DPDK patches and discussions
 help / color / mirror / Atom feed
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>,
	Declan Doherty <declan.doherty@intel.com>,
	Fan Zhang <roy.fan.zhang@intel.com>,
	"Pablo de Lara" <pablo.de.lara.guarch@intel.com>
Cc: Anoob Joseph <anoobj@marvell.com>,
	Jerin Jacob <jerinj@marvell.com>,
	Archana Muniganti <marchana@marvell.com>,
	Tejasree Kondoj <ktejasree@marvell.com>,
	Hemant Agrawal <hemant.agrawal@nxp.com>,
	"Radu Nicolau" <radu.nicolau@intel.com>,
	Ciara Power <ciara.power@intel.com>,
	Gagandeep Singh <g.singh@nxp.com>, <dev@dpdk.org>
Subject: [PATCH 03/13] test/crypto: add chained operations in combined cases
Date: Mon, 6 Dec 2021 13:28:38 +0530	[thread overview]
Message-ID: <1638777528-553-4-git-send-email-anoobj@marvell.com> (raw)
In-Reply-To: <1638777528-553-1-git-send-email-anoobj@marvell.com>

Extend lookaside IPsec combined mode cases to cover chained operations
also.

Currently covering combinations of,

Ciphers,
1. AES-128-CBC

Auth,
1. NULL
2. SHA2-256 [16B ICV]

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 app/test/test_cryptodev.c                | 11 +++--
 app/test/test_cryptodev_security_ipsec.c | 77 +++++++++++++++++++++++++-------
 app/test/test_cryptodev_security_ipsec.h | 36 +++++++++++++++
 3 files changed, 103 insertions(+), 21 deletions(-)

diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 3fa618d..2a7ede6 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -835,6 +835,8 @@ ipsec_proto_testsuite_setup(void)
 		ret = TEST_SKIPPED;
 	}
 
+	test_ipsec_alg_list_populate();
+
 	/*
 	 * Stop the device. Device would be started again by individual test
 	 * case setup routine.
@@ -9381,9 +9383,9 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags)
 	    flags->sa_expiry_pkts_hard)
 		nb_pkts = IPSEC_TEST_PACKETS_MAX;
 
-	for (i = 0; i < RTE_DIM(aead_list); i++) {
-		test_ipsec_td_prepare(&aead_list[i],
-				      NULL,
+	for (i = 0; i < RTE_DIM(alg_list); i++) {
+		test_ipsec_td_prepare(alg_list[i].param1,
+				      alg_list[i].param2,
 				      flags,
 				      td_outb,
 				      nb_pkts);
@@ -9407,7 +9409,8 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags)
 			return TEST_FAILED;
 
 		if (flags->display_alg)
-			test_ipsec_display_alg(&aead_list[i], NULL);
+			test_ipsec_display_alg(alg_list[i].param1,
+					       alg_list[i].param2);
 
 		pass_cnt++;
 	}
diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c
index 45960bf..5f67dc0 100644
--- a/app/test/test_cryptodev_security_ipsec.c
+++ b/app/test/test_cryptodev_security_ipsec.c
@@ -15,7 +15,29 @@
 
 #define IV_LEN_MAX 16
 
-extern struct ipsec_test_data pkt_aes_256_gcm;
+struct crypto_param_comb alg_list[RTE_DIM(aead_list) +
+				  (RTE_DIM(cipher_list) *
+				   RTE_DIM(auth_list))];
+
+void
+test_ipsec_alg_list_populate(void)
+{
+	unsigned long i, j, index = 0;
+
+	for (i = 0; i < RTE_DIM(aead_list); i++) {
+		alg_list[index].param1 = &aead_list[i];
+		alg_list[index].param2 = NULL;
+		index++;
+	}
+
+	for (i = 0; i < RTE_DIM(cipher_list); i++) {
+		for (j = 0; j < RTE_DIM(auth_list); j++) {
+			alg_list[index].param1 = &cipher_list[i];
+			alg_list[index].param2 = &auth_list[j];
+			index++;
+		}
+	}
+}
 
 int
 test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
@@ -293,18 +315,31 @@ test_ipsec_td_prepare(const struct crypto_param *param1,
 
 	for (i = 0; i < nb_td; i++) {
 		td = &td_array[i];
-		/* Copy template for packet & key fields */
-		memcpy(td, &pkt_aes_256_gcm, sizeof(*td));
 
-		/* Override fields based on param */
+		/* Prepare fields based on param */
+
+		if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+			/* Copy template for packet & key fields */
+			memcpy(td, &pkt_aes_256_gcm, sizeof(*td));
 
-		if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD)
 			td->aead = true;
-		else
+			td->xform.aead.aead.algo = param1->alg.aead;
+			td->xform.aead.aead.key.length = param1->key_length;
+		} else {
+			/* Copy template for packet & key fields */
+			memcpy(td, &pkt_aes_128_cbc_hmac_sha256, sizeof(*td));
+
 			td->aead = false;
+			td->xform.chain.cipher.cipher.algo = param1->alg.cipher;
+			td->xform.chain.cipher.cipher.key.length =
+					param1->key_length;
+			td->xform.chain.auth.auth.algo = param2->alg.auth;
+			td->xform.chain.auth.auth.key.length =
+					param2->key_length;
+			td->xform.chain.auth.auth.digest_length =
+					param2->digest_length;
 
-		td->xform.aead.aead.algo = param1->alg.aead;
-		td->xform.aead.aead.key.length = param1->key_length;
+		}
 
 		if (flags->iv_gen)
 			td->ipsec_xform.options.iv_gen_disable = 0;
@@ -324,8 +359,6 @@ test_ipsec_td_prepare(const struct crypto_param *param1,
 		}
 
 	}
-
-	RTE_SET_USED(param2);
 }
 
 void
@@ -374,12 +407,21 @@ void
 test_ipsec_display_alg(const struct crypto_param *param1,
 		       const struct crypto_param *param2)
 {
-	if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD)
-		printf("\t%s [%d]\n",
+	if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+		printf("\t%s [%d]",
 		       rte_crypto_aead_algorithm_strings[param1->alg.aead],
-		       param1->key_length);
-
-	RTE_SET_USED(param2);
+		       param1->key_length * 8);
+	} else {
+		printf("\t%s",
+		       rte_crypto_cipher_algorithm_strings[param1->alg.cipher]);
+		if (param1->alg.cipher != RTE_CRYPTO_CIPHER_NULL)
+			printf(" [%d]", param1->key_length * 8);
+		printf(" %s",
+		       rte_crypto_auth_algorithm_strings[param2->alg.auth]);
+		if (param2->alg.auth != RTE_CRYPTO_AUTH_NULL)
+			printf(" [%dB ICV]", param2->digest_length);
+	}
+	printf("\n");
 }
 
 static int
@@ -631,8 +673,9 @@ test_ipsec_res_d_prepare(struct rte_mbuf *m, const struct ipsec_test_data *td,
 	if (res_d->aead) {
 		res_d->xform.aead.aead.op = RTE_CRYPTO_AEAD_OP_DECRYPT;
 	} else {
-		printf("Only AEAD supported\n");
-		return TEST_SKIPPED;
+		res_d->xform.chain.cipher.cipher.op =
+				RTE_CRYPTO_CIPHER_OP_DECRYPT;
+		res_d->xform.chain.auth.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;
 	}
 
 	return TEST_SUCCESS;
diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h
index 70a264a..b1f0ff8 100644
--- a/app/test/test_cryptodev_security_ipsec.h
+++ b/app/test/test_cryptodev_security_ipsec.h
@@ -71,6 +71,7 @@ struct crypto_param {
 		enum rte_crypto_aead_algorithm aead;
 	} alg;
 	uint16_t key_length;
+	uint16_t digest_length;
 };
 
 static const struct crypto_param aead_list[] = {
@@ -91,6 +92,41 @@ static const struct crypto_param aead_list[] = {
 	},
 };
 
+static const struct crypto_param cipher_list[] = {
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+		.alg.cipher =  RTE_CRYPTO_CIPHER_AES_CBC,
+		.key_length = 16,
+	},
+};
+
+static const struct crypto_param auth_list[] = {
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_AUTH,
+		.alg.auth =  RTE_CRYPTO_AUTH_NULL,
+	},
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_AUTH,
+		.alg.auth =  RTE_CRYPTO_AUTH_SHA256_HMAC,
+		.key_length = 32,
+		.digest_length = 16,
+	},
+};
+
+struct crypto_param_comb {
+	const struct crypto_param *param1;
+	const struct crypto_param *param2;
+};
+
+extern struct ipsec_test_data pkt_aes_256_gcm;
+extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256;
+
+extern struct crypto_param_comb alg_list[RTE_DIM(aead_list) +
+					 (RTE_DIM(cipher_list) *
+					  RTE_DIM(auth_list))];
+
+void test_ipsec_alg_list_populate(void);
+
 int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
 			       const struct rte_security_capability *sec_cap,
 			       bool silent);
-- 
2.7.4


  parent reply	other threads:[~2021-12-06  7:59 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-12-06  7:58 [PATCH 00/13] Add new cases to lookaside IPsec tests Anoob Joseph
2021-12-06  7:58 ` [PATCH 01/13] test/crypto: add IPsec aes-cbc known vectors Anoob Joseph
2021-12-06  7:58 ` [PATCH 02/13] test/crypto: add IPsec AES-CBC-HMAC-SHA256 " Anoob Joseph
2021-12-06  7:58 ` Anoob Joseph [this message]
2021-12-06  7:58 ` [PATCH 04/13] test/crypto: add IPv6 tunnel mode cases Anoob Joseph
2021-12-06  7:58 ` [PATCH 05/13] test/crypto: add IPsec HMAC-SHA384/512 known vectors Anoob Joseph
2021-12-06  7:58 ` [PATCH 06/13] test/crypto: add IPsec fragmented packet " Anoob Joseph
2021-12-06  7:58 ` [PATCH 07/13] test/crypto: add transport mode cases Anoob Joseph
2021-12-06  7:58 ` [PATCH 08/13] test/crypto: add security stats cases Anoob Joseph
2021-12-06  7:58 ` [PATCH 09/13] test/crypto: add lookaside IPsec AES-CTR known vectors Anoob Joseph
2021-12-06  7:58 ` [PATCH 10/13] test/crypto: add fragmented packet case Anoob Joseph
2021-12-06  7:58 ` [PATCH 11/13] test/crypto: skip null auth in ICV corrupt case Anoob Joseph
2021-12-06  7:58 ` [PATCH 12/13] test/crypto: add aes xcbc known vectors Anoob Joseph
2021-12-06  7:58 ` [PATCH 13/13] test/crypto: add copy and set DF cases Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 00/13] Add new cases to lookaside IPsec tests Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 01/13] test/crypto: add IPsec aes-cbc known vectors Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 02/13] test/crypto: add IPsec AES-CBC-HMAC-SHA256 " Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 03/13] test/crypto: add chained operations in combined cases Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 04/13] test/crypto: add IPv6 tunnel mode cases Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 05/13] test/crypto: add IPsec HMAC-SHA384/512 known vectors Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 06/13] test/crypto: add IPsec fragmented packet " Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 07/13] test/crypto: add transport mode cases Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 08/13] test/crypto: add security stats cases Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 09/13] test/crypto: add lookaside IPsec AES-CTR known vectors Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 10/13] test/crypto: add fragmented packet case Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 11/13] test/crypto: skip null auth in ICV corrupt case Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 12/13] test/crypto: add aes xcbc known vectors Anoob Joseph
2021-12-06 11:08   ` [PATCH v2 13/13] test/crypto: add copy and set DF cases Anoob Joseph
2022-01-21 11:02   ` [PATCH v2 00/13] Add new cases to lookaside IPsec tests Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1638777528-553-4-git-send-email-anoobj@marvell.com \
    --to=anoobj@marvell.com \
    --cc=ciara.power@intel.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=g.singh@nxp.com \
    --cc=gakhil@marvell.com \
    --cc=hemant.agrawal@nxp.com \
    --cc=jerinj@marvell.com \
    --cc=ktejasree@marvell.com \
    --cc=marchana@marvell.com \
    --cc=pablo.de.lara.guarch@intel.com \
    --cc=radu.nicolau@intel.com \
    --cc=roy.fan.zhang@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).