xref: /dpdk/app/test/test_cryptodev_security_ipsec_test_vectors.h (revision 03ab51eafda992874a48c392ca66ffb577fe2b71)
1 /* SPDX-License-Identifier: BSD-3-Clause
2  * Copyright(c) 2021 Marvell
3  */
4 
5 #ifndef TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_
6 #define TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_
7 
8 #include <rte_crypto.h>
9 #include <rte_security.h>
10 
11 #include "test_cryptodev_security_ipsec.h"
12 
13 /*
14  * Known vectors
15  *
16  * AES-GCM vectors are based on :
17  * https://datatracker.ietf.org/doc/html/draft-mcgrew-gcm-test-01
18  *
19  * Vectors are updated to have corrected L4 checksum and sequence number 1.
20  */
21 
22 struct ipsec_test_data pkt_aes_128_gcm = {
23 	.key = {
24 		.data = {
25 			0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
26 			0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
27 		},
28 	},
29 	.input_text = {
30 		.data = {
31 			/* IP */
32 			0x45, 0x00, 0x00, 0x3e, 0x69, 0x8f, 0x00, 0x00,
33 			0x80, 0x11, 0x4d, 0xcc, 0xc0, 0xa8, 0x01, 0x02,
34 			0xc0, 0xa8, 0x01, 0x01,
35 
36 			/* UDP */
37 			0x0a, 0x98, 0x00, 0x35, 0x00, 0x2a, 0x23, 0x43,
38 			0xb2, 0xd0, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00,
39 			0x00, 0x00, 0x00, 0x00, 0x03, 0x73, 0x69, 0x70,
40 			0x09, 0x63, 0x79, 0x62, 0x65, 0x72, 0x63, 0x69,
41 			0x74, 0x79, 0x02, 0x64, 0x6b, 0x00, 0x00, 0x01,
42 			0x00, 0x01,
43 		},
44 		.len = 62,
45 	},
46 	.output_text = {
47 		.data = {
48 			/* IP - outer header */
49 			0x45, 0x00, 0x00, 0x74, 0x69, 0x8f, 0x00, 0x00,
50 			0x80, 0x32, 0x4d, 0x75, 0xc0, 0xa8, 0x01, 0x02,
51 			0xc0, 0xa8, 0x01, 0x01,
52 
53 			/* ESP */
54 			0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x01,
55 
56 			/* IV */
57 			0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88,
58 
59 			/* Data */
60 			0xde, 0xb2, 0x2c, 0xd9, 0xb0, 0x7c, 0x72, 0xc1,
61 			0x6e, 0x3a, 0x65, 0xbe, 0xeb, 0x8d, 0xf3, 0x04,
62 			0xa5, 0xa5, 0x89, 0x7d, 0x33, 0xae, 0x53, 0x0f,
63 			0x1b, 0xa7, 0x6d, 0x5d, 0x11, 0x4d, 0x2a, 0x5c,
64 			0x3d, 0xe8, 0x18, 0x27, 0xc1, 0x0e, 0x9a, 0x4f,
65 			0x51, 0x33, 0x0d, 0x0e, 0xec, 0x41, 0x66, 0x42,
66 			0xcf, 0xbb, 0x85, 0xa5, 0xb4, 0x7e, 0x48, 0xa4,
67 			0xec, 0x3b, 0x9b, 0xa9, 0x5d, 0x91, 0x8b, 0xd4,
68 			0x29, 0xc7, 0x37, 0x57, 0x9f, 0xf1, 0x9e, 0x58,
69 			0xcf, 0xfc, 0x60, 0x7a, 0x3b, 0xce, 0x89, 0x94,
70 
71 		},
72 		.len = 116,
73 	},
74 	.salt = {
75 		.data = {
76 			0xca, 0xfe, 0xba, 0xbe
77 		},
78 		.len = 4,
79 	},
80 
81 	.iv = {
82 		.data = {
83 			0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88
84 		},
85 	},
86 
87 	.ipsec_xform = {
88 		.spi = 0xa5f8,
89 		.options.esn = 0,
90 		.options.udp_encap = 0,
91 		.options.copy_dscp = 0,
92 		.options.copy_flabel = 0,
93 		.options.copy_df = 0,
94 		.options.dec_ttl = 0,
95 		.options.ecn = 0,
96 		.options.stats = 0,
97 		.options.tunnel_hdr_verify = 0,
98 		.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
99 		.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
100 		.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
101 		.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
102 		.replay_win_sz = 0,
103 	},
104 
105 	.aead = true,
106 
107 	.xform = {
108 		.aead = {
109 			.next = NULL,
110 			.type = RTE_CRYPTO_SYM_XFORM_AEAD,
111 			.aead = {
112 				.op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
113 				.algo = RTE_CRYPTO_AEAD_AES_GCM,
114 				.key.length = 16,
115 				.iv.length = 12,
116 				.iv.offset = IV_OFFSET,
117 				.digest_length = 16,
118 				.aad_length = 12,
119 			},
120 		},
121 	},
122 };
123 
124 struct ipsec_test_data pkt_aes_192_gcm = {
125 	.key = {
126 		.data = {
127 			0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
128 			0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
129 			0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
130 		},
131 	},
132 	.input_text = {
133 		.data = {
134 			/* IP */
135 			0x45, 0x00, 0x00, 0x28, 0xa4, 0xad, 0x40, 0x00,
136 			0x40, 0x06, 0x78, 0x80, 0x0a, 0x01, 0x03, 0x8f,
137 			0x0a, 0x01, 0x06, 0x12,
138 
139 			/* TCP */
140 			0x80, 0x23, 0x06, 0xb8, 0xcb, 0x71, 0x26, 0x02,
141 			0xdd, 0x6b, 0xb0, 0x3e, 0x50, 0x10, 0x16, 0xd0,
142 			0x75, 0x67, 0x00, 0x01
143 		},
144 		.len = 40,
145 	},
146 	.output_text = {
147 		.data = {
148 			/* IP - outer header */
149 			0x45, 0x00, 0x00, 0x60, 0x69, 0x8f, 0x00, 0x00,
150 			0x80, 0x32, 0x4d, 0x89, 0xc0, 0xa8, 0x01, 0x02,
151 			0xc0, 0xa8, 0x01, 0x01,
152 
153 			/* ESP */
154 			0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x01,
155 
156 			/* IV */
157 			0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88,
158 
159 			/* Data */
160 			0xa5, 0xb1, 0xf8, 0x06, 0x60, 0x29, 0xae, 0xa4,
161 			0x0e, 0x59, 0x8b, 0x81, 0x22, 0xde, 0x02, 0x42,
162 			0x09, 0x38, 0xb3, 0xab, 0x33, 0xf8, 0x28, 0xe6,
163 			0x87, 0xb8, 0x85, 0x8b, 0x5b, 0xfb, 0xdb, 0xd0,
164 			0x31, 0x5b, 0x27, 0x45, 0x21, 0x4b, 0xcc, 0x77,
165 			0x82, 0xac, 0x91, 0x38, 0xf2, 0xbb, 0xbe, 0xe4,
166 			0xcf, 0x03, 0x36, 0x89, 0xdd, 0x40, 0xd3, 0x6e,
167 			0x54, 0x05, 0x22, 0x22,
168 		},
169 		.len = 96,
170 	},
171 	.salt = {
172 		.data = {
173 			0xca, 0xfe, 0xba, 0xbe
174 		},
175 		.len = 4,
176 	},
177 
178 	.iv = {
179 		.data = {
180 			0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88
181 		},
182 	},
183 
184 	.ipsec_xform = {
185 		.spi = 0xa5f8,
186 		.options.esn = 0,
187 		.options.udp_encap = 0,
188 		.options.copy_dscp = 0,
189 		.options.copy_flabel = 0,
190 		.options.copy_df = 0,
191 		.options.dec_ttl = 0,
192 		.options.ecn = 0,
193 		.options.stats = 0,
194 		.options.tunnel_hdr_verify = 0,
195 		.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
196 		.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
197 		.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
198 		.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
199 		.replay_win_sz = 0,
200 	},
201 
202 	.aead = true,
203 
204 	.xform = {
205 		.aead = {
206 			.next = NULL,
207 			.type = RTE_CRYPTO_SYM_XFORM_AEAD,
208 			.aead = {
209 				.op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
210 				.algo = RTE_CRYPTO_AEAD_AES_GCM,
211 				.key.length = 24,
212 				.iv.length = 12,
213 				.iv.offset = IV_OFFSET,
214 				.digest_length = 16,
215 				.aad_length = 12,
216 			},
217 		},
218 	},
219 };
220 
221 struct ipsec_test_data pkt_aes_256_gcm = {
222 	.key = {
223 		.data = {
224 			0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23,
225 			0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab,
226 			0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23,
227 			0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab,
228 		},
229 	},
230 	.input_text = {
231 		.data = {
232 			/* IP */
233 			0x45, 0x00, 0x00, 0x30, 0x69, 0xa6, 0x40, 0x00,
234 			0x80, 0x06, 0x26, 0x90, 0xc0, 0xa8, 0x01, 0x02,
235 			0x93, 0x89, 0x15, 0x5e,
236 
237 			/* TCP */
238 			0x0a, 0x9e, 0x00, 0x8b, 0x2d, 0xc5, 0x7e, 0xe0,
239 			0x00, 0x00, 0x00, 0x00, 0x70, 0x02, 0x40, 0x00,
240 			0x20, 0xbf, 0x00, 0x00, 0x02, 0x04, 0x05, 0xb4,
241 			0x01, 0x01, 0x04, 0x02,
242 		},
243 		.len = 48,
244 	},
245 	.output_text = {
246 		.data = {
247 			/* IP - outer header */
248 			0x45, 0x00, 0x00, 0x68, 0x69, 0x8f, 0x00, 0x00,
249 			0x80, 0x32, 0x4d, 0x81, 0xc0, 0xa8, 0x01, 0x02,
250 			0xc0, 0xa8, 0x01, 0x01,
251 
252 			/* ESP */
253 			0x4a, 0x2c, 0xbf, 0xe3, 0x00, 0x00, 0x00, 0x01,
254 
255 			/* IV */
256 			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
257 
258 			/* Data */
259 			0xff, 0x42, 0x5c, 0x9b, 0x72, 0x45, 0x99, 0xdf,
260 			0x7a, 0x3b, 0xcd, 0x51, 0x01, 0x94, 0xe0, 0x0d,
261 			0x6a, 0x78, 0x10, 0x7f, 0x1b, 0x0b, 0x1c, 0xbf,
262 			0x06, 0xef, 0xae, 0x9d, 0x65, 0xa5, 0xd7, 0x63,
263 			0x74, 0x8a, 0x63, 0x79, 0x85, 0x77, 0x1d, 0x34,
264 			0x7f, 0x05, 0x45, 0x65, 0x9f, 0x14, 0xe9, 0x9d,
265 			0xef, 0x84, 0x2d, 0x8b, 0x00, 0x14, 0x4a, 0x1f,
266 			0xec, 0x6a, 0xdf, 0x0c, 0x9a, 0x92, 0x7f, 0xee,
267 			0xa6, 0xc5, 0x11, 0x60,
268 		},
269 		.len = 104,
270 	},
271 	.salt = {
272 		.data = {
273 			0x11, 0x22, 0x33, 0x44
274 		},
275 		.len = 4,
276 	},
277 
278 	.iv = {
279 		.data = {
280 			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08
281 		},
282 	},
283 
284 	.ipsec_xform = {
285 		.spi = 0x4a2cbfe3,
286 		.options.esn = 0,
287 		.options.udp_encap = 0,
288 		.options.copy_dscp = 0,
289 		.options.copy_flabel = 0,
290 		.options.copy_df = 0,
291 		.options.dec_ttl = 0,
292 		.options.ecn = 0,
293 		.options.stats = 0,
294 		.options.tunnel_hdr_verify = 0,
295 		.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
296 		.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
297 		.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
298 		.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
299 		.replay_win_sz = 0,
300 	},
301 
302 	.aead = true,
303 
304 	.xform = {
305 		.aead = {
306 			.next = NULL,
307 			.type = RTE_CRYPTO_SYM_XFORM_AEAD,
308 			.aead = {
309 				.op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
310 				.algo = RTE_CRYPTO_AEAD_AES_GCM,
311 				.key.length = 32,
312 				.iv.length = 12,
313 				.iv.offset = IV_OFFSET,
314 				.digest_length = 16,
315 				.aad_length = 12,
316 			},
317 		},
318 	},
319 };
320 
321 #endif /* TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_ */
322