From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>,
Declan Doherty <declan.doherty@intel.com>,
Fan Zhang <roy.fan.zhang@intel.com>,
"Pablo de Lara" <pablo.de.lara.guarch@intel.com>
Cc: Anoob Joseph <anoobj@marvell.com>,
Jerin Jacob <jerinj@marvell.com>,
Archana Muniganti <marchana@marvell.com>,
Tejasree Kondoj <ktejasree@marvell.com>,
Hemant Agrawal <hemant.agrawal@nxp.com>,
"Radu Nicolau" <radu.nicolau@intel.com>,
Ciara Power <ciara.power@intel.com>,
Gagandeep Singh <g.singh@nxp.com>, <dev@dpdk.org>
Subject: [PATCH v2 03/13] test/crypto: add chained operations in combined cases
Date: Mon, 6 Dec 2021 16:37:50 +0530 [thread overview]
Message-ID: <1638788880-650-4-git-send-email-anoobj@marvell.com> (raw)
In-Reply-To: <1638788880-650-1-git-send-email-anoobj@marvell.com>
Extend lookaside IPsec combined mode cases to cover chained operations
also.
Currently covering combinations of,
Ciphers,
1. AES-128-CBC
Auth,
1. NULL
2. SHA2-256 [16B ICV]
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
app/test/test_cryptodev.c | 11 +++--
app/test/test_cryptodev_security_ipsec.c | 77 +++++++++++++++++++++++++-------
app/test/test_cryptodev_security_ipsec.h | 36 +++++++++++++++
doc/guides/rel_notes/release_22_03.rst | 1 +
4 files changed, 104 insertions(+), 21 deletions(-)
diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index c91b745..a307aec 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -835,6 +835,8 @@ ipsec_proto_testsuite_setup(void)
ret = TEST_SKIPPED;
}
+ test_ipsec_alg_list_populate();
+
/*
* Stop the device. Device would be started again by individual test
* case setup routine.
@@ -9381,9 +9383,9 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags)
flags->sa_expiry_pkts_hard)
nb_pkts = IPSEC_TEST_PACKETS_MAX;
- for (i = 0; i < RTE_DIM(aead_list); i++) {
- test_ipsec_td_prepare(&aead_list[i],
- NULL,
+ for (i = 0; i < RTE_DIM(alg_list); i++) {
+ test_ipsec_td_prepare(alg_list[i].param1,
+ alg_list[i].param2,
flags,
td_outb,
nb_pkts);
@@ -9407,7 +9409,8 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags)
return TEST_FAILED;
if (flags->display_alg)
- test_ipsec_display_alg(&aead_list[i], NULL);
+ test_ipsec_display_alg(alg_list[i].param1,
+ alg_list[i].param2);
pass_cnt++;
}
diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c
index 45960bf..5f67dc0 100644
--- a/app/test/test_cryptodev_security_ipsec.c
+++ b/app/test/test_cryptodev_security_ipsec.c
@@ -15,7 +15,29 @@
#define IV_LEN_MAX 16
-extern struct ipsec_test_data pkt_aes_256_gcm;
+struct crypto_param_comb alg_list[RTE_DIM(aead_list) +
+ (RTE_DIM(cipher_list) *
+ RTE_DIM(auth_list))];
+
+void
+test_ipsec_alg_list_populate(void)
+{
+ unsigned long i, j, index = 0;
+
+ for (i = 0; i < RTE_DIM(aead_list); i++) {
+ alg_list[index].param1 = &aead_list[i];
+ alg_list[index].param2 = NULL;
+ index++;
+ }
+
+ for (i = 0; i < RTE_DIM(cipher_list); i++) {
+ for (j = 0; j < RTE_DIM(auth_list); j++) {
+ alg_list[index].param1 = &cipher_list[i];
+ alg_list[index].param2 = &auth_list[j];
+ index++;
+ }
+ }
+}
int
test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
@@ -293,18 +315,31 @@ test_ipsec_td_prepare(const struct crypto_param *param1,
for (i = 0; i < nb_td; i++) {
td = &td_array[i];
- /* Copy template for packet & key fields */
- memcpy(td, &pkt_aes_256_gcm, sizeof(*td));
- /* Override fields based on param */
+ /* Prepare fields based on param */
+
+ if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+ /* Copy template for packet & key fields */
+ memcpy(td, &pkt_aes_256_gcm, sizeof(*td));
- if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD)
td->aead = true;
- else
+ td->xform.aead.aead.algo = param1->alg.aead;
+ td->xform.aead.aead.key.length = param1->key_length;
+ } else {
+ /* Copy template for packet & key fields */
+ memcpy(td, &pkt_aes_128_cbc_hmac_sha256, sizeof(*td));
+
td->aead = false;
+ td->xform.chain.cipher.cipher.algo = param1->alg.cipher;
+ td->xform.chain.cipher.cipher.key.length =
+ param1->key_length;
+ td->xform.chain.auth.auth.algo = param2->alg.auth;
+ td->xform.chain.auth.auth.key.length =
+ param2->key_length;
+ td->xform.chain.auth.auth.digest_length =
+ param2->digest_length;
- td->xform.aead.aead.algo = param1->alg.aead;
- td->xform.aead.aead.key.length = param1->key_length;
+ }
if (flags->iv_gen)
td->ipsec_xform.options.iv_gen_disable = 0;
@@ -324,8 +359,6 @@ test_ipsec_td_prepare(const struct crypto_param *param1,
}
}
-
- RTE_SET_USED(param2);
}
void
@@ -374,12 +407,21 @@ void
test_ipsec_display_alg(const struct crypto_param *param1,
const struct crypto_param *param2)
{
- if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD)
- printf("\t%s [%d]\n",
+ if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+ printf("\t%s [%d]",
rte_crypto_aead_algorithm_strings[param1->alg.aead],
- param1->key_length);
-
- RTE_SET_USED(param2);
+ param1->key_length * 8);
+ } else {
+ printf("\t%s",
+ rte_crypto_cipher_algorithm_strings[param1->alg.cipher]);
+ if (param1->alg.cipher != RTE_CRYPTO_CIPHER_NULL)
+ printf(" [%d]", param1->key_length * 8);
+ printf(" %s",
+ rte_crypto_auth_algorithm_strings[param2->alg.auth]);
+ if (param2->alg.auth != RTE_CRYPTO_AUTH_NULL)
+ printf(" [%dB ICV]", param2->digest_length);
+ }
+ printf("\n");
}
static int
@@ -631,8 +673,9 @@ test_ipsec_res_d_prepare(struct rte_mbuf *m, const struct ipsec_test_data *td,
if (res_d->aead) {
res_d->xform.aead.aead.op = RTE_CRYPTO_AEAD_OP_DECRYPT;
} else {
- printf("Only AEAD supported\n");
- return TEST_SKIPPED;
+ res_d->xform.chain.cipher.cipher.op =
+ RTE_CRYPTO_CIPHER_OP_DECRYPT;
+ res_d->xform.chain.auth.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;
}
return TEST_SUCCESS;
diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h
index 70a264a..b1f0ff8 100644
--- a/app/test/test_cryptodev_security_ipsec.h
+++ b/app/test/test_cryptodev_security_ipsec.h
@@ -71,6 +71,7 @@ struct crypto_param {
enum rte_crypto_aead_algorithm aead;
} alg;
uint16_t key_length;
+ uint16_t digest_length;
};
static const struct crypto_param aead_list[] = {
@@ -91,6 +92,41 @@ static const struct crypto_param aead_list[] = {
},
};
+static const struct crypto_param cipher_list[] = {
+ {
+ .type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+ .alg.cipher = RTE_CRYPTO_CIPHER_AES_CBC,
+ .key_length = 16,
+ },
+};
+
+static const struct crypto_param auth_list[] = {
+ {
+ .type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ .alg.auth = RTE_CRYPTO_AUTH_NULL,
+ },
+ {
+ .type = RTE_CRYPTO_SYM_XFORM_AUTH,
+ .alg.auth = RTE_CRYPTO_AUTH_SHA256_HMAC,
+ .key_length = 32,
+ .digest_length = 16,
+ },
+};
+
+struct crypto_param_comb {
+ const struct crypto_param *param1;
+ const struct crypto_param *param2;
+};
+
+extern struct ipsec_test_data pkt_aes_256_gcm;
+extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256;
+
+extern struct crypto_param_comb alg_list[RTE_DIM(aead_list) +
+ (RTE_DIM(cipher_list) *
+ RTE_DIM(auth_list))];
+
+void test_ipsec_alg_list_populate(void);
+
int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
const struct rte_security_capability *sec_cap,
bool silent);
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index 83536ed..62682d0 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -57,6 +57,7 @@ New Features
* **Updated lookaside protocol (IPsec) tests in dpdk-test.**
+ * Added support for chained operations.
* Added AES-CBC 128 NULL auth known vector tests.
* Added AES-CBC 128 HMAC-SHA256 known vector tests.
--
2.7.4
next prev parent reply other threads:[~2021-12-06 11:08 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-06 7:58 [PATCH 00/13] Add new cases to lookaside IPsec tests Anoob Joseph
2021-12-06 7:58 ` [PATCH 01/13] test/crypto: add IPsec aes-cbc known vectors Anoob Joseph
2021-12-06 7:58 ` [PATCH 02/13] test/crypto: add IPsec AES-CBC-HMAC-SHA256 " Anoob Joseph
2021-12-06 7:58 ` [PATCH 03/13] test/crypto: add chained operations in combined cases Anoob Joseph
2021-12-06 7:58 ` [PATCH 04/13] test/crypto: add IPv6 tunnel mode cases Anoob Joseph
2021-12-06 7:58 ` [PATCH 05/13] test/crypto: add IPsec HMAC-SHA384/512 known vectors Anoob Joseph
2021-12-06 7:58 ` [PATCH 06/13] test/crypto: add IPsec fragmented packet " Anoob Joseph
2021-12-06 7:58 ` [PATCH 07/13] test/crypto: add transport mode cases Anoob Joseph
2021-12-06 7:58 ` [PATCH 08/13] test/crypto: add security stats cases Anoob Joseph
2021-12-06 7:58 ` [PATCH 09/13] test/crypto: add lookaside IPsec AES-CTR known vectors Anoob Joseph
2021-12-06 7:58 ` [PATCH 10/13] test/crypto: add fragmented packet case Anoob Joseph
2021-12-06 7:58 ` [PATCH 11/13] test/crypto: skip null auth in ICV corrupt case Anoob Joseph
2021-12-06 7:58 ` [PATCH 12/13] test/crypto: add aes xcbc known vectors Anoob Joseph
2021-12-06 7:58 ` [PATCH 13/13] test/crypto: add copy and set DF cases Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 00/13] Add new cases to lookaside IPsec tests Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 01/13] test/crypto: add IPsec aes-cbc known vectors Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 02/13] test/crypto: add IPsec AES-CBC-HMAC-SHA256 " Anoob Joseph
2021-12-06 11:07 ` Anoob Joseph [this message]
2021-12-06 11:07 ` [PATCH v2 04/13] test/crypto: add IPv6 tunnel mode cases Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 05/13] test/crypto: add IPsec HMAC-SHA384/512 known vectors Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 06/13] test/crypto: add IPsec fragmented packet " Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 07/13] test/crypto: add transport mode cases Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 08/13] test/crypto: add security stats cases Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 09/13] test/crypto: add lookaside IPsec AES-CTR known vectors Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 10/13] test/crypto: add fragmented packet case Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 11/13] test/crypto: skip null auth in ICV corrupt case Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 12/13] test/crypto: add aes xcbc known vectors Anoob Joseph
2021-12-06 11:08 ` [PATCH v2 13/13] test/crypto: add copy and set DF cases Anoob Joseph
2022-01-21 11:02 ` [PATCH v2 00/13] Add new cases to lookaside IPsec tests Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1638788880-650-4-git-send-email-anoobj@marvell.com \
--to=anoobj@marvell.com \
--cc=ciara.power@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=g.singh@nxp.com \
--cc=gakhil@marvell.com \
--cc=hemant.agrawal@nxp.com \
--cc=jerinj@marvell.com \
--cc=ktejasree@marvell.com \
--cc=marchana@marvell.com \
--cc=pablo.de.lara.guarch@intel.com \
--cc=radu.nicolau@intel.com \
--cc=roy.fan.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).