xref: /dpdk/app/test/test_cryptodev_security_ipsec.h (revision 03ab51eafda992874a48c392ca66ffb577fe2b71) 
1 /* SPDX-License-Identifier: BSD-3-Clause
2  * Copyright(C) 2021 Marvell.
3  */
4 
5 #ifndef _TEST_CRYPTODEV_SECURITY_IPSEC_H_
6 #define _TEST_CRYPTODEV_SECURITY_IPSEC_H_
7 
8 #include <rte_cryptodev.h>
9 #include <rte_security.h>
10 
11 #define IPSEC_TEST_PACKETS_MAX 32
12 
13 struct ipsec_test_data {
14 	struct {
15 		uint8_t data[32];
16 	} key;
17 
18 	struct {
19 		uint8_t data[1024];
20 		unsigned int len;
21 	} input_text;
22 
23 	struct {
24 		uint8_t data[1024];
25 		unsigned int len;
26 	} output_text;
27 
28 	struct {
29 		uint8_t data[4];
30 		unsigned int len;
31 	} salt;
32 
33 	struct {
34 		uint8_t data[16];
35 	} iv;
36 
37 	struct rte_security_ipsec_xform ipsec_xform;
38 
39 	bool aead;
40 
41 	union {
42 		struct {
43 			struct rte_crypto_sym_xform cipher;
44 			struct rte_crypto_sym_xform auth;
45 		} chain;
46 		struct rte_crypto_sym_xform aead;
47 	} xform;
48 };
49 
50 struct ipsec_test_flags {
51 	bool display_alg;
52 	bool sa_expiry_pkts_soft;
53 	bool sa_expiry_pkts_hard;
54 	bool icv_corrupt;
55 	bool iv_gen;
56 	uint32_t tunnel_hdr_verify;
57 	bool udp_encap;
58 	bool udp_ports_verify;
59 };
60 
61 struct crypto_param {
62 	enum rte_crypto_sym_xform_type type;
63 	union {
64 		enum rte_crypto_cipher_algorithm cipher;
65 		enum rte_crypto_auth_algorithm auth;
66 		enum rte_crypto_aead_algorithm aead;
67 	} alg;
68 	uint16_t key_length;
69 };
70 
71 static const struct crypto_param aead_list[] = {
72 	{
73 		.type = RTE_CRYPTO_SYM_XFORM_AEAD,
74 		.alg.aead =  RTE_CRYPTO_AEAD_AES_GCM,
75 		.key_length = 16,
76 	},
77 	{
78 		.type = RTE_CRYPTO_SYM_XFORM_AEAD,
79 		.alg.aead = RTE_CRYPTO_AEAD_AES_GCM,
80 		.key_length = 24,
81 	},
82 	{
83 		.type = RTE_CRYPTO_SYM_XFORM_AEAD,
84 		.alg.aead = RTE_CRYPTO_AEAD_AES_GCM,
85 		.key_length = 32
86 	},
87 };
88 
89 int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
90 			       const struct rte_security_capability *sec_cap,
91 			       bool silent);
92 
93 int test_ipsec_crypto_caps_aead_verify(
94 		const struct rte_security_capability *sec_cap,
95 		struct rte_crypto_sym_xform *aead);
96 
97 void test_ipsec_td_in_from_out(const struct ipsec_test_data *td_out,
98 			       struct ipsec_test_data *td_in);
99 
100 void test_ipsec_td_prepare(const struct crypto_param *param1,
101 			   const struct crypto_param *param2,
102 			   const struct ipsec_test_flags *flags,
103 			   struct ipsec_test_data *td_array,
104 			   int nb_td);
105 
106 void test_ipsec_td_update(struct ipsec_test_data td_inb[],
107 			  const struct ipsec_test_data td_outb[],
108 			  int nb_td,
109 			  const struct ipsec_test_flags *flags);
110 
111 void test_ipsec_display_alg(const struct crypto_param *param1,
112 			    const struct crypto_param *param2);
113 
114 int test_ipsec_post_process(struct rte_mbuf *m,
115 			    const struct ipsec_test_data *td,
116 			    struct ipsec_test_data *res_d, bool silent,
117 			    const struct ipsec_test_flags *flags);
118 
119 int test_ipsec_status_check(struct rte_crypto_op *op,
120 			    const struct ipsec_test_flags *flags,
121 			    enum rte_security_ipsec_sa_direction dir,
122 			    int pkt_num);
123 
124 #endif
125