diff mbox series

[10/14] test/crypto: add combined mode cases

Message ID	20231207130216.140-11-anoobj@marvell.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Anoob Joseph <anoobj@marvell.com> To: Akhil Goyal <gakhil@marvell.com>, Jerin Jacob <jerinj@marvell.com> CC: Vidya Sagar Velumuri <vvelumuri@marvell.com>, Harry van Haaren <harry.van.haaren@intel.com>, Hemant Agrawal <hemant.agrawal@nxp.com>, Konstantin Ananyev <konstantin.v.ananyev@yandex.ru>, <dev@dpdk.org> Subject: [PATCH 10/14] test/crypto: add combined mode cases Date: Thu, 7 Dec 2023 18:32:12 +0530 Message-ID: <20231207130216.140-11-anoobj@marvell.com> In-Reply-To: <20231207130216.140-1-anoobj@marvell.com> References: <20231207130216.140-1-anoobj@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: list Errors-To: dev-bounces@dpdk.org
Series	Add TLS record test suite \| [00/14] Add TLS record test suite [01/14] test/crypto: move security caps checks to separate file [02/14] test/crypto: move algorithm list to common [03/14] test/crypto: move algorithm display routines to common [04/14] test/security: add sha1-hmac to auth list [05/14] test/crypto: move algorithm framework to common [06/14] test/crypto: add TLS record tests [07/14] test/crypto: add AES-GCM 128 TLS 1.2 vector [08/14] test/crypto: add TLS1.2 vectors [09/14] test/crypto: add TLS1.2/DTLS1.2 AES-128/256-GCM vectors [10/14] test/crypto: add combined mode cases [11/14] test/crypto: add verification of TLS headers [12/14] test/security: add more algos to combined tests [13/14] test/security: add TLS 1.2 and DTLS 1.2 vectors [14/14] test/crypto: add multi segmented cases

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK

Commit Message

Anoob Joseph Dec. 7, 2023, 1:02 p.m. UTC

  From: Vidya Sagar Velumuri <vvelumuri@marvell.com>

Add cases to try TLS record write(encrypt) + read(decrypt) operations.
This is used for testing TLS record features with all algorithms
supported by the security device.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
---
 app/test/test_cryptodev.c                     | 67 ++++++++++++++++++-
 app/test/test_cryptodev_security_tls_record.c | 60 +++++++++++++++++
 app/test/test_cryptodev_security_tls_record.h | 11 +++
 3 files changed, 136 insertions(+), 2 deletions(-)

diff mbox series

Patch

diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 0360f30bd1..6070e7f336 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -11704,6 +11704,7 @@  test_tls_record_proto_process(const struct tls_record_test_data td[],
 	struct rte_security_tls_record_xform tls_record_xform;
 	struct rte_security_capability_idx sec_cap_idx;
 	const struct rte_security_capability *sec_cap;
+	struct tls_record_test_data *res_d_tmp = NULL;
 	enum rte_security_tls_sess_type sess_type;
 	uint8_t dev_id = ts_params->valid_devs[0];
 	struct rte_security_ctx *ctx;
@@ -11841,7 +11842,10 @@  test_tls_record_proto_process(const struct tls_record_test_data td[],
 		if (ret != TEST_SUCCESS)
 			goto crypto_op_free;
 
-		ret = test_tls_record_post_process(ut_params->ibuf, &td[i], NULL, silent);
+		if (res_d != NULL)
+			res_d_tmp = &res_d[i];
+
+		ret = test_tls_record_post_process(ut_params->ibuf, &td[i], res_d_tmp, silent);
 		if (ret != TEST_SUCCESS)
 			goto crypto_op_free;
 
@@ -11864,7 +11868,6 @@  test_tls_record_proto_process(const struct tls_record_test_data td[],
 		rte_security_session_destroy(ctx, ut_params->sec_session);
 	ut_params->sec_session = NULL;
 
-	RTE_SET_USED(res_d);
 	RTE_SET_USED(flags);
 
 	return ret;
@@ -11903,6 +11906,58 @@  test_tls_record_proto_known_vec_read(const void *test_data)
 	return test_tls_record_proto_process(&td_inb, NULL, 1, false, &flags);
 }
 
+static int
+test_tls_record_proto_all(const struct tls_record_test_flags *flags)
+{
+	struct tls_record_test_data td_outb[TEST_SEC_PKTS_MAX];
+	struct tls_record_test_data td_inb[TEST_SEC_PKTS_MAX];
+	unsigned int i, nb_pkts = 1, pass_cnt = 0;
+	int ret;
+
+	for (i = 0; i < RTE_DIM(sec_alg_list); i++) {
+		test_tls_record_td_prepare(sec_alg_list[i].param1, sec_alg_list[i].param2, flags,
+					   td_outb, nb_pkts);
+
+		ret = test_tls_record_proto_process(td_outb, td_inb, nb_pkts, true, flags);
+		if (ret == TEST_SKIPPED)
+			continue;
+
+		if (ret == TEST_FAILED)
+			return TEST_FAILED;
+
+		test_tls_record_td_update(td_inb, td_outb, nb_pkts, flags);
+
+		ret = test_tls_record_proto_process(td_inb, NULL, nb_pkts, true, flags);
+		if (ret == TEST_SKIPPED)
+			continue;
+
+		if (ret == TEST_FAILED)
+			return TEST_FAILED;
+
+		if (flags->display_alg)
+			test_sec_alg_display(sec_alg_list[i].param1, sec_alg_list[i].param2);
+
+		pass_cnt++;
+	}
+
+	if (pass_cnt > 0)
+		return TEST_SUCCESS;
+	else
+		return TEST_SKIPPED;
+}
+
+static int
+test_tls_record_proto_display_list(void)
+{
+	struct tls_record_test_flags flags;
+
+	memset(&flags, 0, sizeof(flags));
+
+	flags.display_alg = true;
+
+	return test_tls_record_proto_all(&flags);
+}
+
 #endif
 
 static int
@@ -16845,6 +16900,10 @@  static struct unit_test_suite tls12_record_proto_testsuite  = {
 			"Read record known vector AES-128-CBC-SHA1",
 			ut_setup_security, ut_teardown,
 			test_tls_record_proto_known_vec_read, &tls_test_data_aes_128_cbc_sha1_hmac),
+		TEST_CASE_NAMED_ST(
+			"Combined test alg list",
+			ut_setup_security, ut_teardown,
+			test_tls_record_proto_display_list),
 		TEST_CASES_END() /**< NULL terminate unit test array */
 	}
 };
@@ -16869,6 +16928,10 @@  static struct unit_test_suite dtls12_record_proto_testsuite  = {
 			"Read record known vector AES-GCM-256",
 			ut_setup_security, ut_teardown,
 			test_tls_record_proto_known_vec_read, &dtls_test_data_aes_256_gcm),
+		TEST_CASE_NAMED_ST(
+			"Combined test alg list",
+			ut_setup_security, ut_teardown,
+			test_tls_record_proto_display_list),
 		TEST_CASES_END() /**< NULL terminate unit test array */
 	}
 };
diff --git a/app/test/test_cryptodev_security_tls_record.c b/app/test/test_cryptodev_security_tls_record.c
index be8f5270cc..6f106050c2 100644
--- a/app/test/test_cryptodev_security_tls_record.c
+++ b/app/test/test_cryptodev_security_tls_record.c
@@ -7,6 +7,7 @@ 
 #include "test.h"
 #include "test_cryptodev_security_tls_record.h"
 #include "test_cryptodev_security_tls_record_test_vectors.h"
+#include "test_security_proto.h"
 
 int
 test_tls_record_status_check(struct rte_crypto_op *op)
@@ -56,6 +57,65 @@  test_tls_record_td_read_from_write(const struct tls_record_test_data *td_out,
 	}
 }
 
+void
+test_tls_record_td_prepare(const struct crypto_param *param1, const struct crypto_param *param2,
+			   const struct tls_record_test_flags *flags,
+			   struct tls_record_test_data *td_array, int nb_td)
+{
+	struct tls_record_test_data *td = NULL;
+	int i;
+
+	memset(td_array, 0, nb_td * sizeof(*td));
+
+	for (i = 0; i < nb_td; i++) {
+		td = &td_array[i];
+
+		/* Prepare fields based on param */
+
+		if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+			/* Copy template for packet & key fields */
+			memcpy(td, &tls_test_data_aes_128_gcm_v1, sizeof(*td));
+
+			td->aead = true;
+			td->xform.aead.aead.algo = param1->alg.aead;
+			td->xform.aead.aead.key.length = param1->key_length;
+			td->xform.aead.aead.digest_length = param1->digest_length;
+		} else {
+			/* Copy template for packet & key fields */
+			memcpy(td, &tls_test_data_aes_128_cbc_sha1_hmac, sizeof(*td));
+
+			td->aead = false;
+			td->xform.chain.cipher.cipher.algo = param1->alg.cipher;
+			td->xform.chain.cipher.cipher.key.length = param1->key_length;
+			td->xform.chain.cipher.cipher.iv.length = param1->iv_length;
+			td->xform.chain.auth.auth.algo = param2->alg.auth;
+			td->xform.chain.auth.auth.key.length = param2->key_length;
+			td->xform.chain.auth.auth.digest_length = param2->digest_length;
+		}
+	}
+
+	RTE_SET_USED(flags);
+}
+
+void
+test_tls_record_td_update(struct tls_record_test_data td_inb[],
+			  const struct tls_record_test_data td_outb[], int nb_td,
+			  const struct tls_record_test_flags *flags)
+{
+	int i;
+
+	for (i = 0; i < nb_td; i++) {
+		memcpy(td_inb[i].output_text.data, td_outb[i].input_text.data,
+		       td_outb[i].input_text.len);
+		td_inb[i].output_text.len = td_outb->input_text.len;
+
+		/* Clear outbound specific flags */
+		td_inb[i].tls_record_xform.options.iv_gen_disable = 0;
+	}
+
+	RTE_SET_USED(flags);
+}
+
 static int
 test_tls_record_td_verify(uint8_t *output_text, uint32_t len, const struct tls_record_test_data *td,
 			 bool silent)
diff --git a/app/test/test_cryptodev_security_tls_record.h b/app/test/test_cryptodev_security_tls_record.h
index 18d689253b..68dd55fef2 100644
--- a/app/test/test_cryptodev_security_tls_record.h
+++ b/app/test/test_cryptodev_security_tls_record.h
@@ -8,6 +8,8 @@ 
 #include <rte_cryptodev.h>
 #include <rte_security.h>
 
+#include "test_security_proto.h"
+
 #define TLS_RECORD_MAX_LEN 16384u
 
 struct tls_record_test_data {
@@ -70,6 +72,15 @@  int test_tls_record_sec_caps_verify(struct rte_security_tls_record_xform *tls_re
 void test_tls_record_td_read_from_write(const struct tls_record_test_data *td_out,
 					struct tls_record_test_data *td_in);
 
+void test_tls_record_td_prepare(const struct crypto_param *param1,
+				const struct crypto_param *param2,
+				const struct tls_record_test_flags *flags,
+				struct tls_record_test_data *td_array, int nb_td);
+
+void test_tls_record_td_update(struct tls_record_test_data td_inb[],
+			       const struct tls_record_test_data td_outb[], int nb_td,
+			       const struct tls_record_test_flags *flags);
+
 int test_tls_record_post_process(const struct rte_mbuf *m, const struct tls_record_test_data *td,
 				 struct tls_record_test_data *res_d, bool silent);