[dpdk-dev] [PATCH v2 23/27] app/test-crypto-perf: add AEAD parameters

Pablo de Lara pablo.de.lara.guarch at intel.com
Mon Jun 26 12:22:56 CEST 2017


Signed-off-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>
---
 app/test-crypto-perf/cperf_ops.c                 | 134 ++++++++++------------
 app/test-crypto-perf/cperf_options.h             |  22 +++-
 app/test-crypto-perf/cperf_options_parsing.c     | 138 ++++++++++++++++-------
 app/test-crypto-perf/cperf_test_latency.c        |   8 +-
 app/test-crypto-perf/cperf_test_throughput.c     |   8 +-
 app/test-crypto-perf/cperf_test_vector_parsing.c |  12 +-
 app/test-crypto-perf/cperf_test_vectors.c        | 106 ++++++++++-------
 app/test-crypto-perf/cperf_test_vectors.h        |  12 ++
 app/test-crypto-perf/cperf_test_verify.c         |  10 +-
 app/test-crypto-perf/main.c                      |  42 +++++--
 doc/guides/tools/cryptoperf.rst                  |  32 +++++-
 11 files changed, 328 insertions(+), 196 deletions(-)

diff --git a/app/test-crypto-perf/cperf_ops.c b/app/test-crypto-perf/cperf_ops.c
index b8bd397..ac4a12b 100644
--- a/app/test-crypto-perf/cperf_ops.c
+++ b/app/test-crypto-perf/cperf_ops.c
@@ -176,8 +176,6 @@ cperf_set_ops_auth(struct rte_crypto_op **ops,
 					uint8_t *, offset);
 			sym_op->auth.digest.phys_addr =
 					rte_pktmbuf_mtophys_offset(buf,	offset);
-			sym_op->auth.aad.phys_addr = test_vector->aad.phys_addr;
-			sym_op->auth.aad.data = test_vector->aad.data;
 
 		}
 
@@ -262,8 +260,6 @@ cperf_set_ops_cipher_auth(struct rte_crypto_op **ops,
 					uint8_t *, offset);
 			sym_op->auth.digest.phys_addr =
 					rte_pktmbuf_mtophys_offset(buf,	offset);
-			sym_op->auth.aad.phys_addr = test_vector->aad.phys_addr;
-			sym_op->auth.aad.data = test_vector->aad.data;
 		}
 
 		if (options->auth_algo == RTE_CRYPTO_AUTH_SNOW3G_UIA2 ||
@@ -301,23 +297,22 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
 				test_vector->cipher_iv.data,
 				test_vector->cipher_iv.length);
 
-		/* cipher parameters */
-		sym_op->cipher.data.length = options->test_buffer_size;
-		sym_op->cipher.data.offset =
-				RTE_ALIGN_CEIL(options->auth_aad_sz, 16);
+		/* AEAD parameters */
+		sym_op->aead.data.length = options->test_buffer_size;
+		sym_op->aead.data.offset =
+				RTE_ALIGN_CEIL(options->aead_aad_sz, 16);
 
-		sym_op->auth.aad.data = rte_pktmbuf_mtod(bufs_in[i], uint8_t *);
-		sym_op->auth.aad.phys_addr = rte_pktmbuf_mtophys(bufs_in[i]);
+		sym_op->aead.aad.data = rte_pktmbuf_mtod(bufs_in[i], uint8_t *);
+		sym_op->aead.aad.phys_addr = rte_pktmbuf_mtophys(bufs_in[i]);
 
-		/* authentication parameters */
-		if (options->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) {
-			sym_op->auth.digest.data = test_vector->digest.data;
-			sym_op->auth.digest.phys_addr =
+		if (options->aead_op == RTE_CRYPTO_AEAD_OP_DECRYPT) {
+			sym_op->aead.digest.data = test_vector->digest.data;
+			sym_op->aead.digest.phys_addr =
 					test_vector->digest.phys_addr;
 		} else {
 
-			uint32_t offset = sym_op->cipher.data.length +
-						sym_op->cipher.data.offset;
+			uint32_t offset = sym_op->aead.data.length +
+						sym_op->aead.data.offset;
 			struct rte_mbuf *buf, *tbuf;
 
 			if (options->out_of_place) {
@@ -333,14 +328,11 @@ cperf_set_ops_aead(struct rte_crypto_op **ops,
 				}
 			}
 
-			sym_op->auth.digest.data = rte_pktmbuf_mtod_offset(buf,
+			sym_op->aead.digest.data = rte_pktmbuf_mtod_offset(buf,
 					uint8_t *, offset);
-			sym_op->auth.digest.phys_addr =
+			sym_op->aead.digest.phys_addr =
 					rte_pktmbuf_mtophys_offset(buf,	offset);
 		}
-
-		sym_op->auth.data.length = options->test_buffer_size;
-		sym_op->auth.data.offset = options->auth_aad_sz;
 	}
 
 	return 0;
@@ -354,6 +346,7 @@ cperf_create_session(uint8_t dev_id,
 {
 	struct rte_crypto_sym_xform cipher_xform;
 	struct rte_crypto_sym_xform auth_xform;
+	struct rte_crypto_sym_xform aead_xform;
 	struct rte_cryptodev_sym_session *sess = NULL;
 
 	/*
@@ -393,9 +386,7 @@ cperf_create_session(uint8_t dev_id,
 		/* auth different than null */
 		if (options->auth_algo != RTE_CRYPTO_AUTH_NULL) {
 			auth_xform.auth.digest_length =
-					options->auth_digest_sz;
-			auth_xform.auth.add_auth_data_length =
-					options->auth_aad_sz;
+					options->digest_sz;
 			auth_xform.auth.key.length =
 					test_vector->auth_key.length;
 			auth_xform.auth.key.data = test_vector->auth_key.data;
@@ -414,9 +405,7 @@ cperf_create_session(uint8_t dev_id,
 	 * cipher and auth
 	 */
 	} else if (options->op_type == CPERF_CIPHER_THEN_AUTH
-			|| options->op_type == CPERF_AUTH_THEN_CIPHER
-			|| options->op_type == CPERF_AEAD) {
-
+			|| options->op_type == CPERF_AUTH_THEN_CIPHER) {
 		/*
 		 * cipher
 		 */
@@ -450,23 +439,12 @@ cperf_create_session(uint8_t dev_id,
 
 		/* auth different than null */
 		if (options->auth_algo != RTE_CRYPTO_AUTH_NULL) {
-			auth_xform.auth.digest_length = options->auth_digest_sz;
-			auth_xform.auth.add_auth_data_length =
-					options->auth_aad_sz;
-			/* auth options for aes gcm */
-			if (options->cipher_algo == RTE_CRYPTO_CIPHER_AES_GCM &&
-				options->auth_algo == RTE_CRYPTO_AUTH_AES_GCM) {
-				auth_xform.auth.key.length = 0;
-				auth_xform.auth.key.data = NULL;
-				auth_xform.auth.iv.length = 0;
-			} else { /* auth options for others */
-				auth_xform.auth.key.length =
+			auth_xform.auth.digest_length = options->digest_sz;
+			auth_xform.auth.iv.length = test_vector->auth_iv.length;
+			auth_xform.auth.key.length =
 					test_vector->auth_key.length;
-				auth_xform.auth.key.data =
-						test_vector->auth_key.data;
-				auth_xform.auth.iv.length =
-						test_vector->auth_iv.length;
-			}
+			auth_xform.auth.key.data =
+					test_vector->auth_key.data;
 		} else {
 			auth_xform.auth.digest_length = 0;
 			auth_xform.auth.add_auth_data_length = 0;
@@ -475,35 +453,39 @@ cperf_create_session(uint8_t dev_id,
 			auth_xform.auth.iv.length = 0;
 		}
 
-		/* create crypto session for aes gcm */
-		if (options->cipher_algo == RTE_CRYPTO_CIPHER_AES_GCM) {
-			if (options->cipher_op ==
-					RTE_CRYPTO_CIPHER_OP_ENCRYPT) {
-				cipher_xform.next = &auth_xform;
-				/* create crypto session */
-				sess = rte_cryptodev_sym_session_create(dev_id,
-					&cipher_xform);
-			} else { /* decrypt */
-				auth_xform.next = &cipher_xform;
-				/* create crypto session */
-				sess = rte_cryptodev_sym_session_create(dev_id,
-					&auth_xform);
-			}
-		} else { /* create crypto session for other */
-			/* cipher then auth */
-			if (options->op_type == CPERF_CIPHER_THEN_AUTH) {
-				cipher_xform.next = &auth_xform;
-				/* create crypto session */
-				sess = rte_cryptodev_sym_session_create(dev_id,
+		/* cipher then auth */
+		if (options->op_type == CPERF_CIPHER_THEN_AUTH) {
+			cipher_xform.next = &auth_xform;
+			/* create crypto session */
+			sess = rte_cryptodev_sym_session_create(dev_id,
 						&cipher_xform);
-			} else { /* auth then cipher */
-				auth_xform.next = &cipher_xform;
-				/* create crypto session */
-				sess = rte_cryptodev_sym_session_create(dev_id,
-						&auth_xform);
-			}
+		} else { /* auth then cipher */
+			auth_xform.next = &cipher_xform;
+			/* create crypto session */
+			sess = rte_cryptodev_sym_session_create(dev_id,
+					&auth_xform);
 		}
+	} else { /* options->op_type == CPERF_AEAD */
+		aead_xform.type = RTE_CRYPTO_SYM_XFORM_AEAD;
+		aead_xform.next = NULL;
+		aead_xform.aead.algo = options->aead_algo;
+		aead_xform.aead.op = options->aead_op;
+		aead_xform.aead.iv.offset = iv_offset;
+
+		aead_xform.aead.key.data =
+					test_vector->aead_key.data;
+		aead_xform.aead.key.length =
+					test_vector->aead_key.length;
+		aead_xform.aead.iv.length = test_vector->aead_iv.length;
+
+		aead_xform.aead.digest_length = options->digest_sz;
+		aead_xform.aead.add_auth_data_length =
+					options->aead_aad_sz;
+
+		/* Create crypto session */
+		sess = rte_cryptodev_sym_session_create(dev_id, &aead_xform);
 	}
+
 	return sess;
 }
 
@@ -515,14 +497,14 @@ cperf_get_op_functions(const struct cperf_options *options,
 
 	op_fns->sess_create = cperf_create_session;
 
-	if (options->op_type == CPERF_AEAD
-			|| options->op_type == CPERF_AUTH_THEN_CIPHER
+	if (options->op_type == CPERF_AEAD) {
+		op_fns->populate_ops = cperf_set_ops_aead;
+		return 0;
+	}
+
+	if (options->op_type == CPERF_AUTH_THEN_CIPHER
 			|| options->op_type == CPERF_CIPHER_THEN_AUTH) {
-		if (options->cipher_algo == RTE_CRYPTO_CIPHER_AES_GCM &&
-				options->auth_algo == RTE_CRYPTO_AUTH_AES_GCM)
-			op_fns->populate_ops = cperf_set_ops_aead;
-		else
-			op_fns->populate_ops = cperf_set_ops_cipher_auth;
+		op_fns->populate_ops = cperf_set_ops_cipher_auth;
 		return 0;
 	}
 	if (options->op_type == CPERF_AUTH_ONLY) {
diff --git a/app/test-crypto-perf/cperf_options.h b/app/test-crypto-perf/cperf_options.h
index 0e53c03..10cd2d8 100644
--- a/app/test-crypto-perf/cperf_options.h
+++ b/app/test-crypto-perf/cperf_options.h
@@ -29,8 +29,15 @@
 #define CPERF_AUTH_OP		("auth-op")
 #define CPERF_AUTH_KEY_SZ	("auth-key-sz")
 #define CPERF_AUTH_IV_SZ	("auth-iv-sz")
-#define CPERF_AUTH_DIGEST_SZ	("auth-digest-sz")
-#define CPERF_AUTH_AAD_SZ	("auth-aad-sz")
+
+#define CPERF_AEAD_ALGO		("aead-algo")
+#define CPERF_AEAD_OP		("aead-op")
+#define CPERF_AEAD_KEY_SZ	("aead-key-sz")
+#define CPERF_AEAD_IV_SZ	("aead-iv-sz")
+#define CPERF_AEAD_AAD_SZ	("aead-aad-sz")
+
+#define CPERF_DIGEST_SZ		("digest-sz")
+
 #define CPERF_CSV		("csv-friendly")
 
 #define MAX_LIST 32
@@ -78,8 +85,15 @@ struct cperf_options {
 
 	uint16_t auth_key_sz;
 	uint16_t auth_iv_sz;
-	uint16_t auth_digest_sz;
-	uint16_t auth_aad_sz;
+
+	enum rte_crypto_aead_algorithm aead_algo;
+	enum rte_crypto_aead_operation aead_op;
+
+	uint16_t aead_key_sz;
+	uint16_t aead_iv_sz;
+	uint16_t aead_aad_sz;
+
+	uint16_t digest_sz;
 
 	char device_type[RTE_CRYPTODEV_NAME_LEN];
 	enum cperf_op_type op_type;
diff --git a/app/test-crypto-perf/cperf_options_parsing.c b/app/test-crypto-perf/cperf_options_parsing.c
index 5c2dcff..d5bddb2 100644
--- a/app/test-crypto-perf/cperf_options_parsing.c
+++ b/app/test-crypto-perf/cperf_options_parsing.c
@@ -543,9 +543,9 @@ parse_auth_key_sz(struct cperf_options *opts, const char *arg)
 }
 
 static int
-parse_auth_digest_sz(struct cperf_options *opts, const char *arg)
+parse_digest_sz(struct cperf_options *opts, const char *arg)
 {
-	return parse_uint16_t(&opts->auth_digest_sz, arg);
+	return parse_uint16_t(&opts->digest_sz, arg);
 }
 
 static int
@@ -555,9 +555,64 @@ parse_auth_iv_sz(struct cperf_options *opts, const char *arg)
 }
 
 static int
-parse_auth_aad_sz(struct cperf_options *opts, const char *arg)
+parse_aead_algo(struct cperf_options *opts, const char *arg)
 {
-	return parse_uint16_t(&opts->auth_aad_sz, arg);
+	enum rte_crypto_aead_algorithm aead_algo;
+
+	if (rte_cryptodev_get_aead_algo_enum(&aead_algo, arg) < 0) {
+		RTE_LOG(ERR, USER1, "Invalid AEAD algorithm specified\n");
+		return -1;
+	}
+
+	opts->aead_algo = aead_algo;
+
+	return 0;
+}
+
+static int
+parse_aead_op(struct cperf_options *opts, const char *arg)
+{
+	struct name_id_map aead_op_namemap[] = {
+		{
+			rte_crypto_aead_operation_strings
+			[RTE_CRYPTO_AEAD_OP_ENCRYPT],
+			RTE_CRYPTO_AEAD_OP_ENCRYPT },
+		{
+			rte_crypto_aead_operation_strings
+			[RTE_CRYPTO_AEAD_OP_DECRYPT],
+			RTE_CRYPTO_AEAD_OP_DECRYPT
+		}
+	};
+
+	int id = get_str_key_id_mapping(aead_op_namemap,
+			RTE_DIM(aead_op_namemap), arg);
+	if (id < 0) {
+		RTE_LOG(ERR, USER1, "invalid AEAD operation specified"
+				"\n");
+		return -1;
+	}
+
+	opts->aead_op = (enum rte_crypto_aead_operation)id;
+
+	return 0;
+}
+
+static int
+parse_aead_key_sz(struct cperf_options *opts, const char *arg)
+{
+	return parse_uint16_t(&opts->aead_key_sz, arg);
+}
+
+static int
+parse_aead_iv_sz(struct cperf_options *opts, const char *arg)
+{
+	return parse_uint16_t(&opts->aead_iv_sz, arg);
+}
+
+static int
+parse_aead_aad_sz(struct cperf_options *opts, const char *arg)
+{
+	return parse_uint16_t(&opts->aead_aad_sz, arg);
 }
 
 static int
@@ -606,8 +661,17 @@ static struct option lgopts[] = {
 	{ CPERF_AUTH_OP, required_argument, 0, 0 },
 
 	{ CPERF_AUTH_KEY_SZ, required_argument, 0, 0 },
-	{ CPERF_AUTH_DIGEST_SZ, required_argument, 0, 0 },
-	{ CPERF_AUTH_AAD_SZ, required_argument, 0, 0 },
+	{ CPERF_AUTH_IV_SZ, required_argument, 0, 0 },
+
+	{ CPERF_AEAD_ALGO, required_argument, 0, 0 },
+	{ CPERF_AEAD_OP, required_argument, 0, 0 },
+
+	{ CPERF_AEAD_KEY_SZ, required_argument, 0, 0 },
+	{ CPERF_AEAD_AAD_SZ, required_argument, 0, 0 },
+	{ CPERF_AEAD_IV_SZ, required_argument, 0, 0 },
+
+	{ CPERF_DIGEST_SZ, required_argument, 0, 0 },
+
 	{ CPERF_CSV, no_argument, 0, 0},
 
 	{ NULL, 0, 0, 0 }
@@ -656,9 +720,13 @@ cperf_options_default(struct cperf_options *opts)
 	opts->auth_op = RTE_CRYPTO_AUTH_OP_GENERATE;
 
 	opts->auth_key_sz = 64;
-	opts->auth_digest_sz = 12;
 	opts->auth_iv_sz = 0;
-	opts->auth_aad_sz = 0;
+
+	opts->aead_key_sz = 0;
+	opts->aead_iv_sz = 0;
+	opts->aead_aad_sz = 0;
+
+	opts->digest_sz = 12;
 }
 
 static int
@@ -686,9 +754,13 @@ cperf_opts_parse_long(int opt_idx, struct cperf_options *opts)
 		{ CPERF_AUTH_OP,	parse_auth_op },
 		{ CPERF_AUTH_KEY_SZ,	parse_auth_key_sz },
 		{ CPERF_AUTH_IV_SZ,	parse_auth_iv_sz },
-		{ CPERF_AUTH_DIGEST_SZ,	parse_auth_digest_sz },
-		{ CPERF_AUTH_AAD_SZ,	parse_auth_aad_sz },
-		{ CPERF_CSV,	parse_csv_friendly},
+		{ CPERF_AEAD_ALGO,	parse_aead_algo },
+		{ CPERF_AEAD_OP,	parse_aead_op },
+		{ CPERF_AEAD_KEY_SZ,	parse_aead_key_sz },
+		{ CPERF_AEAD_IV_SZ,	parse_aead_iv_sz },
+		{ CPERF_AEAD_AAD_SZ,	parse_aead_aad_sz },
+		{ CPERF_DIGEST_SZ,	parse_digest_sz },
+		{ CPERF_CSV,		parse_csv_friendly},
 	};
 	unsigned int i;
 
@@ -803,30 +875,7 @@ cperf_options_check(struct cperf_options *options)
 					" options: decrypt and verify.\n");
 			return -EINVAL;
 		}
-	} else if (options->op_type == CPERF_AEAD) {
-		if (!(options->cipher_op == RTE_CRYPTO_CIPHER_OP_ENCRYPT &&
-				options->auth_op ==
-				RTE_CRYPTO_AUTH_OP_GENERATE) &&
-				!(options->cipher_op ==
-				RTE_CRYPTO_CIPHER_OP_DECRYPT &&
-				options->auth_op ==
-				RTE_CRYPTO_AUTH_OP_VERIFY)) {
-			RTE_LOG(ERR, USER1, "Use together options: encrypt and"
-					" generate or decrypt and verify.\n");
-			return -EINVAL;
-		}
-	}
-
-	if (options->cipher_algo == RTE_CRYPTO_CIPHER_AES_GCM ||
-			options->cipher_algo == RTE_CRYPTO_CIPHER_AES_CCM ||
-			options->auth_algo == RTE_CRYPTO_AUTH_AES_GCM ||
-			options->auth_algo == RTE_CRYPTO_AUTH_AES_CCM) {
-		if (options->op_type != CPERF_AEAD) {
-			RTE_LOG(ERR, USER1, "Use --optype aead\n");
-			return -EINVAL;
-		}
 	}
-
 	if (options->cipher_algo == RTE_CRYPTO_CIPHER_AES_CBC ||
 			options->cipher_algo == RTE_CRYPTO_CIPHER_AES_ECB) {
 		if (options->inc_buffer_size != 0)
@@ -914,23 +963,20 @@ cperf_options_dump(struct cperf_options *opts)
 
 	if (opts->op_type == CPERF_AUTH_ONLY ||
 			opts->op_type == CPERF_CIPHER_THEN_AUTH ||
-			opts->op_type == CPERF_AUTH_THEN_CIPHER ||
-			opts->op_type == CPERF_AEAD) {
+			opts->op_type == CPERF_AUTH_THEN_CIPHER) {
 		printf("# auth algorithm: %s\n",
 			rte_crypto_auth_algorithm_strings[opts->auth_algo]);
 		printf("# auth operation: %s\n",
 			rte_crypto_auth_operation_strings[opts->auth_op]);
 		printf("# auth key size: %u\n", opts->auth_key_sz);
 		printf("# auth iv size: %u\n", opts->auth_iv_sz);
-		printf("# auth digest size: %u\n", opts->auth_digest_sz);
-		printf("# auth aad size: %u\n", opts->auth_aad_sz);
+		printf("# auth digest size: %u\n", opts->digest_sz);
 		printf("#\n");
 	}
 
 	if (opts->op_type == CPERF_CIPHER_ONLY ||
 			opts->op_type == CPERF_CIPHER_THEN_AUTH ||
-			opts->op_type == CPERF_AUTH_THEN_CIPHER ||
-			opts->op_type == CPERF_AEAD) {
+			opts->op_type == CPERF_AUTH_THEN_CIPHER) {
 		printf("# cipher algorithm: %s\n",
 			rte_crypto_cipher_algorithm_strings[opts->cipher_algo]);
 		printf("# cipher operation: %s\n",
@@ -939,4 +985,16 @@ cperf_options_dump(struct cperf_options *opts)
 		printf("# cipher iv size: %u\n", opts->cipher_iv_sz);
 		printf("#\n");
 	}
+
+	if (opts->op_type == CPERF_AEAD) {
+		printf("# aead algorithm: %s\n",
+			rte_crypto_aead_algorithm_strings[opts->aead_algo]);
+		printf("# aead operation: %s\n",
+			rte_crypto_aead_operation_strings[opts->aead_op]);
+		printf("# aead key size: %u\n", opts->aead_key_sz);
+		printf("# aead iv size: %u\n", opts->aead_iv_sz);
+		printf("# aead digest size: %u\n", opts->digest_sz);
+		printf("# aead aad size: %u\n", opts->aead_aad_sz);
+		printf("#\n");
+	}
 }
diff --git a/app/test-crypto-perf/cperf_test_latency.c b/app/test-crypto-perf/cperf_test_latency.c
index f828366..16c114b 100644
--- a/app/test-crypto-perf/cperf_test_latency.c
+++ b/app/test-crypto-perf/cperf_test_latency.c
@@ -167,14 +167,14 @@ cperf_mbuf_create(struct rte_mempool *mempool,
 
 	if (options->op_type != CPERF_CIPHER_ONLY) {
 		mbuf_data = (uint8_t *)rte_pktmbuf_append(mbuf,
-			options->auth_digest_sz);
+			options->digest_sz);
 		if (mbuf_data == NULL)
 			goto error;
 	}
 
 	if (options->op_type == CPERF_AEAD) {
 		uint8_t *aead = (uint8_t *)rte_pktmbuf_prepend(mbuf,
-			RTE_ALIGN_CEIL(options->auth_aad_sz, 16));
+			RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
 
 		if (aead == NULL)
 			goto error;
@@ -229,7 +229,7 @@ cperf_latency_test_constructor(uint8_t dev_id, uint16_t qp_id,
 			RTE_CACHE_LINE_ROUNDUP(
 				(options->max_buffer_size / options->segments_nb) +
 				(options->max_buffer_size % options->segments_nb) +
-					options->auth_digest_sz),
+					options->digest_sz),
 			rte_socket_id());
 
 	if (ctx->pkt_mbuf_pool_in == NULL)
@@ -259,7 +259,7 @@ cperf_latency_test_constructor(uint8_t dev_id, uint16_t qp_id,
 				RTE_PKTMBUF_HEADROOM +
 				RTE_CACHE_LINE_ROUNDUP(
 					options->max_buffer_size +
-					options->auth_digest_sz),
+					options->digest_sz),
 				rte_socket_id());
 
 		if (ctx->pkt_mbuf_pool_out == NULL)
diff --git a/app/test-crypto-perf/cperf_test_throughput.c b/app/test-crypto-perf/cperf_test_throughput.c
index 1e3f3b3..1ff1560 100644
--- a/app/test-crypto-perf/cperf_test_throughput.c
+++ b/app/test-crypto-perf/cperf_test_throughput.c
@@ -151,14 +151,14 @@ cperf_mbuf_create(struct rte_mempool *mempool,
 
 	if (options->op_type != CPERF_CIPHER_ONLY) {
 		mbuf_data = (uint8_t *)rte_pktmbuf_append(mbuf,
-				options->auth_digest_sz);
+				options->digest_sz);
 		if (mbuf_data == NULL)
 			goto error;
 	}
 
 	if (options->op_type == CPERF_AEAD) {
 		uint8_t *aead = (uint8_t *)rte_pktmbuf_prepend(mbuf,
-			RTE_ALIGN_CEIL(options->auth_aad_sz, 16));
+			RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
 
 		if (aead == NULL)
 			goto error;
@@ -212,7 +212,7 @@ cperf_throughput_test_constructor(uint8_t dev_id, uint16_t qp_id,
 			RTE_CACHE_LINE_ROUNDUP(
 				(options->max_buffer_size / options->segments_nb) +
 				(options->max_buffer_size % options->segments_nb) +
-					options->auth_digest_sz),
+					options->digest_sz),
 			rte_socket_id());
 
 	if (ctx->pkt_mbuf_pool_in == NULL)
@@ -240,7 +240,7 @@ cperf_throughput_test_constructor(uint8_t dev_id, uint16_t qp_id,
 				RTE_PKTMBUF_HEADROOM +
 				RTE_CACHE_LINE_ROUNDUP(
 					options->max_buffer_size +
-					options->auth_digest_sz),
+					options->digest_sz),
 				rte_socket_id());
 
 		if (ctx->pkt_mbuf_pool_out == NULL)
diff --git a/app/test-crypto-perf/cperf_test_vector_parsing.c b/app/test-crypto-perf/cperf_test_vector_parsing.c
index 277ff1e..e462d2c 100644
--- a/app/test-crypto-perf/cperf_test_vector_parsing.c
+++ b/app/test-crypto-perf/cperf_test_vector_parsing.c
@@ -363,12 +363,12 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
 		if (tc_found)
 			vector->aad.length = data_length;
 		else {
-			if (opts->auth_aad_sz > data_length) {
+			if (opts->aead_aad_sz > data_length) {
 				printf("Global aad shorter than "
-					"auth_aad_sz\n");
+					"aead_aad_sz\n");
 				return -1;
 			}
-			vector->aad.length = opts->auth_aad_sz;
+			vector->aad.length = opts->aead_aad_sz;
 		}
 
 	} else if (strstr(key_token, "digest")) {
@@ -379,12 +379,12 @@ parse_entry(char *entry, struct cperf_test_vector *vector,
 		if (tc_found)
 			vector->digest.length = data_length;
 		else {
-			if (opts->auth_digest_sz > data_length) {
+			if (opts->digest_sz > data_length) {
 				printf("Global digest shorter than "
-					"auth_digest_sz\n");
+					"digest_sz\n");
 				return -1;
 			}
-			vector->digest.length = opts->auth_digest_sz;
+			vector->digest.length = opts->digest_sz;
 		}
 	} else {
 		printf("Not valid key: '%s'\n", trim_space(key_token));
diff --git a/app/test-crypto-perf/cperf_test_vectors.c b/app/test-crypto-perf/cperf_test_vectors.c
index 2e5339c..03bc995 100644
--- a/app/test-crypto-perf/cperf_test_vectors.c
+++ b/app/test-crypto-perf/cperf_test_vectors.c
@@ -385,6 +385,13 @@ uint8_t auth_key[] = {
 	0x78, 0x79, 0x7A, 0x7B, 0x7C, 0x7D, 0x7E, 0x7F
 };
 
+/* AEAD key */
+uint8_t aead_key[] = {
+	0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B,
+	0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+	0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
+};
+
 /* Digests */
 uint8_t digest[2048] = { 0x00 };
 
@@ -403,8 +410,7 @@ cperf_test_vector_get_dummy(struct cperf_options *options)
 
 	if (options->op_type ==	CPERF_CIPHER_ONLY ||
 			options->op_type == CPERF_CIPHER_THEN_AUTH ||
-			options->op_type == CPERF_AUTH_THEN_CIPHER ||
-			options->op_type == CPERF_AEAD) {
+			options->op_type == CPERF_AUTH_THEN_CIPHER) {
 		if (options->cipher_algo == RTE_CRYPTO_CIPHER_NULL) {
 			t_vec->cipher_key.length = 0;
 			t_vec->ciphertext.data = plaintext;
@@ -441,40 +447,32 @@ cperf_test_vector_get_dummy(struct cperf_options *options)
 
 	if (options->op_type ==	CPERF_AUTH_ONLY ||
 			options->op_type == CPERF_CIPHER_THEN_AUTH ||
-			options->op_type == CPERF_AUTH_THEN_CIPHER ||
-			options->op_type == CPERF_AEAD) {
-		uint8_t aad_alloc = 0;
-
-		t_vec->auth_key.length = options->auth_key_sz;
-
-		switch (options->auth_algo) {
-		case RTE_CRYPTO_AUTH_NULL:
-			t_vec->auth_key.data = NULL;
-			aad_alloc = 0;
-			break;
-		case RTE_CRYPTO_AUTH_AES_GCM:
+			options->op_type == CPERF_AUTH_THEN_CIPHER) {
+		if (options->auth_algo == RTE_CRYPTO_AUTH_NULL) {
+			t_vec->auth_key.length = 0;
 			t_vec->auth_key.data = NULL;
-			aad_alloc = 1;
-			break;
-		default:
+			t_vec->digest.data = NULL;
+			t_vec->digest.length = 0;
+		} else {
+			t_vec->auth_key.length = options->auth_key_sz;
 			t_vec->auth_key.data = auth_key;
-			aad_alloc = 0;
-			break;
-		}
 
-		if (aad_alloc && options->auth_aad_sz) {
-			t_vec->aad.data = rte_malloc(NULL,
-					options->auth_aad_sz, 16);
-			if (t_vec->aad.data == NULL) {
-				if (options->op_type !=	CPERF_AUTH_ONLY)
-					rte_free(t_vec->cipher_iv.data);
+			t_vec->digest.data = rte_malloc(NULL,
+					options->digest_sz,
+					16);
+			if (t_vec->digest.data == NULL) {
+				rte_free(t_vec->cipher_iv.data);
 				rte_free(t_vec);
 				return NULL;
 			}
-			memcpy(t_vec->aad.data, aad, options->auth_aad_sz);
-		} else {
-			t_vec->aad.data = NULL;
+			t_vec->digest.phys_addr =
+				rte_malloc_virt2phy(t_vec->digest.data);
+			t_vec->digest.length = options->digest_sz;
+			memcpy(t_vec->digest.data, digest,
+					options->digest_sz);
 		}
+		t_vec->data.auth_offset = 0;
+		t_vec->data.auth_length = options->max_buffer_size;
 
 		/* Set IV parameters */
 		t_vec->auth_iv.data = rte_malloc(NULL, options->auth_iv_sz,
@@ -487,26 +485,52 @@ cperf_test_vector_get_dummy(struct cperf_options *options)
 		}
 		memcpy(t_vec->auth_iv.data, iv, options->auth_iv_sz);
 		t_vec->auth_iv.length = options->auth_iv_sz;
+	}
 
-		t_vec->aad.phys_addr = rte_malloc_virt2phy(t_vec->aad.data);
-		t_vec->aad.length = options->auth_aad_sz;
-		t_vec->digest.data = rte_malloc(NULL, options->auth_digest_sz,
-				16);
+	if (options->op_type == CPERF_AEAD) {
+		t_vec->aead_key.length = options->aead_key_sz;
+		t_vec->aead_key.data = aead_key;
+
+		if (options->aead_aad_sz) {
+			t_vec->aad.data = rte_malloc(NULL,
+					options->aead_aad_sz, 16);
+			if (t_vec->aad.data == NULL) {
+				rte_free(t_vec);
+				return NULL;
+			}
+			memcpy(t_vec->aad.data, aad, options->aead_aad_sz);
+			t_vec->aad.phys_addr = rte_malloc_virt2phy(t_vec->aad.data);
+			t_vec->aad.length = options->aead_aad_sz;
+		} else {
+			t_vec->aad.data = NULL;
+			t_vec->aad.length = 0;
+		}
+
+		t_vec->digest.data = rte_malloc(NULL, options->digest_sz,
+						16);
 		if (t_vec->digest.data == NULL) {
-			if (options->op_type !=	CPERF_AUTH_ONLY)
-				rte_free(t_vec->cipher_iv.data);
-			rte_free(t_vec->auth_iv.data);
 			rte_free(t_vec->aad.data);
 			rte_free(t_vec);
 			return NULL;
 		}
 		t_vec->digest.phys_addr =
 				rte_malloc_virt2phy(t_vec->digest.data);
-		t_vec->digest.length = options->auth_digest_sz;
-		memcpy(t_vec->digest.data, digest, options->auth_digest_sz);
-		t_vec->data.auth_offset = 0;
-		t_vec->data.auth_length = options->max_buffer_size;
-	}
+		t_vec->digest.length = options->digest_sz;
+		memcpy(t_vec->digest.data, digest, options->digest_sz);
+		t_vec->data.aead_offset = 0;
+		t_vec->data.aead_length = options->max_buffer_size;
 
+		/* Set IV parameters */
+		t_vec->aead_iv.data = rte_malloc(NULL, options->aead_iv_sz,
+				16);
+		if (options->aead_iv_sz && t_vec->aead_iv.data == NULL) {
+			rte_free(t_vec->aad.data);
+			rte_free(t_vec->digest.data);
+			rte_free(t_vec);
+			return NULL;
+		}
+		memcpy(t_vec->aead_iv.data, iv, options->aead_iv_sz);
+		t_vec->aead_iv.length = options->aead_iv_sz;
+	}
 	return t_vec;
 }
diff --git a/app/test-crypto-perf/cperf_test_vectors.h b/app/test-crypto-perf/cperf_test_vectors.h
index 7f9c4fa..8595570 100644
--- a/app/test-crypto-perf/cperf_test_vectors.h
+++ b/app/test-crypto-perf/cperf_test_vectors.h
@@ -54,6 +54,11 @@ struct cperf_test_vector {
 	struct {
 		uint8_t *data;
 		uint16_t length;
+	} aead_key;
+
+	struct {
+		uint8_t *data;
+		uint16_t length;
 	} cipher_iv;
 
 	struct {
@@ -63,6 +68,11 @@ struct cperf_test_vector {
 
 	struct {
 		uint8_t *data;
+		uint16_t length;
+	} aead_iv;
+
+	struct {
+		uint8_t *data;
 		uint32_t length;
 	} ciphertext;
 
@@ -83,6 +93,8 @@ struct cperf_test_vector {
 		uint32_t auth_length;
 		uint32_t cipher_offset;
 		uint32_t cipher_length;
+		uint32_t aead_offset;
+		uint32_t aead_length;
 	} data;
 };
 
diff --git a/app/test-crypto-perf/cperf_test_verify.c b/app/test-crypto-perf/cperf_test_verify.c
index 81057ff..bba8019 100644
--- a/app/test-crypto-perf/cperf_test_verify.c
+++ b/app/test-crypto-perf/cperf_test_verify.c
@@ -155,14 +155,14 @@ cperf_mbuf_create(struct rte_mempool *mempool,
 
 	if (options->op_type != CPERF_CIPHER_ONLY) {
 		mbuf_data = (uint8_t *)rte_pktmbuf_append(mbuf,
-				options->auth_digest_sz);
+				options->digest_sz);
 		if (mbuf_data == NULL)
 			goto error;
 	}
 
 	if (options->op_type == CPERF_AEAD) {
 		uint8_t *aead = (uint8_t *)rte_pktmbuf_prepend(mbuf,
-			RTE_ALIGN_CEIL(options->auth_aad_sz, 16));
+			RTE_ALIGN_CEIL(options->aead_aad_sz, 16));
 
 		if (aead == NULL)
 			goto error;
@@ -216,7 +216,7 @@ cperf_verify_test_constructor(uint8_t dev_id, uint16_t qp_id,
 			RTE_CACHE_LINE_ROUNDUP(
 				(options->max_buffer_size / options->segments_nb) +
 				(options->max_buffer_size % options->segments_nb) +
-					options->auth_digest_sz),
+					options->digest_sz),
 			rte_socket_id());
 
 	if (ctx->pkt_mbuf_pool_in == NULL)
@@ -244,7 +244,7 @@ cperf_verify_test_constructor(uint8_t dev_id, uint16_t qp_id,
 				RTE_PKTMBUF_HEADROOM +
 				RTE_CACHE_LINE_ROUNDUP(
 					options->max_buffer_size +
-					options->auth_digest_sz),
+					options->digest_sz),
 				rte_socket_id());
 
 		if (ctx->pkt_mbuf_pool_out == NULL)
@@ -379,7 +379,7 @@ cperf_verify_op(struct rte_crypto_op *op,
 		if (options->auth_op == RTE_CRYPTO_AUTH_OP_GENERATE)
 			res += memcmp(data + auth_offset,
 					vector->digest.data,
-					options->auth_digest_sz);
+					options->digest_sz);
 	}
 
 	return !!res;
diff --git a/app/test-crypto-perf/main.c b/app/test-crypto-perf/main.c
index cf4fa4f..f78c653 100644
--- a/app/test-crypto-perf/main.c
+++ b/app/test-crypto-perf/main.c
@@ -123,8 +123,7 @@ cperf_verify_devices_capabilities(struct cperf_options *opts,
 
 		if (opts->op_type == CPERF_AUTH_ONLY ||
 				opts->op_type == CPERF_CIPHER_THEN_AUTH ||
-				opts->op_type == CPERF_AUTH_THEN_CIPHER ||
-				opts->op_type == CPERF_AEAD)  {
+				opts->op_type == CPERF_AUTH_THEN_CIPHER) {
 
 			cap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;
 			cap_idx.algo.auth = opts->auth_algo;
@@ -137,8 +136,8 @@ cperf_verify_devices_capabilities(struct cperf_options *opts,
 			ret = rte_cryptodev_sym_capability_check_auth(
 					capability,
 					opts->auth_key_sz,
-					opts->auth_digest_sz,
-					opts->auth_aad_sz,
+					opts->digest_sz,
+					0,
 					opts->auth_iv_sz);
 			if (ret != 0)
 				return ret;
@@ -146,8 +145,7 @@ cperf_verify_devices_capabilities(struct cperf_options *opts,
 
 		if (opts->op_type == CPERF_CIPHER_ONLY ||
 				opts->op_type == CPERF_CIPHER_THEN_AUTH ||
-				opts->op_type == CPERF_AUTH_THEN_CIPHER ||
-				opts->op_type == CPERF_AEAD) {
+				opts->op_type == CPERF_AUTH_THEN_CIPHER) {
 
 			cap_idx.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
 			cap_idx.algo.cipher = opts->cipher_algo;
@@ -164,6 +162,26 @@ cperf_verify_devices_capabilities(struct cperf_options *opts,
 			if (ret != 0)
 				return ret;
 		}
+
+		if (opts->op_type == CPERF_AEAD) {
+
+			cap_idx.type = RTE_CRYPTO_SYM_XFORM_AEAD;
+			cap_idx.algo.aead = opts->aead_algo;
+
+			capability = rte_cryptodev_sym_capability_get(cdev_id,
+					&cap_idx);
+			if (capability == NULL)
+				return -1;
+
+			ret = rte_cryptodev_sym_capability_check_aead(
+					capability,
+					opts->aead_key_sz,
+					opts->digest_sz,
+					opts->aead_aad_sz,
+					opts->aead_iv_sz);
+			if (ret != 0)
+				return ret;
+		}
 	}
 
 	return 0;
@@ -212,7 +230,7 @@ cperf_check_test_vector(struct cperf_options *opts,
 				return -1;
 			if (test_vec->digest.data == NULL)
 				return -1;
-			if (test_vec->digest.length < opts->auth_digest_sz)
+			if (test_vec->digest.length < opts->digest_sz)
 				return -1;
 		}
 
@@ -253,7 +271,7 @@ cperf_check_test_vector(struct cperf_options *opts,
 				return -1;
 			if (test_vec->digest.data == NULL)
 				return -1;
-			if (test_vec->digest.length < opts->auth_digest_sz)
+			if (test_vec->digest.length < opts->digest_sz)
 				return -1;
 		}
 	} else if (opts->op_type == CPERF_AEAD) {
@@ -265,17 +283,17 @@ cperf_check_test_vector(struct cperf_options *opts,
 			return -1;
 		if (test_vec->ciphertext.length < opts->max_buffer_size)
 			return -1;
-		if (test_vec->cipher_iv.data == NULL)
+		if (test_vec->aead_iv.data == NULL)
 			return -1;
-		if (test_vec->cipher_iv.length != opts->cipher_iv_sz)
+		if (test_vec->aead_iv.length != opts->aead_iv_sz)
 			return -1;
 		if (test_vec->aad.data == NULL)
 			return -1;
-		if (test_vec->aad.length != opts->auth_aad_sz)
+		if (test_vec->aad.length != opts->aead_aad_sz)
 			return -1;
 		if (test_vec->digest.data == NULL)
 			return -1;
-		if (test_vec->digest.length < opts->auth_digest_sz)
+		if (test_vec->digest.length < opts->digest_sz)
 			return -1;
 	}
 	return 0;
diff --git a/doc/guides/tools/cryptoperf.rst b/doc/guides/tools/cryptoperf.rst
index c0accfc..6b797a7 100644
--- a/doc/guides/tools/cryptoperf.rst
+++ b/doc/guides/tools/cryptoperf.rst
@@ -294,13 +294,37 @@ The following are the appication command-line options:
 
         Set the size of auth iv.
 
-* ``--auth-digest-sz <n>``
+* ``--aead-algo <name>``
 
-        Set the size of authentication digest.
+        Set AEAD algorithm name, where ``name`` is one
+        of the following::
+
+           aes-ccm
+           aes-gcm
+
+* ``--aead-op <mode>``
+
+        Set AEAD operation mode, where ``mode`` is one of
+        the following::
+
+           encrypt
+           decrypt
+
+* ``--aead-key-sz <n>``
+
+        Set the size of AEAD key.
+
+* ``--aead-iv-sz <n>``
+
+        Set the size of AEAD iv.
+
+* ``--aead-aad-sz <n>``
+
+        Set the size of AEAD aad.
 
-* ``--auth-aad-sz <n>``
+* ``--digest-sz <n>``
 
-        Set the size of authentication aad.
+        Set the size of digest.
 
 * ``--csv-friendly``
 
-- 
2.9.4



More information about the dev mailing list