1 /* SPDX-License-Identifier: BSD-3-Clause 2 * Copyright(C) 2021 Marvell. 3 */ 4 5 #ifndef _TEST_CRYPTODEV_SECURITY_IPSEC_H_ 6 #define _TEST_CRYPTODEV_SECURITY_IPSEC_H_ 7 8 #include <rte_cryptodev.h> 9 #include <rte_security.h> 10 11 #include "test_security_proto.h" 12 13 #define IPSEC_TEXT_MAX_LEN 16384u 14 15 struct ipsec_test_data { 16 struct { 17 uint8_t data[32]; 18 } key; 19 struct { 20 uint8_t data[64]; 21 } auth_key; 22 23 struct { 24 uint8_t data[IPSEC_TEXT_MAX_LEN]; 25 unsigned int len; 26 } input_text; 27 28 struct { 29 uint8_t data[IPSEC_TEXT_MAX_LEN]; 30 unsigned int len; 31 } output_text; 32 33 struct { 34 uint8_t data[4]; 35 unsigned int len; 36 } salt; 37 38 struct { 39 uint8_t data[16]; 40 } iv; 41 42 struct rte_security_ipsec_xform ipsec_xform; 43 44 bool aead; 45 46 bool aes_gmac; 47 48 bool auth_only; 49 50 /* Antireplay packet */ 51 bool ar_packet; 52 53 union { 54 struct { 55 struct rte_crypto_sym_xform cipher; 56 struct rte_crypto_sym_xform auth; 57 } chain; 58 struct rte_crypto_sym_xform aead; 59 } xform; 60 }; 61 62 enum df_flags { 63 TEST_IPSEC_COPY_DF_INNER_0 = 1, 64 TEST_IPSEC_COPY_DF_INNER_1, 65 TEST_IPSEC_SET_DF_0_INNER_1, 66 TEST_IPSEC_SET_DF_1_INNER_0, 67 }; 68 69 #define TEST_IPSEC_DSCP_VAL 0x12 70 71 enum dscp_flags { 72 TEST_IPSEC_COPY_DSCP_INNER_0 = 1, 73 TEST_IPSEC_COPY_DSCP_INNER_1, 74 TEST_IPSEC_SET_DSCP_0_INNER_1, 75 TEST_IPSEC_SET_DSCP_1_INNER_0, 76 }; 77 78 #define TEST_IPSEC_FLABEL_VAL 0x1234 79 80 enum flabel_flags { 81 TEST_IPSEC_COPY_FLABEL_INNER_0 = 1, 82 TEST_IPSEC_COPY_FLABEL_INNER_1, 83 TEST_IPSEC_SET_FLABEL_0_INNER_1, 84 TEST_IPSEC_SET_FLABEL_1_INNER_0, 85 }; 86 87 struct ipsec_test_flags { 88 bool display_alg; 89 bool sa_expiry_pkts_soft; 90 bool sa_expiry_pkts_hard; 91 bool sa_expiry_bytes_soft; 92 bool sa_expiry_bytes_hard; 93 bool icv_corrupt; 94 bool iv_gen; 95 uint32_t tunnel_hdr_verify; 96 bool udp_encap; 97 bool udp_ports_verify; 98 bool udp_encap_custom_ports; 99 bool ip_csum; 100 bool l4_csum; 101 bool ipv6; 102 bool tunnel_ipv6; 103 bool transport; 104 bool fragment; 105 bool stats_success; 106 bool antireplay; 107 bool use_ext_mbuf; 108 enum df_flags df; 109 enum dscp_flags dscp; 110 enum flabel_flags flabel; 111 bool dec_ttl_or_hop_limit; 112 bool ah; 113 uint32_t plaintext_len; 114 int nb_segs_in_mbuf; 115 bool inb_oop; 116 bool rx_inject; 117 }; 118 119 extern struct ipsec_test_data pkt_aes_256_gcm; 120 extern struct ipsec_test_data pkt_aes_256_gcm_v6; 121 extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256; 122 extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256_v6; 123 124 int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform, 125 const struct rte_security_capability *sec_cap, 126 bool silent); 127 128 void test_ipsec_td_in_from_out(const struct ipsec_test_data *td_out, 129 struct ipsec_test_data *td_in); 130 131 void test_ipsec_td_prepare(const struct crypto_param *param1, 132 const struct crypto_param *param2, 133 const struct ipsec_test_flags *flags, 134 struct ipsec_test_data *td_array, 135 int nb_td); 136 137 void test_ipsec_td_update(struct ipsec_test_data td_inb[], 138 const struct ipsec_test_data td_outb[], 139 int nb_td, 140 const struct ipsec_test_flags *flags); 141 142 int test_ipsec_post_process(const struct rte_mbuf *m, 143 const struct ipsec_test_data *td, 144 struct ipsec_test_data *res_d, bool silent, 145 const struct ipsec_test_flags *flags); 146 147 int test_ipsec_status_check(const struct ipsec_test_data *td, 148 struct rte_crypto_op *op, 149 const struct ipsec_test_flags *flags, 150 enum rte_security_ipsec_sa_direction dir, 151 int pkt_num); 152 153 int test_ipsec_stats_verify(void *ctx, 154 void *sess, 155 const struct ipsec_test_flags *flags, 156 enum rte_security_ipsec_sa_direction dir); 157 158 int test_ipsec_pkt_update(uint8_t *pkt, const struct ipsec_test_flags *flags); 159 160 #endif 161