X-Git-Url: http://git.droids-corp.org/?a=blobdiff_plain;f=app%2Ftest%2Ftest_cryptodev_security_ipsec.h;h=6e27eba804a2c8836081f89320dd568e5cee4763;hb=67b5428db372f50a2fed8eec7a8b5720380ecc17;hp=d2ec63f66aaa195ba2523eb29b97e6a3067eb9e3;hpb=cd928003d8a3d58e6bb29b448d094113a8e4b2e2;p=dpdk.git diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h index d2ec63f66a..6e27eba804 100644 --- a/app/test/test_cryptodev_security_ipsec.h +++ b/app/test/test_cryptodev_security_ipsec.h @@ -14,6 +14,9 @@ struct ipsec_test_data { struct { uint8_t data[32]; } key; + struct { + uint8_t data[64]; + } auth_key; struct { uint8_t data[1024]; @@ -49,8 +52,20 @@ struct ipsec_test_data { struct ipsec_test_flags { bool display_alg; + bool sa_expiry_pkts_soft; + bool sa_expiry_pkts_hard; bool icv_corrupt; bool iv_gen; + uint32_t tunnel_hdr_verify; + bool udp_encap; + bool udp_ports_verify; + bool ip_csum; + bool l4_csum; + bool ipv6; + bool tunnel_ipv6; + bool transport; + bool fragment; + bool stats_success; }; struct crypto_param { @@ -61,6 +76,8 @@ struct crypto_param { enum rte_crypto_aead_algorithm aead; } alg; uint16_t key_length; + uint16_t iv_length; + uint16_t digest_length; }; static const struct crypto_param aead_list[] = { @@ -81,6 +98,86 @@ static const struct crypto_param aead_list[] = { }, }; +static const struct crypto_param cipher_list[] = { + { + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .alg.cipher = RTE_CRYPTO_CIPHER_NULL, + .key_length = 0, + .iv_length = 0, + }, + { + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .alg.cipher = RTE_CRYPTO_CIPHER_AES_CBC, + .key_length = 16, + .iv_length = 16, + }, + { + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .alg.cipher = RTE_CRYPTO_CIPHER_AES_CTR, + .key_length = 16, + .iv_length = 16, + }, + { + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .alg.cipher = RTE_CRYPTO_CIPHER_AES_CTR, + .key_length = 24, + .iv_length = 16, + }, + { + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .alg.cipher = RTE_CRYPTO_CIPHER_AES_CTR, + .key_length = 32, + .iv_length = 16, + }, +}; + +static const struct crypto_param auth_list[] = { + { + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .alg.auth = RTE_CRYPTO_AUTH_NULL, + }, + { + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .alg.auth = RTE_CRYPTO_AUTH_SHA256_HMAC, + .key_length = 32, + .digest_length = 16, + }, + { + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .alg.auth = RTE_CRYPTO_AUTH_SHA384_HMAC, + .key_length = 48, + .digest_length = 24, + }, + { + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .alg.auth = RTE_CRYPTO_AUTH_SHA512_HMAC, + .key_length = 64, + .digest_length = 32, + }, + { + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .alg.auth = RTE_CRYPTO_AUTH_AES_XCBC_MAC, + .key_length = 16, + .digest_length = 12, + }, +}; + +struct crypto_param_comb { + const struct crypto_param *param1; + const struct crypto_param *param2; +}; + +extern struct ipsec_test_data pkt_aes_256_gcm; +extern struct ipsec_test_data pkt_aes_256_gcm_v6; +extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256; +extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256_v6; + +extern struct crypto_param_comb alg_list[RTE_DIM(aead_list) + + (RTE_DIM(cipher_list) * + RTE_DIM(auth_list))]; + +void test_ipsec_alg_list_populate(void); + int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform, const struct rte_security_capability *sec_cap, bool silent); @@ -89,6 +186,14 @@ int test_ipsec_crypto_caps_aead_verify( const struct rte_security_capability *sec_cap, struct rte_crypto_sym_xform *aead); +int test_ipsec_crypto_caps_cipher_verify( + const struct rte_security_capability *sec_cap, + struct rte_crypto_sym_xform *cipher); + +int test_ipsec_crypto_caps_auth_verify( + const struct rte_security_capability *sec_cap, + struct rte_crypto_sym_xform *auth); + void test_ipsec_td_in_from_out(const struct ipsec_test_data *td_out, struct ipsec_test_data *td_in); @@ -112,6 +217,12 @@ int test_ipsec_post_process(struct rte_mbuf *m, const struct ipsec_test_flags *flags); int test_ipsec_status_check(struct rte_crypto_op *op, + const struct ipsec_test_flags *flags, + enum rte_security_ipsec_sa_direction dir, + int pkt_num); + +int test_ipsec_stats_verify(struct rte_security_ctx *ctx, + struct rte_security_session *sess, const struct ipsec_test_flags *flags, enum rte_security_ipsec_sa_direction dir);