test/crypto: fix capability check for ZUC cipher-auth

The cipher-auth test function for ZUC was not using the improved cipher
and auth capability check functions. This meant the required key and IV

test/crypto: fix capability check for ZUC cipher-auth

The cipher-auth test function for ZUC was not using the improved cipher
and auth capability check functions. This meant the required key and IV
lengths were not being checked, leading to problems with ZUC-256 tests
running, and failing, on devices that only support ZUC-128.

Fixes: 27b787132484 ("test/crypto: check cipher parameters")
Fixes: f93fce6de4aa ("test/crypto: check auth parameters")
Cc: stable@dpdk.org

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

test/crypto: fix auth op parameter for ZUC-256

The incorrect value was being passed to the ZUC authentication test
function, indicating the opposite of the intended GENERATE/VERIFY op.
This is fixed

test/crypto: fix auth op parameter for ZUC-256

The incorrect value was being passed to the ZUC authentication test
function, indicating the opposite of the intended GENERATE/VERIFY op.
This is fixed to use the auth op enum rather than a value.

Fixes: 83397b9f0739 ("test/crypto: add further ZUC test cases")

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

test/crypto: fix ZUC digest length in comparison

The digest length used in ZUC tests for verifying the digest was
hardcoded at 4 bytes, which was suitable for ZUC-128 only.
Now that ZUC256 is suppor

test/crypto: fix ZUC digest length in comparison

The digest length used in ZUC tests for verifying the digest was
hardcoded at 4 bytes, which was suitable for ZUC-128 only.
Now that ZUC256 is supported by these test functions,
the digest length can vary.

Using the test vector digest length directly in these
comparisons allows for variable digest length.

Fixes: 83397b9f0739 ("test/crypto: add further ZUC test cases")
Fixes: fa5bf9345d4e ("test/crypto: add ZUC cases with 256-bit keys")
Cc: stable@dpdk.org

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

test/crypto: improve readability of ZUC-256 cases

There were some ZUC-256 tests for hash generate and hash verify
mixed in with the ZUC-128 tests,
with no indication in the test name that they were

test/crypto: improve readability of ZUC-256 cases

There were some ZUC-256 tests for hash generate and hash verify
mixed in with the ZUC-128 tests,
with no indication in the test name that they were for ZUC256.

These are now grouped with other ZUC-256 tests, and
all ZUC-256 hash test names are modified to be more uniform, and
indicate the digest length as this can vary with ZUC-256.

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

test/crypto: enable scatter-gather tests for CN10K

Removed PMD specific check in IPsec SG cases.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

test/crypto: add further ZUC test cases

Previously no ZUC decryption only or hash verify testcases existed,
only encryption and authentication.
This commit adds testcases for ZUC 128 and 256 decrypt

test/crypto: add further ZUC test cases

Previously no ZUC decryption only or hash verify testcases existed,
only encryption and authentication.
This commit adds testcases for ZUC 128 and 256 decryption,
and hash verify.

The incorrect value was used for the reference plaintext offset
in ZUC cipher function. This is now fixed to convert to byte length,
rather than bits.

Also, to cleanup the ZUC test code, some small improvements are made.
The authentication function takes the auth op enum as a parameter
instead of a new variable, this can then be used directly.
The cipher SGL function does not need to buffers allocated for
ciphertext and plaintext, one can be used for both.

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Fan Zhang <fanzhang.oss@gmail.com>

show more ...

test/crypto: add scatter-gather test cases

Add test cases to verify scatter-gather (SGL) buffers,
with multiple segments.

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Signed-off-by: Archan

test/crypto: add scatter-gather test cases

Add test cases to verify scatter-gather (SGL) buffers,
with multiple segments.

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

test/crypto: fix bitwise operator in a SNOW3G case

This patch remove incorrect bitwise and operator used in the
return function of sw snow3g testcase

Fixes: 24342ade2c9d ("test/crypto: check SNOW3G

test/crypto: fix bitwise operator in a SNOW3G case

This patch remove incorrect bitwise and operator used in the
return function of sw snow3g testcase

Fixes: 24342ade2c9d ("test/crypto: check SNOW3G when digest is encrypted")
Cc: stable@dpdk.org

Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Ciara Power <ciara.power@intel.com>

show more ...

test/crypto: add 3DES IPsec cases

Add IPsec test cases for cipher algorithm 3DES.

Signed-off-by: Aakash Sasidharan <asasidharan@marvell.com>
Reviewed-by: Anoob Joseph <anoobj@marvell.com>

test/crypto: support UADK PMD

Updated test application to run autotest for uadk crypto PMD.
Example:
sudo dpdk-test --vdev=crypto_uadk --log-level=6
RTE>>cryptodev_uadk_autotest
RTE>>quit

Signed-of

test/crypto: support UADK PMD

Updated test application to run autotest for uadk crypto PMD.
Example:
sudo dpdk-test --vdev=crypto_uadk --log-level=6
RTE>>cryptodev_uadk_autotest
RTE>>quit

Signed-off-by: Zhangfei Gao <zhangfei.gao@linaro.org>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

test/crypto: add custom UDP ports cases

Added unit test for custom UDP ports with UDP encapsulation.
Verified UDP header in egress path for all unit tests.

Signed-off-by: Tejasree Kondoj <ktejasree

test/crypto: add custom UDP ports cases

Added unit test for custom UDP ports with UDP encapsulation.
Verified UDP header in egress path for all unit tests.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

test/crypto: add DES and MD5 cases

Added unit test cases for auth algo MD5.
Added unit test cases for cipher DES-CBC.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
Acked-by: Akhil Goy

test/crypto: add DES and MD5 cases

Added unit test cases for auth algo MD5.
Added unit test cases for cipher DES-CBC.

Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

test/crypto: add OOP SNOW3G SGL cases

More tests are added to test variations of OOP SGL for SNOW3G.
This includes LB_IN_SGL_OUT and SGL_IN_LB_OUT.

Signed-off-by: Ciara Power <ciara.power@intel.com

test/crypto: add OOP SNOW3G SGL cases

More tests are added to test variations of OOP SGL for SNOW3G.
This includes LB_IN_SGL_OUT and SGL_IN_LB_OUT.

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

test/crypto: fix wireless auth digest segment

The segment size for some tests was too small to hold the auth digest.
This caused issues when using op->sym->auth.digest.data for comparisons
in AESNI_

test/crypto: fix wireless auth digest segment

The segment size for some tests was too small to hold the auth digest.
This caused issues when using op->sym->auth.digest.data for comparisons
in AESNI_MB PMD after a subsequent patch enables SGL.

For example, if segment size is 2, and digest size is 4, then 4 bytes
are read from op->sym->auth.digest.data, which overflows into the memory
after the segment, rather than using the second segment that contains
the remaining half of the digest.

Fixes: 11c5485bb276 ("test/crypto: add scatter-gather tests for IP and OOP")
Cc: stable@dpdk.org

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

security: hide session structure

Structure rte_security_session is moved to internal
headers which are not visible to applications.
The only field which should be used by app is opaque_data.
This fi

security: hide session structure

Structure rte_security_session is moved to internal
headers which are not visible to applications.
The only field which should be used by app is opaque_data.
This field can now be accessed via set/get APIs added in this
patch.
Subsequent changes in app and lib are made to compile the code.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Tested-by: Gagandeep Singh <g.singh@nxp.com>
Tested-by: David Coyle <david.coyle@intel.com>
Tested-by: Kevin O'Sullivan <kevin.osullivan@intel.com>

show more ...

security: remove private mempool usage

As per current design, rte_security_session_create()
unnecessarily use 2 mempool objects for a single session.

To address this, the API will now take only 1 m

security: remove private mempool usage

As per current design, rte_security_session_create()
unnecessarily use 2 mempool objects for a single session.

To address this, the API will now take only 1 mempool
object instead of 2. With this change, the library layer
will get the object from mempool and session priv data is
stored contiguously in the same mempool object.

User need to ensure that the mempool created in application
is big enough for session private data as well. This can be
ensured if the pool is created after getting size of session
priv data using API rte_security_session_get_size().

Since set and get pkt metadata for security sessions are now
made inline for Inline crypto/proto mode, a new member fast_mdata
is added to the rte_security_session.
To access opaque data and fast_mdata will be accessed via inline
APIs which can do pointer manipulations inside library from
session_private_data pointer coming from application.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Tested-by: Gagandeep Singh <g.singh@nxp.com>
Tested-by: David Coyle <david.coyle@intel.com>
Tested-by: Kevin O'Sullivan <kevin.osullivan@intel.com>

show more ...

cryptodev: hide symmetric session structure

Structure rte_cryptodev_sym_session is moved to internal
headers which are not visible to applications.
The only field which should be used by app is opaq

cryptodev: hide symmetric session structure

Structure rte_cryptodev_sym_session is moved to internal
headers which are not visible to applications.
The only field which should be used by app is opaque_data.
This field can now be accessed via set/get APIs added in this
patch.
Subsequent changes in app and lib are made to compile the code.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>
Tested-by: Gagandeep Singh <g.singh@nxp.com>
Tested-by: David Coyle <david.coyle@intel.com>
Tested-by: Kevin O'Sullivan <kevin.osullivan@intel.com>

show more ...

cryptodev: rework session framework

As per current design, rte_cryptodev_sym_session_create() and
rte_cryptodev_sym_session_init() use separate mempool objects
for a single session.
And structure rt

cryptodev: rework session framework

As per current design, rte_cryptodev_sym_session_create() and
rte_cryptodev_sym_session_init() use separate mempool objects
for a single session.
And structure rte_cryptodev_sym_session is not directly used
by the application, it may cause ABI breakage if the structure
is modified in future.

To address these two issues, the rte_cryptodev_sym_session_create
will take one mempool object that the session and session private
data are virtually/physically contiguous, and initializes both
fields. The API rte_cryptodev_sym_session_init is removed.

rte_cryptodev_sym_session_create will now return an opaque session
pointer which will be used by the app and other APIs.

In data path, opaque session pointer is attached to rte_crypto_op
and the PMD can call an internal library API to get the session
private data pointer based on the driver id.

Note: currently single session may be used by different device
drivers, given it is initialized by them. After the change the
session created by one device driver cannot be used or
reinitialized by another driver.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Kai Ji <kai.ji@intel.com>
Tested-by: Gagandeep Singh <g.singh@nxp.com>
Tested-by: David Coyle <david.coyle@intel.com>
Tested-by: Kevin O'Sullivan <kevin.osullivan@intel.com>

show more ...

test/crypto: ensure structs are updated in unison

The structs are directly indexed for generating standard vectors. Add
asserts to make sure structs are not updated in isolation.

Signed-off-by: Ano

test/crypto: ensure structs are updated in unison

The structs are directly indexed for generating standard vectors. Add
asserts to make sure structs are not updated in isolation.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

test/crypto: add AES-CCM vectors

Added ESP tunnel mode known vectors for AES-CCM along with
combined mode support.

Signed-off-by: Archana Muniganti <marchana@marvell.com>
Acked-by: Akhil Goyal <gak

test/crypto: add AES-CCM vectors

Added ESP tunnel mode known vectors for AES-CCM along with
combined mode support.

Signed-off-by: Archana Muniganti <marchana@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

test/crypto: fix debug messages

When the queue_ops_rsa_enc_dec function is called, the plaintext will
be printed twice instead of both plaintext and ciphertext. When the
create_aead_operation functi

test/crypto: fix debug messages

When the queue_ops_rsa_enc_dec function is called, the plaintext will
be printed twice instead of both plaintext and ciphertext. When the
create_aead_operation function is called, the contents of iv and aad
will be printed incorrectly. This patch fixes the issues above.

Fixes: 77a217a19bb7 ("test/crypto: add AES-CCM tests")
Fixes: 5ae36995f10f ("test/crypto: move RSA enqueue/dequeue into functions")
Cc: stable@dpdk.org

Signed-off-by: Sunyang Wu <sunyang.wu@jaguarmicro.com>
Reviewed-by: Joey Xing <joey.xing@jaguarmicro.com>
Reviewed-by: Qingmin Liu <qingmin.liu@jaguarmicro.com>
Reviewed-by: Lei Cai <lei.cai@jaguarmicro.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>

show more ...

test/crypto: add additional stream cipher cases

Added ZUC, SNOW3G and AES-CTR-CMAC auth-cipher
test vectors with same auth and cipher offsets
and total digest data encrypted.
Existing tests have dif

test/crypto: add additional stream cipher cases

Added ZUC, SNOW3G and AES-CTR-CMAC auth-cipher
test vectors with same auth and cipher offsets
and total digest data encrypted.
Existing tests have different cipher and
auth offsets and partial or no digest encrypted.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Ciara Power <ciara.power@intel.com>

show more ...

test/crypto: fix authentication IV for ZUC SGL

The wireless operation for ZUC SGL tests was being passed NULL instead
of a pointer to the test data authentication IV, and IV length 0.
This is now co

test/crypto: fix authentication IV for ZUC SGL

The wireless operation for ZUC SGL tests was being passed NULL instead
of a pointer to the test data authentication IV, and IV length 0.
This is now corrected to use the IV from the test data.

Fixes: 11c5485bb276 ("test/crypto: add scatter-gather tests for IP and OOP")
Cc: stable@dpdk.org

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

show more ...

remove unnecessary null checks

Found by nullfree.cocci.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
[David: for lpm parts:]
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-

remove unnecessary null checks

Found by nullfree.cocci.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
[David: for lpm parts:]
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
[David: for vdpa/mlx5 parts:]
Acked-by: Matan Azrad <matan@nvidia.com>
[David: for dma/dpaa2, raw/ifpga, vdpa/mlx5:]
Acked-by: Tyler Retzlaff <roretzla@linux.microsoft.com>
Reviewed-by: Chengwen Feng <fengchengwen@huawei.com>
[David: reran cocci.sh and updated common/mlx5 and cryptodev asym test]
Signed-off-by: David Marchand <david.marchand@redhat.com>

show more ...

test/crypto: fix cipher offset for ZUC

The cipher offset in bits was not being used in ZUC encryption test
functions when creating the operation, it was hardcoded to 0.
This is fixed to use the offs

test/crypto: fix cipher offset for ZUC

The cipher offset in bits was not being used in ZUC encryption test
functions when creating the operation, it was hardcoded to 0.
This is fixed to use the offset from the test vector as intended.

Fixes: fd01a9be38d5 ("test/crypto: move IV to crypto op private data")
Cc: stable@dpdk.org

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>

show more ...