All of lore.kernel.org
 help / color / mirror / Atom feed
From: Anoob Joseph <anoobj@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>,
	Declan Doherty <declan.doherty@intel.com>,
	Fan Zhang <roy.fan.zhang@intel.com>,
	"Pablo de Lara" <pablo.de.lara.guarch@intel.com>
Cc: Anoob Joseph <anoobj@marvell.com>,
	Jerin Jacob <jerinj@marvell.com>,
	Archana Muniganti <marchana@marvell.com>,
	Tejasree Kondoj <ktejasree@marvell.com>,
	Hemant Agrawal <hemant.agrawal@nxp.com>,
	"Radu Nicolau" <radu.nicolau@intel.com>,
	Ciara Power <ciara.power@intel.com>,
	Gagandeep Singh <g.singh@nxp.com>, <dev@dpdk.org>
Subject: [PATCH 03/13] test/crypto: add chained operations in combined cases
Date: Mon, 6 Dec 2021 13:28:38 +0530	[thread overview]
Message-ID: <1638777528-553-4-git-send-email-anoobj@marvell.com> (raw)
In-Reply-To: <1638777528-553-1-git-send-email-anoobj@marvell.com>

Extend lookaside IPsec combined mode cases to cover chained operations
also.

Currently covering combinations of,

Ciphers,
1. AES-128-CBC

Auth,
1. NULL
2. SHA2-256 [16B ICV]

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 app/test/test_cryptodev.c                | 11 +++--
 app/test/test_cryptodev_security_ipsec.c | 77 +++++++++++++++++++++++++-------
 app/test/test_cryptodev_security_ipsec.h | 36 +++++++++++++++
 3 files changed, 103 insertions(+), 21 deletions(-)

diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 3fa618d..2a7ede6 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -835,6 +835,8 @@ ipsec_proto_testsuite_setup(void)
 		ret = TEST_SKIPPED;
 	}
 
+	test_ipsec_alg_list_populate();
+
 	/*
 	 * Stop the device. Device would be started again by individual test
 	 * case setup routine.
@@ -9381,9 +9383,9 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags)
 	    flags->sa_expiry_pkts_hard)
 		nb_pkts = IPSEC_TEST_PACKETS_MAX;
 
-	for (i = 0; i < RTE_DIM(aead_list); i++) {
-		test_ipsec_td_prepare(&aead_list[i],
-				      NULL,
+	for (i = 0; i < RTE_DIM(alg_list); i++) {
+		test_ipsec_td_prepare(alg_list[i].param1,
+				      alg_list[i].param2,
 				      flags,
 				      td_outb,
 				      nb_pkts);
@@ -9407,7 +9409,8 @@ test_ipsec_proto_all(const struct ipsec_test_flags *flags)
 			return TEST_FAILED;
 
 		if (flags->display_alg)
-			test_ipsec_display_alg(&aead_list[i], NULL);
+			test_ipsec_display_alg(alg_list[i].param1,
+					       alg_list[i].param2);
 
 		pass_cnt++;
 	}
diff --git a/app/test/test_cryptodev_security_ipsec.c b/app/test/test_cryptodev_security_ipsec.c
index 45960bf..5f67dc0 100644
--- a/app/test/test_cryptodev_security_ipsec.c
+++ b/app/test/test_cryptodev_security_ipsec.c
@@ -15,7 +15,29 @@
 
 #define IV_LEN_MAX 16
 
-extern struct ipsec_test_data pkt_aes_256_gcm;
+struct crypto_param_comb alg_list[RTE_DIM(aead_list) +
+				  (RTE_DIM(cipher_list) *
+				   RTE_DIM(auth_list))];
+
+void
+test_ipsec_alg_list_populate(void)
+{
+	unsigned long i, j, index = 0;
+
+	for (i = 0; i < RTE_DIM(aead_list); i++) {
+		alg_list[index].param1 = &aead_list[i];
+		alg_list[index].param2 = NULL;
+		index++;
+	}
+
+	for (i = 0; i < RTE_DIM(cipher_list); i++) {
+		for (j = 0; j < RTE_DIM(auth_list); j++) {
+			alg_list[index].param1 = &cipher_list[i];
+			alg_list[index].param2 = &auth_list[j];
+			index++;
+		}
+	}
+}
 
 int
 test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
@@ -293,18 +315,31 @@ test_ipsec_td_prepare(const struct crypto_param *param1,
 
 	for (i = 0; i < nb_td; i++) {
 		td = &td_array[i];
-		/* Copy template for packet & key fields */
-		memcpy(td, &pkt_aes_256_gcm, sizeof(*td));
 
-		/* Override fields based on param */
+		/* Prepare fields based on param */
+
+		if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+			/* Copy template for packet & key fields */
+			memcpy(td, &pkt_aes_256_gcm, sizeof(*td));
 
-		if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD)
 			td->aead = true;
-		else
+			td->xform.aead.aead.algo = param1->alg.aead;
+			td->xform.aead.aead.key.length = param1->key_length;
+		} else {
+			/* Copy template for packet & key fields */
+			memcpy(td, &pkt_aes_128_cbc_hmac_sha256, sizeof(*td));
+
 			td->aead = false;
+			td->xform.chain.cipher.cipher.algo = param1->alg.cipher;
+			td->xform.chain.cipher.cipher.key.length =
+					param1->key_length;
+			td->xform.chain.auth.auth.algo = param2->alg.auth;
+			td->xform.chain.auth.auth.key.length =
+					param2->key_length;
+			td->xform.chain.auth.auth.digest_length =
+					param2->digest_length;
 
-		td->xform.aead.aead.algo = param1->alg.aead;
-		td->xform.aead.aead.key.length = param1->key_length;
+		}
 
 		if (flags->iv_gen)
 			td->ipsec_xform.options.iv_gen_disable = 0;
@@ -324,8 +359,6 @@ test_ipsec_td_prepare(const struct crypto_param *param1,
 		}
 
 	}
-
-	RTE_SET_USED(param2);
 }
 
 void
@@ -374,12 +407,21 @@ void
 test_ipsec_display_alg(const struct crypto_param *param1,
 		       const struct crypto_param *param2)
 {
-	if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD)
-		printf("\t%s [%d]\n",
+	if (param1->type == RTE_CRYPTO_SYM_XFORM_AEAD) {
+		printf("\t%s [%d]",
 		       rte_crypto_aead_algorithm_strings[param1->alg.aead],
-		       param1->key_length);
-
-	RTE_SET_USED(param2);
+		       param1->key_length * 8);
+	} else {
+		printf("\t%s",
+		       rte_crypto_cipher_algorithm_strings[param1->alg.cipher]);
+		if (param1->alg.cipher != RTE_CRYPTO_CIPHER_NULL)
+			printf(" [%d]", param1->key_length * 8);
+		printf(" %s",
+		       rte_crypto_auth_algorithm_strings[param2->alg.auth]);
+		if (param2->alg.auth != RTE_CRYPTO_AUTH_NULL)
+			printf(" [%dB ICV]", param2->digest_length);
+	}
+	printf("\n");
 }
 
 static int
@@ -631,8 +673,9 @@ test_ipsec_res_d_prepare(struct rte_mbuf *m, const struct ipsec_test_data *td,
 	if (res_d->aead) {
 		res_d->xform.aead.aead.op = RTE_CRYPTO_AEAD_OP_DECRYPT;
 	} else {
-		printf("Only AEAD supported\n");
-		return TEST_SKIPPED;
+		res_d->xform.chain.cipher.cipher.op =
+				RTE_CRYPTO_CIPHER_OP_DECRYPT;
+		res_d->xform.chain.auth.auth.op = RTE_CRYPTO_AUTH_OP_VERIFY;
 	}
 
 	return TEST_SUCCESS;
diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h
index 70a264a..b1f0ff8 100644
--- a/app/test/test_cryptodev_security_ipsec.h
+++ b/app/test/test_cryptodev_security_ipsec.h
@@ -71,6 +71,7 @@ struct crypto_param {
 		enum rte_crypto_aead_algorithm aead;
 	} alg;
 	uint16_t key_length;
+	uint16_t digest_length;
 };
 
 static const struct crypto_param aead_list[] = {
@@ -91,6 +92,41 @@ static const struct crypto_param aead_list[] = {
 	},
 };
 
+static const struct crypto_param cipher_list[] = {
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+		.alg.cipher =  RTE_CRYPTO_CIPHER_AES_CBC,
+		.key_length = 16,
+	},
+};
+
+static const struct crypto_param auth_list[] = {
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_AUTH,
+		.alg.auth =  RTE_CRYPTO_AUTH_NULL,
+	},
+	{
+		.type = RTE_CRYPTO_SYM_XFORM_AUTH,
+		.alg.auth =  RTE_CRYPTO_AUTH_SHA256_HMAC,
+		.key_length = 32,
+		.digest_length = 16,
+	},
+};
+
+struct crypto_param_comb {
+	const struct crypto_param *param1;
+	const struct crypto_param *param2;
+};
+
+extern struct ipsec_test_data pkt_aes_256_gcm;
+extern struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256;
+
+extern struct crypto_param_comb alg_list[RTE_DIM(aead_list) +
+					 (RTE_DIM(cipher_list) *
+					  RTE_DIM(auth_list))];
+
+void test_ipsec_alg_list_populate(void);
+
 int test_ipsec_sec_caps_verify(struct rte_security_ipsec_xform *ipsec_xform,
 			       const struct rte_security_capability *sec_cap,
 			       bool silent);
-- 
2.7.4


  parent reply	other threads:[~2021-12-06  7:59 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-12-06  7:58 [PATCH 00/13] Add new cases to lookaside IPsec tests Anoob Joseph
2021-12-06  7:58 ` [PATCH 01/13] test/crypto: add IPsec aes-cbc known vectors Anoob Joseph
2021-12-06  7:58 ` [PATCH 02/13] test/crypto: add IPsec AES-CBC-HMAC-SHA256 " Anoob Joseph
2021-12-06  7:58 ` Anoob Joseph [this message]
2021-12-06  7:58 ` [PATCH 04/13] test/crypto: add IPv6 tunnel mode cases Anoob Joseph
2021-12-06  7:58 ` [PATCH 05/13] test/crypto: add IPsec HMAC-SHA384/512 known vectors Anoob Joseph
2021-12-06  7:58 ` [PATCH 06/13] test/crypto: add IPsec fragmented packet " Anoob Joseph
2021-12-06  7:58 ` [PATCH 07/13] test/crypto: add transport mode cases Anoob Joseph
2021-12-06  7:58 ` [PATCH 08/13] test/crypto: add security stats cases Anoob Joseph
2021-12-06  7:58 ` [PATCH 09/13] test/crypto: add lookaside IPsec AES-CTR known vectors Anoob Joseph
2021-12-06  7:58 ` [PATCH 10/13] test/crypto: add fragmented packet case Anoob Joseph
2021-12-06  7:58 ` [PATCH 11/13] test/crypto: skip null auth in ICV corrupt case Anoob Joseph
2021-12-06  7:58 ` [PATCH 12/13] test/crypto: add aes xcbc known vectors Anoob Joseph
2021-12-06  7:58 ` [PATCH 13/13] test/crypto: add copy and set DF cases Anoob Joseph
2021-12-06 11:07 ` [PATCH v2 00/13] Add new cases to lookaside IPsec tests Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 01/13] test/crypto: add IPsec aes-cbc known vectors Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 02/13] test/crypto: add IPsec AES-CBC-HMAC-SHA256 " Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 03/13] test/crypto: add chained operations in combined cases Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 04/13] test/crypto: add IPv6 tunnel mode cases Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 05/13] test/crypto: add IPsec HMAC-SHA384/512 known vectors Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 06/13] test/crypto: add IPsec fragmented packet " Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 07/13] test/crypto: add transport mode cases Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 08/13] test/crypto: add security stats cases Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 09/13] test/crypto: add lookaside IPsec AES-CTR known vectors Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 10/13] test/crypto: add fragmented packet case Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 11/13] test/crypto: skip null auth in ICV corrupt case Anoob Joseph
2021-12-06 11:07   ` [PATCH v2 12/13] test/crypto: add aes xcbc known vectors Anoob Joseph
2021-12-06 11:08   ` [PATCH v2 13/13] test/crypto: add copy and set DF cases Anoob Joseph
2022-01-21 11:02   ` [PATCH v2 00/13] Add new cases to lookaside IPsec tests Akhil Goyal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1638777528-553-4-git-send-email-anoobj@marvell.com \
    --to=anoobj@marvell.com \
    --cc=ciara.power@intel.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=g.singh@nxp.com \
    --cc=gakhil@marvell.com \
    --cc=hemant.agrawal@nxp.com \
    --cc=jerinj@marvell.com \
    --cc=ktejasree@marvell.com \
    --cc=marchana@marvell.com \
    --cc=pablo.de.lara.guarch@intel.com \
    --cc=radu.nicolau@intel.com \
    --cc=roy.fan.zhang@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.