[dpdk-dev] [PATCH 0/2] Added AES counter mode capability

[dpdk-dev] [PATCH 0/2] Added AES counter mode capability

[Arek Kusztal]

This patchset adds AES counter mode capability for Intel QuickAssist Technology crypto driver.
It adds six test cases for 16B, 24B, 32B key size.

Arek Kusztal (2):
  qat: add AES counter mode capability
  app/test: add test cases for AES CTR

 app/test/test_cryptodev.c                      | 254 ++++++++++++++++++++++++
 app/test/test_cryptodev_aes_ctr_test_vectors.h | 257 +++++++++++++++++++++++++
 doc/guides/cryptodevs/overview.rst             |   6 +-
 doc/guides/cryptodevs/qat.rst                  |   3 +
 doc/guides/rel_notes/release_16_07.rst         |   5 +
 drivers/crypto/qat/qat_crypto.c                |  29 ++-
 6 files changed, 550 insertions(+), 4 deletions(-)
 create mode 100644 app/test/test_cryptodev_aes_ctr_test_vectors.h

-- 
2.1.0

[dpdk-dev] [PATCH 1/2] qat: add AES counter mode capability

[Arek Kusztal]

Added possibility for AES to work in counter mode

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 doc/guides/cryptodevs/overview.rst     |  6 +++---
 doc/guides/cryptodevs/qat.rst          |  3 +++
 doc/guides/rel_notes/release_16_07.rst |  5 +++++
 drivers/crypto/qat/qat_crypto.c        | 29 ++++++++++++++++++++++++++++-
 4 files changed, 39 insertions(+), 4 deletions(-)

diff --git a/doc/guides/cryptodevs/overview.rst b/doc/guides/cryptodevs/overview.rst
index 9f9af43..e1f33e1 100644
--- a/doc/guides/cryptodevs/overview.rst
+++ b/doc/guides/cryptodevs/overview.rst
@@ -55,9 +55,9 @@ Supported Cipher Algorithms
    "AES_CBC_128",x,,x,,
    "AES_CBC_192",x,,x,,
    "AES_CBC_256",x,,x,,
-   "AES_CTR_128",,,,,
-   "AES_CTR_192",,,,,
-   "AES_CTR_256",,,,,
+   "AES_CTR_128",x,,,,
+   "AES_CTR_192",x,,,,
+   "AES_CTR_256",x,,,,
    "SNOW3G_UEA2",x,,,,x
 
 Supported Authentication Algorithms
diff --git a/doc/guides/cryptodevs/qat.rst b/doc/guides/cryptodevs/qat.rst
index 4b8f782..cae1958 100644
--- a/doc/guides/cryptodevs/qat.rst
+++ b/doc/guides/cryptodevs/qat.rst
@@ -44,6 +44,9 @@ Cipher algorithms:
 * ``RTE_CRYPTO_SYM_CIPHER_AES128_CBC``
 * ``RTE_CRYPTO_SYM_CIPHER_AES192_CBC``
 * ``RTE_CRYPTO_SYM_CIPHER_AES256_CBC``
+* ``RTE_CRYPTO_SYM_CIPHER_AES128_CTR``
+* ``RTE_CRYPTO_SYM_CIPHER_AES192_CTR``
+* ``RTE_CRYPTO_SYM_CIPHER_AES256_CTR``
 * ``RTE_CRYPTO_SYM_CIPHER_SNOW3G_UEA2``
 * ``RTE_CRYPTO_CIPHER_AES_GCM``
 
diff --git a/doc/guides/rel_notes/release_16_07.rst b/doc/guides/rel_notes/release_16_07.rst
index 001888f..1d90a5a 100644
--- a/doc/guides/rel_notes/release_16_07.rst
+++ b/doc/guides/rel_notes/release_16_07.rst
@@ -34,6 +34,11 @@ This section should contain new features added in this release. Sample format:
 
   Refer to the previous release notes for examples.
 
+* **Added support of AES counter mode for Intel QuickAssist devices.**
+
+  Enabled support for the AES CTR algorithm for Intel QuickAssist devices.
+  Provided support for algorithm-chaining operations.
+
 
 Resolved Issues
 ---------------
diff --git a/drivers/crypto/qat/qat_crypto.c b/drivers/crypto/qat/qat_crypto.c
index 495ea1c..858f632 100644
--- a/drivers/crypto/qat/qat_crypto.c
+++ b/drivers/crypto/qat/qat_crypto.c
@@ -263,6 +263,26 @@ static const struct rte_cryptodev_capabilities qat_pmd_capabilities[] = {
 			}, }
 		}, }
 	},
+	{	/* AES CTR */
+		.op = RTE_CRYPTO_OP_TYPE_SYMMETRIC,
+		{.sym = {
+			.xform_type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			{.cipher = {
+				.algo = RTE_CRYPTO_CIPHER_AES_CTR,
+				.block_size = 16,
+				.key_size = {
+					.min = 16,
+					.max = 32,
+					.increment = 8
+				},
+				.iv_size = {
+					.min = 16,
+					.max = 16,
+					.increment = 0
+				}
+			}, }
+		}, }
+	},
 	RTE_CRYPTODEV_END_OF_CAPABILITIES_LIST()
 };
 
@@ -368,6 +388,14 @@ qat_crypto_sym_configure_session_cipher(struct rte_cryptodev *dev,
 		}
 		session->qat_mode = ICP_QAT_HW_CIPHER_CTR_MODE;
 		break;
+	case RTE_CRYPTO_CIPHER_AES_CTR:
+		if (qat_alg_validate_aes_key(cipher_xform->key.length,
+				&session->qat_cipher_alg) != 0) {
+			PMD_DRV_LOG(ERR, "Invalid AES cipher key size");
+			goto error_out;
+		}
+		session->qat_mode = ICP_QAT_HW_CIPHER_CTR_MODE;
+		break;
 	case RTE_CRYPTO_CIPHER_SNOW3G_UEA2:
 		if (qat_alg_validate_snow3g_key(cipher_xform->key.length,
 					&session->qat_cipher_alg) != 0) {
@@ -380,7 +408,6 @@ qat_crypto_sym_configure_session_cipher(struct rte_cryptodev *dev,
 	case RTE_CRYPTO_CIPHER_3DES_ECB:
 	case RTE_CRYPTO_CIPHER_3DES_CBC:
 	case RTE_CRYPTO_CIPHER_AES_ECB:
-	case RTE_CRYPTO_CIPHER_AES_CTR:
 	case RTE_CRYPTO_CIPHER_AES_CCM:
 	case RTE_CRYPTO_CIPHER_KASUMI_F8:
 		PMD_DRV_LOG(ERR, "Crypto: Unsupported Cipher alg %u",
-- 
2.1.0

[dpdk-dev] [PATCH 2/2] app/test: add test cases for AES CTR

[Arek Kusztal]

Added tests cases for AES working in counter mode

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 app/test/test_cryptodev.c                      | 254 ++++++++++++++++++++++++
 app/test/test_cryptodev_aes_ctr_test_vectors.h | 257 +++++++++++++++++++++++++
 2 files changed, 511 insertions(+)
 create mode 100644 app/test/test_cryptodev_aes_ctr_test_vectors.h

diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 8e8da98..03d6f02 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -42,6 +42,8 @@
 
 #include "test.h"
 #include "test_cryptodev.h"
+
+#include "test_cryptodev_aes_ctr_test_vectors.h"
 #include "test_cryptodev_snow3g_test_vectors.h"
 #include "test_cryptodev_snow3g_hash_test_vectors.h"
 #include "test_cryptodev_gcm_test_vectors.h"
@@ -1358,6 +1360,245 @@ test_AES_CBC_HMAC_SHA1_decrypt_digest_verify(void)
 	return TEST_SUCCESS;
 }
 
+    /* **** AES counter mode tests **** */
+
+static int
+test_AES_CTR_encrypt_digest(const struct aes_ctr_test_data *tdata)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+	struct rte_crypto_sym_op *sym_op;
+
+	uint8_t hash_key[tdata->auth_key.len];
+	uint8_t cipher_key[tdata->key.len];
+
+	ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
+			(const char *)tdata->plaintext.data,
+			tdata->plaintext.len, 0);
+
+	/* Setup Cipher Parameters */
+	ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+	ut_params->cipher_xform.next = &ut_params->auth_xform;
+
+	ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CTR;
+	ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT;
+
+	rte_memcpy(cipher_key, tdata->key.data, tdata->key.len);
+	ut_params->cipher_xform.cipher.key.data = cipher_key;
+	ut_params->cipher_xform.cipher.key.length =
+			tdata->key.len;
+
+	/* Setup HMAC Parameters */
+	ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+	ut_params->auth_xform.next = NULL;
+
+	ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
+	ut_params->auth_xform.auth.algo = tdata->auth_key.algo;
+	ut_params->auth_xform.auth.key.length =
+			tdata->auth_key.len;
+	rte_memcpy(hash_key, tdata->auth_key.data, tdata->auth_key.len);
+	ut_params->auth_xform.auth.key.data = hash_key;
+	ut_params->auth_xform.auth.digest_length = tdata->digest.len;
+
+	/* Create Crypto session*/
+	ut_params->sess = rte_cryptodev_sym_session_create(
+			ts_params->valid_devs[0],
+			&ut_params->cipher_xform);
+	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
+
+	/* Generate Crypto op data structure */
+	ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,
+			RTE_CRYPTO_OP_TYPE_SYMMETRIC);
+	TEST_ASSERT_NOT_NULL(ut_params->op,
+			"Failed to allocate symmetric crypto operation struct");
+
+	rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess);
+
+	sym_op = ut_params->op->sym;
+
+	/* set crypto operation source mbuf */
+	sym_op->m_src = ut_params->ibuf;
+
+	/* Set operation cipher parameters */
+	sym_op->cipher.iv.data = (uint8_t *)rte_pktmbuf_prepend(
+			sym_op->m_src, tdata->iv.len);
+	sym_op->cipher.iv.phys_addr = rte_pktmbuf_mtophys(sym_op->m_src);
+	sym_op->cipher.iv.length = tdata->iv.len;
+
+	rte_memcpy(sym_op->cipher.iv.data, tdata->iv.data,
+			tdata->iv.len);
+
+	sym_op->cipher.data.offset = tdata->iv.len;
+	sym_op->cipher.data.length = tdata->plaintext.len;
+
+	/* Set operation authentication parameters */
+	sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append(
+			sym_op->m_src, tdata->digest.len);
+	sym_op->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(
+			sym_op->m_src,
+			tdata->iv.len + tdata->ciphertext.len);
+	sym_op->auth.digest.length = tdata->digest.len;
+
+	memset(sym_op->auth.digest.data, 0, tdata->digest.len);
+
+	sym_op->auth.data.offset = tdata->iv.len;
+	sym_op->auth.data.length = tdata->plaintext.len;
+
+	/* Process crypto operation */
+	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+			ut_params->op);
+
+	TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS,
+			"crypto op processing failed");
+
+	uint8_t *ciphertext = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_src,
+			uint8_t *, tdata->iv.len);
+
+	TEST_ASSERT_BUFFERS_ARE_EQUAL(ciphertext,
+			tdata->ciphertext.data,
+			tdata->ciphertext.len,
+			"ciphertext data not as expected");
+
+	uint8_t *digest = ciphertext + tdata->ciphertext.len;
+
+	TEST_ASSERT_BUFFERS_ARE_EQUAL(digest,
+			tdata->digest.data, tdata->digest.len,
+			"Generated digest data not as expected");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_AES_CTR_encrypt_digest_case_1(void)
+{
+	return test_AES_CTR_encrypt_digest(&aes_ctr_test_case_1);
+}
+static int
+test_AES_CTR_encrypt_digest_case_2(void)
+{
+	return test_AES_CTR_encrypt_digest(&aes_ctr_test_case_2);
+}
+static int
+test_AES_CTR_encrypt_digest_case_3(void)
+{
+	return test_AES_CTR_encrypt_digest(&aes_ctr_test_case_3);
+}
+
+static int
+test_AES_CTR_digest_verify_decrypt(const struct aes_ctr_test_data *tdata)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+	struct rte_crypto_sym_op *sym_op;
+
+	uint8_t hash_key[tdata->auth_key.len];
+	uint8_t cipher_key[tdata->key.len];
+
+	ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
+			(const char *)tdata->ciphertext.data,
+			tdata->ciphertext.len, 0);
+
+	ut_params->digest = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
+			tdata->digest.len);
+
+	TEST_ASSERT_NOT_NULL(ut_params->digest,	"no room to append digest");
+
+	rte_memcpy(ut_params->digest,
+			tdata->digest.data,
+			tdata->digest.len);
+
+	ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+	ut_params->auth_xform.next = &ut_params->cipher_xform;
+
+	ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;
+	ut_params->auth_xform.auth.algo = tdata->auth_key.algo;
+	ut_params->auth_xform.auth.key.length = tdata->auth_key.len;
+	rte_memcpy(hash_key, tdata->auth_key.data, tdata->auth_key.len);
+	ut_params->auth_xform.auth.key.data =
+			hash_key;
+	ut_params->auth_xform.auth.digest_length = tdata->digest.len;
+
+	ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+	ut_params->cipher_xform.next = NULL;
+
+	ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CTR;
+	ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_DECRYPT;
+
+	rte_memcpy(cipher_key, tdata->key.data, tdata->key.len);
+	ut_params->cipher_xform.cipher.key.data =
+			cipher_key;
+	ut_params->cipher_xform.cipher.key.length = tdata->key.len;
+
+	ut_params->sess = rte_cryptodev_sym_session_create(
+			ts_params->valid_devs[0],
+			&ut_params->auth_xform);
+	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
+
+	ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,
+			RTE_CRYPTO_OP_TYPE_SYMMETRIC);
+	TEST_ASSERT_NOT_NULL(ut_params->op,
+			"Failed to allocate symmetric crypto operation struct");
+
+	rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess);
+
+	sym_op = ut_params->op->sym;
+
+	sym_op->m_src = ut_params->ibuf;
+
+	sym_op->cipher.iv.data = (uint8_t *)rte_pktmbuf_prepend(
+			sym_op->m_src, tdata->iv.len);
+	sym_op->cipher.iv.phys_addr = rte_pktmbuf_mtophys(sym_op->m_src);
+	sym_op->cipher.iv.length = tdata->iv.len;
+
+	rte_memcpy(sym_op->cipher.iv.data, tdata->iv.data,
+			tdata->iv.len);
+
+	sym_op->cipher.data.offset = tdata->iv.len;
+	sym_op->cipher.data.length = tdata->ciphertext.len;
+
+	sym_op->auth.digest.data = ut_params->digest;
+	sym_op->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(
+			sym_op->m_src,
+			tdata->iv.len + tdata->ciphertext.len);
+	sym_op->auth.digest.length = tdata->digest.len;
+
+	sym_op->auth.data.offset = tdata->iv.len;
+	sym_op->auth.data.length = tdata->ciphertext.len;
+
+	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+			ut_params->op);
+
+	TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS,
+			"crypto op processing failed");
+
+	uint8_t *plaintext = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_src,
+			uint8_t *, tdata->iv.len);
+
+	TEST_ASSERT_BUFFERS_ARE_EQUAL(plaintext,
+			tdata->plaintext.data,
+			tdata->plaintext.len,
+			"plaintext data not as expected");
+
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_AES_CTR_digest_verify_decrypt_case_1(void)
+{
+	return test_AES_CTR_digest_verify_decrypt(&aes_ctr_test_case_1);
+}
+static int
+test_AES_CTR_digest_verify_decrypt_case_2(void)
+{
+	return test_AES_CTR_digest_verify_decrypt(&aes_ctr_test_case_2);
+}
+static int
+test_AES_CTR_digest_verify_decrypt_case_3(void)
+{
+	return test_AES_CTR_digest_verify_decrypt(&aes_ctr_test_case_3);
+}
+
 
 /* ***** AES-CBC / HMAC-SHA256 Hash Tests ***** */
 
@@ -4281,6 +4522,19 @@ static struct unit_test_suite cryptodev_qat_testsuite  = {
 				test_AES_CBC_HMAC_SHA512_decrypt_digest_verify),
 
 		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_encrypt_digest_case_1),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_encrypt_digest_case_2),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_encrypt_digest_case_3),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_digest_verify_decrypt_case_1),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_digest_verify_decrypt_case_2),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_digest_verify_decrypt_case_3),
+
+		TEST_CASE_ST(ut_setup, ut_teardown,
 				test_AES_CBC_HMAC_AES_XCBC_encrypt_digest),
 		TEST_CASE_ST(ut_setup, ut_teardown,
 				test_AES_CBC_HMAC_AES_XCBC_decrypt_digest_verify),
diff --git a/app/test/test_cryptodev_aes_ctr_test_vectors.h b/app/test/test_cryptodev_aes_ctr_test_vectors.h
new file mode 100644
index 0000000..9ec5fbc
--- /dev/null
+++ b/app/test/test_cryptodev_aes_ctr_test_vectors.h
@@ -0,0 +1,257 @@
+/*-
+ *   BSD LICENSE
+ *
+ *   Copyright(c) 2016 Intel Corporation. All rights reserved.
+ *
+ *   Redistribution and use in source and binary forms, with or without
+ *   modification, are permitted provided that the following conditions
+ *   are met:
+ *
+ *	 * Redistributions of source code must retain the above copyright
+ *	   notice, this list of conditions and the following disclaimer.
+ *	 * Redistributions in binary form must reproduce the above copyright
+ *	   notice, this list of conditions and the following disclaimer in
+ *	   the documentation and/or other materials provided with the
+ *	   distribution.
+ *	 * Neither the name of Intel Corporation nor the names of its
+ *	   contributors may be used to endorse or promote products derived
+ *	   from this software without specific prior written permission.
+ *
+ *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef TEST_CRYPTODEV_AES_CTR_TEST_VECTORS_H_
+#define TEST_CRYPTODEV_AES_CTR_TEST_VECTORS_H_
+
+struct aes_ctr_test_data {
+
+	struct {
+		uint8_t data[64];
+		unsigned len;
+	} key;
+
+	struct {
+		uint8_t data[64] __rte_aligned(16);
+		unsigned len;
+	} iv;
+
+	struct {
+		uint8_t data[1024];
+		unsigned len;
+	} plaintext;
+
+	struct {
+		uint8_t data[1024];
+		unsigned len;
+	} ciphertext;
+
+	struct {
+		enum rte_crypto_auth_algorithm algo;
+		uint8_t data[64];
+		unsigned len;
+	} auth_key;
+
+	struct {
+		uint8_t data[1024];
+		unsigned len;
+	} digest;
+};
+
+/* CTR-AES128-Encrypt-SHA1 test vector */
+
+static const struct aes_ctr_test_data aes_ctr_test_case_1 = {
+	.key = {
+		.data = {
+			0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
+			0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C
+		},
+		.len = 16
+	},
+	.iv = {
+		.data = {
+			0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7,
+			0xF8, 0xF9, 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = {
+			0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+			0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
+			0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
+			0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51,
+			0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
+			0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF,
+			0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17,
+			0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10
+		},
+		.len = 64
+	},
+	.ciphertext = {
+		.data = {
+			0x87, 0x4D, 0x61, 0x91, 0xB6, 0x20, 0xE3, 0x26,
+			0x1B, 0xEF, 0x68, 0x64, 0x99, 0x0D, 0xB6, 0xCE,
+			0x98, 0x06, 0xF6, 0x6B, 0x79, 0x70, 0xFD, 0xFF,
+			0x86, 0x17, 0x18, 0x7B, 0xB9, 0xFF, 0xFD, 0xFF,
+			0x5A, 0xE4, 0xDF, 0x3E, 0xDB, 0xD5, 0xD3, 0x5E,
+			0x5B, 0x4F, 0x09, 0x02, 0x0D, 0xB0, 0x3E, 0xAB,
+			0x1E, 0x03, 0x1D, 0xDA, 0x2F, 0xBE, 0x03, 0xD1,
+			0x79, 0x21, 0x70, 0xA0, 0xF3, 0x00, 0x9C, 0xEE
+		},
+		.len = 64
+	},
+	.auth_key = {
+		.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+		.data = {
+			0xF8, 0x2A, 0xC7, 0x54, 0xDB, 0x96, 0x18, 0xAA,
+			0xC3, 0xA1, 0x53, 0xF6, 0x1F, 0x17, 0x60, 0xBD,
+			0xDE, 0xF4, 0xDE, 0xAD
+		},
+		.len = 20
+	},
+	.digest = {
+		.data = {
+			0x9B, 0x6F, 0x0C, 0x43, 0xF5, 0xC1, 0x3E, 0xB0,
+			0xB1, 0x70, 0xB8, 0x2B, 0x33, 0x09, 0xD2, 0xB2,
+			0x56, 0x20, 0xFB, 0xFE
+		},
+		/* Limitation of Multi-buffer library */
+		.len = TRUNCATED_DIGEST_BYTE_LENGTH_SHA1
+	}
+};
+
+/** AES-192-XCBC Encrypt test vector */
+
+static const struct aes_ctr_test_data aes_ctr_test_case_2 = {
+	.key = {
+		.data = {
+			0xCB, 0xC5, 0xED, 0x5B, 0xE7, 0x7C, 0xBD, 0x8C,
+			0x50, 0xD9, 0x30, 0xF2, 0xB5, 0x6A, 0x0E, 0x5F,
+			0xAA, 0xAE, 0xAD, 0xA2, 0x1F, 0x49, 0x52, 0xD4
+		},
+		.len = 24
+	},
+	.iv = {
+		.data = {
+			0x3F, 0x69, 0xA8, 0xCD, 0xE8, 0xF0, 0xEF, 0x40,
+			0xB8, 0x7A, 0x4B, 0xED, 0x2B, 0xAF, 0xBF, 0x57
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = {
+			0x01, 0x0F, 0x10, 0x1F, 0x20, 0x1C, 0x0E, 0xB8,
+			0xFB, 0x5C, 0xCD, 0xCC, 0x1F, 0xF9, 0xAF, 0x0B,
+			0x95, 0x03, 0x74, 0x99, 0x49, 0xE7, 0x62, 0x55,
+			0xDA, 0xEA, 0x13, 0x20, 0x1D, 0xC6, 0xCC, 0xCC,
+			0xD1, 0x70, 0x75, 0x47, 0x02, 0x2F, 0xFB, 0x86,
+			0xBB, 0x6B, 0x23, 0xD2, 0xC9, 0x74, 0xD7, 0x7B,
+			0x08, 0x03, 0x3B, 0x79, 0x39, 0xBB, 0x91, 0x29,
+			0xDA, 0x14, 0x39, 0x8D, 0xFF, 0x81, 0x50, 0x96,
+		},
+		.len = 64
+	},
+	.ciphertext = {
+		.data = {
+			0x4A, 0x6C, 0xC8, 0xCC, 0x96, 0x2A, 0x13, 0x84,
+			0x1C, 0x36, 0x88, 0xE9, 0xE5, 0x94, 0x70, 0xB2,
+			0x14, 0x5B, 0x13, 0x80, 0xEA, 0xD8, 0x8D, 0x37,
+			0xFD, 0x70, 0xA8, 0x83, 0xE8, 0x2B, 0x88, 0x1E,
+			0xBA, 0x94, 0x3F, 0xF6, 0xB3, 0x1F, 0xDE, 0x34,
+			0xF3, 0x5B, 0x80, 0xE9, 0xAB, 0xF5, 0x1C, 0x29,
+			0xB6, 0xD9, 0x76, 0x2B, 0x06, 0xC6, 0x74, 0xF1,
+			0x59, 0x5E, 0x9E, 0xA5, 0x7B, 0x2D, 0xD7, 0xF0
+		},
+		.len = 64
+	},
+	.auth_key = {
+		.algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,
+		.data = {
+			0x87, 0x61, 0x54, 0x53, 0xC4, 0x6D, 0xDD, 0x51,
+			0xE1, 0x9F, 0x86, 0x64, 0x39, 0x0A, 0xE6, 0x59
+		},
+		.len = 16
+	},
+	.digest = {
+		.data = {
+			0xCA, 0x33, 0xB3, 0x3B, 0x16, 0x94, 0xAA, 0x55,
+			0x36, 0x6B, 0x45, 0x46
+		},
+		.len = TRUNCATED_DIGEST_BYTE_LENGTH_SHA1
+	}
+};
+
+/* CTR-AES256-Encrypt-SHA1 test vector */
+
+static const struct aes_ctr_test_data aes_ctr_test_case_3 = {
+	.key = {
+		.data = {
+			0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
+			0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
+			0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
+			0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4
+		},
+		.len = 32
+	},
+	.iv = {
+		.data = {
+			0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7,
+			0xF8, 0xF9, 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = {
+			0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+			0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
+			0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
+			0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51,
+			0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
+			0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF,
+			0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17,
+			0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10
+		},
+		.len = 64
+	},
+	.ciphertext = {
+		.data = {
+			0x60, 0x1E, 0xC3, 0x13, 0x77, 0x57, 0x89, 0xA5,
+			0xB7, 0xA7, 0xF5, 0x04, 0xBB, 0xF3, 0xD2, 0x28,
+			0xF4, 0x43, 0xE3, 0xCA, 0x4D, 0x62, 0xB5, 0x9A,
+			0xCA, 0x84, 0xE9, 0x90, 0xCA, 0xCA, 0xF5, 0xC5,
+			0x2B, 0x09, 0x30, 0xDA, 0xA2, 0x3D, 0xE9, 0x4C,
+			0xE8, 0x70, 0x17, 0xBA, 0x2D, 0x84, 0x98, 0x8D,
+			0xDF, 0xC9, 0xC5, 0x8D, 0xB6, 0x7A, 0xAD, 0xA6,
+			0x13, 0xC2, 0xDD, 0x08, 0x45, 0x79, 0x41, 0xA6
+		},
+		.len = 64
+	},
+	.auth_key = {
+		.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+		.data = {
+			0xF8, 0x2A, 0xC7, 0x54, 0xDB, 0x96, 0x18, 0xAA,
+			0xC3, 0xA1, 0x53, 0xF6, 0x1F, 0x17, 0x60, 0xBD,
+			0xDE, 0xF4, 0xDE, 0xAD
+		},
+		.len = 20
+	},
+	.digest = {
+		.data = {
+			0x3B, 0x1A, 0x9D, 0x82, 0x35, 0xD5, 0xDD, 0x64,
+			0xCC, 0x1B, 0xA9, 0xC0, 0xEB, 0xE9, 0x42, 0x16,
+			0xE7, 0x87, 0xA3, 0xEF
+		},
+		.len = TRUNCATED_DIGEST_BYTE_LENGTH_SHA1
+	}
+};
+#endif /* TEST_CRYPTODEV_AES_CTR_TEST_VECTORS_H_ */
-- 
2.1.0

[dpdk-dev] [PATCH 2/2] app/test: add test cases for AES CTR

[Arek Kusztal]

Added tests cases for AES working in counter mode

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
---
 app/test/test_cryptodev.c                      | 254 ++++++++++++++++++++++++
 app/test/test_cryptodev_aes_ctr_test_vectors.h | 257 +++++++++++++++++++++++++
 2 files changed, 511 insertions(+)
 create mode 100644 app/test/test_cryptodev_aes_ctr_test_vectors.h

diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 8e8da98..03d6f02 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -42,6 +42,8 @@
 
 #include "test.h"
 #include "test_cryptodev.h"
+
+#include "test_cryptodev_aes_ctr_test_vectors.h"
 #include "test_cryptodev_snow3g_test_vectors.h"
 #include "test_cryptodev_snow3g_hash_test_vectors.h"
 #include "test_cryptodev_gcm_test_vectors.h"
@@ -1358,6 +1360,245 @@ test_AES_CBC_HMAC_SHA1_decrypt_digest_verify(void)
 	return TEST_SUCCESS;
 }
 
+    /* **** AES counter mode tests **** */
+
+static int
+test_AES_CTR_encrypt_digest(const struct aes_ctr_test_data *tdata)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+	struct rte_crypto_sym_op *sym_op;
+
+	uint8_t hash_key[tdata->auth_key.len];
+	uint8_t cipher_key[tdata->key.len];
+
+	ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
+			(const char *)tdata->plaintext.data,
+			tdata->plaintext.len, 0);
+
+	/* Setup Cipher Parameters */
+	ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+	ut_params->cipher_xform.next = &ut_params->auth_xform;
+
+	ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CTR;
+	ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT;
+
+	rte_memcpy(cipher_key, tdata->key.data, tdata->key.len);
+	ut_params->cipher_xform.cipher.key.data = cipher_key;
+	ut_params->cipher_xform.cipher.key.length =
+			tdata->key.len;
+
+	/* Setup HMAC Parameters */
+	ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+	ut_params->auth_xform.next = NULL;
+
+	ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_GENERATE;
+	ut_params->auth_xform.auth.algo = tdata->auth_key.algo;
+	ut_params->auth_xform.auth.key.length =
+			tdata->auth_key.len;
+	rte_memcpy(hash_key, tdata->auth_key.data, tdata->auth_key.len);
+	ut_params->auth_xform.auth.key.data = hash_key;
+	ut_params->auth_xform.auth.digest_length = tdata->digest.len;
+
+	/* Create Crypto session*/
+	ut_params->sess = rte_cryptodev_sym_session_create(
+			ts_params->valid_devs[0],
+			&ut_params->cipher_xform);
+	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
+
+	/* Generate Crypto op data structure */
+	ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,
+			RTE_CRYPTO_OP_TYPE_SYMMETRIC);
+	TEST_ASSERT_NOT_NULL(ut_params->op,
+			"Failed to allocate symmetric crypto operation struct");
+
+	rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess);
+
+	sym_op = ut_params->op->sym;
+
+	/* set crypto operation source mbuf */
+	sym_op->m_src = ut_params->ibuf;
+
+	/* Set operation cipher parameters */
+	sym_op->cipher.iv.data = (uint8_t *)rte_pktmbuf_prepend(
+			sym_op->m_src, tdata->iv.len);
+	sym_op->cipher.iv.phys_addr = rte_pktmbuf_mtophys(sym_op->m_src);
+	sym_op->cipher.iv.length = tdata->iv.len;
+
+	rte_memcpy(sym_op->cipher.iv.data, tdata->iv.data,
+			tdata->iv.len);
+
+	sym_op->cipher.data.offset = tdata->iv.len;
+	sym_op->cipher.data.length = tdata->plaintext.len;
+
+	/* Set operation authentication parameters */
+	sym_op->auth.digest.data = (uint8_t *)rte_pktmbuf_append(
+			sym_op->m_src, tdata->digest.len);
+	sym_op->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(
+			sym_op->m_src,
+			tdata->iv.len + tdata->ciphertext.len);
+	sym_op->auth.digest.length = tdata->digest.len;
+
+	memset(sym_op->auth.digest.data, 0, tdata->digest.len);
+
+	sym_op->auth.data.offset = tdata->iv.len;
+	sym_op->auth.data.length = tdata->plaintext.len;
+
+	/* Process crypto operation */
+	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+			ut_params->op);
+
+	TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS,
+			"crypto op processing failed");
+
+	uint8_t *ciphertext = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_src,
+			uint8_t *, tdata->iv.len);
+
+	TEST_ASSERT_BUFFERS_ARE_EQUAL(ciphertext,
+			tdata->ciphertext.data,
+			tdata->ciphertext.len,
+			"ciphertext data not as expected");
+
+	uint8_t *digest = ciphertext + tdata->ciphertext.len;
+
+	TEST_ASSERT_BUFFERS_ARE_EQUAL(digest,
+			tdata->digest.data, tdata->digest.len,
+			"Generated digest data not as expected");
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_AES_CTR_encrypt_digest_case_1(void)
+{
+	return test_AES_CTR_encrypt_digest(&aes_ctr_test_case_1);
+}
+static int
+test_AES_CTR_encrypt_digest_case_2(void)
+{
+	return test_AES_CTR_encrypt_digest(&aes_ctr_test_case_2);
+}
+static int
+test_AES_CTR_encrypt_digest_case_3(void)
+{
+	return test_AES_CTR_encrypt_digest(&aes_ctr_test_case_3);
+}
+
+static int
+test_AES_CTR_digest_verify_decrypt(const struct aes_ctr_test_data *tdata)
+{
+	struct crypto_testsuite_params *ts_params = &testsuite_params;
+	struct crypto_unittest_params *ut_params = &unittest_params;
+	struct rte_crypto_sym_op *sym_op;
+
+	uint8_t hash_key[tdata->auth_key.len];
+	uint8_t cipher_key[tdata->key.len];
+
+	ut_params->ibuf = setup_test_string(ts_params->mbuf_pool,
+			(const char *)tdata->ciphertext.data,
+			tdata->ciphertext.len, 0);
+
+	ut_params->digest = (uint8_t *)rte_pktmbuf_append(ut_params->ibuf,
+			tdata->digest.len);
+
+	TEST_ASSERT_NOT_NULL(ut_params->digest,	"no room to append digest");
+
+	rte_memcpy(ut_params->digest,
+			tdata->digest.data,
+			tdata->digest.len);
+
+	ut_params->auth_xform.type = RTE_CRYPTO_SYM_XFORM_AUTH;
+	ut_params->auth_xform.next = &ut_params->cipher_xform;
+
+	ut_params->auth_xform.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;
+	ut_params->auth_xform.auth.algo = tdata->auth_key.algo;
+	ut_params->auth_xform.auth.key.length = tdata->auth_key.len;
+	rte_memcpy(hash_key, tdata->auth_key.data, tdata->auth_key.len);
+	ut_params->auth_xform.auth.key.data =
+			hash_key;
+	ut_params->auth_xform.auth.digest_length = tdata->digest.len;
+
+	ut_params->cipher_xform.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
+	ut_params->cipher_xform.next = NULL;
+
+	ut_params->cipher_xform.cipher.algo = RTE_CRYPTO_CIPHER_AES_CTR;
+	ut_params->cipher_xform.cipher.op = RTE_CRYPTO_CIPHER_OP_DECRYPT;
+
+	rte_memcpy(cipher_key, tdata->key.data, tdata->key.len);
+	ut_params->cipher_xform.cipher.key.data =
+			cipher_key;
+	ut_params->cipher_xform.cipher.key.length = tdata->key.len;
+
+	ut_params->sess = rte_cryptodev_sym_session_create(
+			ts_params->valid_devs[0],
+			&ut_params->auth_xform);
+	TEST_ASSERT_NOT_NULL(ut_params->sess, "Session creation failed");
+
+	ut_params->op = rte_crypto_op_alloc(ts_params->op_mpool,
+			RTE_CRYPTO_OP_TYPE_SYMMETRIC);
+	TEST_ASSERT_NOT_NULL(ut_params->op,
+			"Failed to allocate symmetric crypto operation struct");
+
+	rte_crypto_op_attach_sym_session(ut_params->op, ut_params->sess);
+
+	sym_op = ut_params->op->sym;
+
+	sym_op->m_src = ut_params->ibuf;
+
+	sym_op->cipher.iv.data = (uint8_t *)rte_pktmbuf_prepend(
+			sym_op->m_src, tdata->iv.len);
+	sym_op->cipher.iv.phys_addr = rte_pktmbuf_mtophys(sym_op->m_src);
+	sym_op->cipher.iv.length = tdata->iv.len;
+
+	rte_memcpy(sym_op->cipher.iv.data, tdata->iv.data,
+			tdata->iv.len);
+
+	sym_op->cipher.data.offset = tdata->iv.len;
+	sym_op->cipher.data.length = tdata->ciphertext.len;
+
+	sym_op->auth.digest.data = ut_params->digest;
+	sym_op->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(
+			sym_op->m_src,
+			tdata->iv.len + tdata->ciphertext.len);
+	sym_op->auth.digest.length = tdata->digest.len;
+
+	sym_op->auth.data.offset = tdata->iv.len;
+	sym_op->auth.data.length = tdata->ciphertext.len;
+
+	ut_params->op = process_crypto_request(ts_params->valid_devs[0],
+			ut_params->op);
+
+	TEST_ASSERT_EQUAL(ut_params->op->status, RTE_CRYPTO_OP_STATUS_SUCCESS,
+			"crypto op processing failed");
+
+	uint8_t *plaintext = rte_pktmbuf_mtod_offset(ut_params->op->sym->m_src,
+			uint8_t *, tdata->iv.len);
+
+	TEST_ASSERT_BUFFERS_ARE_EQUAL(plaintext,
+			tdata->plaintext.data,
+			tdata->plaintext.len,
+			"plaintext data not as expected");
+
+
+	return TEST_SUCCESS;
+}
+
+static int
+test_AES_CTR_digest_verify_decrypt_case_1(void)
+{
+	return test_AES_CTR_digest_verify_decrypt(&aes_ctr_test_case_1);
+}
+static int
+test_AES_CTR_digest_verify_decrypt_case_2(void)
+{
+	return test_AES_CTR_digest_verify_decrypt(&aes_ctr_test_case_2);
+}
+static int
+test_AES_CTR_digest_verify_decrypt_case_3(void)
+{
+	return test_AES_CTR_digest_verify_decrypt(&aes_ctr_test_case_3);
+}
+
 
 /* ***** AES-CBC / HMAC-SHA256 Hash Tests ***** */
 
@@ -4281,6 +4522,19 @@ static struct unit_test_suite cryptodev_qat_testsuite  = {
 				test_AES_CBC_HMAC_SHA512_decrypt_digest_verify),
 
 		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_encrypt_digest_case_1),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_encrypt_digest_case_2),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_encrypt_digest_case_3),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_digest_verify_decrypt_case_1),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_digest_verify_decrypt_case_2),
+		TEST_CASE_ST(ut_setup, ut_teardown,
+				test_AES_CTR_digest_verify_decrypt_case_3),
+
+		TEST_CASE_ST(ut_setup, ut_teardown,
 				test_AES_CBC_HMAC_AES_XCBC_encrypt_digest),
 		TEST_CASE_ST(ut_setup, ut_teardown,
 				test_AES_CBC_HMAC_AES_XCBC_decrypt_digest_verify),
diff --git a/app/test/test_cryptodev_aes_ctr_test_vectors.h b/app/test/test_cryptodev_aes_ctr_test_vectors.h
new file mode 100644
index 0000000..9ec5fbc
--- /dev/null
+++ b/app/test/test_cryptodev_aes_ctr_test_vectors.h
@@ -0,0 +1,257 @@
+/*-
+ *   BSD LICENSE
+ *
+ *   Copyright(c) 2016 Intel Corporation. All rights reserved.
+ *
+ *   Redistribution and use in source and binary forms, with or without
+ *   modification, are permitted provided that the following conditions
+ *   are met:
+ *
+ *	 * Redistributions of source code must retain the above copyright
+ *	   notice, this list of conditions and the following disclaimer.
+ *	 * Redistributions in binary form must reproduce the above copyright
+ *	   notice, this list of conditions and the following disclaimer in
+ *	   the documentation and/or other materials provided with the
+ *	   distribution.
+ *	 * Neither the name of Intel Corporation nor the names of its
+ *	   contributors may be used to endorse or promote products derived
+ *	   from this software without specific prior written permission.
+ *
+ *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ *   A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ *   OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ *   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ *   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ *   DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ *   THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ *   (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef TEST_CRYPTODEV_AES_CTR_TEST_VECTORS_H_
+#define TEST_CRYPTODEV_AES_CTR_TEST_VECTORS_H_
+
+struct aes_ctr_test_data {
+
+	struct {
+		uint8_t data[64];
+		unsigned len;
+	} key;
+
+	struct {
+		uint8_t data[64] __rte_aligned(16);
+		unsigned len;
+	} iv;
+
+	struct {
+		uint8_t data[1024];
+		unsigned len;
+	} plaintext;
+
+	struct {
+		uint8_t data[1024];
+		unsigned len;
+	} ciphertext;
+
+	struct {
+		enum rte_crypto_auth_algorithm algo;
+		uint8_t data[64];
+		unsigned len;
+	} auth_key;
+
+	struct {
+		uint8_t data[1024];
+		unsigned len;
+	} digest;
+};
+
+/* CTR-AES128-Encrypt-SHA1 test vector */
+
+static const struct aes_ctr_test_data aes_ctr_test_case_1 = {
+	.key = {
+		.data = {
+			0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
+			0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C
+		},
+		.len = 16
+	},
+	.iv = {
+		.data = {
+			0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7,
+			0xF8, 0xF9, 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = {
+			0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+			0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
+			0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
+			0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51,
+			0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
+			0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF,
+			0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17,
+			0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10
+		},
+		.len = 64
+	},
+	.ciphertext = {
+		.data = {
+			0x87, 0x4D, 0x61, 0x91, 0xB6, 0x20, 0xE3, 0x26,
+			0x1B, 0xEF, 0x68, 0x64, 0x99, 0x0D, 0xB6, 0xCE,
+			0x98, 0x06, 0xF6, 0x6B, 0x79, 0x70, 0xFD, 0xFF,
+			0x86, 0x17, 0x18, 0x7B, 0xB9, 0xFF, 0xFD, 0xFF,
+			0x5A, 0xE4, 0xDF, 0x3E, 0xDB, 0xD5, 0xD3, 0x5E,
+			0x5B, 0x4F, 0x09, 0x02, 0x0D, 0xB0, 0x3E, 0xAB,
+			0x1E, 0x03, 0x1D, 0xDA, 0x2F, 0xBE, 0x03, 0xD1,
+			0x79, 0x21, 0x70, 0xA0, 0xF3, 0x00, 0x9C, 0xEE
+		},
+		.len = 64
+	},
+	.auth_key = {
+		.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+		.data = {
+			0xF8, 0x2A, 0xC7, 0x54, 0xDB, 0x96, 0x18, 0xAA,
+			0xC3, 0xA1, 0x53, 0xF6, 0x1F, 0x17, 0x60, 0xBD,
+			0xDE, 0xF4, 0xDE, 0xAD
+		},
+		.len = 20
+	},
+	.digest = {
+		.data = {
+			0x9B, 0x6F, 0x0C, 0x43, 0xF5, 0xC1, 0x3E, 0xB0,
+			0xB1, 0x70, 0xB8, 0x2B, 0x33, 0x09, 0xD2, 0xB2,
+			0x56, 0x20, 0xFB, 0xFE
+		},
+		/* Limitation of Multi-buffer library */
+		.len = TRUNCATED_DIGEST_BYTE_LENGTH_SHA1
+	}
+};
+
+/** AES-192-XCBC Encrypt test vector */
+
+static const struct aes_ctr_test_data aes_ctr_test_case_2 = {
+	.key = {
+		.data = {
+			0xCB, 0xC5, 0xED, 0x5B, 0xE7, 0x7C, 0xBD, 0x8C,
+			0x50, 0xD9, 0x30, 0xF2, 0xB5, 0x6A, 0x0E, 0x5F,
+			0xAA, 0xAE, 0xAD, 0xA2, 0x1F, 0x49, 0x52, 0xD4
+		},
+		.len = 24
+	},
+	.iv = {
+		.data = {
+			0x3F, 0x69, 0xA8, 0xCD, 0xE8, 0xF0, 0xEF, 0x40,
+			0xB8, 0x7A, 0x4B, 0xED, 0x2B, 0xAF, 0xBF, 0x57
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = {
+			0x01, 0x0F, 0x10, 0x1F, 0x20, 0x1C, 0x0E, 0xB8,
+			0xFB, 0x5C, 0xCD, 0xCC, 0x1F, 0xF9, 0xAF, 0x0B,
+			0x95, 0x03, 0x74, 0x99, 0x49, 0xE7, 0x62, 0x55,
+			0xDA, 0xEA, 0x13, 0x20, 0x1D, 0xC6, 0xCC, 0xCC,
+			0xD1, 0x70, 0x75, 0x47, 0x02, 0x2F, 0xFB, 0x86,
+			0xBB, 0x6B, 0x23, 0xD2, 0xC9, 0x74, 0xD7, 0x7B,
+			0x08, 0x03, 0x3B, 0x79, 0x39, 0xBB, 0x91, 0x29,
+			0xDA, 0x14, 0x39, 0x8D, 0xFF, 0x81, 0x50, 0x96,
+		},
+		.len = 64
+	},
+	.ciphertext = {
+		.data = {
+			0x4A, 0x6C, 0xC8, 0xCC, 0x96, 0x2A, 0x13, 0x84,
+			0x1C, 0x36, 0x88, 0xE9, 0xE5, 0x94, 0x70, 0xB2,
+			0x14, 0x5B, 0x13, 0x80, 0xEA, 0xD8, 0x8D, 0x37,
+			0xFD, 0x70, 0xA8, 0x83, 0xE8, 0x2B, 0x88, 0x1E,
+			0xBA, 0x94, 0x3F, 0xF6, 0xB3, 0x1F, 0xDE, 0x34,
+			0xF3, 0x5B, 0x80, 0xE9, 0xAB, 0xF5, 0x1C, 0x29,
+			0xB6, 0xD9, 0x76, 0x2B, 0x06, 0xC6, 0x74, 0xF1,
+			0x59, 0x5E, 0x9E, 0xA5, 0x7B, 0x2D, 0xD7, 0xF0
+		},
+		.len = 64
+	},
+	.auth_key = {
+		.algo = RTE_CRYPTO_AUTH_AES_XCBC_MAC,
+		.data = {
+			0x87, 0x61, 0x54, 0x53, 0xC4, 0x6D, 0xDD, 0x51,
+			0xE1, 0x9F, 0x86, 0x64, 0x39, 0x0A, 0xE6, 0x59
+		},
+		.len = 16
+	},
+	.digest = {
+		.data = {
+			0xCA, 0x33, 0xB3, 0x3B, 0x16, 0x94, 0xAA, 0x55,
+			0x36, 0x6B, 0x45, 0x46
+		},
+		.len = TRUNCATED_DIGEST_BYTE_LENGTH_SHA1
+	}
+};
+
+/* CTR-AES256-Encrypt-SHA1 test vector */
+
+static const struct aes_ctr_test_data aes_ctr_test_case_3 = {
+	.key = {
+		.data = {
+			0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
+			0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
+			0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
+			0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4
+		},
+		.len = 32
+	},
+	.iv = {
+		.data = {
+			0xF0, 0xF1, 0xF2, 0xF3, 0xF4, 0xF5, 0xF6, 0xF7,
+			0xF8, 0xF9, 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF
+		},
+		.len = 16
+	},
+	.plaintext = {
+		.data = {
+			0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+			0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
+			0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
+			0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51,
+			0x30, 0xC8, 0x1C, 0x46, 0xA3, 0x5C, 0xE4, 0x11,
+			0xE5, 0xFB, 0xC1, 0x19, 0x1A, 0x0A, 0x52, 0xEF,
+			0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17,
+			0xAD, 0x2B, 0x41, 0x7B, 0xE6, 0x6C, 0x37, 0x10
+		},
+		.len = 64
+	},
+	.ciphertext = {
+		.data = {
+			0x60, 0x1E, 0xC3, 0x13, 0x77, 0x57, 0x89, 0xA5,
+			0xB7, 0xA7, 0xF5, 0x04, 0xBB, 0xF3, 0xD2, 0x28,
+			0xF4, 0x43, 0xE3, 0xCA, 0x4D, 0x62, 0xB5, 0x9A,
+			0xCA, 0x84, 0xE9, 0x90, 0xCA, 0xCA, 0xF5, 0xC5,
+			0x2B, 0x09, 0x30, 0xDA, 0xA2, 0x3D, 0xE9, 0x4C,
+			0xE8, 0x70, 0x17, 0xBA, 0x2D, 0x84, 0x98, 0x8D,
+			0xDF, 0xC9, 0xC5, 0x8D, 0xB6, 0x7A, 0xAD, 0xA6,
+			0x13, 0xC2, 0xDD, 0x08, 0x45, 0x79, 0x41, 0xA6
+		},
+		.len = 64
+	},
+	.auth_key = {
+		.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+		.data = {
+			0xF8, 0x2A, 0xC7, 0x54, 0xDB, 0x96, 0x18, 0xAA,
+			0xC3, 0xA1, 0x53, 0xF6, 0x1F, 0x17, 0x60, 0xBD,
+			0xDE, 0xF4, 0xDE, 0xAD
+		},
+		.len = 20
+	},
+	.digest = {
+		.data = {
+			0x3B, 0x1A, 0x9D, 0x82, 0x35, 0xD5, 0xDD, 0x64,
+			0xCC, 0x1B, 0xA9, 0xC0, 0xEB, 0xE9, 0x42, 0x16,
+			0xE7, 0x87, 0xA3, 0xEF
+		},
+		.len = TRUNCATED_DIGEST_BYTE_LENGTH_SHA1
+	}
+};
+#endif /* TEST_CRYPTODEV_AES_CTR_TEST_VECTORS_H_ */
-- 
2.1.0