xref: /dpdk/app/test/test_cryptodev_security_ipsec.h (revision 16b8e92d49b87705fffbedd9c3241204d9a584a6) 
1 /* SPDX-License-Identifier: BSD-3-Clause
2  * Copyright(C) 2021 Marvell.
3  */
4 
5 #ifndef _TEST_CRYPTODEV_SECURITY_IPSEC_H_
6 #define _TEST_CRYPTODEV_SECURITY_IPSEC_H_
7 
8 #include <rte_cryptodev.h>
9 #include <rte_security.h>
10 
11 #define IPSEC_TEST_PACKETS_MAX 32
12 
13 struct ipsec_test_data {
14 	struct {
15 		uint8_t data[32];
16 	} key;
17 
18 	struct {
19 		uint8_t data[1024];
20 		unsigned int len;
21 	} input_text;
22 
23 	struct {
24 		uint8_t data[1024];
25 		unsigned int len;
26 	} output_text;
27 
28 	struct {
29 		uint8_t data[4];
30 		unsigned int len;
31 	} salt;
32 
33 	struct {
34 		uint8_t data[16];
35 	} iv;
36 
37 	struct rte_security_ipsec_xform ipsec_xform;
38 
39 	bool aead;
40 
41 	union {
42 		struct {
43 			struct rte_crypto_sym_xform cipher;
44 			struct rte_crypto_sym_xform auth;
45 		} chain;
46 		struct rte_crypto_sym_xform aead;
47 	} xform;
48 };
49 
50 struct ipsec_test_flags {
51 	bool display_alg;
52 	bool sa_expiry_pkts_soft;
53 	bool sa_expiry_pkts_hard;
54 	bool icv_corrupt;
55 	bool iv_gen;
56 	uint32_t tunnel_hdr_verify;
57 	bool udp_encap;
58 };
59 
60 struct crypto_param {
61 	enum rte_crypto_sym_xform_type type;
62 	union {
63 		enum rte_crypto_cipher_algorithm cipher;
64 		enum rte_crypto_auth_algorithm auth;
65 		enum rte_crypto_aead_algorithm aead;
66 	} alg;
67 	uint16_t key_length;
68 };
69 
70 static const struct crypto_param aead_list[] = {
71 	{
72 		.type = RTE_CRYPTO_SYM_XFORM_AEAD,
73 		.alg.aead =  RTE_CRYPTO_AEAD_AES_GCM,
74 		.key_length = 16,
75 	},
76 	{
77 		.type = RTE_CRYPTO_SYM_XFORM_AEAD,
78 		.alg.aead = RTE_CRYPTO_AEAD_AES_GCM,
79 		.key_length = 24,
80 	},
81 	{
82 		.type = RTE_CRYPTO_SYM_XFORM_AEAD,
83 		.alg.aead = RTE_CRYPTO_AEAD_AES_GCM,
84 		.key_length = 32
85 	},
86 };
87 
88 int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
89 			       const struct rte_security_capability *sec_cap,
90 			       bool silent);
91 
92 int test_ipsec_crypto_caps_aead_verify(
93 		const struct rte_security_capability *sec_cap,
94 		struct rte_crypto_sym_xform *aead);
95 
96 void test_ipsec_td_in_from_out(const struct ipsec_test_data *td_out,
97 			       struct ipsec_test_data *td_in);
98 
99 void test_ipsec_td_prepare(const struct crypto_param *param1,
100 			   const struct crypto_param *param2,
101 			   const struct ipsec_test_flags *flags,
102 			   struct ipsec_test_data *td_array,
103 			   int nb_td);
104 
105 void test_ipsec_td_update(struct ipsec_test_data td_inb[],
106 			  const struct ipsec_test_data td_outb[],
107 			  int nb_td,
108 			  const struct ipsec_test_flags *flags);
109 
110 void test_ipsec_display_alg(const struct crypto_param *param1,
111 			    const struct crypto_param *param2);
112 
113 int test_ipsec_post_process(struct rte_mbuf *m,
114 			    const struct ipsec_test_data *td,
115 			    struct ipsec_test_data *res_d, bool silent,
116 			    const struct ipsec_test_flags *flags);
117 
118 int test_ipsec_status_check(struct rte_crypto_op *op,
119 			    const struct ipsec_test_flags *flags,
120 			    enum rte_security_ipsec_sa_direction dir,
121 			    int pkt_num);
122 
123 #endif
124