST_SKIPPED; } - if (verify) { - pktmbuf_write(ut_params->ibuf, 0, ciphertext_len, - tdata->ciphertext.data); - ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, - ciphertext_len, buffer); - debug_hexdump(stdout, "ciphertext:", ciphertext, - ciphertext_len); - } else { - pktmbuf_write(ut_params->ibuf, 0, plaintext_len, - tdata->plaintext.data); - plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, - plaintext_len, buffer); - debug_hexdump(stdout, "plaintext:", plaintext, - plaintext_len); + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; } - memset(buffer, 0, sizeof(buffer)); - /* Create SNOW 3G operation */ - retval = create_wireless_algo_auth_cipher_operation( - tdata->digest.data, tdata->digest.len, - tdata->cipher_iv.data, tdata->cipher_iv.len, - tdata->auth_iv.data, tdata->auth_iv.len, - (tdata->digest.offset_bytes == 0 ? - (verify ? ciphertext_pad_len : plaintext_pad_len) - : tdata->digest.offset_bytes), - tdata->validCipherLenInBits.len, - tdata->cipher.offset_bits, - tdata->validAuthLenInBits.len, - tdata->auth.offset_bits, - op_mode, 1, verify); + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + return TEST_SKIPPED; + + /* Check if device supports ZUC EIA3 */ + if (check_auth_capability(ts_params, RTE_CRYPTO_AUTH_ZUC_EIA3, + tdata->key.len, tdata->auth_iv.len, + tdata->digest.len) < 0) + return TEST_SKIPPED; + + /* Create ZUC session */ + retval = create_wireless_algo_hash_session(ts_params->valid_devs[0], + tdata->key.data, tdata->key.len, + tdata->auth_iv.len, tdata->digest.len, + RTE_CRYPTO_AUTH_OP_GENERATE, + RTE_CRYPTO_AUTH_ZUC_EIA3); + if (retval != 0) + return retval; + + /* alloc mbuf and set payload */ + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); + + plaintext_len = ceil_byte_length(tdata->plaintext.len); + /* Append data which is padded to a multiple of */ + /* the algorithms block size */ + plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + memcpy(plaintext, tdata->plaintext.data, plaintext_len); + /* Create ZUC operation */ + retval = create_wireless_algo_hash_operation(NULL, tdata->digest.len, + tdata->auth_iv.data, tdata->auth_iv.len, + plaintext_pad_len, RTE_CRYPTO_AUTH_OP_GENERATE, + tdata->validAuthLenInBits.len, + 0); if (retval < 0) return retval; if (global_api_test_type == CRYPTODEV_RAW_API_TEST) process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 1, 1, tdata->cipher_iv.len); + ut_params->op, 0, 1, 1, 0); else ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); - + ut_params->op); TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - - ut_params->obuf = (op_mode == IN_PLACE ? - ut_params->op->sym->m_src : ut_params->op->sym->m_dst); - - if (verify) { - if (ut_params->obuf) - plaintext = rte_pktmbuf_read(ut_params->obuf, 0, - plaintext_len, buffer); - else - plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, - plaintext_len, buffer); - - debug_hexdump(stdout, "plaintext:", plaintext, - (tdata->plaintext.len >> 3) - tdata->digest.len); - debug_hexdump(stdout, "plaintext expected:", - tdata->plaintext.data, - (tdata->plaintext.len >> 3) - tdata->digest.len); - } else { - if (ut_params->obuf) - ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, - ciphertext_len, buffer); - else - ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, - ciphertext_len, buffer); - - debug_hexdump(stdout, "ciphertext:", ciphertext, - ciphertext_len); - debug_hexdump(stdout, "ciphertext expected:", - tdata->ciphertext.data, tdata->ciphertext.len >> 3); - - if (ut_params->obuf) - digest = rte_pktmbuf_read(ut_params->obuf, - (tdata->digest.offset_bytes == 0 ? - plaintext_pad_len : tdata->digest.offset_bytes), - tdata->digest.len, digest_buffer); - else - digest = rte_pktmbuf_read(ut_params->ibuf, - (tdata->digest.offset_bytes == 0 ? - plaintext_pad_len : tdata->digest.offset_bytes), - tdata->digest.len, digest_buffer); - - debug_hexdump(stdout, "digest:", digest, - tdata->digest.len); - debug_hexdump(stdout, "digest expected:", - tdata->digest.data, tdata->digest.len); - } + ut_params->obuf = ut_params->op->sym->m_src; + ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) + + plaintext_pad_len; /* Validate obuf */ - if (verify) { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - plaintext, - tdata->plaintext.data, - tdata->plaintext.len >> 3, - "SNOW 3G Plaintext data not as expected"); - } else { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLenInBits.len, - "SNOW 3G Ciphertext data not as expected"); + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ut_params->digest, + tdata->digest.data, + tdata->digest.len, + "ZUC Generated auth tag not as expected"); - TEST_ASSERT_BUFFERS_ARE_EQUAL( - digest, - tdata->digest.data, - DIGEST_BYTE_LENGTH_SNOW3G_UIA2, - "SNOW 3G Generated auth tag not as expected"); - } return 0; } static int -test_kasumi_auth_cipher(const struct kasumi_test_data *tdata, +test_zuc_auth_cipher(const struct wireless_test_data *tdata, uint8_t op_mode, uint8_t verify) { struct crypto_testsuite_params *ts_params = &testsuite_params; @@ -4855,52 +6270,61 @@ test_kasumi_auth_cipher(const struct kasumi_test_data *tdata, struct rte_cryptodev_info dev_info; - /* Verify the capabilities */ - struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; + /* Check if device supports ZUC EEA3 */ + if (check_cipher_capability(ts_params, RTE_CRYPTO_CIPHER_ZUC_EEA3, + tdata->key.len, tdata->cipher_iv.len) < 0) + return TEST_SKIPPED; + + /* Check if device supports ZUC EIA3 */ + if (check_auth_capability(ts_params, RTE_CRYPTO_AUTH_ZUC_EIA3, + tdata->key.len, tdata->auth_iv.len, + tdata->digest.len) < 0) + return TEST_SKIPPED; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); uint64_t feat_flags = dev_info.feature_flags; - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { + printf("Device doesn't support digest encrypted.\n"); + return TEST_SKIPPED; } + if (op_mode == IN_PLACE) { + if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { + printf("Device doesn't support in-place scatter-gather " + "in both input and output mbufs.\n"); + return TEST_SKIPPED; + } - if (op_mode == OUT_OF_PLACE) { + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } + } else { if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; - if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { - printf("Device doesn't support digest encrypted.\n"); - return -ENOTSUP; + return TEST_SKIPPED; + if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { + printf("Device doesn't support out-of-place scatter-gather " + "in both input and output mbufs.\n"); + return TEST_SKIPPED; } } - /* Create KASUMI session */ + /* Create ZUC session */ retval = create_wireless_algo_auth_cipher_session( ts_params->valid_devs[0], (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT : RTE_CRYPTO_CIPHER_OP_ENCRYPT), (verify ? RTE_CRYPTO_AUTH_OP_VERIFY : RTE_CRYPTO_AUTH_OP_GENERATE), - RTE_CRYPTO_AUTH_KASUMI_F9, - RTE_CRYPTO_CIPHER_KASUMI_F8, + RTE_CRYPTO_AUTH_ZUC_EIA3, + RTE_CRYPTO_CIPHER_ZUC_EEA3, tdata->key.data, tdata->key.len, - 0, tdata->digest.len, + tdata->auth_iv.len, tdata->digest.len, tdata->cipher_iv.len); - if (retval < 0) + if (retval != 0) return retval; ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); @@ -4923,25 +6347,25 @@ test_kasumi_auth_cipher(const struct kasumi_test_data *tdata, ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, ciphertext_pad_len); memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); - if (op_mode == OUT_OF_PLACE) - rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); debug_hexdump(stdout, "ciphertext:", ciphertext, ciphertext_len); } else { + /* make sure enough space to cover partial digest verify case */ plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); + ciphertext_pad_len); memcpy(plaintext, tdata->plaintext.data, plaintext_len); - if (op_mode == OUT_OF_PLACE) - rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); } - /* Create KASUMI operation */ + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); + + /* Create ZUC operation */ retval = create_wireless_algo_auth_cipher_operation( tdata->digest.data, tdata->digest.len, tdata->cipher_iv.data, tdata->cipher_iv.len, - NULL, 0, + tdata->auth_iv.data, tdata->auth_iv.len, (tdata->digest.offset_bytes == 0 ? (verify ? ciphertext_pad_len : plaintext_pad_len) : tdata->digest.offset_bytes), @@ -5008,25 +6432,25 @@ test_kasumi_auth_cipher(const struct kasumi_test_data *tdata, plaintext, tdata->plaintext.data, tdata->plaintext.len >> 3, - "KASUMI Plaintext data not as expected"); + "ZUC Plaintext data not as expected"); } else { TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( ciphertext, tdata->ciphertext.data, tdata->ciphertext.len >> 3, - "KASUMI Ciphertext data not as expected"); + "ZUC Ciphertext data not as expected"); TEST_ASSERT_BUFFERS_ARE_EQUAL( ut_params->digest, tdata->digest.data, DIGEST_BYTE_LENGTH_KASUMI_F9, - "KASUMI Generated auth tag not as expected"); + "ZUC Generated auth tag not as expected"); } return 0; } static int -test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata, +test_zuc_auth_cipher_sgl(const struct wireless_test_data *tdata, uint8_t op_mode, uint8_t verify) { struct crypto_testsuite_params *ts_params = &testsuite_params; @@ -5041,23 +6465,21 @@ test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata, unsigned int plaintext_len; unsigned int ciphertext_pad_len; unsigned int ciphertext_len; - uint8_t buffer[10000]; - uint8_t digest_buffer[10000]; - - struct rte_cryptodev_info dev_info; - - /* Verify the capabilities */ - struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; + uint8_t buffer[10000]; + uint8_t digest_buffer[10000]; + + struct rte_cryptodev_info dev_info; + + /* Check if device supports ZUC EEA3 */ + if (check_cipher_capability(ts_params, RTE_CRYPTO_CIPHER_ZUC_EEA3, + tdata->key.len, tdata->cipher_iv.len) < 0) + return TEST_SKIPPED; + + /* Check if device supports ZUC EIA3 */ + if (check_auth_capability(ts_params, RTE_CRYPTO_AUTH_ZUC_EIA3, + tdata->key.len, tdata->auth_iv.len, + tdata->digest.len) < 0) + return TEST_SKIPPED; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); @@ -5067,41 +6489,42 @@ test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata, if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { printf("Device doesn't support in-place scatter-gather " "in both input and output mbufs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } } else { if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + return TEST_SKIPPED; if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { printf("Device doesn't support out-of-place scatter-gather " "in both input and output mbufs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { printf("Device doesn't support digest encrypted.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } } - /* Create KASUMI session */ + /* Create ZUC session */ retval = create_wireless_algo_auth_cipher_session( ts_params->valid_devs[0], (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT : RTE_CRYPTO_CIPHER_OP_ENCRYPT), (verify ? RTE_CRYPTO_AUTH_OP_VERIFY : RTE_CRYPTO_AUTH_OP_GENERATE), - RTE_CRYPTO_AUTH_KASUMI_F9, - RTE_CRYPTO_CIPHER_KASUMI_F8, + RTE_CRYPTO_AUTH_ZUC_EIA3, + RTE_CRYPTO_CIPHER_ZUC_EEA3, tdata->key.data, tdata->key.len, - 0, tdata->digest.len, + tdata->auth_iv.len, tdata->digest.len, tdata->cipher_iv.len); - if (retval < 0) + if (retval != 0) return retval; ciphertext_len = ceil_byte_length(tdata->ciphertext.len); @@ -5138,7 +6561,7 @@ test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata, } memset(buffer, 0, sizeof(buffer)); - /* Create KASUMI operation */ + /* Create ZUC operation */ retval = create_wireless_algo_auth_cipher_operation( tdata->digest.data, tdata->digest.len, tdata->cipher_iv.data, tdata->cipher_iv.len, @@ -5152,483 +6575,769 @@ test_kasumi_auth_cipher_sgl(const struct kasumi_test_data *tdata, 0, op_mode, 1, verify); - if (retval < 0) - return retval; + if (retval < 0) + return retval; + + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 1, 1, tdata->cipher_iv.len); + else + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + + TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); + + ut_params->obuf = (op_mode == IN_PLACE ? + ut_params->op->sym->m_src : ut_params->op->sym->m_dst); + + if (verify) { + if (ut_params->obuf) + plaintext = rte_pktmbuf_read(ut_params->obuf, 0, + plaintext_len, buffer); + else + plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, + plaintext_len, buffer); + + debug_hexdump(stdout, "plaintext:", plaintext, + (tdata->plaintext.len >> 3) - tdata->digest.len); + debug_hexdump(stdout, "plaintext expected:", + tdata->plaintext.data, + (tdata->plaintext.len >> 3) - tdata->digest.len); + } else { + if (ut_params->obuf) + ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, + ciphertext_len, buffer); + else + ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, + ciphertext_len, buffer); + + debug_hexdump(stdout, "ciphertext:", ciphertext, + ciphertext_len); + debug_hexdump(stdout, "ciphertext expected:", + tdata->ciphertext.data, tdata->ciphertext.len >> 3); + + if (ut_params->obuf) + digest = rte_pktmbuf_read(ut_params->obuf, + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes), + tdata->digest.len, digest_buffer); + else + digest = rte_pktmbuf_read(ut_params->ibuf, + (tdata->digest.offset_bytes == 0 ? + plaintext_pad_len : tdata->digest.offset_bytes), + tdata->digest.len, digest_buffer); + + debug_hexdump(stdout, "digest:", digest, + tdata->digest.len); + debug_hexdump(stdout, "digest expected:", + tdata->digest.data, tdata->digest.len); + } + + /* Validate obuf */ + if (verify) { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + plaintext, + tdata->plaintext.data, + tdata->plaintext.len >> 3, + "ZUC Plaintext data not as expected"); + } else { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + tdata->ciphertext.data, + tdata->validDataLenInBits.len, + "ZUC Ciphertext data not as expected"); + + TEST_ASSERT_BUFFERS_ARE_EQUAL( + digest, + tdata->digest.data, + DIGEST_BYTE_LENGTH_KASUMI_F9, + "ZUC Generated auth tag not as expected"); + } + return 0; +} + +static int +test_kasumi_encryption_test_case_1(void) +{ + return test_kasumi_encryption(&kasumi_test_case_1); +} + +static int +test_kasumi_encryption_test_case_1_sgl(void) +{ + return test_kasumi_encryption_sgl(&kasumi_test_case_1); +} + +static int +test_kasumi_encryption_test_case_1_oop(void) +{ + return test_kasumi_encryption_oop(&kasumi_test_case_1); +} + +static int +test_kasumi_encryption_test_case_1_oop_sgl(void) +{ + return test_kasumi_encryption_oop_sgl(&kasumi_test_case_1); +} + +static int +test_kasumi_encryption_test_case_2(void) +{ + return test_kasumi_encryption(&kasumi_test_case_2); +} + +static int +test_kasumi_encryption_test_case_3(void) +{ + return test_kasumi_encryption(&kasumi_test_case_3); +} + +static int +test_kasumi_encryption_test_case_4(void) +{ + return test_kasumi_encryption(&kasumi_test_case_4); +} + +static int +test_kasumi_encryption_test_case_5(void) +{ + return test_kasumi_encryption(&kasumi_test_case_5); +} + +static int +test_kasumi_decryption_test_case_1(void) +{ + return test_kasumi_decryption(&kasumi_test_case_1); +} + +static int +test_kasumi_decryption_test_case_1_oop(void) +{ + return test_kasumi_decryption_oop(&kasumi_test_case_1); +} + +static int +test_kasumi_decryption_test_case_2(void) +{ + return test_kasumi_decryption(&kasumi_test_case_2); +} + +static int +test_kasumi_decryption_test_case_3(void) +{ + /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */ + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + return test_kasumi_decryption(&kasumi_test_case_3); +} + +static int +test_kasumi_decryption_test_case_4(void) +{ + return test_kasumi_decryption(&kasumi_test_case_4); +} + +static int +test_kasumi_decryption_test_case_5(void) +{ + return test_kasumi_decryption(&kasumi_test_case_5); +} +static int +test_snow3g_encryption_test_case_1(void) +{ + return test_snow3g_encryption(&snow3g_test_case_1); +} + +static int +test_snow3g_encryption_test_case_1_oop(void) +{ + return test_snow3g_encryption_oop(&snow3g_test_case_1); +} + +static int +test_snow3g_encryption_test_case_1_oop_sgl(void) +{ + return test_snow3g_encryption_oop_sgl(&snow3g_test_case_1); +} + + +static int +test_snow3g_encryption_test_case_1_offset_oop(void) +{ + return test_snow3g_encryption_offset_oop(&snow3g_test_case_1); +} + +static int +test_snow3g_encryption_test_case_2(void) +{ + return test_snow3g_encryption(&snow3g_test_case_2); +} + +static int +test_snow3g_encryption_test_case_3(void) +{ + return test_snow3g_encryption(&snow3g_test_case_3); +} + +static int +test_snow3g_encryption_test_case_4(void) +{ + return test_snow3g_encryption(&snow3g_test_case_4); +} + +static int +test_snow3g_encryption_test_case_5(void) +{ + return test_snow3g_encryption(&snow3g_test_case_5); +} + +static int +test_snow3g_decryption_test_case_1(void) +{ + return test_snow3g_decryption(&snow3g_test_case_1); +} + +static int +test_snow3g_decryption_test_case_1_oop(void) +{ + return test_snow3g_decryption_oop(&snow3g_test_case_1); +} + +static int +test_snow3g_decryption_test_case_2(void) +{ + return test_snow3g_decryption(&snow3g_test_case_2); +} + +static int +test_snow3g_decryption_test_case_3(void) +{ + return test_snow3g_decryption(&snow3g_test_case_3); +} - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 1, 1, tdata->cipher_iv.len); - else - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); +static int +test_snow3g_decryption_test_case_4(void) +{ + return test_snow3g_decryption(&snow3g_test_case_4); +} - TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); +static int +test_snow3g_decryption_test_case_5(void) +{ + return test_snow3g_decryption(&snow3g_test_case_5); +} - ut_params->obuf = (op_mode == IN_PLACE ? - ut_params->op->sym->m_src : ut_params->op->sym->m_dst); +/* + * Function prepares snow3g_hash_test_data from snow3g_test_data. + * Pattern digest from snow3g_test_data must be allocated as + * 4 last bytes in plaintext. + */ +static void +snow3g_hash_test_vector_setup(const struct snow3g_test_data *pattern, + struct snow3g_hash_test_data *output) +{ + if ((pattern != NULL) && (output != NULL)) { + output->key.len = pattern->key.len; - if (verify) { - if (ut_params->obuf) - plaintext = rte_pktmbuf_read(ut_params->obuf, 0, - plaintext_len, buffer); - else - plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, - plaintext_len, buffer); + memcpy(output->key.data, + pattern->key.data, pattern->key.len); - debug_hexdump(stdout, "plaintext:", plaintext, - (tdata->plaintext.len >> 3) - tdata->digest.len); - debug_hexdump(stdout, "plaintext expected:", - tdata->plaintext.data, - (tdata->plaintext.len >> 3) - tdata->digest.len); - } else { - if (ut_params->obuf) - ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, - ciphertext_len, buffer); - else - ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, - ciphertext_len, buffer); + output->auth_iv.len = pattern->auth_iv.len; - debug_hexdump(stdout, "ciphertext:", ciphertext, - ciphertext_len); - debug_hexdump(stdout, "ciphertext expected:", - tdata->ciphertext.data, tdata->ciphertext.len >> 3); + memcpy(output->auth_iv.data, + pattern->auth_iv.data, pattern->auth_iv.len); - if (ut_params->obuf) - digest = rte_pktmbuf_read(ut_params->obuf, - (tdata->digest.offset_bytes == 0 ? - plaintext_pad_len : tdata->digest.offset_bytes), - tdata->digest.len, digest_buffer); - else - digest = rte_pktmbuf_read(ut_params->ibuf, - (tdata->digest.offset_bytes == 0 ? - plaintext_pad_len : tdata->digest.offset_bytes), - tdata->digest.len, digest_buffer); + output->plaintext.len = pattern->plaintext.len; - debug_hexdump(stdout, "digest:", digest, - tdata->digest.len); - debug_hexdump(stdout, "digest expected:", - tdata->digest.data, tdata->digest.len); - } + memcpy(output->plaintext.data, + pattern->plaintext.data, pattern->plaintext.len >> 3); - /* Validate obuf */ - if (verify) { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - plaintext, - tdata->plaintext.data, - tdata->plaintext.len >> 3, - "KASUMI Plaintext data not as expected"); - } else { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLenInBits.len, - "KASUMI Ciphertext data not as expected"); + output->digest.len = pattern->digest.len; - TEST_ASSERT_BUFFERS_ARE_EQUAL( - digest, - tdata->digest.data, - DIGEST_BYTE_LENGTH_KASUMI_F9, - "KASUMI Generated auth tag not as expected"); + memcpy(output->digest.data, + &pattern->plaintext.data[pattern->digest.offset_bytes], + pattern->digest.len); + + output->validAuthLenInBits.len = + pattern->validAuthLenInBits.len; } - return 0; } +/* + * Test case verify computed cipher and digest from snow3g_test_case_7 data. + */ static int -test_kasumi_cipher_auth(const struct kasumi_test_data *tdata) +test_snow3g_decryption_with_digest_test_case_1(void) { - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; - - int retval; - - uint8_t *plaintext, *ciphertext; - unsigned plaintext_pad_len; - unsigned plaintext_len; + struct snow3g_hash_test_data snow3g_hash_data; struct rte_cryptodev_info dev_info; + struct crypto_testsuite_params *ts_params = &testsuite_params; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); uint64_t feat_flags = dev_info.feature_flags; - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { + printf("Device doesn't support encrypted digest operations.\n"); + return TEST_SKIPPED; } - /* Verify the capabilities */ - struct rte_cryptodev_sym_capability_idx cap_idx; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_KASUMI_F9; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_KASUMI_F8; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; - - /* Create KASUMI session */ - retval = create_wireless_algo_cipher_auth_session( - ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, - RTE_CRYPTO_AUTH_KASUMI_F9, - RTE_CRYPTO_CIPHER_KASUMI_F8, - tdata->key.data, tdata->key.len, - 0, tdata->digest.len, - tdata->cipher_iv.len); - if (retval < 0) - return retval; - - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + /* + * Function prepare data for hash verification test case. + * Digest is allocated in 4 last bytes in plaintext, pattern. + */ + snow3g_hash_test_vector_setup(&snow3g_test_case_7, &snow3g_hash_data); - /* clear mbuf payload */ - memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + return test_snow3g_decryption(&snow3g_test_case_7) & + test_snow3g_authentication_verify(&snow3g_hash_data); +} - plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple of */ - /* the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); +static int +test_snow3g_cipher_auth_test_case_1(void) +{ + return test_snow3g_cipher_auth(&snow3g_test_case_3); +} - debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); +static int +test_snow3g_auth_cipher_test_case_1(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_1, IN_PLACE, 0); +} - /* Create KASUMI operation */ - retval = create_wireless_algo_cipher_hash_operation(tdata->digest.data, - tdata->digest.len, NULL, 0, - plaintext_pad_len, RTE_CRYPTO_AUTH_OP_GENERATE, - tdata->cipher_iv.data, tdata->cipher_iv.len, - RTE_ALIGN_CEIL(tdata->validCipherLenInBits.len, 8), - tdata->validCipherOffsetInBits.len, - tdata->validAuthLenInBits.len, - 0 - ); - if (retval < 0) - return retval; +static int +test_snow3g_auth_cipher_test_case_2(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_2, IN_PLACE, 0); +} - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 1, 1, tdata->cipher_iv.len); - else - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); - TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); +static int +test_snow3g_auth_cipher_test_case_2_oop(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_2, OUT_OF_PLACE, 0); +} - if (ut_params->op->sym->m_dst) - ut_params->obuf = ut_params->op->sym->m_dst; - else - ut_params->obuf = ut_params->op->sym->m_src; +static int +test_snow3g_auth_cipher_part_digest_enc(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_partial_digest_encryption, + IN_PLACE, 0); +} - ciphertext = rte_pktmbuf_mtod_offset(ut_params->obuf, uint8_t *, - tdata->validCipherOffsetInBits.len >> 3); +static int +test_snow3g_auth_cipher_part_digest_enc_oop(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_partial_digest_encryption, + OUT_OF_PLACE, 0); +} - ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) - + plaintext_pad_len; +static int +test_snow3g_auth_cipher_test_case_3_sgl(void) +{ + /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */ + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_test_case_3, IN_PLACE, 0); +} - const uint8_t *reference_ciphertext = tdata->ciphertext.data + - (tdata->validCipherOffsetInBits.len >> 3); - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - reference_ciphertext, - tdata->validCipherLenInBits.len, - "KASUMI Ciphertext data not as expected"); +static int +test_snow3g_auth_cipher_test_case_3_oop_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_test_case_3, OUT_OF_PLACE, 0); +} - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL( - ut_params->digest, - tdata->digest.data, - DIGEST_BYTE_LENGTH_SNOW3G_UIA2, - "KASUMI Generated auth tag not as expected"); - return 0; +static int +test_snow3g_auth_cipher_part_digest_enc_sgl(void) +{ + /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */ + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_partial_digest_encryption, + IN_PLACE, 0); } static int -test_zuc_encryption(const struct wireless_test_data *tdata) +test_snow3g_auth_cipher_part_digest_enc_oop_sgl(void) { - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_partial_digest_encryption, + OUT_OF_PLACE, 0); +} - int retval; - uint8_t *plaintext, *ciphertext; - unsigned plaintext_pad_len; - unsigned plaintext_len; - struct rte_cryptodev_info dev_info; +static int +test_snow3g_auth_cipher_verify_test_case_1(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_1, IN_PLACE, 1); +} - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - uint64_t feat_flags = dev_info.feature_flags; +static int +test_snow3g_auth_cipher_verify_test_case_2(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_2, IN_PLACE, 1); +} - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; - } +static int +test_snow3g_auth_cipher_verify_test_case_2_oop(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_test_case_2, OUT_OF_PLACE, 1); +} - struct rte_cryptodev_sym_capability_idx cap_idx; +static int +test_snow3g_auth_cipher_verify_part_digest_enc(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_partial_digest_encryption, + IN_PLACE, 1); +} - /* Check if device supports ZUC EEA3 */ - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_ZUC_EEA3; +static int +test_snow3g_auth_cipher_verify_part_digest_enc_oop(void) +{ + return test_snow3g_auth_cipher( + &snow3g_auth_cipher_partial_digest_encryption, + OUT_OF_PLACE, 1); +} - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; +static int +test_snow3g_auth_cipher_verify_test_case_3_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_test_case_3, IN_PLACE, 1); +} - /* Create ZUC session */ - retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_CIPHER_ZUC_EEA3, - tdata->key.data, tdata->key.len, - tdata->cipher_iv.len); - if (retval < 0) - return retval; +static int +test_snow3g_auth_cipher_verify_test_case_3_oop_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_test_case_3, OUT_OF_PLACE, 1); +} - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); +static int +test_snow3g_auth_cipher_verify_part_digest_enc_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_partial_digest_encryption, + IN_PLACE, 1); +} - /* Clear mbuf payload */ - memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); +static int +test_snow3g_auth_cipher_verify_part_digest_enc_oop_sgl(void) +{ + return test_snow3g_auth_cipher_sgl( + &snow3g_auth_cipher_partial_digest_encryption, + OUT_OF_PLACE, 1); +} - plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple */ - /* of the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); +static int +test_snow3g_auth_cipher_with_digest_test_case_1(void) +{ + return test_snow3g_auth_cipher( + &snow3g_test_case_7, IN_PLACE, 0); +} - debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); +static int +test_kasumi_auth_cipher_test_case_1(void) +{ + return test_kasumi_auth_cipher( + &kasumi_test_case_3, IN_PLACE, 0); +} - /* Create ZUC operation */ - retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, - tdata->cipher_iv.len, - tdata->plaintext.len, - 0); - if (retval < 0) - return retval; +static int +test_kasumi_auth_cipher_test_case_2(void) +{ + return test_kasumi_auth_cipher( + &kasumi_auth_cipher_test_case_2, IN_PLACE, 0); +} - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 0, 1, tdata->cipher_iv.len); - else - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); - TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); +static int +test_kasumi_auth_cipher_test_case_2_oop(void) +{ + return test_kasumi_auth_cipher( + &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 0); +} - ut_params->obuf = ut_params->op->sym->m_dst; - if (ut_params->obuf) - ciphertext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); - else - ciphertext = plaintext; +static int +test_kasumi_auth_cipher_test_case_2_sgl(void) +{ + return test_kasumi_auth_cipher_sgl( + &kasumi_auth_cipher_test_case_2, IN_PLACE, 0); +} - debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); +static int +test_kasumi_auth_cipher_test_case_2_oop_sgl(void) +{ + return test_kasumi_auth_cipher_sgl( + &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 0); +} - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validCipherLenInBits.len, - "ZUC Ciphertext data not as expected"); - return 0; +static int +test_kasumi_auth_cipher_verify_test_case_1(void) +{ + return test_kasumi_auth_cipher( + &kasumi_test_case_3, IN_PLACE, 1); } static int -test_zuc_encryption_sgl(const struct wireless_test_data *tdata) +test_kasumi_auth_cipher_verify_test_case_2(void) { - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; + return test_kasumi_auth_cipher( + &kasumi_auth_cipher_test_case_2, IN_PLACE, 1); +} - int retval; +static int +test_kasumi_auth_cipher_verify_test_case_2_oop(void) +{ + return test_kasumi_auth_cipher( + &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 1); +} - unsigned int plaintext_pad_len; - unsigned int plaintext_len; - const uint8_t *ciphertext; - uint8_t ciphertext_buffer[2048]; - struct rte_cryptodev_info dev_info; +static int +test_kasumi_auth_cipher_verify_test_case_2_sgl(void) +{ + return test_kasumi_auth_cipher_sgl( + &kasumi_auth_cipher_test_case_2, IN_PLACE, 1); +} - struct rte_cryptodev_sym_capability_idx cap_idx; +static int +test_kasumi_auth_cipher_verify_test_case_2_oop_sgl(void) +{ + return test_kasumi_auth_cipher_sgl( + &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 1); +} - /* Check if device supports ZUC EEA3 */ - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_ZUC_EEA3; +static int +test_kasumi_cipher_auth_test_case_1(void) +{ + return test_kasumi_cipher_auth(&kasumi_test_case_6); +} - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; +static int +test_zuc_encryption_test_case_1(void) +{ + return test_zuc_encryption(&zuc_test_case_cipher_193b); +} - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); +static int +test_zuc_encryption_test_case_2(void) +{ + return test_zuc_encryption(&zuc_test_case_cipher_800b); +} - uint64_t feat_flags = dev_info.feature_flags; +static int +test_zuc_encryption_test_case_3(void) +{ + return test_zuc_encryption(&zuc_test_case_cipher_1570b); +} + +static int +test_zuc_encryption_test_case_4(void) +{ + return test_zuc_encryption(&zuc_test_case_cipher_2798b); +} - if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { - printf("Device doesn't support in-place scatter-gather. " - "Test Skipped.\n"); - return -ENOTSUP; - } +static int +test_zuc_encryption_test_case_5(void) +{ + return test_zuc_encryption(&zuc_test_case_cipher_4019b); +} - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; - } +static int +test_zuc_encryption_test_case_6_sgl(void) +{ + return test_zuc_encryption_sgl(&zuc_test_case_cipher_193b); +} - plaintext_len = ceil_byte_length(tdata->plaintext.len); +static int +test_zuc_hash_generate_test_case_1(void) +{ + return test_zuc_authentication(&zuc_test_case_auth_1b); +} - /* Append data which is padded to a multiple */ - /* of the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); +static int +test_zuc_hash_generate_test_case_2(void) +{ + return test_zuc_authentication(&zuc_test_case_auth_90b); +} - ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, - plaintext_pad_len, 10, 0); +static int +test_zuc_hash_generate_test_case_3(void) +{ + return test_zuc_authentication(&zuc_test_case_auth_577b); +} - pktmbuf_write(ut_params->ibuf, 0, plaintext_len, - tdata->plaintext.data); +static int +test_zuc_hash_generate_test_case_4(void) +{ + return test_zuc_authentication(&zuc_test_case_auth_2079b); +} - /* Create ZUC session */ - retval = create_wireless_algo_cipher_session(ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_CIPHER_ZUC_EEA3, - tdata->key.data, tdata->key.len, - tdata->cipher_iv.len); - if (retval < 0) - return retval; +static int +test_zuc_hash_generate_test_case_5(void) +{ + return test_zuc_authentication(&zuc_test_auth_5670b); +} - /* Clear mbuf payload */ +static int +test_zuc_hash_generate_test_case_6(void) +{ + return test_zuc_authentication(&zuc_test_case_auth_128b); +} - pktmbuf_write(ut_params->ibuf, 0, plaintext_len, tdata->plaintext.data); +static int +test_zuc_hash_generate_test_case_7(void) +{ + return test_zuc_authentication(&zuc_test_case_auth_2080b); +} - /* Create ZUC operation */ - retval = create_wireless_algo_cipher_operation(tdata->cipher_iv.data, - tdata->cipher_iv.len, tdata->plaintext.len, - 0); - if (retval < 0) - return retval; +static int +test_zuc_hash_generate_test_case_8(void) +{ + return test_zuc_authentication(&zuc_test_case_auth_584b); +} - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 0, 1, tdata->cipher_iv.len); - else - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); - TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); +static int +test_zuc_hash_generate_test_case_9(void) +{ + return test_zuc_authentication(&zuc_test_case_auth_4000b_mac_32b); +} - ut_params->obuf = ut_params->op->sym->m_dst; - if (ut_params->obuf) - ciphertext = rte_pktmbuf_read(ut_params->obuf, - 0, plaintext_len, ciphertext_buffer); - else - ciphertext = rte_pktmbuf_read(ut_params->ibuf, - 0, plaintext_len, ciphertext_buffer); +static int +test_zuc_hash_generate_test_case_10(void) +{ + return test_zuc_authentication(&zuc_test_case_auth_4000b_mac_64b); +} - /* Validate obuf */ - debug_hexdump(stdout, "ciphertext:", ciphertext, plaintext_len); +static int +test_zuc_hash_generate_test_case_11(void) +{ + return test_zuc_authentication(&zuc_test_case_auth_4000b_mac_128b); +} - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validCipherLenInBits.len, - "ZUC Ciphertext data not as expected"); +static int +test_zuc_cipher_auth_test_case_1(void) +{ + return test_zuc_cipher_auth(&zuc_test_case_cipher_200b_auth_200b); +} - return 0; +static int +test_zuc_cipher_auth_test_case_2(void) +{ + return test_zuc_cipher_auth(&zuc_test_case_cipher_800b_auth_120b); } static int -test_zuc_authentication(const struct wireless_test_data *tdata) +test_zuc_auth_cipher_test_case_1(void) { - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; + return test_zuc_auth_cipher( + &zuc_auth_cipher_test_case_1, IN_PLACE, 0); +} - int retval; - unsigned plaintext_pad_len; - unsigned plaintext_len; - uint8_t *plaintext; +static int +test_zuc_auth_cipher_test_case_1_oop(void) +{ + return test_zuc_auth_cipher( + &zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 0); +} - struct rte_cryptodev_sym_capability_idx cap_idx; - struct rte_cryptodev_info dev_info; +static int +test_zuc_auth_cipher_test_case_1_sgl(void) +{ + return test_zuc_auth_cipher_sgl( + &zuc_auth_cipher_test_case_1, IN_PLACE, 0); +} - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - uint64_t feat_flags = dev_info.feature_flags; +static int +test_zuc_auth_cipher_test_case_1_oop_sgl(void) +{ + return test_zuc_auth_cipher_sgl( + &zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 0); +} - if (!(feat_flags & RTE_CRYPTODEV_FF_NON_BYTE_ALIGNED_DATA) && - (tdata->validAuthLenInBits.len % 8 != 0)) { - printf("Device doesn't support NON-Byte Aligned Data.\n"); - return -ENOTSUP; - } +static int +test_zuc_auth_cipher_verify_test_case_1(void) +{ + return test_zuc_auth_cipher( + &zuc_auth_cipher_test_case_1, IN_PLACE, 1); +} - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; - } +static int +test_zuc_auth_cipher_verify_test_case_1_oop(void) +{ + return test_zuc_auth_cipher( + &zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 1); +} - /* Check if device supports ZUC EIA3 */ - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_ZUC_EIA3; +static int +test_zuc_auth_cipher_verify_test_case_1_sgl(void) +{ + return test_zuc_auth_cipher_sgl( + &zuc_auth_cipher_test_case_1, IN_PLACE, 1); +} - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; +static int +test_zuc_auth_cipher_verify_test_case_1_oop_sgl(void) +{ + return test_zuc_auth_cipher_sgl( + &zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 1); +} - /* Create ZUC session */ - retval = create_wireless_algo_hash_session(ts_params->valid_devs[0], - tdata->key.data, tdata->key.len, - tdata->auth_iv.len, tdata->digest.len, - RTE_CRYPTO_AUTH_OP_GENERATE, - RTE_CRYPTO_AUTH_ZUC_EIA3); - if (retval < 0) - return retval; +static int +test_zuc256_encryption_test_case_1(void) +{ + return test_zuc_encryption(&zuc256_test_case_cipher_1); +} - /* alloc mbuf and set payload */ - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); +static int +test_zuc256_encryption_test_case_2(void) +{ + return test_zuc_encryption(&zuc256_test_case_cipher_2); +} - memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); +static int +test_zuc256_authentication_test_case_1(void) +{ + return test_zuc_authentication(&zuc256_test_case_auth_1); +} - plaintext_len = ceil_byte_length(tdata->plaintext.len); - /* Append data which is padded to a multiple of */ - /* the algorithms block size */ - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 8); - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); +static int +test_zuc256_authentication_test_case_2(void) +{ + return test_zuc_authentication(&zuc256_test_case_auth_2); +} - /* Create ZUC operation */ - retval = create_wireless_algo_hash_operation(NULL, tdata->digest.len, - tdata->auth_iv.data, tdata->auth_iv.len, - plaintext_pad_len, RTE_CRYPTO_AUTH_OP_GENERATE, - tdata->validAuthLenInBits.len, - 0); - if (retval < 0) - return retval; +static int +test_mixed_check_if_unsupported(const struct mixed_cipher_auth_test_data *tdata) +{ + uint8_t dev_id = testsuite_params.valid_devs[0]; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 0, 1, 1, 0); - else - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); - ut_params->obuf = ut_params->op->sym->m_src; - TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) - + plaintext_pad_len; + struct rte_cryptodev_sym_capability_idx cap_idx; - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL( - ut_params->digest, - tdata->digest.data, - tdata->digest.len, - "ZUC Generated auth tag not as expected"); + /* Check if device supports particular cipher algorithm */ + cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + cap_idx.algo.cipher = tdata->cipher_algo; + if (rte_cryptodev_sym_capability_get(dev_id, &cap_idx) == NULL) + return TEST_SKIPPED; + + /* Check if device supports particular hash algorithm */ + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; + cap_idx.algo.auth = tdata->auth_algo; + if (rte_cryptodev_sym_capability_get(dev_id, &cap_idx) == NULL) + return TEST_SKIPPED; return 0; } static int -test_zuc_auth_cipher(const struct wireless_test_data *tdata, +test_mixed_auth_cipher(const struct mixed_cipher_auth_test_data *tdata, uint8_t op_mode, uint8_t verify) { struct crypto_testsuite_params *ts_params = &testsuite_params; @@ -5643,15 +7352,13 @@ test_zuc_auth_cipher(const struct wireless_test_data *tdata, unsigned int ciphertext_len; struct rte_cryptodev_info dev_info; - struct rte_cryptodev_sym_capability_idx cap_idx; - - /* Check if device supports ZUC EIA3 */ - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_ZUC_EIA3; + struct rte_crypto_op *op; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; + /* Check if device supports particular algorithms separately */ + if (test_mixed_check_if_unsupported(tdata)) + return TEST_SKIPPED; + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); @@ -5659,44 +7366,31 @@ test_zuc_auth_cipher(const struct wireless_test_data *tdata, if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { printf("Device doesn't support digest encrypted.\n"); - return -ENOTSUP; - } - if (op_mode == IN_PLACE) { - if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { - printf("Device doesn't support in-place scatter-gather " - "in both input and output mbufs.\n"); - return -ENOTSUP; - } - - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; - } - } else { - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; - if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { - printf("Device doesn't support out-of-place scatter-gather " - "in both input and output mbufs.\n"); - return -ENOTSUP; - } + return TEST_SKIPPED; } - /* Create ZUC session */ - retval = create_wireless_algo_auth_cipher_session( - ts_params->valid_devs[0], - (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT - : RTE_CRYPTO_CIPHER_OP_ENCRYPT), - (verify ? RTE_CRYPTO_AUTH_OP_VERIFY - : RTE_CRYPTO_AUTH_OP_GENERATE), - RTE_CRYPTO_AUTH_ZUC_EIA3, - RTE_CRYPTO_CIPHER_ZUC_EEA3, - tdata->key.data, tdata->key.len, - tdata->auth_iv.len, tdata->digest.len, - tdata->cipher_iv.len); - - if (retval < 0) + /* Create the session */ + if (verify) + retval = create_wireless_algo_cipher_auth_session( + ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_DECRYPT, + RTE_CRYPTO_AUTH_OP_VERIFY, + tdata->auth_algo, + tdata->cipher_algo, + tdata->auth_key.data, tdata->auth_key.len, + tdata->auth_iv.len, tdata->digest_enc.len, + tdata->cipher_iv.len); + else + retval = create_wireless_algo_auth_cipher_session( + ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_AUTH_OP_GENERATE, + tdata->auth_algo, + tdata->cipher_algo, + tdata->auth_key.data, tdata->auth_key.len, + tdata->auth_iv.len, tdata->digest_enc.len, + tdata->cipher_iv.len); + if (retval != 0) return retval; ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); @@ -5706,123 +7400,137 @@ test_zuc_auth_cipher(const struct wireless_test_data *tdata, /* clear mbuf payload */ memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, rte_pktmbuf_tailroom(ut_params->ibuf)); - if (op_mode == OUT_OF_PLACE) + if (op_mode == OUT_OF_PLACE) { + memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->obuf)); + rte_pktmbuf_tailroom(ut_params->obuf)); + } - ciphertext_len = ceil_byte_length(tdata->ciphertext.len); - plaintext_len = ceil_byte_length(tdata->plaintext.len); + ciphertext_len = ceil_byte_length(tdata->ciphertext.len_bits); + plaintext_len = ceil_byte_length(tdata->plaintext.len_bits); ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); if (verify) { ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - ciphertext_pad_len); + ciphertext_pad_len); memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); - if (op_mode == OUT_OF_PLACE) - rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); debug_hexdump(stdout, "ciphertext:", ciphertext, - ciphertext_len); + ciphertext_len); } else { + /* make sure enough space to cover partial digest verify case */ plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); + ciphertext_pad_len); memcpy(plaintext, tdata->plaintext.data, plaintext_len); - if (op_mode == OUT_OF_PLACE) - rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); - debug_hexdump(stdout, "plaintext:", plaintext, - plaintext_len); + debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); } - /* Create ZUC operation */ + if (op_mode == OUT_OF_PLACE) + rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); + + /* Create the operation */ retval = create_wireless_algo_auth_cipher_operation( - tdata->digest.data, tdata->digest.len, - tdata->cipher_iv.data, tdata->cipher_iv.len, - tdata->auth_iv.data, tdata->auth_iv.len, - (tdata->digest.offset_bytes == 0 ? - (verify ? ciphertext_pad_len : plaintext_pad_len) - : tdata->digest.offset_bytes), - tdata->validCipherLenInBits.len, - tdata->validCipherOffsetInBits.len, - tdata->validAuthLenInBits.len, - 0, - op_mode, 0, verify); + tdata->digest_enc.data, tdata->digest_enc.len, + tdata->cipher_iv.data, tdata->cipher_iv.len, + tdata->auth_iv.data, tdata->auth_iv.len, + (tdata->digest_enc.offset == 0 ? + plaintext_pad_len + : tdata->digest_enc.offset), + tdata->validCipherLen.len_bits, + tdata->cipher.offset_bits, + tdata->validAuthLen.len_bits, + tdata->auth.offset_bits, + op_mode, 0, verify); if (retval < 0) return retval; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 1, 1, tdata->cipher_iv.len); - else - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + op = process_crypto_request(ts_params->valid_devs[0], ut_params->op); + + /* Check if the op failed because the device doesn't */ + /* support this particular combination of algorithms */ + if (op == NULL && ut_params->op->status == + RTE_CRYPTO_OP_STATUS_INVALID_SESSION) { + printf("Device doesn't support this mixed combination. " + "Test Skipped.\n"); + return TEST_SKIPPED; + } + ut_params->op = op; TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); ut_params->obuf = (op_mode == IN_PLACE ? - ut_params->op->sym->m_src : ut_params->op->sym->m_dst); - + ut_params->op->sym->m_src : ut_params->op->sym->m_dst); if (verify) { if (ut_params->obuf) plaintext = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *); else - plaintext = ciphertext; + plaintext = ciphertext + + (tdata->cipher.offset_bits >> 3); debug_hexdump(stdout, "plaintext:", plaintext, - (tdata->plaintext.len >> 3) - tdata->digest.len); + tdata->plaintext.len_bits >> 3); debug_hexdump(stdout, "plaintext expected:", - tdata->plaintext.data, - (tdata->plaintext.len >> 3) - tdata->digest.len); + tdata->plaintext.data, + tdata->plaintext.len_bits >> 3); } else { if (ut_params->obuf) ciphertext = rte_pktmbuf_mtod(ut_params->obuf, - uint8_t *); + uint8_t *); else ciphertext = plaintext; debug_hexdump(stdout, "ciphertext:", ciphertext, - ciphertext_len); + ciphertext_len); debug_hexdump(stdout, "ciphertext expected:", - tdata->ciphertext.data, tdata->ciphertext.len >> 3); + tdata->ciphertext.data, + tdata->ciphertext.len_bits >> 3); - ut_params->digest = rte_pktmbuf_mtod( - ut_params->obuf, uint8_t *) + - (tdata->digest.offset_bytes == 0 ? - plaintext_pad_len : tdata->digest.offset_bytes); + ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) + + (tdata->digest_enc.offset == 0 ? + plaintext_pad_len : tdata->digest_enc.offset); debug_hexdump(stdout, "digest:", ut_params->digest, - tdata->digest.len); + tdata->digest_enc.len); debug_hexdump(stdout, "digest expected:", - tdata->digest.data, tdata->digest.len); + tdata->digest_enc.data, + tdata->digest_enc.len); } - /* Validate obuf */ - if (verify) { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - plaintext, - tdata->plaintext.data, - tdata->plaintext.len >> 3, - "ZUC Plaintext data not as expected"); - } else { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->ciphertext.len >> 3, - "ZUC Ciphertext data not as expected"); - + if (!verify) { TEST_ASSERT_BUFFERS_ARE_EQUAL( - ut_params->digest, - tdata->digest.data, - DIGEST_BYTE_LENGTH_KASUMI_F9, - "ZUC Generated auth tag not as expected"); + ut_params->digest, + tdata->digest_enc.data, + tdata->digest_enc.len, + "Generated auth tag not as expected"); + } + + if (tdata->cipher_algo != RTE_CRYPTO_CIPHER_NULL) { + if (verify) { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + plaintext, + tdata->plaintext.data, + tdata->plaintext.len_bits >> 3, + "Plaintext data not as expected"); + } else { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + tdata->ciphertext.data, + tdata->validDataLen.len_bits, + "Ciphertext data not as expected"); + } } + + TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, + "crypto op processing failed"); + return 0; } static int -test_zuc_auth_cipher_sgl(const struct wireless_test_data *tdata, +test_mixed_auth_cipher_sgl(const struct mixed_cipher_auth_test_data *tdata, uint8_t op_mode, uint8_t verify) { struct crypto_testsuite_params *ts_params = &testsuite_params; @@ -5841,15 +7549,13 @@ test_zuc_auth_cipher_sgl(const struct wireless_test_data *tdata, uint8_t digest_buffer[10000]; struct rte_cryptodev_info dev_info; - struct rte_cryptodev_sym_capability_idx cap_idx; - - /* Check if device supports ZUC EIA3 */ - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = RTE_CRYPTO_AUTH_ZUC_EIA3; + struct rte_crypto_op *op; - if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], - &cap_idx) == NULL) - return -ENOTSUP; + /* Check if device supports particular algorithms */ + if (test_mixed_check_if_unsupported(tdata)) + return TEST_SKIPPED; + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + return TEST_SKIPPED; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); @@ -5859,51 +7565,51 @@ test_zuc_auth_cipher_sgl(const struct wireless_test_data *tdata, if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { printf("Device doesn't support in-place scatter-gather " "in both input and output mbufs.\n"); - return -ENOTSUP; - } - - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; - } - } else { - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; - if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { - printf("Device doesn't support out-of-place scatter-gather " - "in both input and output mbufs.\n"); - return -ENOTSUP; - } - if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { - printf("Device doesn't support digest encrypted.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } - } - - /* Create ZUC session */ - retval = create_wireless_algo_auth_cipher_session( - ts_params->valid_devs[0], - (verify ? RTE_CRYPTO_CIPHER_OP_DECRYPT - : RTE_CRYPTO_CIPHER_OP_ENCRYPT), - (verify ? RTE_CRYPTO_AUTH_OP_VERIFY - : RTE_CRYPTO_AUTH_OP_GENERATE), - RTE_CRYPTO_AUTH_ZUC_EIA3, - RTE_CRYPTO_CIPHER_ZUC_EEA3, - tdata->key.data, tdata->key.len, - tdata->auth_iv.len, tdata->digest.len, - tdata->cipher_iv.len); + } else { + if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { + printf("Device doesn't support out-of-place scatter-gather " + "in both input and output mbufs.\n"); + return TEST_SKIPPED; + } + if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { + printf("Device doesn't support digest encrypted.\n"); + return TEST_SKIPPED; + } + } - if (retval < 0) + /* Create the session */ + if (verify) + retval = create_wireless_algo_cipher_auth_session( + ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_DECRYPT, + RTE_CRYPTO_AUTH_OP_VERIFY, + tdata->auth_algo, + tdata->cipher_algo, + tdata->auth_key.data, tdata->auth_key.len, + tdata->auth_iv.len, tdata->digest_enc.len, + tdata->cipher_iv.len); + else + retval = create_wireless_algo_auth_cipher_session( + ts_params->valid_devs[0], + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_AUTH_OP_GENERATE, + tdata->auth_algo, + tdata->cipher_algo, + tdata->auth_key.data, tdata->auth_key.len, + tdata->auth_iv.len, tdata->digest_enc.len, + tdata->cipher_iv.len); + if (retval != 0) return retval; - ciphertext_len = ceil_byte_length(tdata->ciphertext.len); - plaintext_len = ceil_byte_length(tdata->plaintext.len); + ciphertext_len = ceil_byte_length(tdata->ciphertext.len_bits); + plaintext_len = ceil_byte_length(tdata->plaintext.len_bits); ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, - plaintext_pad_len, 15, 0); + ciphertext_pad_len, 15, 0); TEST_ASSERT_NOT_NULL(ut_params->ibuf, "Failed to allocate input buffer in mempool"); @@ -5931,34 +7637,39 @@ test_zuc_auth_cipher_sgl(const struct wireless_test_data *tdata, } memset(buffer, 0, sizeof(buffer)); - /* Create ZUC operation */ + /* Create the operation */ retval = create_wireless_algo_auth_cipher_operation( - tdata->digest.data, tdata->digest.len, - tdata->cipher_iv.data, tdata->cipher_iv.len, - NULL, 0, - (tdata->digest.offset_bytes == 0 ? - (verify ? ciphertext_pad_len : plaintext_pad_len) - : tdata->digest.offset_bytes), - tdata->validCipherLenInBits.len, - tdata->validCipherOffsetInBits.len, - tdata->validAuthLenInBits.len, - 0, - op_mode, 1, verify); + tdata->digest_enc.data, tdata->digest_enc.len, + tdata->cipher_iv.data, tdata->cipher_iv.len, + tdata->auth_iv.data, tdata->auth_iv.len, + (tdata->digest_enc.offset == 0 ? + plaintext_pad_len + : tdata->digest_enc.offset), + tdata->validCipherLen.len_bits, + tdata->cipher.offset_bits, + tdata->validAuthLen.len_bits, + tdata->auth.offset_bits, + op_mode, 1, verify); if (retval < 0) return retval; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 1, 1, 1, tdata->cipher_iv.len); - else - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + op = process_crypto_request(ts_params->valid_devs[0], ut_params->op); + + /* Check if the op failed because the device doesn't */ + /* support this particular combination of algorithms */ + if (op == NULL && ut_params->op->status == + RTE_CRYPTO_OP_STATUS_INVALID_SESSION) { + printf("Device doesn't support this mixed combination. " + "Test Skipped.\n"); + return TEST_SKIPPED; + } + ut_params->op = op; TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); ut_params->obuf = (op_mode == IN_PLACE ? - ut_params->op->sym->m_src : ut_params->op->sym->m_dst); + ut_params->op->sym->m_src : ut_params->op->sym->m_dst); if (verify) { if (ut_params->obuf) @@ -5969,10 +7680,12 @@ test_zuc_auth_cipher_sgl(const struct wireless_test_data *tdata, plaintext_len, buffer); debug_hexdump(stdout, "plaintext:", plaintext, - (tdata->plaintext.len >> 3) - tdata->digest.len); + (tdata->plaintext.len_bits >> 3) - + tdata->digest_enc.len); debug_hexdump(stdout, "plaintext expected:", - tdata->plaintext.data, - (tdata->plaintext.len >> 3) - tdata->digest.len); + tdata->plaintext.data, + (tdata->plaintext.len_bits >> 3) - + tdata->digest_enc.len); } else { if (ut_params->obuf) ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, @@ -5984,2388 +7697,2481 @@ test_zuc_auth_cipher_sgl(const struct wireless_test_data *tdata, debug_hexdump(stdout, "ciphertext:", ciphertext, ciphertext_len); debug_hexdump(stdout, "ciphertext expected:", - tdata->ciphertext.data, tdata->ciphertext.len >> 3); + tdata->ciphertext.data, + tdata->ciphertext.len_bits >> 3); if (ut_params->obuf) digest = rte_pktmbuf_read(ut_params->obuf, - (tdata->digest.offset_bytes == 0 ? - plaintext_pad_len : tdata->digest.offset_bytes), - tdata->digest.len, digest_buffer); + (tdata->digest_enc.offset == 0 ? + plaintext_pad_len : + tdata->digest_enc.offset), + tdata->digest_enc.len, digest_buffer); else digest = rte_pktmbuf_read(ut_params->ibuf, - (tdata->digest.offset_bytes == 0 ? - plaintext_pad_len : tdata->digest.offset_bytes), - tdata->digest.len, digest_buffer); + (tdata->digest_enc.offset == 0 ? + plaintext_pad_len : + tdata->digest_enc.offset), + tdata->digest_enc.len, digest_buffer); debug_hexdump(stdout, "digest:", digest, - tdata->digest.len); + tdata->digest_enc.len); debug_hexdump(stdout, "digest expected:", - tdata->digest.data, tdata->digest.len); + tdata->digest_enc.data, tdata->digest_enc.len); } - /* Validate obuf */ - if (verify) { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - plaintext, - tdata->plaintext.data, - tdata->plaintext.len >> 3, - "ZUC Plaintext data not as expected"); - } else { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLenInBits.len, - "ZUC Ciphertext data not as expected"); - + if (!verify) { TEST_ASSERT_BUFFERS_ARE_EQUAL( - digest, - tdata->digest.data, - DIGEST_BYTE_LENGTH_KASUMI_F9, - "ZUC Generated auth tag not as expected"); + digest, + tdata->digest_enc.data, + tdata->digest_enc.len, + "Generated auth tag not as expected"); } + + if (tdata->cipher_algo != RTE_CRYPTO_CIPHER_NULL) { + if (verify) { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + plaintext, + tdata->plaintext.data, + tdata->plaintext.len_bits >> 3, + "Plaintext data not as expected"); + } else { + TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( + ciphertext, + tdata->ciphertext.data, + tdata->validDataLen.len_bits, + "Ciphertext data not as expected"); + } + } + + TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, + "crypto op processing failed"); + return 0; } +/** AUTH AES CMAC + CIPHER AES CTR */ + static int -test_kasumi_encryption_test_case_1(void) +test_aes_cmac_aes_ctr_digest_enc_test_case_1(void) { - return test_kasumi_encryption(&kasumi_test_case_1); + return test_mixed_auth_cipher( + &auth_aes_cmac_cipher_aes_ctr_test_case_1, IN_PLACE, 0); } static int -test_kasumi_encryption_test_case_1_sgl(void) +test_aes_cmac_aes_ctr_digest_enc_test_case_1_oop(void) { - return test_kasumi_encryption_sgl(&kasumi_test_case_1); + return test_mixed_auth_cipher( + &auth_aes_cmac_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0); } static int -test_kasumi_encryption_test_case_1_oop(void) +test_aes_cmac_aes_ctr_digest_enc_test_case_1_sgl(void) { - return test_kasumi_encryption_oop(&kasumi_test_case_1); + return test_mixed_auth_cipher_sgl( + &auth_aes_cmac_cipher_aes_ctr_test_case_1, IN_PLACE, 0); } static int -test_kasumi_encryption_test_case_1_oop_sgl(void) +test_aes_cmac_aes_ctr_digest_enc_test_case_1_oop_sgl(void) { - return test_kasumi_encryption_oop_sgl(&kasumi_test_case_1); + return test_mixed_auth_cipher_sgl( + &auth_aes_cmac_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0); } static int -test_kasumi_encryption_test_case_2(void) +test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1(void) { - return test_kasumi_encryption(&kasumi_test_case_2); + return test_mixed_auth_cipher( + &auth_aes_cmac_cipher_aes_ctr_test_case_1, IN_PLACE, 1); } static int -test_kasumi_encryption_test_case_3(void) +test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_oop(void) { - return test_kasumi_encryption(&kasumi_test_case_3); + return test_mixed_auth_cipher( + &auth_aes_cmac_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1); } static int -test_kasumi_encryption_test_case_4(void) +test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_sgl(void) { - return test_kasumi_encryption(&kasumi_test_case_4); + return test_mixed_auth_cipher_sgl( + &auth_aes_cmac_cipher_aes_ctr_test_case_1, IN_PLACE, 1); } static int -test_kasumi_encryption_test_case_5(void) +test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_oop_sgl(void) { - return test_kasumi_encryption(&kasumi_test_case_5); + return test_mixed_auth_cipher_sgl( + &auth_aes_cmac_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1); } +/** MIXED AUTH + CIPHER */ + static int -test_kasumi_decryption_test_case_1(void) +test_auth_zuc_cipher_snow_test_case_1(void) { - return test_kasumi_decryption(&kasumi_test_case_1); + return test_mixed_auth_cipher( + &auth_zuc_cipher_snow_test_case_1, OUT_OF_PLACE, 0); } static int -test_kasumi_decryption_test_case_1_oop(void) +test_verify_auth_zuc_cipher_snow_test_case_1(void) { - return test_kasumi_decryption_oop(&kasumi_test_case_1); + return test_mixed_auth_cipher( + &auth_zuc_cipher_snow_test_case_1, OUT_OF_PLACE, 1); } static int -test_kasumi_decryption_test_case_2(void) +test_auth_aes_cmac_cipher_snow_test_case_1(void) { - return test_kasumi_decryption(&kasumi_test_case_2); + return test_mixed_auth_cipher( + &auth_aes_cmac_cipher_snow_test_case_1, OUT_OF_PLACE, 0); } static int -test_kasumi_decryption_test_case_3(void) +test_verify_auth_aes_cmac_cipher_snow_test_case_1(void) { - /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */ - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; - return test_kasumi_decryption(&kasumi_test_case_3); + return test_mixed_auth_cipher( + &auth_aes_cmac_cipher_snow_test_case_1, OUT_OF_PLACE, 1); } static int -test_kasumi_decryption_test_case_4(void) +test_auth_zuc_cipher_aes_ctr_test_case_1(void) { - return test_kasumi_decryption(&kasumi_test_case_4); + return test_mixed_auth_cipher( + &auth_zuc_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0); } static int -test_kasumi_decryption_test_case_5(void) +test_verify_auth_zuc_cipher_aes_ctr_test_case_1(void) { - return test_kasumi_decryption(&kasumi_test_case_5); + return test_mixed_auth_cipher( + &auth_zuc_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1); +} + +static int +test_auth_snow_cipher_aes_ctr_test_case_1(void) +{ + return test_mixed_auth_cipher( + &auth_snow_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0); +} + +static int +test_verify_auth_snow_cipher_aes_ctr_test_case_1(void) +{ + return test_mixed_auth_cipher( + &auth_snow_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1); +} + +static int +test_auth_snow_cipher_zuc_test_case_1(void) +{ + return test_mixed_auth_cipher( + &auth_snow_cipher_zuc_test_case_1, OUT_OF_PLACE, 0); +} + +static int +test_verify_auth_snow_cipher_zuc_test_case_1(void) +{ + return test_mixed_auth_cipher( + &auth_snow_cipher_zuc_test_case_1, OUT_OF_PLACE, 1); +} + +static int +test_auth_aes_cmac_cipher_zuc_test_case_1(void) +{ + return test_mixed_auth_cipher( + &auth_aes_cmac_cipher_zuc_test_case_1, OUT_OF_PLACE, 0); } + +static int +test_verify_auth_aes_cmac_cipher_zuc_test_case_1(void) +{ + return test_mixed_auth_cipher( + &auth_aes_cmac_cipher_zuc_test_case_1, OUT_OF_PLACE, 1); +} + static int -test_snow3g_encryption_test_case_1(void) +test_auth_null_cipher_snow_test_case_1(void) { - return test_snow3g_encryption(&snow3g_test_case_1); + return test_mixed_auth_cipher( + &auth_null_cipher_snow_test_case_1, OUT_OF_PLACE, 0); } static int -test_snow3g_encryption_test_case_1_oop(void) +test_verify_auth_null_cipher_snow_test_case_1(void) { - return test_snow3g_encryption_oop(&snow3g_test_case_1); + return test_mixed_auth_cipher( + &auth_null_cipher_snow_test_case_1, OUT_OF_PLACE, 1); } static int -test_snow3g_encryption_test_case_1_oop_sgl(void) +test_auth_null_cipher_zuc_test_case_1(void) { - return test_snow3g_encryption_oop_sgl(&snow3g_test_case_1); + return test_mixed_auth_cipher( + &auth_null_cipher_zuc_test_case_1, OUT_OF_PLACE, 0); } - static int -test_snow3g_encryption_test_case_1_offset_oop(void) +test_verify_auth_null_cipher_zuc_test_case_1(void) { - return test_snow3g_encryption_offset_oop(&snow3g_test_case_1); + return test_mixed_auth_cipher( + &auth_null_cipher_zuc_test_case_1, OUT_OF_PLACE, 1); } static int -test_snow3g_encryption_test_case_2(void) +test_auth_snow_cipher_null_test_case_1(void) { - return test_snow3g_encryption(&snow3g_test_case_2); + return test_mixed_auth_cipher( + &auth_snow_cipher_null_test_case_1, OUT_OF_PLACE, 0); } static int -test_snow3g_encryption_test_case_3(void) +test_verify_auth_snow_cipher_null_test_case_1(void) { - return test_snow3g_encryption(&snow3g_test_case_3); + return test_mixed_auth_cipher( + &auth_snow_cipher_null_test_case_1, OUT_OF_PLACE, 1); } static int -test_snow3g_encryption_test_case_4(void) +test_auth_zuc_cipher_null_test_case_1(void) { - return test_snow3g_encryption(&snow3g_test_case_4); + return test_mixed_auth_cipher( + &auth_zuc_cipher_null_test_case_1, OUT_OF_PLACE, 0); } static int -test_snow3g_encryption_test_case_5(void) +test_verify_auth_zuc_cipher_null_test_case_1(void) { - return test_snow3g_encryption(&snow3g_test_case_5); + return test_mixed_auth_cipher( + &auth_zuc_cipher_null_test_case_1, OUT_OF_PLACE, 1); } static int -test_snow3g_decryption_test_case_1(void) +test_auth_null_cipher_aes_ctr_test_case_1(void) { - return test_snow3g_decryption(&snow3g_test_case_1); + return test_mixed_auth_cipher( + &auth_null_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0); } static int -test_snow3g_decryption_test_case_1_oop(void) +test_verify_auth_null_cipher_aes_ctr_test_case_1(void) { - return test_snow3g_decryption_oop(&snow3g_test_case_1); + return test_mixed_auth_cipher( + &auth_null_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1); } static int -test_snow3g_decryption_test_case_2(void) +test_auth_aes_cmac_cipher_null_test_case_1(void) { - return test_snow3g_decryption(&snow3g_test_case_2); + return test_mixed_auth_cipher( + &auth_aes_cmac_cipher_null_test_case_1, OUT_OF_PLACE, 0); } static int -test_snow3g_decryption_test_case_3(void) +test_verify_auth_aes_cmac_cipher_null_test_case_1(void) { - return test_snow3g_decryption(&snow3g_test_case_3); + return test_mixed_auth_cipher( + &auth_aes_cmac_cipher_null_test_case_1, OUT_OF_PLACE, 1); } +/* ***** AEAD algorithm Tests ***** */ + static int -test_snow3g_decryption_test_case_4(void) +create_aead_session(uint8_t dev_id, enum rte_crypto_aead_algorithm algo, + enum rte_crypto_aead_operation op, + const uint8_t *key, const uint8_t key_len, + const uint16_t aad_len, const uint8_t auth_len, + uint8_t iv_len) { - return test_snow3g_decryption(&snow3g_test_case_4); + uint8_t aead_key[key_len]; + int status; + + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + + memcpy(aead_key, key, key_len); + + /* Setup AEAD Parameters */ + ut_params->aead_xform.type = RTE_CRYPTO_SYM_XFORM_AEAD; + ut_params->aead_xform.next = NULL; + ut_params->aead_xform.aead.algo = algo; + ut_params->aead_xform.aead.op = op; + ut_params->aead_xform.aead.key.data = aead_key; + ut_params->aead_xform.aead.key.length = key_len; + ut_params->aead_xform.aead.iv.offset = IV_OFFSET; + ut_params->aead_xform.aead.iv.length = iv_len; + ut_params->aead_xform.aead.digest_length = auth_len; + ut_params->aead_xform.aead.aad_length = aad_len; + + debug_hexdump(stdout, "key:", key, key_len); + + /* Create Crypto session*/ + ut_params->sess = rte_cryptodev_sym_session_create( + ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + + status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, + &ut_params->aead_xform, + ts_params->session_priv_mpool); + + return status; } static int -test_snow3g_decryption_test_case_5(void) +create_aead_xform(struct rte_crypto_op *op, + enum rte_crypto_aead_algorithm algo, + enum rte_crypto_aead_operation aead_op, + uint8_t *key, const uint8_t key_len, + const uint8_t aad_len, const uint8_t auth_len, + uint8_t iv_len) { - return test_snow3g_decryption(&snow3g_test_case_5); + TEST_ASSERT_NOT_NULL(rte_crypto_op_sym_xforms_alloc(op, 1), + "failed to allocate space for crypto transform"); + + struct rte_crypto_sym_op *sym_op = op->sym; + + /* Setup AEAD Parameters */ + sym_op->xform->type = RTE_CRYPTO_SYM_XFORM_AEAD; + sym_op->xform->next = NULL; + sym_op->xform->aead.algo = algo; + sym_op->xform->aead.op = aead_op; + sym_op->xform->aead.key.data = key; + sym_op->xform->aead.key.length = key_len; + sym_op->xform->aead.iv.offset = IV_OFFSET; + sym_op->xform->aead.iv.length = iv_len; + sym_op->xform->aead.digest_length = auth_len; + sym_op->xform->aead.aad_length = aad_len; + + debug_hexdump(stdout, "key:", key, key_len); + + return 0; } -/* - * Function prepares snow3g_hash_test_data from snow3g_test_data. - * Pattern digest from snow3g_test_data must be allocated as - * 4 last bytes in plaintext. - */ -static void -snow3g_hash_test_vector_setup(const struct snow3g_test_data *pattern, - struct snow3g_hash_test_data *output) +static int +create_aead_operation(enum rte_crypto_aead_operation op, + const struct aead_test_data *tdata) { - if ((pattern != NULL) && (output != NULL)) { - output->key.len = pattern->key.len; + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; - memcpy(output->key.data, - pattern->key.data, pattern->key.len); + uint8_t *plaintext, *ciphertext; + unsigned int aad_pad_len, plaintext_pad_len; - output->auth_iv.len = pattern->auth_iv.len; + /* Generate Crypto op data structure */ + ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, + RTE_CRYPTO_OP_TYPE_SYMMETRIC); + TEST_ASSERT_NOT_NULL(ut_params->op, + "Failed to allocate symmetric crypto operation struct"); - memcpy(output->auth_iv.data, - pattern->auth_iv.data, pattern->auth_iv.len); + struct rte_crypto_sym_op *sym_op = ut_params->op->sym; - output->plaintext.len = pattern->plaintext.len; + /* Append aad data */ + if (tdata->algo == RTE_CRYPTO_AEAD_AES_CCM) { + aad_pad_len = RTE_ALIGN_CEIL(tdata->aad.len + 18, 16); + sym_op->aead.aad.data = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + aad_pad_len); + TEST_ASSERT_NOT_NULL(sym_op->aead.aad.data, + "no room to append aad"); - memcpy(output->plaintext.data, - pattern->plaintext.data, pattern->plaintext.len >> 3); + sym_op->aead.aad.phys_addr = + rte_pktmbuf_iova(ut_params->ibuf); + /* Copy AAD 18 bytes after the AAD pointer, according to the API */ + memcpy(sym_op->aead.aad.data + 18, tdata->aad.data, tdata->aad.len); + debug_hexdump(stdout, "aad:", sym_op->aead.aad.data, + tdata->aad.len); - output->digest.len = pattern->digest.len; + /* Append IV at the end of the crypto operation*/ + uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op, + uint8_t *, IV_OFFSET); - memcpy(output->digest.data, - &pattern->plaintext.data[pattern->digest.offset_bytes], - pattern->digest.len); + /* Copy IV 1 byte after the IV pointer, according to the API */ + rte_memcpy(iv_ptr + 1, tdata->iv.data, tdata->iv.len); + debug_hexdump(stdout, "iv:", iv_ptr, + tdata->iv.len); + } else { + aad_pad_len = RTE_ALIGN_CEIL(tdata->aad.len, 16); + sym_op->aead.aad.data = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + aad_pad_len); + TEST_ASSERT_NOT_NULL(sym_op->aead.aad.data, + "no room to append aad"); - output->validAuthLenInBits.len = - pattern->validAuthLenInBits.len; + sym_op->aead.aad.phys_addr = + rte_pktmbuf_iova(ut_params->ibuf); + memcpy(sym_op->aead.aad.data, tdata->aad.data, tdata->aad.len); + debug_hexdump(stdout, "aad:", sym_op->aead.aad.data, + tdata->aad.len); + + /* Append IV at the end of the crypto operation*/ + uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op, + uint8_t *, IV_OFFSET); + + if (tdata->iv.len == 0) { + rte_memcpy(iv_ptr, tdata->iv.data, AES_GCM_J0_LENGTH); + debug_hexdump(stdout, "iv:", iv_ptr, + AES_GCM_J0_LENGTH); + } else { + rte_memcpy(iv_ptr, tdata->iv.data, tdata->iv.len); + debug_hexdump(stdout, "iv:", iv_ptr, + tdata->iv.len); + } } -} -/* - * Test case verify computed cipher and digest from snow3g_test_case_7 data. - */ -static int -test_snow3g_decryption_with_digest_test_case_1(void) -{ - struct snow3g_hash_test_data snow3g_hash_data; + /* Append plaintext/ciphertext */ + if (op == RTE_CRYPTO_AEAD_OP_ENCRYPT) { + plaintext_pad_len = RTE_ALIGN_CEIL(tdata->plaintext.len, 16); + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + TEST_ASSERT_NOT_NULL(plaintext, "no room to append plaintext"); - /* - * Function prepare data for hash veryfication test case. - * Digest is allocated in 4 last bytes in plaintext, pattern. - */ - snow3g_hash_test_vector_setup(&snow3g_test_case_7, &snow3g_hash_data); + memcpy(plaintext, tdata->plaintext.data, tdata->plaintext.len); + debug_hexdump(stdout, "plaintext:", plaintext, + tdata->plaintext.len); - return test_snow3g_decryption(&snow3g_test_case_7) & - test_snow3g_authentication_verify(&snow3g_hash_data); -} + if (ut_params->obuf) { + ciphertext = (uint8_t *)rte_pktmbuf_append( + ut_params->obuf, + plaintext_pad_len + aad_pad_len); + TEST_ASSERT_NOT_NULL(ciphertext, + "no room to append ciphertext"); -static int -test_snow3g_cipher_auth_test_case_1(void) -{ - return test_snow3g_cipher_auth(&snow3g_test_case_3); -} + memset(ciphertext + aad_pad_len, 0, + tdata->ciphertext.len); + } + } else { + plaintext_pad_len = RTE_ALIGN_CEIL(tdata->ciphertext.len, 16); + ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_pad_len); + TEST_ASSERT_NOT_NULL(ciphertext, + "no room to append ciphertext"); + + memcpy(ciphertext, tdata->ciphertext.data, + tdata->ciphertext.len); + debug_hexdump(stdout, "ciphertext:", ciphertext, + tdata->ciphertext.len); -static int -test_snow3g_auth_cipher_test_case_1(void) -{ - return test_snow3g_auth_cipher( - &snow3g_auth_cipher_test_case_1, IN_PLACE, 0); -} + if (ut_params->obuf) { + plaintext = (uint8_t *)rte_pktmbuf_append( + ut_params->obuf, + plaintext_pad_len + aad_pad_len); + TEST_ASSERT_NOT_NULL(plaintext, + "no room to append plaintext"); -static int -test_snow3g_auth_cipher_test_case_2(void) -{ - return test_snow3g_auth_cipher( - &snow3g_auth_cipher_test_case_2, IN_PLACE, 0); -} + memset(plaintext + aad_pad_len, 0, + tdata->plaintext.len); + } + } -static int -test_snow3g_auth_cipher_test_case_2_oop(void) -{ - return test_snow3g_auth_cipher( - &snow3g_auth_cipher_test_case_2, OUT_OF_PLACE, 0); -} + /* Append digest data */ + if (op == RTE_CRYPTO_AEAD_OP_ENCRYPT) { + sym_op->aead.digest.data = (uint8_t *)rte_pktmbuf_append( + ut_params->obuf ? ut_params->obuf : + ut_params->ibuf, + tdata->auth_tag.len); + TEST_ASSERT_NOT_NULL(sym_op->aead.digest.data, + "no room to append digest"); + memset(sym_op->aead.digest.data, 0, tdata->auth_tag.len); + sym_op->aead.digest.phys_addr = rte_pktmbuf_iova_offset( + ut_params->obuf ? ut_params->obuf : + ut_params->ibuf, + plaintext_pad_len + + aad_pad_len); + } else { + sym_op->aead.digest.data = (uint8_t *)rte_pktmbuf_append( + ut_params->ibuf, tdata->auth_tag.len); + TEST_ASSERT_NOT_NULL(sym_op->aead.digest.data, + "no room to append digest"); + sym_op->aead.digest.phys_addr = rte_pktmbuf_iova_offset( + ut_params->ibuf, + plaintext_pad_len + aad_pad_len); -static int -test_snow3g_auth_cipher_part_digest_enc(void) -{ - return test_snow3g_auth_cipher( - &snow3g_auth_cipher_partial_digest_encryption, - IN_PLACE, 0); -} + rte_memcpy(sym_op->aead.digest.data, tdata->auth_tag.data, + tdata->auth_tag.len); + debug_hexdump(stdout, "digest:", + sym_op->aead.digest.data, + tdata->auth_tag.len); + } -static int -test_snow3g_auth_cipher_part_digest_enc_oop(void) -{ - return test_snow3g_auth_cipher( - &snow3g_auth_cipher_partial_digest_encryption, - OUT_OF_PLACE, 0); -} + sym_op->aead.data.length = tdata->plaintext.len; + sym_op->aead.data.offset = aad_pad_len; -static int -test_snow3g_auth_cipher_test_case_3_sgl(void) -{ - /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */ - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; - return test_snow3g_auth_cipher_sgl( - &snow3g_auth_cipher_test_case_3, IN_PLACE, 0); + return 0; } static int -test_snow3g_auth_cipher_test_case_3_oop_sgl(void) +test_authenticated_encryption(const struct aead_test_data *tdata) { - return test_snow3g_auth_cipher_sgl( - &snow3g_auth_cipher_test_case_3, OUT_OF_PLACE, 0); -} + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; -static int -test_snow3g_auth_cipher_part_digest_enc_sgl(void) -{ - /* rte_crypto_mbuf_to_vec does not support incomplete mbuf build */ - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; - return test_snow3g_auth_cipher_sgl( - &snow3g_auth_cipher_partial_digest_encryption, - IN_PLACE, 0); -} + int retval; + uint8_t *ciphertext, *auth_tag; + uint16_t plaintext_pad_len; + uint32_t i; + struct rte_cryptodev_info dev_info; -static int -test_snow3g_auth_cipher_part_digest_enc_oop_sgl(void) -{ - return test_snow3g_auth_cipher_sgl( - &snow3g_auth_cipher_partial_digest_encryption, - OUT_OF_PLACE, 0); -} + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; -static int -test_snow3g_auth_cipher_verify_test_case_1(void) -{ - return test_snow3g_auth_cipher( - &snow3g_auth_cipher_test_case_1, IN_PLACE, 1); -} + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device doesn't support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } -static int -test_snow3g_auth_cipher_verify_test_case_2(void) -{ - return test_snow3g_auth_cipher( - &snow3g_auth_cipher_test_case_2, IN_PLACE, 1); -} + /* Verify the capabilities */ + struct rte_cryptodev_sym_capability_idx cap_idx; + const struct rte_cryptodev_symmetric_capability *capability; + cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD; + cap_idx.algo.aead = tdata->algo; + capability = rte_cryptodev_sym_capability_get( + ts_params->valid_devs[0], &cap_idx); + if (capability == NULL) + return TEST_SKIPPED; + if (rte_cryptodev_sym_capability_check_aead( + capability, tdata->key.len, tdata->auth_tag.len, + tdata->aad.len, tdata->iv.len)) + return TEST_SKIPPED; -static int -test_snow3g_auth_cipher_verify_test_case_2_oop(void) -{ - return test_snow3g_auth_cipher( - &snow3g_auth_cipher_test_case_2, OUT_OF_PLACE, 1); -} + /* Create AEAD session */ + retval = create_aead_session(ts_params->valid_devs[0], + tdata->algo, + RTE_CRYPTO_AEAD_OP_ENCRYPT, + tdata->key.data, tdata->key.len, + tdata->aad.len, tdata->auth_tag.len, + tdata->iv.len); + if (retval < 0) + return retval; -static int -test_snow3g_auth_cipher_verify_part_digest_enc(void) -{ - return test_snow3g_auth_cipher( - &snow3g_auth_cipher_partial_digest_encryption, - IN_PLACE, 1); -} + if (tdata->aad.len > MBUF_SIZE) { + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->large_mbuf_pool); + /* Populate full size of add data */ + for (i = 32; i < MAX_AAD_LENGTH; i += 32) + memcpy(&tdata->aad.data[i], &tdata->aad.data[0], 32); + } else + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); -static int -test_snow3g_auth_cipher_verify_part_digest_enc_oop(void) -{ - return test_snow3g_auth_cipher( - &snow3g_auth_cipher_partial_digest_encryption, - OUT_OF_PLACE, 1); -} + /* clear mbuf payload */ + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); -static int -test_snow3g_auth_cipher_verify_test_case_3_sgl(void) -{ - return test_snow3g_auth_cipher_sgl( - &snow3g_auth_cipher_test_case_3, IN_PLACE, 1); -} + /* Create AEAD operation */ + retval = create_aead_operation(RTE_CRYPTO_AEAD_OP_ENCRYPT, tdata); + if (retval < 0) + return retval; -static int -test_snow3g_auth_cipher_verify_test_case_3_oop_sgl(void) -{ - return test_snow3g_auth_cipher_sgl( - &snow3g_auth_cipher_test_case_3, OUT_OF_PLACE, 1); -} + rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); -static int -test_snow3g_auth_cipher_verify_part_digest_enc_sgl(void) -{ - return test_snow3g_auth_cipher_sgl( - &snow3g_auth_cipher_partial_digest_encryption, - IN_PLACE, 1); -} + ut_params->op->sym->m_src = ut_params->ibuf; -static int -test_snow3g_auth_cipher_verify_part_digest_enc_oop_sgl(void) -{ - return test_snow3g_auth_cipher_sgl( - &snow3g_auth_cipher_partial_digest_encryption, - OUT_OF_PLACE, 1); -} + /* Process crypto operation */ + if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) + process_cpu_aead_op(ts_params->valid_devs[0], ut_params->op); + else if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 0, 0, 0, 0); + else + TEST_ASSERT_NOT_NULL( + process_crypto_request(ts_params->valid_devs[0], + ut_params->op), "failed to process sym crypto op"); -static int -test_snow3g_auth_cipher_with_digest_test_case_1(void) -{ - return test_snow3g_auth_cipher( - &snow3g_test_case_7, IN_PLACE, 0); -} + TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, + "crypto op processing failed"); -static int -test_kasumi_auth_cipher_test_case_1(void) -{ - return test_kasumi_auth_cipher( - &kasumi_test_case_3, IN_PLACE, 0); -} + plaintext_pad_len = RTE_ALIGN_CEIL(tdata->plaintext.len, 16); -static int -test_kasumi_auth_cipher_test_case_2(void) -{ - return test_kasumi_auth_cipher( - &kasumi_auth_cipher_test_case_2, IN_PLACE, 0); -} + if (ut_params->op->sym->m_dst) { + ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_dst, + uint8_t *); + auth_tag = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_dst, + uint8_t *, plaintext_pad_len); + } else { + ciphertext = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_src, + uint8_t *, + ut_params->op->sym->cipher.data.offset); + auth_tag = ciphertext + plaintext_pad_len; + } -static int -test_kasumi_auth_cipher_test_case_2_oop(void) -{ - return test_kasumi_auth_cipher( - &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 0); -} + debug_hexdump(stdout, "ciphertext:", ciphertext, tdata->ciphertext.len); + debug_hexdump(stdout, "auth tag:", auth_tag, tdata->auth_tag.len); -static int -test_kasumi_auth_cipher_test_case_2_sgl(void) -{ - return test_kasumi_auth_cipher_sgl( - &kasumi_auth_cipher_test_case_2, IN_PLACE, 0); -} + /* Validate obuf */ + TEST_ASSERT_BUFFERS_ARE_EQUAL( + ciphertext, + tdata->ciphertext.data, + tdata->ciphertext.len, + "Ciphertext data not as expected"); -static int -test_kasumi_auth_cipher_test_case_2_oop_sgl(void) -{ - return test_kasumi_auth_cipher_sgl( - &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 0); -} + TEST_ASSERT_BUFFERS_ARE_EQUAL( + auth_tag, + tdata->auth_tag.data, + tdata->auth_tag.len, + "Generated auth tag not as expected"); -static int -test_kasumi_auth_cipher_verify_test_case_1(void) -{ - return test_kasumi_auth_cipher( - &kasumi_test_case_3, IN_PLACE, 1); -} + return 0; -static int -test_kasumi_auth_cipher_verify_test_case_2(void) -{ - return test_kasumi_auth_cipher( - &kasumi_auth_cipher_test_case_2, IN_PLACE, 1); } +#ifdef RTE_LIB_SECURITY static int -test_kasumi_auth_cipher_verify_test_case_2_oop(void) +security_proto_supported(enum rte_security_session_action_type action, + enum rte_security_session_protocol proto) { - return test_kasumi_auth_cipher( - &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 1); -} + struct crypto_testsuite_params *ts_params = &testsuite_params; -static int -test_kasumi_auth_cipher_verify_test_case_2_sgl(void) -{ - return test_kasumi_auth_cipher_sgl( - &kasumi_auth_cipher_test_case_2, IN_PLACE, 1); -} + const struct rte_security_capability *capabilities; + const struct rte_security_capability *capability; + uint16_t i = 0; -static int -test_kasumi_auth_cipher_verify_test_case_2_oop_sgl(void) -{ - return test_kasumi_auth_cipher_sgl( - &kasumi_auth_cipher_test_case_2, OUT_OF_PLACE, 1); -} + struct rte_security_ctx *ctx = (struct rte_security_ctx *) + rte_cryptodev_get_sec_ctx( + ts_params->valid_devs[0]); -static int -test_kasumi_cipher_auth_test_case_1(void) -{ - return test_kasumi_cipher_auth(&kasumi_test_case_6); -} -static int -test_zuc_encryption_test_case_1(void) -{ - return test_zuc_encryption(&zuc_test_case_cipher_193b); -} + capabilities = rte_security_capabilities_get(ctx); -static int -test_zuc_encryption_test_case_2(void) -{ - return test_zuc_encryption(&zuc_test_case_cipher_800b); -} + if (capabilities == NULL) + return -ENOTSUP; -static int -test_zuc_encryption_test_case_3(void) -{ - return test_zuc_encryption(&zuc_test_case_cipher_1570b); -} + while ((capability = &capabilities[i++])->action != + RTE_SECURITY_ACTION_TYPE_NONE) { + if (capability->action == action && + capability->protocol == proto) + return 0; + } -static int -test_zuc_encryption_test_case_4(void) -{ - return test_zuc_encryption(&zuc_test_case_cipher_2798b); + return -ENOTSUP; } -static int -test_zuc_encryption_test_case_5(void) +/* Basic algorithm run function for async inplace mode. + * Creates a session from input parameters and runs one operation + * on input_vec. Checks the output of the crypto operation against + * output_vec. + */ +static int test_pdcp_proto(int i, int oop, enum rte_crypto_cipher_operation opc, + enum rte_crypto_auth_operation opa, + const uint8_t *input_vec, unsigned int input_vec_len, + const uint8_t *output_vec, + unsigned int output_vec_len, + enum rte_crypto_cipher_algorithm cipher_alg, + const uint8_t *cipher_key, uint32_t cipher_key_len, + enum rte_crypto_auth_algorithm auth_alg, + const uint8_t *auth_key, uint32_t auth_key_len, + uint8_t bearer, enum rte_security_pdcp_domain domain, + uint8_t packet_direction, uint8_t sn_size, + uint32_t hfn, uint32_t hfn_threshold, uint8_t sdap) { - return test_zuc_encryption(&zuc_test_case_cipher_4019b); -} + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + uint8_t *plaintext; + int ret = TEST_SUCCESS; + struct rte_security_ctx *ctx = (struct rte_security_ctx *) + rte_cryptodev_get_sec_ctx( + ts_params->valid_devs[0]); -static int -test_zuc_encryption_test_case_6_sgl(void) -{ - return test_zuc_encryption_sgl(&zuc_test_case_cipher_193b); -} + /* Verify the capabilities */ + struct rte_security_capability_idx sec_cap_idx; -static int -test_zuc_hash_generate_test_case_1(void) -{ - return test_zuc_authentication(&zuc_test_case_auth_1b); -} + sec_cap_idx.action = ut_params->type; + sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_PDCP; + sec_cap_idx.pdcp.domain = domain; + if (rte_security_capability_get(ctx, &sec_cap_idx) == NULL) + return TEST_SKIPPED; -static int -test_zuc_hash_generate_test_case_2(void) -{ - return test_zuc_authentication(&zuc_test_case_auth_90b); -} + /* Generate test mbuf data */ + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); -static int -test_zuc_hash_generate_test_case_3(void) -{ - return test_zuc_authentication(&zuc_test_case_auth_577b); -} + /* clear mbuf payload */ + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); -static int -test_zuc_hash_generate_test_case_4(void) -{ - return test_zuc_authentication(&zuc_test_case_auth_2079b); -} + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + input_vec_len); + memcpy(plaintext, input_vec, input_vec_len); -static int -test_zuc_hash_generate_test_case_5(void) -{ - return test_zuc_authentication(&zuc_test_auth_5670b); -} + /* Out of place support */ + if (oop) { + /* + * For out-op-place we need to alloc another mbuf + */ + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + rte_pktmbuf_append(ut_params->obuf, output_vec_len); + } -static int -test_zuc_hash_generate_test_case_6(void) -{ - return test_zuc_authentication(&zuc_test_case_auth_128b); -} + /* Setup Cipher Parameters */ + ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + ut_params->cipher_xform.cipher.algo = cipher_alg; + ut_params->cipher_xform.cipher.op = opc; + ut_params->cipher_xform.cipher.key.data = cipher_key; + ut_params->cipher_xform.cipher.key.length = cipher_key_len; + ut_params->cipher_xform.cipher.iv.length = + packet_direction ? 4 : 0; + ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; -static int -test_zuc_hash_generate_test_case_7(void) -{ - return test_zuc_authentication(&zuc_test_case_auth_2080b); -} + /* Setup HMAC Parameters if ICV header is required */ + if (auth_alg != 0) { + ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; + ut_params->auth_xform.next = NULL; + ut_params->auth_xform.auth.algo = auth_alg; + ut_params->auth_xform.auth.op = opa; + ut_params->auth_xform.auth.key.data = auth_key; + ut_params->auth_xform.auth.key.length = auth_key_len; -static int -test_zuc_hash_generate_test_case_8(void) -{ - return test_zuc_authentication(&zuc_test_case_auth_584b); -} + ut_params->cipher_xform.next = &ut_params->auth_xform; + } else { + ut_params->cipher_xform.next = NULL; + } -static int -test_zuc_cipher_auth_test_case_1(void) -{ - return test_zuc_cipher_auth(&zuc_test_case_cipher_200b_auth_200b); -} + struct rte_security_session_conf sess_conf = { + .action_type = ut_params->type, + .protocol = RTE_SECURITY_PROTOCOL_PDCP, + {.pdcp = { + .bearer = bearer, + .domain = domain, + .pkt_dir = packet_direction, + .sn_size = sn_size, + .hfn = packet_direction ? 0 : hfn, + /** + * hfn can be set as pdcp_test_hfn[i] + * if hfn_ovrd is not set. Here, PDCP + * packet direction is just used to + * run half of the cases with session + * HFN and other half with per packet + * HFN. + */ + .hfn_threshold = hfn_threshold, + .hfn_ovrd = packet_direction ? 1 : 0, + .sdap_enabled = sdap, + } }, + .crypto_xform = &ut_params->cipher_xform + }; -static int -test_zuc_cipher_auth_test_case_2(void) -{ - return test_zuc_cipher_auth(&zuc_test_case_cipher_800b_auth_120b); -} + /* Create security session */ + ut_params->sec_session = rte_security_session_create(ctx, + &sess_conf, ts_params->session_mpool, + ts_params->session_priv_mpool); -static int -test_zuc_auth_cipher_test_case_1(void) -{ - return test_zuc_auth_cipher( - &zuc_auth_cipher_test_case_1, IN_PLACE, 0); -} + if (!ut_params->sec_session) { + printf("TestCase %s()-%d line %d failed %s: ", + __func__, i, __LINE__, "Failed to allocate session"); + ret = TEST_FAILED; + goto on_err; + } -static int -test_zuc_auth_cipher_test_case_1_oop(void) -{ - return test_zuc_auth_cipher( - &zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 0); -} + /* Generate crypto op data structure */ + ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, + RTE_CRYPTO_OP_TYPE_SYMMETRIC); + if (!ut_params->op) { + printf("TestCase %s()-%d line %d failed %s: ", + __func__, i, __LINE__, + "Failed to allocate symmetric crypto operation struct"); + ret = TEST_FAILED; + goto on_err; + } -static int -test_zuc_auth_cipher_test_case_1_sgl(void) -{ - return test_zuc_auth_cipher_sgl( - &zuc_auth_cipher_test_case_1, IN_PLACE, 0); -} + uint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ut_params->op, + uint32_t *, IV_OFFSET); + *per_pkt_hfn = packet_direction ? hfn : 0; -static int -test_zuc_auth_cipher_test_case_1_oop_sgl(void) -{ - return test_zuc_auth_cipher_sgl( - &zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 0); -} + rte_security_attach_session(ut_params->op, ut_params->sec_session); -static int -test_zuc_auth_cipher_verify_test_case_1(void) -{ - return test_zuc_auth_cipher( - &zuc_auth_cipher_test_case_1, IN_PLACE, 1); -} + /* set crypto operation source mbuf */ + ut_params->op->sym->m_src = ut_params->ibuf; + if (oop) + ut_params->op->sym->m_dst = ut_params->obuf; -static int -test_zuc_auth_cipher_verify_test_case_1_oop(void) -{ - return test_zuc_auth_cipher( - &zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 1); -} + /* Process crypto operation */ + if (process_crypto_request(ts_params->valid_devs[0], ut_params->op) + == NULL) { + printf("TestCase %s()-%d line %d failed %s: ", + __func__, i, __LINE__, + "failed to process sym crypto op"); + ret = TEST_FAILED; + goto on_err; + } -static int -test_zuc_auth_cipher_verify_test_case_1_sgl(void) -{ - return test_zuc_auth_cipher_sgl( - &zuc_auth_cipher_test_case_1, IN_PLACE, 1); -} + if (ut_params->op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) { + printf("TestCase %s()-%d line %d failed %s: ", + __func__, i, __LINE__, "crypto op processing failed"); + ret = TEST_FAILED; + goto on_err; + } -static int -test_zuc_auth_cipher_verify_test_case_1_oop_sgl(void) -{ - return test_zuc_auth_cipher_sgl( - &zuc_auth_cipher_test_case_1, OUT_OF_PLACE, 1); -} + /* Validate obuf */ + uint8_t *ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_src, + uint8_t *); + if (oop) { + ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_dst, + uint8_t *); + } -static int -test_mixed_check_if_unsupported(const struct mixed_cipher_auth_test_data *tdata) -{ - uint8_t dev_id = testsuite_params.valid_devs[0]; + if (memcmp(ciphertext, output_vec, output_vec_len)) { + printf("\n=======PDCP TestCase #%d failed: Data Mismatch ", i); + rte_hexdump(stdout, "encrypted", ciphertext, output_vec_len); + rte_hexdump(stdout, "reference", output_vec, output_vec_len); + ret = TEST_FAILED; + goto on_err; + } - struct rte_cryptodev_sym_capability_idx cap_idx; +on_err: + rte_crypto_op_free(ut_params->op); + ut_params->op = NULL; - /* Check if device supports particular cipher algorithm */ - cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - cap_idx.algo.cipher = tdata->cipher_algo; - if (rte_cryptodev_sym_capability_get(dev_id, &cap_idx) == NULL) - return -ENOTSUP; + if (ut_params->sec_session) + rte_security_session_destroy(ctx, ut_params->sec_session); + ut_params->sec_session = NULL; - /* Check if device supports particular hash algorithm */ - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH; - cap_idx.algo.auth = tdata->auth_algo; - if (rte_cryptodev_sym_capability_get(dev_id, &cap_idx) == NULL) - return -ENOTSUP; + rte_pktmbuf_free(ut_params->ibuf); + ut_params->ibuf = NULL; + if (oop) { + rte_pktmbuf_free(ut_params->obuf); + ut_params->obuf = NULL; + } - return 0; + return ret; } static int -test_mixed_auth_cipher(const struct mixed_cipher_auth_test_data *tdata, - uint8_t op_mode, uint8_t verify) +test_pdcp_proto_SGL(int i, int oop, + enum rte_crypto_cipher_operation opc, + enum rte_crypto_auth_operation opa, + uint8_t *input_vec, + unsigned int input_vec_len, + uint8_t *output_vec, + unsigned int output_vec_len, + uint32_t fragsz, + uint32_t fragsz_oop) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - - int retval; - - uint8_t *plaintext = NULL, *ciphertext = NULL; - unsigned int plaintext_pad_len; - unsigned int plaintext_len; - unsigned int ciphertext_pad_len; - unsigned int ciphertext_len; - + uint8_t *plaintext; + struct rte_mbuf *buf, *buf_oop = NULL; + int ret = TEST_SUCCESS; + int to_trn = 0; + int to_trn_tbl[16]; + int segs = 1; + unsigned int trn_data = 0; struct rte_cryptodev_info dev_info; - - /* Check if device supports particular algorithms separately */ - if (test_mixed_check_if_unsupported(tdata)) - return -ENOTSUP; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + uint64_t feat_flags; + struct rte_security_ctx *ctx = (struct rte_security_ctx *) + rte_cryptodev_get_sec_ctx( + ts_params->valid_devs[0]); + struct rte_mbuf *temp_mbuf; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + feat_flags = dev_info.feature_flags; - uint64_t feat_flags = dev_info.feature_flags; - - if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { - printf("Device doesn't support digest encrypted.\n"); - return -ENOTSUP; - } - - if (op_mode == OUT_OF_PLACE) + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device does not support RAW data-path APIs.\n"); return -ENOTSUP; - - /* Create the session */ - if (verify) - retval = create_wireless_algo_cipher_auth_session( - ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_DECRYPT, - RTE_CRYPTO_AUTH_OP_VERIFY, - tdata->auth_algo, - tdata->cipher_algo, - tdata->auth_key.data, tdata->auth_key.len, - tdata->auth_iv.len, tdata->digest_enc.len, - tdata->cipher_iv.len); - else - retval = create_wireless_algo_auth_cipher_session( - ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, - tdata->auth_algo, - tdata->cipher_algo, - tdata->auth_key.data, tdata->auth_key.len, - tdata->auth_iv.len, tdata->digest_enc.len, - tdata->cipher_iv.len); - if (retval < 0) - return retval; - - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - if (op_mode == OUT_OF_PLACE) - ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - - /* clear mbuf payload */ - memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); - if (op_mode == OUT_OF_PLACE) { - - memset(rte_pktmbuf_mtod(ut_params->obuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->obuf)); } + /* Verify the capabilities */ + struct rte_security_capability_idx sec_cap_idx; - ciphertext_len = ceil_byte_length(tdata->ciphertext.len_bits); - plaintext_len = ceil_byte_length(tdata->plaintext.len_bits); - ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + sec_cap_idx.action = ut_params->type; + sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_PDCP; + sec_cap_idx.pdcp.domain = pdcp_test_params[i].domain; + if (rte_security_capability_get(ctx, &sec_cap_idx) == NULL) + return TEST_SKIPPED; - if (verify) { - ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - ciphertext_pad_len); - memcpy(ciphertext, tdata->ciphertext.data, ciphertext_len); - if (op_mode == OUT_OF_PLACE) - rte_pktmbuf_append(ut_params->obuf, ciphertext_pad_len); - debug_hexdump(stdout, "ciphertext:", ciphertext, - ciphertext_len); - } else { - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - memcpy(plaintext, tdata->plaintext.data, plaintext_len); - if (op_mode == OUT_OF_PLACE) - rte_pktmbuf_append(ut_params->obuf, plaintext_pad_len); - debug_hexdump(stdout, "plaintext:", plaintext, plaintext_len); - } + if (fragsz > input_vec_len) + fragsz = input_vec_len; - /* Create the operation */ - retval = create_wireless_algo_auth_cipher_operation( - tdata->digest_enc.data, tdata->digest_enc.len, - tdata->cipher_iv.data, tdata->cipher_iv.len, - tdata->auth_iv.data, tdata->auth_iv.len, - (tdata->digest_enc.offset == 0 ? - plaintext_pad_len - : tdata->digest_enc.offset), - tdata->validCipherLen.len_bits, - tdata->cipher.offset_bits, - tdata->validAuthLen.len_bits, - tdata->auth.offset_bits, - op_mode, 0, verify); + uint16_t plaintext_len = fragsz; + uint16_t frag_size_oop = fragsz_oop ? fragsz_oop : fragsz; - if (retval < 0) - return retval; + if (fragsz_oop > output_vec_len) + frag_size_oop = output_vec_len; - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + int ecx = 0; + if (input_vec_len % fragsz != 0) { + if (input_vec_len / fragsz + 1 > 16) + return 1; + } else if (input_vec_len / fragsz > 16) + return 1; - /* Check if the op failed because the device doesn't */ - /* support this particular combination of algorithms */ - if (ut_params->op == NULL && ut_params->op->status == - RTE_CRYPTO_OP_STATUS_INVALID_SESSION) { - printf("Device doesn't support this mixed combination. " - "Test Skipped.\n"); - return -ENOTSUP; + /* Out of place support */ + if (oop) { + /* + * For out-op-place we need to alloc another mbuf + */ + ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + rte_pktmbuf_append(ut_params->obuf, frag_size_oop); + buf_oop = ut_params->obuf; } - TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); - - ut_params->obuf = (op_mode == IN_PLACE ? - ut_params->op->sym->m_src : ut_params->op->sym->m_dst); + /* Generate test mbuf data */ + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - if (verify) { - if (ut_params->obuf) - plaintext = rte_pktmbuf_mtod(ut_params->obuf, - uint8_t *); - else - plaintext = ciphertext + - (tdata->cipher.offset_bits >> 3); + /* clear mbuf payload */ + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); - debug_hexdump(stdout, "plaintext:", plaintext, - tdata->plaintext.len_bits >> 3); - debug_hexdump(stdout, "plaintext expected:", - tdata->plaintext.data, - tdata->plaintext.len_bits >> 3); - } else { - if (ut_params->obuf) - ciphertext = rte_pktmbuf_mtod(ut_params->obuf, - uint8_t *); - else - ciphertext = plaintext; + plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + plaintext_len); + memcpy(plaintext, input_vec, plaintext_len); + trn_data += plaintext_len; - debug_hexdump(stdout, "ciphertext:", ciphertext, - ciphertext_len); - debug_hexdump(stdout, "ciphertext expected:", - tdata->ciphertext.data, - tdata->ciphertext.len_bits >> 3); + buf = ut_params->ibuf; - ut_params->digest = rte_pktmbuf_mtod(ut_params->obuf, uint8_t *) - + (tdata->digest_enc.offset == 0 ? - plaintext_pad_len : tdata->digest_enc.offset); + /* + * Loop until no more fragments + */ - debug_hexdump(stdout, "digest:", ut_params->digest, - tdata->digest_enc.len); - debug_hexdump(stdout, "digest expected:", - tdata->digest_enc.data, - tdata->digest_enc.len); - } + while (trn_data < input_vec_len) { + ++segs; + to_trn = (input_vec_len - trn_data < fragsz) ? + (input_vec_len - trn_data) : fragsz; - /* Validate obuf */ - if (verify) { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - plaintext, - tdata->plaintext.data, - tdata->plaintext.len_bits >> 3, - "Plaintext data not as expected"); - } else { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLen.len_bits, - "Ciphertext data not as expected"); + to_trn_tbl[ecx++] = to_trn; - TEST_ASSERT_BUFFERS_ARE_EQUAL( - ut_params->digest, - tdata->digest_enc.data, - DIGEST_BYTE_LENGTH_SNOW3G_UIA2, - "Generated auth tag not as expected"); - } + buf->next = rte_pktmbuf_alloc(ts_params->mbuf_pool); + buf = buf->next; - TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, - "crypto op processing failed"); + memset(rte_pktmbuf_mtod(buf, uint8_t *), 0, + rte_pktmbuf_tailroom(buf)); - return 0; -} + /* OOP */ + if (oop && !fragsz_oop) { + buf_oop->next = + rte_pktmbuf_alloc(ts_params->mbuf_pool); + buf_oop = buf_oop->next; + memset(rte_pktmbuf_mtod(buf_oop, uint8_t *), + 0, rte_pktmbuf_tailroom(buf_oop)); + rte_pktmbuf_append(buf_oop, to_trn); + } -static int -test_mixed_auth_cipher_sgl(const struct mixed_cipher_auth_test_data *tdata, - uint8_t op_mode, uint8_t verify) -{ - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; + plaintext = (uint8_t *)rte_pktmbuf_append(buf, + to_trn); - int retval; + memcpy(plaintext, input_vec + trn_data, to_trn); + trn_data += to_trn; + } - const uint8_t *plaintext = NULL; - const uint8_t *ciphertext = NULL; - const uint8_t *digest = NULL; - unsigned int plaintext_pad_len; - unsigned int plaintext_len; - unsigned int ciphertext_pad_len; - unsigned int ciphertext_len; - uint8_t buffer[10000]; - uint8_t digest_buffer[10000]; + ut_params->ibuf->nb_segs = segs; - struct rte_cryptodev_info dev_info; + segs = 1; + if (fragsz_oop && oop) { + to_trn = 0; + ecx = 0; - /* Check if device supports particular algorithms */ - if (test_mixed_check_if_unsupported(tdata)) - return -ENOTSUP; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + trn_data = frag_size_oop; + while (trn_data < output_vec_len) { + ++segs; + to_trn = + (output_vec_len - trn_data < + frag_size_oop) ? + (output_vec_len - trn_data) : + frag_size_oop; - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + to_trn_tbl[ecx++] = to_trn; - uint64_t feat_flags = dev_info.feature_flags; + buf_oop->next = + rte_pktmbuf_alloc(ts_params->mbuf_pool); + buf_oop = buf_oop->next; + memset(rte_pktmbuf_mtod(buf_oop, uint8_t *), + 0, rte_pktmbuf_tailroom(buf_oop)); + rte_pktmbuf_append(buf_oop, to_trn); - if (op_mode == IN_PLACE) { - if (!(feat_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) { - printf("Device doesn't support in-place scatter-gather " - "in both input and output mbufs.\n"); - return -ENOTSUP; - } - } else { - if (!(feat_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) { - printf("Device doesn't support out-of-place scatter-gather " - "in both input and output mbufs.\n"); - return -ENOTSUP; - } - if (!(feat_flags & RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED)) { - printf("Device doesn't support digest encrypted.\n"); - return -ENOTSUP; + trn_data += to_trn; } + ut_params->obuf->nb_segs = segs; } - /* Create the session */ - if (verify) - retval = create_wireless_algo_cipher_auth_session( - ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_DECRYPT, - RTE_CRYPTO_AUTH_OP_VERIFY, - tdata->auth_algo, - tdata->cipher_algo, - tdata->auth_key.data, tdata->auth_key.len, - tdata->auth_iv.len, tdata->digest_enc.len, - tdata->cipher_iv.len); - else - retval = create_wireless_algo_auth_cipher_session( - ts_params->valid_devs[0], - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, - tdata->auth_algo, - tdata->cipher_algo, - tdata->auth_key.data, tdata->auth_key.len, - tdata->auth_iv.len, tdata->digest_enc.len, - tdata->cipher_iv.len); - if (retval < 0) - return retval; + /* Setup Cipher Parameters */ + ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; + ut_params->cipher_xform.cipher.algo = pdcp_test_params[i].cipher_alg; + ut_params->cipher_xform.cipher.op = opc; + ut_params->cipher_xform.cipher.key.data = pdcp_test_crypto_key[i]; + ut_params->cipher_xform.cipher.key.length = + pdcp_test_params[i].cipher_key_len; + ut_params->cipher_xform.cipher.iv.length = 0; - ciphertext_len = ceil_byte_length(tdata->ciphertext.len_bits); - plaintext_len = ceil_byte_length(tdata->plaintext.len_bits); - ciphertext_pad_len = RTE_ALIGN_CEIL(ciphertext_len, 16); - plaintext_pad_len = RTE_ALIGN_CEIL(plaintext_len, 16); + /* Setup HMAC Parameters if ICV header is required */ + if (pdcp_test_params[i].auth_alg != 0) { + ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; + ut_params->auth_xform.next = NULL; + ut_params->auth_xform.auth.algo = pdcp_test_params[i].auth_alg; + ut_params->auth_xform.auth.op = opa; + ut_params->auth_xform.auth.key.data = pdcp_test_auth_key[i]; + ut_params->auth_xform.auth.key.length = + pdcp_test_params[i].auth_key_len; - ut_params->ibuf = create_segmented_mbuf(ts_params->mbuf_pool, - ciphertext_pad_len, 15, 0); - TEST_ASSERT_NOT_NULL(ut_params->ibuf, - "Failed to allocate input buffer in mempool"); + ut_params->cipher_xform.next = &ut_params->auth_xform; + } else { + ut_params->cipher_xform.next = NULL; + } - if (op_mode == OUT_OF_PLACE) { - ut_params->obuf = create_segmented_mbuf(ts_params->mbuf_pool, - plaintext_pad_len, 15, 0); - TEST_ASSERT_NOT_NULL(ut_params->obuf, - "Failed to allocate output buffer in mempool"); + struct rte_security_session_conf sess_conf = { + .action_type = ut_params->type, + .protocol = RTE_SECURITY_PROTOCOL_PDCP, + {.pdcp = { + .bearer = pdcp_test_bearer[i], + .domain = pdcp_test_params[i].domain, + .pkt_dir = pdcp_test_packet_direction[i], + .sn_size = pdcp_test_data_sn_size[i], + .hfn = pdcp_test_hfn[i], + .hfn_threshold = pdcp_test_hfn_threshold[i], + .hfn_ovrd = 0, + } }, + .crypto_xform = &ut_params->cipher_xform + }; + + /* Create security session */ + ut_params->sec_session = rte_security_session_create(ctx, + &sess_conf, ts_params->session_mpool, + ts_params->session_priv_mpool); + + if (!ut_params->sec_session) { + printf("TestCase %s()-%d line %d failed %s: ", + __func__, i, __LINE__, "Failed to allocate session"); + ret = TEST_FAILED; + goto on_err; } - if (verify) { - pktmbuf_write(ut_params->ibuf, 0, ciphertext_len, - tdata->ciphertext.data); - ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, - ciphertext_len, buffer); - debug_hexdump(stdout, "ciphertext:", ciphertext, - ciphertext_len); - } else { - pktmbuf_write(ut_params->ibuf, 0, plaintext_len, - tdata->plaintext.data); - plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, - plaintext_len, buffer); - debug_hexdump(stdout, "plaintext:", plaintext, - plaintext_len); + /* Generate crypto op data structure */ + ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, + RTE_CRYPTO_OP_TYPE_SYMMETRIC); + if (!ut_params->op) { + printf("TestCase %s()-%d line %d failed %s: ", + __func__, i, __LINE__, + "Failed to allocate symmetric crypto operation struct"); + ret = TEST_FAILED; + goto on_err; } - memset(buffer, 0, sizeof(buffer)); - - /* Create the operation */ - retval = create_wireless_algo_auth_cipher_operation( - tdata->digest_enc.data, tdata->digest_enc.len, - tdata->cipher_iv.data, tdata->cipher_iv.len, - tdata->auth_iv.data, tdata->auth_iv.len, - (tdata->digest_enc.offset == 0 ? - plaintext_pad_len - : tdata->digest_enc.offset), - tdata->validCipherLen.len_bits, - tdata->cipher.offset_bits, - tdata->validAuthLen.len_bits, - tdata->auth.offset_bits, - op_mode, 1, verify); - if (retval < 0) - return retval; + rte_security_attach_session(ut_params->op, ut_params->sec_session); - ut_params->op = process_crypto_request(ts_params->valid_devs[0], - ut_params->op); + /* set crypto operation source mbuf */ + ut_params->op->sym->m_src = ut_params->ibuf; + if (oop) + ut_params->op->sym->m_dst = ut_params->obuf; - /* Check if the op failed because the device doesn't */ - /* support this particular combination of algorithms */ - if (ut_params->op == NULL && ut_params->op->status == - RTE_CRYPTO_OP_STATUS_INVALID_SESSION) { - printf("Device doesn't support this mixed combination. " - "Test Skipped.\n"); - return -ENOTSUP; + /* Process crypto operation */ + temp_mbuf = ut_params->op->sym->m_src; + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) { + /* filling lengths */ + while (temp_mbuf) { + ut_params->op->sym->cipher.data.length + += temp_mbuf->pkt_len; + ut_params->op->sym->auth.data.length + += temp_mbuf->pkt_len; + temp_mbuf = temp_mbuf->next; + } + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 1, 1, 0, 0); + } else { + ut_params->op = process_crypto_request(ts_params->valid_devs[0], + ut_params->op); + } + if (ut_params->op == NULL) { + printf("TestCase %s()-%d line %d failed %s: ", + __func__, i, __LINE__, + "failed to process sym crypto op"); + ret = TEST_FAILED; + goto on_err; } - TEST_ASSERT_NOT_NULL(ut_params->op, "failed to retrieve obuf"); + if (ut_params->op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) { + printf("TestCase %s()-%d line %d failed %s: ", + __func__, i, __LINE__, "crypto op processing failed"); + ret = TEST_FAILED; + goto on_err; + } - ut_params->obuf = (op_mode == IN_PLACE ? - ut_params->op->sym->m_src : ut_params->op->sym->m_dst); + /* Validate obuf */ + uint8_t *ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_src, + uint8_t *); + if (oop) { + ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_dst, + uint8_t *); + } + if (fragsz_oop) + fragsz = frag_size_oop; + if (memcmp(ciphertext, output_vec, fragsz)) { + printf("\n=======PDCP TestCase #%d failed: Data Mismatch ", i); + rte_hexdump(stdout, "encrypted", ciphertext, fragsz); + rte_hexdump(stdout, "reference", output_vec, fragsz); + ret = TEST_FAILED; + goto on_err; + } - if (verify) { - if (ut_params->obuf) - plaintext = rte_pktmbuf_read(ut_params->obuf, 0, - plaintext_len, buffer); - else - plaintext = rte_pktmbuf_read(ut_params->ibuf, 0, - plaintext_len, buffer); + buf = ut_params->op->sym->m_src->next; + if (oop) + buf = ut_params->op->sym->m_dst->next; - debug_hexdump(stdout, "plaintext:", plaintext, - (tdata->plaintext.len_bits >> 3) - - tdata->digest_enc.len); - debug_hexdump(stdout, "plaintext expected:", - tdata->plaintext.data, - (tdata->plaintext.len_bits >> 3) - - tdata->digest_enc.len); - } else { - if (ut_params->obuf) - ciphertext = rte_pktmbuf_read(ut_params->obuf, 0, - ciphertext_len, buffer); - else - ciphertext = rte_pktmbuf_read(ut_params->ibuf, 0, - ciphertext_len, buffer); + unsigned int off = fragsz; - debug_hexdump(stdout, "ciphertext:", ciphertext, - ciphertext_len); - debug_hexdump(stdout, "ciphertext expected:", - tdata->ciphertext.data, - tdata->ciphertext.len_bits >> 3); + ecx = 0; + while (buf) { + ciphertext = rte_pktmbuf_mtod(buf, + uint8_t *); + if (memcmp(ciphertext, output_vec + off, to_trn_tbl[ecx])) { + printf("\n=======PDCP TestCase #%d failed: Data Mismatch ", i); + rte_hexdump(stdout, "encrypted", ciphertext, to_trn_tbl[ecx]); + rte_hexdump(stdout, "reference", output_vec + off, + to_trn_tbl[ecx]); + ret = TEST_FAILED; + goto on_err; + } + off += to_trn_tbl[ecx++]; + buf = buf->next; + } +on_err: + rte_crypto_op_free(ut_params->op); + ut_params->op = NULL; - if (ut_params->obuf) - digest = rte_pktmbuf_read(ut_params->obuf, - (tdata->digest_enc.offset == 0 ? - plaintext_pad_len : - tdata->digest_enc.offset), - tdata->digest_enc.len, digest_buffer); - else - digest = rte_pktmbuf_read(ut_params->ibuf, - (tdata->digest_enc.offset == 0 ? - plaintext_pad_len : - tdata->digest_enc.offset), - tdata->digest_enc.len, digest_buffer); + if (ut_params->sec_session) + rte_security_session_destroy(ctx, ut_params->sec_session); + ut_params->sec_session = NULL; - debug_hexdump(stdout, "digest:", digest, - tdata->digest_enc.len); - debug_hexdump(stdout, "digest expected:", - tdata->digest_enc.data, tdata->digest_enc.len); + rte_pktmbuf_free(ut_params->ibuf); + ut_params->ibuf = NULL; + if (oop) { + rte_pktmbuf_free(ut_params->obuf); + ut_params->obuf = NULL; } - /* Validate obuf */ - if (verify) { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - plaintext, - tdata->plaintext.data, - tdata->plaintext.len_bits >> 3, - "Plaintext data not as expected"); - } else { - TEST_ASSERT_BUFFERS_ARE_EQUAL_BIT( - ciphertext, - tdata->ciphertext.data, - tdata->validDataLen.len_bits, - "Ciphertext data not as expected"); - TEST_ASSERT_BUFFERS_ARE_EQUAL( - digest, - tdata->digest_enc.data, - tdata->digest_enc.len, - "Generated auth tag not as expected"); - } + return ret; +} - TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, - "crypto op processing failed"); +int +test_pdcp_proto_cplane_encap(int i) +{ + return test_pdcp_proto( + i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE, + pdcp_test_data_in[i], pdcp_test_data_in_len[i], + pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4, + pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], + pdcp_test_params[i].cipher_key_len, + pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], + pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], + pdcp_test_params[i].domain, pdcp_test_packet_direction[i], + pdcp_test_data_sn_size[i], pdcp_test_hfn[i], + pdcp_test_hfn_threshold[i], SDAP_DISABLED); +} - return 0; +int +test_pdcp_proto_uplane_encap(int i) +{ + return test_pdcp_proto( + i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE, + pdcp_test_data_in[i], pdcp_test_data_in_len[i], + pdcp_test_data_out[i], pdcp_test_data_in_len[i], + pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], + pdcp_test_params[i].cipher_key_len, + pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], + pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], + pdcp_test_params[i].domain, pdcp_test_packet_direction[i], + pdcp_test_data_sn_size[i], pdcp_test_hfn[i], + pdcp_test_hfn_threshold[i], SDAP_DISABLED); } -/** AUTH AES CMAC + CIPHER AES CTR */ +int +test_pdcp_proto_uplane_encap_with_int(int i) +{ + return test_pdcp_proto( + i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE, + pdcp_test_data_in[i], pdcp_test_data_in_len[i], + pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4, + pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], + pdcp_test_params[i].cipher_key_len, + pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], + pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], + pdcp_test_params[i].domain, pdcp_test_packet_direction[i], + pdcp_test_data_sn_size[i], pdcp_test_hfn[i], + pdcp_test_hfn_threshold[i], SDAP_DISABLED); +} -static int -test_aes_cmac_aes_ctr_digest_enc_test_case_1(void) +int +test_pdcp_proto_cplane_decap(int i) { - return test_mixed_auth_cipher( - &auth_aes_cmac_cipher_aes_ctr_test_case_1, IN_PLACE, 0); + return test_pdcp_proto( + i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY, + pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4, + pdcp_test_data_in[i], pdcp_test_data_in_len[i], + pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], + pdcp_test_params[i].cipher_key_len, + pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], + pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], + pdcp_test_params[i].domain, pdcp_test_packet_direction[i], + pdcp_test_data_sn_size[i], pdcp_test_hfn[i], + pdcp_test_hfn_threshold[i], SDAP_DISABLED); +} + +int +test_pdcp_proto_uplane_decap(int i) +{ + return test_pdcp_proto( + i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY, + pdcp_test_data_out[i], pdcp_test_data_in_len[i], + pdcp_test_data_in[i], pdcp_test_data_in_len[i], + pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], + pdcp_test_params[i].cipher_key_len, + pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], + pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], + pdcp_test_params[i].domain, pdcp_test_packet_direction[i], + pdcp_test_data_sn_size[i], pdcp_test_hfn[i], + pdcp_test_hfn_threshold[i], SDAP_DISABLED); } -static int -test_aes_cmac_aes_ctr_digest_enc_test_case_1_oop(void) +int +test_pdcp_proto_uplane_decap_with_int(int i) { - return test_mixed_auth_cipher( - &auth_aes_cmac_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0); + return test_pdcp_proto( + i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY, + pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4, + pdcp_test_data_in[i], pdcp_test_data_in_len[i], + pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], + pdcp_test_params[i].cipher_key_len, + pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], + pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], + pdcp_test_params[i].domain, pdcp_test_packet_direction[i], + pdcp_test_data_sn_size[i], pdcp_test_hfn[i], + pdcp_test_hfn_threshold[i], SDAP_DISABLED); } static int -test_aes_cmac_aes_ctr_digest_enc_test_case_1_sgl(void) +test_PDCP_PROTO_SGL_in_place_32B(void) { - return test_mixed_auth_cipher_sgl( - &auth_aes_cmac_cipher_aes_ctr_test_case_1, IN_PLACE, 0); + /* i can be used for running any PDCP case + * In this case it is uplane 12-bit AES-SNOW DL encap + */ + int i = PDCP_UPLANE_12BIT_OFFSET + AES_ENC + SNOW_AUTH + DOWNLINK; + return test_pdcp_proto_SGL(i, IN_PLACE, + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_AUTH_OP_GENERATE, + pdcp_test_data_in[i], + pdcp_test_data_in_len[i], + pdcp_test_data_out[i], + pdcp_test_data_in_len[i]+4, + 32, 0); } - static int -test_aes_cmac_aes_ctr_digest_enc_test_case_1_oop_sgl(void) +test_PDCP_PROTO_SGL_oop_32B_128B(void) { - return test_mixed_auth_cipher_sgl( - &auth_aes_cmac_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0); + /* i can be used for running any PDCP case + * In this case it is uplane 18-bit NULL-NULL DL encap + */ + int i = PDCP_UPLANE_18BIT_OFFSET + NULL_ENC + NULL_AUTH + DOWNLINK; + return test_pdcp_proto_SGL(i, OUT_OF_PLACE, + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_AUTH_OP_GENERATE, + pdcp_test_data_in[i], + pdcp_test_data_in_len[i], + pdcp_test_data_out[i], + pdcp_test_data_in_len[i]+4, + 32, 128); } - static int -test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1(void) +test_PDCP_PROTO_SGL_oop_32B_40B(void) { - return test_mixed_auth_cipher( - &auth_aes_cmac_cipher_aes_ctr_test_case_1, IN_PLACE, 1); + /* i can be used for running any PDCP case + * In this case it is uplane 18-bit AES DL encap + */ + int i = PDCP_UPLANE_OFFSET + AES_ENC + EIGHTEEN_BIT_SEQ_NUM_OFFSET + + DOWNLINK; + return test_pdcp_proto_SGL(i, OUT_OF_PLACE, + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_AUTH_OP_GENERATE, + pdcp_test_data_in[i], + pdcp_test_data_in_len[i], + pdcp_test_data_out[i], + pdcp_test_data_in_len[i], + 32, 40); } - static int -test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_oop(void) +test_PDCP_PROTO_SGL_oop_128B_32B(void) { - return test_mixed_auth_cipher( - &auth_aes_cmac_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1); + /* i can be used for running any PDCP case + * In this case it is cplane 12-bit AES-ZUC DL encap + */ + int i = PDCP_CPLANE_LONG_SN_OFFSET + AES_ENC + ZUC_AUTH + DOWNLINK; + return test_pdcp_proto_SGL(i, OUT_OF_PLACE, + RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_AUTH_OP_GENERATE, + pdcp_test_data_in[i], + pdcp_test_data_in_len[i], + pdcp_test_data_out[i], + pdcp_test_data_in_len[i]+4, + 128, 32); } static int -test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_sgl(void) +test_PDCP_SDAP_PROTO_encap_all(void) { - return test_mixed_auth_cipher_sgl( - &auth_aes_cmac_cipher_aes_ctr_test_case_1, IN_PLACE, 1); -} + int i = 0, size = 0; + int err, all_err = TEST_SUCCESS; + const struct pdcp_sdap_test *cur_test; -static int -test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_oop_sgl(void) -{ - return test_mixed_auth_cipher_sgl( - &auth_aes_cmac_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1); -} + size = RTE_DIM(list_pdcp_sdap_tests); -/** MIXED AUTH + CIPHER */ + for (i = 0; i < size; i++) { + cur_test = &list_pdcp_sdap_tests[i]; + err = test_pdcp_proto( + i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_AUTH_OP_GENERATE, cur_test->data_in, + cur_test->in_len, cur_test->data_out, + cur_test->in_len + ((cur_test->auth_key) ? 4 : 0), + cur_test->param.cipher_alg, cur_test->cipher_key, + cur_test->param.cipher_key_len, + cur_test->param.auth_alg, + cur_test->auth_key, cur_test->param.auth_key_len, + cur_test->bearer, cur_test->param.domain, + cur_test->packet_direction, cur_test->sn_size, + cur_test->hfn, + cur_test->hfn_threshold, SDAP_ENABLED); + if (err) { + printf("\t%d) %s: Encapsulation failed\n", + cur_test->test_idx, + cur_test->param.name); + err = TEST_FAILED; + } else { + printf("\t%d) %s: Encap PASS\n", cur_test->test_idx, + cur_test->param.name); + err = TEST_SUCCESS; + } + all_err += err; + } -static int -test_auth_zuc_cipher_snow_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_zuc_cipher_snow_test_case_1, OUT_OF_PLACE, 0); + printf("Success: %d, Failure: %d\n", size + all_err, -all_err); + + return (all_err == TEST_SUCCESS) ? TEST_SUCCESS : TEST_FAILED; } static int -test_verify_auth_zuc_cipher_snow_test_case_1(void) +test_PDCP_PROTO_short_mac(void) { - return test_mixed_auth_cipher( - &auth_zuc_cipher_snow_test_case_1, OUT_OF_PLACE, 1); + int i = 0, size = 0; + int err, all_err = TEST_SUCCESS; + const struct pdcp_short_mac_test *cur_test; + + size = RTE_DIM(list_pdcp_smac_tests); + + for (i = 0; i < size; i++) { + cur_test = &list_pdcp_smac_tests[i]; + err = test_pdcp_proto( + i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, + RTE_CRYPTO_AUTH_OP_GENERATE, cur_test->data_in, + cur_test->in_len, cur_test->data_out, + cur_test->in_len + ((cur_test->auth_key) ? 4 : 0), + RTE_CRYPTO_CIPHER_NULL, NULL, + 0, cur_test->param.auth_alg, + cur_test->auth_key, cur_test->param.auth_key_len, + 0, cur_test->param.domain, 0, 0, + 0, 0, 0); + if (err) { + printf("\t%d) %s: Short MAC test failed\n", + cur_test->test_idx, + cur_test->param.name); + err = TEST_FAILED; + } else { + printf("\t%d) %s: Short MAC test PASS\n", + cur_test->test_idx, + cur_test->param.name); + rte_hexdump(stdout, "MAC I", + cur_test->data_out + cur_test->in_len + 2, + 2); + err = TEST_SUCCESS; + } + all_err += err; + } + + printf("Success: %d, Failure: %d\n", size + all_err, -all_err); + + return (all_err == TEST_SUCCESS) ? TEST_SUCCESS : TEST_FAILED; + } static int -test_auth_aes_cmac_cipher_snow_test_case_1(void) +test_PDCP_SDAP_PROTO_decap_all(void) { - return test_mixed_auth_cipher( - &auth_aes_cmac_cipher_snow_test_case_1, OUT_OF_PLACE, 0); + int i = 0, size = 0; + int err, all_err = TEST_SUCCESS; + const struct pdcp_sdap_test *cur_test; + + size = RTE_DIM(list_pdcp_sdap_tests); + + for (i = 0; i < size; i++) { + cur_test = &list_pdcp_sdap_tests[i]; + err = test_pdcp_proto( + i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, + RTE_CRYPTO_AUTH_OP_VERIFY, + cur_test->data_out, + cur_test->in_len + ((cur_test->auth_key) ? 4 : 0), + cur_test->data_in, cur_test->in_len, + cur_test->param.cipher_alg, + cur_test->cipher_key, cur_test->param.cipher_key_len, + cur_test->param.auth_alg, cur_test->auth_key, + cur_test->param.auth_key_len, cur_test->bearer, + cur_test->param.domain, cur_test->packet_direction, + cur_test->sn_size, cur_test->hfn, + cur_test->hfn_threshold, SDAP_ENABLED); + if (err) { + printf("\t%d) %s: Decapsulation failed\n", + cur_test->test_idx, + cur_test->param.name); + err = TEST_FAILED; + } else { + printf("\t%d) %s: Decap PASS\n", cur_test->test_idx, + cur_test->param.name); + err = TEST_SUCCESS; + } + all_err += err; + } + + printf("Success: %d, Failure: %d\n", size + all_err, -all_err); + + return (all_err == TEST_SUCCESS) ? TEST_SUCCESS : TEST_FAILED; } static int -test_verify_auth_aes_cmac_cipher_snow_test_case_1(void) +test_ipsec_proto_process(const struct ipsec_test_data td[], + struct ipsec_test_data res_d[], + int nb_td, + bool silent, + const struct ipsec_test_flags *flags) { - return test_mixed_auth_cipher( - &auth_aes_cmac_cipher_snow_test_case_1, OUT_OF_PLACE, 1); -} + uint16_t v6_src[8] = {0x2607, 0xf8b0, 0x400c, 0x0c03, 0x0000, 0x0000, + 0x0000, 0x001a}; + uint16_t v6_dst[8] = {0x2001, 0x0470, 0xe5bf, 0xdead, 0x4957, 0x2174, + 0xe82c, 0x4887}; + const struct rte_ipv4_hdr *ipv4 = + (const struct rte_ipv4_hdr *)td[0].output_text.data; + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct crypto_unittest_params *ut_params = &unittest_params; + struct rte_security_capability_idx sec_cap_idx; + const struct rte_security_capability *sec_cap; + struct rte_security_ipsec_xform ipsec_xform; + uint8_t dev_id = ts_params->valid_devs[0]; + enum rte_security_ipsec_sa_direction dir; + struct ipsec_test_data *res_d_tmp = NULL; + int salt_len, i, ret = TEST_SUCCESS; + struct rte_security_ctx *ctx; + uint8_t *input_text; + uint32_t src, dst; + uint32_t verify; + + ut_params->type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL; + gbl_action_type = RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL; + + /* Use first test data to create session */ + + /* Copy IPsec xform */ + memcpy(&ipsec_xform, &td[0].ipsec_xform, sizeof(ipsec_xform)); + + dir = ipsec_xform.direction; + verify = flags->tunnel_hdr_verify; + + memcpy(&src, &ipv4->src_addr, sizeof(ipv4->src_addr)); + memcpy(&dst, &ipv4->dst_addr, sizeof(ipv4->dst_addr)); + + if ((dir == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) && verify) { + if (verify == RTE_SECURITY_IPSEC_TUNNEL_VERIFY_SRC_DST_ADDR) + src += 1; + else if (verify == RTE_SECURITY_IPSEC_TUNNEL_VERIFY_DST_ADDR) + dst += 1; + } + + if (td->ipsec_xform.mode == RTE_SECURITY_IPSEC_SA_MODE_TUNNEL) { + if (td->ipsec_xform.tunnel.type == + RTE_SECURITY_IPSEC_TUNNEL_IPV4) { + memcpy(&ipsec_xform.tunnel.ipv4.src_ip, &src, + sizeof(src)); + memcpy(&ipsec_xform.tunnel.ipv4.dst_ip, &dst, + sizeof(dst)); + + if (flags->df == TEST_IPSEC_SET_DF_0_INNER_1) + ipsec_xform.tunnel.ipv4.df = 0; + + if (flags->df == TEST_IPSEC_SET_DF_1_INNER_0) + ipsec_xform.tunnel.ipv4.df = 1; + + if (flags->dscp == TEST_IPSEC_SET_DSCP_0_INNER_1) + ipsec_xform.tunnel.ipv4.dscp = 0; + + if (flags->dscp == TEST_IPSEC_SET_DSCP_1_INNER_0) + ipsec_xform.tunnel.ipv4.dscp = + TEST_IPSEC_DSCP_VAL; + + } else { + if (flags->dscp == TEST_IPSEC_SET_DSCP_0_INNER_1) + ipsec_xform.tunnel.ipv6.dscp = 0; + + if (flags->dscp == TEST_IPSEC_SET_DSCP_1_INNER_0) + ipsec_xform.tunnel.ipv6.dscp = + TEST_IPSEC_DSCP_VAL; + + memcpy(&ipsec_xform.tunnel.ipv6.src_addr, &v6_src, + sizeof(v6_src)); + memcpy(&ipsec_xform.tunnel.ipv6.dst_addr, &v6_dst, + sizeof(v6_dst)); + } + } + + ctx = rte_cryptodev_get_sec_ctx(dev_id); + + sec_cap_idx.action = ut_params->type; + sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_IPSEC; + sec_cap_idx.ipsec.proto = ipsec_xform.proto; + sec_cap_idx.ipsec.mode = ipsec_xform.mode; + sec_cap_idx.ipsec.direction = ipsec_xform.direction; + + if (flags->udp_encap) + ipsec_xform.options.udp_encap = 1; + + sec_cap = rte_security_capability_get(ctx, &sec_cap_idx); + if (sec_cap == NULL) + return TEST_SKIPPED; + + /* Copy cipher session parameters */ + if (td[0].aead) { + memcpy(&ut_params->aead_xform, &td[0].xform.aead, + sizeof(ut_params->aead_xform)); + ut_params->aead_xform.aead.key.data = td[0].key.data; + ut_params->aead_xform.aead.iv.offset = IV_OFFSET; + + /* Verify crypto capabilities */ + if (test_ipsec_crypto_caps_aead_verify( + sec_cap, + &ut_params->aead_xform) != 0) { + if (!silent) + RTE_LOG(INFO, USER1, + "Crypto capabilities not supported\n"); + return TEST_SKIPPED; + } + } else if (td[0].auth_only) { + memcpy(&ut_params->auth_xform, &td[0].xform.chain.auth, + sizeof(ut_params->auth_xform)); + ut_params->auth_xform.auth.key.data = td[0].auth_key.data; + + if (test_ipsec_crypto_caps_auth_verify( + sec_cap, + &ut_params->auth_xform) != 0) { + if (!silent) + RTE_LOG(INFO, USER1, + "Auth crypto capabilities not supported\n"); + return TEST_SKIPPED; + } + } else { + memcpy(&ut_params->cipher_xform, &td[0].xform.chain.cipher, + sizeof(ut_params->cipher_xform)); + memcpy(&ut_params->auth_xform, &td[0].xform.chain.auth, + sizeof(ut_params->auth_xform)); + ut_params->cipher_xform.cipher.key.data = td[0].key.data; + ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; + ut_params->auth_xform.auth.key.data = td[0].auth_key.data; + + /* Verify crypto capabilities */ + + if (test_ipsec_crypto_caps_cipher_verify( + sec_cap, + &ut_params->cipher_xform) != 0) { + if (!silent) + RTE_LOG(INFO, USER1, + "Cipher crypto capabilities not supported\n"); + return TEST_SKIPPED; + } + + if (test_ipsec_crypto_caps_auth_verify( + sec_cap, + &ut_params->auth_xform) != 0) { + if (!silent) + RTE_LOG(INFO, USER1, + "Auth crypto capabilities not supported\n"); + return TEST_SKIPPED; + } + } + + if (test_ipsec_sec_caps_verify(&ipsec_xform, sec_cap, silent) != 0) + return TEST_SKIPPED; + + struct rte_security_session_conf sess_conf = { + .action_type = ut_params->type, + .protocol = RTE_SECURITY_PROTOCOL_IPSEC, + }; + + if (td[0].aead || td[0].aes_gmac) { + salt_len = RTE_MIN(sizeof(ipsec_xform.salt), td[0].salt.len); + memcpy(&ipsec_xform.salt, td[0].salt.data, salt_len); + } -static int -test_auth_zuc_cipher_aes_ctr_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_zuc_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0); -} + if (td[0].aead) { + sess_conf.ipsec = ipsec_xform; + sess_conf.crypto_xform = &ut_params->aead_xform; + } else if (td[0].auth_only) { + sess_conf.ipsec = ipsec_xform; + sess_conf.crypto_xform = &ut_params->auth_xform; + } else { + sess_conf.ipsec = ipsec_xform; + if (dir == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) { + sess_conf.crypto_xform = &ut_params->cipher_xform; + ut_params->cipher_xform.next = &ut_params->auth_xform; + } else { + sess_conf.crypto_xform = &ut_params->auth_xform; + ut_params->auth_xform.next = &ut_params->cipher_xform; + } + } -static int -test_verify_auth_zuc_cipher_aes_ctr_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_zuc_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1); -} + /* Create security session */ + ut_params->sec_session = rte_security_session_create(ctx, &sess_conf, + ts_params->session_mpool, + ts_params->session_priv_mpool); -static int -test_auth_snow_cipher_aes_ctr_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_snow_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0); -} + if (ut_params->sec_session == NULL) + return TEST_SKIPPED; -static int -test_verify_auth_snow_cipher_aes_ctr_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_snow_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1); -} + for (i = 0; i < nb_td; i++) { + if (flags->antireplay && + (dir == RTE_SECURITY_IPSEC_SA_DIR_EGRESS)) { + sess_conf.ipsec.esn.value = td[i].ipsec_xform.esn.value; + ret = rte_security_session_update(ctx, + ut_params->sec_session, &sess_conf); + if (ret) { + printf("Could not update sequence number in " + "session\n"); + return TEST_SKIPPED; + } + } -static int -test_auth_snow_cipher_zuc_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_snow_cipher_zuc_test_case_1, OUT_OF_PLACE, 0); -} + /* Setup source mbuf payload */ + ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, + rte_pktmbuf_tailroom(ut_params->ibuf)); -static int -test_verify_auth_snow_cipher_zuc_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_snow_cipher_zuc_test_case_1, OUT_OF_PLACE, 1); -} + input_text = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, + td[i].input_text.len); -static int -test_auth_aes_cmac_cipher_zuc_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_aes_cmac_cipher_zuc_test_case_1, OUT_OF_PLACE, 0); -} + memcpy(input_text, td[i].input_text.data, + td[i].input_text.len); -static int -test_verify_auth_aes_cmac_cipher_zuc_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_aes_cmac_cipher_zuc_test_case_1, OUT_OF_PLACE, 1); -} + if (test_ipsec_pkt_update(input_text, flags)) + return TEST_FAILED; -static int -test_auth_null_cipher_snow_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_null_cipher_snow_test_case_1, OUT_OF_PLACE, 0); -} + /* Generate crypto op data structure */ + ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, + RTE_CRYPTO_OP_TYPE_SYMMETRIC); + if (!ut_params->op) { + printf("TestCase %s line %d: %s\n", + __func__, __LINE__, + "failed to allocate crypto op"); + ret = TEST_FAILED; + goto crypto_op_free; + } -static int -test_verify_auth_null_cipher_snow_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_null_cipher_snow_test_case_1, OUT_OF_PLACE, 1); -} + /* Attach session to operation */ + rte_security_attach_session(ut_params->op, + ut_params->sec_session); + + /* Set crypto operation mbufs */ + ut_params->op->sym->m_src = ut_params->ibuf; + ut_params->op->sym->m_dst = NULL; + + /* Copy IV in crypto operation when IV generation is disabled */ + if (dir == RTE_SECURITY_IPSEC_SA_DIR_EGRESS && + ipsec_xform.options.iv_gen_disable == 1) { + uint8_t *iv = rte_crypto_op_ctod_offset(ut_params->op, + uint8_t *, + IV_OFFSET); + int len; + + if (td[i].aead) + len = td[i].xform.aead.aead.iv.length; + else if (td[i].aes_gmac) + len = td[i].xform.chain.auth.auth.iv.length; + else + len = td[i].xform.chain.cipher.cipher.iv.length; + + memcpy(iv, td[i].iv.data, len); + } -static int -test_auth_null_cipher_zuc_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_null_cipher_zuc_test_case_1, OUT_OF_PLACE, 0); -} + /* Process crypto operation */ + process_crypto_request(dev_id, ut_params->op); -static int -test_verify_auth_null_cipher_zuc_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_null_cipher_zuc_test_case_1, OUT_OF_PLACE, 1); -} + ret = test_ipsec_status_check(&td[i], ut_params->op, flags, dir, + i + 1); + if (ret != TEST_SUCCESS) + goto crypto_op_free; -static int -test_auth_snow_cipher_null_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_snow_cipher_null_test_case_1, OUT_OF_PLACE, 0); -} + if (res_d != NULL) + res_d_tmp = &res_d[i]; -static int -test_verify_auth_snow_cipher_null_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_snow_cipher_null_test_case_1, OUT_OF_PLACE, 1); -} + ret = test_ipsec_post_process(ut_params->ibuf, &td[i], + res_d_tmp, silent, flags); + if (ret != TEST_SUCCESS) + goto crypto_op_free; -static int -test_auth_zuc_cipher_null_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_zuc_cipher_null_test_case_1, OUT_OF_PLACE, 0); -} + ret = test_ipsec_stats_verify(ctx, ut_params->sec_session, + flags, dir); + if (ret != TEST_SUCCESS) + goto crypto_op_free; -static int -test_verify_auth_zuc_cipher_null_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_zuc_cipher_null_test_case_1, OUT_OF_PLACE, 1); -} + rte_crypto_op_free(ut_params->op); + ut_params->op = NULL; -static int -test_auth_null_cipher_aes_ctr_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_null_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 0); -} + rte_pktmbuf_free(ut_params->ibuf); + ut_params->ibuf = NULL; + } -static int -test_verify_auth_null_cipher_aes_ctr_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_null_cipher_aes_ctr_test_case_1, OUT_OF_PLACE, 1); -} +crypto_op_free: + rte_crypto_op_free(ut_params->op); + ut_params->op = NULL; -static int -test_auth_aes_cmac_cipher_null_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_aes_cmac_cipher_null_test_case_1, OUT_OF_PLACE, 0); -} + rte_pktmbuf_free(ut_params->ibuf); + ut_params->ibuf = NULL; -static int -test_verify_auth_aes_cmac_cipher_null_test_case_1(void) -{ - return test_mixed_auth_cipher( - &auth_aes_cmac_cipher_null_test_case_1, OUT_OF_PLACE, 1); -} + if (ut_params->sec_session) + rte_security_session_destroy(ctx, ut_params->sec_session); + ut_params->sec_session = NULL; -/* ***** AEAD algorithm Tests ***** */ + return ret; +} static int -create_aead_session(uint8_t dev_id, enum rte_crypto_aead_algorithm algo, - enum rte_crypto_aead_operation op, - const uint8_t *key, const uint8_t key_len, - const uint16_t aad_len, const uint8_t auth_len, - uint8_t iv_len) +test_ipsec_proto_known_vec(const void *test_data) { - uint8_t aead_key[key_len]; + struct ipsec_test_data td_outb; + struct ipsec_test_flags flags; - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; + memset(&flags, 0, sizeof(flags)); - memcpy(aead_key, key, key_len); + memcpy(&td_outb, test_data, sizeof(td_outb)); - /* Setup AEAD Parameters */ - ut_params->aead_xform.type = RTE_CRYPTO_SYM_XFORM_AEAD; - ut_params->aead_xform.next = NULL; - ut_params->aead_xform.aead.algo = algo; - ut_params->aead_xform.aead.op = op; - ut_params->aead_xform.aead.key.data = aead_key; - ut_params->aead_xform.aead.key.length = key_len; - ut_params->aead_xform.aead.iv.offset = IV_OFFSET; - ut_params->aead_xform.aead.iv.length = iv_len; - ut_params->aead_xform.aead.digest_length = auth_len; - ut_params->aead_xform.aead.aad_length = aad_len; + if (td_outb.aes_gmac || td_outb.aead || + ((td_outb.ipsec_xform.proto != RTE_SECURITY_IPSEC_SA_PROTO_AH) && + (td_outb.xform.chain.cipher.cipher.algo != RTE_CRYPTO_CIPHER_NULL))) { + /* Disable IV gen to be able to test with known vectors */ + td_outb.ipsec_xform.options.iv_gen_disable = 1; + } - debug_hexdump(stdout, "key:", key, key_len); + return test_ipsec_proto_process(&td_outb, NULL, 1, false, &flags); +} - /* Create Crypto session*/ - ut_params->sess = rte_cryptodev_sym_session_create( - ts_params->session_mpool); +static int +test_ipsec_proto_known_vec_inb(const void *test_data) +{ + const struct ipsec_test_data *td = test_data; + struct ipsec_test_flags flags; + struct ipsec_test_data td_inb; - rte_cryptodev_sym_session_init(dev_id, ut_params->sess, - &ut_params->aead_xform, - ts_params->session_priv_mpool); + memset(&flags, 0, sizeof(flags)); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) + test_ipsec_td_in_from_out(td, &td_inb); + else + memcpy(&td_inb, td, sizeof(td_inb)); - return 0; + return test_ipsec_proto_process(&td_inb, NULL, 1, false, &flags); } static int -create_aead_xform(struct rte_crypto_op *op, - enum rte_crypto_aead_algorithm algo, - enum rte_crypto_aead_operation aead_op, - uint8_t *key, const uint8_t key_len, - const uint8_t aad_len, const uint8_t auth_len, - uint8_t iv_len) +test_ipsec_proto_known_vec_fragmented(const void *test_data) { - TEST_ASSERT_NOT_NULL(rte_crypto_op_sym_xforms_alloc(op, 1), - "failed to allocate space for crypto transform"); + struct ipsec_test_data td_outb; + struct ipsec_test_flags flags; - struct rte_crypto_sym_op *sym_op = op->sym; + memset(&flags, 0, sizeof(flags)); + flags.fragment = true; - /* Setup AEAD Parameters */ - sym_op->xform->type = RTE_CRYPTO_SYM_XFORM_AEAD; - sym_op->xform->next = NULL; - sym_op->xform->aead.algo = algo; - sym_op->xform->aead.op = aead_op; - sym_op->xform->aead.key.data = key; - sym_op->xform->aead.key.length = key_len; - sym_op->xform->aead.iv.offset = IV_OFFSET; - sym_op->xform->aead.iv.length = iv_len; - sym_op->xform->aead.digest_length = auth_len; - sym_op->xform->aead.aad_length = aad_len; + memcpy(&td_outb, test_data, sizeof(td_outb)); - debug_hexdump(stdout, "key:", key, key_len); + /* Disable IV gen to be able to test with known vectors */ + td_outb.ipsec_xform.options.iv_gen_disable = 1; - return 0; + return test_ipsec_proto_process(&td_outb, NULL, 1, false, &flags); } static int -create_aead_operation(enum rte_crypto_aead_operation op, - const struct aead_test_data *tdata) +test_ipsec_proto_all(const struct ipsec_test_flags *flags) { - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; + struct ipsec_test_data td_outb[IPSEC_TEST_PACKETS_MAX]; + struct ipsec_test_data td_inb[IPSEC_TEST_PACKETS_MAX]; + unsigned int i, nb_pkts = 1, pass_cnt = 0; + int ret; - uint8_t *plaintext, *ciphertext; - unsigned int aad_pad_len, plaintext_pad_len; + if (flags->iv_gen || + flags->sa_expiry_pkts_soft || + flags->sa_expiry_pkts_hard) + nb_pkts = IPSEC_TEST_PACKETS_MAX; + + for (i = 0; i < RTE_DIM(alg_list); i++) { + test_ipsec_td_prepare(alg_list[i].param1, + alg_list[i].param2, + flags, + td_outb, + nb_pkts); + + if (!td_outb->aead) { + enum rte_crypto_cipher_algorithm cipher_alg; + enum rte_crypto_auth_algorithm auth_alg; + + cipher_alg = td_outb->xform.chain.cipher.cipher.algo; + auth_alg = td_outb->xform.chain.auth.auth.algo; + + if (td_outb->aes_gmac && cipher_alg != RTE_CRYPTO_CIPHER_NULL) + continue; + + /* ICV is not applicable for NULL auth */ + if (flags->icv_corrupt && + auth_alg == RTE_CRYPTO_AUTH_NULL) + continue; + + /* IV is not applicable for NULL cipher */ + if (flags->iv_gen && + cipher_alg == RTE_CRYPTO_CIPHER_NULL) + continue; + } - /* Generate Crypto op data structure */ - ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, - RTE_CRYPTO_OP_TYPE_SYMMETRIC); - TEST_ASSERT_NOT_NULL(ut_params->op, - "Failed to allocate symmetric crypto operation struct"); + ret = test_ipsec_proto_process(td_outb, td_inb, nb_pkts, true, + flags); + if (ret == TEST_SKIPPED) + continue; - struct rte_crypto_sym_op *sym_op = ut_params->op->sym; + if (ret == TEST_FAILED) + return TEST_FAILED; - /* Append aad data */ - if (tdata->algo == RTE_CRYPTO_AEAD_AES_CCM) { - aad_pad_len = RTE_ALIGN_CEIL(tdata->aad.len + 18, 16); - sym_op->aead.aad.data = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - aad_pad_len); - TEST_ASSERT_NOT_NULL(sym_op->aead.aad.data, - "no room to append aad"); + test_ipsec_td_update(td_inb, td_outb, nb_pkts, flags); - sym_op->aead.aad.phys_addr = - rte_pktmbuf_iova(ut_params->ibuf); - /* Copy AAD 18 bytes after the AAD pointer, according to the API */ - memcpy(sym_op->aead.aad.data + 18, tdata->aad.data, tdata->aad.len); - debug_hexdump(stdout, "aad:", sym_op->aead.aad.data, - tdata->aad.len); + ret = test_ipsec_proto_process(td_inb, NULL, nb_pkts, true, + flags); + if (ret == TEST_SKIPPED) + continue; - /* Append IV at the end of the crypto operation*/ - uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op, - uint8_t *, IV_OFFSET); + if (ret == TEST_FAILED) + return TEST_FAILED; - /* Copy IV 1 byte after the IV pointer, according to the API */ - rte_memcpy(iv_ptr + 1, tdata->iv.data, tdata->iv.len); - debug_hexdump(stdout, "iv:", iv_ptr, - tdata->iv.len); - } else { - aad_pad_len = RTE_ALIGN_CEIL(tdata->aad.len, 16); - sym_op->aead.aad.data = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - aad_pad_len); - TEST_ASSERT_NOT_NULL(sym_op->aead.aad.data, - "no room to append aad"); + if (flags->display_alg) + test_ipsec_display_alg(alg_list[i].param1, + alg_list[i].param2); - sym_op->aead.aad.phys_addr = - rte_pktmbuf_iova(ut_params->ibuf); - memcpy(sym_op->aead.aad.data, tdata->aad.data, tdata->aad.len); - debug_hexdump(stdout, "aad:", sym_op->aead.aad.data, - tdata->aad.len); + pass_cnt++; + } + + if (pass_cnt > 0) + return TEST_SUCCESS; + else + return TEST_SKIPPED; +} - /* Append IV at the end of the crypto operation*/ - uint8_t *iv_ptr = rte_crypto_op_ctod_offset(ut_params->op, - uint8_t *, IV_OFFSET); +static int +test_ipsec_ah_proto_all(const struct ipsec_test_flags *flags) +{ + struct ipsec_test_data td_outb[IPSEC_TEST_PACKETS_MAX]; + struct ipsec_test_data td_inb[IPSEC_TEST_PACKETS_MAX]; + unsigned int i, nb_pkts = 1, pass_cnt = 0; + int ret; - if (tdata->iv.len == 0) { - rte_memcpy(iv_ptr, tdata->iv.data, AES_GCM_J0_LENGTH); - debug_hexdump(stdout, "iv:", iv_ptr, - AES_GCM_J0_LENGTH); - } else { - rte_memcpy(iv_ptr, tdata->iv.data, tdata->iv.len); - debug_hexdump(stdout, "iv:", iv_ptr, - tdata->iv.len); - } - } + for (i = 0; i < RTE_DIM(ah_alg_list); i++) { + test_ipsec_td_prepare(ah_alg_list[i].param1, + ah_alg_list[i].param2, + flags, + td_outb, + nb_pkts); - /* Append plaintext/ciphertext */ - if (op == RTE_CRYPTO_AEAD_OP_ENCRYPT) { - plaintext_pad_len = RTE_ALIGN_CEIL(tdata->plaintext.len, 16); - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - TEST_ASSERT_NOT_NULL(plaintext, "no room to append plaintext"); + ret = test_ipsec_proto_process(td_outb, td_inb, nb_pkts, true, + flags); + if (ret == TEST_SKIPPED) + continue; - memcpy(plaintext, tdata->plaintext.data, tdata->plaintext.len); - debug_hexdump(stdout, "plaintext:", plaintext, - tdata->plaintext.len); + if (ret == TEST_FAILED) + return TEST_FAILED; - if (ut_params->obuf) { - ciphertext = (uint8_t *)rte_pktmbuf_append( - ut_params->obuf, - plaintext_pad_len + aad_pad_len); - TEST_ASSERT_NOT_NULL(ciphertext, - "no room to append ciphertext"); + test_ipsec_td_update(td_inb, td_outb, nb_pkts, flags); - memset(ciphertext + aad_pad_len, 0, - tdata->ciphertext.len); - } - } else { - plaintext_pad_len = RTE_ALIGN_CEIL(tdata->ciphertext.len, 16); - ciphertext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_pad_len); - TEST_ASSERT_NOT_NULL(ciphertext, - "no room to append ciphertext"); + ret = test_ipsec_proto_process(td_inb, NULL, nb_pkts, true, + flags); + if (ret == TEST_SKIPPED) + continue; - memcpy(ciphertext, tdata->ciphertext.data, - tdata->ciphertext.len); - debug_hexdump(stdout, "ciphertext:", ciphertext, - tdata->ciphertext.len); + if (ret == TEST_FAILED) + return TEST_FAILED; - if (ut_params->obuf) { - plaintext = (uint8_t *)rte_pktmbuf_append( - ut_params->obuf, - plaintext_pad_len + aad_pad_len); - TEST_ASSERT_NOT_NULL(plaintext, - "no room to append plaintext"); + if (flags->display_alg) + test_ipsec_display_alg(ah_alg_list[i].param1, + ah_alg_list[i].param2); - memset(plaintext + aad_pad_len, 0, - tdata->plaintext.len); - } + pass_cnt++; } - /* Append digest data */ - if (op == RTE_CRYPTO_AEAD_OP_ENCRYPT) { - sym_op->aead.digest.data = (uint8_t *)rte_pktmbuf_append( - ut_params->obuf ? ut_params->obuf : - ut_params->ibuf, - tdata->auth_tag.len); - TEST_ASSERT_NOT_NULL(sym_op->aead.digest.data, - "no room to append digest"); - memset(sym_op->aead.digest.data, 0, tdata->auth_tag.len); - sym_op->aead.digest.phys_addr = rte_pktmbuf_iova_offset( - ut_params->obuf ? ut_params->obuf : - ut_params->ibuf, - plaintext_pad_len + - aad_pad_len); - } else { - sym_op->aead.digest.data = (uint8_t *)rte_pktmbuf_append( - ut_params->ibuf, tdata->auth_tag.len); - TEST_ASSERT_NOT_NULL(sym_op->aead.digest.data, - "no room to append digest"); - sym_op->aead.digest.phys_addr = rte_pktmbuf_iova_offset( - ut_params->ibuf, - plaintext_pad_len + aad_pad_len); + if (pass_cnt > 0) + return TEST_SUCCESS; + else + return TEST_SKIPPED; +} - rte_memcpy(sym_op->aead.digest.data, tdata->auth_tag.data, - tdata->auth_tag.len); - debug_hexdump(stdout, "digest:", - sym_op->aead.digest.data, - tdata->auth_tag.len); - } +static int +test_ipsec_proto_display_list(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - sym_op->aead.data.length = tdata->plaintext.len; - sym_op->aead.data.offset = aad_pad_len; + memset(&flags, 0, sizeof(flags)); - return 0; + flags.display_alg = true; + + return test_ipsec_proto_all(&flags); } static int -test_authenticated_encryption(const struct aead_test_data *tdata) +test_ipsec_proto_ah_tunnel_ipv4(const void *data __rte_unused) { - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; + struct ipsec_test_flags flags; - int retval; - uint8_t *ciphertext, *auth_tag; - uint16_t plaintext_pad_len; - uint32_t i; - struct rte_cryptodev_info dev_info; + memset(&flags, 0, sizeof(flags)); - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - uint64_t feat_flags = dev_info.feature_flags; + flags.ah = true; + flags.display_alg = true; - if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && - (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { - printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; - } + return test_ipsec_ah_proto_all(&flags); +} - /* Verify the capabilities */ - struct rte_cryptodev_sym_capability_idx cap_idx; - const struct rte_cryptodev_symmetric_capability *capability; - cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD; - cap_idx.algo.aead = tdata->algo; - capability = rte_cryptodev_sym_capability_get( - ts_params->valid_devs[0], &cap_idx); - if (capability == NULL) - return -ENOTSUP; - if (rte_cryptodev_sym_capability_check_aead( - capability, tdata->key.len, tdata->auth_tag.len, - tdata->aad.len, tdata->iv.len)) - return -ENOTSUP; +static int +test_ipsec_proto_ah_transport_ipv4(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - /* Create AEAD session */ - retval = create_aead_session(ts_params->valid_devs[0], - tdata->algo, - RTE_CRYPTO_AEAD_OP_ENCRYPT, - tdata->key.data, tdata->key.len, - tdata->aad.len, tdata->auth_tag.len, - tdata->iv.len); - if (retval < 0) - return retval; + memset(&flags, 0, sizeof(flags)); - if (tdata->aad.len > MBUF_SIZE) { - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->large_mbuf_pool); - /* Populate full size of add data */ - for (i = 32; i < MAX_AAD_LENGTH; i += 32) - memcpy(&tdata->aad.data[i], &tdata->aad.data[0], 32); - } else - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + flags.ah = true; + flags.transport = true; - /* clear mbuf payload */ - memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + return test_ipsec_ah_proto_all(&flags); +} - /* Create AEAD operation */ - retval = create_aead_operation(RTE_CRYPTO_AEAD_OP_ENCRYPT, tdata); - if (retval < 0) - return retval; +static int +test_ipsec_proto_iv_gen(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess); + memset(&flags, 0, sizeof(flags)); - ut_params->op->sym->m_src = ut_params->ibuf; + flags.iv_gen = true; - /* Process crypto operation */ - if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) - process_cpu_aead_op(ts_params->valid_devs[0], ut_params->op); - else if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - process_sym_raw_dp_op(ts_params->valid_devs[0], 0, - ut_params->op, 0, 0, 0, 0); - else - TEST_ASSERT_NOT_NULL( - process_crypto_request(ts_params->valid_devs[0], - ut_params->op), "failed to process sym crypto op"); + return test_ipsec_proto_all(&flags); +} - TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, - "crypto op processing failed"); +static int +test_ipsec_proto_sa_exp_pkts_soft(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - plaintext_pad_len = RTE_ALIGN_CEIL(tdata->plaintext.len, 16); + memset(&flags, 0, sizeof(flags)); - if (ut_params->op->sym->m_dst) { - ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_dst, - uint8_t *); - auth_tag = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_dst, - uint8_t *, plaintext_pad_len); - } else { - ciphertext = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_src, - uint8_t *, - ut_params->op->sym->cipher.data.offset); - auth_tag = ciphertext + plaintext_pad_len; - } + flags.sa_expiry_pkts_soft = true; - debug_hexdump(stdout, "ciphertext:", ciphertext, tdata->ciphertext.len); - debug_hexdump(stdout, "auth tag:", auth_tag, tdata->auth_tag.len); + return test_ipsec_proto_all(&flags); +} - /* Validate obuf */ - TEST_ASSERT_BUFFERS_ARE_EQUAL( - ciphertext, - tdata->ciphertext.data, - tdata->ciphertext.len, - "Ciphertext data not as expected"); +static int +test_ipsec_proto_sa_exp_pkts_hard(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - TEST_ASSERT_BUFFERS_ARE_EQUAL( - auth_tag, - tdata->auth_tag.data, - tdata->auth_tag.len, - "Generated auth tag not as expected"); + memset(&flags, 0, sizeof(flags)); - return 0; + flags.sa_expiry_pkts_hard = true; + return test_ipsec_proto_all(&flags); } -#ifdef RTE_LIBRTE_SECURITY static int -security_proto_supported(enum rte_security_session_action_type action, - enum rte_security_session_protocol proto) +test_ipsec_proto_err_icv_corrupt(const void *data __rte_unused) { - struct crypto_testsuite_params *ts_params = &testsuite_params; + struct ipsec_test_flags flags; - const struct rte_security_capability *capabilities; - const struct rte_security_capability *capability; - uint16_t i = 0; + memset(&flags, 0, sizeof(flags)); - struct rte_security_ctx *ctx = (struct rte_security_ctx *) - rte_cryptodev_get_sec_ctx( - ts_params->valid_devs[0]); + flags.icv_corrupt = true; + return test_ipsec_proto_all(&flags); +} - capabilities = rte_security_capabilities_get(ctx); +static int +test_ipsec_proto_udp_encap(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - if (capabilities == NULL) - return -ENOTSUP; + memset(&flags, 0, sizeof(flags)); - while ((capability = &capabilities[i++])->action != - RTE_SECURITY_ACTION_TYPE_NONE) { - if (capability->action == action && - capability->protocol == proto) - return 0; - } + flags.udp_encap = true; - return -ENOTSUP; + return test_ipsec_proto_all(&flags); } -/* Basic algorithm run function for async inplace mode. - * Creates a session from input parameters and runs one operation - * on input_vec. Checks the output of the crypto operation against - * output_vec. - */ -static int test_pdcp_proto(int i, int oop, enum rte_crypto_cipher_operation opc, - enum rte_crypto_auth_operation opa, - const uint8_t *input_vec, unsigned int input_vec_len, - const uint8_t *output_vec, - unsigned int output_vec_len, - enum rte_crypto_cipher_algorithm cipher_alg, - const uint8_t *cipher_key, uint32_t cipher_key_len, - enum rte_crypto_auth_algorithm auth_alg, - const uint8_t *auth_key, uint32_t auth_key_len, - uint8_t bearer, enum rte_security_pdcp_domain domain, - uint8_t packet_direction, uint8_t sn_size, - uint32_t hfn, uint32_t hfn_threshold, uint8_t sdap) +static int +test_ipsec_proto_tunnel_src_dst_addr_verify(const void *data __rte_unused) { - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; - uint8_t *plaintext; - int ret = TEST_SUCCESS; - struct rte_security_ctx *ctx = (struct rte_security_ctx *) - rte_cryptodev_get_sec_ctx( - ts_params->valid_devs[0]); + struct ipsec_test_flags flags; + + memset(&flags, 0, sizeof(flags)); + + flags.tunnel_hdr_verify = RTE_SECURITY_IPSEC_TUNNEL_VERIFY_SRC_DST_ADDR; + + return test_ipsec_proto_all(&flags); +} + +static int +test_ipsec_proto_tunnel_dst_addr_verify(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; + + memset(&flags, 0, sizeof(flags)); + + flags.tunnel_hdr_verify = RTE_SECURITY_IPSEC_TUNNEL_VERIFY_DST_ADDR; - /* Verify the capabilities */ - struct rte_security_capability_idx sec_cap_idx; + return test_ipsec_proto_all(&flags); +} - sec_cap_idx.action = ut_params->type; - sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_PDCP; - sec_cap_idx.pdcp.domain = domain; - if (rte_security_capability_get(ctx, &sec_cap_idx) == NULL) - return -ENOTSUP; +static int +test_ipsec_proto_udp_ports_verify(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - /* Generate test mbuf data */ - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); + memset(&flags, 0, sizeof(flags)); - /* clear mbuf payload */ - memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + flags.udp_encap = true; + flags.udp_ports_verify = true; - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - input_vec_len); - memcpy(plaintext, input_vec, input_vec_len); + return test_ipsec_proto_all(&flags); +} - /* Out of place support */ - if (oop) { - /* - * For out-op-place we need to alloc another mbuf - */ - ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - rte_pktmbuf_append(ut_params->obuf, output_vec_len); - } +static int +test_ipsec_proto_inner_ip_csum(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - /* Setup Cipher Parameters */ - ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - ut_params->cipher_xform.cipher.algo = cipher_alg; - ut_params->cipher_xform.cipher.op = opc; - ut_params->cipher_xform.cipher.key.data = cipher_key; - ut_params->cipher_xform.cipher.key.length = cipher_key_len; - ut_params->cipher_xform.cipher.iv.length = - packet_direction ? 4 : 0; - ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET; + memset(&flags, 0, sizeof(flags)); - /* Setup HMAC Parameters if ICV header is required */ - if (auth_alg != 0) { - ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; - ut_params->auth_xform.next = NULL; - ut_params->auth_xform.auth.algo = auth_alg; - ut_params->auth_xform.auth.op = opa; - ut_params->auth_xform.auth.key.data = auth_key; - ut_params->auth_xform.auth.key.length = auth_key_len; + flags.ip_csum = true; - ut_params->cipher_xform.next = &ut_params->auth_xform; - } else { - ut_params->cipher_xform.next = NULL; - } + return test_ipsec_proto_all(&flags); +} - struct rte_security_session_conf sess_conf = { - .action_type = ut_params->type, - .protocol = RTE_SECURITY_PROTOCOL_PDCP, - {.pdcp = { - .bearer = bearer, - .domain = domain, - .pkt_dir = packet_direction, - .sn_size = sn_size, - .hfn = packet_direction ? 0 : hfn, - /** - * hfn can be set as pdcp_test_hfn[i] - * if hfn_ovrd is not set. Here, PDCP - * packet direction is just used to - * run half of the cases with session - * HFN and other half with per packet - * HFN. - */ - .hfn_threshold = hfn_threshold, - .hfn_ovrd = packet_direction ? 1 : 0, - .sdap_enabled = sdap, - } }, - .crypto_xform = &ut_params->cipher_xform - }; +static int +test_ipsec_proto_inner_l4_csum(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - /* Create security session */ - ut_params->sec_session = rte_security_session_create(ctx, - &sess_conf, ts_params->session_priv_mpool); + memset(&flags, 0, sizeof(flags)); - if (!ut_params->sec_session) { - printf("TestCase %s()-%d line %d failed %s: ", - __func__, i, __LINE__, "Failed to allocate session"); - ret = TEST_FAILED; - goto on_err; - } + flags.l4_csum = true; - /* Generate crypto op data structure */ - ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, - RTE_CRYPTO_OP_TYPE_SYMMETRIC); - if (!ut_params->op) { - printf("TestCase %s()-%d line %d failed %s: ", - __func__, i, __LINE__, - "Failed to allocate symmetric crypto operation struct"); - ret = TEST_FAILED; - goto on_err; - } + return test_ipsec_proto_all(&flags); +} - uint32_t *per_pkt_hfn = rte_crypto_op_ctod_offset(ut_params->op, - uint32_t *, IV_OFFSET); - *per_pkt_hfn = packet_direction ? hfn : 0; +static int +test_ipsec_proto_tunnel_v4_in_v4(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - rte_security_attach_session(ut_params->op, ut_params->sec_session); + memset(&flags, 0, sizeof(flags)); - /* set crypto operation source mbuf */ - ut_params->op->sym->m_src = ut_params->ibuf; - if (oop) - ut_params->op->sym->m_dst = ut_params->obuf; + flags.ipv6 = false; + flags.tunnel_ipv6 = false; - /* Process crypto operation */ - if (process_crypto_request(ts_params->valid_devs[0], ut_params->op) - == NULL) { - printf("TestCase %s()-%d line %d failed %s: ", - __func__, i, __LINE__, - "failed to process sym crypto op"); - ret = TEST_FAILED; - goto on_err; - } + return test_ipsec_proto_all(&flags); +} - if (ut_params->op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) { - printf("TestCase %s()-%d line %d failed %s: ", - __func__, i, __LINE__, "crypto op processing failed"); - ret = TEST_FAILED; - goto on_err; - } +static int +test_ipsec_proto_tunnel_v6_in_v6(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - /* Validate obuf */ - uint8_t *ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_src, - uint8_t *); - if (oop) { - ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_dst, - uint8_t *); - } + memset(&flags, 0, sizeof(flags)); - if (memcmp(ciphertext, output_vec, output_vec_len)) { - printf("\n=======PDCP TestCase #%d failed: Data Mismatch ", i); - rte_hexdump(stdout, "encrypted", ciphertext, output_vec_len); - rte_hexdump(stdout, "reference", output_vec, output_vec_len); - ret = TEST_FAILED; - goto on_err; - } + flags.ipv6 = true; + flags.tunnel_ipv6 = true; -on_err: - rte_crypto_op_free(ut_params->op); - ut_params->op = NULL; + return test_ipsec_proto_all(&flags); +} - if (ut_params->sec_session) - rte_security_session_destroy(ctx, ut_params->sec_session); - ut_params->sec_session = NULL; +static int +test_ipsec_proto_tunnel_v4_in_v6(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - rte_pktmbuf_free(ut_params->ibuf); - ut_params->ibuf = NULL; - if (oop) { - rte_pktmbuf_free(ut_params->obuf); - ut_params->obuf = NULL; - } + memset(&flags, 0, sizeof(flags)); - return ret; + flags.ipv6 = false; + flags.tunnel_ipv6 = true; + + return test_ipsec_proto_all(&flags); } static int -test_pdcp_proto_SGL(int i, int oop, - enum rte_crypto_cipher_operation opc, - enum rte_crypto_auth_operation opa, - uint8_t *input_vec, - unsigned int input_vec_len, - uint8_t *output_vec, - unsigned int output_vec_len, - uint32_t fragsz, - uint32_t fragsz_oop) +test_ipsec_proto_tunnel_v6_in_v4(const void *data __rte_unused) { - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; - uint8_t *plaintext; - struct rte_mbuf *buf, *buf_oop = NULL; - int ret = TEST_SUCCESS; - int to_trn = 0; - int to_trn_tbl[16]; - int segs = 1; - unsigned int trn_data = 0; - struct rte_security_ctx *ctx = (struct rte_security_ctx *) - rte_cryptodev_get_sec_ctx( - ts_params->valid_devs[0]); + struct ipsec_test_flags flags; - /* Verify the capabilities */ - struct rte_security_capability_idx sec_cap_idx; + memset(&flags, 0, sizeof(flags)); - sec_cap_idx.action = ut_params->type; - sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_PDCP; - sec_cap_idx.pdcp.domain = pdcp_test_params[i].domain; - if (rte_security_capability_get(ctx, &sec_cap_idx) == NULL) - return -ENOTSUP; + flags.ipv6 = true; + flags.tunnel_ipv6 = false; - if (fragsz > input_vec_len) - fragsz = input_vec_len; + return test_ipsec_proto_all(&flags); +} - uint16_t plaintext_len = fragsz; - uint16_t frag_size_oop = fragsz_oop ? fragsz_oop : fragsz; +static int +test_ipsec_proto_transport_v4(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - if (fragsz_oop > output_vec_len) - frag_size_oop = output_vec_len; + memset(&flags, 0, sizeof(flags)); - int ecx = 0; - if (input_vec_len % fragsz != 0) { - if (input_vec_len / fragsz + 1 > 16) - return 1; - } else if (input_vec_len / fragsz > 16) - return 1; + flags.ipv6 = false; + flags.transport = true; - /* Out of place support */ - if (oop) { - /* - * For out-op-place we need to alloc another mbuf - */ - ut_params->obuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); - rte_pktmbuf_append(ut_params->obuf, frag_size_oop); - buf_oop = ut_params->obuf; - } + return test_ipsec_proto_all(&flags); +} - /* Generate test mbuf data */ - ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); +static int +test_ipsec_proto_transport_l4_csum(const void *data __rte_unused) +{ + struct ipsec_test_flags flags = { + .l4_csum = true, + .transport = true, + }; - /* clear mbuf payload */ - memset(rte_pktmbuf_mtod(ut_params->ibuf, uint8_t *), 0, - rte_pktmbuf_tailroom(ut_params->ibuf)); + return test_ipsec_proto_all(&flags); +} - plaintext = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf, - plaintext_len); - memcpy(plaintext, input_vec, plaintext_len); - trn_data += plaintext_len; +static int +test_ipsec_proto_stats(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - buf = ut_params->ibuf; + memset(&flags, 0, sizeof(flags)); - /* - * Loop until no more fragments - */ + flags.stats_success = true; - while (trn_data < input_vec_len) { - ++segs; - to_trn = (input_vec_len - trn_data < fragsz) ? - (input_vec_len - trn_data) : fragsz; + return test_ipsec_proto_all(&flags); +} - to_trn_tbl[ecx++] = to_trn; +static int +test_ipsec_proto_pkt_fragment(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - buf->next = rte_pktmbuf_alloc(ts_params->mbuf_pool); - buf = buf->next; + memset(&flags, 0, sizeof(flags)); - memset(rte_pktmbuf_mtod(buf, uint8_t *), 0, - rte_pktmbuf_tailroom(buf)); + flags.fragment = true; - /* OOP */ - if (oop && !fragsz_oop) { - buf_oop->next = - rte_pktmbuf_alloc(ts_params->mbuf_pool); - buf_oop = buf_oop->next; - memset(rte_pktmbuf_mtod(buf_oop, uint8_t *), - 0, rte_pktmbuf_tailroom(buf_oop)); - rte_pktmbuf_append(buf_oop, to_trn); - } + return test_ipsec_proto_all(&flags); - plaintext = (uint8_t *)rte_pktmbuf_append(buf, - to_trn); +} + +static int +test_ipsec_proto_copy_df_inner_0(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; + + memset(&flags, 0, sizeof(flags)); + + flags.df = TEST_IPSEC_COPY_DF_INNER_0; + + return test_ipsec_proto_all(&flags); +} - memcpy(plaintext, input_vec + trn_data, to_trn); - trn_data += to_trn; - } +static int +test_ipsec_proto_copy_df_inner_1(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - ut_params->ibuf->nb_segs = segs; + memset(&flags, 0, sizeof(flags)); - segs = 1; - if (fragsz_oop && oop) { - to_trn = 0; - ecx = 0; + flags.df = TEST_IPSEC_COPY_DF_INNER_1; - trn_data = frag_size_oop; - while (trn_data < output_vec_len) { - ++segs; - to_trn = - (output_vec_len - trn_data < - frag_size_oop) ? - (output_vec_len - trn_data) : - frag_size_oop; + return test_ipsec_proto_all(&flags); +} - to_trn_tbl[ecx++] = to_trn; +static int +test_ipsec_proto_set_df_0_inner_1(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - buf_oop->next = - rte_pktmbuf_alloc(ts_params->mbuf_pool); - buf_oop = buf_oop->next; - memset(rte_pktmbuf_mtod(buf_oop, uint8_t *), - 0, rte_pktmbuf_tailroom(buf_oop)); - rte_pktmbuf_append(buf_oop, to_trn); + memset(&flags, 0, sizeof(flags)); - trn_data += to_trn; - } - ut_params->obuf->nb_segs = segs; - } + flags.df = TEST_IPSEC_SET_DF_0_INNER_1; - /* Setup Cipher Parameters */ - ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; - ut_params->cipher_xform.cipher.algo = pdcp_test_params[i].cipher_alg; - ut_params->cipher_xform.cipher.op = opc; - ut_params->cipher_xform.cipher.key.data = pdcp_test_crypto_key[i]; - ut_params->cipher_xform.cipher.key.length = - pdcp_test_params[i].cipher_key_len; - ut_params->cipher_xform.cipher.iv.length = 0; + return test_ipsec_proto_all(&flags); +} - /* Setup HMAC Parameters if ICV header is required */ - if (pdcp_test_params[i].auth_alg != 0) { - ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH; - ut_params->auth_xform.next = NULL; - ut_params->auth_xform.auth.algo = pdcp_test_params[i].auth_alg; - ut_params->auth_xform.auth.op = opa; - ut_params->auth_xform.auth.key.data = pdcp_test_auth_key[i]; - ut_params->auth_xform.auth.key.length = - pdcp_test_params[i].auth_key_len; +static int +test_ipsec_proto_set_df_1_inner_0(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - ut_params->cipher_xform.next = &ut_params->auth_xform; - } else { - ut_params->cipher_xform.next = NULL; - } + memset(&flags, 0, sizeof(flags)); - struct rte_security_session_conf sess_conf = { - .action_type = ut_params->type, - .protocol = RTE_SECURITY_PROTOCOL_PDCP, - {.pdcp = { - .bearer = pdcp_test_bearer[i], - .domain = pdcp_test_params[i].domain, - .pkt_dir = pdcp_test_packet_direction[i], - .sn_size = pdcp_test_data_sn_size[i], - .hfn = pdcp_test_hfn[i], - .hfn_threshold = pdcp_test_hfn_threshold[i], - .hfn_ovrd = 0, - } }, - .crypto_xform = &ut_params->cipher_xform - }; + flags.df = TEST_IPSEC_SET_DF_1_INNER_0; - /* Create security session */ - ut_params->sec_session = rte_security_session_create(ctx, - &sess_conf, ts_params->session_priv_mpool); + return test_ipsec_proto_all(&flags); +} - if (!ut_params->sec_session) { - printf("TestCase %s()-%d line %d failed %s: ", - __func__, i, __LINE__, "Failed to allocate session"); - ret = TEST_FAILED; - goto on_err; - } +static int +test_ipsec_proto_ipv4_copy_dscp_inner_0(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - /* Generate crypto op data structure */ - ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, - RTE_CRYPTO_OP_TYPE_SYMMETRIC); - if (!ut_params->op) { - printf("TestCase %s()-%d line %d failed %s: ", - __func__, i, __LINE__, - "Failed to allocate symmetric crypto operation struct"); - ret = TEST_FAILED; - goto on_err; - } + memset(&flags, 0, sizeof(flags)); - rte_security_attach_session(ut_params->op, ut_params->sec_session); + flags.dscp = TEST_IPSEC_COPY_DSCP_INNER_0; - /* set crypto operation source mbuf */ - ut_params->op->sym->m_src = ut_params->ibuf; - if (oop) - ut_params->op->sym->m_dst = ut_params->obuf; + return test_ipsec_proto_all(&flags); +} - /* Process crypto operation */ - if (process_crypto_request(ts_params->valid_devs[0], ut_params->op) - == NULL) { - printf("TestCase %s()-%d line %d failed %s: ", - __func__, i, __LINE__, - "failed to process sym crypto op"); - ret = TEST_FAILED; - goto on_err; - } +static int +test_ipsec_proto_ipv4_copy_dscp_inner_1(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - if (ut_params->op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) { - printf("TestCase %s()-%d line %d failed %s: ", - __func__, i, __LINE__, "crypto op processing failed"); - ret = TEST_FAILED; - goto on_err; - } + memset(&flags, 0, sizeof(flags)); - /* Validate obuf */ - uint8_t *ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_src, - uint8_t *); - if (oop) { - ciphertext = rte_pktmbuf_mtod(ut_params->op->sym->m_dst, - uint8_t *); - } - if (fragsz_oop) - fragsz = frag_size_oop; - if (memcmp(ciphertext, output_vec, fragsz)) { - printf("\n=======PDCP TestCase #%d failed: Data Mismatch ", i); - rte_hexdump(stdout, "encrypted", ciphertext, fragsz); - rte_hexdump(stdout, "reference", output_vec, fragsz); - ret = TEST_FAILED; - goto on_err; - } + flags.dscp = TEST_IPSEC_COPY_DSCP_INNER_1; - buf = ut_params->op->sym->m_src->next; - if (oop) - buf = ut_params->op->sym->m_dst->next; + return test_ipsec_proto_all(&flags); +} - unsigned int off = fragsz; +static int +test_ipsec_proto_ipv4_set_dscp_0_inner_1(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; - ecx = 0; - while (buf) { - ciphertext = rte_pktmbuf_mtod(buf, - uint8_t *); - if (memcmp(ciphertext, output_vec + off, to_trn_tbl[ecx])) { - printf("\n=======PDCP TestCase #%d failed: Data Mismatch ", i); - rte_hexdump(stdout, "encrypted", ciphertext, to_trn_tbl[ecx]); - rte_hexdump(stdout, "reference", output_vec + off, - to_trn_tbl[ecx]); - ret = TEST_FAILED; - goto on_err; - } - off += to_trn_tbl[ecx++]; - buf = buf->next; - } -on_err: - rte_crypto_op_free(ut_params->op); - ut_params->op = NULL; + if (gbl_driver_id == rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_CN9K_PMD))) + return TEST_SKIPPED; - if (ut_params->sec_session) - rte_security_session_destroy(ctx, ut_params->sec_session); - ut_params->sec_session = NULL; + memset(&flags, 0, sizeof(flags)); - rte_pktmbuf_free(ut_params->ibuf); - ut_params->ibuf = NULL; - if (oop) { - rte_pktmbuf_free(ut_params->obuf); - ut_params->obuf = NULL; - } + flags.dscp = TEST_IPSEC_SET_DSCP_0_INNER_1; - return ret; + return test_ipsec_proto_all(&flags); } -int -test_pdcp_proto_cplane_encap(int i) +static int +test_ipsec_proto_ipv4_set_dscp_1_inner_0(const void *data __rte_unused) { - return test_pdcp_proto( - i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE, - pdcp_test_data_in[i], pdcp_test_data_in_len[i], - pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4, - pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], - pdcp_test_params[i].cipher_key_len, - pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], - pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], - pdcp_test_params[i].domain, pdcp_test_packet_direction[i], - pdcp_test_data_sn_size[i], pdcp_test_hfn[i], - pdcp_test_hfn_threshold[i], SDAP_DISABLED); + struct ipsec_test_flags flags; + + if (gbl_driver_id == rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_CN9K_PMD))) + return TEST_SKIPPED; + + memset(&flags, 0, sizeof(flags)); + + flags.dscp = TEST_IPSEC_SET_DSCP_1_INNER_0; + + return test_ipsec_proto_all(&flags); } -int -test_pdcp_proto_uplane_encap(int i) +static int +test_ipsec_proto_ipv6_copy_dscp_inner_0(const void *data __rte_unused) { - return test_pdcp_proto( - i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE, - pdcp_test_data_in[i], pdcp_test_data_in_len[i], - pdcp_test_data_out[i], pdcp_test_data_in_len[i], - pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], - pdcp_test_params[i].cipher_key_len, - pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], - pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], - pdcp_test_params[i].domain, pdcp_test_packet_direction[i], - pdcp_test_data_sn_size[i], pdcp_test_hfn[i], - pdcp_test_hfn_threshold[i], SDAP_DISABLED); + struct ipsec_test_flags flags; + + memset(&flags, 0, sizeof(flags)); + + flags.ipv6 = true; + flags.tunnel_ipv6 = true; + flags.dscp = TEST_IPSEC_COPY_DSCP_INNER_0; + + return test_ipsec_proto_all(&flags); } -int -test_pdcp_proto_uplane_encap_with_int(int i) +static int +test_ipsec_proto_ipv6_copy_dscp_inner_1(const void *data __rte_unused) { - return test_pdcp_proto( - i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, RTE_CRYPTO_AUTH_OP_GENERATE, - pdcp_test_data_in[i], pdcp_test_data_in_len[i], - pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4, - pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], - pdcp_test_params[i].cipher_key_len, - pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], - pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], - pdcp_test_params[i].domain, pdcp_test_packet_direction[i], - pdcp_test_data_sn_size[i], pdcp_test_hfn[i], - pdcp_test_hfn_threshold[i], SDAP_DISABLED); + struct ipsec_test_flags flags; + + memset(&flags, 0, sizeof(flags)); + + flags.ipv6 = true; + flags.tunnel_ipv6 = true; + flags.dscp = TEST_IPSEC_COPY_DSCP_INNER_1; + + return test_ipsec_proto_all(&flags); } -int -test_pdcp_proto_cplane_decap(int i) +static int +test_ipsec_proto_ipv6_set_dscp_0_inner_1(const void *data __rte_unused) { - return test_pdcp_proto( - i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY, - pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4, - pdcp_test_data_in[i], pdcp_test_data_in_len[i], - pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], - pdcp_test_params[i].cipher_key_len, - pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], - pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], - pdcp_test_params[i].domain, pdcp_test_packet_direction[i], - pdcp_test_data_sn_size[i], pdcp_test_hfn[i], - pdcp_test_hfn_threshold[i], SDAP_DISABLED); + struct ipsec_test_flags flags; + + if (gbl_driver_id == rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_CN9K_PMD))) + return TEST_SKIPPED; + + memset(&flags, 0, sizeof(flags)); + + flags.ipv6 = true; + flags.tunnel_ipv6 = true; + flags.dscp = TEST_IPSEC_SET_DSCP_0_INNER_1; + + return test_ipsec_proto_all(&flags); } -int -test_pdcp_proto_uplane_decap(int i) -{ - return test_pdcp_proto( - i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY, - pdcp_test_data_out[i], pdcp_test_data_in_len[i], - pdcp_test_data_in[i], pdcp_test_data_in_len[i], - pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], - pdcp_test_params[i].cipher_key_len, - pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], - pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], - pdcp_test_params[i].domain, pdcp_test_packet_direction[i], - pdcp_test_data_sn_size[i], pdcp_test_hfn[i], - pdcp_test_hfn_threshold[i], SDAP_DISABLED); +static int +test_ipsec_proto_ipv6_set_dscp_1_inner_0(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; + + if (gbl_driver_id == rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_CN9K_PMD))) + return TEST_SKIPPED; + + memset(&flags, 0, sizeof(flags)); + + flags.ipv6 = true; + flags.tunnel_ipv6 = true; + flags.dscp = TEST_IPSEC_SET_DSCP_1_INNER_0; + + return test_ipsec_proto_all(&flags); } -int -test_pdcp_proto_uplane_decap_with_int(int i) +static int +test_ipsec_pkt_replay(const void *test_data, const uint64_t esn[], + bool replayed_pkt[], uint32_t nb_pkts, bool esn_en, + uint64_t winsz) { - return test_pdcp_proto( - i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, RTE_CRYPTO_AUTH_OP_VERIFY, - pdcp_test_data_out[i], pdcp_test_data_in_len[i] + 4, - pdcp_test_data_in[i], pdcp_test_data_in_len[i], - pdcp_test_params[i].cipher_alg, pdcp_test_crypto_key[i], - pdcp_test_params[i].cipher_key_len, - pdcp_test_params[i].auth_alg, pdcp_test_auth_key[i], - pdcp_test_params[i].auth_key_len, pdcp_test_bearer[i], - pdcp_test_params[i].domain, pdcp_test_packet_direction[i], - pdcp_test_data_sn_size[i], pdcp_test_hfn[i], - pdcp_test_hfn_threshold[i], SDAP_DISABLED); + struct ipsec_test_data td_outb[IPSEC_TEST_PACKETS_MAX]; + struct ipsec_test_data td_inb[IPSEC_TEST_PACKETS_MAX]; + struct ipsec_test_flags flags; + uint32_t i = 0, ret = 0; + + memset(&flags, 0, sizeof(flags)); + flags.antireplay = true; + + for (i = 0; i < nb_pkts; i++) { + memcpy(&td_outb[i], test_data, sizeof(td_outb[i])); + td_outb[i].ipsec_xform.options.iv_gen_disable = 1; + td_outb[i].ipsec_xform.replay_win_sz = winsz; + td_outb[i].ipsec_xform.options.esn = esn_en; + } + + for (i = 0; i < nb_pkts; i++) + td_outb[i].ipsec_xform.esn.value = esn[i]; + + ret = test_ipsec_proto_process(td_outb, td_inb, nb_pkts, true, + &flags); + if (ret != TEST_SUCCESS) + return ret; + + test_ipsec_td_update(td_inb, td_outb, nb_pkts, &flags); + + for (i = 0; i < nb_pkts; i++) { + td_inb[i].ipsec_xform.options.esn = esn_en; + /* Set antireplay flag for packets to be dropped */ + td_inb[i].ar_packet = replayed_pkt[i]; + } + + ret = test_ipsec_proto_process(td_inb, NULL, nb_pkts, true, + &flags); + + return ret; } static int -test_PDCP_PROTO_SGL_in_place_32B(void) +test_ipsec_proto_pkt_antireplay(const void *test_data, uint64_t winsz) { - /* i can be used for running any PDCP case - * In this case it is uplane 12-bit AES-SNOW DL encap - */ - int i = PDCP_UPLANE_12BIT_OFFSET + AES_ENC + SNOW_AUTH + DOWNLINK; - return test_pdcp_proto_SGL(i, IN_PLACE, - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, - pdcp_test_data_in[i], - pdcp_test_data_in_len[i], - pdcp_test_data_out[i], - pdcp_test_data_in_len[i]+4, - 32, 0); + + uint32_t nb_pkts = 5; + bool replayed_pkt[5]; + uint64_t esn[5]; + + /* 1. Advance the TOP of the window to WS * 2 */ + esn[0] = winsz * 2; + /* 2. Test sequence number within the new window(WS + 1) */ + esn[1] = winsz + 1; + /* 3. Test sequence number less than the window BOTTOM */ + esn[2] = winsz; + /* 4. Test sequence number in the middle of the window */ + esn[3] = winsz + (winsz / 2); + /* 5. Test replay of the packet in the middle of the window */ + esn[4] = winsz + (winsz / 2); + + replayed_pkt[0] = false; + replayed_pkt[1] = false; + replayed_pkt[2] = true; + replayed_pkt[3] = false; + replayed_pkt[4] = true; + + return test_ipsec_pkt_replay(test_data, esn, replayed_pkt, nb_pkts, + false, winsz); } + static int -test_PDCP_PROTO_SGL_oop_32B_128B(void) +test_ipsec_proto_pkt_antireplay1024(const void *test_data) { - /* i can be used for running any PDCP case - * In this case it is uplane 18-bit NULL-NULL DL encap - */ - int i = PDCP_UPLANE_18BIT_OFFSET + NULL_ENC + NULL_AUTH + DOWNLINK; - return test_pdcp_proto_SGL(i, OUT_OF_PLACE, - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, - pdcp_test_data_in[i], - pdcp_test_data_in_len[i], - pdcp_test_data_out[i], - pdcp_test_data_in_len[i]+4, - 32, 128); + return test_ipsec_proto_pkt_antireplay(test_data, 1024); } + static int -test_PDCP_PROTO_SGL_oop_32B_40B(void) +test_ipsec_proto_pkt_antireplay2048(const void *test_data) { - /* i can be used for running any PDCP case - * In this case it is uplane 18-bit AES DL encap - */ - int i = PDCP_UPLANE_OFFSET + AES_ENC + EIGHTEEN_BIT_SEQ_NUM_OFFSET - + DOWNLINK; - return test_pdcp_proto_SGL(i, OUT_OF_PLACE, - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, - pdcp_test_data_in[i], - pdcp_test_data_in_len[i], - pdcp_test_data_out[i], - pdcp_test_data_in_len[i], - 32, 40); + return test_ipsec_proto_pkt_antireplay(test_data, 2048); } + static int -test_PDCP_PROTO_SGL_oop_128B_32B(void) +test_ipsec_proto_pkt_antireplay4096(const void *test_data) { - /* i can be used for running any PDCP case - * In this case it is cplane 12-bit AES-ZUC DL encap - */ - int i = PDCP_CPLANE_LONG_SN_OFFSET + AES_ENC + ZUC_AUTH + DOWNLINK; - return test_pdcp_proto_SGL(i, OUT_OF_PLACE, - RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, - pdcp_test_data_in[i], - pdcp_test_data_in_len[i], - pdcp_test_data_out[i], - pdcp_test_data_in_len[i]+4, - 128, 32); + return test_ipsec_proto_pkt_antireplay(test_data, 4096); } static int -test_PDCP_SDAP_PROTO_encap_all(void) +test_ipsec_proto_pkt_esn_antireplay(const void *test_data, uint64_t winsz) { - int i = 0, size = 0; - int err, all_err = TEST_SUCCESS; - const struct pdcp_sdap_test *cur_test; - size = ARRAY_SIZE(list_pdcp_sdap_tests); + uint32_t nb_pkts = 7; + bool replayed_pkt[7]; + uint64_t esn[7]; - for (i = 0; i < size; i++) { - cur_test = &list_pdcp_sdap_tests[i]; - err = test_pdcp_proto( - i, 0, RTE_CRYPTO_CIPHER_OP_ENCRYPT, - RTE_CRYPTO_AUTH_OP_GENERATE, cur_test->data_in, - cur_test->in_len, cur_test->data_out, - cur_test->in_len + ((cur_test->auth_key) ? 4 : 0), - cur_test->param.cipher_alg, cur_test->cipher_key, - cur_test->param.cipher_key_len, - cur_test->param.auth_alg, - cur_test->auth_key, cur_test->param.auth_key_len, - cur_test->bearer, cur_test->param.domain, - cur_test->packet_direction, cur_test->sn_size, - cur_test->hfn, - cur_test->hfn_threshold, SDAP_ENABLED); - if (err) { - printf("\t%d) %s: Encapsulation failed\n", - cur_test->test_idx, - cur_test->param.name); - err = TEST_FAILED; - } else { - printf("\t%d) %s: Encap PASS\n", cur_test->test_idx, - cur_test->param.name); - err = TEST_SUCCESS; - } - all_err += err; - } + /* Set the initial sequence number */ + esn[0] = (uint64_t)(0xFFFFFFFF - winsz); + /* 1. Advance the TOP of the window to (1<<32 + WS/2) */ + esn[1] = (uint64_t)((1ULL << 32) + (winsz / 2)); + /* 2. Test sequence number within new window (1<<32 + WS/2 + 1) */ + esn[2] = (uint64_t)((1ULL << 32) - (winsz / 2) + 1); + /* 3. Test with sequence number within window (1<<32 - 1) */ + esn[3] = (uint64_t)((1ULL << 32) - 1); + /* 4. Test with sequence number within window (1<<32 - 1) */ + esn[4] = (uint64_t)(1ULL << 32); + /* 5. Test with duplicate sequence number within + * new window (1<<32 - 1) + */ + esn[5] = (uint64_t)((1ULL << 32) - 1); + /* 6. Test with duplicate sequence number within new window (1<<32) */ + esn[6] = (uint64_t)(1ULL << 32); - printf("Success: %d, Failure: %d\n", size + all_err, -all_err); + replayed_pkt[0] = false; + replayed_pkt[1] = false; + replayed_pkt[2] = false; + replayed_pkt[3] = false; + replayed_pkt[4] = false; + replayed_pkt[5] = true; + replayed_pkt[6] = true; - return (all_err == TEST_SUCCESS) ? TEST_SUCCESS : TEST_FAILED; + return test_ipsec_pkt_replay(test_data, esn, replayed_pkt, nb_pkts, + true, winsz); } static int -test_PDCP_SDAP_PROTO_decap_all(void) +test_ipsec_proto_pkt_esn_antireplay1024(const void *test_data) { - int i = 0, size = 0; - int err, all_err = TEST_SUCCESS; - const struct pdcp_sdap_test *cur_test; - - size = ARRAY_SIZE(list_pdcp_sdap_tests); - - for (i = 0; i < size; i++) { - cur_test = &list_pdcp_sdap_tests[i]; - err = test_pdcp_proto( - i, 0, RTE_CRYPTO_CIPHER_OP_DECRYPT, - RTE_CRYPTO_AUTH_OP_VERIFY, - cur_test->data_out, - cur_test->in_len + ((cur_test->auth_key) ? 4 : 0), - cur_test->data_in, cur_test->in_len, - cur_test->param.cipher_alg, - cur_test->cipher_key, cur_test->param.cipher_key_len, - cur_test->param.auth_alg, cur_test->auth_key, - cur_test->param.auth_key_len, cur_test->bearer, - cur_test->param.domain, cur_test->packet_direction, - cur_test->sn_size, cur_test->hfn, - cur_test->hfn_threshold, SDAP_ENABLED); - if (err) { - printf("\t%d) %s: Decapsulation failed\n", - cur_test->test_idx, - cur_test->param.name); - err = TEST_FAILED; - } else { - printf("\t%d) %s: Decap PASS\n", cur_test->test_idx, - cur_test->param.name); - err = TEST_SUCCESS; - } - all_err += err; - } + return test_ipsec_proto_pkt_esn_antireplay(test_data, 1024); +} - printf("Success: %d, Failure: %d\n", size + all_err, -all_err); +static int +test_ipsec_proto_pkt_esn_antireplay2048(const void *test_data) +{ + return test_ipsec_proto_pkt_esn_antireplay(test_data, 2048); +} - return (all_err == TEST_SUCCESS) ? TEST_SUCCESS : TEST_FAILED; +static int +test_ipsec_proto_pkt_esn_antireplay4096(const void *test_data) +{ + return test_ipsec_proto_pkt_esn_antireplay(test_data, 4096); } static int @@ -8380,7 +10186,7 @@ test_PDCP_PROTO_all(void) uint64_t feat_flags = dev_info.feature_flags; if (!(feat_flags & RTE_CRYPTODEV_FF_SECURITY)) - return -ENOTSUP; + return TEST_SKIPPED; /* Set action type */ ut_params->type = gbl_action_type == RTE_SECURITY_ACTION_TYPE_NONE ? @@ -8389,7 +10195,7 @@ test_PDCP_PROTO_all(void) if (security_proto_supported(ut_params->type, RTE_SECURITY_PROTOCOL_PDCP) < 0) - return -ENOTSUP; + return TEST_SKIPPED; status = test_PDCP_PROTO_cplane_encap_all(); status += test_PDCP_PROTO_cplane_decap_all(); @@ -8401,6 +10207,7 @@ test_PDCP_PROTO_all(void) status += test_PDCP_PROTO_SGL_oop_128B_32B(); status += test_PDCP_SDAP_PROTO_encap_all(); status += test_PDCP_SDAP_PROTO_decap_all(); + status += test_PDCP_PROTO_short_mac(); if (status) return TEST_FAILED; @@ -8409,11 +10216,34 @@ test_PDCP_PROTO_all(void) } static int -test_docsis_proto_uplink(int i, struct docsis_test_data *d_td) +test_ipsec_proto_ipv4_ttl_decrement(const void *data __rte_unused) +{ + struct ipsec_test_flags flags = { + .dec_ttl_or_hop_limit = true + }; + + return test_ipsec_proto_all(&flags); +} + +static int +test_ipsec_proto_ipv6_hop_limit_decrement(const void *data __rte_unused) +{ + struct ipsec_test_flags flags = { + .ipv6 = true, + .dec_ttl_or_hop_limit = true + }; + + return test_ipsec_proto_all(&flags); +} + +static int +test_docsis_proto_uplink(const void *data) { + const struct docsis_test_data *d_td = data; struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - uint8_t *plaintext, *ciphertext; + uint8_t *plaintext = NULL; + uint8_t *ciphertext = NULL; uint8_t *iv_ptr; int32_t cipher_len, crc_len; uint32_t crc_data_len; @@ -8430,13 +10260,22 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td) const struct rte_cryptodev_symmetric_capability *sym_cap; int j = 0; + /* Set action type */ + ut_params->type = gbl_action_type == RTE_SECURITY_ACTION_TYPE_NONE ? + RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL : + gbl_action_type; + + if (security_proto_supported(ut_params->type, + RTE_SECURITY_PROTOCOL_DOCSIS) < 0) + return TEST_SKIPPED; + sec_cap_idx.action = ut_params->type; sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_DOCSIS; sec_cap_idx.docsis.direction = RTE_SECURITY_DOCSIS_UPLINK; sec_cap = rte_security_capability_get(ctx, &sec_cap_idx); if (sec_cap == NULL) - return -ENOTSUP; + return TEST_SKIPPED; while ((crypto_cap = &sec_cap->crypto_capabilities[j++])->op != RTE_CRYPTO_OP_TYPE_UNDEFINED) { @@ -8454,7 +10293,7 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td) } if (crypto_cap->op == RTE_CRYPTO_OP_TYPE_UNDEFINED) - return -ENOTSUP; + return TEST_SKIPPED; /* Setup source mbuf payload */ ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); @@ -8488,11 +10327,12 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td) /* Create security session */ ut_params->sec_session = rte_security_session_create(ctx, &sess_conf, + ts_params->session_mpool, ts_params->session_priv_mpool); if (!ut_params->sec_session) { - printf("TestCase %s(%d) line %d: %s\n", - __func__, i, __LINE__, "failed to allocate session"); + printf("Test function %s line %u: failed to allocate session\n", + __func__, __LINE__); ret = TEST_FAILED; goto on_err; } @@ -8501,9 +10341,8 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td) ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, RTE_CRYPTO_OP_TYPE_SYMMETRIC); if (!ut_params->op) { - printf("TestCase %s(%d) line %d: %s\n", - __func__, i, __LINE__, - "failed to allocate symmetric crypto operation"); + printf("Test function %s line %u: failed to allocate symmetric " + "crypto operation\n", __func__, __LINE__); ret = TEST_FAILED; goto on_err; } @@ -8542,16 +10381,15 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td) /* Process crypto operation */ if (process_crypto_request(ts_params->valid_devs[0], ut_params->op) == NULL) { - printf("TestCase %s(%d) line %d: %s\n", - __func__, i, __LINE__, - "failed to process security crypto op"); + printf("Test function %s line %u: failed to process security " + "crypto op\n", __func__, __LINE__); ret = TEST_FAILED; goto on_err; } if (ut_params->op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) { - printf("TestCase %s(%d) line %d: %s\n", - __func__, i, __LINE__, "crypto op processing failed"); + printf("Test function %s line %u: failed to process crypto op\n", + __func__, __LINE__); ret = TEST_FAILED; goto on_err; } @@ -8561,8 +10399,8 @@ test_docsis_proto_uplink(int i, struct docsis_test_data *d_td) if (memcmp(plaintext, d_td->plaintext.data, d_td->plaintext.len - crc_data_len)) { - printf("TestCase %s(%d) line %d: %s\n", - __func__, i, __LINE__, "plaintext not as expected\n"); + printf("Test function %s line %u: plaintext not as expected\n", + __func__, __LINE__); rte_hexdump(stdout, "expected", d_td->plaintext.data, d_td->plaintext.len); rte_hexdump(stdout, "actual", plaintext, d_td->plaintext.len); @@ -8585,11 +10423,13 @@ on_err: } static int -test_docsis_proto_downlink(int i, struct docsis_test_data *d_td) +test_docsis_proto_downlink(const void *data) { + const struct docsis_test_data *d_td = data; struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; - uint8_t *plaintext, *ciphertext; + uint8_t *plaintext = NULL; + uint8_t *ciphertext = NULL; uint8_t *iv_ptr; int32_t cipher_len, crc_len; int ret = TEST_SUCCESS; @@ -8605,13 +10445,22 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td) const struct rte_cryptodev_symmetric_capability *sym_cap; int j = 0; + /* Set action type */ + ut_params->type = gbl_action_type == RTE_SECURITY_ACTION_TYPE_NONE ? + RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL : + gbl_action_type; + + if (security_proto_supported(ut_params->type, + RTE_SECURITY_PROTOCOL_DOCSIS) < 0) + return TEST_SKIPPED; + sec_cap_idx.action = ut_params->type; sec_cap_idx.protocol = RTE_SECURITY_PROTOCOL_DOCSIS; sec_cap_idx.docsis.direction = RTE_SECURITY_DOCSIS_DOWNLINK; sec_cap = rte_security_capability_get(ctx, &sec_cap_idx); if (sec_cap == NULL) - return -ENOTSUP; + return TEST_SKIPPED; while ((crypto_cap = &sec_cap->crypto_capabilities[j++])->op != RTE_CRYPTO_OP_TYPE_UNDEFINED) { @@ -8629,7 +10478,7 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td) } if (crypto_cap->op == RTE_CRYPTO_OP_TYPE_UNDEFINED) - return -ENOTSUP; + return TEST_SKIPPED; /* Setup source mbuf payload */ ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); @@ -8663,11 +10512,12 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td) /* Create security session */ ut_params->sec_session = rte_security_session_create(ctx, &sess_conf, + ts_params->session_mpool, ts_params->session_priv_mpool); if (!ut_params->sec_session) { - printf("TestCase %s(%d) line %d: %s\n", - __func__, i, __LINE__, "failed to allocate session"); + printf("Test function %s line %u: failed to allocate session\n", + __func__, __LINE__); ret = TEST_FAILED; goto on_err; } @@ -8676,9 +10526,8 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td) ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool, RTE_CRYPTO_OP_TYPE_SYMMETRIC); if (!ut_params->op) { - printf("TestCase %s(%d) line %d: %s\n", - __func__, i, __LINE__, - "failed to allocate security crypto operation"); + printf("Test function %s line %u: failed to allocate symmetric " + "crypto operation\n", __func__, __LINE__); ret = TEST_FAILED; goto on_err; } @@ -8716,16 +10565,15 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td) /* Process crypto operation */ if (process_crypto_request(ts_params->valid_devs[0], ut_params->op) == NULL) { - printf("TestCase %s(%d) line %d: %s\n", - __func__, i, __LINE__, - "failed to process security crypto op"); + printf("Test function %s line %u: failed to process crypto op\n", + __func__, __LINE__); ret = TEST_FAILED; goto on_err; } if (ut_params->op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) { - printf("TestCase %s(%d) line %d: %s\n", - __func__, i, __LINE__, "crypto op processing failed"); + printf("Test function %s line %u: crypto op processing failed\n", + __func__, __LINE__); ret = TEST_FAILED; goto on_err; } @@ -8734,154 +10582,27 @@ test_docsis_proto_downlink(int i, struct docsis_test_data *d_td) ciphertext = plaintext; if (memcmp(ciphertext, d_td->ciphertext.data, d_td->ciphertext.len)) { - printf("TestCase %s(%d) line %d: %s\n", - __func__, i, __LINE__, "ciphertext not as expected\n"); - rte_hexdump(stdout, "expected", d_td->ciphertext.data, - d_td->ciphertext.len); - rte_hexdump(stdout, "actual", ciphertext, d_td->ciphertext.len); - ret = TEST_FAILED; - goto on_err; - } - -on_err: - rte_crypto_op_free(ut_params->op); - ut_params->op = NULL; - - if (ut_params->sec_session) - rte_security_session_destroy(ctx, ut_params->sec_session); - ut_params->sec_session = NULL; - - rte_pktmbuf_free(ut_params->ibuf); - ut_params->ibuf = NULL; - - return ret; -} - -#define TEST_DOCSIS_COUNT(func) do { \ - int ret = func; \ - if (ret == TEST_SUCCESS) { \ - printf("\t%2d)", n++); \ - printf("+++++ PASSED:" #func"\n"); \ - p++; \ - } else if (ret == -ENOTSUP) { \ - printf("\t%2d)", n++); \ - printf("~~~~~ UNSUPP:" #func"\n"); \ - u++; \ - } else { \ - printf("\t%2d)", n++); \ - printf("----- FAILED:" #func"\n"); \ - f++; \ - } \ -} while (0) - -static int -test_DOCSIS_PROTO_uplink_all(void) -{ - int p = 0, u = 0, f = 0, n = 0; - - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(1, &docsis_test_case_1)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(2, &docsis_test_case_2)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(3, &docsis_test_case_3)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(4, &docsis_test_case_4)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(5, &docsis_test_case_5)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(6, &docsis_test_case_6)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(7, &docsis_test_case_7)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(8, &docsis_test_case_8)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(9, &docsis_test_case_9)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(10, &docsis_test_case_10)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(11, &docsis_test_case_11)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(12, &docsis_test_case_12)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(13, &docsis_test_case_13)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(14, &docsis_test_case_14)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(15, &docsis_test_case_15)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(16, &docsis_test_case_16)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(17, &docsis_test_case_17)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(18, &docsis_test_case_18)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(19, &docsis_test_case_19)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(20, &docsis_test_case_20)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(21, &docsis_test_case_21)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(22, &docsis_test_case_22)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(23, &docsis_test_case_23)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(24, &docsis_test_case_24)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(25, &docsis_test_case_25)); - TEST_DOCSIS_COUNT(test_docsis_proto_uplink(26, &docsis_test_case_26)); - - if (f) - printf("## %s: %d passed out of %d (%d unsupported)\n", - __func__, p, n, u); - - return f; -}; - -static int -test_DOCSIS_PROTO_downlink_all(void) -{ - int p = 0, u = 0, f = 0, n = 0; - - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(1, &docsis_test_case_1)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(2, &docsis_test_case_2)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(3, &docsis_test_case_3)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(4, &docsis_test_case_4)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(5, &docsis_test_case_5)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(6, &docsis_test_case_6)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(7, &docsis_test_case_7)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(8, &docsis_test_case_8)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(9, &docsis_test_case_9)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(10, &docsis_test_case_10)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(11, &docsis_test_case_11)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(12, &docsis_test_case_12)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(13, &docsis_test_case_13)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(14, &docsis_test_case_14)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(15, &docsis_test_case_15)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(16, &docsis_test_case_16)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(17, &docsis_test_case_17)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(18, &docsis_test_case_18)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(19, &docsis_test_case_19)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(20, &docsis_test_case_20)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(21, &docsis_test_case_21)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(22, &docsis_test_case_22)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(23, &docsis_test_case_23)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(24, &docsis_test_case_24)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(25, &docsis_test_case_25)); - TEST_DOCSIS_COUNT(test_docsis_proto_downlink(26, &docsis_test_case_26)); - - if (f) - printf("## %s: %d passed out of %d (%d unsupported)\n", - __func__, p, n, u); - - return f; -}; - -static int -test_DOCSIS_PROTO_all(void) -{ - struct crypto_testsuite_params *ts_params = &testsuite_params; - struct crypto_unittest_params *ut_params = &unittest_params; - struct rte_cryptodev_info dev_info; - int status; - - rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); - uint64_t feat_flags = dev_info.feature_flags; - - if (!(feat_flags & RTE_CRYPTODEV_FF_SECURITY)) - return -ENOTSUP; + printf("Test function %s line %u: plaintext not as expected\n", + __func__, __LINE__); + rte_hexdump(stdout, "expected", d_td->ciphertext.data, + d_td->ciphertext.len); + rte_hexdump(stdout, "actual", ciphertext, d_td->ciphertext.len); + ret = TEST_FAILED; + goto on_err; + } - /* Set action type */ - ut_params->type = gbl_action_type == RTE_SECURITY_ACTION_TYPE_NONE ? - RTE_SECURITY_ACTION_TYPE_LOOKASIDE_PROTOCOL : - gbl_action_type; +on_err: + rte_crypto_op_free(ut_params->op); + ut_params->op = NULL; - if (security_proto_supported(ut_params->type, - RTE_SECURITY_PROTOCOL_DOCSIS) < 0) - return -ENOTSUP; + if (ut_params->sec_session) + rte_security_session_destroy(ctx, ut_params->sec_session); + ut_params->sec_session = NULL; - status = test_DOCSIS_PROTO_uplink_all(); - status += test_DOCSIS_PROTO_downlink_all(); + rte_pktmbuf_free(ut_params->ibuf); + ut_params->ibuf = NULL; - if (status) - return TEST_FAILED; - else - return TEST_SUCCESS; + return ret; } #endif @@ -9045,7 +10766,7 @@ test_AES_GCM_auth_encryption_fail_iv_corrupt(void) memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); tdata.iv.data[0] += 1; res = test_authenticated_encryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); return TEST_SUCCESS; @@ -9061,7 +10782,7 @@ test_AES_GCM_auth_encryption_fail_in_data_corrupt(void) memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); tdata.plaintext.data[0] += 1; res = test_authenticated_encryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); return TEST_SUCCESS; @@ -9077,7 +10798,7 @@ test_AES_GCM_auth_encryption_fail_out_data_corrupt(void) memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); tdata.ciphertext.data[0] += 1; res = test_authenticated_encryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); return TEST_SUCCESS; @@ -9093,7 +10814,7 @@ test_AES_GCM_auth_encryption_fail_aad_len_corrupt(void) memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); tdata.aad.len += 1; res = test_authenticated_encryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); return TEST_SUCCESS; @@ -9112,7 +10833,7 @@ test_AES_GCM_auth_encryption_fail_aad_corrupt(void) aad[0] += 1; tdata.aad.data = aad; res = test_authenticated_encryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); return TEST_SUCCESS; @@ -9128,7 +10849,7 @@ test_AES_GCM_auth_encryption_fail_tag_corrupt(void) memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); tdata.auth_tag.data[0] += 1; res = test_authenticated_encryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); return TEST_SUCCESS; @@ -9151,7 +10872,7 @@ test_authenticated_decryption(const struct aead_test_data *tdata) if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } /* Verify the capabilities */ @@ -9162,11 +10883,11 @@ test_authenticated_decryption(const struct aead_test_data *tdata) capability = rte_cryptodev_sym_capability_get( ts_params->valid_devs[0], &cap_idx); if (capability == NULL) - return -ENOTSUP; + return TEST_SKIPPED; if (rte_cryptodev_sym_capability_check_aead( capability, tdata->key.len, tdata->auth_tag.len, tdata->aad.len, tdata->iv.len)) - return -ENOTSUP; + return TEST_SKIPPED; /* Create AEAD session */ retval = create_aead_session(ts_params->valid_devs[0], @@ -9396,7 +11117,7 @@ test_AES_GCM_auth_decryption_fail_iv_corrupt(void) memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); tdata.iv.data[0] += 1; res = test_authenticated_decryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed"); return TEST_SUCCESS; @@ -9412,7 +11133,7 @@ test_AES_GCM_auth_decryption_fail_in_data_corrupt(void) memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); tdata.plaintext.data[0] += 1; res = test_authenticated_decryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed"); return TEST_SUCCESS; @@ -9427,7 +11148,7 @@ test_AES_GCM_auth_decryption_fail_out_data_corrupt(void) memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); tdata.ciphertext.data[0] += 1; res = test_authenticated_decryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed"); return TEST_SUCCESS; @@ -9442,7 +11163,7 @@ test_AES_GCM_auth_decryption_fail_aad_len_corrupt(void) memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); tdata.aad.len += 1; res = test_authenticated_decryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed"); return TEST_SUCCESS; @@ -9460,7 +11181,7 @@ test_AES_GCM_auth_decryption_fail_aad_corrupt(void) aad[0] += 1; tdata.aad.data = aad; res = test_authenticated_decryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed"); return TEST_SUCCESS; @@ -9475,7 +11196,7 @@ test_AES_GCM_auth_decryption_fail_tag_corrupt(void) memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); tdata.auth_tag.data[0] += 1; res = test_authenticated_decryption(&tdata); - if (res == -ENOTSUP) + if (res == TEST_SKIPPED) return res; TEST_ASSERT_EQUAL(res, TEST_FAILED, "authentication not failed"); return TEST_SUCCESS; @@ -9490,6 +11211,7 @@ test_authenticated_encryption_oop(const struct aead_test_data *tdata) int retval; uint8_t *ciphertext, *auth_tag; uint16_t plaintext_pad_len; + struct rte_cryptodev_info dev_info; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; @@ -9497,14 +11219,18 @@ test_authenticated_encryption_oop(const struct aead_test_data *tdata) cap_idx.algo.aead = tdata->algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; - if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; + + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) + return TEST_SKIPPED; /* not supported with CPU crypto */ if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) - return -ENOTSUP; + return TEST_SKIPPED; /* Create AEAD session */ retval = create_aead_session(ts_params->valid_devs[0], @@ -9536,7 +11262,11 @@ test_authenticated_encryption_oop(const struct aead_test_data *tdata) ut_params->op->sym->m_dst = ut_params->obuf; /* Process crypto operation */ - TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0], + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 0, 0, 0, 0); + else + TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0], ut_params->op), "failed to process sym crypto op"); TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, @@ -9582,6 +11312,10 @@ test_authenticated_decryption_oop(const struct aead_test_data *tdata) int retval; uint8_t *plaintext; + struct rte_cryptodev_info dev_info; + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + uint64_t feat_flags = dev_info.feature_flags; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; @@ -9589,12 +11323,18 @@ test_authenticated_decryption_oop(const struct aead_test_data *tdata) cap_idx.algo.aead = tdata->algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; /* not supported with CPU crypto and raw data-path APIs*/ if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO || global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + return TEST_SKIPPED; + + if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && + (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { + printf("Device does not support RAW data-path APIs.\n"); + return TEST_SKIPPED; + } /* Create AEAD session */ retval = create_aead_session(ts_params->valid_devs[0], @@ -9626,7 +11366,11 @@ test_authenticated_decryption_oop(const struct aead_test_data *tdata) ut_params->op->sym->m_dst = ut_params->obuf; /* Process crypto operation */ - TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0], + if (global_api_test_type == CRYPTODEV_RAW_API_TEST) + process_sym_raw_dp_op(ts_params->valid_devs[0], 0, + ut_params->op, 0, 0, 0, 0); + else + TEST_ASSERT_NOT_NULL(process_crypto_request(ts_params->valid_devs[0], ut_params->op), "failed to process sym crypto op"); TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS, @@ -9674,12 +11418,12 @@ test_authenticated_encryption_sessionless( if (!(feat_flags & RTE_CRYPTODEV_FF_SYM_SESSIONLESS)) { printf("Device doesn't support Sessionless ops.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } /* not supported with CPU crypto */ if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) - return -ENOTSUP; + return TEST_SKIPPED; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; @@ -9687,7 +11431,7 @@ test_authenticated_encryption_sessionless( cap_idx.algo.aead = tdata->algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); @@ -9776,18 +11520,18 @@ test_authenticated_decryption_sessionless( if (!(feat_flags & RTE_CRYPTODEV_FF_SYM_SESSIONLESS)) { printf("Device doesn't support Sessionless ops.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } /* not supported with CPU crypto */ if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) - return -ENOTSUP; + return TEST_SKIPPED; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; @@ -9795,7 +11539,7 @@ test_authenticated_decryption_sessionless( cap_idx.algo.aead = tdata->algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; /* alloc mbuf and set payload */ ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); @@ -9979,7 +11723,7 @@ test_stats(void) struct rte_cryptodev_stats stats; if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) - return -ENOTSUP; + return TEST_SKIPPED; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; @@ -9987,16 +11731,16 @@ test_stats(void) cap_idx.algo.auth = RTE_CRYPTO_AUTH_SHA1_HMAC; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_AES_CBC; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; if (rte_cryptodev_stats_get(ts_params->valid_devs[0], &stats) == -ENOTSUP) - return -ENOTSUP; + return TEST_SKIPPED; rte_cryptodev_stats_reset(ts_params->valid_devs[0]); TEST_ASSERT((rte_cryptodev_stats_get(ts_params->valid_devs[0] + 600, @@ -10046,6 +11790,7 @@ static int MD5_HMAC_create_session(struct crypto_testsuite_params *ts_params, const struct HMAC_MD5_vector *test_case) { uint8_t key[64]; + int status; memcpy(key, test_case->key.data, test_case->key.len); @@ -10061,13 +11806,15 @@ static int MD5_HMAC_create_session(struct crypto_testsuite_params *ts_params, ut_params->sess = rte_cryptodev_sym_session_create( ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + if (ut_params->sess == NULL) + return TEST_FAILED; - rte_cryptodev_sym_session_init(ts_params->valid_devs[0], + status = rte_cryptodev_sym_session_init(ts_params->valid_devs[0], ut_params->sess, &ut_params->auth_xform, ts_params->session_priv_mpool); - - if (ut_params->sess == NULL) - return TEST_FAILED; + if (status == -ENOTSUP) + return TEST_SKIPPED; ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); @@ -10130,7 +11877,7 @@ test_MD5_HMAC_generate(const struct HMAC_MD5_vector *test_case) if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } /* Verify the capabilities */ @@ -10139,7 +11886,7 @@ test_MD5_HMAC_generate(const struct HMAC_MD5_vector *test_case) cap_idx.algo.auth = RTE_CRYPTO_AUTH_MD5_HMAC; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; if (MD5_HMAC_create_session(ts_params, ut_params, RTE_CRYPTO_AUTH_OP_GENERATE, test_case)) @@ -10203,7 +11950,7 @@ test_MD5_HMAC_verify(const struct HMAC_MD5_vector *test_case) if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } /* Verify the capabilities */ @@ -10212,7 +11959,7 @@ test_MD5_HMAC_verify(const struct HMAC_MD5_vector *test_case) cap_idx.algo.auth = RTE_CRYPTO_AUTH_MD5_HMAC; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; if (MD5_HMAC_create_session(ts_params, ut_params, RTE_CRYPTO_AUTH_OP_VERIFY, test_case)) { @@ -10280,6 +12027,7 @@ test_multi_session(void) struct rte_cryptodev_sym_session **sessions; uint16_t i; + int status; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; @@ -10287,12 +12035,12 @@ test_multi_session(void) cap_idx.algo.auth = RTE_CRYPTO_AUTH_SHA512_HMAC; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_AES_CBC; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; test_AES_CBC_HMAC_SHA512_decrypt_create_session_params(ut_params, aes_cbc_key, hmac_sha512_key); @@ -10301,22 +12049,25 @@ test_multi_session(void) rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); sessions = rte_malloc(NULL, - (sizeof(struct rte_cryptodev_sym_session *) * - MAX_NB_SESSIONS) + 1, 0); + sizeof(struct rte_cryptodev_sym_session *) * + (MAX_NB_SESSIONS + 1), 0); /* Create multiple crypto sessions*/ for (i = 0; i < MAX_NB_SESSIONS; i++) { sessions[i] = rte_cryptodev_sym_session_create( ts_params->session_mpool); - - rte_cryptodev_sym_session_init(ts_params->valid_devs[0], - sessions[i], &ut_params->auth_xform, - ts_params->session_priv_mpool); TEST_ASSERT_NOT_NULL(sessions[i], "Session creation failed at session number %u", i); + status = rte_cryptodev_sym_session_init( + ts_params->valid_devs[0], + sessions[i], &ut_params->auth_xform, + ts_params->session_priv_mpool); + if (status == -ENOTSUP) + return TEST_SKIPPED; + /* Attempt to send a request on each session */ TEST_ASSERT_SUCCESS( test_AES_CBC_HMAC_SHA512_decrypt_perform( sessions[i], @@ -10347,6 +12098,7 @@ test_multi_session(void) } } + sessions[i] = NULL; /* Next session create should fail */ rte_cryptodev_sym_session_init(ts_params->valid_devs[0], sessions[i], &ut_params->auth_xform, @@ -10408,6 +12160,7 @@ test_multi_session_random_usage(void) }, }; + int status; /* Verify the capabilities */ struct rte_cryptodev_sym_capability_idx cap_idx; @@ -10415,12 +12168,12 @@ test_multi_session_random_usage(void) cap_idx.algo.auth = RTE_CRYPTO_AUTH_SHA512_HMAC; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; cap_idx.algo.cipher = RTE_CRYPTO_CIPHER_AES_CBC; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); @@ -10431,6 +12184,9 @@ test_multi_session_random_usage(void) for (i = 0; i < MB_SESSION_NUMBER; i++) { sessions[i] = rte_cryptodev_sym_session_create( ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(sessions[i], + "Session creation failed at session number %u", + i); rte_memcpy(&ut_paramz[i].ut_params, &unittest_params, sizeof(struct crypto_unittest_params)); @@ -10440,16 +12196,16 @@ test_multi_session_random_usage(void) ut_paramz[i].cipher_key, ut_paramz[i].hmac_key); /* Create multiple crypto sessions*/ - rte_cryptodev_sym_session_init( + status = rte_cryptodev_sym_session_init( ts_params->valid_devs[0], sessions[i], &ut_paramz[i].ut_params.auth_xform, ts_params->session_priv_mpool); - TEST_ASSERT_NOT_NULL(sessions[i], - "Session creation failed at session number %u", - i); + if (status == -ENOTSUP) + return TEST_SKIPPED; + TEST_ASSERT_EQUAL(status, 0, "Session init failed"); } srand(time(NULL)); @@ -10513,7 +12269,7 @@ test_null_invalid_operation(void) /* This test is for NULL PMD only */ if (gbl_driver_id != rte_cryptodev_driver_id_get( RTE_STR(CRYPTODEV_NAME_NULL_PMD))) - return -ENOTSUP; + return TEST_SKIPPED; /* Setup Cipher Parameters */ ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; @@ -10561,6 +12317,7 @@ test_null_burst_operation(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; + int status; unsigned i, burst_len = NULL_BURST_LENGTH; @@ -10570,7 +12327,7 @@ test_null_burst_operation(void) /* This test is for NULL PMD only */ if (gbl_driver_id != rte_cryptodev_driver_id_get( RTE_STR(CRYPTODEV_NAME_NULL_PMD))) - return -ENOTSUP; + return TEST_SKIPPED; /* Setup Cipher Parameters */ ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER; @@ -10588,12 +12345,17 @@ test_null_burst_operation(void) ut_params->sess = rte_cryptodev_sym_session_create( ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); /* Create Crypto session*/ - rte_cryptodev_sym_session_init(ts_params->valid_devs[0], + status = rte_cryptodev_sym_session_init(ts_params->valid_devs[0], ut_params->sess, &ut_params->cipher_xform, ts_params->session_priv_mpool); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + + if (status == -ENOTSUP) + return TEST_SKIPPED; + + TEST_ASSERT_EQUAL(status, 0, "Session init failed"); TEST_ASSERT_EQUAL(rte_crypto_op_bulk_alloc(ts_params->op_mpool, RTE_CRYPTO_OP_TYPE_SYMMETRIC, burst, burst_len), @@ -10640,6 +12402,246 @@ test_null_burst_operation(void) return TEST_SUCCESS; } +static uint16_t +test_enq_callback(uint16_t dev_id, uint16_t qp_id, struct rte_crypto_op **ops, + uint16_t nb_ops, void *user_param) +{ + RTE_SET_USED(dev_id); + RTE_SET_USED(qp_id); + RTE_SET_USED(ops); + RTE_SET_USED(user_param); + + printf("crypto enqueue callback called\n"); + return nb_ops; +} + +static uint16_t +test_deq_callback(uint16_t dev_id, uint16_t qp_id, struct rte_crypto_op **ops, + uint16_t nb_ops, void *user_param) +{ + RTE_SET_USED(dev_id); + RTE_SET_USED(qp_id); + RTE_SET_USED(ops); + RTE_SET_USED(user_param); + + printf("crypto dequeue callback called\n"); + return nb_ops; +} + +/* + * Thread using enqueue/dequeue callback with RCU. + */ +static int +test_enqdeq_callback_thread(void *arg) +{ + RTE_SET_USED(arg); + /* DP thread calls rte_cryptodev_enqueue_burst()/ + * rte_cryptodev_dequeue_burst() and invokes callback. + */ + test_null_burst_operation(); + return 0; +} + +static int +test_enq_callback_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct rte_cryptodev_info dev_info; + struct rte_cryptodev_qp_conf qp_conf = { + .nb_descriptors = MAX_NUM_OPS_INFLIGHT + }; + + struct rte_cryptodev_cb *cb; + uint16_t qp_id = 0; + + /* Stop the device in case it's started so it can be configured */ + rte_cryptodev_stop(ts_params->valid_devs[0]); + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + + TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0], + &ts_params->conf), + "Failed to configure cryptodev %u", + ts_params->valid_devs[0]); + + qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT; + qp_conf.mp_session = ts_params->session_mpool; + qp_conf.mp_session_private = ts_params->session_priv_mpool; + + TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( + ts_params->valid_devs[0], qp_id, &qp_conf, + rte_cryptodev_socket_id(ts_params->valid_devs[0])), + "Failed test for " + "rte_cryptodev_queue_pair_setup: num_inflights " + "%u on qp %u on cryptodev %u", + qp_conf.nb_descriptors, qp_id, + ts_params->valid_devs[0]); + + /* Test with invalid crypto device */ + cb = rte_cryptodev_add_enq_callback(RTE_CRYPTO_MAX_DEVS, + qp_id, test_enq_callback, NULL); + TEST_ASSERT_NULL(cb, "Add callback on qp %u on " + "cryptodev %u did not fail", + qp_id, RTE_CRYPTO_MAX_DEVS); + + /* Test with invalid queue pair */ + cb = rte_cryptodev_add_enq_callback(ts_params->valid_devs[0], + dev_info.max_nb_queue_pairs + 1, + test_enq_callback, NULL); + TEST_ASSERT_NULL(cb, "Add callback on qp %u on " + "cryptodev %u did not fail", + dev_info.max_nb_queue_pairs + 1, + ts_params->valid_devs[0]); + + /* Test with NULL callback */ + cb = rte_cryptodev_add_enq_callback(ts_params->valid_devs[0], + qp_id, NULL, NULL); + TEST_ASSERT_NULL(cb, "Add callback on qp %u on " + "cryptodev %u did not fail", + qp_id, ts_params->valid_devs[0]); + + /* Test with valid configuration */ + cb = rte_cryptodev_add_enq_callback(ts_params->valid_devs[0], + qp_id, test_enq_callback, NULL); + TEST_ASSERT_NOT_NULL(cb, "Failed test to add callback on " + "qp %u on cryptodev %u", + qp_id, ts_params->valid_devs[0]); + + rte_cryptodev_start(ts_params->valid_devs[0]); + + /* Launch a thread */ + rte_eal_remote_launch(test_enqdeq_callback_thread, NULL, + rte_get_next_lcore(-1, 1, 0)); + + /* Wait until reader exited. */ + rte_eal_mp_wait_lcore(); + + /* Test with invalid crypto device */ + TEST_ASSERT_FAIL(rte_cryptodev_remove_enq_callback( + RTE_CRYPTO_MAX_DEVS, qp_id, cb), + "Expected call to fail as crypto device is invalid"); + + /* Test with invalid queue pair */ + TEST_ASSERT_FAIL(rte_cryptodev_remove_enq_callback( + ts_params->valid_devs[0], + dev_info.max_nb_queue_pairs + 1, cb), + "Expected call to fail as queue pair is invalid"); + + /* Test with NULL callback */ + TEST_ASSERT_FAIL(rte_cryptodev_remove_enq_callback( + ts_params->valid_devs[0], qp_id, NULL), + "Expected call to fail as callback is NULL"); + + /* Test with valid configuration */ + TEST_ASSERT_SUCCESS(rte_cryptodev_remove_enq_callback( + ts_params->valid_devs[0], qp_id, cb), + "Failed test to remove callback on " + "qp %u on cryptodev %u", + qp_id, ts_params->valid_devs[0]); + + return TEST_SUCCESS; +} + +static int +test_deq_callback_setup(void) +{ + struct crypto_testsuite_params *ts_params = &testsuite_params; + struct rte_cryptodev_info dev_info; + struct rte_cryptodev_qp_conf qp_conf = { + .nb_descriptors = MAX_NUM_OPS_INFLIGHT + }; + + struct rte_cryptodev_cb *cb; + uint16_t qp_id = 0; + + /* Stop the device in case it's started so it can be configured */ + rte_cryptodev_stop(ts_params->valid_devs[0]); + + rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); + + TEST_ASSERT_SUCCESS(rte_cryptodev_configure(ts_params->valid_devs[0], + &ts_params->conf), + "Failed to configure cryptodev %u", + ts_params->valid_devs[0]); + + qp_conf.nb_descriptors = MAX_NUM_OPS_INFLIGHT; + qp_conf.mp_session = ts_params->session_mpool; + qp_conf.mp_session_private = ts_params->session_priv_mpool; + + TEST_ASSERT_SUCCESS(rte_cryptodev_queue_pair_setup( + ts_params->valid_devs[0], qp_id, &qp_conf, + rte_cryptodev_socket_id(ts_params->valid_devs[0])), + "Failed test for " + "rte_cryptodev_queue_pair_setup: num_inflights " + "%u on qp %u on cryptodev %u", + qp_conf.nb_descriptors, qp_id, + ts_params->valid_devs[0]); + + /* Test with invalid crypto device */ + cb = rte_cryptodev_add_deq_callback(RTE_CRYPTO_MAX_DEVS, + qp_id, test_deq_callback, NULL); + TEST_ASSERT_NULL(cb, "Add callback on qp %u on " + "cryptodev %u did not fail", + qp_id, RTE_CRYPTO_MAX_DEVS); + + /* Test with invalid queue pair */ + cb = rte_cryptodev_add_deq_callback(ts_params->valid_devs[0], + dev_info.max_nb_queue_pairs + 1, + test_deq_callback, NULL); + TEST_ASSERT_NULL(cb, "Add callback on qp %u on " + "cryptodev %u did not fail", + dev_info.max_nb_queue_pairs + 1, + ts_params->valid_devs[0]); + + /* Test with NULL callback */ + cb = rte_cryptodev_add_deq_callback(ts_params->valid_devs[0], + qp_id, NULL, NULL); + TEST_ASSERT_NULL(cb, "Add callback on qp %u on " + "cryptodev %u did not fail", + qp_id, ts_params->valid_devs[0]); + + /* Test with valid configuration */ + cb = rte_cryptodev_add_deq_callback(ts_params->valid_devs[0], + qp_id, test_deq_callback, NULL); + TEST_ASSERT_NOT_NULL(cb, "Failed test to add callback on " + "qp %u on cryptodev %u", + qp_id, ts_params->valid_devs[0]); + + rte_cryptodev_start(ts_params->valid_devs[0]); + + /* Launch a thread */ + rte_eal_remote_launch(test_enqdeq_callback_thread, NULL, + rte_get_next_lcore(-1, 1, 0)); + + /* Wait until reader exited. */ + rte_eal_mp_wait_lcore(); + + /* Test with invalid crypto device */ + TEST_ASSERT_FAIL(rte_cryptodev_remove_deq_callback( + RTE_CRYPTO_MAX_DEVS, qp_id, cb), + "Expected call to fail as crypto device is invalid"); + + /* Test with invalid queue pair */ + TEST_ASSERT_FAIL(rte_cryptodev_remove_deq_callback( + ts_params->valid_devs[0], + dev_info.max_nb_queue_pairs + 1, cb), + "Expected call to fail as queue pair is invalid"); + + /* Test with NULL callback */ + TEST_ASSERT_FAIL(rte_cryptodev_remove_deq_callback( + ts_params->valid_devs[0], qp_id, NULL), + "Expected call to fail as callback is NULL"); + + /* Test with valid configuration */ + TEST_ASSERT_SUCCESS(rte_cryptodev_remove_deq_callback( + ts_params->valid_devs[0], qp_id, cb), + "Failed test to remove callback on " + "qp %u on cryptodev %u", + qp_id, ts_params->valid_devs[0]); + + return TEST_SUCCESS; +} + static void generate_gmac_large_plaintext(uint8_t *data) { @@ -10751,6 +12753,7 @@ static int create_gmac_session(uint8_t dev_id, enum rte_crypto_auth_operation auth_op) { uint8_t auth_key[tdata->key.len]; + int status; struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; @@ -10771,14 +12774,13 @@ static int create_gmac_session(uint8_t dev_id, ut_params->sess = rte_cryptodev_sym_session_create( ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); - rte_cryptodev_sym_session_init(dev_id, ut_params->sess, + status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, &ut_params->auth_xform, ts_params->session_priv_mpool); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); - - return 0; + return status; } static int @@ -10794,7 +12796,7 @@ test_AES_GMAC_authentication(const struct gmac_test_data *tdata) if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } int retval; @@ -10811,11 +12813,13 @@ test_AES_GMAC_authentication(const struct gmac_test_data *tdata) cap_idx.algo.auth = RTE_CRYPTO_AUTH_AES_GMAC; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; retval = create_gmac_session(ts_params->valid_devs[0], tdata, RTE_CRYPTO_AUTH_OP_GENERATE); + if (retval == -ENOTSUP) + return TEST_SKIPPED; if (retval < 0) return retval; @@ -10928,7 +12932,7 @@ test_AES_GMAC_authentication_verify(const struct gmac_test_data *tdata) if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } TEST_ASSERT_NOT_EQUAL(tdata->gmac_tag.len, 0, @@ -10940,11 +12944,13 @@ test_AES_GMAC_authentication_verify(const struct gmac_test_data *tdata) cap_idx.algo.auth = RTE_CRYPTO_AUTH_AES_GMAC; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; retval = create_gmac_session(ts_params->valid_devs[0], tdata, RTE_CRYPTO_AUTH_OP_VERIFY); + if (retval == -ENOTSUP) + return TEST_SKIPPED; if (retval < 0) return retval; @@ -11053,16 +13059,16 @@ test_AES_GMAC_authentication_SGL(const struct gmac_test_data *tdata, cap_idx.algo.auth = RTE_CRYPTO_AUTH_AES_GMAC; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; /* Check for any input SGL support */ rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); feature_flags = dev_info.feature_flags; - if ((!(feature_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) && - (!(feature_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT)) && + if ((!(feature_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) || + (!(feature_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT)) || (!(feature_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT))) - return -ENOTSUP; + return TEST_SKIPPED; if (fragsz > tdata->plaintext.len) fragsz = tdata->plaintext.len; @@ -11072,6 +13078,8 @@ test_AES_GMAC_authentication_SGL(const struct gmac_test_data *tdata, retval = create_gmac_session(ts_params->valid_devs[0], tdata, RTE_CRYPTO_AUTH_OP_GENERATE); + if (retval == -ENOTSUP) + return TEST_SKIPPED; if (retval < 0) return retval; @@ -11142,7 +13150,7 @@ test_AES_GMAC_authentication_SGL(const struct gmac_test_data *tdata, ut_params->op->sym->m_src = ut_params->ibuf; if (gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) - return -ENOTSUP; + return TEST_SKIPPED; TEST_ASSERT_NOT_NULL( process_crypto_request(ts_params->valid_devs[0], @@ -11401,6 +13409,7 @@ create_auth_session(struct crypto_unittest_params *ut_params, { struct crypto_testsuite_params *ts_params = &testsuite_params; uint8_t auth_key[reference->auth_key.len + 1]; + int status; memcpy(auth_key, reference->auth_key.data, reference->auth_key.len); @@ -11416,14 +13425,13 @@ create_auth_session(struct crypto_unittest_params *ut_params, /* Create Crypto session*/ ut_params->sess = rte_cryptodev_sym_session_create( ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); - rte_cryptodev_sym_session_init(dev_id, ut_params->sess, + status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, &ut_params->auth_xform, ts_params->session_priv_mpool); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); - - return 0; + return status; } static int @@ -11436,6 +13444,7 @@ create_auth_cipher_session(struct crypto_unittest_params *ut_params, struct crypto_testsuite_params *ts_params = &testsuite_params; uint8_t cipher_key[reference->cipher_key.len + 1]; uint8_t auth_key[reference->auth_key.len + 1]; + int status; memcpy(cipher_key, reference->cipher_key.data, reference->cipher_key.len); @@ -11469,14 +13478,13 @@ create_auth_cipher_session(struct crypto_unittest_params *ut_params, /* Create Crypto session*/ ut_params->sess = rte_cryptodev_sym_session_create( ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); - rte_cryptodev_sym_session_init(dev_id, ut_params->sess, + status = rte_cryptodev_sym_session_init(dev_id, ut_params->sess, &ut_params->auth_xform, ts_params->session_priv_mpool); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); - - return 0; + return status; } static int @@ -11675,7 +13683,7 @@ test_authentication_verify_fail_when_data_corruption( if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } /* Verify the capabilities */ @@ -11684,7 +13692,7 @@ test_authentication_verify_fail_when_data_corruption( cap_idx.algo.auth = reference->auth_algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; /* Create session */ @@ -11692,6 +13700,9 @@ test_authentication_verify_fail_when_data_corruption( ts_params->valid_devs[0], reference, RTE_CRYPTO_AUTH_OP_VERIFY); + + if (retval == -ENOTSUP) + return TEST_SKIPPED; if (retval < 0) return retval; @@ -11734,10 +13745,13 @@ test_authentication_verify_fail_when_data_corruption( else { ut_params->op = process_crypto_request(ts_params->valid_devs[0], ut_params->op); - TEST_ASSERT_NULL(ut_params->op, "authentication not failed"); } + if (ut_params->op == NULL) + return 0; + else if (ut_params->op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) + return 0; - return 0; + return -1; } static int @@ -11757,7 +13771,7 @@ test_authentication_verify_GMAC_fail_when_corruption( if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } /* Verify the capabilities */ @@ -11766,7 +13780,7 @@ test_authentication_verify_GMAC_fail_when_corruption( cap_idx.algo.auth = reference->auth_algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; /* Create session */ retval = create_auth_cipher_session(ut_params, @@ -11842,7 +13856,7 @@ test_authenticated_decryption_fail_when_corruption( if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } /* Verify the capabilities */ @@ -11851,12 +13865,12 @@ test_authenticated_decryption_fail_when_corruption( cap_idx.algo.auth = reference->auth_algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; cap_idx.algo.cipher = reference->crypto_algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; /* Create session */ retval = create_auth_cipher_session(ut_params, @@ -11864,6 +13878,9 @@ test_authenticated_decryption_fail_when_corruption( reference, RTE_CRYPTO_AUTH_OP_VERIFY, RTE_CRYPTO_CIPHER_OP_DECRYPT); + + if (retval == -ENOTSUP) + return TEST_SKIPPED; if (retval < 0) return retval; @@ -11913,7 +13930,7 @@ test_authenticated_decryption_fail_when_corruption( } static int -test_authenticated_encryt_with_esn( +test_authenticated_encrypt_with_esn( struct crypto_testsuite_params *ts_params, struct crypto_unittest_params *ut_params, const struct test_crypto_vector *reference) @@ -11925,6 +13942,7 @@ test_authenticated_encryt_with_esn( uint8_t cipher_key[reference->cipher_key.len + 1]; uint8_t auth_key[reference->auth_key.len + 1]; struct rte_cryptodev_info dev_info; + int status; rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); uint64_t feat_flags = dev_info.feature_flags; @@ -11932,7 +13950,7 @@ test_authenticated_encryt_with_esn( if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } /* Verify the capabilities */ @@ -11941,12 +13959,12 @@ test_authenticated_encryt_with_esn( cap_idx.algo.auth = reference->auth_algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; cap_idx.algo.cipher = reference->crypto_algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; /* Create session */ memcpy(cipher_key, reference->cipher_key.data, @@ -11976,13 +13994,17 @@ test_authenticated_encryt_with_esn( /* Create Crypto session*/ ut_params->sess = rte_cryptodev_sym_session_create( ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); - rte_cryptodev_sym_session_init(ts_params->valid_devs[0], + status = rte_cryptodev_sym_session_init(ts_params->valid_devs[0], ut_params->sess, &ut_params->cipher_xform, ts_params->session_priv_mpool); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + if (status == -ENOTSUP) + return TEST_SKIPPED; + + TEST_ASSERT_EQUAL(status, 0, "Session init failed"); ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); TEST_ASSERT_NOT_NULL(ut_params->ibuf, @@ -12065,7 +14087,7 @@ test_authenticated_decrypt_with_esn( if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } /* Verify the capabilities */ @@ -12074,12 +14096,12 @@ test_authenticated_decrypt_with_esn( cap_idx.algo.auth = reference->auth_algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER; cap_idx.algo.cipher = reference->crypto_algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; /* Create session */ memcpy(cipher_key, reference->cipher_key.data, @@ -12108,13 +14130,17 @@ test_authenticated_decrypt_with_esn( /* Create Crypto session*/ ut_params->sess = rte_cryptodev_sym_session_create( ts_params->session_mpool); + TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); - rte_cryptodev_sym_session_init(ts_params->valid_devs[0], + retval = rte_cryptodev_sym_session_init(ts_params->valid_devs[0], ut_params->sess, &ut_params->auth_xform, ts_params->session_priv_mpool); - TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed"); + if (retval == -ENOTSUP) + return TEST_SKIPPED; + + TEST_ASSERT_EQUAL(retval, 0, "Session init failed"); ut_params->ibuf = rte_pktmbuf_alloc(ts_params->mbuf_pool); TEST_ASSERT_NOT_NULL(ut_params->ibuf, @@ -12271,11 +14297,11 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata, cap_idx.algo.aead = tdata->algo; if (rte_cryptodev_sym_capability_get(ts_params->valid_devs[0], &cap_idx) == NULL) - return -ENOTSUP; + return TEST_SKIPPED; /* OOP not supported with CPU crypto */ if (oop && gbl_action_type == RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO) - return -ENOTSUP; + return TEST_SKIPPED; /* Detailed check for the particular SGL support flag */ rte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info); @@ -12283,14 +14309,14 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata, unsigned int sgl_in = fragsz < tdata->plaintext.len; if (sgl_in && (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL))) - return -ENOTSUP; + return TEST_SKIPPED; uint64_t feat_flags = dev_info.feature_flags; if ((global_api_test_type == CRYPTODEV_RAW_API_TEST) && (!(feat_flags & RTE_CRYPTODEV_FF_SYM_RAW_DP))) { printf("Device doesn't support RAW data-path APIs.\n"); - return -ENOTSUP; + return TEST_SKIPPED; } } else { unsigned int sgl_in = fragsz < tdata->plaintext.len; @@ -12298,19 +14324,19 @@ test_authenticated_encryption_SGL(const struct aead_test_data *tdata, tdata->plaintext.len; /* Raw data path API does not support OOP */ if (global_api_test_type == CRYPTODEV_RAW_API_TEST) - return -ENOTSUP; + return TEST_SKIPPED; if (sgl_in && !sgl_out) { if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT)) - return -ENOTSUP; + return TEST_SKIPPED; } else if (!sgl_in && sgl_out) { if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT)) - return -ENOTSUP; + return TEST_SKIPPED; } else if (sgl_in && sgl_out) { if (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT)) - return -ENOTSUP; + return TEST_SKIPPED; } } @@ -12581,7 +14607,7 @@ test_AES_GCM_auth_encrypt_SGL_in_place_1500B(void) /* This test is not for OPENSSL PMD */ if (gbl_driver_id == rte_cryptodev_driver_id_get( RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD))) - return -ENOTSUP; + return TEST_SKIPPED; return test_authenticated_encryption_SGL( &gcm_test_case_SGL_1, IN_PLACE, 1500, 0); @@ -12700,7 +14726,7 @@ auth_decryption_AES128CBC_HMAC_SHA1_fail_tag_corrupt(void) static int auth_encrypt_AES128CBC_HMAC_SHA1_esn_check(void) { - return test_authenticated_encryt_with_esn( + return test_authenticated_encrypt_with_esn( &testsuite_params, &unittest_params, &aes128cbc_hmac_sha1_aad_test_vector); @@ -12727,41 +14753,103 @@ test_chacha20_poly1305_decrypt_test_case_rfc8439(void) return test_authenticated_decryption(&chacha20_poly1305_case_rfc8439); } -#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER +static int +test_chacha20_poly1305_encrypt_SGL_out_of_place(void) +{ + return test_authenticated_encryption_SGL( + &chacha20_poly1305_case_2, OUT_OF_PLACE, 32, + chacha20_poly1305_case_2.plaintext.len); +} + +#ifdef RTE_CRYPTO_SCHEDULER /* global AESNI worker IDs for the scheduler test */ uint8_t aesni_ids[2]; static int -test_scheduler_attach_slave_op(void) +scheduler_testsuite_setup(void) +{ + uint32_t i = 0; + int32_t nb_devs, ret; + char vdev_args[VDEV_ARGS_SIZE] = {""}; + char temp_str[VDEV_ARGS_SIZE] = {"mode=multi-core," + "ordering=enable,name=cryptodev_test_scheduler,corelist="}; + uint16_t worker_core_count = 0; + uint16_t socket_id = 0; + + if (gbl_driver_id == rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD))) { + + /* Identify the Worker Cores + * Use 2 worker cores for the device args + */ + RTE_LCORE_FOREACH_WORKER(i) { + if (worker_core_count > 1) + break; + snprintf(vdev_args, sizeof(vdev_args), + "%s%d", temp_str, i); + strcpy(temp_str, vdev_args); + strlcat(temp_str, ";", sizeof(temp_str)); + worker_core_count++; + socket_id = rte_lcore_to_socket_id(i); + } + if (worker_core_count != 2) { + RTE_LOG(ERR, USER1, + "Cryptodev scheduler test require at least " + "two worker cores to run. " + "Please use the correct coremask.\n"); + return TEST_FAILED; + } + strcpy(temp_str, vdev_args); + snprintf(vdev_args, sizeof(vdev_args), "%s,socket_id=%d", + temp_str, socket_id); + RTE_LOG(DEBUG, USER1, "vdev_args: %s\n", vdev_args); + nb_devs = rte_cryptodev_device_count_by_driver( + rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD))); + if (nb_devs < 1) { + ret = rte_vdev_init( + RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD), + vdev_args); + TEST_ASSERT(ret == 0, + "Failed to create instance %u of pmd : %s", + i, RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD)); + } + } + return testsuite_setup(); +} + +static int +test_scheduler_attach_worker_op(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; uint8_t sched_id = ts_params->valid_devs[0]; - uint32_t nb_devs, i, nb_devs_attached = 0; + uint32_t i, nb_devs_attached = 0; int ret; char vdev_name[32]; + unsigned int count = rte_cryptodev_count(); - /* create 2 AESNI_MB if necessary */ - nb_devs = rte_cryptodev_device_count_by_driver( - rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD))); - if (nb_devs < 2) { - for (i = nb_devs; i < 2; i++) { - snprintf(vdev_name, sizeof(vdev_name), "%s_%u", - RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD), - i); - ret = rte_vdev_init(vdev_name, NULL); + /* create 2 AESNI_MB vdevs on top of existing devices */ + for (i = count; i < count + 2; i++) { + snprintf(vdev_name, sizeof(vdev_name), "%s_%u", + RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD), + i); + ret = rte_vdev_init(vdev_name, NULL); - TEST_ASSERT(ret == 0, - "Failed to create instance %u of" - " pmd : %s", - i, RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)); + TEST_ASSERT(ret == 0, + "Failed to create instance %u of" + " pmd : %s", + i, RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)); + + if (ret < 0) { + RTE_LOG(ERR, USER1, + "Failed to create 2 AESNI MB PMDs.\n"); + return TEST_SKIPPED; } } /* attach 2 AESNI_MB cdevs */ - for (i = 0; i < rte_cryptodev_count() && nb_devs_attached < 2; - i++) { + for (i = count; i < count + 2; i++) { struct rte_cryptodev_info info; unsigned int session_size; @@ -12843,7 +14931,7 @@ test_scheduler_attach_slave_op(void) } static int -test_scheduler_detach_slave_op(void) +test_scheduler_detach_worker_op(void) { struct crypto_testsuite_params *ts_params = &testsuite_params; uint8_t sched_id = ts_params->valid_devs[0]; @@ -12906,53 +14994,442 @@ test_scheduler_mode_pkt_size_distr_op(void) return 0; } -static struct unit_test_suite cryptodev_scheduler_testsuite = { - .suite_name = "Crypto Device Scheduler Unit Test Suite", - .setup = testsuite_setup, - .teardown = testsuite_teardown, +static int +scheduler_multicore_testsuite_setup(void) +{ + if (test_scheduler_attach_worker_op() < 0) + return TEST_SKIPPED; + if (test_scheduler_mode_op(CDEV_SCHED_MODE_MULTICORE) < 0) + return TEST_SKIPPED; + return 0; +} + +static int +scheduler_roundrobin_testsuite_setup(void) +{ + if (test_scheduler_attach_worker_op() < 0) + return TEST_SKIPPED; + if (test_scheduler_mode_op(CDEV_SCHED_MODE_ROUNDROBIN) < 0) + return TEST_SKIPPED; + return 0; +} + +static int +scheduler_failover_testsuite_setup(void) +{ + if (test_scheduler_attach_worker_op() < 0) + return TEST_SKIPPED; + if (test_scheduler_mode_op(CDEV_SCHED_MODE_FAILOVER) < 0) + return TEST_SKIPPED; + return 0; +} + +static int +scheduler_pkt_size_distr_testsuite_setup(void) +{ + if (test_scheduler_attach_worker_op() < 0) + return TEST_SKIPPED; + if (test_scheduler_mode_op(CDEV_SCHED_MODE_PKT_SIZE_DISTR) < 0) + return TEST_SKIPPED; + return 0; +} + +static void +scheduler_mode_testsuite_teardown(void) +{ + test_scheduler_detach_worker_op(); +} + +#endif /* RTE_CRYPTO_SCHEDULER */ + +static struct unit_test_suite end_testsuite = { + .suite_name = NULL, + .setup = NULL, + .teardown = NULL, + .unit_test_suites = NULL +}; + +#ifdef RTE_LIB_SECURITY +static struct unit_test_suite ipsec_proto_testsuite = { + .suite_name = "IPsec Proto Unit Test Suite", + .setup = ipsec_proto_testsuite_setup, .unit_test_cases = { - /* Multi Core */ - TEST_CASE_ST(NULL, NULL, test_scheduler_attach_slave_op), - TEST_CASE_ST(NULL, NULL, test_scheduler_mode_multicore_op), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all), - TEST_CASE_ST(NULL, NULL, test_scheduler_detach_slave_op), - - /* Round Robin */ - TEST_CASE_ST(NULL, NULL, test_scheduler_attach_slave_op), - TEST_CASE_ST(NULL, NULL, test_scheduler_mode_roundrobin_op), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all), - TEST_CASE_ST(NULL, NULL, test_scheduler_detach_slave_op), - - /* Fail over */ - TEST_CASE_ST(NULL, NULL, test_scheduler_attach_slave_op), - TEST_CASE_ST(NULL, NULL, test_scheduler_mode_failover_op), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all), - TEST_CASE_ST(NULL, NULL, test_scheduler_detach_slave_op), - - /* PKT SIZE */ - TEST_CASE_ST(NULL, NULL, test_scheduler_attach_slave_op), - TEST_CASE_ST(NULL, NULL, test_scheduler_mode_pkt_size_distr_op), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all), - TEST_CASE_ST(NULL, NULL, test_scheduler_detach_slave_op), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 AES-GCM 128)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, &pkt_aes_128_gcm), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 AES-GCM 192)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, &pkt_aes_192_gcm), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 AES-GCM 256)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, &pkt_aes_256_gcm), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA256 [16B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_aes_128_cbc_hmac_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA384 [24B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_aes_128_cbc_hmac_sha384), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA512 [32B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_aes_128_cbc_hmac_sha512), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv6 AES-GCM 128)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, &pkt_aes_256_gcm_v6), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv6 AES-CBC 128 HMAC-SHA256 [16B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_aes_128_cbc_hmac_sha256_v6), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 NULL AES-XCBC-MAC [12B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_null_aes_xcbc), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (AH tunnel mode IPv4 HMAC-SHA256)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_ah_tunnel_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (AH transport mode IPv4 HMAC-SHA256)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_ah_transport_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (AH transport mode IPv4 AES-GMAC 128)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_ah_ipv4_aes_gmac_128), + TEST_CASE_NAMED_WITH_DATA( + "Outbound fragmented packet", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_fragmented, + &pkt_aes_128_gcm_frag), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 AES-GCM 128)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, &pkt_aes_128_gcm), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 AES-GCM 192)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, &pkt_aes_192_gcm), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 AES-GCM 256)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, &pkt_aes_256_gcm), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 AES-CBC 128)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, &pkt_aes_128_cbc_null), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA256 [16B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_aes_128_cbc_hmac_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA384 [24B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_aes_128_cbc_hmac_sha384), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA512 [32B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_aes_128_cbc_hmac_sha512), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv6 AES-GCM 128)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, &pkt_aes_256_gcm_v6), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv6 AES-CBC 128 HMAC-SHA256 [16B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_aes_128_cbc_hmac_sha256_v6), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 NULL AES-XCBC-MAC [12B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_null_aes_xcbc), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (AH tunnel mode IPv4 HMAC-SHA256)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_ah_tunnel_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (AH transport mode IPv4 HMAC-SHA256)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_ah_transport_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (AH transport mode IPv4 AES-GMAC 128)", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_ah_ipv4_aes_gmac_128), + TEST_CASE_NAMED_ST( + "Combined test alg list", + ut_setup_security, ut_teardown, + test_ipsec_proto_display_list), + TEST_CASE_NAMED_ST( + "Combined test alg list (AH)", + ut_setup_security, ut_teardown, + test_ipsec_proto_ah_tunnel_ipv4), + TEST_CASE_NAMED_ST( + "IV generation", + ut_setup_security, ut_teardown, + test_ipsec_proto_iv_gen), + TEST_CASE_NAMED_ST( + "UDP encapsulation", + ut_setup_security, ut_teardown, + test_ipsec_proto_udp_encap), + TEST_CASE_NAMED_ST( + "UDP encapsulation ports verification test", + ut_setup_security, ut_teardown, + test_ipsec_proto_udp_ports_verify), + TEST_CASE_NAMED_ST( + "SA expiry packets soft", + ut_setup_security, ut_teardown, + test_ipsec_proto_sa_exp_pkts_soft), + TEST_CASE_NAMED_ST( + "SA expiry packets hard", + ut_setup_security, ut_teardown, + test_ipsec_proto_sa_exp_pkts_hard), + TEST_CASE_NAMED_ST( + "Negative test: ICV corruption", + ut_setup_security, ut_teardown, + test_ipsec_proto_err_icv_corrupt), + TEST_CASE_NAMED_ST( + "Tunnel dst addr verification", + ut_setup_security, ut_teardown, + test_ipsec_proto_tunnel_dst_addr_verify), + TEST_CASE_NAMED_ST( + "Tunnel src and dst addr verification", + ut_setup_security, ut_teardown, + test_ipsec_proto_tunnel_src_dst_addr_verify), + TEST_CASE_NAMED_ST( + "Inner IP checksum", + ut_setup_security, ut_teardown, + test_ipsec_proto_inner_ip_csum), + TEST_CASE_NAMED_ST( + "Inner L4 checksum", + ut_setup_security, ut_teardown, + test_ipsec_proto_inner_l4_csum), + TEST_CASE_NAMED_ST( + "Tunnel IPv4 in IPv4", + ut_setup_security, ut_teardown, + test_ipsec_proto_tunnel_v4_in_v4), + TEST_CASE_NAMED_ST( + "Tunnel IPv6 in IPv6", + ut_setup_security, ut_teardown, + test_ipsec_proto_tunnel_v6_in_v6), + TEST_CASE_NAMED_ST( + "Tunnel IPv4 in IPv6", + ut_setup_security, ut_teardown, + test_ipsec_proto_tunnel_v4_in_v6), + TEST_CASE_NAMED_ST( + "Tunnel IPv6 in IPv4", + ut_setup_security, ut_teardown, + test_ipsec_proto_tunnel_v6_in_v4), + TEST_CASE_NAMED_ST( + "Transport IPv4", + ut_setup_security, ut_teardown, + test_ipsec_proto_transport_v4), + TEST_CASE_NAMED_ST( + "AH transport IPv4", + ut_setup_security, ut_teardown, + test_ipsec_proto_ah_transport_ipv4), + TEST_CASE_NAMED_ST( + "Transport l4 checksum", + ut_setup_security, ut_teardown, + test_ipsec_proto_transport_l4_csum), + TEST_CASE_NAMED_ST( + "Statistics: success", + ut_setup_security, ut_teardown, + test_ipsec_proto_stats), + TEST_CASE_NAMED_ST( + "Fragmented packet", + ut_setup_security, ut_teardown, + test_ipsec_proto_pkt_fragment), + TEST_CASE_NAMED_ST( + "Tunnel header copy DF (inner 0)", + ut_setup_security, ut_teardown, + test_ipsec_proto_copy_df_inner_0), + TEST_CASE_NAMED_ST( + "Tunnel header copy DF (inner 1)", + ut_setup_security, ut_teardown, + test_ipsec_proto_copy_df_inner_1), + TEST_CASE_NAMED_ST( + "Tunnel header set DF 0 (inner 1)", + ut_setup_security, ut_teardown, + test_ipsec_proto_set_df_0_inner_1), + TEST_CASE_NAMED_ST( + "Tunnel header set DF 1 (inner 0)", + ut_setup_security, ut_teardown, + test_ipsec_proto_set_df_1_inner_0), + TEST_CASE_NAMED_ST( + "Tunnel header IPv4 copy DSCP (inner 0)", + ut_setup_security, ut_teardown, + test_ipsec_proto_ipv4_copy_dscp_inner_0), + TEST_CASE_NAMED_ST( + "Tunnel header IPv4 copy DSCP (inner 1)", + ut_setup_security, ut_teardown, + test_ipsec_proto_ipv4_copy_dscp_inner_1), + TEST_CASE_NAMED_ST( + "Tunnel header IPv4 set DSCP 0 (inner 1)", + ut_setup_security, ut_teardown, + test_ipsec_proto_ipv4_set_dscp_0_inner_1), + TEST_CASE_NAMED_ST( + "Tunnel header IPv4 set DSCP 1 (inner 0)", + ut_setup_security, ut_teardown, + test_ipsec_proto_ipv4_set_dscp_1_inner_0), + TEST_CASE_NAMED_ST( + "Tunnel header IPv6 copy DSCP (inner 0)", + ut_setup_security, ut_teardown, + test_ipsec_proto_ipv6_copy_dscp_inner_0), + TEST_CASE_NAMED_ST( + "Tunnel header IPv6 copy DSCP (inner 1)", + ut_setup_security, ut_teardown, + test_ipsec_proto_ipv6_copy_dscp_inner_1), + TEST_CASE_NAMED_ST( + "Tunnel header IPv6 set DSCP 0 (inner 1)", + ut_setup_security, ut_teardown, + test_ipsec_proto_ipv6_set_dscp_0_inner_1), + TEST_CASE_NAMED_ST( + "Tunnel header IPv6 set DSCP 1 (inner 0)", + ut_setup_security, ut_teardown, + test_ipsec_proto_ipv6_set_dscp_1_inner_0), + TEST_CASE_NAMED_WITH_DATA( + "Antireplay with window size 1024", + ut_setup_security, ut_teardown, + test_ipsec_proto_pkt_antireplay1024, &pkt_aes_128_gcm), + TEST_CASE_NAMED_WITH_DATA( + "Antireplay with window size 2048", + ut_setup_security, ut_teardown, + test_ipsec_proto_pkt_antireplay2048, &pkt_aes_128_gcm), + TEST_CASE_NAMED_WITH_DATA( + "Antireplay with window size 4096", + ut_setup_security, ut_teardown, + test_ipsec_proto_pkt_antireplay4096, &pkt_aes_128_gcm), + TEST_CASE_NAMED_WITH_DATA( + "ESN and Antireplay with window size 1024", + ut_setup_security, ut_teardown, + test_ipsec_proto_pkt_esn_antireplay1024, + &pkt_aes_128_gcm), + TEST_CASE_NAMED_WITH_DATA( + "ESN and Antireplay with window size 2048", + ut_setup_security, ut_teardown, + test_ipsec_proto_pkt_esn_antireplay2048, + &pkt_aes_128_gcm), + TEST_CASE_NAMED_WITH_DATA( + "ESN and Antireplay with window size 4096", + ut_setup_security, ut_teardown, + test_ipsec_proto_pkt_esn_antireplay4096, + &pkt_aes_128_gcm), + TEST_CASE_NAMED_ST( + "Tunnel header IPv4 decrement inner TTL", + ut_setup_security, ut_teardown, + test_ipsec_proto_ipv4_ttl_decrement), + TEST_CASE_NAMED_ST( + "Tunnel header IPv6 decrement inner hop limit", + ut_setup_security, ut_teardown, + test_ipsec_proto_ipv6_hop_limit_decrement), + TEST_CASES_END() /**< NULL terminate unit test array */ + } +}; +static struct unit_test_suite pdcp_proto_testsuite = { + .suite_name = "PDCP Proto Unit Test Suite", + .setup = pdcp_proto_testsuite_setup, + .unit_test_cases = { + TEST_CASE_ST(ut_setup_security, ut_teardown, + test_PDCP_PROTO_all), TEST_CASES_END() /**< NULL terminate unit test array */ } }; -#endif /* RTE_LIBRTE_PMD_CRYPTO_SCHEDULER */ +#define ADD_UPLINK_TESTCASE(data) \ + TEST_CASE_NAMED_WITH_DATA(data.test_descr_uplink, ut_setup_security, \ + ut_teardown, test_docsis_proto_uplink, (const void *) &data), \ -static struct unit_test_suite cryptodev_testsuite = { - .suite_name = "Crypto Unit Test Suite", - .setup = testsuite_setup, - .teardown = testsuite_teardown, +#define ADD_DOWNLINK_TESTCASE(data) \ + TEST_CASE_NAMED_WITH_DATA(data.test_descr_downlink, ut_setup_security, \ + ut_teardown, test_docsis_proto_downlink, (const void *) &data), \ + +static struct unit_test_suite docsis_proto_testsuite = { + .suite_name = "DOCSIS Proto Unit Test Suite", + .setup = docsis_proto_testsuite_setup, + .unit_test_cases = { + /* Uplink */ + ADD_UPLINK_TESTCASE(docsis_test_case_1) + ADD_UPLINK_TESTCASE(docsis_test_case_2) + ADD_UPLINK_TESTCASE(docsis_test_case_3) + ADD_UPLINK_TESTCASE(docsis_test_case_4) + ADD_UPLINK_TESTCASE(docsis_test_case_5) + ADD_UPLINK_TESTCASE(docsis_test_case_6) + ADD_UPLINK_TESTCASE(docsis_test_case_7) + ADD_UPLINK_TESTCASE(docsis_test_case_8) + ADD_UPLINK_TESTCASE(docsis_test_case_9) + ADD_UPLINK_TESTCASE(docsis_test_case_10) + ADD_UPLINK_TESTCASE(docsis_test_case_11) + ADD_UPLINK_TESTCASE(docsis_test_case_12) + ADD_UPLINK_TESTCASE(docsis_test_case_13) + ADD_UPLINK_TESTCASE(docsis_test_case_14) + ADD_UPLINK_TESTCASE(docsis_test_case_15) + ADD_UPLINK_TESTCASE(docsis_test_case_16) + ADD_UPLINK_TESTCASE(docsis_test_case_17) + ADD_UPLINK_TESTCASE(docsis_test_case_18) + ADD_UPLINK_TESTCASE(docsis_test_case_19) + ADD_UPLINK_TESTCASE(docsis_test_case_20) + ADD_UPLINK_TESTCASE(docsis_test_case_21) + ADD_UPLINK_TESTCASE(docsis_test_case_22) + ADD_UPLINK_TESTCASE(docsis_test_case_23) + ADD_UPLINK_TESTCASE(docsis_test_case_24) + ADD_UPLINK_TESTCASE(docsis_test_case_25) + ADD_UPLINK_TESTCASE(docsis_test_case_26) + /* Downlink */ + ADD_DOWNLINK_TESTCASE(docsis_test_case_1) + ADD_DOWNLINK_TESTCASE(docsis_test_case_2) + ADD_DOWNLINK_TESTCASE(docsis_test_case_3) + ADD_DOWNLINK_TESTCASE(docsis_test_case_4) + ADD_DOWNLINK_TESTCASE(docsis_test_case_5) + ADD_DOWNLINK_TESTCASE(docsis_test_case_6) + ADD_DOWNLINK_TESTCASE(docsis_test_case_7) + ADD_DOWNLINK_TESTCASE(docsis_test_case_8) + ADD_DOWNLINK_TESTCASE(docsis_test_case_9) + ADD_DOWNLINK_TESTCASE(docsis_test_case_10) + ADD_DOWNLINK_TESTCASE(docsis_test_case_11) + ADD_DOWNLINK_TESTCASE(docsis_test_case_12) + ADD_DOWNLINK_TESTCASE(docsis_test_case_13) + ADD_DOWNLINK_TESTCASE(docsis_test_case_14) + ADD_DOWNLINK_TESTCASE(docsis_test_case_15) + ADD_DOWNLINK_TESTCASE(docsis_test_case_16) + ADD_DOWNLINK_TESTCASE(docsis_test_case_17) + ADD_DOWNLINK_TESTCASE(docsis_test_case_18) + ADD_DOWNLINK_TESTCASE(docsis_test_case_19) + ADD_DOWNLINK_TESTCASE(docsis_test_case_20) + ADD_DOWNLINK_TESTCASE(docsis_test_case_21) + ADD_DOWNLINK_TESTCASE(docsis_test_case_22) + ADD_DOWNLINK_TESTCASE(docsis_test_case_23) + ADD_DOWNLINK_TESTCASE(docsis_test_case_24) + ADD_DOWNLINK_TESTCASE(docsis_test_case_25) + ADD_DOWNLINK_TESTCASE(docsis_test_case_26) + TEST_CASES_END() /**< NULL terminate unit test array */ + } +}; +#endif + +static struct unit_test_suite cryptodev_gen_testsuite = { + .suite_name = "Crypto General Unit Test Suite", + .setup = crypto_gen_testsuite_setup, .unit_test_cases = { TEST_CASE_ST(ut_setup, ut_teardown, test_device_configure_invalid_dev_id), @@ -12960,27 +15437,59 @@ static struct unit_test_suite cryptodev_testsuite = { test_queue_pair_descriptor_setup), TEST_CASE_ST(ut_setup, ut_teardown, test_device_configure_invalid_queue_pair_ids), + TEST_CASE_ST(ut_setup, ut_teardown, test_stats), + TEST_CASE_ST(ut_setup, ut_teardown, test_enq_callback_setup), + TEST_CASE_ST(ut_setup, ut_teardown, test_deq_callback_setup), + TEST_CASES_END() /**< NULL terminate unit test array */ + } +}; +static struct unit_test_suite cryptodev_negative_hmac_sha1_testsuite = { + .suite_name = "Negative HMAC SHA1 Unit Test Suite", + .setup = negative_hmac_sha1_testsuite_setup, + .unit_test_cases = { + /** Negative tests */ + TEST_CASE_ST(ut_setup, ut_teardown, + authentication_verify_HMAC_SHA1_fail_data_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + authentication_verify_HMAC_SHA1_fail_tag_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + auth_decryption_AES128CBC_HMAC_SHA1_fail_data_corrupt), TEST_CASE_ST(ut_setup, ut_teardown, - test_multi_session), + auth_decryption_AES128CBC_HMAC_SHA1_fail_tag_corrupt), + + TEST_CASES_END() /**< NULL terminate unit test array */ + } +}; + +static struct unit_test_suite cryptodev_multi_session_testsuite = { + .suite_name = "Multi Session Unit Test Suite", + .setup = multi_session_testsuite_setup, + .unit_test_cases = { + TEST_CASE_ST(ut_setup, ut_teardown, test_multi_session), TEST_CASE_ST(ut_setup, ut_teardown, test_multi_session_random_usage), + TEST_CASES_END() /**< NULL terminate unit test array */ + } +}; + +static struct unit_test_suite cryptodev_null_testsuite = { + .suite_name = "NULL Test Suite", + .setup = null_testsuite_setup, + .unit_test_cases = { TEST_CASE_ST(ut_setup, ut_teardown, test_null_invalid_operation), TEST_CASE_ST(ut_setup, ut_teardown, test_null_burst_operation), + TEST_CASES_END() + } +}; - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_DES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_docsis_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_DES_docsis_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_stats), - - /** AES CCM Authenticated Encryption 128 bits key */ +static struct unit_test_suite cryptodev_aes_ccm_auth_testsuite = { + .suite_name = "AES CCM Authenticated Test Suite", + .setup = aes_ccm_auth_testsuite_setup, + .unit_test_cases = { + /** AES CCM Authenticated Encryption 128 bits key*/ TEST_CASE_ST(ut_setup, ut_teardown, test_AES_CCM_authenticated_encryption_test_case_128_1), TEST_CASE_ST(ut_setup, ut_teardown, @@ -13027,7 +15536,14 @@ static struct unit_test_suite cryptodev_testsuite = { test_AES_CCM_authenticated_decryption_test_case_256_2), TEST_CASE_ST(ut_setup, ut_teardown, test_AES_CCM_authenticated_decryption_test_case_256_3), + TEST_CASES_END() + } +}; +static struct unit_test_suite cryptodev_aes_gcm_auth_testsuite = { + .suite_name = "AES GCM Authenticated Test Suite", + .setup = aes_gcm_auth_testsuite_setup, + .unit_test_cases = { /** AES GCM Authenticated Encryption */ TEST_CASE_ST(ut_setup, ut_teardown, test_AES_GCM_auth_encrypt_SGL_in_place_1500B), @@ -13164,7 +15680,14 @@ static struct unit_test_suite cryptodev_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_AES_GCM_authenticated_decryption_sessionless_test_case_1), - /** AES GMAC Authentication */ + TEST_CASES_END() + } +}; + +static struct unit_test_suite cryptodev_aes_gmac_auth_testsuite = { + .suite_name = "AES GMAC Authentication Test Suite", + .setup = aes_gmac_auth_testsuite_setup, + .unit_test_cases = { TEST_CASE_ST(ut_setup, ut_teardown, test_AES_GMAC_authentication_test_case_1), TEST_CASE_ST(ut_setup, ut_teardown, @@ -13190,11 +15713,28 @@ static struct unit_test_suite cryptodev_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_AES_GMAC_authentication_SGL_2047B), - /** Chacha20-Poly1305 */ + TEST_CASES_END() + } +}; + +static struct unit_test_suite cryptodev_chacha20_poly1305_testsuite = { + .suite_name = "Chacha20-Poly1305 Test Suite", + .setup = chacha20_poly1305_testsuite_setup, + .unit_test_cases = { TEST_CASE_ST(ut_setup, ut_teardown, test_chacha20_poly1305_encrypt_test_case_rfc8439), TEST_CASE_ST(ut_setup, ut_teardown, test_chacha20_poly1305_decrypt_test_case_rfc8439), + TEST_CASE_ST(ut_setup, ut_teardown, + test_chacha20_poly1305_encrypt_SGL_out_of_place), + TEST_CASES_END() + } +}; + +static struct unit_test_suite cryptodev_snow3g_testsuite = { + .suite_name = "SNOW 3G Test Suite", + .setup = snow3g_testsuite_setup, + .unit_test_cases = { /** SNOW 3G encrypt only (UEA2) */ TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_encryption_test_case_1), @@ -13275,6 +15815,7 @@ static struct unit_test_suite cryptodev_testsuite = { test_snow3g_hash_generate_test_case_2), TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_hash_generate_test_case_3), + /* Tests with buffers which length is not byte-aligned */ TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_hash_generate_test_case_4), @@ -13288,6 +15829,7 @@ static struct unit_test_suite cryptodev_testsuite = { test_snow3g_hash_verify_test_case_2), TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_hash_verify_test_case_3), + /* Tests with buffers which length is not byte-aligned */ TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_hash_verify_test_case_4), @@ -13299,7 +15841,14 @@ static struct unit_test_suite cryptodev_testsuite = { test_snow3g_cipher_auth_test_case_1), TEST_CASE_ST(ut_setup, ut_teardown, test_snow3g_auth_cipher_with_digest_test_case_1), + TEST_CASES_END() + } +}; +static struct unit_test_suite cryptodev_zuc_testsuite = { + .suite_name = "ZUC Test Suite", + .setup = zuc_testsuite_setup, + .unit_test_cases = { /** ZUC encrypt only (EEA3) */ TEST_CASE_ST(ut_setup, ut_teardown, test_zuc_encryption_test_case_1), @@ -13331,6 +15880,13 @@ static struct unit_test_suite cryptodev_testsuite = { test_zuc_hash_generate_test_case_7), TEST_CASE_ST(ut_setup, ut_teardown, test_zuc_hash_generate_test_case_8), + TEST_CASE_ST(ut_setup, ut_teardown, + test_zuc_hash_generate_test_case_9), + TEST_CASE_ST(ut_setup, ut_teardown, + test_zuc_hash_generate_test_case_10), + TEST_CASE_ST(ut_setup, ut_teardown, + test_zuc_hash_generate_test_case_11), + /** ZUC alg-chain (EEA3/EIA3) */ TEST_CASE_ST(ut_setup, ut_teardown, @@ -13358,7 +15914,26 @@ static struct unit_test_suite cryptodev_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_zuc_auth_cipher_verify_test_case_1_oop_sgl), - /** HMAC_MD5 Authentication */ + /** ZUC-256 encrypt only **/ + TEST_CASE_ST(ut_setup, ut_teardown, + test_zuc256_encryption_test_case_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_zuc256_encryption_test_case_2), + + /** ZUC-256 authentication only **/ + TEST_CASE_ST(ut_setup, ut_teardown, + test_zuc256_authentication_test_case_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_zuc256_authentication_test_case_2), + + TEST_CASES_END() + } +}; + +static struct unit_test_suite cryptodev_hmac_md5_auth_testsuite = { + .suite_name = "HMAC_MD5 Authentication Test Suite", + .setup = hmac_md5_auth_testsuite_setup, + .unit_test_cases = { TEST_CASE_ST(ut_setup, ut_teardown, test_MD5_HMAC_generate_case_1), TEST_CASE_ST(ut_setup, ut_teardown, @@ -13367,7 +15942,14 @@ static struct unit_test_suite cryptodev_testsuite = { test_MD5_HMAC_generate_case_2), TEST_CASE_ST(ut_setup, ut_teardown, test_MD5_HMAC_verify_case_2), + TEST_CASES_END() + } +}; +static struct unit_test_suite cryptodev_kasumi_testsuite = { + .suite_name = "Kasumi Test Suite", + .setup = kasumi_testsuite_setup, + .unit_test_cases = { /** KASUMI hash only (UIA1) */ TEST_CASE_ST(ut_setup, ut_teardown, test_kasumi_hash_generate_test_case_1), @@ -13424,7 +16006,6 @@ static struct unit_test_suite cryptodev_testsuite = { test_kasumi_decryption_test_case_5), TEST_CASE_ST(ut_setup, ut_teardown, test_kasumi_decryption_test_case_1_oop), - TEST_CASE_ST(ut_setup, ut_teardown, test_kasumi_cipher_auth_test_case_1), @@ -13452,17 +16033,26 @@ static struct unit_test_suite cryptodev_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_kasumi_auth_cipher_verify_test_case_2_oop_sgl), - /** ESN Testcase */ + TEST_CASES_END() + } +}; + +static struct unit_test_suite cryptodev_esn_testsuite = { + .suite_name = "ESN Test Suite", + .setup = esn_testsuite_setup, + .unit_test_cases = { TEST_CASE_ST(ut_setup, ut_teardown, auth_encrypt_AES128CBC_HMAC_SHA1_esn_check), TEST_CASE_ST(ut_setup, ut_teardown, auth_decrypt_AES128CBC_HMAC_SHA1_esn_check), - - /** Negative tests */ - TEST_CASE_ST(ut_setup, ut_teardown, - authentication_verify_HMAC_SHA1_fail_data_corrupt), - TEST_CASE_ST(ut_setup, ut_teardown, - authentication_verify_HMAC_SHA1_fail_tag_corrupt), + TEST_CASES_END() + } +}; + +static struct unit_test_suite cryptodev_negative_aes_gcm_testsuite = { + .suite_name = "Negative AES GCM Test Suite", + .setup = negative_aes_gcm_testsuite_setup, + .unit_test_cases = { TEST_CASE_ST(ut_setup, ut_teardown, test_AES_GCM_auth_encryption_fail_iv_corrupt), TEST_CASE_ST(ut_setup, ut_teardown, @@ -13487,16 +16077,28 @@ static struct unit_test_suite cryptodev_testsuite = { test_AES_GCM_auth_decryption_fail_aad_corrupt), TEST_CASE_ST(ut_setup, ut_teardown, test_AES_GCM_auth_decryption_fail_tag_corrupt), + + TEST_CASES_END() + } +}; + +static struct unit_test_suite cryptodev_negative_aes_gmac_testsuite = { + .suite_name = "Negative AES GMAC Test Suite", + .setup = negative_aes_gmac_testsuite_setup, + .unit_test_cases = { TEST_CASE_ST(ut_setup, ut_teardown, authentication_verify_AES128_GMAC_fail_data_corrupt), TEST_CASE_ST(ut_setup, ut_teardown, authentication_verify_AES128_GMAC_fail_tag_corrupt), - TEST_CASE_ST(ut_setup, ut_teardown, - auth_decryption_AES128CBC_HMAC_SHA1_fail_data_corrupt), - TEST_CASE_ST(ut_setup, ut_teardown, - auth_decryption_AES128CBC_HMAC_SHA1_fail_tag_corrupt), - /** Mixed CIPHER + HASH algorithms */ + TEST_CASES_END() + } +}; + +static struct unit_test_suite cryptodev_mixed_cipher_hash_testsuite = { + .suite_name = "Mixed CIPHER + HASH algorithms Test Suite", + .setup = mixed_cipher_hash_testsuite_setup, + .unit_test_cases = { /** AUTH AES CMAC + CIPHER AES CTR */ TEST_CASE_ST(ut_setup, ut_teardown, test_aes_cmac_aes_ctr_digest_enc_test_case_1), @@ -13509,11 +16111,11 @@ static struct unit_test_suite cryptodev_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1), TEST_CASE_ST(ut_setup, ut_teardown, - test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_oop), + test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_oop), TEST_CASE_ST(ut_setup, ut_teardown, - test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_sgl), + test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_sgl), TEST_CASE_ST(ut_setup, ut_teardown, - test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_oop_sgl), + test_verify_aes_cmac_aes_ctr_digest_enc_test_case_1_oop_sgl), /** AUTH ZUC + CIPHER SNOW3G */ TEST_CASE_ST(ut_setup, ut_teardown, @@ -13576,305 +16178,278 @@ static struct unit_test_suite cryptodev_testsuite = { test_auth_aes_cmac_cipher_null_test_case_1), TEST_CASE_ST(ut_setup, ut_teardown, test_verify_auth_aes_cmac_cipher_null_test_case_1), - -#ifdef RTE_LIBRTE_SECURITY - TEST_CASE_ST(ut_setup_security, ut_teardown, - test_PDCP_PROTO_all), - TEST_CASE_ST(ut_setup_security, ut_teardown, - test_DOCSIS_PROTO_all), -#endif - TEST_CASES_END() /**< NULL terminate unit test array */ - } -}; - -static struct unit_test_suite cryptodev_virtio_testsuite = { - .suite_name = "Crypto VIRTIO Unit Test Suite", - .setup = testsuite_setup, - .teardown = testsuite_teardown, - .unit_test_cases = { - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_all), - - TEST_CASES_END() /**< NULL terminate unit test array */ - } -}; - -static struct unit_test_suite cryptodev_caam_jr_testsuite = { - .suite_name = "Crypto CAAM JR Unit Test Suite", - .setup = testsuite_setup, - .teardown = testsuite_teardown, - .unit_test_cases = { - TEST_CASE_ST(ut_setup, ut_teardown, - test_device_configure_invalid_dev_id), - TEST_CASE_ST(ut_setup, ut_teardown, - test_multi_session), - - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all), - - TEST_CASES_END() /**< NULL terminate unit test array */ + TEST_CASES_END() } }; -static struct unit_test_suite cryptodev_mrvl_testsuite = { - .suite_name = "Crypto Device Marvell Component Test Suite", - .setup = testsuite_setup, - .teardown = testsuite_teardown, - .unit_test_cases = { - TEST_CASE_ST(ut_setup, ut_teardown, test_multi_session), - TEST_CASE_ST(ut_setup, ut_teardown, - test_multi_session_random_usage), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_cipheronly_all), +static int +run_cryptodev_testsuite(const char *pmd_name) +{ + uint8_t ret, j, i = 0, blk_start_idx = 0; + const enum blockcipher_test_type blk_suites[] = { + BLKCIPHER_AES_CHAIN_TYPE, + BLKCIPHER_AES_CIPHERONLY_TYPE, + BLKCIPHER_AES_DOCSIS_TYPE, + BLKCIPHER_3DES_CHAIN_TYPE, + BLKCIPHER_3DES_CIPHERONLY_TYPE, + BLKCIPHER_DES_CIPHERONLY_TYPE, + BLKCIPHER_DES_DOCSIS_TYPE, + BLKCIPHER_AUTHONLY_TYPE}; + struct unit_test_suite *static_suites[] = { + &cryptodev_multi_session_testsuite, + &cryptodev_null_testsuite, + &cryptodev_aes_ccm_auth_testsuite, + &cryptodev_aes_gcm_auth_testsuite, + &cryptodev_aes_gmac_auth_testsuite, + &cryptodev_snow3g_testsuite, + &cryptodev_chacha20_poly1305_testsuite, + &cryptodev_zuc_testsuite, + &cryptodev_hmac_md5_auth_testsuite, + &cryptodev_kasumi_testsuite, + &cryptodev_esn_testsuite, + &cryptodev_negative_aes_gcm_testsuite, + &cryptodev_negative_aes_gmac_testsuite, + &cryptodev_mixed_cipher_hash_testsuite, + &cryptodev_negative_hmac_sha1_testsuite, + &cryptodev_gen_testsuite, +#ifdef RTE_LIB_SECURITY + &ipsec_proto_testsuite, + &pdcp_proto_testsuite, + &docsis_proto_testsuite, +#endif + &end_testsuite + }; + static struct unit_test_suite ts = { + .suite_name = "Cryptodev Unit Test Suite", + .setup = testsuite_setup, + .teardown = testsuite_teardown, + .unit_test_cases = {TEST_CASES_END()} + }; - /** Negative tests */ - TEST_CASE_ST(ut_setup, ut_teardown, - authentication_verify_HMAC_SHA1_fail_data_corrupt), - TEST_CASE_ST(ut_setup, ut_teardown, - authentication_verify_HMAC_SHA1_fail_tag_corrupt), - TEST_CASE_ST(ut_setup, ut_teardown, - auth_decryption_AES128CBC_HMAC_SHA1_fail_data_corrupt), - TEST_CASE_ST(ut_setup, ut_teardown, - auth_decryption_AES128CBC_HMAC_SHA1_fail_tag_corrupt), + gbl_driver_id = rte_cryptodev_driver_id_get(pmd_name); - TEST_CASES_END() /**< NULL terminate unit test array */ + if (gbl_driver_id == -1) { + RTE_LOG(ERR, USER1, "%s PMD must be loaded.\n", pmd_name); + return TEST_SKIPPED; } -}; -static struct unit_test_suite cryptodev_ccp_testsuite = { - .suite_name = "Crypto Device CCP Unit Test Suite", - .setup = testsuite_setup, - .teardown = testsuite_teardown, - .unit_test_cases = { - TEST_CASE_ST(ut_setup, ut_teardown, test_multi_session), - TEST_CASE_ST(ut_setup, ut_teardown, - test_multi_session_random_usage), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_AES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_chain_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_3DES_cipheronly_all), - TEST_CASE_ST(ut_setup, ut_teardown, test_authonly_all), + ts.unit_test_suites = malloc(sizeof(struct unit_test_suite *) * + (RTE_DIM(blk_suites) + RTE_DIM(static_suites))); - /** Negative tests */ - TEST_CASE_ST(ut_setup, ut_teardown, - authentication_verify_HMAC_SHA1_fail_data_corrupt), - TEST_CASE_ST(ut_setup, ut_teardown, - authentication_verify_HMAC_SHA1_fail_tag_corrupt), - TEST_CASE_ST(ut_setup, ut_teardown, - auth_decryption_AES128CBC_HMAC_SHA1_fail_data_corrupt), - TEST_CASE_ST(ut_setup, ut_teardown, - auth_decryption_AES128CBC_HMAC_SHA1_fail_tag_corrupt), + ADD_BLOCKCIPHER_TESTSUITE(i, ts, blk_suites, RTE_DIM(blk_suites)); + ADD_STATIC_TESTSUITE(i, ts, static_suites, RTE_DIM(static_suites)); + ret = unit_test_suite_runner(&ts); - TEST_CASES_END() /**< NULL terminate unit test array */ - } -}; + FREE_BLOCKCIPHER_TESTSUITE(blk_start_idx, ts, RTE_DIM(blk_suites)); + free(ts.unit_test_suites); + return ret; +} static int -test_cryptodev_qat(void /*argv __rte_unused, int argc __rte_unused*/) +require_feature_flag(const char *pmd_name, uint64_t flag, const char *flag_name) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD)); + struct rte_cryptodev_info dev_info; + uint8_t i, nb_devs; + int driver_id; - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "QAT PMD must be loaded.\n"); + driver_id = rte_cryptodev_driver_id_get(pmd_name); + if (driver_id == -1) { + RTE_LOG(WARNING, USER1, "%s PMD must be loaded.\n", pmd_name); return TEST_SKIPPED; } - return unit_test_suite_runner(&cryptodev_testsuite); -} - -static int -test_cryptodev_virtio(void /*argv __rte_unused, int argc __rte_unused*/) -{ - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_VIRTIO_PMD)); + nb_devs = rte_cryptodev_count(); + if (nb_devs < 1) { + RTE_LOG(WARNING, USER1, "No crypto devices found?\n"); + return TEST_SKIPPED; + } - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "VIRTIO PMD must be loaded.\n"); - return TEST_FAILED; + for (i = 0; i < nb_devs; i++) { + rte_cryptodev_info_get(i, &dev_info); + if (dev_info.driver_id == driver_id) { + if (!(dev_info.feature_flags & flag)) { + RTE_LOG(INFO, USER1, "%s not supported\n", + flag_name); + return TEST_SKIPPED; + } + return 0; /* found */ + } } - return unit_test_suite_runner(&cryptodev_virtio_testsuite); + RTE_LOG(INFO, USER1, "%s not supported\n", flag_name); + return TEST_SKIPPED; } static int -test_cryptodev_aesni_mb(void /*argv __rte_unused, int argc __rte_unused*/) +test_cryptodev_qat(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD)); +} - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "AESNI MB PMD must be loaded.\n"); - return TEST_SKIPPED; - } +static int +test_cryptodev_virtio(void) +{ + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_VIRTIO_PMD)); +} - return unit_test_suite_runner(&cryptodev_testsuite); +static int +test_cryptodev_aesni_mb(void) +{ + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)); } static int test_cryptodev_cpu_aesni_mb(void) { int32_t rc; - enum rte_security_session_action_type at; - - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "AESNI MB PMD must be loaded.\n"); - return TEST_SKIPPED; - } - - at = gbl_action_type; + enum rte_security_session_action_type at = gbl_action_type; gbl_action_type = RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO; - rc = unit_test_suite_runner(&cryptodev_testsuite); + rc = run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)); gbl_action_type = at; return rc; } static int -test_cryptodev_openssl(void) +test_cryptodev_chacha_poly_mb(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "OPENSSL PMD must be loaded.\n"); - return TEST_SKIPPED; - } + int32_t rc; + enum rte_security_session_action_type at = gbl_action_type; + rc = run_cryptodev_testsuite( + RTE_STR(CRYPTODEV_NAME_CHACHA20_POLY1305_PMD)); + gbl_action_type = at; + return rc; +} - return unit_test_suite_runner(&cryptodev_testsuite); +static int +test_cryptodev_openssl(void) +{ + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_OPENSSL_PMD)); } static int test_cryptodev_aesni_gcm(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "AESNI GCM PMD must be loaded.\n"); - return TEST_SKIPPED; - } - - return unit_test_suite_runner(&cryptodev_testsuite); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD)); } static int test_cryptodev_cpu_aesni_gcm(void) { int32_t rc; - enum rte_security_session_action_type at; - - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "AESNI GCM PMD must be loaded.\n"); - return TEST_SKIPPED; - } - - at = gbl_action_type; + enum rte_security_session_action_type at = gbl_action_type; gbl_action_type = RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO; - rc = unit_test_suite_runner(&cryptodev_testsuite); + rc = run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_AESNI_GCM_PMD)); gbl_action_type = at; return rc; } static int -test_cryptodev_null(void) +test_cryptodev_mlx5(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_NULL_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "NULL PMD must be loaded.\n"); - return TEST_SKIPPED; - } - - return unit_test_suite_runner(&cryptodev_testsuite); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_MLX5_PMD)); } static int -test_cryptodev_sw_snow3g(void /*argv __rte_unused, int argc __rte_unused*/) +test_cryptodev_null(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_SNOW3G_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "SNOW3G PMD must be loaded.\n"); - return TEST_SKIPPED; - } - - return unit_test_suite_runner(&cryptodev_testsuite); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_NULL_PMD)); } static int -test_cryptodev_sw_kasumi(void /*argv __rte_unused, int argc __rte_unused*/) +test_cryptodev_sw_snow3g(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_KASUMI_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "ZUC PMD must be loaded.\n"); - return TEST_SKIPPED; - } - - return unit_test_suite_runner(&cryptodev_testsuite); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_SNOW3G_PMD)); } static int -test_cryptodev_sw_zuc(void /*argv __rte_unused, int argc __rte_unused*/) +test_cryptodev_sw_kasumi(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_ZUC_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "ZUC PMD must be loaded.\n"); - return TEST_SKIPPED; - } + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_KASUMI_PMD)); +} - return unit_test_suite_runner(&cryptodev_testsuite); +static int +test_cryptodev_sw_zuc(void) +{ + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_ZUC_PMD)); } static int test_cryptodev_armv8(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_ARMV8_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "ARMV8 PMD must be loaded.\n"); - return TEST_SKIPPED; - } - - return unit_test_suite_runner(&cryptodev_testsuite); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_ARMV8_PMD)); } static int test_cryptodev_mrvl(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_MVSAM_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "MVSAM PMD must be loaded.\n"); - return TEST_SKIPPED; - } - - return unit_test_suite_runner(&cryptodev_mrvl_testsuite); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_MVSAM_PMD)); } -#ifdef RTE_LIBRTE_PMD_CRYPTO_SCHEDULER +#ifdef RTE_CRYPTO_SCHEDULER static int -test_cryptodev_scheduler(void /*argv __rte_unused, int argc __rte_unused*/) +test_cryptodev_scheduler(void) { + uint8_t ret, sched_i, j, i = 0, blk_start_idx = 0; + const enum blockcipher_test_type blk_suites[] = { + BLKCIPHER_AES_CHAIN_TYPE, + BLKCIPHER_AES_CIPHERONLY_TYPE, + BLKCIPHER_AUTHONLY_TYPE + }; + static struct unit_test_suite scheduler_multicore = { + .suite_name = "Scheduler Multicore Unit Test Suite", + .setup = scheduler_multicore_testsuite_setup, + .teardown = scheduler_mode_testsuite_teardown, + .unit_test_cases = {TEST_CASES_END()} + }; + static struct unit_test_suite scheduler_round_robin = { + .suite_name = "Scheduler Round Robin Unit Test Suite", + .setup = scheduler_roundrobin_testsuite_setup, + .teardown = scheduler_mode_testsuite_teardown, + .unit_test_cases = {TEST_CASES_END()} + }; + static struct unit_test_suite scheduler_failover = { + .suite_name = "Scheduler Failover Unit Test Suite", + .setup = scheduler_failover_testsuite_setup, + .teardown = scheduler_mode_testsuite_teardown, + .unit_test_cases = {TEST_CASES_END()} + }; + static struct unit_test_suite scheduler_pkt_size_distr = { + .suite_name = "Scheduler Pkt Size Distr Unit Test Suite", + .setup = scheduler_pkt_size_distr_testsuite_setup, + .teardown = scheduler_mode_testsuite_teardown, + .unit_test_cases = {TEST_CASES_END()} + }; + struct unit_test_suite *sched_mode_suites[] = { + &scheduler_multicore, + &scheduler_round_robin, + &scheduler_failover, + &scheduler_pkt_size_distr + }; + static struct unit_test_suite scheduler_config = { + .suite_name = "Crypto Device Scheduler Config Unit Test Suite", + .unit_test_cases = { + TEST_CASE(test_scheduler_attach_worker_op), + TEST_CASE(test_scheduler_mode_multicore_op), + TEST_CASE(test_scheduler_mode_roundrobin_op), + TEST_CASE(test_scheduler_mode_failover_op), + TEST_CASE(test_scheduler_mode_pkt_size_distr_op), + TEST_CASE(test_scheduler_detach_worker_op), + + TEST_CASES_END() /**< NULL terminate array */ + } + }; + struct unit_test_suite *static_suites[] = { + &scheduler_config, + &end_testsuite + }; + static struct unit_test_suite ts = { + .suite_name = "Scheduler Unit Test Suite", + .setup = scheduler_testsuite_setup, + .teardown = testsuite_teardown, + .unit_test_cases = {TEST_CASES_END()} + }; + gbl_driver_id = rte_cryptodev_driver_id_get( RTE_STR(CRYPTODEV_NAME_SCHEDULER_PMD)); @@ -13887,8 +16462,33 @@ test_cryptodev_scheduler(void /*argv __rte_unused, int argc __rte_unused*/) RTE_STR(CRYPTODEV_NAME_AESNI_MB_PMD)) == -1) { RTE_LOG(ERR, USER1, "AESNI MB PMD must be loaded.\n"); return TEST_SKIPPED; -} - return unit_test_suite_runner(&cryptodev_scheduler_testsuite); + } + + for (sched_i = 0; sched_i < RTE_DIM(sched_mode_suites); sched_i++) { + uint8_t blk_i = 0; + sched_mode_suites[sched_i]->unit_test_suites = malloc(sizeof + (struct unit_test_suite *) * + (RTE_DIM(blk_suites) + 1)); + ADD_BLOCKCIPHER_TESTSUITE(blk_i, (*sched_mode_suites[sched_i]), + blk_suites, RTE_DIM(blk_suites)); + sched_mode_suites[sched_i]->unit_test_suites[blk_i] = &end_testsuite; + } + + ts.unit_test_suites = malloc(sizeof(struct unit_test_suite *) * + (RTE_DIM(static_suites) + RTE_DIM(sched_mode_suites))); + ADD_STATIC_TESTSUITE(i, ts, sched_mode_suites, + RTE_DIM(sched_mode_suites)); + ADD_STATIC_TESTSUITE(i, ts, static_suites, RTE_DIM(static_suites)); + ret = unit_test_suite_runner(&ts); + + for (sched_i = 0; sched_i < RTE_DIM(sched_mode_suites); sched_i++) { + FREE_BLOCKCIPHER_TESTSUITE(blk_start_idx, + (*sched_mode_suites[sched_i]), + RTE_DIM(blk_suites)); + free(sched_mode_suites[sched_i]->unit_test_suites); + } + free(ts.unit_test_suites); + return ret; } REGISTER_TEST_COMMAND(cryptodev_scheduler_autotest, test_cryptodev_scheduler); @@ -13896,145 +16496,130 @@ REGISTER_TEST_COMMAND(cryptodev_scheduler_autotest, test_cryptodev_scheduler); #endif static int -test_cryptodev_dpaa2_sec(void /*argv __rte_unused, int argc __rte_unused*/) +test_cryptodev_dpaa2_sec(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_DPAA2_SEC_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "DPAA2 SEC PMD must be loaded.\n"); - return TEST_SKIPPED; - } - - return unit_test_suite_runner(&cryptodev_testsuite); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_DPAA2_SEC_PMD)); } static int -test_cryptodev_dpaa_sec(void /*argv __rte_unused, int argc __rte_unused*/) +test_cryptodev_dpaa_sec(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_DPAA_SEC_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "DPAA SEC PMD must be loaded.\n"); - return TEST_SKIPPED; - } - - return unit_test_suite_runner(&cryptodev_testsuite); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_DPAA_SEC_PMD)); } static int test_cryptodev_ccp(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_CCP_PMD)); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_CCP_PMD)); +} - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "CCP PMD must be loaded.\n"); - return TEST_FAILED; - } +static int +test_cryptodev_octeontx(void) +{ + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_OCTEONTX_SYM_PMD)); +} - return unit_test_suite_runner(&cryptodev_ccp_testsuite); +static int +test_cryptodev_caam_jr(void) +{ + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)); } static int -test_cryptodev_octeontx(void) +test_cryptodev_nitrox(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_OCTEONTX_SYM_PMD)); - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "OCTEONTX PMD must be loaded.\n"); - return TEST_FAILED; - } - return unit_test_suite_runner(&cryptodev_testsuite); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_NITROX_PMD)); } static int -test_cryptodev_octeontx2(void) +test_cryptodev_bcmfs(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_OCTEONTX2_PMD)); - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "OCTEON TX2 PMD must be loaded.\n"); - return TEST_FAILED; - } - return unit_test_suite_runner(&cryptodev_testsuite); + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_BCMFS_PMD)); } static int -test_cryptodev_caam_jr(void /*argv __rte_unused, int argc __rte_unused*/) +test_cryptodev_qat_raw_api(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_CAAM_JR_PMD)); + static const char *pmd_name = RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD); + int ret; - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "CAAM_JR PMD must be loaded.\n"); - return TEST_FAILED; - } + ret = require_feature_flag(pmd_name, RTE_CRYPTODEV_FF_SYM_RAW_DP, + "RAW API"); + if (ret) + return ret; + + global_api_test_type = CRYPTODEV_RAW_API_TEST; + ret = run_cryptodev_testsuite(pmd_name); + global_api_test_type = CRYPTODEV_API_TEST; - return unit_test_suite_runner(&cryptodev_caam_jr_testsuite); + return ret; } static int -test_cryptodev_nitrox(void) +test_cryptodev_cn9k(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_NITROX_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "NITROX PMD must be loaded.\n"); - return TEST_FAILED; - } + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_CN9K_PMD)); +} - return unit_test_suite_runner(&cryptodev_testsuite); +static int +test_cryptodev_cn10k(void) +{ + return run_cryptodev_testsuite(RTE_STR(CRYPTODEV_NAME_CN10K_PMD)); } static int -test_cryptodev_bcmfs(void) +test_cryptodev_dpaa2_sec_raw_api(void) { - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_BCMFS_PMD)); + static const char *pmd_name = RTE_STR(CRYPTODEV_NAME_DPAA2_SEC_PMD); + int ret; - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "BCMFS PMD must be loaded.\n"); - return TEST_FAILED; - } + ret = require_feature_flag(pmd_name, RTE_CRYPTODEV_FF_SYM_RAW_DP, + "RAW API"); + if (ret) + return ret; + + global_api_test_type = CRYPTODEV_RAW_API_TEST; + ret = run_cryptodev_testsuite(pmd_name); + global_api_test_type = CRYPTODEV_API_TEST; - return unit_test_suite_runner(&cryptodev_testsuite); + return ret; } static int -test_cryptodev_qat_raw_api(void /*argv __rte_unused, int argc __rte_unused*/) +test_cryptodev_dpaa_sec_raw_api(void) { + static const char *pmd_name = RTE_STR(CRYPTODEV_NAME_DPAA2_SEC_PMD); int ret; - gbl_driver_id = rte_cryptodev_driver_id_get( - RTE_STR(CRYPTODEV_NAME_QAT_SYM_PMD)); - - if (gbl_driver_id == -1) { - RTE_LOG(ERR, USER1, "QAT PMD must be loaded. Check that both " - "CONFIG_RTE_LIBRTE_PMD_QAT and CONFIG_RTE_LIBRTE_PMD_QAT_SYM " - "are enabled in config file to run this testsuite.\n"); - return TEST_SKIPPED; - } + ret = require_feature_flag(pmd_name, RTE_CRYPTODEV_FF_SYM_RAW_DP, + "RAW API"); + if (ret) + return ret; global_api_test_type = CRYPTODEV_RAW_API_TEST; - ret = unit_test_suite_runner(&cryptodev_testsuite); + ret = run_cryptodev_testsuite(pmd_name); global_api_test_type = CRYPTODEV_API_TEST; return ret; } +REGISTER_TEST_COMMAND(cryptodev_dpaa2_sec_raw_api_autotest, + test_cryptodev_dpaa2_sec_raw_api); +REGISTER_TEST_COMMAND(cryptodev_dpaa_sec_raw_api_autotest, + test_cryptodev_dpaa_sec_raw_api); REGISTER_TEST_COMMAND(cryptodev_qat_raw_api_autotest, test_cryptodev_qat_raw_api); REGISTER_TEST_COMMAND(cryptodev_qat_autotest, test_cryptodev_qat); REGISTER_TEST_COMMAND(cryptodev_aesni_mb_autotest, test_cryptodev_aesni_mb); REGISTER_TEST_COMMAND(cryptodev_cpu_aesni_mb_autotest, test_cryptodev_cpu_aesni_mb); +REGISTER_TEST_COMMAND(cryptodev_chacha_poly_mb_autotest, + test_cryptodev_chacha_poly_mb); REGISTER_TEST_COMMAND(cryptodev_openssl_autotest, test_cryptodev_openssl); REGISTER_TEST_COMMAND(cryptodev_aesni_gcm_autotest, test_cryptodev_aesni_gcm); REGISTER_TEST_COMMAND(cryptodev_cpu_aesni_gcm_autotest, test_cryptodev_cpu_aesni_gcm); +REGISTER_TEST_COMMAND(cryptodev_mlx5_autotest, test_cryptodev_mlx5); REGISTER_TEST_COMMAND(cryptodev_null_autotest, test_cryptodev_null); REGISTER_TEST_COMMAND(cryptodev_sw_snow3g_autotest, test_cryptodev_sw_snow3g); REGISTER_TEST_COMMAND(cryptodev_sw_kasumi_autotest, test_cryptodev_sw_kasumi); @@ -14046,7 +16631,10 @@ REGISTER_TEST_COMMAND(cryptodev_dpaa_sec_autotest, test_cryptodev_dpaa_sec); REGISTER_TEST_COMMAND(cryptodev_ccp_autotest, test_cryptodev_ccp); REGISTER_TEST_COMMAND(cryptodev_virtio_autotest, test_cryptodev_virtio); REGISTER_TEST_COMMAND(cryptodev_octeontx_autotest, test_cryptodev_octeontx); -REGISTER_TEST_COMMAND(cryptodev_octeontx2_autotest, test_cryptodev_octeontx2); REGISTER_TEST_COMMAND(cryptodev_caam_jr_autotest, test_cryptodev_caam_jr); REGISTER_TEST_COMMAND(cryptodev_nitrox_autotest, test_cryptodev_nitrox); REGISTER_TEST_COMMAND(cryptodev_bcmfs_autotest, test_cryptodev_bcmfs); +REGISTER_TEST_COMMAND(cryptodev_cn9k_autotest, test_cryptodev_cn9k); +REGISTER_TEST_COMMAND(cryptodev_cn10k_autotest, test_cryptodev_cn10k); + +#endif /* !RTE_EXEC_ENV_WINDOWS */