xref: /dpdk/app/test/test_cryptodev_security_ipsec.h (revision daa02b5cddbb8e11b31d41e2bf7bb1ae64dcae2f) 
1 /* SPDX-License-Identifier: BSD-3-Clause
2  * Copyright(C) 2021 Marvell.
3  */
4 
5 #ifndef _TEST_CRYPTODEV_SECURITY_IPSEC_H_
6 #define _TEST_CRYPTODEV_SECURITY_IPSEC_H_
7 
8 #include <rte_cryptodev.h>
9 #include <rte_security.h>
10 
11 #define IPSEC_TEST_PACKETS_MAX 32
12 
13 struct ipsec_test_data {
14 	struct {
15 		uint8_t data[32];
16 	} key;
17 
18 	struct {
19 		uint8_t data[1024];
20 		unsigned int len;
21 	} input_text;
22 
23 	struct {
24 		uint8_t data[1024];
25 		unsigned int len;
26 	} output_text;
27 
28 	struct {
29 		uint8_t data[4];
30 		unsigned int len;
31 	} salt;
32 
33 	struct {
34 		uint8_t data[16];
35 	} iv;
36 
37 	struct rte_security_ipsec_xform ipsec_xform;
38 
39 	bool aead;
40 
41 	union {
42 		struct {
43 			struct rte_crypto_sym_xform cipher;
44 			struct rte_crypto_sym_xform auth;
45 		} chain;
46 		struct rte_crypto_sym_xform aead;
47 	} xform;
48 };
49 
50 struct ipsec_test_flags {
51 	bool display_alg;
52 	bool sa_expiry_pkts_soft;
53 	bool sa_expiry_pkts_hard;
54 	bool icv_corrupt;
55 	bool iv_gen;
56 	uint32_t tunnel_hdr_verify;
57 	bool udp_encap;
58 	bool udp_ports_verify;
59 	bool ip_csum;
60 	bool l4_csum;
61 };
62 
63 struct crypto_param {
64 	enum rte_crypto_sym_xform_type type;
65 	union {
66 		enum rte_crypto_cipher_algorithm cipher;
67 		enum rte_crypto_auth_algorithm auth;
68 		enum rte_crypto_aead_algorithm aead;
69 	} alg;
70 	uint16_t key_length;
71 };
72 
73 static const struct crypto_param aead_list[] = {
74 	{
75 		.type = RTE_CRYPTO_SYM_XFORM_AEAD,
76 		.alg.aead =  RTE_CRYPTO_AEAD_AES_GCM,
77 		.key_length = 16,
78 	},
79 	{
80 		.type = RTE_CRYPTO_SYM_XFORM_AEAD,
81 		.alg.aead = RTE_CRYPTO_AEAD_AES_GCM,
82 		.key_length = 24,
83 	},
84 	{
85 		.type = RTE_CRYPTO_SYM_XFORM_AEAD,
86 		.alg.aead = RTE_CRYPTO_AEAD_AES_GCM,
87 		.key_length = 32
88 	},
89 };
90 
91 int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
92 			       const struct rte_security_capability *sec_cap,
93 			       bool silent);
94 
95 int test_ipsec_crypto_caps_aead_verify(
96 		const struct rte_security_capability *sec_cap,
97 		struct rte_crypto_sym_xform *aead);
98 
99 void test_ipsec_td_in_from_out(const struct ipsec_test_data *td_out,
100 			       struct ipsec_test_data *td_in);
101 
102 void test_ipsec_td_prepare(const struct crypto_param *param1,
103 			   const struct crypto_param *param2,
104 			   const struct ipsec_test_flags *flags,
105 			   struct ipsec_test_data *td_array,
106 			   int nb_td);
107 
108 void test_ipsec_td_update(struct ipsec_test_data td_inb[],
109 			  const struct ipsec_test_data td_outb[],
110 			  int nb_td,
111 			  const struct ipsec_test_flags *flags);
112 
113 void test_ipsec_display_alg(const struct crypto_param *param1,
114 			    const struct crypto_param *param2);
115 
116 int test_ipsec_post_process(struct rte_mbuf *m,
117 			    const struct ipsec_test_data *td,
118 			    struct ipsec_test_data *res_d, bool silent,
119 			    const struct ipsec_test_flags *flags);
120 
121 int test_ipsec_status_check(struct rte_crypto_op *op,
122 			    const struct ipsec_test_flags *flags,
123 			    enum rte_security_ipsec_sa_direction dir,
124 			    int pkt_num);
125 
126 #endif
127