From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) by dpdk.org (Postfix) with ESMTP id C39392BF7 for ; Wed, 3 Aug 2016 03:22:53 +0200 (CEST) Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga103.jf.intel.com with ESMTP; 02 Aug 2016 18:22:52 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.28,463,1464678000"; d="scan'208";a="1018615308" Received: from stv-crb-56.sh.intel.com (HELO [10.239.128.116]) ([10.239.128.116]) by fmsmga001.fm.intel.com with ESMTP; 02 Aug 2016 18:22:51 -0700 Message-ID: <57A14829.4060908@intel.com> Date: Wed, 03 Aug 2016 09:26:01 +0800 From: "Liu, Yong" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: "Chen, Zhaoyan" , dts@dpdk.org References: <1469688627-11232-1-git-send-email-zhaoyan.chen@intel.com> In-Reply-To: <1469688627-11232-1-git-send-email-zhaoyan.chen@intel.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Subject: Re: [dts] [PATCH v2] tests: Add l2fwd_crypto test plan and test suite X-BeenThere: dts@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: test suite reviews and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Aug 2016 01:22:55 -0000 Thanks, applied. On 07/28/2016 02:50 PM, Chen, Zhaoyan wrote: > From: "Chen, Zhaoyan" > > This suite will verify the cryptodev library via dpdk l2fwd, tests > will cover all supported PMDs and Algorithms. > --- > test_plans/l2fwd_crypto_test_plan.rst | 462 ++++++++++++++++++++ > tests/TestSuite_l2fwd_crypto.py | 774 ++++++++++++++++++++++++++++++++++ > 2 files changed, 1236 insertions(+) > create mode 100644 test_plans/l2fwd_crypto_test_plan.rst > create mode 100644 tests/TestSuite_l2fwd_crypto.py > > diff --git a/test_plans/l2fwd_crypto_test_plan.rst b/test_plans/l2fwd_crypto_test_plan.rst > new file mode 100644 > index 0000000..1492df7 > --- /dev/null > +++ b/test_plans/l2fwd_crypto_test_plan.rst > @@ -0,0 +1,462 @@ > +.. Copyright (c) 2010,2011 Intel Corporation > + All rights reserved. > + > + Redistribution and use in source and binary forms, with or without > + modification, are permitted provided that the following conditions > + are met: > + > + - Redistributions of source code must retain the above copyright > + notice, this list of conditions and the following disclaimer. > + > + - Redistributions in binary form must reproduce the above copyright > + notice, this list of conditions and the following disclaimer in > + the documentation and/or other materials provided with the > + distribution. > + > + - Neither the name of Intel Corporation nor the names of its > + contributors may be used to endorse or promote products derived > + from this software without specific prior written permission. > + > + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS > + FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE > + COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, > + INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES > + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR > + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, > + STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) > + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED > + OF THE POSSIBILITY OF SUCH DAMAGE. > + > +============================================== > +Testing of CryptoDev in DPDK > +============================================== > + > + > +Description > +=========== > + > +This document provides the plan for testing CryptoDev API. CryptoDev API > +provides the ability to do encryption/decryption by integrating QAT(Intel� QuickAssist > +Technology) into DPDK. The QAT provides poll mode crypto driver support for > +Intel� QuickAssist Adapter 8950 hardware accelerator. > + > +The testing of CrytpoDev API should be tested under either Intel QuickAssist Technology DH895xxC hardware > +accelerator or AES-NI library. > + > +AES-NI algorithm table > +The table below contains AES-NI Algorithms with CryptoDev API. > +Part of the algorithms are not supported currently. > + > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > +|Algorithm| Mode | Detail | > +| | | > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > +| AES | CBC | Encrypt/Decrypt;Key size: 128, 192, 256 bits | > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > +| SHA | | SHA-1, SHA-224, SHA-384, SHA-256, SHA-512 | > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > +| HMAC | | Support SHA implementations SHA-1, SHA-224, SHA-256, SHA-384, SHA-512; | > +| | | Key Size versus Block size support: Key Size must be <= block size; | > +| | | Mac Len Supported SHA-1 10, 12, 16, 20 bytes; | > +| | | Mac Len Supported SHA-256 16, 24, 32 bytes; | > +| | | Mac Len Supported SHA-384 24,32, 40, 48 bytes; | > +| | | Mac Len Supported SHA-512 32, 40, 48, 56, 64 bytes; | > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > + > +QAT algorithm table: > +The table below contains Cryptographic Algorithm Validation with CryptoDev API. > +Part of the algorithms are not supported currently. > + > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > +|Algorithm| Mode | Detail | > +| | | > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > +| AES | CBC | Encrypt/Decrypt;Key size: 128, 192, 256 bits | > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > +| SHA | | SHA-1, SHA-224, SHA-256, SHA-512 | > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > +| HMAC | | Support SHA implementations SHA-1, SHA-224, SHA-256, SHA-512; | > +| | | Key Size versus Block size support: Key Size must be <= block size; | > +| | | Mac Len Supported SHA-1 10, 12, 16, 20 bytes; | > +| | | Mac Len Supported SHA-224 14,16,20,24,28 bytes; | > +| | | Mac Len Supported SHA-256 16, 24, 32 bytes; | > +| | | Mac Len Supported SHA-384 24,32, 40, 48 bytes; | > +| | | Mac Len Supported SHA-512 32, 40, 48, 56, 64 bytes; | > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > +| GCM | | Key Sizes:128, 192, 256 bits; | > +| | | Associated Data Length: 0 ~ 240 bytes; | > +| | | Payload Length: 0 ~ (2^32 -1) bytes; | > +| | | IV source: external; | > +| | | IV Lengths: 96 bits; | > +| | | Tag Lengths: 8, 12, 16 bytes; | > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > +| Snow3G | UEA2 | Encrypt/Decrypt; Key size: 128 | > ++ +---------+---------+---------+----------+----------+----------+----------+----------+----------+ > +| | UIA2 | Encrypt/Decrypt; Key size: 128 | > ++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+ > + > +Limitations > +============= > +* Chained mbufs are not supported. > +* Hash only is not supported. > +* Cipher only is not supported (except Snow3g). > +* Only in-place is currently supported (destination address is the same as source address). > +* Only supports the session-oriented API implementation by QAT. Support session-oriented and session-less APIs with AES-NI. > +* Not performance tuned. > + > +Prerequisites > +============= > +To test CryptoDev API, an example l2fwd-crypto is added into DPDK. > + > +The test commands of l2fwd-crypto is below:: > + * ./examples/l2fwd-crypto/build/app/l2fwd-crypto -n 4 -c COREMASK -- -p PORTMASK -q NQ --cdev (AESNI_MB|QAT) --chain (HASH_CIPHER|CIPHER_HASH) --cipher_algo (ALGO) --cipher_op (ENCRYPT|DECRYPT) --cipher_key (key_value) --iv (key_value) --auth_algo (ALGO) --auth_op (GENERATE|VERIFY) --auth_key (key_value) --sessionless > + > +The operation of l2fwd-crypto are in 2 ways. > +* For method CIPHER_HASH, the l2fwd-crypto will encrypt payload in packet first. > +Then do authentification for the encrypted data. > +* For method HASH_CIPHER, the l2fwd-crypto will authenticate payload in packet first. > +Then do encryption for the encrypted data. > + > +To do the function test, scapy can be used as traffic generator. > +To do the performance test, traffic generator can be hardware equipment or > +software traffic generator. > + > +The CryptoDev API supports Fedora or FreeBSD. > + > +QAT/AES-NI installation > +========================== > +If CryptoDev needs to use QAT to do encryption/decryption, QAT should be installed > +correctly. The steps how to install QAT is described in DPDK code directory > +dpdk/doc/guides/cryptodevs/qat.rst. > + > +Once the driver is loaded, the software versions may be checked for each �dh89xxCC_devX� device as follows: > + more /proc/icp_dh895xcc_dev0/version > + > + +--------------------------------------------------+ > + | Hardware and Software versions for device 0 | > + +--------------------------------------------------+ > + |Hardware Version: A0 SKU4 | > + |Firmware Version: 2.3.0 | > + |MMP Version: 1.0.0 | > + |Driver Version: 2.3.0 | > + |Lowest Compatible Driver: 2.3 | > + |QuickAssist API CY Version: 1.8 | > + |QuickAssist API DC Version: 1.4 | > + +--------------------------------------------------+ > + > +If CryptoDev needs to use AES-NI to do encryption/decryption, AES-NI library should be install > +correctly. The steps how to use AES-NI libary is described in DPDK code directory > +dpdk/doc/guides/cryptodevs/aesni_mb.rst. > + > +Test case: Configuration test > +==================================================== > +CryptoDev API supports different configuration. > +This test tests different configuration with CrptoDev API. > + > +Test case: CrytoDev Unit test > +==================================================== > +The CrytoDev API has Unit test cases to support basic API level testing. > + > +Compile Unit test > + cd isg_cid-dpdk_org/app/test > + make > + > +Sub-case: AES-NI test case > +------------------------------------------------------ > +run ./test -c 0xf -n 2 -- -i > +>>cryptodev_aesni_autotest > + > + > +Sub-case: QAT test case > +------------------------------------------------------ > +run ./test -c 0xf -n 2 -- -i > +>>cryptodev_qat_autotest > + > +Test case: CryptoDev Function test > +==================================================== > +For function test, the DUT forward UDP packets generated by scapy. > + > +After sending single packet from Scapy, Crytpodev function encrypt/decrypt the > +payload in packet by using algorithm setting in command. The l2fwd-crypto > +forward the packet back to tester. > +Use TCPDump to capture the received packet on tester. Then tester parses the payload > +and compare the payload with correct answer pre-stored in scripts. > ++----------+ +----------+ > +| | | | > +| | --------------> | | > +| Tester | | DUT | > +| | | | > +| | <-------------> | | > ++----------+ +----------+ > + > +Sub-case: AES-NI test case > +------------------------------------------------------ > +Cryptodev AES-NI algorithm validation matrix is showed in table below. > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo | Auth_op | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA512_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | XCBC_MAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | MD5_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA512_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | AES_XCMC_MAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > + > +Sub-case: QAT AES test case > +------------------------------------------------------ > +Cryptodev QAT AES algorithm validation matrix is showed in table below. > + > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo | Auth_op | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA512_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | XCBC_MAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | MD5_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA512_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | AES_XCMC_MAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > + > +Sub-case: QAT GCM test case > +------------------------------------------------------ > +Cryptodev GCM algorithm validation matrix is showed in table below. > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo | Auth_op | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA512_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | XCBC_MAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | MD5_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA224_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA512_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | AES_XCMC_MAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA224_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > + > +Sub-case: AES-NI GCM test case > +------------------------------------------------------ > +Cryptodev GCM algorithm validation matrix is showed in table below. > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo | Auth_op | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA512_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | XCBC_MAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | MD5_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA224_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA512_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | AES_XCMC_MAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA224_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > + > + > +Sub-case: QAT Snow3G test case > +------------------------------------------------------ > +Cryptodev Snow3G algorithm validation matrix is showed in table below. > +Cipher only, hash-only and chaining functionality is supported for Snow3g. > ++-------------+-------------+-------------+-------------+ > +| Method | Cipher_algo | Cipher_op | Cipyer_key | > ++-------------+-------------+-------------+-------------+ > +| CIPHER | ECB | ENCRYPT | 128 | > ++-------------+-------------+-------------+-------------+ > + > + > +Test case: CryptoDev performance test > +======================================= > +For performance test, the DUT forward UDP packets generated by traffic generator. > +Also, queue and core number should be set into maximun number. > ++----------+ +----------+ > +| | | | > +| | --------------> | | > +| IXIA | | DUT | > +| | | | > +| | <-------------> | | > ++----------+ +----------+ > + > +CryptoDev performance should be measured from different aspects ad below. > ++-------+---------+---------+---------+----------+----------+ > +| Frame | 1S/1C/1T| 1S/1C/1T| 1S/2C/1T| 1S/2C/2T | 1S/2C/2T | > +| Size | | | | | | > ++-------+---------+---------+---------+----------+----------+ > +| 64 | | | | | | > ++-------+---------+---------+---------+----------+----------+ > +| 65 | | | | | | > ++-------+---------+---------+---------+----------+----------+ > +| 128 | | | | | | > ++-------+---------+---------+---------+----------+----------+ > +| 256 | | | | | | > ++-------+---------+---------+---------+----------+----------+ > +| 512 | | | | | | > ++-------+---------+---------+---------+----------+----------+ > +| 1024 | | | | | | > ++-------+---------+---------+---------+----------+----------+ > +| 1280 | | | | | | > ++-------+---------+---------+---------+----------+----------+ > +| 1518 | | | | | | > ++-------+---------+---------+---------+----------+----------+ > + > +Sub-case: AES-NI test case > +------------------------------------------------------ > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo | Auth_op | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | MD5_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA512_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > + > +Sub-case: QAT AES test case > +------------------------------------------------------ > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo | Auth_op | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | MD5_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 192 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 256 | SHA1_HMAC | GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA256_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA384_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA512_HMAC| GENERATE | > ++-------------+-------------+-------------+-------------+-------------+-------------+ > diff --git a/tests/TestSuite_l2fwd_crypto.py b/tests/TestSuite_l2fwd_crypto.py > new file mode 100644 > index 0000000..0d6a52a > --- /dev/null > +++ b/tests/TestSuite_l2fwd_crypto.py > @@ -0,0 +1,774 @@ > +# BSD LICENSE > +# > +# Copyright(c) 2010-2014 Intel Corporation. All rights reserved. > +# All rights reserved. > +# > +# Redistribution and use in source and binary forms, with or without > +# modification, are permitted provided that the following conditions > +# are met: > +# > +# * Redistributions of source code must retain the above copyright > +# notice, this list of conditions and the following disclaimer. > +# * Redistributions in binary form must reproduce the above copyright > +# notice, this list of conditions and the following disclaimer in > +# the documentation and/or other materials provided with the > +# distribution. > +# * Neither the name of Intel Corporation nor the names of its > +# contributors may be used to endorse or promote products derived > +# from this software without specific prior written permission. > +# > +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS > +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT > +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR > +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT > +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, > +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT > +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, > +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY > +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT > +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE > +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > + > +import dts > +import time > + > +from test_case import TestCase > + > + > +class TestL2fwdCrypto(TestCase): > + > + def set_up_all(self): > + > + self.core_config = "1S/4C/1T" > + self.number_of_ports = 2 > + self.dut_ports = self.dut.get_ports(self.nic) > + self.verify(len(self.dut_ports) >= self.number_of_ports, > + "Not enough ports for " + self.nic) > + self.ports_socket = self.dut.get_numa_id(self.dut_ports[0]) > + > + self.logger.info("core config = " + self.core_config) > + self.logger.info("number of ports = " + str(self.number_of_ports)) > + self.logger.info("dut ports = " + str(self.dut_ports)) > + self.logger.info("ports_socket = " + str(self.ports_socket)) > + > + self.core_mask = dts.create_mask(self.dut.get_core_list( > + self.core_config, > + socket=self.ports_socket)) > + self.port_mask = dts.create_mask([self.dut_ports[0], > + self.dut_ports[1]]) > + > + self.tx_port = self.tester.get_local_port(self.dut_ports[0]) > + self.rx_port = self.tester.get_local_port(self.dut_ports[1]) > + > + self.tx_interface = self.tester.get_interface(self.tx_port) > + self.rx_interface = self.tester.get_interface(self.rx_port) > + > + self.logger.info("core mask = " + self.core_mask) > + self.logger.info("port mask = " + self.port_mask) > + self.logger.info("tx interface = " + self.tx_interface) > + self.logger.info("rx interface = " + self.rx_interface) > + > + # Rebuild the dpdk with cryptodev pmds > + self.dut.send_expect("export AESNI_MULTI_BUFFER_LIB_PATH=/root/ipsec_043/code/", "#") > + self.dut.send_expect("export LIBSSO_SNOW3G_PATH=/root/libsso_snow3g/snow3g/", "#") > + self.dut.send_expect("export LIBSSO_KASUMI_PATH=/root/LibSSO_0_3_1/isg_cid-wireless_libs/ciphers/kasumi/", "#") > + self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_QAT=n$/CONFIG_RTE_LIBRTE_PMD_QAT=y/' config/common_base", "# ") > + self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_AESNI_GCM=n$/CONFIG_RTE_LIBRTE_PMD_AESNI_GCM=y/' config/common_base", "# ") > + self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=n$/CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=y/' config/common_base", "# ") > + self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_SNOW3G=n$/CONFIG_RTE_LIBRTE_PMD_SNOW3G=y/' config/common_base", "# ") > + self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_KASUMI=n$/CONFIG_RTE_LIBRTE_PMD_KASUMI=y/' config/common_base", "# ") > + self.dut.build_install_dpdk(self.dut.target) > + > + # l2fwd-crypto compile > + out = self.dut.build_dpdk_apps("./examples/l2fwd-crypto") > + self.verify("Error" not in out, "Compilation error") > + self.verify("No such" not in out, "Compilation error") > + > + # Bind QAT VF devices > + out = self.dut.send_expect("lspci -d:443|awk '{print $1}'", "# ", 10) > + self.dut.send_expect('echo "8086 0443" > /sys/bus/pci/drivers/igb_uio/new_id', "# ", 10) > + for line in out.replace("\r", "\n").replace("\n\n", "\n").split("\n"): > + cmd = "echo 0000:{} > /sys/bus/pci/devices/0000\:{}/driver/unbind".format(line, line.replace(":", "\:")) > + self.dut.send_expect(cmd, "# ", 10) > + cmd = "echo 0000:{} > /sys/bus/pci/drivers/igb_uio/bind".format(line) > + self.dut.send_expect(cmd, "# ", 10) > + > + def set_up(self): > + pass > + > + def test_qat_AES(self): > + > + result = True > + > + self.logger.info("Test qat_c_AES_CBC_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "qat_c_AES_CBC_01"): > + result = False > + > + self.logger.info("Test qat_c_AES_CTR_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "qat_c_AES_CTR_01"): > + result = False > + > + self.logger.info("Test qat_c_AES_GCM_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "qat_c_AES_GCM_01"): > + result = False > + > + self.verify(result, True) > + > + def test_qat_SHA(self): > + > + result = True > + > + self.logger.info("Test qat_h_SHA1_HMAC_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "qat_h_SHA1_HMAC_01"): > + result = False > + > + self.logger.info("Test qat_h_SHA256_HMAC_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "qat_h_SHA256_HMAC_01"): > + result = False > + > + self.logger.info("Test qat_h_SHA512_HMAC_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "qat_h_SHA512_HMAC_01"): > + result = False > + > + self.verify(result, True) > + > + def test_qat_AES_XCBC_MAC(self): > + > + result = True > + > + self.logger.info("Test qat_h_AES_XCBC_MAC_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "qat_h_AES_XCBC_MAC_01"): > + result = False > + > + self.verify(result, True) > + > + def test_qat_SNOW3G(self): > + > + result = True > + > + self.logger.info("Test qat_c_UEA2_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "qat_c_UEA2_01"): > + result = False > + > + self.logger.info("Test qat_h_UIA2_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "qat_h_UIA2_01"): > + result = False > + > + self.verify(result, True) > + > + def test_qat_AES_GCM_AES_GCM(self): > + > + result = True > + > + self.logger.info("Test qat_ch_AES_GCM_AES_GCM_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "qat_ch_AES_GCM_AES_GCM_01"): > + result = False > + > + self.verify(result, True) > + > + def test_aesni_AES_GCM_AES_GCM(self): > + > + result = True > + > + self.logger.info("Test aesni_ch_AES_GCM_AES_GCM_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "aesni_ch_AES_GCM_AES_GCM_01"): > + result = False > + > + self.verify(result, True) > + > + def test_kasumi_KASUMI(self): > + > + result = True > + > + self.logger.info("Test kasumi_c_F8_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "kasumi_c_F8_01"): > + result = False > + > + self.logger.info("Test kasumi_h_F9_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "kasumi_h_F9_01"): > + result = False > + > + self.verify(result, True) > + > + def test_null_NULL(self): > + > + result = True > + > + self.logger.info("Test null_c_NULL_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "null_c_NULL_01"): > + result = False > + > + self.verify(result, True) > + > + def test_snow3g_SNOW3G(self): > + > + result = True > + > + self.logger.info("Test snow3g_c_UEA2_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "snow3g_c_UEA2_01"): > + result = False > + > + self.logger.info("Test snow3g_h_UIA2_01") > + if not self.__execute_l2fwd_crypto_test( > + test_vectors, "snow3g_h_UIA2_01"): > + result = False > + > + self.verify(result, True) > + > + def __execute_l2fwd_crypto_test(self, test_vectors, test_vector_name): > + > + if test_vector_name not in test_vectors: > + self.logger.warn("SKIP : " + test_vector_name) > + return True > + > + test_vector = test_vectors[test_vector_name] > + > + result = True > + cmd_str = self.__test_vector_to_cmd(test_vector, > + core_mask=self.core_mask, > + port_mask=self.port_mask) > + > + self.dut.send_expect(cmd_str, "==", 30) > + > + self.tester.send_expect("rm -rf %s.pcap" % (self.rx_interface), "#") > + self.tester.send_expect("tcpdump -w %s.pcap -i %s &" % (self.rx_interface, self.rx_interface), "#") > + # Wait 5 sec for tcpdump stable > + time.sleep(5) > + > + payload = self.__format_hex_to_param(test_vector["input"], "\\x", "\\x") > + > + PACKET_COUNT = 65 > + > + self.tester.scapy_foreground() > + self.tester.scapy_append('sendp([Ether(src="52:00:00:00:00:00")/IP(src="192.168.1.1",dst="192.168.1.2")/Raw(load=\"%s\")], iface="%s", count=%s)' % (payload, self.tx_interface, PACKET_COUNT)) > + > + self.tester.scapy_execute() > + > + time.sleep(5) > + > + self.tester.send_expect("killall tcpdump", "#") > + self.tester.send_expect("^C", "#") > + > + # Wait 5 secs for tcpdump exit > + time.sleep(5) > + > + self.tester.send_expect("scapy", ">>>") > + self.tester.send_expect("p=rdpcap('%s.pcap', count=%s)" % (self.rx_interface, PACKET_COUNT), ">>>") > + > + hex_list = [] > + for i in range(PACKET_COUNT): > + cmd = "linehexdump(p[%s],onlyhex=1)" % i > + hex_list.append(self.tester.send_expect(cmd, ">>>")) > + > + # Exit the scapy > + self.tester.send_expect("exit()", "#", 60) > + > + for hex_str in hex_list: > + packet_hex = hex_str.split(" ") > + # self.logger.info(hex_str) > + # self.logger.info(packet_hex) > + > + cipher_offset = 34 > + cipher_length = len(test_vector["output_cipher"])/2 > + if cipher_length == 0: > + cipher_length = len(test_vector["input"])/2 > + cipher_text = "".join(packet_hex[cipher_offset:cipher_offset+cipher_length]) > + # self.logger.info("Cipher text in packet = " + cipher_text) > + # self.logger.info("Ref Cipher text = " + test_vector["output_cipher"]) > + if str.lower(cipher_text) == str.lower(test_vector["output_cipher"]): > + self.logger.info("Cipher Matched.") > + else: > + if test_vector["output_cipher"] != "": > + result = False > + self.logger.info("Cipher NOT Matched.") > + self.logger.info("Cipher text in packet = " + cipher_text) > + self.logger.info("Ref Cipher text = " + test_vector["output_cipher"]) > + else: > + self.logger.info("Skip Cipher, Since no cipher text set") > + > + hash_offset = cipher_offset + cipher_length > + hash_length = len(test_vector["output_hash"])/2 > + if hash_length != 0: > + hash_text = "".join(packet_hex[hash_offset:hash_offset+hash_length]) > + # self.logger.info("Hash text in packet = " + hash_text) > + # self.logger.info("Ref Hash text = " + test_vector["output_hash"]) > + if str.lower(hash_text) == str.lower(test_vector["output_hash"]): > + self.logger.info("Hash Matched") > + else: > + result = False > + self.logger.info("Hash NOT Matched") > + self.logger.info("Hash text in packet = " + hash_text) > + self.logger.info("Ref Hash text = " + test_vector["output_hash"]) > + else: > + self.logger.info("Skip Hash, Since no hash text set") > + > + # Close l2fwd-crypto > + # self.dut.send_expect("killall -9 l2fwd-crypto", "# ", 15) > + self.dut.send_expect("^C", "# ", 15) > + > + if result: > + self.logger.info("PASSED") > + else: > + self.logger.info("FAILED") > + > + return result > + > + def tear_down(self): > + pass > + > + def tear_down_all(self): > + self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_QAT=y$/CONFIG_RTE_LIBRTE_PMD_QAT=n/' config/common_base", "# ") > + self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_AESNI_GCM=y$/CONFIG_RTE_LIBRTE_PMD_AESNI_GCM=n/' config/common_base", "# ") > + self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=y$/CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=n/' config/common_base", "# ") > + self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_SNOW3G=y$/CONFIG_RTE_LIBRTE_PMD_SNOW3G=n/' config/common_base", "# ") > + self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_KASUMI=y$/CONFIG_RTE_LIBRTE_PMD_KASUMI=n/' config/common_base", "# ") > + > + def __test_vector_to_cmd(self, test_vector, core_mask="", port_mask=""): > + L2FWD_CRYPTO_APP = "./examples/l2fwd-crypto/build/app/l2fwd-crypto" > + EAL_CORE_MASK = " -cf" if core_mask == "" else " -c" + core_mask > + EAL_MM_CHANNEL = " -n4" > + EAL_SEP = " --" > + PORT_MASK = "" if port_mask == "" else " -p" + port_mask > + QUEUE_NUM = "" > + > + vdev = "" > + if self.__check_field_in_vector(test_vector, "vdev"): > + vdev = " --vdev " + test_vector["vdev"] > + > + chain = "" > + if self.__check_field_in_vector(test_vector, "chain"): > + chain = " --chain " + test_vector["chain"] > + > + cdev_type = "" > + if self.__check_field_in_vector(test_vector, "cdev_type"): > + cdev_type = " --cdev_type " + test_vector["cdev_type"] > + > + cipher_algo = "" > + if self.__check_field_in_vector(test_vector, "cipher_algo"): > + cipher_algo = " --cipher_algo " + test_vector["cipher_algo"] > + > + cipher_op = "" > + if self.__check_field_in_vector(test_vector, "cipher_op"): > + cipher_op = " --cipher_op " + test_vector["cipher_op"] > + > + cipher_key = "" > + if self.__check_field_in_vector(test_vector, "cipher_key"): > + cipher_key = " --cipher_key " + self.__format_hex_to_param(test_vector["cipher_key"]) > + > + iv = "" > + if self.__check_field_in_vector(test_vector, "iv"): > + iv = " --iv " + self.__format_hex_to_param(test_vector["iv"]) > + > + auth_algo = "" > + if self.__check_field_in_vector(test_vector, "auth_algo"): > + auth_algo = " --auth_algo " + test_vector["auth_algo"] > + > + auth_op = "" > + if self.__check_field_in_vector(test_vector, "auth_op"): > + auth_op = " --auth_op " + test_vector["auth_op"] > + > + auth_key = "" > + if self.__check_field_in_vector(test_vector, "auth_key"): > + auth_key = " --auth_key " + self.__format_hex_to_param(test_vector["auth_key"]) > + > + auth_key_random_size = "" > + if self.__check_field_in_vector(test_vector, "auth_key_random_size"): > + auth_key_random_size = " --auth_key_random_size " + test_vector["auth_key_random_size"] > + > + aad = "" > + if self.__check_field_in_vector(test_vector, "aad"): > + aad = " --aad " + self.__format_hex_to_param(test_vector["aad"]) > + > + aad_random_size = "" > + if self.__check_field_in_vector(test_vector, "aad_random_size"): > + aad_random_size = " --aad_random_size " + test_vector["aad_random_size"] > + > + cmd_str = "".join([L2FWD_CRYPTO_APP, EAL_CORE_MASK, EAL_MM_CHANNEL, vdev, vdev, EAL_SEP, > + PORT_MASK, QUEUE_NUM, chain, cdev_type, cipher_algo, cipher_op, cipher_key, > + iv, auth_algo, auth_op, auth_key, auth_key_random_size, aad, aad_random_size]) > + > + return cmd_str > + > + def __check_field_in_vector(self, test_vector, field_name): > + if field_name in test_vector and test_vector[field_name]: > + return True > + return False > + > + def __format_hex_to_param(self, hex_str, sep=":", prefix=""): > + if not hex_str: > + return "" > + if len(hex_str) == 1: > + return prefix + "0" + hex_str > + > + result = prefix + hex_str[0:2] > + for i in range(2, len(hex_str), 2): > + if len(hex_str) < i + 2: > + result = result + sep + "0" + hex_str[i:] > + else: > + result = result + sep + hex_str[i:i+2] > + > + return result > + > +test_vectors = { > + > + "qat_c_AES_CBC_01": { > + "vdev": "", > + "chain": "CIPHER_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "AES_CBC", > + "cipher_op": "ENCRYPT", > + "cipher_key": "000102030405060708090a0b0c0d0e0f", > + "iv": "000102030405060708090a0b0c0d0e0f", > + "auth_algo": "", > + "auth_op": "", > + "auth_key": "", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "96A702D1CC8DD6D625D971915FCE8C40B8C522042B7126D51BB204CECA048C13793B75FF84A4B524370A45534C2BC476", > + "output_hash": "", > + }, > + > + "qat_c_AES_CTR_01": { > + "vdev": "", > + "chain": "CIPHER_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "AES_CTR", > + "cipher_op": "ENCRYPT", > + "cipher_key": "000102030405060708090a0b0c0d0e0f", > + "iv": "000102030405060708090a0b0c0d0e0f", > + "auth_algo": "", > + "auth_op": "", > + "auth_key": "", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "1B851AA4507FE154E0D28549D742FB4B1372FD85770963878BCBEC1E5AB51ECD0B3C85A2000DB4E9ACD3D95CDD38FD56", > + "output_hash": "", > + }, > + > + "qat_c_AES_GCM_01": { > + "vdev": "", > + "chain": "CIPHER_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "AES_GCM", > + "cipher_op": "ENCRYPT", > + "cipher_key": "000102030405060708090a0b0c0d0e0f", > + "iv": "000102030405060708090a0b0c0d0e0f", > + "auth_algo": "", > + "auth_op": "", > + "auth_key": "", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "1b851aa4507fe154e0d28549d742fb4b1372fd85770963878bcbec1e5ab51ecd0b3c85a2000db4e9acd3d95cdd38fd56", > + "output_hash": "", > + }, > + > + "qat_h_SHA1_HMAC_01": { > + "vdev": "", > + "chain": "HASH_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "", > + "cipher_op": "", > + "cipher_key": "", > + "iv": "", > + "auth_algo": "SHA1_HMAC", > + "auth_op": "GENERATE", > + "auth_key": "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111100000000000000000000000000000000", > + "output_cipher": "", > + "output_hash": "12E2EF8B7EBFE556C73307B04E1E46D12BA34884" > + }, > + > + "qat_h_SHA256_HMAC_01": { > + "vdev": "", > + "chain": "HASH_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "", > + "cipher_op": "", > + "cipher_key": "", > + "iv": "", > + "auth_algo": "SHA256_HMAC", > + "auth_op": "GENERATE", > + "auth_key": "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111100000000000000000000000000000000", > + "output_cipher": "", > + "output_hash": "AC9E0BA3A0716F4F4A2734B407BE28D6F276CE0472B827D6EE47B7E518C2BC0D" > + }, > + > + "qat_h_SHA512_HMAC_01": { > + "vdev": "", > + "chain": "HASH_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "", > + "cipher_op": "", > + "cipher_key": "", > + "iv": "", > + "auth_algo": "SHA512_HMAC", > + "auth_op": "GENERATE", > + "auth_key": "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", > + "output_cipher": "", > + "output_hash": "C8917E7490FC2CFF0CFDD0509C1C0D711CD27FFDFAAEA375E123F25F7532D4FA7D02D95CD52FAC8A27E21B3F5F734241897A37BB8953C52FFADB3B605A864569" > + }, > + > + "qat_h_AES_XCBC_MAC_01": { > + "vdev": "", > + "chain": "HASH_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "", > + "cipher_op": "", > + "cipher_key": "", > + "iv": "", > + "auth_algo": "AES_XCBC_MAC", > + "auth_op": "GENERATE", > + "auth_key": "000102030405060708090a0b0c0d0e0f", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "", > + "output_hash": "A7AD120ED744A9EC0618C0D9" > + }, > + > + "qat_ch_AES_CBC_SHA1_HMAC_01": { > + "vdev": "", > + "chain": "CIPHER_HASH", > + "cdev_type": "ANY", > + "cipher_algo": "AES_CBC", > + "cipher_op": "ENCRYPT", > + "cipher_key": "000102030405060708090a0b0c0d0e0f", > + "iv": "000102030405060708090a0b0c0d0e0f", > + "auth_algo": "SHA1_HMAC", > + "auth_op": "GENERATE", > + "auth_key": "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "96A702D1CC8DD6D625D971915FCE8C40B8C522042B7126D51BB204CECA048C13793B75FF84A4B524370A45534C2BC476", > + "output_hash": "2D6EFD5929812460E2DE34A1BD768F209C985143BA7333E8D59EFED291517EF7" > + }, > + > + "qat_c_UEA2_01": { > + "vdev": "", > + "chain": "CIPHER_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "SNOW3G_UEA2", > + "cipher_op": "ENCRYPT", > + "cipher_key": "000102030405060708090a0b0c0d0e0f", > + "iv": "000102030405060708090a0b0c0d0e0f", > + "auth_algo": "", > + "auth_op": "", > + "auth_key": "", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "fa0d2ff5dbf973e7082b128396fbc2c1ff5721099a1eb82918e66c1fa1b8fd52ce1763963f73859595d89b0b8d3907a8", > + "output_hash": "" > + }, > + > + "qat_h_UIA2_01": { > + "vdev": "", > + "chain": "HASH_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "", > + "cipher_op": "", > + "cipher_key": "", > + "iv": "", > + "auth_algo": "SNOW3G_UIA2", > + "auth_op": "GENERATE", > + "auth_key": "000102030405060708090a0b0c0d0e0f", > + "auth_key_random_size": "", > + "aad": "000102030405060708090a0b0c0d0e0f", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "", > + "output_hash": "741D4316" > + }, > + > + "snow3g_c_UEA2_01": { > + "vdev": "cryptodev_snow3g_pmd,socket_id=1,max_nb_sessions=128", > + "chain": "CIPHER_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "SNOW3G_UEA2", > + "cipher_op": "ENCRYPT", > + "cipher_key": "000102030405060708090a0b0c0d0e0f", > + "iv": "000102030405060708090a0b0c0d0e0f", > + "auth_algo": "", > + "auth_op": "", > + "auth_key": "", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "fa0d2ff5dbf973e7082b128396fbc2c1ff5721099a1eb82918e66c1fa1b8fd52ce1763963f73859595d89b0b8d3907a8", > + "output_hash": "" > + }, > + > + "snow3g_h_UIA2_01": { > + "vdev": "cryptodev_snow3g_pmd,socket_id=1,max_nb_sessions=128", > + "chain": "HASH_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "", > + "cipher_op": "", > + "cipher_key": "", > + "iv": "", > + "auth_algo": "SNOW3G_UIA2", > + "auth_op": "GENERATE", > + "auth_key": "000102030405060708090a0b0c0d0e0f", > + "auth_key_random_size": "", > + "aad": "000102030405060708090a0b0c0d0e0f", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "", > + "output_hash": "741D4316" > + }, > + > + "kasumi_c_F8_01": { > + "vdev": "cryptodev_kasumi_pmd,socket_id=1,max_nb_sessions=128", > + "chain": "CIPHER_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "KASUMI_F8", > + "cipher_op": "ENCRYPT", > + "cipher_key": "000102030405060708090a0b0c0d0e0f", > + "iv": "0001020304050607", > + "auth_algo": "", > + "auth_op": "", > + "auth_key": "", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "ede654ff0caab546b654cd7a3b0a4199e957579214f45bd7e25fcbbda41e38fc885fbbd6195cf8e22905480191b2f861", > + "output_hash": "" > + }, > + > + "kasumi_h_F9_01": { > + "vdev": "cryptodev_kasumi_pmd,socket_id=1,max_nb_sessions=128", > + "chain": "HASH_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "", > + "cipher_op": "", > + "cipher_key": "", > + "iv": "", > + "auth_algo": "KASUMI_F9", > + "auth_op": "GENERATE", > + "auth_key": "000102030405060708090a0b0c0d0e0f", > + "auth_key_random_size": "", > + # aad length min=8 max=8 > + "aad": "0001020304050607", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "", > + "output_hash": "D1C2BE1E" > + }, > + > + "null_c_NULL_01": { > + "vdev": "cryptodev_null_pmd,socket_id=1,max_nb_sessions=128", > + "chain": "CIPHER_ONLY", > + "cdev_type": "ANY", > + "cipher_algo": "NULL", > + "cipher_op": "ENCRYPT", > + "cipher_key": "", > + "iv": "", > + "auth_algo": "", > + "auth_op": "", > + "auth_key": "", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_hash": "" > + }, > + > + "qat_ch_AES_GCM_AES_GCM_01": { > + "vdev": "", > + "chain": "CIPHER_HASH", > + "cdev_type": "ANY", > + "cipher_algo": "AES_GCM", > + "cipher_op": "ENCRYPT", > + "cipher_key": "000102030405060708090a0b0c0d0e0f", > + "iv": "000102030405060708090a0b0c0d0e0f", > + "auth_algo": "AES_GCM", > + "auth_op": "GENERATE", > + "auth_key": "000102030405060708090a0b0c0d0e0f", > + "auth_key_random_size": "", > + # aad length min=8 max=12 > + "aad": "0001020304050607", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "1372fd85770963878bcbec1e5ab51ecd0b3c85a2000db4e9acd3d95cdd38fd565c1abac3884e8e167332357956a4c21f", > + "output_hash": "00A2EBC33A8A1C8C" > + }, > + > + "aesni_ch_AES_GCM_AES_GCM_01": { > + "vdev": "cryptodev_aesni_gcm_pmd,socket_id=1,max_nb_sessions=128", > + "chain": "CIPHER_HASH", > + "cdev_type": "ANY", > + "cipher_algo": "AES_GCM", > + "cipher_op": "ENCRYPT", > + "cipher_key": "000102030405060708090a0b0c0d0e0f", > + "iv": "000102030405060708090a0b0c0d0e0f", > + "auth_algo": "AES_GCM", > + "auth_op": "GENERATE", > + "auth_key": "000102030405060708090a0b0c0d0e0f", > + "auth_key_random_size": "", > + # aad length min=8 max=12 > + "aad": "0001020304050607", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "1372fd85770963878bcbec1e5ab51ecd0b3c85a2000db4e9acd3d95cdd38fd565c1abac3884e8e167332357956a4c21f", > + "output_hash": "00A2EBC33A8A1C8C" > + }, > + > + "aesni_ch_AES_CBC_SHA1_HMAC_01": { > + "vdev": "cryptodev_aesni_mb_pmd,socket_id=1,max_nb_sessions=128", > + "chain": "CIPHER_HASH", > + "cdev_type": "ANY", > + "cipher_algo": "AES_CBC", > + "cipher_op": "ENCRYPT", > + "cipher_key": "000102030405060708090a0b0c0d0e0f", > + "iv": "000102030405060708090a0b0c0d0e0f", > + "auth_algo": "SHA1_HMAC", > + "auth_op": "GENERATE", > + "auth_key": "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f", > + "auth_key_random_size": "", > + "aad": "", > + "aad_random_size": "", > + "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", > + "output_cipher": "96A702D1CC8DD6D625D971915FCE8C40B8C522042B7126D51BB204CECA048C13793B75FF84A4B524370A45534C2BC476", > + "output_hash": "2D6EFD5929812460E2DE34A1BD768F209C985143BA7333E8D59EFED291517EF7" > + }, > + > +}