From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 1742CA034F; Mon, 6 Dec 2021 12:08:33 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 7F05641181; Mon, 6 Dec 2021 12:08:31 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id B6C7C41181 for ; Mon, 6 Dec 2021 12:08:29 +0100 (CET) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 1B62KDbW002190; Mon, 6 Dec 2021 03:08:29 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=Tan+7KwBPYYS1+exiMnXdNpAdN0mHGq0fIgQ7P+ssI4=; b=WP7LhgAVib6bwMj/05cQja+V62Z38YZTyYsPXEqYJ11tXZIWr2DfQ4pDNu1qQnAa5gbQ 0rTCSo+3sTyjhYXHpnRNHLK2VarQ7ut+rd3BePMtfnP/l/K97MnAmgAIWfGA0CqWeTnP /C4TWptwBjvkYa3m7YkVT7UBPI9hxtrkYIQZ8XopeVskii9LldUMrOYeKn/Jgmhbmx48 OkYn8OsfzXPpyZvMAYHbplam7s0+o3SL/JKvKfWqReAHIc/+MdZW4pLymCr54KU5wrqu tWkyeYyZAcN9VL+hBYOUvMFR4oCLum9+3qzWqxOqBG7jc++E6VZ878CHESHJCHj/rY/P 1Q== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3cs9muhfu6-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 06 Dec 2021 03:08:29 -0800 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Mon, 6 Dec 2021 03:08:27 -0800 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend Transport; Mon, 6 Dec 2021 03:08:27 -0800 Received: from HY-LT1002.marvell.com (HY-LT1002.marvell.com [10.28.176.218]) by maili.marvell.com (Postfix) with ESMTP id 33DA03F705E; Mon, 6 Dec 2021 03:08:22 -0800 (PST) From: Anoob Joseph To: Akhil Goyal , Declan Doherty , Fan Zhang , "Pablo de Lara" CC: Anoob Joseph , Jerin Jacob , Archana Muniganti , Tejasree Kondoj , Hemant Agrawal , "Radu Nicolau" , Ciara Power , Gagandeep Singh , Subject: [PATCH v2 03/13] test/crypto: add chained operations in combined cases Date: Mon, 6 Dec 2021 16:37:50 +0530 Message-ID: <1638788880-650-4-git-send-email-anoobj@marvell.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1638788880-650-1-git-send-email-anoobj@marvell.com> References: <1638777528-553-1-git-send-email-anoobj@marvell.com> <1638788880-650-1-git-send-email-anoobj@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-GUID: _1wo5lrXqsdo7lzPn7vsbO-_KbnCvyre X-Proofpoint-ORIG-GUID: _1wo5lrXqsdo7lzPn7vsbO-_KbnCvyre X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2021-12-06_04,2021-12-06_01,2021-12-02_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Extend lookaside IPsec combined mode cases to cover chained operations also. Currently covering combinations of, Ciphers, 1. AES-128-CBC Auth, 1. NULL 2. SHA2-256 [16B ICV] Signed-off-by: Anoob Joseph --- app/test/test_cryptodev.c | 11 +++-- app/test/test_cryptodev_security_ipsec.c | 77 +++++++++++++++++++++++++------- app/test/test_cryptodev_security_ipsec.h | 36 +++++++++++++++ doc/guides/rel_notes/release_22_03.rst | 1 + 4 files changed, 104 insertions(+), 21 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index c91b745..a307aec 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -835,6 +835,8 @@ ipsec_proto_testsuite_setup(void) ret = TEST_SKIPPED; } + test_ipsec_alg_list_populate(); + /* * Stop the device. Device would be started again by individual test * case setup routine. @@ -9381,9 +9383,9 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags) flags->sa_expiry_pkts_hard) nb_pkts = IPSEC_TEST_PACKETS_MAX; - for (i = 0; i < RTE_DIM(aead_list); i++) { - test_ipsec_td_prepare(&aead_list[i], - NULL, + for (i = 0; i < RTE_DIM(alg_list); i++) { + test_ipsec_td_prepare(alg_list[i].param1, + alg_list[i].param2, flags, td_outb, nb_pkts); @@ -9407,7 +9409,8 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags) return TEST_FAILED; if (flags->display_alg) - test_ipsec_display_alg(&aead_list[i], NULL); + test_ipsec_display_alg(alg_list[i].param1, + alg_list[i].param2); pass_cnt++; } diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c index 45960bf..5f67dc0 100644 --- a/app/test/test_cryptodev_security_ipsec.c +++ b/app/test/test_cryptodev_security_ipsec.c @@ -15,7 +15,29 @@ #define IV_LEN_MAX 16 -extern struct ipsec_test_data pkt_aes_256_gcm; +struct crypto_param_comb alg_list[RTE_DIM(aead_list) + + (RTE_DIM(cipher_list) * + RTE_DIM(auth_list))]; + +void +test_ipsec_alg_list_populate(void) +{ + unsigned long i, j, index = 0; + + for (i = 0; i < RTE_DIM(aead_list); i++) { + alg_list[index].param1 = &aead_list[i]; + alg_list[index].param2 = NULL; + index++; + } + + for (i = 0; i < RTE_DIM(cipher_list); i++) { + for (j = 0; j < RTE_DIM(auth_list); j++) { + alg_list[index].param1 = &cipher_list[i]; + alg_list[index].param2 = &auth_list[j]; + index++; + } + } +} int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform, @@ -293,18 +315,31 @@ test_ipsec_td_prepare(const struct crypto_param *param1, for (i = 0; i < nb_td; i++) { td = &td_array[i]; - /* Copy template for packet & key fields */ - memcpy(td, &pkt_aes_256_gcm, sizeof(*td)); - /* Override fields based on param */ + /* Prepare fields based on param */ + + if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) { + /* Copy template for packet & key fields */ + memcpy(td, &pkt_aes_256_gcm, sizeof(*td)); - if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) td->aead = true; - else + td->xform.aead.aead.algo = param1->alg.aead; + td->xform.aead.aead.key.length = param1->key_length; + } else { + /* Copy template for packet & key fields */ + memcpy(td, &pkt_aes_128_cbc_hmac_sha256, sizeof(*td)); + td->aead = false; + td->xform.chain.cipher.cipher.algo = param1->alg.cipher; + td->xform.chain.cipher.cipher.key.length = + param1->key_length; + td->xform.chain.auth.auth.algo = param2->alg.auth; + td->xform.chain.auth.auth.key.length = + param2->key_length; + td->xform.chain.auth.auth.digest_length = + param2->digest_length; - td->xform.aead.aead.algo = param1->alg.aead; - td->xform.aead.aead.key.length = param1->key_length; + } if (flags->iv_gen) td->ipsec_xform.options.iv_gen_disable = 0; @@ -324,8 +359,6 @@ test_ipsec_td_prepare(const struct crypto_param *param1, } } - - RTE_SET_USED(param2); } void @@ -374,12 +407,21 @@ void test_ipsec_display_alg(const struct crypto_param *param1, const struct crypto_param *param2) { - if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) - printf("\t%s [%d]\n", + if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) { + printf("\t%s [%d]", rte_crypto_aead_algorithm_strings[param1->alg.aead], - param1->key_length); - - RTE_SET_USED(param2); + param1->key_length * 8); + } else { + printf("\t%s", + rte_crypto_cipher_algorithm_strings[param1->alg.cipher]); + if (param1->alg.cipher != RTE_CRYPTO_CIPHER_NULL) + printf(" [%d]", param1->key_length * 8); + printf(" %s", + rte_crypto_auth_algorithm_strings[param2->alg.auth]); + if (param2->alg.auth != RTE_CRYPTO_AUTH_NULL) + printf(" [%dB ICV]", param2->digest_length); + } + printf("\n"); } static int @@ -631,8 +673,9 @@ test_ipsec_res_d_prepare(struct rte_mbuf *m, const struct ipsec_test_data *td, if (res_d->aead) { res_d->xform.aead.aead.op = RTE_CRYPTO_AEAD_OP_DECRYPT; } else { - printf("Only AEAD supported\n"); - return TEST_SKIPPED; + res_d->xform.chain.cipher.cipher.op = + RTE_CRYPTO_CIPHER_OP_DECRYPT; + res_d->xform.chain.auth.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY; } return TEST_SUCCESS; diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h index 70a264a..b1f0ff8 100644 --- a/app/test/test_cryptodev_security_ipsec.h +++ b/app/test/test_cryptodev_security_ipsec.h @@ -71,6 +71,7 @@ struct crypto_param { enum rte_crypto_aead_algorithm aead; } alg; uint16_t key_length; + uint16_t digest_length; }; static const struct crypto_param aead_list[] = { @@ -91,6 +92,41 @@ static const struct crypto_param aead_list[] = { }, }; +static const struct crypto_param cipher_list[] = { + { + .type = RTE_CRYPTO_SYM_XFORM_CIPHER, + .alg.cipher = RTE_CRYPTO_CIPHER_AES_CBC, + .key_length = 16, + }, +}; + +static const struct crypto_param auth_list[] = { + { + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .alg.auth = RTE_CRYPTO_AUTH_NULL, + }, + { + .type = RTE_CRYPTO_SYM_XFORM_AUTH, + .alg.auth = RTE_CRYPTO_AUTH_SHA256_HMAC, + .key_length = 32, + .digest_length = 16, + }, +}; + +struct crypto_param_comb { + const struct crypto_param *param1; + const struct crypto_param *param2; +}; + +extern struct ipsec_test_data pkt_aes_256_gcm; +extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256; + +extern struct crypto_param_comb alg_list[RTE_DIM(aead_list) + + (RTE_DIM(cipher_list) * + RTE_DIM(auth_list))]; + +void test_ipsec_alg_list_populate(void); + int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform, const struct rte_security_capability *sec_cap, bool silent); diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst index 83536ed..62682d0 100644 --- a/doc/guides/rel_notes/release_22_03.rst +++ b/doc/guides/rel_notes/release_22_03.rst @@ -57,6 +57,7 @@ New Features * **Updated lookaside protocol (IPsec) tests in dpdk-test.** + * Added support for chained operations. * Added AES-CBC 128 NULL auth known vector tests. * Added AES-CBC 128 HMAC-SHA256 known vector tests. -- 2.7.4