xref: /dpdk/app/test/test_cryptodev_security_ipsec_test_vectors.h (revision daa02b5cddbb8e11b31d41e2bf7bb1ae64dcae2f) 
1 /* SPDX-License-Identifier: BSD-3-Clause
2  * Copyright(c) 2021 Marvell
3  */
4 
5 #ifndef TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_
6 #define TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_
7 
8 #include <rte_crypto.h>
9 #include <rte_security.h>
10 
11 #include "test_cryptodev_security_ipsec.h"
12 
13 /*
14  * Known vectors
15  *
16  * AES-GCM vectors are based on :
17  * https://datatracker.ietf.org/doc/html/draft-mcgrew-gcm-test-01
18  *
19  * Vectors are updated to have corrected L4 checksum and sequence number 1.
20  */
21 
22 struct ipsec_test_data pkt_aes_128_gcm = {
23 	.key = {
24 		.data = {
25 			0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
26 			0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
27 		},
28 	},
29 	.input_text = {
30 		.data = {
31 			/* IP */
32 			0x45, 0x00, 0x00, 0x3e, 0x69, 0x8f, 0x00, 0x00,
33 			0x80, 0x11, 0x4d, 0xcc, 0xc0, 0xa8, 0x01, 0x02,
34 			0xc0, 0xa8, 0x01, 0x01,
35 
36 			/* UDP */
37 			0x0a, 0x98, 0x00, 0x35, 0x00, 0x2a, 0x23, 0x43,
38 			0xb2, 0xd0, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00,
39 			0x00, 0x00, 0x00, 0x00, 0x03, 0x73, 0x69, 0x70,
40 			0x09, 0x63, 0x79, 0x62, 0x65, 0x72, 0x63, 0x69,
41 			0x74, 0x79, 0x02, 0x64, 0x6b, 0x00, 0x00, 0x01,
42 			0x00, 0x01,
43 		},
44 		.len = 62,
45 	},
46 	.output_text = {
47 		.data = {
48 			/* IP - outer header */
49 			0x45, 0x00, 0x00, 0x74, 0x69, 0x8f, 0x00, 0x00,
50 			0x80, 0x32, 0x4d, 0x75, 0xc0, 0xa8, 0x01, 0x02,
51 			0xc0, 0xa8, 0x01, 0x01,
52 
53 			/* ESP */
54 			0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x01,
55 
56 			/* IV */
57 			0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88,
58 
59 			/* Data */
60 			0xde, 0xb2, 0x2c, 0xd9, 0xb0, 0x7c, 0x72, 0xc1,
61 			0x6e, 0x3a, 0x65, 0xbe, 0xeb, 0x8d, 0xf3, 0x04,
62 			0xa5, 0xa5, 0x89, 0x7d, 0x33, 0xae, 0x53, 0x0f,
63 			0x1b, 0xa7, 0x6d, 0x5d, 0x11, 0x4d, 0x2a, 0x5c,
64 			0x3d, 0xe8, 0x18, 0x27, 0xc1, 0x0e, 0x9a, 0x4f,
65 			0x51, 0x33, 0x0d, 0x0e, 0xec, 0x41, 0x66, 0x42,
66 			0xcf, 0xbb, 0x85, 0xa5, 0xb4, 0x7e, 0x48, 0xa4,
67 			0xec, 0x3b, 0x9b, 0xa9, 0x5d, 0x91, 0x8b, 0xd4,
68 			0x29, 0xc7, 0x37, 0x57, 0x9f, 0xf1, 0x9e, 0x58,
69 			0xcf, 0xfc, 0x60, 0x7a, 0x3b, 0xce, 0x89, 0x94,
70 
71 		},
72 		.len = 116,
73 	},
74 	.salt = {
75 		.data = {
76 			0xca, 0xfe, 0xba, 0xbe
77 		},
78 		.len = 4,
79 	},
80 
81 	.iv = {
82 		.data = {
83 			0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88
84 		},
85 	},
86 
87 	.ipsec_xform = {
88 		.spi = 0xa5f8,
89 		.options.esn = 0,
90 		.options.udp_encap = 0,
91 		.options.copy_dscp = 0,
92 		.options.copy_flabel = 0,
93 		.options.copy_df = 0,
94 		.options.dec_ttl = 0,
95 		.options.ecn = 0,
96 		.options.stats = 0,
97 		.options.tunnel_hdr_verify = 0,
98 		.options.ip_csum_enable = 0,
99 		.options.l4_csum_enable = 0,
100 		.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
101 		.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
102 		.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
103 		.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
104 		.replay_win_sz = 0,
105 	},
106 
107 	.aead = true,
108 
109 	.xform = {
110 		.aead = {
111 			.next = NULL,
112 			.type = RTE_CRYPTO_SYM_XFORM_AEAD,
113 			.aead = {
114 				.op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
115 				.algo = RTE_CRYPTO_AEAD_AES_GCM,
116 				.key.length = 16,
117 				.iv.length = 12,
118 				.iv.offset = IV_OFFSET,
119 				.digest_length = 16,
120 				.aad_length = 12,
121 			},
122 		},
123 	},
124 };
125 
126 struct ipsec_test_data pkt_aes_192_gcm = {
127 	.key = {
128 		.data = {
129 			0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
130 			0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
131 			0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c
132 		},
133 	},
134 	.input_text = {
135 		.data = {
136 			/* IP */
137 			0x45, 0x00, 0x00, 0x28, 0xa4, 0xad, 0x40, 0x00,
138 			0x40, 0x06, 0x78, 0x80, 0x0a, 0x01, 0x03, 0x8f,
139 			0x0a, 0x01, 0x06, 0x12,
140 
141 			/* TCP */
142 			0x80, 0x23, 0x06, 0xb8, 0xcb, 0x71, 0x26, 0x02,
143 			0xdd, 0x6b, 0xb0, 0x3e, 0x50, 0x10, 0x16, 0xd0,
144 			0x75, 0x67, 0x00, 0x01
145 		},
146 		.len = 40,
147 	},
148 	.output_text = {
149 		.data = {
150 			/* IP - outer header */
151 			0x45, 0x00, 0x00, 0x60, 0x69, 0x8f, 0x00, 0x00,
152 			0x80, 0x32, 0x4d, 0x89, 0xc0, 0xa8, 0x01, 0x02,
153 			0xc0, 0xa8, 0x01, 0x01,
154 
155 			/* ESP */
156 			0x00, 0x00, 0xa5, 0xf8, 0x00, 0x00, 0x00, 0x01,
157 
158 			/* IV */
159 			0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88,
160 
161 			/* Data */
162 			0xa5, 0xb1, 0xf8, 0x06, 0x60, 0x29, 0xae, 0xa4,
163 			0x0e, 0x59, 0x8b, 0x81, 0x22, 0xde, 0x02, 0x42,
164 			0x09, 0x38, 0xb3, 0xab, 0x33, 0xf8, 0x28, 0xe6,
165 			0x87, 0xb8, 0x85, 0x8b, 0x5b, 0xfb, 0xdb, 0xd0,
166 			0x31, 0x5b, 0x27, 0x45, 0x21, 0x4b, 0xcc, 0x77,
167 			0x82, 0xac, 0x91, 0x38, 0xf2, 0xbb, 0xbe, 0xe4,
168 			0xcf, 0x03, 0x36, 0x89, 0xdd, 0x40, 0xd3, 0x6e,
169 			0x54, 0x05, 0x22, 0x22,
170 		},
171 		.len = 96,
172 	},
173 	.salt = {
174 		.data = {
175 			0xca, 0xfe, 0xba, 0xbe
176 		},
177 		.len = 4,
178 	},
179 
180 	.iv = {
181 		.data = {
182 			0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88
183 		},
184 	},
185 
186 	.ipsec_xform = {
187 		.spi = 0xa5f8,
188 		.options.esn = 0,
189 		.options.udp_encap = 0,
190 		.options.copy_dscp = 0,
191 		.options.copy_flabel = 0,
192 		.options.copy_df = 0,
193 		.options.dec_ttl = 0,
194 		.options.ecn = 0,
195 		.options.stats = 0,
196 		.options.tunnel_hdr_verify = 0,
197 		.options.ip_csum_enable = 0,
198 		.options.l4_csum_enable = 0,
199 		.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
200 		.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
201 		.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
202 		.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
203 		.replay_win_sz = 0,
204 	},
205 
206 	.aead = true,
207 
208 	.xform = {
209 		.aead = {
210 			.next = NULL,
211 			.type = RTE_CRYPTO_SYM_XFORM_AEAD,
212 			.aead = {
213 				.op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
214 				.algo = RTE_CRYPTO_AEAD_AES_GCM,
215 				.key.length = 24,
216 				.iv.length = 12,
217 				.iv.offset = IV_OFFSET,
218 				.digest_length = 16,
219 				.aad_length = 12,
220 			},
221 		},
222 	},
223 };
224 
225 struct ipsec_test_data pkt_aes_256_gcm = {
226 	.key = {
227 		.data = {
228 			0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23,
229 			0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab,
230 			0xab, 0xbc, 0xcd, 0xde, 0xf0, 0x01, 0x12, 0x23,
231 			0x34, 0x45, 0x56, 0x67, 0x78, 0x89, 0x9a, 0xab,
232 		},
233 	},
234 	.input_text = {
235 		.data = {
236 			/* IP */
237 			0x45, 0x00, 0x00, 0x30, 0x69, 0xa6, 0x40, 0x00,
238 			0x80, 0x06, 0x26, 0x90, 0xc0, 0xa8, 0x01, 0x02,
239 			0x93, 0x89, 0x15, 0x5e,
240 
241 			/* TCP */
242 			0x0a, 0x9e, 0x00, 0x8b, 0x2d, 0xc5, 0x7e, 0xe0,
243 			0x00, 0x00, 0x00, 0x00, 0x70, 0x02, 0x40, 0x00,
244 			0x20, 0xbf, 0x00, 0x00, 0x02, 0x04, 0x05, 0xb4,
245 			0x01, 0x01, 0x04, 0x02,
246 		},
247 		.len = 48,
248 	},
249 	.output_text = {
250 		.data = {
251 			/* IP - outer header */
252 			0x45, 0x00, 0x00, 0x68, 0x69, 0x8f, 0x00, 0x00,
253 			0x80, 0x32, 0x4d, 0x81, 0xc0, 0xa8, 0x01, 0x02,
254 			0xc0, 0xa8, 0x01, 0x01,
255 
256 			/* ESP */
257 			0x4a, 0x2c, 0xbf, 0xe3, 0x00, 0x00, 0x00, 0x01,
258 
259 			/* IV */
260 			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
261 
262 			/* Data */
263 			0xff, 0x42, 0x5c, 0x9b, 0x72, 0x45, 0x99, 0xdf,
264 			0x7a, 0x3b, 0xcd, 0x51, 0x01, 0x94, 0xe0, 0x0d,
265 			0x6a, 0x78, 0x10, 0x7f, 0x1b, 0x0b, 0x1c, 0xbf,
266 			0x06, 0xef, 0xae, 0x9d, 0x65, 0xa5, 0xd7, 0x63,
267 			0x74, 0x8a, 0x63, 0x79, 0x85, 0x77, 0x1d, 0x34,
268 			0x7f, 0x05, 0x45, 0x65, 0x9f, 0x14, 0xe9, 0x9d,
269 			0xef, 0x84, 0x2d, 0x8b, 0x00, 0x14, 0x4a, 0x1f,
270 			0xec, 0x6a, 0xdf, 0x0c, 0x9a, 0x92, 0x7f, 0xee,
271 			0xa6, 0xc5, 0x11, 0x60,
272 		},
273 		.len = 104,
274 	},
275 	.salt = {
276 		.data = {
277 			0x11, 0x22, 0x33, 0x44
278 		},
279 		.len = 4,
280 	},
281 
282 	.iv = {
283 		.data = {
284 			0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08
285 		},
286 	},
287 
288 	.ipsec_xform = {
289 		.spi = 0x4a2cbfe3,
290 		.options.esn = 0,
291 		.options.udp_encap = 0,
292 		.options.copy_dscp = 0,
293 		.options.copy_flabel = 0,
294 		.options.copy_df = 0,
295 		.options.dec_ttl = 0,
296 		.options.ecn = 0,
297 		.options.stats = 0,
298 		.options.tunnel_hdr_verify = 0,
299 		.options.ip_csum_enable = 0,
300 		.options.l4_csum_enable = 0,
301 		.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
302 		.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
303 		.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
304 		.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
305 		.replay_win_sz = 0,
306 	},
307 
308 	.aead = true,
309 
310 	.xform = {
311 		.aead = {
312 			.next = NULL,
313 			.type = RTE_CRYPTO_SYM_XFORM_AEAD,
314 			.aead = {
315 				.op = RTE_CRYPTO_AEAD_OP_ENCRYPT,
316 				.algo = RTE_CRYPTO_AEAD_AES_GCM,
317 				.key.length = 32,
318 				.iv.length = 12,
319 				.iv.offset = IV_OFFSET,
320 				.digest_length = 16,
321 				.aad_length = 12,
322 			},
323 		},
324 	},
325 };
326 
327 #endif /* TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_ */
328