1 /* SPDX-License-Identifier: BSD-3-Clause 2 * Copyright(c) 2021 Marvell 3 */ 4 5 #ifndef TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_ 6 #define TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_ 7 8 #include <rte_crypto.h> 9 #include <rte_security.h> 10 11 #include "test_cryptodev_security_ipsec.h" 12 13 /* 14 * Known vectors 15 * 16 * AES-GCM vectors are based on : 17 * https://datatracker.ietf.org/doc/html/draft-mcgrew-gcm-test-01 18 * 19 * Vectors are updated to have corrected L4 checksum and sequence number 1. 20 */ 21 22 struct ipsec_test_data pkt_aes_128_gcm = { 23 .key = { 24 .data = { 25 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 26 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 27 }, 28 }, 29 .input_text = { 30 .data = { 31 /* IP */ 32 0x45, 0x00, 0x00, 0x3e, 0x69, 0x8f, 0x00, 0x00, 33 0x80, 0x11, 0x4d, 0xcc, 0xc0, 0xa8, 0x01, 0x02, 34 0xc0, 0xa8, 0x01, 0x01, 35 36 /* UDP */ 37 0x0a, 0x98, 0x00, 0x35, 0x00, 0x2a, 0x23, 0x43, 38 0xb2, 0xd0, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 39 0x00, 0x00, 0x00, 0x00, 0x03, 0x73, 0x69, 0x70, 40 0x09, 0x63, 0x79, 0x62, 0x65, 0x72, 0x63, 0x69, 41 0x74, 0x79, 0x02, 0x64, 0x6b, 0x00, 0x00, 0x01, 42 0x00, 0x01, 43 }, 44 .len = 62, 45 }, 46 .output_text = { 47 .data = { 48 /* IP - outer header */ 49 0x45, 0x00, 0x00, 0x74, 0x69, 0x8f, 0x00, 0x00, 50 0x80, 0x32, 0x4d, 0x75, 0xc0, 0xa8, 0x01, 0x02, 51 0xc0, 0xa8, 0x01, 0x01, 52 53 /* ESP */ 54 0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x01, 55 56 /* IV */ 57 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88, 58 59 /* Data */ 60 0xde, 0xb2, 0x2c, 0xd9, 0xb0, 0x7c, 0x72, 0xc1, 61 0x6e, 0x3a, 0x65, 0xbe, 0xeb, 0x8d, 0xf3, 0x04, 62 0xa5, 0xa5, 0x89, 0x7d, 0x33, 0xae, 0x53, 0x0f, 63 0x1b, 0xa7, 0x6d, 0x5d, 0x11, 0x4d, 0x2a, 0x5c, 64 0x3d, 0xe8, 0x18, 0x27, 0xc1, 0x0e, 0x9a, 0x4f, 65 0x51, 0x33, 0x0d, 0x0e, 0xec, 0x41, 0x66, 0x42, 66 0xcf, 0xbb, 0x85, 0xa5, 0xb4, 0x7e, 0x48, 0xa4, 67 0xec, 0x3b, 0x9b, 0xa9, 0x5d, 0x91, 0x8b, 0xd4, 68 0x29, 0xc7, 0x37, 0x57, 0x9f, 0xf1, 0x9e, 0x58, 69 0xcf, 0xfc, 0x60, 0x7a, 0x3b, 0xce, 0x89, 0x94, 70 71 }, 72 .len = 116, 73 }, 74 .salt = { 75 .data = { 76 0xca, 0xfe, 0xba, 0xbe 77 }, 78 .len = 4, 79 }, 80 81 .iv = { 82 .data = { 83 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88 84 }, 85 }, 86 87 .ipsec_xform = { 88 .spi = 0xa5f8, 89 .options.esn = 0, 90 .options.udp_encap = 0, 91 .options.copy_dscp = 0, 92 .options.copy_flabel = 0, 93 .options.copy_df = 0, 94 .options.dec_ttl = 0, 95 .options.ecn = 0, 96 .options.stats = 0, 97 .options.tunnel_hdr_verify = 0, 98 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, 99 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, 100 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, 101 .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4, 102 .replay_win_sz = 0, 103 }, 104 105 .aead = true, 106 107 .xform = { 108 .aead = { 109 .next = NULL, 110 .type = RTE_CRYPTO_SYM_XFORM_AEAD, 111 .aead = { 112 .op = RTE_CRYPTO_AEAD_OP_ENCRYPT, 113 .algo = RTE_CRYPTO_AEAD_AES_GCM, 114 .key.length = 16, 115 .iv.length = 12, 116 .iv.offset = IV_OFFSET, 117 .digest_length = 16, 118 .aad_length = 12, 119 }, 120 }, 121 }, 122 }; 123 124 struct ipsec_test_data pkt_aes_192_gcm = { 125 .key = { 126 .data = { 127 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 128 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, 129 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c 130 }, 131 }, 132 .input_text = { 133 .data = { 134 /* IP */ 135 0x45, 0x00, 0x00, 0x28, 0xa4, 0xad, 0x40, 0x00, 136 0x40, 0x06, 0x78, 0x80, 0x0a, 0x01, 0x03, 0x8f, 137 0x0a, 0x01, 0x06, 0x12, 138 139 /* TCP */ 140 0x80, 0x23, 0x06, 0xb8, 0xcb, 0x71, 0x26, 0x02, 141 0xdd, 0x6b, 0xb0, 0x3e, 0x50, 0x10, 0x16, 0xd0, 142 0x75, 0x67, 0x00, 0x01 143 }, 144 .len = 40, 145 }, 146 .output_text = { 147 .data = { 148 /* IP - outer header */ 149 0x45, 0x00, 0x00, 0x60, 0x69, 0x8f, 0x00, 0x00, 150 0x80, 0x32, 0x4d, 0x89, 0xc0, 0xa8, 0x01, 0x02, 151 0xc0, 0xa8, 0x01, 0x01, 152 153 /* ESP */ 154 0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x01, 155 156 /* IV */ 157 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88, 158 159 /* Data */ 160 0xa5, 0xb1, 0xf8, 0x06, 0x60, 0x29, 0xae, 0xa4, 161 0x0e, 0x59, 0x8b, 0x81, 0x22, 0xde, 0x02, 0x42, 162 0x09, 0x38, 0xb3, 0xab, 0x33, 0xf8, 0x28, 0xe6, 163 0x87, 0xb8, 0x85, 0x8b, 0x5b, 0xfb, 0xdb, 0xd0, 164 0x31, 0x5b, 0x27, 0x45, 0x21, 0x4b, 0xcc, 0x77, 165 0x82, 0xac, 0x91, 0x38, 0xf2, 0xbb, 0xbe, 0xe4, 166 0xcf, 0x03, 0x36, 0x89, 0xdd, 0x40, 0xd3, 0x6e, 167 0x54, 0x05, 0x22, 0x22, 168 }, 169 .len = 96, 170 }, 171 .salt = { 172 .data = { 173 0xca, 0xfe, 0xba, 0xbe 174 }, 175 .len = 4, 176 }, 177 178 .iv = { 179 .data = { 180 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88 181 }, 182 }, 183 184 .ipsec_xform = { 185 .spi = 0xa5f8, 186 .options.esn = 0, 187 .options.udp_encap = 0, 188 .options.copy_dscp = 0, 189 .options.copy_flabel = 0, 190 .options.copy_df = 0, 191 .options.dec_ttl = 0, 192 .options.ecn = 0, 193 .options.stats = 0, 194 .options.tunnel_hdr_verify = 0, 195 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, 196 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, 197 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, 198 .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4, 199 .replay_win_sz = 0, 200 }, 201 202 .aead = true, 203 204 .xform = { 205 .aead = { 206 .next = NULL, 207 .type = RTE_CRYPTO_SYM_XFORM_AEAD, 208 .aead = { 209 .op = RTE_CRYPTO_AEAD_OP_ENCRYPT, 210 .algo = RTE_CRYPTO_AEAD_AES_GCM, 211 .key.length = 24, 212 .iv.length = 12, 213 .iv.offset = IV_OFFSET, 214 .digest_length = 16, 215 .aad_length = 12, 216 }, 217 }, 218 }, 219 }; 220 221 struct ipsec_test_data pkt_aes_256_gcm = { 222 .key = { 223 .data = { 224 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23, 225 0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab, 226 0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23, 227 0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab, 228 }, 229 }, 230 .input_text = { 231 .data = { 232 /* IP */ 233 0x45, 0x00, 0x00, 0x30, 0x69, 0xa6, 0x40, 0x00, 234 0x80, 0x06, 0x26, 0x90, 0xc0, 0xa8, 0x01, 0x02, 235 0x93, 0x89, 0x15, 0x5e, 236 237 /* TCP */ 238 0x0a, 0x9e, 0x00, 0x8b, 0x2d, 0xc5, 0x7e, 0xe0, 239 0x00, 0x00, 0x00, 0x00, 0x70, 0x02, 0x40, 0x00, 240 0x20, 0xbf, 0x00, 0x00, 0x02, 0x04, 0x05, 0xb4, 241 0x01, 0x01, 0x04, 0x02, 242 }, 243 .len = 48, 244 }, 245 .output_text = { 246 .data = { 247 /* IP - outer header */ 248 0x45, 0x00, 0x00, 0x68, 0x69, 0x8f, 0x00, 0x00, 249 0x80, 0x32, 0x4d, 0x81, 0xc0, 0xa8, 0x01, 0x02, 250 0xc0, 0xa8, 0x01, 0x01, 251 252 /* ESP */ 253 0x4a, 0x2c, 0xbf, 0xe3, 0x00, 0x00, 0x00, 0x01, 254 255 /* IV */ 256 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 257 258 /* Data */ 259 0xff, 0x42, 0x5c, 0x9b, 0x72, 0x45, 0x99, 0xdf, 260 0x7a, 0x3b, 0xcd, 0x51, 0x01, 0x94, 0xe0, 0x0d, 261 0x6a, 0x78, 0x10, 0x7f, 0x1b, 0x0b, 0x1c, 0xbf, 262 0x06, 0xef, 0xae, 0x9d, 0x65, 0xa5, 0xd7, 0x63, 263 0x74, 0x8a, 0x63, 0x79, 0x85, 0x77, 0x1d, 0x34, 264 0x7f, 0x05, 0x45, 0x65, 0x9f, 0x14, 0xe9, 0x9d, 265 0xef, 0x84, 0x2d, 0x8b, 0x00, 0x14, 0x4a, 0x1f, 266 0xec, 0x6a, 0xdf, 0x0c, 0x9a, 0x92, 0x7f, 0xee, 267 0xa6, 0xc5, 0x11, 0x60, 268 }, 269 .len = 104, 270 }, 271 .salt = { 272 .data = { 273 0x11, 0x22, 0x33, 0x44 274 }, 275 .len = 4, 276 }, 277 278 .iv = { 279 .data = { 280 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 281 }, 282 }, 283 284 .ipsec_xform = { 285 .spi = 0x4a2cbfe3, 286 .options.esn = 0, 287 .options.udp_encap = 0, 288 .options.copy_dscp = 0, 289 .options.copy_flabel = 0, 290 .options.copy_df = 0, 291 .options.dec_ttl = 0, 292 .options.ecn = 0, 293 .options.stats = 0, 294 .options.tunnel_hdr_verify = 0, 295 .direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS, 296 .proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP, 297 .mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL, 298 .tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4, 299 .replay_win_sz = 0, 300 }, 301 302 .aead = true, 303 304 .xform = { 305 .aead = { 306 .next = NULL, 307 .type = RTE_CRYPTO_SYM_XFORM_AEAD, 308 .aead = { 309 .op = RTE_CRYPTO_AEAD_OP_ENCRYPT, 310 .algo = RTE_CRYPTO_AEAD_AES_GCM, 311 .key.length = 32, 312 .iv.length = 12, 313 .iv.offset = IV_OFFSET, 314 .digest_length = 16, 315 .aad_length = 12, 316 }, 317 }, 318 }, 319 }; 320 321 #endif /* TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_ */ 322