From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 6A157A00C4; Wed, 28 Sep 2022 14:46:10 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 9BF954284D; Wed, 28 Sep 2022 14:45:58 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 06335427F1 for ; Wed, 28 Sep 2022 14:45:54 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 28SA52oG027391; Wed, 28 Sep 2022 05:45:54 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=sW6msXZUkoYHZOE4QBouWd+LiyL+FWfQz3/0ArMmU8Q=; b=UbCF3aJQ/xBOeEIPkYET+0bKNfUM+CWX7kcc4gCMVFO53J1mVBNYNv8NbHQZ++aNB4NW +BQSini/dEEOJ39My4Ea0DcCrYla/gzPIsUzVkZ+OB4IHGkfeTicNAD8ZO7OutrCdXuS CJ1oSjenFyrpLvpOELnCnQ2+TKJs8uAYiDMFhqaJjZrWA+X/ktuneUVcEK7lTCRO0Q/K SEtIElFVTjZs8sL/XH7xVHuEhkvk4Ko2fgVdOlb9BQVAv3Zi+bIeuRaJFQCexuC3C0cG 0SUF2DW1rL6h/IlGAFJRAEShPJY3RPz+ssPlqHKbZjHOElPNNu5Wc+3Pc3VLgGeLwBV2 2w== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3jt1dpegds-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 28 Sep 2022 05:45:53 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Wed, 28 Sep 2022 05:45:50 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Wed, 28 Sep 2022 05:45:50 -0700 Received: from localhost.localdomain (unknown [10.28.36.102]) by maili.marvell.com (Postfix) with ESMTP id 9639D3F7053; Wed, 28 Sep 2022 05:45:45 -0700 (PDT) From: Akhil Goyal To: CC: , , , , , , , , , , , , , , , Akhil Goyal Subject: [PATCH 5/5] test/security: add more MACsec cases Date: Wed, 28 Sep 2022 18:15:16 +0530 Message-ID: <20220928124516.93050-6-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220928124516.93050-1-gakhil@marvell.com> References: <20220928122253.23108-4-gakhil@marvell.com> <20220928124516.93050-1-gakhil@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: 4rinAjfujuLtnTq9dE_Egkqq_xjMbsLk X-Proofpoint-GUID: 4rinAjfujuLtnTq9dE_Egkqq_xjMbsLk X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.528,FMLib:17.11.122.1 definitions=2022-09-28_05,2022-09-28_01,2022-06-22_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Added more cases related to decap and auth + cipher. Signed-off-by: Akhil Goyal --- app/test/test_security_inline_macsec.c | 305 +++++++++++++++++ .../test_security_inline_macsec_vectors.h | 321 ++++++++++++++++++ 2 files changed, 626 insertions(+) diff --git a/app/test/test_security_inline_macsec.c b/app/test/test_security_inline_macsec.c index dec7cb20df..6d19a9377d 100644 --- a/app/test/test_security_inline_macsec.c +++ b/app/test/test_security_inline_macsec.c @@ -655,6 +655,283 @@ test_inline_macsec_encap_all(const void *data __rte_unused) return all_err; } +static int +test_inline_macsec_decap_all(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_cipher_vectors) / sizeof((list_mcs_cipher_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_cipher_vectors[i]; + err = test_macsec(&cur_td, MCS_DECAP, &opts); + if (err) { + printf("\nCipher Auth Decryption case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\nCipher Auth Decryption case %d Passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + printf("\n%s: Success: %d, Failure: %d\n", __func__, size + all_err, -all_err); + + return all_err; +} + +static int +test_inline_macsec_auth_only_all(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.protect_frames = true; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_integrity_vectors) / sizeof((list_mcs_integrity_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_integrity_vectors[i]; + err = test_macsec(&cur_td, MCS_AUTH_ONLY, &opts); + if (err) { + printf("\nAuth Generate case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\nAuth Generate case %d Passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + printf("\n%s: Success: %d, Failure: %d\n", __func__, size + all_err, -all_err); + + return all_err; +} + +static int +test_inline_macsec_verify_only_all(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_integrity_vectors) / sizeof((list_mcs_integrity_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_integrity_vectors[i]; + err = test_macsec(&cur_td, MCS_VERIFY_ONLY, &opts); + if (err) { + printf("\nAuth Verify case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\nAuth Verify case %d Passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + printf("\n%s: Success: %d, Failure: %d\n", __func__, size + all_err, -all_err); + + return all_err; +} + +static int +test_inline_macsec_encap_decap_all(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.protect_frames = true; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_cipher_vectors) / sizeof((list_mcs_cipher_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_cipher_vectors[i]; + err = test_macsec(&cur_td, MCS_ENCAP_DECAP, &opts); + if (err) { + printf("\nCipher Auth Encap-decap case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\nCipher Auth Encap-decap case %d Passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + printf("\n%s: Success: %d, Failure: %d\n", __func__, size + all_err, -all_err); + + return all_err; +} + + +static int +test_inline_macsec_auth_verify_all(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.protect_frames = true; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_integrity_vectors) / sizeof((list_mcs_integrity_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_integrity_vectors[i]; + err = test_macsec(&cur_td, MCS_AUTH_VERIFY, &opts); + if (err) { + printf("\nAuth Generate + Verify case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\nAuth Generate + Verify case %d Passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + printf("\n%s: Success: %d, Failure: %d\n", __func__, size + all_err, -all_err); + + return all_err; +} + +static int +test_inline_macsec_multi_flow(const void *data __rte_unused) +{ + const struct mcs_test_vector *tv[MCS_MAX_FLOWS]; + struct mcs_test_vector iter[MCS_MAX_FLOWS]; + struct mcs_test_opts opts = {0}; + int i, err; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.protect_frames = true; + opts.sa_in_use = 1; + opts.nb_td = MCS_MAX_FLOWS; + opts.sectag_insert_mode = 1; + opts.mtu = RTE_ETHER_MTU; + + for (i = 0; i < MCS_MAX_FLOWS; i++) { + memcpy(&iter[i].sa_key.data, sa_key, MCS_MULTI_FLOW_TD_KEY_SZ); + memcpy(&iter[i].plain_pkt.data, eth_addrs[i], 2 * RTE_ETHER_ADDR_LEN); + memcpy(&iter[i].plain_pkt.data[2 * RTE_ETHER_ADDR_LEN], plain_user_data, + MCS_MULTI_FLOW_TD_PLAIN_DATA_SZ); + memcpy(&iter[i].secure_pkt.data, eth_addrs[i], 2 * RTE_ETHER_ADDR_LEN); + memcpy(&iter[i].secure_pkt.data[2 * RTE_ETHER_ADDR_LEN], secure_user_data, + MCS_MULTI_FLOW_TD_SECURE_DATA_SZ); + iter[i].sa_key.len = MCS_MULTI_FLOW_TD_KEY_SZ; + iter[i].hash_key.len = MCS_MULTI_FLOW_TD_KEY_SZ; + iter[i].plain_pkt.len = MCS_MULTI_FLOW_TD_PLAIN_DATA_SZ + + (2 * RTE_ETHER_ADDR_LEN); + iter[i].secure_pkt.len = MCS_MULTI_FLOW_TD_SECURE_DATA_SZ + + (2 * RTE_ETHER_ADDR_LEN); + iter[i].alg = RTE_SECURITY_MACSEC_ALG_GCM_128; + iter[i].ssci = 0x0; + iter[i].xpn = 0x0; + tv[i] = (const struct mcs_test_vector *)&iter[i]; + } + err = test_macsec(tv, MCS_ENCAP_DECAP, &opts); + if (err) { + printf("\nCipher Auth Encryption multi flow failed"); + err = -1; + } else { + printf("\nCipher Auth Encryption multi flow Passed"); + err = 0; + } + return err; +} + +static int +test_inline_macsec_with_vlan(const void *data __rte_unused) +{ + const struct mcs_test_vector *cur_td; + struct mcs_test_opts opts = {0}; + int err, all_err = 0; + int i, size; + + opts.val_frames = RTE_SECURITY_MACSEC_VALIDATE_STRICT; + opts.protect_frames = true; + opts.sa_in_use = 1; + opts.nb_td = 1; + opts.mtu = RTE_ETHER_MTU; + + size = (sizeof(list_mcs_vlan_vectors) / sizeof((list_mcs_vlan_vectors)[0])); + + for (i = 0; i < size; i++) { + cur_td = &list_mcs_vlan_vectors[i]; + if (i == 0) { + opts.sectag_insert_mode = 1; + } else if (i == 1) { + opts.sectag_insert_mode = 0; /* offset from special E-type */ + opts.nb_vlan = 1; + } else if (i == 2) { + opts.sectag_insert_mode = 0; /* offset from special E-type */ + opts.nb_vlan = 2; + } + err = test_macsec(&cur_td, MCS_ENCAP, &opts); + if (err) { + printf("\n VLAN Encap case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\n VLAN Encap case %d passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + for (i = 0; i < size; i++) { + cur_td = &list_mcs_vlan_vectors[i]; + if (i == 0) { + opts.sectag_insert_mode = 1; + } else if (i == 1) { + opts.sectag_insert_mode = 0; /* offset from special E-type */ + opts.nb_vlan = 1; + } else if (i == 2) { + opts.sectag_insert_mode = 0; /* offset from special E-type */ + opts.nb_vlan = 2; + } + err = test_macsec(&cur_td, MCS_DECAP, &opts); + if (err) { + printf("\n VLAN Decap case %d failed", cur_td->test_idx); + err = -1; + } else { + printf("\n VLAN Decap case %d passed", cur_td->test_idx); + err = 0; + } + all_err += err; + } + + printf("\n%s: Success: %d, Failure: %d\n", __func__, (2 * size) + all_err, -all_err); + return all_err; +} + static int ut_setup_inline_macsec(void) { @@ -804,6 +1081,34 @@ static struct unit_test_suite inline_macsec_testsuite = { "MACsec encap(Cipher+Auth) known vector", ut_setup_inline_macsec, ut_teardown_inline_macsec, test_inline_macsec_encap_all), + TEST_CASE_NAMED_ST( + "MACsec decap(De-cipher+verify) known vector", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_decap_all), + TEST_CASE_NAMED_ST( + "MACsec auth only known vector", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_auth_only_all), + TEST_CASE_NAMED_ST( + "MACsec verify only known vector", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_verify_only_all), + TEST_CASE_NAMED_ST( + "MACsec encap + decap known vector", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_encap_decap_all), + TEST_CASE_NAMED_ST( + "MACsec auth + verify known vector", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_auth_verify_all), + TEST_CASE_NAMED_ST( + "MACsec Encap + decap Multi flow", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_multi_flow), + TEST_CASE_NAMED_ST( + "MACsec Encap and decap with VLAN", + ut_setup_inline_macsec, ut_teardown_inline_macsec, + test_inline_macsec_with_vlan), TEST_CASES_END() /**< NULL terminate unit test array */ }, diff --git a/app/test/test_security_inline_macsec_vectors.h b/app/test/test_security_inline_macsec_vectors.h index c7cbc79e3b..36a5631aff 100644 --- a/app/test/test_security_inline_macsec_vectors.h +++ b/app/test/test_security_inline_macsec_vectors.h @@ -2312,7 +2312,328 @@ static const struct mcs_test_vector list_mcs_integrity_vectors[] = { }, }; +#define MCS_MULTI_FLOW_TD_KEY_SZ 16 +#define MCS_MULTI_FLOW_TD_PLAIN_DATA_SZ 42 +#define MCS_MULTI_FLOW_TD_SECURE_DATA_SZ 66 +#define MCS_MULTI_FLOW_TD_KEY_SZ 16 +#define MCS_MAX_FLOWS 63 +uint8_t sa_key[MCS_MULTI_FLOW_TD_KEY_SZ] = { + 0x07, 0x1B, 0x11, 0x3B, 0x0C, 0xA7, 0x43, 0xFE, + 0xCC, 0xCF, 0x3D, 0x05, 0x1F, 0x73, 0x73, 0x82, +}; +uint8_t eth_addrs[MCS_MAX_FLOWS][2 * RTE_ETHER_ADDR_LEN] = { + {0xE2, 0x00, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x01, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x02, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x03, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x04, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x05, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x06, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x07, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x08, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x09, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0A, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0B, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0C, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0D, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0E, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x0F, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x10, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x11, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x12, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x13, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x14, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x15, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x16, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x17, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x18, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x19, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1A, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1B, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1C, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1D, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1E, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x1F, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x20, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x21, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x22, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x23, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x24, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x25, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x26, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x27, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x28, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x29, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2A, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2B, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2C, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2D, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2E, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x2F, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x30, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x31, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x32, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x33, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x34, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x35, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x36, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x37, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x38, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x39, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x3A, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x3B, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x3C, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x3D, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, + {0xE2, 0x3E, 0x06, 0xD7, 0xCD, 0x0D, 0xF0, 0x76, 0x1E, 0x8D, 0xCD, 0x3D,}, +}; + +uint8_t plain_user_data[MCS_MULTI_FLOW_TD_PLAIN_DATA_SZ] = { + /* User Data with Ethertype */ + 0x08, 0x00, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, + 0x1D, 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, + 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, + 0x2D, 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x00, 0x04, +}; + +uint8_t secure_user_data[MCS_MULTI_FLOW_TD_SECURE_DATA_SZ] = { + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x4C, + /* SL */ + 0x2A, + /* PN */ + 0x76, 0xD4, 0x57, 0xED, + /* Secure Data */ + 0x13, 0xB4, 0xC7, 0x2B, 0x38, 0x9D, 0xC5, 0x01, + 0x8E, 0x72, 0xA1, 0x71, 0xDD, 0x85, 0xA5, 0xD3, + 0x75, 0x22, 0x74, 0xD3, 0xA0, 0x19, 0xFB, 0xCA, + 0xED, 0x09, 0xA4, 0x25, 0xCD, 0x9B, 0x2E, 0x1C, + 0x9B, 0x72, 0xEE, 0xE7, 0xC9, 0xDE, 0x7D, 0x52, + 0xB3, 0xF3, + /* ICV */ + 0xD6, 0xA5, 0x28, 0x4F, 0x4A, 0x6D, 0x3F, 0xE2, + 0x2A, 0x5D, 0x6C, 0x2B, 0x96, 0x04, 0x94, 0xC3, +}; + +static const struct mcs_test_vector list_mcs_vlan_vectors[] = { +/* No clear tag, VLAN after macsec header */ +{ + .test_idx = 1, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* User Data with VLAN Tag */ + 0x81, 0x00, 0x00, 0x02, 0x08, 0x00, 0x45, 0x00, + 0x00, 0x54, 0xF2, 0xFA, 0x40, 0x00, 0x40, 0x01, + 0xF7, 0x83, 0x14, 0x14, 0x14, 0x02, 0x14, 0x14, + 0x14, 0x01, 0x08, 0x00, 0xE9, 0xC5, 0x02, 0xAF, + 0x00, 0x01, 0xCB, 0x51, 0x6D, 0x38, 0x00, 0x00, + 0x00, 0x00, 0x13, 0x2D, 0x01, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, + 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, + 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, + 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, + 0x36, 0x37, + }, + .len = 102, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x20, + /* SL */ + 0x00, + /* PN */ + 0x00, 0x00, 0x00, 0x06, + /* SCI */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, 0x00, 0x01, + /* Secure Data */ + 0x81, 0x00, 0x00, 0x02, 0x08, 0x00, 0x45, 0x00, + 0x00, 0x54, 0xF2, 0xFA, 0x40, 0x00, 0x40, 0x01, + 0xF7, 0x83, 0x14, 0x14, 0x14, 0x02, 0x14, 0x14, + 0x14, 0x01, 0x08, 0x00, 0xE9, 0xC5, 0x02, 0xAF, + 0x00, 0x01, 0xCB, 0x51, 0x6D, 0x38, 0x00, 0x00, + 0x00, 0x00, 0x13, 0x2D, 0x01, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, + 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, + 0x1E, 0x1F, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, + 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D, + 0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, + 0x36, 0x37, + /* ICV */ + 0x21, 0x68, 0xF1, 0x21, 0x19, 0xB7, 0xDF, 0x73, + 0x6F, 0x2A, 0x11, 0xEA, 0x8A, 0xBC, 0x8A, 0x79, + }, + .len = 134, + }, +}, +/* 1 vlan tag followed by MACsec */ +{ + .test_idx = 2, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* User Data */ + 0x81, 0x00, 0x00, 0x02, + 0x08, 0x00, 0x45, 0x00, 0x00, 0x54, 0x88, 0x71, + 0x40, 0x00, 0x40, 0x01, 0x62, 0x0D, 0x14, 0x14, + 0x14, 0x02, 0x14, 0x14, 0x14, 0x01, 0x08, 0x00, + 0x77, 0xA6, 0x02, 0xB3, 0x00, 0x01, 0xBE, 0x52, + 0x6D, 0x38, 0x00, 0x00, 0x00, 0x00, 0x8C, 0x47, + 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x11, + 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, + 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, + 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, + 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + }, + .len = 102, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* VLAN Tag before MACsec */ + 0x81, 0x00, 0x00, 0x02, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x20, + /* SL */ + 0x00, + /* PN */ + 0x00, 0x00, 0x00, 0x07, + /* SCI */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, 0x00, 0x01, + /* Secure Data */ + 0x08, 0x00, 0x45, 0x00, 0x00, 0x54, 0x88, 0x71, + 0x40, 0x00, 0x40, 0x01, 0x62, 0x0D, 0x14, 0x14, + 0x14, 0x02, 0x14, 0x14, 0x14, 0x01, 0x08, 0x00, + 0x77, 0xA6, 0x02, 0xB3, 0x00, 0x01, 0xBE, 0x52, + 0x6D, 0x38, 0x00, 0x00, 0x00, 0x00, 0x8C, 0x47, + 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x11, + 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, + 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, + 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, + 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + /* ICV */ + 0xF1, 0xC0, 0xA2, 0x6E, 0x99, 0xE5, 0xAB, 0x97, + 0x78, 0x79, 0x7D, 0x13, 0x35, 0x5E, 0x39, 0x4F, + }, + .len = 134, + }, +}, +/* 2 vlan tag followed by MACsec */ +{ + .test_idx = 3, + .alg = RTE_SECURITY_MACSEC_ALG_GCM_128, + .ssci = 0, + .xpn = 0, /* Most significant 32 bits */ + .salt = {0}, + .sa_key = { + .data = { + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, + }, + .len = 16, + }, + .plain_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* User Data */ + 0x88, 0xA8, 0x00, 0x04, 0x81, 0x00, 0x00, 0x02, + 0x08, 0x00, 0x45, 0x00, 0x00, 0x54, 0x70, 0x5B, + 0x40, 0x00, 0x40, 0x01, 0x29, 0xF9, 0x28, 0x28, + 0x28, 0x04, 0x28, 0x28, 0x28, 0x01, 0x08, 0x00, + 0x08, 0x02, 0x02, 0xE2, 0x00, 0x01, 0x60, 0x58, + 0x6D, 0x38, 0x00, 0x00, 0x00, 0x00, 0x5C, 0xB7, + 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x11, + 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, + 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, + 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, + 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + }, + .len = 106, + }, + .secure_pkt = { + .data = {/* MAC DA */ + 0xCA, 0xCB, 0xCD, 0x41, 0x42, 0x43, + /* MAC SA */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, + /* VLAN Tags before MACsec */ + 0x88, 0xA8, 0x00, 0x04, + 0x81, 0x00, 0x00, 0x02, + /* MACsec EtherType */ + 0x88, 0xE5, + /* TCI and AN */ + 0x20, + /* SL */ + 0x00, + /* PN */ + 0x00, 0x00, 0x00, 0x0E, + /* SCI */ + 0xCA, 0xCB, 0xCD, 0x21, 0x22, 0x23, 0x00, 0x01, + /* Secure Data */ + 0x08, 0x00, 0x45, 0x00, 0x00, 0x54, 0x70, 0x5B, + 0x40, 0x00, 0x40, 0x01, 0x29, 0xF9, 0x28, 0x28, + 0x28, 0x04, 0x28, 0x28, 0x28, 0x01, 0x08, 0x00, + 0x08, 0x02, 0x02, 0xE2, 0x00, 0x01, 0x60, 0x58, + 0x6D, 0x38, 0x00, 0x00, 0x00, 0x00, 0x5C, 0xB7, + 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x11, + 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, + 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20, 0x21, + 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, + 0x2A, 0x2B, 0x2C, 0x2D, 0x2E, 0x2F, 0x30, 0x31, + 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + /* ICV */ + 0xCC, 0x38, 0x21, 0x3A, 0xEE, 0x5F, 0xE3, 0x7F, + 0xA1, 0xBA, 0xBD, 0xBD, 0x65, 0x5B, 0xB3, 0xE5, + }, + .len = 138, + }, +}, +}; #endif -- 2.25.1