| Message ID | 20231207130216.140-1-anoobj@marvell.com (mailing list archive) |
|---|---|
| Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id DC44F43699; Thu, 7 Dec 2023 14:02:25 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 6C15140295; Thu, 7 Dec 2023 14:02:25 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 0DE7B4025C for <dev@dpdk.org>; Thu, 7 Dec 2023 14:02:23 +0100 (CET) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 3B79PGlU032068; Thu, 7 Dec 2023 05:02:23 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=dTg/fQeVkeTUHRamaVC5AehS2Z5HtZyHAGt2Xy8pxe0=; b=ZkUbzqaeVh3PLkdxbnv8W+q0++hP/7mOnpKc/qPVKjCk6aImCyyR+uTnRgJTPBA4koVB C9/FJJyJOvCQIWvwbx/ua4+TtpITvcKuslPt7iSeXC0TAS6Y6sghEUn6W7IiO1Vfiuq9 pKmAt6ivL/Gvq9M5jateDAfPQPl4qmvirh0sZK4XSzB8G34bZjSnUqyskF9iblG8JQ7F XMaQAVa4oMweWcNWKROXO8PM9kFcQgTfbBmj8f5Dhkb8PSkYxQeifOptggdZV1XnhyGA 63rPOyxuUQVZsrL/ephGiDR3bypvokkO2/5PHpYwW4tCGHbOy//ARPL3BHmSbNJE2fUL YQ== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3uubdd8n3w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 07 Dec 2023 05:02:22 -0800 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Thu, 7 Dec 2023 05:02:20 -0800 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Thu, 7 Dec 2023 05:02:19 -0800 Received: from BG-LT92004.corp.innovium.com (unknown [10.28.163.189]) by maili.marvell.com (Postfix) with ESMTP id 4CF3C3F70B2; Thu, 7 Dec 2023 05:02:17 -0800 (PST) From: Anoob Joseph <anoobj@marvell.com> To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com> CC: Harry van Haaren <harry.van.haaren@intel.com>, Hemant Agrawal <hemant.agrawal@nxp.com>, Konstantin Ananyev <konstantin.v.ananyev@yandex.ru>, <dev@dpdk.org>, Vidya Sagar Velumuri <vvelumuri@marvell.com> Subject: [PATCH 00/14] Add TLS record test suite Date: Thu, 7 Dec 2023 18:32:02 +0530 Message-ID: <20231207130216.140-1-anoobj@marvell.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: HtmsRZOR8bGTZtV75TcNoB11cjOZ6Kij X-Proofpoint-GUID: HtmsRZOR8bGTZtV75TcNoB11cjOZ6Kij X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-12-07_10,2023-12-07_01,2023-05-22_02 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org |
| Series |
Add TLS record test suite
|
|
Message
Anoob Joseph
Dec. 7, 2023, 1:02 p.m. UTC
Add TLS record test suite in cryptodev autotest framework. The test
suite would run based on capabilities exposed by the cryptodev.
The test suite framework is similar to the framework used in case of
IPsec tests. To avoid duplication of code, protocol independent code
is moved to common files and the functions are renamed accordingly.
TLS record test suite has known vector tests as well as combined mode
tests. Known vector tests leverages vectors generated with kTLS and
gnuTLS utilities. The test suite supports testing both operations (read
or decrypt, write or encrypt) with a single vector. Write or encrypt
test would get skipped if cryptodev doesn't support disabling of IV
generation. Combined mode tests are targetted at testing protocol
features with all combinations of cipher-authentication algorithms.
Combined mode performs record write operation first and feeds that back
to record read operation. Individual test cases may update the input to
record write operation based on the test case and the test framework
validates the output obtained (not complete text, but protocol specific
fields such as TLS header). Once it is validated, the output will be
submitted for record read operation which would give back the original
data. Currently this framework supports testing of multi-segmented mbuf
as input with TLS record. The same would be enhanced to support more
cases such as ICV corruption, incorrect padding etc.
Enhancements planned for future,
- Add TLS 1.3 suite
- Add negative tests such as ICV corruption and incorrect padding
- Add session expiry tests
- Add anti-replay tests with DTLS
Sample output with crypto_cn10k:
+ ------------------------------------------------------- + [67/18944]
+ ------------------------------------------------------- +
+ Test Suite : TLS 1.2 Record Protocol Unit Test Suite
+ ------------------------------------------------------- +
+ TestCase [ 0] : Write record known vector AES-GCM-128 (vector 1) succeeded
+ TestCase [ 1] : Write record known vector AES-GCM-128 (vector 2) succeeded
+ TestCase [ 2] : Write record known vector AES-GCM-256 succeeded
+ TestCase [ 3] : Write record known vector AES-CBC-128-SHA1 succeeded
+ TestCase [ 4] : Write record known vector AES-128-CBC-SHA256 succeeded
+ TestCase [ 5] : Write record known vector AES-256-CBC-SHA1 succeeded
+ TestCase [ 6] : Write record known vector AES-256-CBC-SHA256 succeeded
+ TestCase [ 7] : Write record known vector 3DES-CBC-SHA1-HMAC succeeded
USER1: Cipher crypto capabilities not supported
+ TestCase [ 8] : Write record known vector NULL-SHA1-HMAC skipped
USER1: Crypto capabilities not supported
+ TestCase [ 9] : Write record known vector CHACHA20-POLY1305 skipped
+ TestCase [10] : Read record known vector AES-GCM-128 (vector 1) succeeded
+ TestCase [11] : Read record known vector AES-GCM-128 (vector 2) succeeded
+ TestCase [12] : Read record known vector AES-GCM-256 succeeded
+ TestCase [13] : Read record known vector AES-128-CBC-SHA1 succeeded
+ TestCase [14] : Read record known vector AES-128-CBC-SHA256 succeeded
+ TestCase [15] : Read record known vector AES-256-CBC-SHA1 succeeded
+ TestCase [16] : Read record known vector AES-256-CBC-SHA256 succeeded
+ TestCase [17] : Read record known vector 3DES-CBC-SHA1-HMAC succeeded
USER1: Cipher crypto capabilities not supported
+ TestCase [18] : Read record known vector NULL-SHA1-HMAC skipped
USER1: Crypto capabilities not supported
+ TestCase [19] : Read record known vector CHACHA20-POLY1305 skipped
3des-cbc [192] sha1-hmac [20B ICV]
aes-cbc [128] sha1-hmac [20B ICV]
aes-cbc [128] sha2-256-hmac [32B ICV]
aes-cbc [256] sha1-hmac [20B ICV]
aes-cbc [256] sha2-256-hmac [32B ICV]
+ TestCase [20] : Combined test alg list succeeded
+ TestCase [21] : Multi-segmented mode succeeded
+ ------------------------------------------------------- +
+ Test Suite Summary : TLS 1.2 Record Protocol Unit Test Suite
+ ------------------------------------------------------- +
+ Tests Total : 22
+ Tests Skipped : 4
+ Tests Executed : 22
+ Tests Unsupported: 0
+ Tests Passed : 18
+ Tests Failed : 0
+ ------------------------------------------------------- +
+ ------------------------------------------------------- +
+ Test Suite : DTLS 1.2 Record Protocol Unit Test Suite
+ ------------------------------------------------------- +
+ TestCase [ 0] : Write record known vector AES-GCM-128 succeeded
+ TestCase [ 1] : Write record known vector AES-GCM-256 succeeded
+ TestCase [ 2] : Write record known vector AES-128-CBC-SHA1 succeeded
+ TestCase [ 3] : Write record known vector AES-128-CBC-SHA256 succeeded
+ TestCase [ 4] : Write record known vector AES-256-CBC-SHA1 succeeded
+ TestCase [ 5] : Write record known vector AES-256-CBC-SHA256 succeeded
+ TestCase [ 6] : Write record known vector 3DES-CBC-SHA1-HMAC succeeded
USER1: Cipher crypto capabilities not supported
+ TestCase [ 7] : Write record known vector NULL-SHA1-HMAC skipped
USER1: Crypto capabilities not supported
+ TestCase [ 8] : Write record known vector CHACHA20-POLY1305 skipped
+ TestCase [ 9] : Read record known vector AES-GCM-128 succeeded
+ TestCase [10] : Read record known vector AES-GCM-256 succeeded
+ TestCase [11] : Read record known vector AES-128-CBC-SHA1 succeeded
+ TestCase [12] : Read record known vector AES-128-CBC-SHA256 succeeded
+ TestCase [13] : Read record known vector AES-256-CBC-SHA1 succeeded
+ TestCase [14] : Read record known vector AES-256-CBC-SHA256 succeeded
+ TestCase [15] : Read record known vector 3DES-CBC-SHA1-HMAC succeeded
USER1: Cipher crypto capabilities not supported
+ TestCase [16] : Read record known vector NULL-SHA1-HMAC skipped
USER1: Crypto capabilities not supported
+ TestCase [17] : Read record known vector CHACHA20-POLY1305 skipped
3des-cbc [192] sha1-hmac [20B ICV]
aes-cbc [128] sha1-hmac [20B ICV]
aes-cbc [128] sha2-256-hmac [32B ICV]
aes-cbc [256] sha1-hmac [20B ICV]
aes-cbc [256] sha2-256-hmac [32B ICV]
+ TestCase [18] : Combined test alg list succeeded
+ TestCase [19] : Multi-segmented mode succeeded
+ ------------------------------------------------------- +
+ Test Suite Summary : DTLS 1.2 Record Protocol Unit Test Suite
+ ------------------------------------------------------- +
+ Tests Total : 20
+ Tests Skipped : 4
+ Tests Executed : 20
+ Tests Unsupported: 0
+ Tests Passed : 16
+ Tests Failed : 0
+ ------------------------------------------------------- +
Akhil Goyal (3):
test/crypto: add TLS1.2 vectors
test/crypto: add TLS1.2/DTLS1.2 AES-128/256-GCM vectors
test/security: add TLS 1.2 and DTLS 1.2 vectors
Anoob Joseph (5):
test/crypto: move security caps checks to separate file
test/crypto: move algorithm display routines to common
test/security: add sha1-hmac to auth list
test/crypto: add TLS record tests
test/crypto: add verification of TLS headers
Tejasree Kondoj (2):
test/crypto: add AES-GCM 128 TLS 1.2 vector
test/crypto: add multi segmented cases
Vidya Sagar Velumuri (4):
test/crypto: move algorithm list to common
test/crypto: move algorithm framework to common
test/crypto: add combined mode cases
test/security: add more algos to combined tests
app/test-security-perf/meson.build | 1 +
app/test-security-perf/test_security_perf.c | 35 +-
app/test/meson.build | 2 +
app/test/test_cryptodev.c | 596 ++++++-
app/test/test_cryptodev.h | 2 +
app/test/test_cryptodev_security_ipsec.c | 164 +-
app/test/test_cryptodev_security_ipsec.h | 157 +-
app/test/test_cryptodev_security_tls_record.c | 327 ++++
app/test/test_cryptodev_security_tls_record.h | 101 ++
...yptodev_security_tls_record_test_vectors.h | 1584 +++++++++++++++++
app/test/test_security_inline_proto.c | 42 +-
app/test/test_security_proto.c | 154 ++
app/test/test_security_proto.h | 186 ++
doc/guides/rel_notes/release_24_03.rst | 4 +
14 files changed, 2960 insertions(+), 395 deletions(-)
create mode 100644 app/test/test_cryptodev_security_tls_record.c
create mode 100644 app/test/test_cryptodev_security_tls_record.h
create mode 100644 app/test/test_cryptodev_security_tls_record_test_vectors.h
create mode 100644 app/test/test_security_proto.c
create mode 100644 app/test/test_security_proto.h
Comments
> Subject: [PATCH 00/14] Add TLS record test suite > > Add TLS record test suite in cryptodev autotest framework. The test > suite would run based on capabilities exposed by the cryptodev. > > The test suite framework is similar to the framework used in case of > IPsec tests. To avoid duplication of code, protocol independent code > is moved to common files and the functions are renamed accordingly. > > TLS record test suite has known vector tests as well as combined mode > tests. Known vector tests leverages vectors generated with kTLS and > gnuTLS utilities. The test suite supports testing both operations (read > or decrypt, write or encrypt) with a single vector. Write or encrypt > test would get skipped if cryptodev doesn't support disabling of IV > generation. Combined mode tests are targetted at testing protocol > features with all combinations of cipher-authentication algorithms. > > Combined mode performs record write operation first and feeds that back > to record read operation. Individual test cases may update the input to > record write operation based on the test case and the test framework > validates the output obtained (not complete text, but protocol specific > fields such as TLS header). Once it is validated, the output will be > submitted for record read operation which would give back the original > data. Currently this framework supports testing of multi-segmented mbuf > as input with TLS record. The same would be enhanced to support more > cases such as ICV corruption, incorrect padding etc. > > Enhancements planned for future, > - Add TLS 1.3 suite > - Add negative tests such as ICV corruption and incorrect padding > - Add session expiry tests > - Add anti-replay tests with DTLS > > Sample output with crypto_cn10k: > > + ------------------------------------------------------- + > [67/18944] > + ------------------------------------------------------- + > + Test Suite : TLS 1.2 Record Protocol Unit Test Suite > + ------------------------------------------------------- + > + TestCase [ 0] : Write record known vector AES-GCM-128 (vector 1) succeeded > + TestCase [ 1] : Write record known vector AES-GCM-128 (vector 2) succeeded > + TestCase [ 2] : Write record known vector AES-GCM-256 succeeded > + TestCase [ 3] : Write record known vector AES-CBC-128-SHA1 succeeded > + TestCase [ 4] : Write record known vector AES-128-CBC-SHA256 succeeded > + TestCase [ 5] : Write record known vector AES-256-CBC-SHA1 succeeded > + TestCase [ 6] : Write record known vector AES-256-CBC-SHA256 succeeded > + TestCase [ 7] : Write record known vector 3DES-CBC-SHA1-HMAC succeeded > USER1: Cipher crypto capabilities not supported > + TestCase [ 8] : Write record known vector NULL-SHA1-HMAC skipped > USER1: Crypto capabilities not supported > + TestCase [ 9] : Write record known vector CHACHA20-POLY1305 skipped > + TestCase [10] : Read record known vector AES-GCM-128 (vector 1) succeeded > + TestCase [11] : Read record known vector AES-GCM-128 (vector 2) succeeded > + TestCase [12] : Read record known vector AES-GCM-256 succeeded > + TestCase [13] : Read record known vector AES-128-CBC-SHA1 succeeded > + TestCase [14] : Read record known vector AES-128-CBC-SHA256 succeeded > + TestCase [15] : Read record known vector AES-256-CBC-SHA1 succeeded > + TestCase [16] : Read record known vector AES-256-CBC-SHA256 succeeded > + TestCase [17] : Read record known vector 3DES-CBC-SHA1-HMAC succeeded > USER1: Cipher crypto capabilities not supported > + TestCase [18] : Read record known vector NULL-SHA1-HMAC skipped > USER1: Crypto capabilities not supported > + TestCase [19] : Read record known vector CHACHA20-POLY1305 skipped > 3des-cbc [192] sha1-hmac [20B ICV] > aes-cbc [128] sha1-hmac [20B ICV] > aes-cbc [128] sha2-256-hmac [32B ICV] > aes-cbc [256] sha1-hmac [20B ICV] > aes-cbc [256] sha2-256-hmac [32B ICV] > + TestCase [20] : Combined test alg list succeeded > + TestCase [21] : Multi-segmented mode succeeded > + ------------------------------------------------------- + > + Test Suite Summary : TLS 1.2 Record Protocol Unit Test Suite > + ------------------------------------------------------- + > + Tests Total : 22 > + Tests Skipped : 4 > + Tests Executed : 22 > + Tests Unsupported: 0 > + Tests Passed : 18 > + Tests Failed : 0 > + ------------------------------------------------------- + > + ------------------------------------------------------- + > + Test Suite : DTLS 1.2 Record Protocol Unit Test Suite > + ------------------------------------------------------- + > + TestCase [ 0] : Write record known vector AES-GCM-128 succeeded > + TestCase [ 1] : Write record known vector AES-GCM-256 succeeded > + TestCase [ 2] : Write record known vector AES-128-CBC-SHA1 succeeded > + TestCase [ 3] : Write record known vector AES-128-CBC-SHA256 succeeded > + TestCase [ 4] : Write record known vector AES-256-CBC-SHA1 succeeded > + TestCase [ 5] : Write record known vector AES-256-CBC-SHA256 succeeded > + TestCase [ 6] : Write record known vector 3DES-CBC-SHA1-HMAC succeeded > USER1: Cipher crypto capabilities not supported > + TestCase [ 7] : Write record known vector NULL-SHA1-HMAC skipped > USER1: Crypto capabilities not supported > + TestCase [ 8] : Write record known vector CHACHA20-POLY1305 skipped > + TestCase [ 9] : Read record known vector AES-GCM-128 succeeded > + TestCase [10] : Read record known vector AES-GCM-256 succeeded > + TestCase [11] : Read record known vector AES-128-CBC-SHA1 succeeded > + TestCase [12] : Read record known vector AES-128-CBC-SHA256 succeeded > + TestCase [13] : Read record known vector AES-256-CBC-SHA1 succeeded > + TestCase [14] : Read record known vector AES-256-CBC-SHA256 succeeded > + TestCase [15] : Read record known vector 3DES-CBC-SHA1-HMAC succeeded > USER1: Cipher crypto capabilities not supported > + TestCase [16] : Read record known vector NULL-SHA1-HMAC skipped > USER1: Crypto capabilities not supported > + TestCase [17] : Read record known vector CHACHA20-POLY1305 skipped > 3des-cbc [192] sha1-hmac [20B ICV] > aes-cbc [128] sha1-hmac [20B ICV] > aes-cbc [128] sha2-256-hmac [32B ICV] > aes-cbc [256] sha1-hmac [20B ICV] > aes-cbc [256] sha2-256-hmac [32B ICV] > + TestCase [18] : Combined test alg list succeeded > + TestCase [19] : Multi-segmented mode succeeded > + ------------------------------------------------------- + > + Test Suite Summary : DTLS 1.2 Record Protocol Unit Test Suite > + ------------------------------------------------------- + > + Tests Total : 20 > + Tests Skipped : 4 > + Tests Executed : 20 > + Tests Unsupported: 0 > + Tests Passed : 16 > + Tests Failed : 0 > + ------------------------------------------------------- + > > Akhil Goyal (3): > test/crypto: add TLS1.2 vectors > test/crypto: add TLS1.2/DTLS1.2 AES-128/256-GCM vectors > test/security: add TLS 1.2 and DTLS 1.2 vectors > > Anoob Joseph (5): > test/crypto: move security caps checks to separate file > test/crypto: move algorithm display routines to common > test/security: add sha1-hmac to auth list > test/crypto: add TLS record tests > test/crypto: add verification of TLS headers > > Tejasree Kondoj (2): > test/crypto: add AES-GCM 128 TLS 1.2 vector > test/crypto: add multi segmented cases > > Vidya Sagar Velumuri (4): > test/crypto: move algorithm list to common > test/crypto: move algorithm framework to common > test/crypto: add combined mode cases > test/security: add more algos to combined tests > > app/test-security-perf/meson.build | 1 + > app/test-security-perf/test_security_perf.c | 35 +- > app/test/meson.build | 2 + > app/test/test_cryptodev.c | 596 ++++++- > app/test/test_cryptodev.h | 2 + > app/test/test_cryptodev_security_ipsec.c | 164 +- > app/test/test_cryptodev_security_ipsec.h | 157 +- > app/test/test_cryptodev_security_tls_record.c | 327 ++++ > app/test/test_cryptodev_security_tls_record.h | 101 ++ > ...yptodev_security_tls_record_test_vectors.h | 1584 +++++++++++++++++ > app/test/test_security_inline_proto.c | 42 +- > app/test/test_security_proto.c | 154 ++ > app/test/test_security_proto.h | 186 ++ > doc/guides/rel_notes/release_24_03.rst | 4 + > 14 files changed, 2960 insertions(+), 395 deletions(-) > create mode 100644 app/test/test_cryptodev_security_tls_record.c > create mode 100644 app/test/test_cryptodev_security_tls_record.h > create mode 100644 > app/test/test_cryptodev_security_tls_record_test_vectors.h > create mode 100644 app/test/test_security_proto.c > create mode 100644 app/test/test_security_proto.h > Series Acked-by: Akhil Goyal <gakhil@marvell.com>
> Subject: RE: [PATCH 00/14] Add TLS record test suite > > > Subject: [PATCH 00/14] Add TLS record test suite > > > > Add TLS record test suite in cryptodev autotest framework. The test > > suite would run based on capabilities exposed by the cryptodev. > > > > The test suite framework is similar to the framework used in case of > > IPsec tests. To avoid duplication of code, protocol independent code > > is moved to common files and the functions are renamed accordingly. > > > > TLS record test suite has known vector tests as well as combined mode > > tests. Known vector tests leverages vectors generated with kTLS and > > gnuTLS utilities. The test suite supports testing both operations (read > > or decrypt, write or encrypt) with a single vector. Write or encrypt > > test would get skipped if cryptodev doesn't support disabling of IV > > generation. Combined mode tests are targetted at testing protocol > > features with all combinations of cipher-authentication algorithms. > > > > Combined mode performs record write operation first and feeds that back > > to record read operation. Individual test cases may update the input to > > record write operation based on the test case and the test framework > > validates the output obtained (not complete text, but protocol specific > > fields such as TLS header). Once it is validated, the output will be > > submitted for record read operation which would give back the original > > data. Currently this framework supports testing of multi-segmented mbuf > > as input with TLS record. The same would be enhanced to support more > > cases such as ICV corruption, incorrect padding etc. > > > > Enhancements planned for future, > > - Add TLS 1.3 suite > > - Add negative tests such as ICV corruption and incorrect padding > > - Add session expiry tests > > - Add anti-replay tests with DTLS > > > > Sample output with crypto_cn10k: > > > > + ------------------------------------------------------- + > > [67/18944] > > + ------------------------------------------------------- + > > + Test Suite : TLS 1.2 Record Protocol Unit Test Suite > > + ------------------------------------------------------- + > > + TestCase [ 0] : Write record known vector AES-GCM-128 (vector 1) > succeeded > > + TestCase [ 1] : Write record known vector AES-GCM-128 (vector 2) > succeeded > > + TestCase [ 2] : Write record known vector AES-GCM-256 succeeded > > + TestCase [ 3] : Write record known vector AES-CBC-128-SHA1 succeeded > > + TestCase [ 4] : Write record known vector AES-128-CBC-SHA256 succeeded > > + TestCase [ 5] : Write record known vector AES-256-CBC-SHA1 succeeded > > + TestCase [ 6] : Write record known vector AES-256-CBC-SHA256 succeeded > > + TestCase [ 7] : Write record known vector 3DES-CBC-SHA1-HMAC > succeeded > > USER1: Cipher crypto capabilities not supported > > + TestCase [ 8] : Write record known vector NULL-SHA1-HMAC skipped > > USER1: Crypto capabilities not supported > > + TestCase [ 9] : Write record known vector CHACHA20-POLY1305 skipped > > + TestCase [10] : Read record known vector AES-GCM-128 (vector 1) > succeeded > > + TestCase [11] : Read record known vector AES-GCM-128 (vector 2) > succeeded > > + TestCase [12] : Read record known vector AES-GCM-256 succeeded > > + TestCase [13] : Read record known vector AES-128-CBC-SHA1 succeeded > > + TestCase [14] : Read record known vector AES-128-CBC-SHA256 succeeded > > + TestCase [15] : Read record known vector AES-256-CBC-SHA1 succeeded > > + TestCase [16] : Read record known vector AES-256-CBC-SHA256 succeeded > > + TestCase [17] : Read record known vector 3DES-CBC-SHA1-HMAC > succeeded > > USER1: Cipher crypto capabilities not supported > > + TestCase [18] : Read record known vector NULL-SHA1-HMAC skipped > > USER1: Crypto capabilities not supported > > + TestCase [19] : Read record known vector CHACHA20-POLY1305 skipped > > 3des-cbc [192] sha1-hmac [20B ICV] > > aes-cbc [128] sha1-hmac [20B ICV] > > aes-cbc [128] sha2-256-hmac [32B ICV] > > aes-cbc [256] sha1-hmac [20B ICV] > > aes-cbc [256] sha2-256-hmac [32B ICV] > > + TestCase [20] : Combined test alg list succeeded > > + TestCase [21] : Multi-segmented mode succeeded > > + ------------------------------------------------------- + > > + Test Suite Summary : TLS 1.2 Record Protocol Unit Test Suite > > + ------------------------------------------------------- + > > + Tests Total : 22 > > + Tests Skipped : 4 > > + Tests Executed : 22 > > + Tests Unsupported: 0 > > + Tests Passed : 18 > > + Tests Failed : 0 > > + ------------------------------------------------------- + > > + ------------------------------------------------------- + > > + Test Suite : DTLS 1.2 Record Protocol Unit Test Suite > > + ------------------------------------------------------- + > > + TestCase [ 0] : Write record known vector AES-GCM-128 succeeded > > + TestCase [ 1] : Write record known vector AES-GCM-256 succeeded > > + TestCase [ 2] : Write record known vector AES-128-CBC-SHA1 succeeded > > + TestCase [ 3] : Write record known vector AES-128-CBC-SHA256 succeeded > > + TestCase [ 4] : Write record known vector AES-256-CBC-SHA1 succeeded > > + TestCase [ 5] : Write record known vector AES-256-CBC-SHA256 succeeded > > + TestCase [ 6] : Write record known vector 3DES-CBC-SHA1-HMAC > succeeded > > USER1: Cipher crypto capabilities not supported > > + TestCase [ 7] : Write record known vector NULL-SHA1-HMAC skipped > > USER1: Crypto capabilities not supported > > + TestCase [ 8] : Write record known vector CHACHA20-POLY1305 skipped > > + TestCase [ 9] : Read record known vector AES-GCM-128 succeeded > > + TestCase [10] : Read record known vector AES-GCM-256 succeeded > > + TestCase [11] : Read record known vector AES-128-CBC-SHA1 succeeded > > + TestCase [12] : Read record known vector AES-128-CBC-SHA256 succeeded > > + TestCase [13] : Read record known vector AES-256-CBC-SHA1 succeeded > > + TestCase [14] : Read record known vector AES-256-CBC-SHA256 succeeded > > + TestCase [15] : Read record known vector 3DES-CBC-SHA1-HMAC > succeeded > > USER1: Cipher crypto capabilities not supported > > + TestCase [16] : Read record known vector NULL-SHA1-HMAC skipped > > USER1: Crypto capabilities not supported > > + TestCase [17] : Read record known vector CHACHA20-POLY1305 skipped > > 3des-cbc [192] sha1-hmac [20B ICV] > > aes-cbc [128] sha1-hmac [20B ICV] > > aes-cbc [128] sha2-256-hmac [32B ICV] > > aes-cbc [256] sha1-hmac [20B ICV] > > aes-cbc [256] sha2-256-hmac [32B ICV] > > + TestCase [18] : Combined test alg list succeeded > > + TestCase [19] : Multi-segmented mode succeeded > > + ------------------------------------------------------- + > > + Test Suite Summary : DTLS 1.2 Record Protocol Unit Test Suite > > + ------------------------------------------------------- + > > + Tests Total : 20 > > + Tests Skipped : 4 > > + Tests Executed : 20 > > + Tests Unsupported: 0 > > + Tests Passed : 16 > > + Tests Failed : 0 > > + ------------------------------------------------------- + > > > > Akhil Goyal (3): > > test/crypto: add TLS1.2 vectors > > test/crypto: add TLS1.2/DTLS1.2 AES-128/256-GCM vectors > > test/security: add TLS 1.2 and DTLS 1.2 vectors > > > > Anoob Joseph (5): > > test/crypto: move security caps checks to separate file > > test/crypto: move algorithm display routines to common > > test/security: add sha1-hmac to auth list > > test/crypto: add TLS record tests > > test/crypto: add verification of TLS headers > > > > Tejasree Kondoj (2): > > test/crypto: add AES-GCM 128 TLS 1.2 vector > > test/crypto: add multi segmented cases > > > > Vidya Sagar Velumuri (4): > > test/crypto: move algorithm list to common > > test/crypto: move algorithm framework to common > > test/crypto: add combined mode cases > > test/security: add more algos to combined tests > > > > app/test-security-perf/meson.build | 1 + > > app/test-security-perf/test_security_perf.c | 35 +- > > app/test/meson.build | 2 + > > app/test/test_cryptodev.c | 596 ++++++- > > app/test/test_cryptodev.h | 2 + > > app/test/test_cryptodev_security_ipsec.c | 164 +- > > app/test/test_cryptodev_security_ipsec.h | 157 +- > > app/test/test_cryptodev_security_tls_record.c | 327 ++++ > > app/test/test_cryptodev_security_tls_record.h | 101 ++ > > ...yptodev_security_tls_record_test_vectors.h | 1584 +++++++++++++++++ > > app/test/test_security_inline_proto.c | 42 +- > > app/test/test_security_proto.c | 154 ++ > > app/test/test_security_proto.h | 186 ++ > > doc/guides/rel_notes/release_24_03.rst | 4 + > > 14 files changed, 2960 insertions(+), 395 deletions(-) > > create mode 100644 app/test/test_cryptodev_security_tls_record.c > > create mode 100644 app/test/test_cryptodev_security_tls_record.h > > create mode 100644 > > app/test/test_cryptodev_security_tls_record_test_vectors.h > > create mode 100644 app/test/test_security_proto.c > > create mode 100644 app/test/test_security_proto.h > > > Series Acked-by: Akhil Goyal <gakhil@marvell.com> Applied to dpdk-next-crypto Thanks.