1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
|
/* SPDX-License-Identifier: BSD-3-Clause
* Copyright(C) 2021 Marvell.
*/
#ifndef _TEST_CRYPTODEV_SECURITY_IPSEC_H_
#define _TEST_CRYPTODEV_SECURITY_IPSEC_H_
#include <rte_cryptodev.h>
#include <rte_security.h>
#include "test_security_proto.h"
#define IPSEC_TEXT_MAX_LEN 16384u
struct ipsec_test_data {
struct {
uint8_t data[32];
} key;
struct {
uint8_t data[64];
} auth_key;
struct {
uint8_t data[IPSEC_TEXT_MAX_LEN];
unsigned int len;
} input_text;
struct {
uint8_t data[IPSEC_TEXT_MAX_LEN];
unsigned int len;
} output_text;
struct {
uint8_t data[4];
unsigned int len;
} salt;
struct {
uint8_t data[16];
} iv;
struct rte_security_ipsec_xform ipsec_xform;
bool aead;
bool aes_gmac;
bool auth_only;
/* Antireplay packet */
bool ar_packet;
union {
struct {
struct rte_crypto_sym_xform cipher;
struct rte_crypto_sym_xform auth;
} chain;
struct rte_crypto_sym_xform aead;
} xform;
};
enum df_flags {
TEST_IPSEC_COPY_DF_INNER_0 = 1,
TEST_IPSEC_COPY_DF_INNER_1,
TEST_IPSEC_SET_DF_0_INNER_1,
TEST_IPSEC_SET_DF_1_INNER_0,
};
#define TEST_IPSEC_DSCP_VAL 0x12
enum dscp_flags {
TEST_IPSEC_COPY_DSCP_INNER_0 = 1,
TEST_IPSEC_COPY_DSCP_INNER_1,
TEST_IPSEC_SET_DSCP_0_INNER_1,
TEST_IPSEC_SET_DSCP_1_INNER_0,
};
#define TEST_IPSEC_FLABEL_VAL 0x1234
enum flabel_flags {
TEST_IPSEC_COPY_FLABEL_INNER_0 = 1,
TEST_IPSEC_COPY_FLABEL_INNER_1,
TEST_IPSEC_SET_FLABEL_0_INNER_1,
TEST_IPSEC_SET_FLABEL_1_INNER_0,
};
struct ipsec_test_flags {
bool display_alg;
bool sa_expiry_pkts_soft;
bool sa_expiry_pkts_hard;
bool sa_expiry_bytes_soft;
bool sa_expiry_bytes_hard;
bool icv_corrupt;
bool iv_gen;
uint32_t tunnel_hdr_verify;
bool udp_encap;
bool udp_ports_verify;
bool udp_encap_custom_ports;
bool ip_csum;
bool l4_csum;
bool ipv6;
bool tunnel_ipv6;
bool transport;
bool fragment;
bool stats_success;
bool antireplay;
bool use_ext_mbuf;
enum df_flags df;
enum dscp_flags dscp;
enum flabel_flags flabel;
bool dec_ttl_or_hop_limit;
bool ah;
uint32_t plaintext_len;
int nb_segs_in_mbuf;
bool inb_oop;
bool rx_inject;
};
extern struct ipsec_test_data pkt_aes_256_gcm;
extern struct ipsec_test_data pkt_aes_256_gcm_v6;
extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256;
extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256_v6;
int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
const struct rte_security_capability *sec_cap,
bool silent);
void test_ipsec_td_in_from_out(const struct ipsec_test_data *td_out,
struct ipsec_test_data *td_in);
void test_ipsec_td_prepare(const struct crypto_param *param1,
const struct crypto_param *param2,
const struct ipsec_test_flags *flags,
struct ipsec_test_data *td_array,
int nb_td);
void test_ipsec_td_update(struct ipsec_test_data td_inb[],
const struct ipsec_test_data td_outb[],
int nb_td,
const struct ipsec_test_flags *flags);
int test_ipsec_post_process(const struct rte_mbuf *m,
const struct ipsec_test_data *td,
struct ipsec_test_data *res_d, bool silent,
const struct ipsec_test_flags *flags);
int test_ipsec_status_check(const struct ipsec_test_data *td,
struct rte_crypto_op *op,
const struct ipsec_test_flags *flags,
enum rte_security_ipsec_sa_direction dir,
int pkt_num);
int test_ipsec_stats_verify(void *ctx,
void *sess,
const struct ipsec_test_flags *flags,
enum rte_security_ipsec_sa_direction dir);
int test_ipsec_pkt_update(uint8_t *pkt, const struct ipsec_test_flags *flags);
#endif
|
