All of lore.kernel.org
 help / color / mirror / Atom feed
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>,
	Declan Doherty <declan.doherty@intel.com>,
	Fan Zhang <roy.fan.zhang@intel.com>,
	"Konstantin Ananyev" <konstantin.ananyev@intel.com>
Cc: Anoob Joseph <anoobj@marvell.com>,
	Jerin Jacob <jerinj@marvell.com>,
	Archana Muniganti <marchana@marvell.com>,
	Tejasree Kondoj <ktejasree@marvell.com>,
	Hemant Agrawal <hemant.agrawal@nxp.com>,
	"Radu Nicolau" <radu.nicolau@intel.com>,
	Ciara Power <ciara.power@intel.com>,
	Gagandeep Singh <g.singh@nxp.com>, <dev@dpdk.org>
Subject: [dpdk-dev] [PATCH v3 3/3] test/crypto: add outbound known vector tests
Date: Tue, 7 Sep 2021 21:47:42 +0530	[thread overview]
Message-ID: <1631031463-211-4-git-send-email-anoobj@marvell.com> (raw)
In-Reply-To: <1631031463-211-1-git-send-email-anoobj@marvell.com>

Add outbound known vector tests. The tests would be skipped on PMDs
which do not support IV provided by application.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
---
 app/test/test_cryptodev.c                | 44 ++++++++++++++++++++++++++++++++
 app/test/test_cryptodev_security_ipsec.c | 16 +++++++++++-
 2 files changed, 59 insertions(+), 1 deletion(-)

diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index fefab3c..dd68080 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -8978,6 +8978,22 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],
 		ut_params->op->sym->m_src = ut_params->ibuf;
 		ut_params->op->sym->m_dst = NULL;
 
+		/* Copy IV in crypto operation when IV generation is disabled */
+		if (dir == RTE_SECURITY_IPSEC_SA_DIR_EGRESS &&
+		    ipsec_xform.options.iv_gen_disable == 1) {
+			uint8_t *iv = rte_crypto_op_ctod_offset(ut_params->op,
+								uint8_t *,
+								IV_OFFSET);
+			int len;
+
+			if (td[i].aead)
+				len = td[i].xform.aead.aead.iv.length;
+			else
+				len = td[i].xform.chain.cipher.cipher.iv.length;
+
+			memcpy(iv, td[i].iv.data, len);
+		}
+
 		/* Process crypto operation */
 		process_crypto_request(dev_id, ut_params->op);
 
@@ -9015,6 +9031,22 @@ test_ipsec_proto_process(const struct ipsec_test_data td[],
 }
 
 static int
+test_ipsec_proto_known_vec(const void *test_data)
+{
+	struct ipsec_test_data td_outb;
+	struct ipsec_test_flags flags;
+
+	memset(&flags, 0, sizeof(flags));
+
+	memcpy(&td_outb, test_data, sizeof(td_outb));
+
+	/* Disable IV gen to be able to test with known vectors */
+	td_outb.ipsec_xform.options.iv_gen_disable = 1;
+
+	return test_ipsec_proto_process(&td_outb, NULL, 1, false, &flags);
+}
+
+static int
 test_ipsec_proto_known_vec_inb(const void *td_outb)
 {
 	struct ipsec_test_flags flags;
@@ -14019,6 +14051,18 @@ static struct unit_test_suite ipsec_proto_testsuite  = {
 	.setup = ipsec_proto_testsuite_setup,
 	.unit_test_cases = {
 		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv4 AES-GCM 128)",
+			ut_setup_security, ut_teardown,
+			test_ipsec_proto_known_vec, &pkt_aes_128_gcm),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv4 AES-GCM 192)",
+			ut_setup_security, ut_teardown,
+			test_ipsec_proto_known_vec, &pkt_aes_192_gcm),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv4 AES-GCM 256)",
+			ut_setup_security, ut_teardown,
+			test_ipsec_proto_known_vec, &pkt_aes_256_gcm),
+		TEST_CASE_NAMED_WITH_DATA(
 			"Inbound known vector (ESP tunnel mode IPv4 AES-GCM 128)",
 			ut_setup_security, ut_teardown,
 			test_ipsec_proto_known_vec_inb, &pkt_aes_128_gcm),
diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c
index 5b54996..f371b15 100644
--- a/app/test/test_cryptodev_security_ipsec.c
+++ b/app/test/test_cryptodev_security_ipsec.c
@@ -77,6 +77,15 @@ test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
 		return -ENOTSUP;
 	}
 
+	if ((ipsec_xform->direction == RTE_SECURITY_IPSEC_SA_DIR_EGRESS) &&
+	    (ipsec_xform->options.iv_gen_disable == 1) &&
+	    (sec_cap->ipsec.options.iv_gen_disable != 1)) {
+		if (!silent)
+			RTE_LOG(INFO, USER1,
+				"Application provided IV is not supported\n");
+		return -ENOTSUP;
+	}
+
 	return 0;
 }
 
@@ -161,9 +170,11 @@ test_ipsec_td_prepare(const struct crypto_param *param1,
 
 		td->xform.aead.aead.algo = param1->alg.aead;
 		td->xform.aead.aead.key.length = param1->key_length;
+
+		if (flags->iv_gen)
+			td->ipsec_xform.options.iv_gen_disable = 0;
 	}
 
-	RTE_SET_USED(flags);
 	RTE_SET_USED(param2);
 }
 
@@ -187,6 +198,9 @@ test_ipsec_td_update(struct ipsec_test_data td_inb[],
 
 		if (flags->udp_encap)
 			td_inb[i].ipsec_xform.options.udp_encap = 1;
+
+		/* Clear outbound specific flags */
+		td_inb[i].ipsec_xform.options.iv_gen_disable = 0;
 	}
 }
 
-- 
2.7.4


  parent reply	other threads:[~2021-09-07 16:18 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-16  5:59 [dpdk-dev] [PATCH 0/3] Add user specified IV with lookaside IPsec Anoob Joseph
2021-08-16  5:59 ` [dpdk-dev] [PATCH 1/3] security: support user specified IV Anoob Joseph
2021-08-16  5:59 ` [dpdk-dev] [PATCH 2/3] crypto/cnxk: add IV in SA in lookaside IPsec debug mode Anoob Joseph
2021-08-16  5:59 ` [dpdk-dev] [PATCH 3/3] test/crypto: add outbound known vector tests Anoob Joseph
2021-09-06 14:58 ` [dpdk-dev] [PATCH v2 0/3] Add user specified IV with lookaside IPsec Anoob Joseph
2021-09-06 14:58   ` [dpdk-dev] [PATCH v2 1/3] security: support user specified IV Anoob Joseph
2021-09-06 19:07     ` Akhil Goyal
2021-09-06 14:58   ` [dpdk-dev] [PATCH v2 2/3] crypto/cnxk: add IV in SA in lookaside IPsec debug mode Anoob Joseph
2021-09-06 19:08     ` Akhil Goyal
2021-09-06 14:58   ` [dpdk-dev] [PATCH v2 3/3] test/crypto: add outbound known vector tests Anoob Joseph
2021-09-06 19:09     ` Akhil Goyal
2021-09-07 16:17   ` [dpdk-dev] [PATCH v3 0/3] Add user specified IV with lookaside IPsec Anoob Joseph
2021-09-07 16:17     ` [dpdk-dev] [PATCH v3 1/3] security: support user specified IV Anoob Joseph
2021-09-16 11:14       ` Ananyev, Konstantin
2021-09-07 16:17     ` [dpdk-dev] [PATCH v3 2/3] crypto/cnxk: add IV in SA in lookaside IPsec debug mode Anoob Joseph
2021-09-07 16:17     ` Anoob Joseph [this message]
2021-09-28  8:32     ` [dpdk-dev] [PATCH v3 0/3] Add user specified IV with lookaside IPsec Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1631031463-211-4-git-send-email-anoobj@marvell.com \
    --to=anoobj@marvell.com \
    --cc=ciara.power@intel.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=g.singh@nxp.com \
    --cc=gakhil@marvell.com \
    --cc=hemant.agrawal@nxp.com \
    --cc=jerinj@marvell.com \
    --cc=konstantin.ananyev@intel.com \
    --cc=ktejasree@marvell.com \
    --cc=marchana@marvell.com \
    --cc=radu.nicolau@intel.com \
    --cc=roy.fan.zhang@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.