bool silent,
const struct ipsec_test_flags *flags)
{
+ uint16_t v6_src[8] = {0x2607, 0xf8b0, 0x400c, 0x0c03, 0x0000, 0x0000,
+ 0x0000, 0x001a};
+ uint16_t v6_dst[8] = {0x2001, 0x0470, 0xe5bf, 0xdead, 0x4957, 0x2174,
+ 0xe82c, 0x4887};
struct crypto_testsuite_params *ts_params = &testsuite_params;
struct crypto_unittest_params *ut_params = &unittest_params;
struct rte_security_capability_idx sec_cap_idx;
dst += 1;
}
- memcpy(&ipsec_xform.tunnel.ipv4.src_ip, &src, sizeof(src));
- memcpy(&ipsec_xform.tunnel.ipv4.dst_ip, &dst, sizeof(dst));
+ if (td->ipsec_xform.tunnel.type ==
+ RTE_SECURITY_IPSEC_TUNNEL_IPV4) {
+ memcpy(&ipsec_xform.tunnel.ipv4.src_ip, &src, sizeof(src));
+ memcpy(&ipsec_xform.tunnel.ipv4.dst_ip, &dst, sizeof(dst));
+ } else {
+ memcpy(&ipsec_xform.tunnel.ipv6.src_addr, &v6_src,
+ sizeof(v6_src));
+ memcpy(&ipsec_xform.tunnel.ipv6.dst_addr, &v6_dst,
+ sizeof(v6_dst));
+ }
ctx = rte_cryptodev_get_sec_ctx(dev_id);
return test_ipsec_proto_all(&flags);
}
+static int
+test_ipsec_proto_tunnel_v4_in_v4(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.ipv6 = false;
+ flags.tunnel_ipv6 = false;
+
+ return test_ipsec_proto_all(&flags);
+}
+
+static int
+test_ipsec_proto_tunnel_v6_in_v6(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.ipv6 = true;
+ flags.tunnel_ipv6 = true;
+
+ return test_ipsec_proto_all(&flags);
+}
+
+static int
+test_ipsec_proto_tunnel_v4_in_v6(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.ipv6 = false;
+ flags.tunnel_ipv6 = true;
+
+ return test_ipsec_proto_all(&flags);
+}
+
+static int
+test_ipsec_proto_tunnel_v6_in_v4(const void *data __rte_unused)
+{
+ struct ipsec_test_flags flags;
+
+ memset(&flags, 0, sizeof(flags));
+
+ flags.ipv6 = true;
+ flags.tunnel_ipv6 = false;
+
+ return test_ipsec_proto_all(&flags);
+}
+
static int
test_PDCP_PROTO_all(void)
{
ut_setup_security, ut_teardown,
test_ipsec_proto_known_vec,
&pkt_aes_128_cbc_hmac_sha256),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Outbound known vector (ESP tunnel mode IPv6 AES-GCM 128)",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_known_vec, &pkt_aes_256_gcm_v6),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Outbound known vector (ESP tunnel mode IPv6 AES-CBC 128 HMAC-SHA256 [16B ICV])",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_known_vec,
+ &pkt_aes_128_cbc_hmac_sha256_v6),
TEST_CASE_NAMED_WITH_DATA(
"Inbound known vector (ESP tunnel mode IPv4 AES-GCM 128)",
ut_setup_security, ut_teardown,
ut_setup_security, ut_teardown,
test_ipsec_proto_known_vec_inb,
&pkt_aes_128_cbc_hmac_sha256),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Inbound known vector (ESP tunnel mode IPv6 AES-GCM 128)",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_known_vec_inb, &pkt_aes_256_gcm_v6),
+ TEST_CASE_NAMED_WITH_DATA(
+ "Inbound known vector (ESP tunnel mode IPv6 AES-CBC 128 HMAC-SHA256 [16B ICV])",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_known_vec_inb,
+ &pkt_aes_128_cbc_hmac_sha256_v6),
TEST_CASE_NAMED_ST(
"Combined test alg list",
ut_setup_security, ut_teardown,
"Inner L4 checksum",
ut_setup_security, ut_teardown,
test_ipsec_proto_inner_l4_csum),
+ TEST_CASE_NAMED_ST(
+ "Tunnel IPv4 in IPv4",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_tunnel_v4_in_v4),
+ TEST_CASE_NAMED_ST(
+ "Tunnel IPv6 in IPv6",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_tunnel_v6_in_v6),
+ TEST_CASE_NAMED_ST(
+ "Tunnel IPv4 in IPv6",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_tunnel_v4_in_v6),
+ TEST_CASE_NAMED_ST(
+ "Tunnel IPv6 in IPv4",
+ ut_setup_security, ut_teardown,
+ test_ipsec_proto_tunnel_v6_in_v4),
TEST_CASES_END() /**< NULL terminate unit test array */
}
};
},
};
+struct ipsec_test_data pkt_aes_256_gcm_v6 = {
+ .key = {
+ .data = {
+ 0xde, 0x12, 0xbe, 0x56, 0xde, 0xad, 0xbe, 0xef,
+ 0xde, 0xad, 0xbe, 0xef, 0xde, 0xad, 0xbe, 0xef,
+ 0x12, 0x78, 0xbe, 0x34, 0x01, 0x02, 0x03, 0x07,
+ 0xaa, 0xbb, 0xcc, 0xf1, 0x08, 0x07, 0x06, 0x05,
+ },
+ },
+ .input_text = {
+ .data = {
+ 0x60, 0x00, 0x00, 0x00, 0x00, 0x20, 0x06, 0x38,
+ 0x26, 0x07, 0xf8, 0xb0, 0x40, 0x0c, 0x0c, 0x03,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1a,
+ 0x20, 0x01, 0x04, 0x70, 0xe5, 0xbf, 0xde, 0xad,
+ 0x49, 0x57, 0x21, 0x74, 0xe8, 0x2c, 0x48, 0x87,
+ 0x00, 0x19, 0xf9, 0xc7, 0x95, 0x63, 0x97, 0x9c,
+ 0x03, 0xa0, 0x88, 0x31, 0x80, 0x12, 0xa7, 0xd6,
+ 0x25, 0x83, 0x00, 0x00, 0x02, 0x04, 0x05, 0x6a,
+ 0x01, 0x01, 0x04, 0x02, 0x01, 0x03, 0x03, 0x07,
+ },
+ .len = 72,
+ },
+ .output_text = {
+ .data = {
+ 0x60, 0x00, 0x00, 0x00, 0x00, 0x6c, 0x32, 0x40,
+ 0x12, 0x34, 0x12, 0x21, 0x17, 0x45, 0x11, 0x34,
+ 0x11, 0xfc, 0x89, 0x71, 0xdf, 0x22, 0x56, 0x78,
+ 0x12, 0x34, 0x12, 0x21, 0x17, 0x45, 0x11, 0x34,
+ 0x11, 0xfc, 0x89, 0x71, 0xdf, 0x22, 0x34, 0x56,
+ 0x00, 0x00, 0x00, 0x34, 0x00, 0x00, 0x00, 0x01,
+ 0x45, 0xad, 0xfe, 0x23, 0x78, 0x56, 0x12, 0x00,
+ 0xe7, 0xdf, 0xc4, 0x7e, 0x21, 0xbd, 0xec, 0x1b,
+ 0x74, 0x5a, 0xe4, 0x7e, 0x2e, 0x94, 0x21, 0x0a,
+ 0x9b, 0x0e, 0x59, 0xbe, 0x06, 0x2a, 0xda, 0xb8,
+ 0x6b, 0x48, 0x7f, 0x0b, 0x88, 0x3a, 0xa9, 0xfd,
+ 0x3c, 0xfe, 0x9f, 0xb1, 0x8c, 0x67, 0xd2, 0xf8,
+ 0xaf, 0xb5, 0xad, 0x16, 0xdb, 0xff, 0x8d, 0x50,
+ 0xd3, 0x48, 0xf5, 0x6c, 0x3c, 0x0c, 0x27, 0x34,
+ 0x2b, 0x65, 0xc8, 0xff, 0xeb, 0x5f, 0xb8, 0xff,
+ 0x12, 0x00, 0x1c, 0x9f, 0xb7, 0x85, 0xdd, 0x7d,
+ 0x40, 0x19, 0xcb, 0x18, 0xeb, 0x15, 0xc4, 0x88,
+ 0xe1, 0xc2, 0x91, 0xc7, 0xb1, 0x65, 0xc3, 0x27,
+ 0x16, 0x06, 0x8f, 0xf2,
+ },
+ .len = 148,
+ },
+ .salt = {
+ .data = {
+ 0x11, 0x22, 0x33, 0x44
+ },
+ .len = 4,
+ },
+
+ .iv = {
+ .data = {
+ 0x45, 0xad, 0xfe, 0x23, 0x78, 0x56, 0x12, 0x00,
+ },
+ },
+
+ .ipsec_xform = {
+ .spi = 52,
+ .options.esn = 0,
+ .options.udp_encap = 0,
+ .options.copy_dscp = 0,
+ .options.copy_flabel = 0,
+ .options.copy_df = 0,
+ .options.dec_ttl = 0,
+ .options.ecn = 0,
+ .options.stats = 0,
+ .options.tunnel_hdr_verify = 0,
+ .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
+ .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+ .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+ .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV6,
+ .replay_win_sz = 0,
+ },
+
+ .aead = true,
+
+ .xform = {
+ .aead = {
+ .next = NULL,
+ .type = RTE_CRYPTO_SYM_XFORM_AEAD,
+ .aead = {
+ .op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
+ .algo = RTE_CRYPTO_AEAD_AES_GCM,
+ .key.length = 32,
+ .iv.length = 12,
+ .iv.offset = IV_OFFSET,
+ .digest_length = 16,
+ .aad_length = 12,
+ },
+ },
+ },
+};
+
struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256 = {
.key = {
.data = {
},
};
+struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256_v6 = {
+ .key = {
+ .data = {
+ 0x00, 0x04, 0x05, 0x01, 0x23, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x0a, 0x0b, 0x0c, 0x0f, 0x00, 0x00,
+ },
+ },
+ .auth_key = {
+ .data = {
+ 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00,
+ 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02,
+ 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04,
+ 0x0a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08,
+ },
+ },
+ .input_text = {
+ .data = {
+ 0x60, 0x00, 0x00, 0x00, 0x00, 0x20, 0x06, 0x38,
+ 0x26, 0x07, 0xf8, 0xb0, 0x40, 0x0c, 0x0c, 0x03,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1a,
+ 0x20, 0x01, 0x04, 0x70, 0xe5, 0xbf, 0xde, 0xad,
+ 0x49, 0x57, 0x21, 0x74, 0xe8, 0x2c, 0x48, 0x87,
+ 0x00, 0x19, 0xf9, 0xc7, 0x95, 0x63, 0x97, 0x9c,
+ 0x03, 0xa0, 0x88, 0x31, 0x80, 0x12, 0xa7, 0xd6,
+ 0x25, 0x83, 0x00, 0x00, 0x02, 0x04, 0x05, 0x6a,
+ 0x01, 0x01, 0x04, 0x02, 0x01, 0x03, 0x03, 0x07,
+ },
+ .len = 72,
+ },
+ .output_text = {
+ .data = {
+ 0x60, 0x00, 0x00, 0x00, 0x00, 0x78, 0x32, 0x40,
+ 0x12, 0x34, 0x12, 0x21, 0x17, 0x45, 0x11, 0x34,
+ 0x11, 0xfc, 0x89, 0x71, 0xdf, 0x22, 0x56, 0x78,
+ 0x12, 0x34, 0x12, 0x21, 0x17, 0x45, 0x11, 0x34,
+ 0x11, 0xfc, 0x89, 0x71, 0xdf, 0x22, 0x34, 0x56,
+ 0x00, 0x00, 0x00, 0x34, 0x00, 0x00, 0x00, 0x01,
+ 0x45, 0xad, 0xfe, 0x23, 0x78, 0x56, 0x12, 0x00,
+ 0xf0, 0xc1, 0x05, 0x3c, 0x00, 0x00, 0x00, 0x00,
+ 0x1b, 0x1c, 0x98, 0x6e, 0x2a, 0xce, 0x61, 0xef,
+ 0xc1, 0xdd, 0x25, 0x96, 0x5c, 0xb1, 0xb0, 0x15,
+ 0x47, 0x25, 0xb7, 0x8b, 0x00, 0xb6, 0xbb, 0xe6,
+ 0x2e, 0x29, 0xcb, 0x4a, 0x94, 0x00, 0xf0, 0x73,
+ 0xdb, 0x14, 0x32, 0xd9, 0xa2, 0xdf, 0x22, 0x2f,
+ 0x52, 0x3e, 0x79, 0x77, 0xf3, 0x17, 0xaa, 0x40,
+ 0x1c, 0x57, 0x27, 0x12, 0x82, 0x44, 0x35, 0xb8,
+ 0x64, 0xe0, 0xaa, 0x5c, 0x10, 0xc7, 0x97, 0x35,
+ 0x9c, 0x6b, 0x1c, 0xf7, 0xe7, 0xbd, 0x83, 0x33,
+ 0x77, 0x48, 0x44, 0x7d, 0xa4, 0x13, 0x74, 0x3b,
+ 0x6a, 0x91, 0xd0, 0xd8, 0x7d, 0x41, 0x45, 0x23,
+ 0x5d, 0xc9, 0x2d, 0x08, 0x7a, 0xd8, 0x25, 0x8e,
+ },
+ .len = 160,
+ },
+ .iv = {
+ .data = {
+ 0x45, 0xad, 0xfe, 0x23, 0x78, 0x56, 0x12, 0x00,
+ 0xf0, 0xc1, 0x05, 0x3c, 0x00, 0x00, 0x00, 0x00,
+ },
+ },
+
+ .ipsec_xform = {
+ .spi = 52,
+ .options.esn = 0,
+ .options.udp_encap = 0,
+ .options.copy_dscp = 0,
+ .options.copy_flabel = 0,
+ .options.copy_df = 0,
+ .options.dec_ttl = 0,
+ .options.ecn = 0,
+ .options.stats = 0,
+ .options.tunnel_hdr_verify = 0,
+ .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
+ .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+ .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+ .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV6,
+ .replay_win_sz = 0,
+ },
+
+ .aead = false,
+
+ .xform = {
+ .chain.cipher = {
+ .next = NULL,
+ .type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ .cipher = {
+ .op = RTE_CRYPTO_CIPHER_OP_ENCRYPT,
+ .algo = RTE_CRYPTO_CIPHER_AES_CBC,
+ .key.length = 16,
+ .iv.length = 16,
+ },
+ },
+ .chain.auth = {
+ .next = NULL,
+ .type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ .auth = {
+ .op = RTE_CRYPTO_AUTH_OP_GENERATE,
+ .algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
+ .key.length = 32,
+ .digest_length = 16,
+ },
+ },
+ },
+};
+
#endif /* TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_ */
git.droids-corp.org / dpdk.git / commitdiff