Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/138230/?format=api
http://patches.dpdk.org/api/patches/138230/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/patch/20240312175143.1664699-3-asasidharan@marvell.com/", "project": { "id": 1, "url": "http://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20240312175143.1664699-3-asasidharan@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20240312175143.1664699-3-asasidharan@marvell.com", "date": "2024-03-12T17:51:24", "name": "[v3,02/21] test/security: add TLS 1.2 data walkthrough test", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "f8500e5f0fa641f7c00840505332a07d48a40a94", "submitter": { "id": 2800, "url": "http://patches.dpdk.org/api/people/2800/?format=api", "name": "Aakash Sasidharan", "email": "asasidharan@marvell.com" }, "delegate": { "id": 6690, "url": "http://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "http://patches.dpdk.org/project/dpdk/patch/20240312175143.1664699-3-asasidharan@marvell.com/mbox/", "series": [ { "id": 31485, "url": "http://patches.dpdk.org/api/series/31485/?format=api", "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=31485", "date": "2024-03-12T17:51:22", "name": "Improvements and new test cases", "version": 3, "mbox": "http://patches.dpdk.org/series/31485/mbox/" } ], "comments": "http://patches.dpdk.org/api/patches/138230/comments/", "check": "success", "checks": "http://patches.dpdk.org/api/patches/138230/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 2F1FA43C94;\n\tTue, 12 Mar 2024 18:52:00 +0100 (CET)", "from mails.dpdk.org (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id 4ACB642DB2;\n\tTue, 12 Mar 2024 18:51:55 +0100 (CET)", "from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com\n [67.231.156.173])\n by mails.dpdk.org (Postfix) with ESMTP id D58A442D9F\n for <dev@dpdk.org>; Tue, 12 Mar 2024 18:51:53 +0100 (CET)", "from pps.filterd (m0045851.ppops.net [127.0.0.1])\n by mx0b-0016f401.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id\n 42CEHUat025258; Tue, 12 Mar 2024 10:51:53 -0700", "from dc6wp-exch02.marvell.com ([4.21.29.225])\n by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3wswdcxfc4-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);\n Tue, 12 Mar 2024 10:51:53 -0700 (PDT)", "from DC6WP-EXCH02.marvell.com (10.76.176.209) by\n DC6WP-EXCH02.marvell.com (10.76.176.209) with Microsoft SMTP Server\n (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id\n 15.2.1258.12; Tue, 12 Mar 2024 10:51:52 -0700", "from maili.marvell.com (10.69.176.80) by DC6WP-EXCH02.marvell.com\n (10.76.176.209) with Microsoft SMTP Server id 15.2.1258.12 via Frontend\n Transport; Tue, 12 Mar 2024 10:51:52 -0700", "from localhost.localdomain (unknown [10.28.36.177])\n by maili.marvell.com (Postfix) with ESMTP id E19163F70A4;\n Tue, 12 Mar 2024 10:51:49 -0700 (PDT)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=\n from:to:cc:subject:date:message-id:in-reply-to:references\n :mime-version:content-transfer-encoding:content-type; s=\n pfpt0220; bh=rC1FnbXiVmf0sHJDBsbUPyw+4XEKgDU6J6L/qcjTfbo=; b=b6j\n C1rigQf8tE6K1RTctlxz0UJcpD+0FAuZE6T0QlUYpu6cVzgTTB/AeLFv+f/VqKde\n WWln8phQ7OF1h1nhBDiwiMwwDEVRUgVkH38m2KwXDiET0vef7DPI216OV1ZdX230\n krWOKPDo+gVmvbjNO/4ZyH2nFNuaYvR6cKSaBt2HqwYRs/2igaOALNMdDOZ4foqW\n Vm7rCj/TI0qqf9xymFUUefUJLwZvkOUYYFMxKh7ayV0OY9oEgllerJcRlr1xSDrN\n HBVSBMHpjTYEKHKSryWGA2Q8KJLCMBxEWI729Ai4YGotR6A6J2gfbbk2PFwJf9Ci\n xuS8yvcjI+hCuf+b5XA==", "From": "Aakash Sasidharan <asasidharan@marvell.com>", "To": "Akhil Goyal <gakhil@marvell.com>, Fan Zhang <fanzhang.oss@gmail.com>,\n Anoob Joseph <anoobj@marvell.com>", "CC": "<jerinj@marvell.com>, <vvelumuri@marvell.com>, <asasidharan@marvell.com>,\n <dev@dpdk.org>", "Subject": "[PATCH v3 02/21] test/security: add TLS 1.2 data walkthrough test", "Date": "Tue, 12 Mar 2024 23:21:24 +0530", "Message-ID": "<20240312175143.1664699-3-asasidharan@marvell.com>", "X-Mailer": "git-send-email 2.25.1", "In-Reply-To": "<20240312175143.1664699-1-asasidharan@marvell.com>", "References": "<20240312071805.1354530-1-asasidharan@marvell.com>\n <20240312175143.1664699-1-asasidharan@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-ORIG-GUID": "J6mS2c7iIzfM4aHr7bhI0tkndm6YHYx4", "X-Proofpoint-GUID": "J6mS2c7iIzfM4aHr7bhI0tkndm6YHYx4", "X-Proofpoint-Virus-Version": "vendor=baseguard\n engine=ICAP:2.0.272,Aquarius:18.0.1011,Hydra:6.0.619,FMLib:17.11.176.26\n definitions=2024-03-12_11,2024-03-12_01,2023-05-22_02", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org" }, "content": "Add data walkthrough test for TLS 1.2.\n\nSigned-off-by: Aakash Sasidharan <asasidharan@marvell.com>\n---\n app/test/test_cryptodev.c | 90 +++++++++++++++++--\n app/test/test_cryptodev.h | 12 ++-\n app/test/test_cryptodev_security_tls_record.c | 25 ++++--\n app/test/test_cryptodev_security_tls_record.h | 41 ++++++++-\n app/test/test_security_proto.c | 17 ++++\n app/test/test_security_proto.h | 6 ++\n 6 files changed, 171 insertions(+), 20 deletions(-)", "diff": "diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c\nindex 3b5e784022..c5837ccbdd 100644\n--- a/app/test/test_cryptodev.c\n+++ b/app/test/test_cryptodev.c\n@@ -858,6 +858,8 @@ ipsec_proto_testsuite_setup(void)\n static int\n tls_record_proto_testsuite_setup(void)\n {\n+\ttest_sec_proto_pattern_generate();\n+\n \treturn sec_proto_testsuite_setup(RTE_SECURITY_PROTOCOL_TLS_RECORD);\n }\n \n@@ -11958,14 +11960,30 @@ test_tls_record_proto_known_vec_read(const void *test_data)\n static int\n test_tls_record_proto_all(const struct tls_record_test_flags *flags)\n {\n+\tunsigned int i, nb_pkts = 1, pass_cnt = 0, payload_len, max_payload_len;\n \tstruct tls_record_test_data td_outb[TEST_SEC_PKTS_MAX];\n \tstruct tls_record_test_data td_inb[TEST_SEC_PKTS_MAX];\n-\tunsigned int i, nb_pkts = 1, pass_cnt = 0;\n \tint ret;\n \n+\tswitch (flags->tls_version) {\n+\tcase RTE_SECURITY_VERSION_TLS_1_2:\n+\t\tmax_payload_len = TLS_1_2_RECORD_PLAINTEXT_MAX_LEN;\n+\t\tbreak;\n+\tcase RTE_SECURITY_VERSION_TLS_1_3:\n+\t\tmax_payload_len = TLS_1_3_RECORD_PLAINTEXT_MAX_LEN;\n+\t\tbreak;\n+\tcase RTE_SECURITY_VERSION_DTLS_1_2:\n+\t\tmax_payload_len = DTLS_1_2_RECORD_PLAINTEXT_MAX_LEN;\n+\t\tbreak;\n+\tdefault:\n+\t\tmax_payload_len = 0;\n+\t}\n+\n \tfor (i = 0; i < RTE_DIM(sec_alg_list); i++) {\n+\t\tpayload_len = TLS_RECORD_PLAINTEXT_MIN_LEN;\n+again:\n \t\ttest_tls_record_td_prepare(sec_alg_list[i].param1, sec_alg_list[i].param2, flags,\n-\t\t\t\t\t td_outb, nb_pkts);\n+\t\t\t\t\t td_outb, nb_pkts, payload_len);\n \n \t\tret = test_tls_record_proto_process(td_outb, td_inb, nb_pkts, true, flags);\n \t\tif (ret == TEST_SKIPPED)\n@@ -11983,6 +12001,9 @@ test_tls_record_proto_all(const struct tls_record_test_flags *flags)\n \t\tif (ret == TEST_FAILED)\n \t\t\treturn TEST_FAILED;\n \n+\t\tif (flags->data_walkthrough && (++payload_len <= max_payload_len))\n+\t\t\tgoto again;\n+\n \t\tif (flags->display_alg)\n \t\t\ttest_sec_alg_display(sec_alg_list[i].param1, sec_alg_list[i].param2);\n \n@@ -11996,22 +12017,69 @@ test_tls_record_proto_all(const struct tls_record_test_flags *flags)\n }\n \n static int\n-test_tls_record_proto_display_list(void)\n+test_tls_1_2_record_proto_data_walkthrough(void)\n+{\n+\tstruct tls_record_test_flags flags;\n+\n+\tmemset(&flags, 0, sizeof(flags));\n+\n+\tflags.data_walkthrough = true;\n+\tflags.tls_version = RTE_SECURITY_VERSION_TLS_1_2;\n+\n+\treturn test_tls_record_proto_all(&flags);\n+}\n+\n+static int\n+test_tls_1_2_record_proto_display_list(void)\n {\n \tstruct tls_record_test_flags flags;\n \n \tmemset(&flags, 0, sizeof(flags));\n \n \tflags.display_alg = true;\n+\tflags.tls_version = RTE_SECURITY_VERSION_TLS_1_2;\n \n \treturn test_tls_record_proto_all(&flags);\n }\n \n static int\n-test_tls_record_proto_sgl(void)\n+test_tls_1_2_record_proto_sgl(void)\n {\n \tstruct tls_record_test_flags flags = {\n-\t\t.nb_segs_in_mbuf = 5\n+\t\t.nb_segs_in_mbuf = 5,\n+\t\t.tls_version = RTE_SECURITY_VERSION_TLS_1_2\n+\t};\n+\tstruct crypto_testsuite_params *ts_params = &testsuite_params;\n+\tstruct rte_cryptodev_info dev_info;\n+\n+\trte_cryptodev_info_get(ts_params->valid_devs[0], &dev_info);\n+\tif (!(dev_info.feature_flags & RTE_CRYPTODEV_FF_IN_PLACE_SGL)) {\n+\t\tprintf(\"Device doesn't support in-place scatter-gather. Test Skipped.\\n\");\n+\t\treturn TEST_SKIPPED;\n+\t}\n+\n+\treturn test_tls_record_proto_all(&flags);\n+}\n+\n+static int\n+test_dtls_1_2_record_proto_display_list(void)\n+{\n+\tstruct tls_record_test_flags flags;\n+\n+\tmemset(&flags, 0, sizeof(flags));\n+\n+\tflags.display_alg = true;\n+\tflags.tls_version = RTE_SECURITY_VERSION_DTLS_1_2;\n+\n+\treturn test_tls_record_proto_all(&flags);\n+}\n+\n+static int\n+test_dtls_1_2_record_proto_sgl(void)\n+{\n+\tstruct tls_record_test_flags flags = {\n+\t\t.nb_segs_in_mbuf = 5,\n+\t\t.tls_version = RTE_SECURITY_VERSION_DTLS_1_2\n \t};\n \tstruct crypto_testsuite_params *ts_params = &testsuite_params;\n \tstruct rte_cryptodev_info dev_info;\n@@ -17081,11 +17149,15 @@ static struct unit_test_suite tls12_record_proto_testsuite = {\n \t\tTEST_CASE_NAMED_ST(\n \t\t\t\"Combined test alg list\",\n \t\t\tut_setup_security, ut_teardown,\n-\t\t\ttest_tls_record_proto_display_list),\n+\t\t\ttest_tls_1_2_record_proto_display_list),\n+\t\tTEST_CASE_NAMED_ST(\n+\t\t\t\"Data walkthrough combined test alg list\",\n+\t\t\tut_setup_security, ut_teardown,\n+\t\t\ttest_tls_1_2_record_proto_data_walkthrough),\n \t\tTEST_CASE_NAMED_ST(\n \t\t\t\"Multi-segmented mode\",\n \t\t\tut_setup_security, ut_teardown,\n-\t\t\ttest_tls_record_proto_sgl),\n+\t\t\ttest_tls_1_2_record_proto_sgl),\n \t\tTEST_CASES_END() /**< NULL terminate unit test array */\n \t}\n };\n@@ -17182,11 +17254,11 @@ static struct unit_test_suite dtls12_record_proto_testsuite = {\n \t\tTEST_CASE_NAMED_ST(\n \t\t\t\"Combined test alg list\",\n \t\t\tut_setup_security, ut_teardown,\n-\t\t\ttest_tls_record_proto_display_list),\n+\t\t\ttest_dtls_1_2_record_proto_display_list),\n \t\tTEST_CASE_NAMED_ST(\n \t\t\t\"Multi-segmented mode\",\n \t\t\tut_setup_security, ut_teardown,\n-\t\t\ttest_tls_record_proto_sgl),\n+\t\t\ttest_dtls_1_2_record_proto_sgl),\n \t\tTEST_CASES_END() /**< NULL terminate unit test array */\n \t}\n };\ndiff --git a/app/test/test_cryptodev.h b/app/test/test_cryptodev.h\nindex f27d9697fd..e4e99d00c1 100644\n--- a/app/test/test_cryptodev.h\n+++ b/app/test/test_cryptodev.h\n@@ -5,6 +5,9 @@\n #define TEST_CRYPTODEV_H_\n \n #include <rte_cryptodev.h>\n+#ifdef RTE_LIB_SECURITY\n+#include \"test_security_proto.h\"\n+#endif\n \n #define HEX_DUMP 0\n \n@@ -21,9 +24,16 @@\n #define DEFAULT_NUM_XFORMS (2)\n #define NUM_MBUFS (8191)\n #define MBUF_CACHE_SIZE (256)\n+\n+#ifdef RTE_LIB_SECURITY\n+#define MBUF_DATAPAYLOAD_SIZE\t\tRTE_MAX((unsigned int)(4096 + DIGEST_BYTE_LENGTH_SHA512), \\\n+\t\t\t\t\t\tTEST_SEC_CIPHERTEXT_MAX_LEN)\n+#else\n #define MBUF_DATAPAYLOAD_SIZE\t\t(4096 + DIGEST_BYTE_LENGTH_SHA512)\n+#endif\n+\n #define MBUF_SIZE\t\t\t(sizeof(struct rte_mbuf) + \\\n-\t\tRTE_PKTMBUF_HEADROOM + MBUF_DATAPAYLOAD_SIZE)\n+\t\t\t\t\tRTE_PKTMBUF_HEADROOM + MBUF_DATAPAYLOAD_SIZE)\n \n #define BYTE_LENGTH(x)\t\t\t\t(x/8)\n /* HASH DIGEST LENGTHS */\ndiff --git a/app/test/test_cryptodev_security_tls_record.c b/app/test/test_cryptodev_security_tls_record.c\nindex 14a7a2511e..3745c6a0d1 100644\n--- a/app/test/test_cryptodev_security_tls_record.c\n+++ b/app/test/test_cryptodev_security_tls_record.c\n@@ -62,7 +62,8 @@ test_tls_record_td_read_from_write(const struct tls_record_test_data *td_out,\n void\n test_tls_record_td_prepare(const struct crypto_param *param1, const struct crypto_param *param2,\n \t\t\t const struct tls_record_test_flags *flags,\n-\t\t\t struct tls_record_test_data *td_array, int nb_td)\n+\t\t\t struct tls_record_test_data *td_array,\n+\t\t\t int nb_td, unsigned int data_len)\n {\n \tint i, min_padding, hdr_len, tls_pkt_size, mac_len = 0, exp_nonce_len = 0, roundup_len = 0;\n \tstruct tls_record_test_data *td = NULL;\n@@ -76,7 +77,10 @@ test_tls_record_td_prepare(const struct crypto_param *param1, const struct crypt\n \n \t\tif (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) {\n \t\t\t/* Copy template for packet & key fields */\n-\t\t\tmemcpy(td, &tls_test_data_aes_128_gcm_v1, sizeof(*td));\n+\t\t\tif (flags->tls_version == RTE_SECURITY_VERSION_DTLS_1_2)\n+\t\t\t\tmemcpy(td, &dtls_test_data_aes_128_gcm, sizeof(*td));\n+\t\t\telse\n+\t\t\t\tmemcpy(td, &tls_test_data_aes_128_gcm_v1, sizeof(*td));\n \n \t\t\ttd->aead = true;\n \t\t\ttd->xform.aead.aead.algo = param1->alg.aead;\n@@ -84,7 +88,10 @@ test_tls_record_td_prepare(const struct crypto_param *param1, const struct crypt\n \t\t\ttd->xform.aead.aead.digest_length = param1->digest_length;\n \t\t} else {\n \t\t\t/* Copy template for packet & key fields */\n-\t\t\tmemcpy(td, &tls_test_data_aes_128_cbc_sha1_hmac, sizeof(*td));\n+\t\t\tif (flags->tls_version == RTE_SECURITY_VERSION_DTLS_1_2)\n+\t\t\t\tmemcpy(td, &dtls_test_data_aes_128_cbc_sha1_hmac, sizeof(*td));\n+\t\t\telse\n+\t\t\t\tmemcpy(td, &tls_test_data_aes_128_cbc_sha1_hmac, sizeof(*td));\n \n \t\t\ttd->aead = false;\n \t\t\ttd->xform.chain.cipher.cipher.algo = param1->alg.cipher;\n@@ -96,6 +103,11 @@ test_tls_record_td_prepare(const struct crypto_param *param1, const struct crypt\n \t\t}\n \t}\n \n+\tif (flags->data_walkthrough) {\n+\t\ttest_sec_proto_pattern_set(td->input_text.data, data_len);\n+\t\ttd->input_text.len = data_len;\n+\t}\n+\n \ttls_pkt_size = td->input_text.len;\n \n \tif (!td->aead) {\n@@ -221,6 +233,7 @@ test_tls_record_res_d_prepare(const uint8_t *output_text, uint32_t len,\n \n \treturn TEST_SUCCESS;\n }\n+\n static int\n tls_record_hdr_verify(const struct tls_record_test_data *td, const uint8_t *output_text)\n {\n@@ -280,13 +293,13 @@ int\n test_tls_record_post_process(const struct rte_mbuf *m, const struct tls_record_test_data *td,\n \t\t\t struct tls_record_test_data *res_d, bool silent)\n {\n+\tuint8_t output_text[TEST_SEC_CIPHERTEXT_MAX_LEN];\n \tuint32_t len = rte_pktmbuf_pkt_len(m), data_len;\n-\tuint8_t output_text[TLS_RECORD_MAX_LEN];\n \tconst struct rte_mbuf *seg;\n \tconst uint8_t *output;\n \tint ret;\n \n-\tmemset(output_text, 0, TLS_RECORD_MAX_LEN);\n+\tmemset(output_text, 0, TEST_SEC_CIPHERTEXT_MAX_LEN);\n \n \t/*\n \t * Actual data in packet might be less in error cases, hence take minimum of pkt_len and sum\n@@ -300,7 +313,7 @@ test_tls_record_post_process(const struct rte_mbuf *m, const struct tls_record_t\n \t}\n \n \tlen = RTE_MIN(len, data_len);\n-\tTEST_ASSERT(len <= TLS_RECORD_MAX_LEN, \"Invalid packet length: %u\", len);\n+\tTEST_ASSERT(len <= TEST_SEC_CIPHERTEXT_MAX_LEN, \"Invalid packet length: %u\", len);\n \n \t/* Copy mbuf payload to continuous buffer */\n \toutput = rte_pktmbuf_read(m, 0, len, output_text);\ndiff --git a/app/test/test_cryptodev_security_tls_record.h b/app/test/test_cryptodev_security_tls_record.h\nindex 0bd83f88f0..80b1c58d03 100644\n--- a/app/test/test_cryptodev_security_tls_record.h\n+++ b/app/test/test_cryptodev_security_tls_record.h\n@@ -10,7 +10,37 @@\n \n #include \"test_security_proto.h\"\n \n-#define TLS_RECORD_MAX_LEN 16384u\n+/* TLS 1.2 Ciphertext length can be up to (2^14 + 2048 + 5 (TLS Header)) Bytes */\n+#define TLS_1_2_RECORD_CIPHERTEXT_MAX_LEN (9216u)\n+static_assert(TLS_1_2_RECORD_CIPHERTEXT_MAX_LEN <= TEST_SEC_CIPHERTEXT_MAX_LEN,\n+\t \"TEST_SEC_CIPHERTEXT_MAX_LEN should be at least RECORD MAX LEN!\");\n+\n+/* TLS 1.2 Plaintext length can be up to (2^14 + 1024) Bytes */\n+#define TLS_1_2_RECORD_PLAINTEXT_MAX_LEN (8192u)\n+static_assert(TLS_1_2_RECORD_PLAINTEXT_MAX_LEN <= TEST_SEC_CLEARTEXT_MAX_LEN,\n+\t \"TEST_SEC_CLEARTEXT_MAX_LEN should be at least RECORD MAX LEN!\");\n+\n+/* DTLS 1.2 Ciphertext length is similar to TLS 1.2 */\n+#define DTLS_1_2_RECORD_CIPHERTEXT_MAX_LEN (9216u)\n+static_assert(DTLS_1_2_RECORD_CIPHERTEXT_MAX_LEN <= TEST_SEC_CIPHERTEXT_MAX_LEN,\n+\t \"TEST_SEC_CIPHERTEXT_MAX_LEN should be at least RECORD MAX LEN!\");\n+\n+/* DTLS 1.2 Plaintext length is similar to TLS 1.2 */\n+#define DTLS_1_2_RECORD_PLAINTEXT_MAX_LEN (8192u)\n+static_assert(DTLS_1_2_RECORD_PLAINTEXT_MAX_LEN <= TEST_SEC_CLEARTEXT_MAX_LEN,\n+\t \"TEST_SEC_CLEARTEXT_MAX_LEN should be at least RECORD MAX LEN!\");\n+\n+/* TLS 1.3 Ciphertext length can be up to (2^14 + 256 + 5 (TLS Header)) Bytes */\n+#define TLS_1_3_RECORD_CIPHERTEXT_MAX_LEN (9216u)\n+static_assert(TLS_1_3_RECORD_CIPHERTEXT_MAX_LEN <= TEST_SEC_CIPHERTEXT_MAX_LEN,\n+\t \"TEST_SEC_CIPHERTEXT_MAX_LEN should be at least RECORD MAX LEN!\");\n+\n+/* TLS 1.3 Plaintext length can be up to 2^14 Bytes */\n+#define TLS_1_3_RECORD_PLAINTEXT_MAX_LEN (8192u)\n+static_assert(TLS_1_3_RECORD_PLAINTEXT_MAX_LEN <= TEST_SEC_CLEARTEXT_MAX_LEN,\n+\t \"TEST_SEC_CLEARTEXT_MAX_LEN should be at least RECORD MAX LEN!\");\n+\n+#define TLS_RECORD_PLAINTEXT_MIN_LEN (1u)\n \n struct tls_record_test_data {\n \tstruct {\n@@ -22,12 +52,12 @@ struct tls_record_test_data {\n \t} auth_key;\n \n \tstruct {\n-\t\tuint8_t data[TLS_RECORD_MAX_LEN];\n+\t\tuint8_t data[TEST_SEC_CIPHERTEXT_MAX_LEN];\n \t\tunsigned int len;\n \t} input_text;\n \n \tstruct {\n-\t\tuint8_t data[TLS_RECORD_MAX_LEN];\n+\t\tuint8_t data[TEST_SEC_CIPHERTEXT_MAX_LEN];\n \t\tunsigned int len;\n \t} output_text;\n \n@@ -56,6 +86,8 @@ struct tls_record_test_data {\n struct tls_record_test_flags {\n \tbool display_alg;\n \tint nb_segs_in_mbuf;\n+\tbool data_walkthrough;\n+\tenum rte_security_tls_version tls_version;\n };\n \n extern struct tls_record_test_data tls_test_data_aes_128_gcm_v1;\n@@ -89,7 +121,8 @@ void test_tls_record_td_read_from_write(const struct tls_record_test_data *td_ou\n void test_tls_record_td_prepare(const struct crypto_param *param1,\n \t\t\t\tconst struct crypto_param *param2,\n \t\t\t\tconst struct tls_record_test_flags *flags,\n-\t\t\t\tstruct tls_record_test_data *td_array, int nb_td);\n+\t\t\t\tstruct tls_record_test_data *td_array, int nb_td,\n+\t\t\t\tunsigned int data_len);\n \n void test_tls_record_td_update(struct tls_record_test_data td_inb[],\n \t\t\t const struct tls_record_test_data td_outb[], int nb_td,\ndiff --git a/app/test/test_security_proto.c b/app/test/test_security_proto.c\nindex d242c852af..cf40d5fc9a 100644\n--- a/app/test/test_security_proto.c\n+++ b/app/test/test_security_proto.c\n@@ -13,6 +13,8 @@ struct crypto_param_comb sec_alg_list[RTE_DIM(aead_list) +\n \n struct crypto_param_comb sec_auth_only_alg_list[2 * (RTE_DIM(auth_list) - 1)];\n \n+static uint8_t cleartext_pattern[TEST_SEC_CLEARTEXT_MAX_LEN];\n+\n void\n test_sec_alg_list_populate(void)\n {\n@@ -152,3 +154,18 @@ test_sec_alg_display(const struct crypto_param *param1, const struct crypto_para\n \t}\n \tprintf(\"\\n\");\n }\n+\n+void\n+test_sec_proto_pattern_generate(void)\n+{\n+\tunsigned int i;\n+\n+\tfor (i = 0; i < TEST_SEC_CLEARTEXT_MAX_LEN; i++)\n+\t\tcleartext_pattern[i] = (i + 1) & 0xff;\n+}\n+\n+void\n+test_sec_proto_pattern_set(uint8_t *buf, int len)\n+{\n+\trte_memcpy(buf, cleartext_pattern, len);\n+}\ndiff --git a/app/test/test_security_proto.h b/app/test/test_security_proto.h\nindex 5b92daa810..22a298e6ca 100644\n--- a/app/test/test_security_proto.h\n+++ b/app/test/test_security_proto.h\n@@ -8,6 +8,8 @@\n #include <rte_cryptodev.h>\n #include <rte_security.h>\n \n+#define TEST_SEC_CLEARTEXT_MAX_LEN (8192u)\n+#define TEST_SEC_CIPHERTEXT_MAX_LEN (9216u)\n #define TEST_SEC_PKTS_MAX 32\n \n struct crypto_param {\n@@ -186,4 +188,8 @@ int test_sec_crypto_caps_auth_verify(const struct rte_security_capability *sec_c\n \n void test_sec_alg_display(const struct crypto_param *param1, const struct crypto_param *param2);\n \n+void test_sec_proto_pattern_generate(void);\n+\n+void test_sec_proto_pattern_set(uint8_t *buf, int len);\n+\n #endif\n", "prefixes": [ "v3", "02/21" ] }{ "id": 138230, "url": "