From patchwork Fri Oct 21 07:26:46 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tejasree Kondoj X-Patchwork-Id: 118891 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9B587A0032; Fri, 21 Oct 2022 09:27:33 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id CDCC642BA3; Fri, 21 Oct 2022 09:27:27 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 0506D42B8F for ; Fri, 21 Oct 2022 09:27:24 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29L2C8eh008909; Fri, 21 Oct 2022 00:27:24 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=kn+OtDdTjBMAR0MbnCpVOi1EhaXHovpHMwPyC7Fz6eA=; b=SLreJKSiAmbYuSjfJ0PMtJcc0MRfuGxE3QUK35IbUobVwSTR6eUhFO0xr9/3dB1d8IUZ UGjMBbm6xkSfaqLjDjAPvJfjYfLkAQRB5doDWWqpIIlXAw6bZSBmXRCCzYL6dIbtMj5o mMadSGnFn4pOTq9zgHK8pxlZgD4cnRB53pHTiDXJpyTGz3yudPoXP4x01iEdI9igRm79 bl2czhkCivSDHo6E/ug6r6PtO23vZG0C3aaj8SGcwAbWjPWgEeQXcNuVDnIlZeKa4+yy U6wP/Uyo/TEAc34kdn4XjrT+a/aW3jwL5lk7ZFiajlv9QIUWLwGXPzf1Ez4Bu+Vni1qr fg== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3kb125d6gg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 21 Oct 2022 00:27:24 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Fri, 21 Oct 2022 00:27:21 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Fri, 21 Oct 2022 00:27:21 -0700 Received: from hyd1554.marvell.com (unknown [10.29.57.11]) by maili.marvell.com (Postfix) with ESMTP id 2A8CF5B6961; Fri, 21 Oct 2022 00:26:55 -0700 (PDT) From: Tejasree Kondoj To: Akhil Goyal , Fan Zhang , Ciara Power CC: Vidya Sagar Velumuri , Anoob Joseph , Subject: [PATCH v2 1/6] test/security: add unit tests for DES and 3DES Date: Fri, 21 Oct 2022 12:56:46 +0530 Message-ID: <20221021072651.1985340-2-ktejasree@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221021072651.1985340-1-ktejasree@marvell.com> References: <20221021072651.1985340-1-ktejasree@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: 1MDaliXZAo2EduThNHF3ZfvLIV6LroyI X-Proofpoint-ORIG-GUID: 1MDaliXZAo2EduThNHF3ZfvLIV6LroyI X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-21_03,2022-10-20_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Vidya Sagar Velumuri Add unit test cases and test vectors for DES-CBC and 3DES-CBC. Signed-off-by: Vidya Sagar Velumuri --- app/test/test_cryptodev_security_ipsec.h | 12 + ...st_cryptodev_security_ipsec_test_vectors.h | 876 ++++++++++++++++++ app/test/test_security_inline_proto.c | 89 ++ 3 files changed, 977 insertions(+) diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h index 67b783e637..95e86a05e0 100644 --- a/app/test/test_cryptodev_security_ipsec.h +++ b/app/test/test_cryptodev_security_ipsec.h @@ -150,6 +150,18 @@ static const struct crypto_param cipher_list[] = { .key_length = 0, .iv_length = 0, }, + { + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .alg.cipher = RTE_CRYPTO_CIPHER_DES_CBC, + .key_length = 8, + .iv_length = 8, + }, + { + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .alg.cipher = RTE_CRYPTO_CIPHER_3DES_CBC, + .key_length = 24, + .iv_length = 8, + }, { .type = RTE_CRYPTO_SYM_XFORM_CIPHER, .alg.cipher = RTE_CRYPTO_CIPHER_AES_CBC, diff --git a/app/test/test_cryptodev_security_ipsec_test_vectors.h b/app/test/test_cryptodev_security_ipsec_test_vectors.h index 5f775a241a..18ffceddce 100644 --- a/app/test/test_cryptodev_security_ipsec_test_vectors.h +++ b/app/test/test_cryptodev_security_ipsec_test_vectors.h @@ -955,6 +955,661 @@ struct ipsec_test_data pkt_aes_128_cbc_hmac_sha512 = { }, }; +struct ipsec_test_data pkt_3des_cbc_hmac_sha256 = { + .key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A, + 0x00, 0x04, 0x05, 0x01, 0x23, 0x00, 0x00, 0x00, + }, + }, + .auth_key = { + .data = { + 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00, + 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x0a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + }, + }, + .input_text = { + .data = { + /* IP */ + 0x45, 0x00, 0x00, 0x32, 0x00, 0x01, 0x00, 0x00, + 0x1f, 0x11, 0x17, 0x8b, 0xc0, 0xa8, 0x01, 0x6f, + 0xc0, 0xa8, 0x01, 0x70, + + /* UDP */ + 0x00, 0x09, 0x00, 0x09, 0x00, 0x1e, 0x00, 0x00, + 0xbe, 0x9b, 0xe9, 0x55, 0x00, 0x00, 0x00, 0x21, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + }, + .len = 50, + }, + .output_text = { + .data = { + /* IP - outer header */ + 0x45, 0x00, 0x00, 0x6c, 0x00, 0x01, 0x00, 0x00, + 0x40, 0x32, 0xf7, 0x0b, 0xc0, 0xa8, 0x01, 0x02, + 0xc0, 0xa8, 0x01, 0x01, + + /* ESP */ + 0x00, 0x00, 0x00, 0x34, 0x00, 0x00, 0x00, 0x01, + + /* IV */ + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + + /* Data */ + 0x45, 0x2a, 0x7d, 0xe8, 0x96, 0x8b, 0x6e, 0x9f, + 0x8e, 0xa8, 0x87, 0xf6, 0x12, 0x41, 0x61, 0x6e, + 0x42, 0xae, 0xd4, 0x71, 0x2a, 0x7d, 0xde, 0x46, + 0x24, 0xa7, 0xc8, 0xd1, 0x8a, 0x78, 0x5f, 0xb8, + 0xb1, 0x43, 0xec, 0x3b, 0x95, 0x9c, 0x54, 0x7b, + 0x0c, 0x47, 0x80, 0xfb, 0xff, 0x18, 0x54, 0x87, + 0x16, 0x22, 0x88, 0x06, 0xcf, 0xfd, 0xf6, 0x01, + 0x02, 0x58, 0x94, 0x34, 0xc9, 0xbc, 0xea, 0xb8, + 0xc9, 0x75, 0xf6, 0xc4, 0x8b, 0x46, 0x69, 0x3c, + }, + .len = 108, + }, + .iv = { + .data = { + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + }, + }, + + .ipsec_xform = { + .spi = 52, + .options.esn = 0, + .options.udp_encap = 0, + .options.copy_dscp = 0, + .options.copy_flabel = 0, + .options.copy_df = 0, + .options.dec_ttl = 0, + .options.ecn = 0, + .options.stats = 0, + .options.tunnel_hdr_verify = 0, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4, + .replay_win_sz = 0, + }, + + .aead = false, + + .xform = { + .chain.cipher = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .op = RTE_CRYPTO_CIPHER_OP_ENCRYPT, + .algo = RTE_CRYPTO_CIPHER_3DES_CBC, + .key.length = 24, + .iv.length = 8, + }, + }, + .chain.auth = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .op = RTE_CRYPTO_AUTH_OP_GENERATE, + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .key.length = 32, + .digest_length = 16, + }, + }, + }, +}; + +struct ipsec_test_data pkt_3des_cbc_hmac_sha384 = { + .key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A, + 0x00, 0x04, 0x05, 0x01, 0x23, 0x00, 0x00, 0x00, + }, + }, + .auth_key = { + .data = { + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x0a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00, + 0x00, 0x10, 0x00, 0x00, 0x00, 0x10, 0x00, 0x02, + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x34, + 0x1a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + }, + }, + .input_text = { + .data = { + /* IP */ + 0x45, 0x00, 0x00, 0x32, 0x00, 0x01, 0x00, 0x00, + 0x1f, 0x11, 0x17, 0x8b, 0xc0, 0xa8, 0x01, 0x6f, + 0xc0, 0xa8, 0x01, 0x70, + + /* UDP */ + 0x00, 0x09, 0x00, 0x09, 0x00, 0x1e, 0x00, 0x00, + 0xbe, 0x9b, 0xe9, 0x55, 0x00, 0x00, 0x00, 0x21, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + }, + .len = 50, + }, + .output_text = { + .data = { + /* IP - outer header */ + 0x45, 0x00, 0x00, 0x74, 0x00, 0x01, 0x00, 0x00, + 0x40, 0x32, 0xf7, 0x03, 0xc0, 0xa8, 0x01, 0x02, + 0xc0, 0xa8, 0x01, 0x01, + + /* ESP */ + 0x00, 0x00, 0x00, 0x34, 0x00, 0x00, 0x00, 0x01, + + /* IV */ + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + + /* Data */ + 0x45, 0x2a, 0x7d, 0xe8, 0x96, 0x8b, 0x6e, 0x9f, + 0x8e, 0xa8, 0x87, 0xf6, 0x12, 0x41, 0x61, 0x6e, + 0x42, 0xae, 0xd4, 0x71, 0x2a, 0x7d, 0xde, 0x46, + 0x24, 0xa7, 0xc8, 0xd1, 0x8a, 0x78, 0x5f, 0xb8, + 0xb1, 0x43, 0xec, 0x3b, 0x95, 0x9c, 0x54, 0x7b, + 0x0c, 0x47, 0x80, 0xfb, 0xff, 0x18, 0x54, 0x87, + 0x16, 0x22, 0x88, 0x06, 0xcf, 0xfd, 0xf6, 0x01, + 0x27, 0x34, 0x80, 0xa0, 0xc0, 0xd8, 0x97, 0xa4, + 0x67, 0xf5, 0x6b, 0xd4, 0x2c, 0x74, 0xc4, 0x51, + 0xed, 0x0d, 0xae, 0x23, 0xbb, 0xfa, 0xfb, 0x91, + }, + .len = 116, + }, + .iv = { + .data = { + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + }, + }, + + .ipsec_xform = { + .spi = 52, + .options.esn = 0, + .options.udp_encap = 0, + .options.copy_dscp = 0, + .options.copy_flabel = 0, + .options.copy_df = 0, + .options.dec_ttl = 0, + .options.ecn = 0, + .options.stats = 0, + .options.tunnel_hdr_verify = 0, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4, + .replay_win_sz = 0, + }, + + .aead = false, + + .xform = { + .chain.cipher = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .op = RTE_CRYPTO_CIPHER_OP_ENCRYPT, + .algo = RTE_CRYPTO_CIPHER_3DES_CBC, + .key.length = 24, + .iv.length = 8, + }, + }, + .chain.auth = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .op = RTE_CRYPTO_AUTH_OP_GENERATE, + .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, + .key.length = 48, + .digest_length = 24, + }, + }, + }, +}; + +struct ipsec_test_data pkt_3des_cbc_hmac_sha512 = { + .key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A, + 0x00, 0x04, 0x05, 0x01, 0x23, 0x00, 0x00, 0x00, + }, + }, + .auth_key = { + .data = { + 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00, + 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x0a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00, + 0x00, 0x10, 0x00, 0x00, 0x00, 0x10, 0x00, 0x02, + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x34, + 0x1a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + }, + }, + .input_text = { + .data = { + /* IP */ + 0x45, 0x00, 0x00, 0x32, 0x00, 0x01, 0x00, 0x00, + 0x1f, 0x11, 0x17, 0x8b, 0xc0, 0xa8, 0x01, 0x6f, + 0xc0, 0xa8, 0x01, 0x70, + + /* UDP */ + 0x00, 0x09, 0x00, 0x09, 0x00, 0x1e, 0x00, 0x00, + 0xbe, 0x9b, 0xe9, 0x55, 0x00, 0x00, 0x00, 0x21, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + }, + .len = 50, + }, + .output_text = { + .data = { + /* IP - outer header */ + 0x45, 0x00, 0x00, 0x7c, 0x00, 0x01, 0x00, 0x00, + 0x40, 0x32, 0xf6, 0xfb, 0xc0, 0xa8, 0x01, 0x02, + 0xc0, 0xa8, 0x01, 0x01, + + /* ESP */ + 0x00, 0x00, 0x00, 0x34, 0x00, 0x00, 0x00, 0x01, + + /* IV */ + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + + /* Data */ + 0x45, 0x2a, 0x7d, 0xe8, 0x96, 0x8b, 0x6e, 0x9f, + 0x8e, 0xa8, 0x87, 0xf6, 0x12, 0x41, 0x61, 0x6e, + 0x42, 0xae, 0xd4, 0x71, 0x2a, 0x7d, 0xde, 0x46, + 0x24, 0xa7, 0xc8, 0xd1, 0x8a, 0x78, 0x5f, 0xb8, + 0xb1, 0x43, 0xec, 0x3b, 0x95, 0x9c, 0x54, 0x7b, + 0x0c, 0x47, 0x80, 0xfb, 0xff, 0x18, 0x54, 0x87, + 0x16, 0x22, 0x88, 0x06, 0xcf, 0xfd, 0xf6, 0x01, + 0xe7, 0x32, 0x8b, 0x4c, 0x9f, 0xe4, 0x54, 0x0d, + 0x37, 0xec, 0xaa, 0x4b, 0x2a, 0x32, 0xfc, 0x4c, + 0x04, 0xeb, 0x26, 0x53, 0x24, 0x4c, 0xcc, 0xf7, + 0xeb, 0x24, 0x76, 0x42, 0xb4, 0x0c, 0xbc, 0xd4, + }, + .len = 124, + }, + .iv = { + .data = { + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + }, + }, + + .ipsec_xform = { + .spi = 52, + .options.esn = 0, + .options.udp_encap = 0, + .options.copy_dscp = 0, + .options.copy_flabel = 0, + .options.copy_df = 0, + .options.dec_ttl = 0, + .options.ecn = 0, + .options.stats = 0, + .options.tunnel_hdr_verify = 0, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4, + .replay_win_sz = 0, + }, + + .aead = false, + + .xform = { + .chain.cipher = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .op = RTE_CRYPTO_CIPHER_OP_ENCRYPT, + .algo = RTE_CRYPTO_CIPHER_3DES_CBC, + .key.length = 24, + .iv.length = 8, + }, + }, + .chain.auth = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .op = RTE_CRYPTO_AUTH_OP_GENERATE, + .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, + .key.length = 64, + .digest_length = 32, + }, + }, + }, +}; + +struct ipsec_test_data pkt_des_cbc_hmac_sha256 = { + .key = { + .data = { + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A, + }, + }, + .auth_key = { + .data = { + 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00, + 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x0a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + }, + }, + .input_text = { + .data = { + /* IP */ + 0x45, 0x00, 0x00, 0x32, 0x00, 0x01, 0x00, 0x00, + 0x1f, 0x11, 0x17, 0x8b, 0xc0, 0xa8, 0x01, 0x6f, + 0xc0, 0xa8, 0x01, 0x70, + + /* UDP */ + 0x00, 0x09, 0x00, 0x09, 0x00, 0x1e, 0x00, 0x00, + 0xbe, 0x9b, 0xe9, 0x55, 0x00, 0x00, 0x00, 0x21, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + }, + .len = 50, + }, + .output_text = { + .data = { + /* IP - outer header */ + 0x45, 0x00, 0x00, 0x6c, 0x00, 0x01, 0x00, 0x00, + 0x40, 0x32, 0xf7, 0x0b, 0xc0, 0xa8, 0x01, 0x02, + 0xc0, 0xa8, 0x01, 0x01, + + /* ESP */ + 0x00, 0x00, 0x00, 0x3a, 0x00, 0x00, 0x00, 0x01, + + /* IV */ + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + + /* Data */ + 0xdd, 0x13, 0x10, 0x3c, 0xe4, 0xb9, 0xce, 0x12, + 0x73, 0x4c, 0x97, 0x00, 0x28, 0xf7, 0xa4, 0x5e, + 0x02, 0x17, 0xe1, 0xc6, 0x09, 0x20, 0x90, 0xe3, + 0xb6, 0x9c, 0x25, 0x6d, 0x62, 0x06, 0x60, 0x90, + 0x91, 0x76, 0x94, 0xd8, 0x57, 0x56, 0xcb, 0xdd, + 0x62, 0x99, 0x99, 0x98, 0xd0, 0x3a, 0x99, 0x71, + 0x64, 0xcb, 0x79, 0x0c, 0x89, 0xa2, 0xf6, 0x12, + 0x1f, 0x09, 0xf8, 0x36, 0x8f, 0x5e, 0x31, 0x93, + 0x0a, 0xa0, 0x48, 0xee, 0x61, 0x21, 0xb5, 0x3d, + }, + .len = 108, + }, + .iv = { + .data = { + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + }, + }, + + .ipsec_xform = { + .spi = 58, + .options.esn = 0, + .options.udp_encap = 0, + .options.copy_dscp = 0, + .options.copy_flabel = 0, + .options.copy_df = 0, + .options.dec_ttl = 0, + .options.ecn = 0, + .options.stats = 0, + .options.tunnel_hdr_verify = 0, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4, + .replay_win_sz = 0, + }, + + .aead = false, + + .xform = { + .chain.cipher = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .op = RTE_CRYPTO_CIPHER_OP_ENCRYPT, + .algo = RTE_CRYPTO_CIPHER_DES_CBC, + .key.length = 8, + .iv.length = 8, + }, + }, + .chain.auth = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .op = RTE_CRYPTO_AUTH_OP_GENERATE, + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .key.length = 32, + .digest_length = 16, + }, + }, + }, +}; + +struct ipsec_test_data pkt_des_cbc_hmac_sha384 = { + .key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + }, + }, + .auth_key = { + .data = { + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x0a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00, + 0x00, 0x10, 0x00, 0x00, 0x00, 0x10, 0x00, 0x02, + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x34, + 0x1a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + }, + }, + .input_text = { + .data = { + /* IP */ + 0x45, 0x00, 0x00, 0x32, 0x00, 0x01, 0x00, 0x00, + 0x1f, 0x11, 0x17, 0x8b, 0xc0, 0xa8, 0x01, 0x6f, + 0xc0, 0xa8, 0x01, 0x70, + + /* UDP */ + 0x00, 0x09, 0x00, 0x09, 0x00, 0x1e, 0x00, 0x00, + 0xbe, 0x9b, 0xe9, 0x55, 0x00, 0x00, 0x00, 0x21, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + }, + .len = 50, + }, + .output_text = { + .data = { + /* IP - outer header */ + 0x45, 0x00, 0x00, 0x74, 0x00, 0x01, 0x00, 0x00, + 0x40, 0x32, 0xf7, 0x03, 0xc0, 0xa8, 0x01, 0x02, + 0xc0, 0xa8, 0x01, 0x01, + + /* ESP */ + 0x00, 0x00, 0x00, 0x3a, 0x00, 0x00, 0x00, 0x01, + + /* IV */ + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + + /* Data */ + 0x80, 0x6a, 0xcd, 0x35, 0x95, 0x6c, 0x04, 0x66, + 0x4c, 0x04, 0xeb, 0xdb, 0x85, 0xc8, 0xf9, 0x56, + 0xe7, 0x01, 0x17, 0x97, 0xc4, 0xa5, 0xa4, 0xfe, + 0xa0, 0x81, 0x62, 0xda, 0xb2, 0xc0, 0xcf, 0x21, + 0x54, 0x0c, 0x38, 0xcf, 0xca, 0x41, 0x20, 0x5f, + 0xed, 0xc3, 0xe3, 0x59, 0xc4, 0x2f, 0x5e, 0xf7, + 0xdd, 0x16, 0x15, 0xd2, 0x00, 0xe8, 0x60, 0xc6, + 0xd8, 0x73, 0xf0, 0xb1, 0x89, 0xc4, 0xb2, 0x65, + 0xe2, 0xbf, 0xeb, 0xd8, 0x1d, 0x0a, 0xae, 0x2c, + 0x4d, 0xd3, 0x59, 0x30, 0x5e, 0x47, 0xb9, 0xcc, + }, + .len = 116, + }, + .iv = { + .data = { + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + }, + }, + + .ipsec_xform = { + .spi = 58, + .options.esn = 0, + .options.udp_encap = 0, + .options.copy_dscp = 0, + .options.copy_flabel = 0, + .options.copy_df = 0, + .options.dec_ttl = 0, + .options.ecn = 0, + .options.stats = 0, + .options.tunnel_hdr_verify = 0, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4, + .replay_win_sz = 0, + }, + + .aead = false, + + .xform = { + .chain.cipher = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .op = RTE_CRYPTO_CIPHER_OP_ENCRYPT, + .algo = RTE_CRYPTO_CIPHER_DES_CBC, + .key.length = 8, + .iv.length = 8, + }, + }, + .chain.auth = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .op = RTE_CRYPTO_AUTH_OP_GENERATE, + .algo = RTE_CRYPTO_AUTH_SHA384_HMAC, + .key.length = 48, + .digest_length = 24, + }, + }, + }, +}; + +struct ipsec_test_data pkt_des_cbc_hmac_sha512 = { + .key = { + .data = { + 0x00, 0x04, 0x05, 0x01, 0x23, 0x00, 0x00, 0x00, + }, + }, + .auth_key = { + .data = { + 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00, + 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x0a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00, + 0x00, 0x10, 0x00, 0x00, 0x00, 0x10, 0x00, 0x02, + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x34, + 0x1a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + }, + }, + .input_text = { + .data = { + /* IP */ + 0x45, 0x00, 0x00, 0x32, 0x00, 0x01, 0x00, 0x00, + 0x1f, 0x11, 0x17, 0x8b, 0xc0, 0xa8, 0x01, 0x6f, + 0xc0, 0xa8, 0x01, 0x70, + + /* UDP */ + 0x00, 0x09, 0x00, 0x09, 0x00, 0x1e, 0x00, 0x00, + 0xbe, 0x9b, 0xe9, 0x55, 0x00, 0x00, 0x00, 0x21, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + }, + .len = 50, + }, + .output_text = { + .data = { + /* IP - outer header */ + 0x45, 0x00, 0x00, 0x7c, 0x00, 0x01, 0x00, 0x00, + 0x40, 0x32, 0xf6, 0xfb, 0xc0, 0xa8, 0x01, 0x02, + 0xc0, 0xa8, 0x01, 0x01, + + /* ESP */ + 0x00, 0x00, 0x00, 0x34, 0x00, 0x00, 0x00, 0x01, + + /* IV */ + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + + /* Data */ + 0x54, 0xe6, 0xf3, 0xd4, 0x25, 0x1c, 0x57, 0xd0, + 0x55, 0x7d, 0x52, 0xd3, 0xcb, 0x65, 0x57, 0x37, + 0xd9, 0x83, 0x37, 0x69, 0x95, 0xa7, 0x2b, 0xc2, + 0x65, 0x9e, 0xf6, 0xc8, 0xca, 0x6a, 0x9d, 0x51, + 0xde, 0xbe, 0x45, 0x58, 0x72, 0x58, 0x92, 0x49, + 0x15, 0x02, 0xae, 0x38, 0xb5, 0xf7, 0xcc, 0x6d, + 0xe5, 0x95, 0x21, 0xf1, 0xda, 0x69, 0x93, 0x76, + 0x6c, 0x85, 0x42, 0xef, 0xb1, 0xd4, 0xae, 0x32, + 0x88, 0x73, 0x1a, 0x59, 0xf9, 0xe5, 0x4b, 0x1c, + 0xc0, 0x32, 0x07, 0x78, 0xaf, 0x09, 0xfd, 0x15, + 0x3e, 0xad, 0x9d, 0x8a, 0xa5, 0x0f, 0xd4, 0x66, + + }, + .len = 124, + }, + .iv = { + .data = { + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + }, + }, + + .ipsec_xform = { + .spi = 52, + .options.esn = 0, + .options.udp_encap = 0, + .options.copy_dscp = 0, + .options.copy_flabel = 0, + .options.copy_df = 0, + .options.dec_ttl = 0, + .options.ecn = 0, + .options.stats = 0, + .options.tunnel_hdr_verify = 0, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4, + .replay_win_sz = 0, + }, + + .aead = false, + + .xform = { + .chain.cipher = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .op = RTE_CRYPTO_CIPHER_OP_ENCRYPT, + .algo = RTE_CRYPTO_CIPHER_DES_CBC, + .key.length = 8, + .iv.length = 8, + }, + }, + .chain.auth = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .op = RTE_CRYPTO_AUTH_OP_GENERATE, + .algo = RTE_CRYPTO_AUTH_SHA512_HMAC, + .key.length = 64, + .digest_length = 32, + }, + }, + }, +}; + struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256_v6 = { .key = { .data = { @@ -1060,6 +1715,227 @@ struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256_v6 = { }, }; +struct ipsec_test_data pkt_3des_cbc_hmac_sha256_v6 = { + .key = { + .data = { + 0xE4, 0x23, 0x33, 0x8A, 0x35, 0x64, 0x61, 0xE2, + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A, + 0x00, 0x04, 0x05, 0x01, 0x23, 0x00, 0x00, 0x00, + }, + }, + .auth_key = { + .data = { + 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00, + 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x0a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + }, + }, + .input_text = { + .data = { + 0x60, 0x00, 0x00, 0x00, 0x00, 0x20, 0x06, 0x38, + 0x26, 0x07, 0xf8, 0xb0, 0x40, 0x0c, 0x0c, 0x03, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1a, + 0x20, 0x01, 0x04, 0x70, 0xe5, 0xbf, 0xde, 0xad, + 0x49, 0x57, 0x21, 0x74, 0xe8, 0x2c, 0x48, 0x87, + 0x00, 0x19, 0xf9, 0xc7, 0x95, 0x63, 0x97, 0x9c, + 0x03, 0xa0, 0x88, 0x31, 0x80, 0x12, 0xa7, 0xd6, + 0x25, 0x83, 0x00, 0x00, 0x02, 0x04, 0x05, 0x6a, + 0x01, 0x01, 0x04, 0x02, 0x01, 0x03, 0x03, 0x07, + }, + .len = 72, + }, + .output_text = { + .data = { + /* IP - outer header */ + 0x60, 0x00, 0x00, 0x00, 0x00, 0x70, 0x32, 0x40, + 0x0c, 0x03, 0x40, 0x0c, 0xf8, 0xb0, 0x26, 0x07, + 0x00, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xde, 0xad, 0xe5, 0xbf, 0x04, 0x70, 0x20, 0x01, + 0x48, 0x87, 0xe8, 0x2c, 0x21, 0x74, 0x49, 0x57, + + /* ESP */ + 0x00, 0x00, 0x00, 0x34, 0x00, 0x00, 0x00, 0x01, + + /* IV */ + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + + /* Data */ + 0xf9, 0x99, 0x5b, 0x32, 0xfc, 0x7d, 0x0f, 0xcb, + 0x25, 0x0c, 0x9f, 0x11, 0xc5, 0xc7, 0x5e, 0x46, + 0x1d, 0x01, 0x2f, 0xd5, 0xb3, 0x6b, 0x02, 0x30, + 0x8a, 0x0c, 0x85, 0xa9, 0xca, 0x87, 0x6f, 0x17, + 0x3f, 0xb0, 0x03, 0x6c, 0xa5, 0x16, 0x1d, 0x1e, + 0x67, 0x5e, 0x70, 0x1a, 0x76, 0xe7, 0x12, 0x0e, + 0x19, 0x2b, 0x5d, 0xe3, 0x4c, 0x51, 0xb3, 0x3a, + 0x1b, 0x7e, 0xd0, 0x21, 0x76, 0x44, 0xcd, 0xb0, + 0xe8, 0x6d, 0xe3, 0x92, 0xad, 0xa1, 0xad, 0x26, + 0x9c, 0xec, 0x2a, 0x65, 0x51, 0xd4, 0xa4, 0xa9, + 0x97, 0x5b, 0x1e, 0xdd, 0x24, 0x47, 0x16, 0x3a, + 0x2d, 0xf3, 0x80, 0x50, 0xd5, 0xbd, 0x4a, 0x98, + }, + .len = 152, + }, + .iv = { + .data = { + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + }, + }, + + .ipsec_xform = { + .spi = 52, + .options.esn = 0, + .options.udp_encap = 0, + .options.copy_dscp = 0, + .options.copy_flabel = 0, + .options.copy_df = 0, + .options.dec_ttl = 0, + .options.ecn = 0, + .options.stats = 0, + .options.tunnel_hdr_verify = 0, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV6, + .replay_win_sz = 0, + }, + + .aead = false, + + .xform = { + .chain.cipher = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .op = RTE_CRYPTO_CIPHER_OP_ENCRYPT, + .algo = RTE_CRYPTO_CIPHER_3DES_CBC, + .key.length = 24, + .iv.length = 8, + }, + }, + .chain.auth = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .op = RTE_CRYPTO_AUTH_OP_GENERATE, + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .key.length = 32, + .digest_length = 16, + }, + }, + }, +}; + +struct ipsec_test_data pkt_des_cbc_hmac_sha256_v6 = { + .key = { + .data = { + 0x49, 0x03, 0xDD, 0xC6, 0xB8, 0xCA, 0x55, 0x7A, + }, + }, + .auth_key = { + .data = { + 0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00, + 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04, + 0x0a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08, + }, + }, + .input_text = { + .data = { + 0x60, 0x00, 0x00, 0x00, 0x00, 0x20, 0x06, 0x38, + 0x26, 0x07, 0xf8, 0xb0, 0x40, 0x0c, 0x0c, 0x03, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1a, + 0x20, 0x01, 0x04, 0x70, 0xe5, 0xbf, 0xde, 0xad, + 0x49, 0x57, 0x21, 0x74, 0xe8, 0x2c, 0x48, 0x87, + 0x00, 0x19, 0xf9, 0xc7, 0x95, 0x63, 0x97, 0x9c, + 0x03, 0xa0, 0x88, 0x31, 0x80, 0x12, 0xa7, 0xd6, + 0x25, 0x83, 0x00, 0x00, 0x02, 0x04, 0x05, 0x6a, + 0x01, 0x01, 0x04, 0x02, 0x01, 0x03, 0x03, 0x07, + }, + .len = 72, + }, + .output_text = { + .data = { + /* IP - outer header */ + 0x60, 0x00, 0x00, 0x00, 0x00, 0x70, 0x32, 0x40, + 0x0c, 0x03, 0x40, 0x0c, 0xf8, 0xb0, 0x26, 0x07, + 0x00, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xde, 0xad, 0xe5, 0xbf, 0x04, 0x70, 0x20, 0x01, + 0x48, 0x87, 0xe8, 0x2c, 0x21, 0x74, 0x49, 0x57, + + /* ESP */ + 0x00, 0x00, 0x00, 0x3a, 0x00, 0x00, 0x00, 0x01, + + /* IV */ + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + + /* Data */ + 0x6e, 0xf8, 0x1e, 0x91, 0x77, 0x7f, 0x61, 0x77, + 0xcd, 0x1a, 0x9d, 0xb4, 0x4c, 0xf8, 0x9a, 0x89, + 0xa7, 0x7a, 0xf8, 0x2a, 0x2e, 0x54, 0xa5, 0x0a, + 0xe3, 0x60, 0xb9, 0x21, 0xe1, 0xc6, 0x7f, 0x56, + 0x92, 0x76, 0xc3, 0x33, 0x95, 0x93, 0x0d, 0xb8, + 0xce, 0xb9, 0x0e, 0x32, 0xe6, 0xf1, 0x86, 0x81, + 0x73, 0xc9, 0x62, 0x2e, 0x5d, 0x9b, 0xb4, 0xd5, + 0x68, 0xda, 0xb1, 0x87, 0x78, 0x22, 0xc0, 0x9a, + 0x1c, 0xa1, 0x53, 0x1b, 0x67, 0xea, 0x6d, 0x58, + 0x1a, 0xd8, 0xc3, 0x95, 0xa0, 0xc3, 0x7a, 0xb6, + 0xfe, 0xb1, 0x49, 0xa8, 0xad, 0x1a, 0x21, 0xc2, + 0x01, 0x42, 0xa6, 0xf2, 0x3d, 0x7f, 0xb0, 0x6d, + + }, + .len = 152, + }, + .iv = { + .data = { + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + }, + }, + + .ipsec_xform = { + .spi = 58, + .options.esn = 0, + .options.udp_encap = 0, + .options.copy_dscp = 0, + .options.copy_flabel = 0, + .options.copy_df = 0, + .options.dec_ttl = 0, + .options.ecn = 0, + .options.stats = 0, + .options.tunnel_hdr_verify = 0, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV6, + .replay_win_sz = 0, + }, + + .aead = false, + + .xform = { + .chain.cipher = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .op = RTE_CRYPTO_CIPHER_OP_ENCRYPT, + .algo = RTE_CRYPTO_CIPHER_DES_CBC, + .key.length = 8, + .iv.length = 8, + }, + }, + .chain.auth = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .op = RTE_CRYPTO_AUTH_OP_GENERATE, + .algo = RTE_CRYPTO_AUTH_SHA256_HMAC, + .key.length = 32, + .digest_length = 16, + }, + }, + }, +}; + struct ipsec_test_data pkt_aes_128_gcm_frag = { .key = { .data = { diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c index 19297d3628..289778d9be 100644 --- a/app/test/test_security_inline_proto.c +++ b/app/test/test_security_inline_proto.c @@ -63,6 +63,14 @@ extern struct ipsec_test_data pkt_aes_128_cbc_null; extern struct ipsec_test_data pkt_null_aes_xcbc; extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha384; extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha512; +extern struct ipsec_test_data pkt_3des_cbc_hmac_sha256; +extern struct ipsec_test_data pkt_3des_cbc_hmac_sha384; +extern struct ipsec_test_data pkt_3des_cbc_hmac_sha512; +extern struct ipsec_test_data pkt_3des_cbc_hmac_sha256_v6; +extern struct ipsec_test_data pkt_des_cbc_hmac_sha256; +extern struct ipsec_test_data pkt_des_cbc_hmac_sha384; +extern struct ipsec_test_data pkt_des_cbc_hmac_sha512; +extern struct ipsec_test_data pkt_des_cbc_hmac_sha256_v6; static struct rte_mempool *mbufpool; static struct rte_mempool *sess_pool; @@ -2584,6 +2592,21 @@ static struct unit_test_suite inline_ipsec_testsuite = { ut_setup_inline_ipsec, ut_teardown_inline_ipsec, test_ipsec_inline_proto_known_vec, &pkt_aes_128_cbc_hmac_sha512), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 3DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec, + &pkt_3des_cbc_hmac_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 3DES-CBC HMAC-SHA384 [24B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec, + &pkt_3des_cbc_hmac_sha384), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 3DES-CBC HMAC-SHA512 [32B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec, + &pkt_3des_cbc_hmac_sha512), TEST_CASE_NAMED_WITH_DATA( "Outbound known vector (ESP tunnel mode IPv6 AES-GCM 128)", ut_setup_inline_ipsec, ut_teardown_inline_ipsec, @@ -2593,11 +2616,36 @@ static struct unit_test_suite inline_ipsec_testsuite = { ut_setup_inline_ipsec, ut_teardown_inline_ipsec, test_ipsec_inline_proto_known_vec, &pkt_aes_128_cbc_hmac_sha256_v6), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv6 3DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec, + &pkt_3des_cbc_hmac_sha256_v6), TEST_CASE_NAMED_WITH_DATA( "Outbound known vector (ESP tunnel mode IPv4 NULL AES-XCBC-MAC [12B ICV])", ut_setup_inline_ipsec, ut_teardown_inline_ipsec, test_ipsec_inline_proto_known_vec, &pkt_null_aes_xcbc), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec, + &pkt_des_cbc_hmac_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA384 [24B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec, + &pkt_des_cbc_hmac_sha384), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA512 [32B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec, + &pkt_des_cbc_hmac_sha512), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv6 DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec, + &pkt_des_cbc_hmac_sha256_v6), TEST_CASE_NAMED_WITH_DATA( "Outbound fragmented packet", @@ -2636,6 +2684,21 @@ static struct unit_test_suite inline_ipsec_testsuite = { ut_setup_inline_ipsec, ut_teardown_inline_ipsec, test_ipsec_inline_proto_known_vec_inb, &pkt_aes_128_cbc_hmac_sha512), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 3DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec_inb, + &pkt_3des_cbc_hmac_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 3DES-CBC HMAC-SHA384 [24B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec_inb, + &pkt_3des_cbc_hmac_sha384), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 3DES-CBC HMAC-SHA512 [32B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec_inb, + &pkt_3des_cbc_hmac_sha512), TEST_CASE_NAMED_WITH_DATA( "Inbound known vector (ESP tunnel mode IPv6 AES-GCM 128)", ut_setup_inline_ipsec, ut_teardown_inline_ipsec, @@ -2645,11 +2708,37 @@ static struct unit_test_suite inline_ipsec_testsuite = { ut_setup_inline_ipsec, ut_teardown_inline_ipsec, test_ipsec_inline_proto_known_vec_inb, &pkt_aes_128_cbc_hmac_sha256_v6), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv6 3DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec_inb, + &pkt_3des_cbc_hmac_sha256_v6), TEST_CASE_NAMED_WITH_DATA( "Inbound known vector (ESP tunnel mode IPv4 NULL AES-XCBC-MAC [12B ICV])", ut_setup_inline_ipsec, ut_teardown_inline_ipsec, test_ipsec_inline_proto_known_vec_inb, &pkt_null_aes_xcbc), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec_inb, + &pkt_des_cbc_hmac_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA384 [24B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec_inb, + &pkt_des_cbc_hmac_sha384), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA512 [32B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec_inb, + &pkt_des_cbc_hmac_sha512), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv6 DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec_inb, + &pkt_des_cbc_hmac_sha256_v6), + TEST_CASE_NAMED_ST( "Combined test alg list", From patchwork Fri Oct 21 07:26:47 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tejasree Kondoj X-Patchwork-Id: 118890 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 10ABFA0032; Fri, 21 Oct 2022 09:27:28 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id EB7B042B90; Fri, 21 Oct 2022 09:27:26 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id D63D442B8A for ; Fri, 21 Oct 2022 09:27:24 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29L1fGCE009605; Fri, 21 Oct 2022 00:27:24 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=GgCNtRA5IaqLGyPakQEr6554mxUNbd9Bbt0DIHUSlKk=; b=QcWZIJ2xPT+KIVaHj2GuXA88MYvjZDPg+24xsH2sL4Tv8u2lK18f32nw6gYJO2wOJsq4 NMXT1UCjDGh4xDEqsI75Dzndc4sTOfb5AmqOxDLW6hBI31SXOowPcAG5e9PFBx5OAC70 rP3aY9/uX/BMGlsw2RzaxwTzjw2jGH92S33G0Wa3OBe5YwZqLr7BQYLPxNmo/ok5nADD L1QW1AbYeBXX55HshJbQHcPi57Hv5RXFWWhBJuVugX7b71Y2Iz+PVtrhc19+lm+sQ6t8 i9T6leciLxaOpNadwatEprAE2Sr+EjAHkcQZ7pSSKZIruzjYwqFRsnkhr4HWCL7EzwPt aA== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3kb125d6gh-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 21 Oct 2022 00:27:24 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 21 Oct 2022 00:27:22 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Fri, 21 Oct 2022 00:27:22 -0700 Received: from hyd1554.marvell.com (unknown [10.29.57.11]) by maili.marvell.com (Postfix) with ESMTP id 721395B6989; Fri, 21 Oct 2022 00:26:59 -0700 (PDT) From: Tejasree Kondoj To: Akhil Goyal , Fan Zhang , Ciara Power CC: Vidya Sagar Velumuri , Anoob Joseph , Subject: [PATCH v2 2/6] test/security: add unit tests for auth algo MD5 Date: Fri, 21 Oct 2022 12:56:47 +0530 Message-ID: <20221021072651.1985340-3-ktejasree@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221021072651.1985340-1-ktejasree@marvell.com> References: <20221021072651.1985340-1-ktejasree@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: F7KKNjkZdGbkI4yJKIjcJc0Y0YRPGLZ5 X-Proofpoint-ORIG-GUID: F7KKNjkZdGbkI4yJKIjcJc0Y0YRPGLZ5 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-21_03,2022-10-20_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Vidya Sagar Velumuri Add unit test cases for MD5 auth algo. Add the test vectors for MD5 auth algo. Signed-off-by: Vidya Sagar Velumuri --- app/test/test_cryptodev_security_ipsec.h | 6 + ...st_cryptodev_security_ipsec_test_vectors.h | 107 ++++++++++++++++++ app/test/test_security_inline_proto.c | 11 ++ 3 files changed, 124 insertions(+) diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h index 95e86a05e0..b98f4741b2 100644 --- a/app/test/test_cryptodev_security_ipsec.h +++ b/app/test/test_cryptodev_security_ipsec.h @@ -193,6 +193,12 @@ static const struct crypto_param auth_list[] = { .type = RTE_CRYPTO_SYM_XFORM_AUTH, .alg.auth = RTE_CRYPTO_AUTH_NULL, }, + { + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .alg.auth = RTE_CRYPTO_AUTH_MD5_HMAC, + .key_length = 16, + .digest_length = 12, + }, { .type = RTE_CRYPTO_SYM_XFORM_AUTH, .alg.auth = RTE_CRYPTO_AUTH_SHA256_HMAC, diff --git a/app/test/test_cryptodev_security_ipsec_test_vectors.h b/app/test/test_cryptodev_security_ipsec_test_vectors.h index 18ffceddce..2686bbeb62 100644 --- a/app/test/test_cryptodev_security_ipsec_test_vectors.h +++ b/app/test/test_cryptodev_security_ipsec_test_vectors.h @@ -633,6 +633,113 @@ struct ipsec_test_data pkt_aes_256_gcm_v6 = { }, }; +struct ipsec_test_data pkt_aes_128_cbc_md5 = { + .key = { + .data = { + 0x00, 0x04, 0x05, 0x01, 0x23, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x0a, 0x0b, 0x0c, 0x0f, 0x00, 0x00, + }, + }, + .auth_key = { + .data = { + 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, + 0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04, + }, + }, + .input_text = { + .data = { + /* IP */ + 0x45, 0x00, 0x00, 0x32, 0x00, 0x01, 0x00, 0x00, + 0x1f, 0x11, 0x17, 0x8b, 0xc0, 0xa8, 0x01, 0x6f, + 0xc0, 0xa8, 0x01, 0x70, + + /* UDP */ + 0x00, 0x09, 0x00, 0x09, 0x00, 0x1e, 0x00, 0x00, + 0xbe, 0x9b, 0xe9, 0x55, 0x00, 0x00, 0x00, 0x21, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + }, + .len = 50, + }, + .output_text = { + .data = { + /* IP - outer header */ + 0x45, 0x00, 0x00, 0x78, 0x00, 0x01, 0x00, 0x00, + 0x40, 0x32, 0x52, 0x51, 0x14, 0x00, 0x00, 0x01, + 0x14, 0x00, 0x00, 0x02, + + /* ESP */ + 0x00, 0x00, 0x00, 0x3c, 0x00, 0x00, 0x00, 0x01, + + /* IV */ + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + 0x20, 0xbf, 0xe8, 0x39, 0x00, 0x00, 0x00, 0x00, + + /* Data */ + 0x67, 0xb5, 0x46, 0x6e, 0x78, 0x17, 0xd3, 0x5a, + 0xac, 0x62, 0x62, 0x62, 0xb0, 0x57, 0x9b, 0x09, + 0x19, 0x4f, 0x06, 0x59, 0xc8, 0xb0, 0x30, 0x65, + 0x1f, 0x45, 0x57, 0x41, 0x72, 0x17, 0x28, 0xe9, + 0xad, 0x50, 0xbe, 0x44, 0x1d, 0x2d, 0x9a, 0xd0, + 0x48, 0x75, 0x0d, 0x1c, 0x8d, 0x24, 0xa8, 0x6f, + 0x6b, 0x24, 0xb6, 0x5d, 0x43, 0x1e, 0x55, 0xf0, + 0xf7, 0x14, 0x1f, 0xf2, 0x61, 0xd4, 0xe0, 0x30, + 0xff, 0xd7, 0x3f, 0xb4, 0x7c, 0x30, 0xdb, 0xeb, + 0xf3, 0x95, 0xbf, 0xcd, + }, + .len = 120, + }, + .iv = { + .data = { + 0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00, + 0x20, 0xbf, 0xe8, 0x39, 0x00, 0x00, 0x00, 0x00, + }, + }, + + .ipsec_xform = { + .spi = 60, + .options.esn = 0, + .options.udp_encap = 0, + .options.copy_dscp = 0, + .options.copy_flabel = 0, + .options.copy_df = 0, + .options.dec_ttl = 0, + .options.ecn = 0, + .options.stats = 0, + .options.tunnel_hdr_verify = 0, + .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, + .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, + .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, + .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4, + .replay_win_sz = 0, + }, + + .aead = false, + + .xform = { + .chain.cipher = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .cipher = { + .op = RTE_CRYPTO_CIPHER_OP_ENCRYPT, + .algo = RTE_CRYPTO_CIPHER_AES_CBC, + .key.length = 16, + .iv.length = 16, + }, + }, + .chain.auth = { + .next = NULL, + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .auth = { + .op = RTE_CRYPTO_AUTH_OP_GENERATE, + .algo = RTE_CRYPTO_AUTH_MD5_HMAC, + .key.length = 16, + .digest_length = 12, + }, + }, + }, +}; + struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256 = { .key = { .data = { diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c index 289778d9be..feef54f538 100644 --- a/app/test/test_security_inline_proto.c +++ b/app/test/test_security_inline_proto.c @@ -71,6 +71,7 @@ extern struct ipsec_test_data pkt_des_cbc_hmac_sha256; extern struct ipsec_test_data pkt_des_cbc_hmac_sha384; extern struct ipsec_test_data pkt_des_cbc_hmac_sha512; extern struct ipsec_test_data pkt_des_cbc_hmac_sha256_v6; +extern struct ipsec_test_data pkt_aes_128_cbc_md5; static struct rte_mempool *mbufpool; static struct rte_mempool *sess_pool; @@ -2577,6 +2578,11 @@ static struct unit_test_suite inline_ipsec_testsuite = { "Outbound known vector (ESP tunnel mode IPv4 AES-GCM 256)", ut_setup_inline_ipsec, ut_teardown_inline_ipsec, test_ipsec_inline_proto_known_vec, &pkt_aes_256_gcm), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 AES-CBC MD5 [12B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec, + &pkt_aes_128_cbc_md5), TEST_CASE_NAMED_WITH_DATA( "Outbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA256 [16B ICV])", ut_setup_inline_ipsec, ut_teardown_inline_ipsec, @@ -2669,6 +2675,11 @@ static struct unit_test_suite inline_ipsec_testsuite = { "Inbound known vector (ESP tunnel mode IPv4 AES-CBC 128)", ut_setup_inline_ipsec, ut_teardown_inline_ipsec, test_ipsec_inline_proto_known_vec_inb, &pkt_aes_128_cbc_null), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 AES-CBC MD5 [12B ICV])", + ut_setup_inline_ipsec, ut_teardown_inline_ipsec, + test_ipsec_inline_proto_known_vec_inb, + &pkt_aes_128_cbc_md5), TEST_CASE_NAMED_WITH_DATA( "Inbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA256 [16B ICV])", ut_setup_inline_ipsec, ut_teardown_inline_ipsec, From patchwork Fri Oct 21 07:26:48 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tejasree Kondoj X-Patchwork-Id: 118893 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id BB01BA0032; Fri, 21 Oct 2022 09:27:45 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 8E52A42BB6; Fri, 21 Oct 2022 09:27:30 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 5202342B8A for ; Fri, 21 Oct 2022 09:27:26 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29L1fGCG009605; Fri, 21 Oct 2022 00:27:25 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=V8wLROkFNnAhi2G4dfEn2TuMwE+AFLaJ3banPCPLokc=; b=kiyeEEAYJs6rdVXnRP0FO5npotAN6cvH6nL+8Lf0atENoTVKkhD4iw5k2qkzI92dLRgK YUp4P77pVKrH2P3c5MO3nXZL++YxX1dHJCBhJhFh/NugbuXF0Q83OcEcS0/GvJH/W5Jo kOG1SjZ3o297q1c3jQa+nphbVPn4nlpe5u+/6S93wKiNxDz+zNCXfLQzcgw13PqDRtdZ EX79oIazZBTNz7JQfb9U0xyKnfNH/HdDwOhEuSwoB8jvrVuPjzNFVTUZXvHV/6khaKjf smUtjSMs5uzcP5ZwwKEqm6fKKEJopmf89ukVzJaERIiA+ziCYQe83XlYtAZUaeqNvx3k uw== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3kb125d6gh-4 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 21 Oct 2022 00:27:25 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 21 Oct 2022 00:27:23 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Fri, 21 Oct 2022 00:27:23 -0700 Received: from hyd1554.marvell.com (unknown [10.29.57.11]) by maili.marvell.com (Postfix) with ESMTP id 283F25B6994; Fri, 21 Oct 2022 00:27:01 -0700 (PDT) From: Tejasree Kondoj To: Akhil Goyal , Fan Zhang , Ciara Power CC: Vidya Sagar Velumuri , Anoob Joseph , Subject: [PATCH v2 3/6] test/security: update antireplay unit test for event mode Date: Fri, 21 Oct 2022 12:56:48 +0530 Message-ID: <20221021072651.1985340-4-ktejasree@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221021072651.1985340-1-ktejasree@marvell.com> References: <20221021072651.1985340-1-ktejasree@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: mwI3K0EKVm8BcSDPvOXRbDB30XQgKx03 X-Proofpoint-ORIG-GUID: mwI3K0EKVm8BcSDPvOXRbDB30XQgKx03 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-21_03,2022-10-20_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Vidya Sagar Velumuri With event mode is enabled, send and receive packets via event dev Signed-off-by: Vidya Sagar Velumuri --- app/test/test_security_inline_proto.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/app/test/test_security_inline_proto.c b/app/test/test_security_inline_proto.c index feef54f538..700ed3844b 100644 --- a/app/test/test_security_inline_proto.c +++ b/app/test/test_security_inline_proto.c @@ -1378,8 +1378,13 @@ test_ipsec_inline_proto_process_with_esn(struct ipsec_test_data td[], tx_pkt, NULL); tx_pkt->ol_flags |= RTE_MBUF_F_TX_SEC_OFFLOAD; } + /* Send packet to ethdev for inline IPsec processing. */ - nb_sent = rte_eth_tx_burst(port_id, 0, &tx_pkt, 1); + if (event_mode_enabled) + nb_sent = event_tx_burst(&tx_pkt, 1); + else + nb_sent = rte_eth_tx_burst(port_id, 0, &tx_pkt, 1); + if (nb_sent != 1) { printf("\nUnable to TX packets"); rte_pktmbuf_free(tx_pkt); @@ -1390,11 +1395,14 @@ test_ipsec_inline_proto_process_with_esn(struct ipsec_test_data td[], rte_pause(); /* Receive back packet on loopback interface. */ - do { - rte_delay_ms(1); - nb_rx = rte_eth_rx_burst(port_id, 0, &rx_pkt, 1); - } while (nb_rx == 0); - + if (event_mode_enabled) + nb_rx = event_rx_burst(&rx_pkt, nb_sent); + else { + do { + rte_delay_ms(1); + nb_rx = rte_eth_rx_burst(port_id, 0, &rx_pkt, 1); + } while (nb_rx == 0); + } rte_pktmbuf_adj(rx_pkt, RTE_ETHER_HDR_LEN); if (res_d != NULL) From patchwork Fri Oct 21 07:26:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tejasree Kondoj X-Patchwork-Id: 118892 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id CABD5A0032; Fri, 21 Oct 2022 09:27:39 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id B156D42BAC; Fri, 21 Oct 2022 09:27:28 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id C6E4542B8A for ; Fri, 21 Oct 2022 09:27:25 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29L2C8ei008909; Fri, 21 Oct 2022 00:27:25 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=oQJ9STXy8AbbpfrBE8oLTHlnqb6gbE04VOcACaA9dWE=; b=lN9EDvrip90MQNRly9jBnKkzypbroNJVCqTtk6vZtCFeE7qCUGejqtbdwXR7jjS/5OTF KbPBpXCXuPMe+9QgzC9mxadF2Mmu4EsUIUCaSXjZhiRkK3+vz0KOWVwZS6VLhnUNk0/Q knScngyfUvxHToScFcp/TMgX1xOVai+U+8Zo6btsEYvVn8ERCDcse0itG//xawc5cCJC K1/iwo2qJFvj+OQDtAOX2XNn+MZJ5vcgl2LTDoTz8MS/Di/xLlgAxOxwmfiZQ/R0trBX ffsSz8hzixVDznmImUkdSSDLZosjdGglzE/08jtX/Q6IVE+sP3ht4BcKAnQDIyPvCXpk ow== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3kb125d6gg-3 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 21 Oct 2022 00:27:25 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Fri, 21 Oct 2022 00:27:23 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Fri, 21 Oct 2022 00:27:23 -0700 Received: from hyd1554.marvell.com (unknown [10.29.57.11]) by maili.marvell.com (Postfix) with ESMTP id D0EF95B69A2; Fri, 21 Oct 2022 00:27:04 -0700 (PDT) From: Tejasree Kondoj To: Akhil Goyal , Fan Zhang , Ciara Power CC: Vidya Sagar Velumuri , Anoob Joseph , Subject: [PATCH v2 4/6] test/crypto: check antireply capability only for ingress Date: Fri, 21 Oct 2022 12:56:49 +0530 Message-ID: <20221021072651.1985340-5-ktejasree@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221021072651.1985340-1-ktejasree@marvell.com> References: <20221021072651.1985340-1-ktejasree@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: WW4wcw-3Ln_UugrTZZq7L8rowDMh--Qe X-Proofpoint-ORIG-GUID: WW4wcw-3Ln_UugrTZZq7L8rowDMh--Qe X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-21_03,2022-10-20_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Vidya Sagar Velumuri Antireplay is supported only for ingress. Check this capability only for ingress. Signed-off-by: Tejasree Kondoj Signed-off-by: Vidya Sagar Velumuri --- app/test/test_cryptodev_security_ipsec.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c index cb77b39dbb..3219b41e39 100644 --- a/app/test/test_cryptodev_security_ipsec.c +++ b/app/test/test_cryptodev_security_ipsec.c @@ -202,11 +202,13 @@ test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform, return -ENOTSUP; } - if (ipsec_xform->replay_win_sz > sec_cap->ipsec.replay_win_sz_max) { - if (!silent) - RTE_LOG(INFO, USER1, - "Replay window size is not supported\n"); - return -ENOTSUP; + if (ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_INGRESS) { + if (ipsec_xform->replay_win_sz > sec_cap->ipsec.replay_win_sz_max) { + if (!silent) + RTE_LOG(INFO, USER1, + "Replay window size is not supported\n"); + return -ENOTSUP; + } } return 0; From patchwork Fri Oct 21 07:26:50 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tejasree Kondoj X-Patchwork-Id: 118894 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C3A0DA0032; Fri, 21 Oct 2022 09:27:51 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 75CB842BB9; Fri, 21 Oct 2022 09:27:31 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com [67.231.148.174]) by mails.dpdk.org (Postfix) with ESMTP id 6B49442B95 for ; Fri, 21 Oct 2022 09:27:27 +0200 (CEST) Received: from pps.filterd (m0045849.ppops.net [127.0.0.1]) by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29L55D5h021448; Fri, 21 Oct 2022 00:27:26 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=fKDvmdmioq9sMU54ulcTMbdMiwcZwWkhzW4uLyBDT4g=; b=WYRY3+6/qi0X27GN6+tV0wXdwHEcaCJbWewGidJknQVKGbz5ruv2h5bubttwP+VeXdQn 7LgukNdGuMX0VrhqSDhaCYes69U0E5OxDo5FgauEeTbp8N0BK4uM9coHDfIqqZV2mPx6 GnTQZU6lLncenqaG9PDztL+7m/HSgKKc/bB3x3JnzOVGDlXtOM3lVfxmnfgXnV3X1S8c jdmaqdBKTTCKTCShfCxOepZtHPKPDIxdrwU1yArpfeyZJsiTq7rh91St/Jvoul/wEXow MRtbZnpY2ZXu10pFDiJmHEZ3m0AhydiSrGbVug3gt87CS+3letOdBlcUoWt8sMXC679n Iw== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3kb2qxcsxr-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 21 Oct 2022 00:27:26 -0700 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Fri, 21 Oct 2022 00:27:24 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Fri, 21 Oct 2022 00:27:24 -0700 Received: from hyd1554.marvell.com (unknown [10.29.57.11]) by maili.marvell.com (Postfix) with ESMTP id 91EDE5B69B0; Fri, 21 Oct 2022 00:27:07 -0700 (PDT) From: Tejasree Kondoj To: Akhil Goyal , Fan Zhang , Ciara Power CC: Vidya Sagar Velumuri , Anoob Joseph , Subject: [PATCH v2 5/6] test/crypto: add unit tests for DES and MD5 Date: Fri, 21 Oct 2022 12:56:50 +0530 Message-ID: <20221021072651.1985340-6-ktejasree@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221021072651.1985340-1-ktejasree@marvell.com> References: <20221021072651.1985340-1-ktejasree@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: 7iHppy4g6K4wagdc9xsOeo1zGT-pe4D_ X-Proofpoint-ORIG-GUID: 7iHppy4g6K4wagdc9xsOeo1zGT-pe4D_ X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-21_03,2022-10-20_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Vidya Sagar Velumuri Add unit test cases for auth algo MD5. Add unit test cases for cipher DES-CBC. Signed-off-by: Vidya Sagar Velumuri --- app/test/test_cryptodev.c | 50 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index c2b33686ed..96941dd55c 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -15179,6 +15179,11 @@ static struct unit_test_suite ipsec_proto_testsuite = { "Outbound known vector (ESP tunnel mode IPv4 AES-CCM 256)", ut_setup_security, ut_teardown, test_ipsec_proto_known_vec, &pkt_aes_256_ccm), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 AES-CBC MD5 [12B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_aes_128_cbc_md5), TEST_CASE_NAMED_WITH_DATA( "Outbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA256 [16B ICV])", ut_setup_security, ut_teardown, @@ -15208,6 +15213,26 @@ static struct unit_test_suite ipsec_proto_testsuite = { ut_setup_security, ut_teardown, test_ipsec_proto_known_vec, &pkt_null_aes_xcbc), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_des_cbc_hmac_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA384 [24B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_des_cbc_hmac_sha384), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA512 [32B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_des_cbc_hmac_sha512), + TEST_CASE_NAMED_WITH_DATA( + "Outbound known vector (ESP tunnel mode IPv6 DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec, + &pkt_des_cbc_hmac_sha256_v6), TEST_CASE_NAMED_WITH_DATA( "Outbound known vector (AH tunnel mode IPv4 HMAC-SHA256)", ut_setup_security, ut_teardown, @@ -15248,6 +15273,11 @@ static struct unit_test_suite ipsec_proto_testsuite = { "Inbound known vector (ESP tunnel mode IPv4 AES-CBC 128)", ut_setup_security, ut_teardown, test_ipsec_proto_known_vec_inb, &pkt_aes_128_cbc_null), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 AES-CBC MD5 [12B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_aes_128_cbc_md5), TEST_CASE_NAMED_WITH_DATA( "Inbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA256 [16B ICV])", ut_setup_security, ut_teardown, @@ -15277,6 +15307,26 @@ static struct unit_test_suite ipsec_proto_testsuite = { ut_setup_security, ut_teardown, test_ipsec_proto_known_vec_inb, &pkt_null_aes_xcbc), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_des_cbc_hmac_sha256), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA384 [24B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_des_cbc_hmac_sha384), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv4 DES-CBC HMAC-SHA512 [32B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_des_cbc_hmac_sha512), + TEST_CASE_NAMED_WITH_DATA( + "Inbound known vector (ESP tunnel mode IPv6 DES-CBC HMAC-SHA256 [16B ICV])", + ut_setup_security, ut_teardown, + test_ipsec_proto_known_vec_inb, + &pkt_des_cbc_hmac_sha256_v6), TEST_CASE_NAMED_WITH_DATA( "Inbound known vector (AH tunnel mode IPv4 HMAC-SHA256)", ut_setup_security, ut_teardown, From patchwork Fri Oct 21 07:26:51 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tejasree Kondoj X-Patchwork-Id: 118895 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 24424A0032; Fri, 21 Oct 2022 09:27:57 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 6572B42BC3; Fri, 21 Oct 2022 09:27:32 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 056D942B95 for ; Fri, 21 Oct 2022 09:27:27 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 29L2BDS5009575; Fri, 21 Oct 2022 00:27:27 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=Bi4smQ8zaxo+pacCeFbvmmFvDJb0pniNjrD0o9F757o=; b=fz+2lSpjDRvSwI0iSpapJlpDJMlEVtnXqbs4e7rfHfY2F9bIlfmKn+Hd9vAQ3CLRlen8 aug1ZV9Khz3wwCaOJulFIVznpZP6utWOrPYa/4wcpJi/MUbeiUDMTK183bSfh+1eWDr5 Md+j3fafbei7BpjFR5s+Z0fENuXcRz8nfRlNERBVcYnztHrqOl1sMBJ+FXZSv1Yy38sZ DQ9LNtnQLs5b4gm5DCo8VVfV0yKI6RKk4RKurSFXqu1EBvX70ZGJiJKmYzXeBqpXOy4x 3Fe4GgWcnNWB8H/0xh8yMApMkH+Rju+lSC4GRbldFNG4XJMPXK8D+ntUDg3AkJYWvnEq TQ== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3kb125d6gw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Fri, 21 Oct 2022 00:27:27 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Fri, 21 Oct 2022 00:27:25 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Fri, 21 Oct 2022 00:27:25 -0700 Received: from hyd1554.marvell.com (unknown [10.29.57.11]) by maili.marvell.com (Postfix) with ESMTP id 57B495B69BB; Fri, 21 Oct 2022 00:27:10 -0700 (PDT) From: Tejasree Kondoj To: Akhil Goyal , Fan Zhang , Ciara Power CC: Vidya Sagar Velumuri , Anoob Joseph , Subject: [PATCH v2 6/6] test/crypto: add unit test for custom UDP ports Date: Fri, 21 Oct 2022 12:56:51 +0530 Message-ID: <20221021072651.1985340-7-ktejasree@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221021072651.1985340-1-ktejasree@marvell.com> References: <20221021072651.1985340-1-ktejasree@marvell.com> MIME-Version: 1.0 X-Proofpoint-GUID: UJiH_8qfAA5WfcDkE8v9phVMp-gkHRA7 X-Proofpoint-ORIG-GUID: UJiH_8qfAA5WfcDkE8v9phVMp-gkHRA7 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-10-21_03,2022-10-20_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org From: Vidya Sagar Velumuri Add unit test for custom UDP ports with UDP encapsulation. Verify UDP header in egress path for all unit tests. Signed-off-by: Tejasree Kondoj Signed-off-by: Vidya Sagar Velumuri --- app/test/test_cryptodev.c | 21 +++++++ app/test/test_cryptodev_security_ipsec.c | 71 ++++++++++++++++++------ app/test/test_cryptodev_security_ipsec.h | 1 + 3 files changed, 76 insertions(+), 17 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 96941dd55c..43fcef7e73 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -9892,6 +9892,23 @@ test_ipsec_proto_err_icv_corrupt(const void *data __rte_unused) return test_ipsec_proto_all(&flags); } +static int +test_ipsec_proto_udp_encap_custom_ports(const void *data __rte_unused) +{ + struct ipsec_test_flags flags; + + if (gbl_driver_id == rte_cryptodev_driver_id_get( + RTE_STR(CRYPTODEV_NAME_CN10K_PMD))) + return TEST_SKIPPED; + + memset(&flags, 0, sizeof(flags)); + + flags.udp_encap = true; + flags.udp_encap_custom_ports = true; + + return test_ipsec_proto_all(&flags); +} + static int test_ipsec_proto_udp_encap(const void *data __rte_unused) { @@ -15358,6 +15375,10 @@ static struct unit_test_suite ipsec_proto_testsuite = { "UDP encapsulation", ut_setup_security, ut_teardown, test_ipsec_proto_udp_encap), + TEST_CASE_NAMED_ST( + "UDP encapsulation with custom ports", + ut_setup_security, ut_teardown, + test_ipsec_proto_udp_encap_custom_ports), TEST_CASE_NAMED_ST( "UDP encapsulation ports verification test", ut_setup_security, ut_teardown, diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c index 3219b41e39..d64e07f226 100644 --- a/app/test/test_cryptodev_security_ipsec.c +++ b/app/test/test_cryptodev_security_ipsec.c @@ -14,6 +14,8 @@ #include "test_cryptodev_security_ipsec.h" #define IV_LEN_MAX 16 +#define UDP_CUSTOM_SPORT 4650 +#define UDP_CUSTOM_DPORT 4660 #ifndef IPVERSION #define IPVERSION 4 @@ -508,6 +510,11 @@ test_ipsec_td_prepare(const struct crypto_param *param1, if (flags->dec_ttl_or_hop_limit) td->ipsec_xform.options.dec_ttl = 1; + + if (flags->udp_encap && flags->udp_encap_custom_ports) { + td->ipsec_xform.udp.sport = UDP_CUSTOM_SPORT; + td->ipsec_xform.udp.dport = UDP_CUSTOM_DPORT; + } } } @@ -765,23 +772,6 @@ test_ipsec_td_verify(struct rte_mbuf *m, const struct ipsec_test_data *td, if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS && flags->udp_encap) { - const struct rte_ipv4_hdr *iph4; - const struct rte_ipv6_hdr *iph6; - - if (td->ipsec_xform.tunnel.type == - RTE_SECURITY_IPSEC_TUNNEL_IPV4) { - iph4 = (const struct rte_ipv4_hdr *)output_text; - if (iph4->next_proto_id != IPPROTO_UDP) { - printf("UDP header is not found\n"); - return TEST_FAILED; - } - } else { - iph6 = (const struct rte_ipv6_hdr *)output_text; - if (iph6->proto != IPPROTO_UDP) { - printf("UDP header is not found\n"); - return TEST_FAILED; - } - } len -= sizeof(struct rte_udp_hdr); output_text += sizeof(struct rte_udp_hdr); @@ -1043,6 +1033,53 @@ test_ipsec_post_process(struct rte_mbuf *m, const struct ipsec_test_data *td, } } + if (td->ipsec_xform.direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS && + flags->udp_encap) { + const struct rte_ipv4_hdr *iph4; + const struct rte_ipv6_hdr *iph6; + + if (td->ipsec_xform.tunnel.type == + RTE_SECURITY_IPSEC_TUNNEL_IPV4) { + iph4 = (const struct rte_ipv4_hdr *)output_text; + + if (iph4->next_proto_id != IPPROTO_UDP) { + printf("UDP header is not found\n"); + return TEST_FAILED; + } + + if (flags->udp_encap_custom_ports) { + const struct rte_udp_hdr *udph; + + udph = (const struct rte_udp_hdr *)(output_text + + sizeof(struct rte_ipv4_hdr)); + if ((rte_be_to_cpu_16(udph->src_port) != UDP_CUSTOM_SPORT) || + (rte_be_to_cpu_16(udph->dst_port) != UDP_CUSTOM_DPORT)) { + printf("UDP custom ports not matching.\n"); + return TEST_FAILED; + } + } + } else { + iph6 = (const struct rte_ipv6_hdr *)output_text; + + if (iph6->proto != IPPROTO_UDP) { + printf("UDP header is not found\n"); + return TEST_FAILED; + } + + if (flags->udp_encap_custom_ports) { + const struct rte_udp_hdr *udph; + + udph = (const struct rte_udp_hdr *)(output_text + + sizeof(struct rte_ipv6_hdr)); + if ((rte_be_to_cpu_16(udph->src_port) != UDP_CUSTOM_SPORT) || + (rte_be_to_cpu_16(udph->dst_port) != UDP_CUSTOM_DPORT)) { + printf("UDP custom ports not matching.\n"); + return TEST_FAILED; + } + } + } + } + /* * In case of known vector tests & all inbound tests, res_d provided * would be NULL and output data need to be validated against expected. diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h index b98f4741b2..008b17c290 100644 --- a/app/test/test_cryptodev_security_ipsec.h +++ b/app/test/test_cryptodev_security_ipsec.h @@ -93,6 +93,7 @@ struct ipsec_test_flags { uint32_t tunnel_hdr_verify; bool udp_encap; bool udp_ports_verify; + bool udp_encap_custom_ports; bool ip_csum; bool l4_csum; bool ipv6;