1474f1202SAnoob Joseph /* SPDX-License-Identifier: BSD-3-Clause 2474f1202SAnoob Joseph * Copyright(C) 2021 Marvell. 3474f1202SAnoob Joseph */ 4474f1202SAnoob Joseph 5474f1202SAnoob Joseph #ifndef _TEST_CRYPTODEV_SECURITY_IPSEC_H_ 6474f1202SAnoob Joseph #define _TEST_CRYPTODEV_SECURITY_IPSEC_H_ 7474f1202SAnoob Joseph 8474f1202SAnoob Joseph #include <rte_cryptodev.h> 9474f1202SAnoob Joseph #include <rte_security.h> 10474f1202SAnoob Joseph 116622d9c9SAnoob Joseph #define IPSEC_TEST_PACKETS_MAX 32 126622d9c9SAnoob Joseph 13474f1202SAnoob Joseph struct ipsec_test_data { 14474f1202SAnoob Joseph struct { 15474f1202SAnoob Joseph uint8_t data[32]; 16474f1202SAnoob Joseph } key; 17178a12fbSTejasree Kondoj struct { 1850069f3cSTejasree Kondoj uint8_t data[64]; 19178a12fbSTejasree Kondoj } auth_key; 20474f1202SAnoob Joseph 21474f1202SAnoob Joseph struct { 22474f1202SAnoob Joseph uint8_t data[1024]; 23474f1202SAnoob Joseph unsigned int len; 24474f1202SAnoob Joseph } input_text; 25474f1202SAnoob Joseph 26474f1202SAnoob Joseph struct { 27474f1202SAnoob Joseph uint8_t data[1024]; 28474f1202SAnoob Joseph unsigned int len; 29474f1202SAnoob Joseph } output_text; 30474f1202SAnoob Joseph 31474f1202SAnoob Joseph struct { 32474f1202SAnoob Joseph uint8_t data[4]; 33474f1202SAnoob Joseph unsigned int len; 34474f1202SAnoob Joseph } salt; 35474f1202SAnoob Joseph 36474f1202SAnoob Joseph struct { 37474f1202SAnoob Joseph uint8_t data[16]; 38474f1202SAnoob Joseph } iv; 39474f1202SAnoob Joseph 40474f1202SAnoob Joseph struct rte_security_ipsec_xform ipsec_xform; 41474f1202SAnoob Joseph 42474f1202SAnoob Joseph bool aead; 43474f1202SAnoob Joseph 44474f1202SAnoob Joseph union { 45474f1202SAnoob Joseph struct { 46474f1202SAnoob Joseph struct rte_crypto_sym_xform cipher; 47474f1202SAnoob Joseph struct rte_crypto_sym_xform auth; 48474f1202SAnoob Joseph } chain; 49474f1202SAnoob Joseph struct rte_crypto_sym_xform aead; 50474f1202SAnoob Joseph } xform; 51474f1202SAnoob Joseph }; 52474f1202SAnoob Joseph 536622d9c9SAnoob Joseph struct ipsec_test_flags { 546622d9c9SAnoob Joseph bool display_alg; 554aa52f21SAnoob Joseph bool sa_expiry_pkts_soft; 566978f51eSAnoob Joseph bool sa_expiry_pkts_hard; 570f453190STejasree Kondoj bool icv_corrupt; 58cd928003STejasree Kondoj bool iv_gen; 59270470eeSTejasree Kondoj uint32_t tunnel_hdr_verify; 60c8234341STejasree Kondoj bool udp_encap; 619ec50a52STejasree Kondoj bool udp_ports_verify; 6283243502SArchana Muniganti bool ip_csum; 6383243502SArchana Muniganti bool l4_csum; 649fb87fbfSTejasree Kondoj bool ipv6; 659fb87fbfSTejasree Kondoj bool tunnel_ipv6; 66*b7986bdeSTejasree Kondoj bool fragment; 676622d9c9SAnoob Joseph }; 686622d9c9SAnoob Joseph 696622d9c9SAnoob Joseph struct crypto_param { 706622d9c9SAnoob Joseph enum rte_crypto_sym_xform_type type; 716622d9c9SAnoob Joseph union { 726622d9c9SAnoob Joseph enum rte_crypto_cipher_algorithm cipher; 736622d9c9SAnoob Joseph enum rte_crypto_auth_algorithm auth; 746622d9c9SAnoob Joseph enum rte_crypto_aead_algorithm aead; 756622d9c9SAnoob Joseph } alg; 766622d9c9SAnoob Joseph uint16_t key_length; 778d290523SAnoob Joseph uint16_t digest_length; 786622d9c9SAnoob Joseph }; 796622d9c9SAnoob Joseph 806622d9c9SAnoob Joseph static const struct crypto_param aead_list[] = { 816622d9c9SAnoob Joseph { 826622d9c9SAnoob Joseph .type = RTE_CRYPTO_SYM_XFORM_AEAD, 836622d9c9SAnoob Joseph .alg.aead = RTE_CRYPTO_AEAD_AES_GCM, 846622d9c9SAnoob Joseph .key_length = 16, 856622d9c9SAnoob Joseph }, 866622d9c9SAnoob Joseph { 876622d9c9SAnoob Joseph .type = RTE_CRYPTO_SYM_XFORM_AEAD, 886622d9c9SAnoob Joseph .alg.aead = RTE_CRYPTO_AEAD_AES_GCM, 896622d9c9SAnoob Joseph .key_length = 24, 906622d9c9SAnoob Joseph }, 916622d9c9SAnoob Joseph { 926622d9c9SAnoob Joseph .type = RTE_CRYPTO_SYM_XFORM_AEAD, 936622d9c9SAnoob Joseph .alg.aead = RTE_CRYPTO_AEAD_AES_GCM, 946622d9c9SAnoob Joseph .key_length = 32 956622d9c9SAnoob Joseph }, 966622d9c9SAnoob Joseph }; 976622d9c9SAnoob Joseph 988d290523SAnoob Joseph static const struct crypto_param cipher_list[] = { 998d290523SAnoob Joseph { 1008d290523SAnoob Joseph .type = RTE_CRYPTO_SYM_XFORM_CIPHER, 1018d290523SAnoob Joseph .alg.cipher = RTE_CRYPTO_CIPHER_AES_CBC, 1028d290523SAnoob Joseph .key_length = 16, 1038d290523SAnoob Joseph }, 1048d290523SAnoob Joseph }; 1058d290523SAnoob Joseph 1068d290523SAnoob Joseph static const struct crypto_param auth_list[] = { 1078d290523SAnoob Joseph { 1088d290523SAnoob Joseph .type = RTE_CRYPTO_SYM_XFORM_AUTH, 1098d290523SAnoob Joseph .alg.auth = RTE_CRYPTO_AUTH_NULL, 1108d290523SAnoob Joseph }, 1118d290523SAnoob Joseph { 1128d290523SAnoob Joseph .type = RTE_CRYPTO_SYM_XFORM_AUTH, 1138d290523SAnoob Joseph .alg.auth = RTE_CRYPTO_AUTH_SHA256_HMAC, 1148d290523SAnoob Joseph .key_length = 32, 1158d290523SAnoob Joseph .digest_length = 16, 1168d290523SAnoob Joseph }, 11750069f3cSTejasree Kondoj { 11850069f3cSTejasree Kondoj .type = RTE_CRYPTO_SYM_XFORM_AUTH, 11950069f3cSTejasree Kondoj .alg.auth = RTE_CRYPTO_AUTH_SHA384_HMAC, 12050069f3cSTejasree Kondoj .key_length = 48, 12150069f3cSTejasree Kondoj .digest_length = 24, 12250069f3cSTejasree Kondoj }, 12350069f3cSTejasree Kondoj { 12450069f3cSTejasree Kondoj .type = RTE_CRYPTO_SYM_XFORM_AUTH, 12550069f3cSTejasree Kondoj .alg.auth = RTE_CRYPTO_AUTH_SHA512_HMAC, 12650069f3cSTejasree Kondoj .key_length = 64, 12750069f3cSTejasree Kondoj .digest_length = 32, 12850069f3cSTejasree Kondoj }, 1298d290523SAnoob Joseph }; 1308d290523SAnoob Joseph 1318d290523SAnoob Joseph struct crypto_param_comb { 1328d290523SAnoob Joseph const struct crypto_param *param1; 1338d290523SAnoob Joseph const struct crypto_param *param2; 1348d290523SAnoob Joseph }; 1358d290523SAnoob Joseph 1368d290523SAnoob Joseph extern struct ipsec_test_data pkt_aes_256_gcm; 1379fb87fbfSTejasree Kondoj extern struct ipsec_test_data pkt_aes_256_gcm_v6; 1388d290523SAnoob Joseph extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256; 1399fb87fbfSTejasree Kondoj extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256_v6; 1408d290523SAnoob Joseph 1418d290523SAnoob Joseph extern struct crypto_param_comb alg_list[RTE_DIM(aead_list) + 1428d290523SAnoob Joseph (RTE_DIM(cipher_list) * 1438d290523SAnoob Joseph RTE_DIM(auth_list))]; 1448d290523SAnoob Joseph 1458d290523SAnoob Joseph void test_ipsec_alg_list_populate(void); 1468d290523SAnoob Joseph 147474f1202SAnoob Joseph int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform, 148474f1202SAnoob Joseph const struct rte_security_capability *sec_cap, 149474f1202SAnoob Joseph bool silent); 150474f1202SAnoob Joseph 151474f1202SAnoob Joseph int test_ipsec_crypto_caps_aead_verify( 152474f1202SAnoob Joseph const struct rte_security_capability *sec_cap, 153474f1202SAnoob Joseph struct rte_crypto_sym_xform *aead); 154474f1202SAnoob Joseph 15567d2a188SAnoob Joseph int test_ipsec_crypto_caps_cipher_verify( 15667d2a188SAnoob Joseph const struct rte_security_capability *sec_cap, 15767d2a188SAnoob Joseph struct rte_crypto_sym_xform *cipher); 15867d2a188SAnoob Joseph 15967d2a188SAnoob Joseph int test_ipsec_crypto_caps_auth_verify( 16067d2a188SAnoob Joseph const struct rte_security_capability *sec_cap, 16167d2a188SAnoob Joseph struct rte_crypto_sym_xform *auth); 16267d2a188SAnoob Joseph 163474f1202SAnoob Joseph void test_ipsec_td_in_from_out(const struct ipsec_test_data *td_out, 164474f1202SAnoob Joseph struct ipsec_test_data *td_in); 165474f1202SAnoob Joseph 1666622d9c9SAnoob Joseph void test_ipsec_td_prepare(const struct crypto_param *param1, 1676622d9c9SAnoob Joseph const struct crypto_param *param2, 1686622d9c9SAnoob Joseph const struct ipsec_test_flags *flags, 1696622d9c9SAnoob Joseph struct ipsec_test_data *td_array, 1706622d9c9SAnoob Joseph int nb_td); 1716622d9c9SAnoob Joseph 1726622d9c9SAnoob Joseph void test_ipsec_td_update(struct ipsec_test_data td_inb[], 1736622d9c9SAnoob Joseph const struct ipsec_test_data td_outb[], 1746622d9c9SAnoob Joseph int nb_td, 1756622d9c9SAnoob Joseph const struct ipsec_test_flags *flags); 1766622d9c9SAnoob Joseph 1776622d9c9SAnoob Joseph void test_ipsec_display_alg(const struct crypto_param *param1, 1786622d9c9SAnoob Joseph const struct crypto_param *param2); 1796622d9c9SAnoob Joseph 180474f1202SAnoob Joseph int test_ipsec_post_process(struct rte_mbuf *m, 181474f1202SAnoob Joseph const struct ipsec_test_data *td, 1826622d9c9SAnoob Joseph struct ipsec_test_data *res_d, bool silent, 1836622d9c9SAnoob Joseph const struct ipsec_test_flags *flags); 184474f1202SAnoob Joseph 185474f1202SAnoob Joseph int test_ipsec_status_check(struct rte_crypto_op *op, 1866622d9c9SAnoob Joseph const struct ipsec_test_flags *flags, 1874aa52f21SAnoob Joseph enum rte_security_ipsec_sa_direction dir, 1884aa52f21SAnoob Joseph int pkt_num); 189474f1202SAnoob Joseph 190474f1202SAnoob Joseph #endif 191