[dts] [PATCH] tests: Add l2fwd_crypto test plan and test suite
Chen, Zhaoyan
zhaoyan.chen at intel.com
Thu Jul 28 08:49:52 CEST 2016
> -----Original Message-----
> From: Liu, Yong
> Sent: Thursday, July 28, 2016 10:28 AM
> To: Chen, Zhaoyan <zhaoyan.chen at intel.com>; dts at dpdk.org
> Cc: Chen, Zhaoyan <zhaoyan.chen at intel.com>
> Subject: RE: [dts] [PATCH] tests: Add l2fwd_crypto test plan and test suite
>
> Thanks Zhaoyan, two comments below.
>
> > -----Original Message-----
> > From: dts [mailto:dts-bounces at dpdk.org] On Behalf Of Chen, Zhaoyan
> > Sent: Thursday, July 28, 2016 8:59 AM
> > To: dts at dpdk.org
> > Cc: Chen, Zhaoyan
> > Subject: [dts] [PATCH] tests: Add l2fwd_crypto test plan and test suite
> >
> > From: "Chen, Zhaoyan" <zhaoyan.chen at intel.com>
> >
> > This suite will verify the cryptodev library via dpdk l2fwd, tests
> > will cover all supported PMDs and Algorithms.
> > ---
> > test_plans/l2fwd_crypto_test_plan.rst | 462 ++++++++++++++++++++
> > tests/TestSuite_l2fwd_crypto.py | 770
> > ++++++++++++++++++++++++++++++++++
> > 2 files changed, 1232 insertions(+)
> > create mode 100644 test_plans/l2fwd_crypto_test_plan.rst
> > create mode 100644 tests/TestSuite_l2fwd_crypto.py
> >
> > diff --git a/test_plans/l2fwd_crypto_test_plan.rst
> > b/test_plans/l2fwd_crypto_test_plan.rst
> > new file mode 100644
> > index 0000000..f3b175a
> > --- /dev/null
> > +++ b/test_plans/l2fwd_crypto_test_plan.rst
> > @@ -0,0 +1,462 @@
> > +.. Copyright (c) 2010,2011 Intel Corporation
> > + All rights reserved.
> > +
> > + Redistribution and use in source and binary forms, with or without
> > + modification, are permitted provided that the following conditions
> > + are met:
> > +
> > + - Redistributions of source code must retain the above copyright
> > + notice, this list of conditions and the following disclaimer.
> > +
> > + - Redistributions in binary form must reproduce the above copyright
> > + notice, this list of conditions and the following disclaimer in
> > + the documentation and/or other materials provided with the
> > + distribution.
> > +
> > + - Neither the name of Intel Corporation nor the names of its
> > + contributors may be used to endorse or promote products derived
> > + from this software without specific prior written permission.
> > +
> > + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
> CONTRIBUTORS
> > + "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT
> NOT
> > + LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
> FITNESS
> > + FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
> > + COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
> INDIRECT,
> > + INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
> > + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
> GOODS OR
> > + SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
> INTERRUPTION)
> > + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
> CONTRACT,
> > + STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
> > + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
> ADVISED
> > + OF THE POSSIBILITY OF SUCH DAMAGE.
> > +
> > +==============================================
> > +Testing of CryptoDev in DPDK
> > +==============================================
> > +
> > +
> > +Description
> > +===========
> > +
> > +This document provides the plan for testing CryptoDev API. CryptoDev
> API
> > +provides the ability to do encryption/decryption by integrating
> > QAT(Intel� QuickAssist
> > +Technology) into DPDK. The QAT provides poll mode crypto driver support
> > for
> > +Intel� QuickAssist Adapter 8950 hardware accelerator.
> > +
> > +The testing of CrytpoDev API should be tested under either Intel
> > QuickAssist Technology DH895xxC hardware
> > +accelerator or AES-NI library.
> > +
> > +AES-NI algorithm table
> > +The table below contains AES-NI Algorithms with CryptoDev API.
> > +Part of the algorithms are not supported currently.
> > +
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +|Algorithm| Mode | Detail
> > |
> > +| |
> > |
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +| AES | CBC | Encrypt/Decrypt;Key size: 128, 192, 256
> > bits |
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +| SHA | | SHA-1, SHA-224, SHA-384, SHA-256, SHA-
> > 512 |
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +| HMAC | | Support SHA implementations SHA-1, SHA-
> > 224, SHA-256, SHA-384, SHA-512; |
> > +| | | Key Size versus Block size support: Key
> > Size must be <= block size; |
> > +| | | Mac Len Supported SHA-1 10, 12, 16, 20
> > bytes; |
> > +| | | Mac Len Supported SHA-256 16, 24, 32
> > bytes; |
> > +| | | Mac Len Supported SHA-384 24,32, 40, 48
> > bytes; |
> > +| | | Mac Len Supported SHA-512 32, 40, 48, 56,
> > 64 bytes; |
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +
> > +QAT algorithm table:
> > +The table below contains Cryptographic Algorithm Validation with
> > CryptoDev API.
> > +Part of the algorithms are not supported currently.
> > +
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +|Algorithm| Mode | Detail
> > |
> > +| |
> > |
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +| AES | CBC | Encrypt/Decrypt;Key size: 128, 192, 256
> > bits |
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +| SHA | | SHA-1, SHA-224, SHA-256, SHA-512
> > |
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +| HMAC | | Support SHA implementations SHA-1, SHA-
> > 224, SHA-256, SHA-512; |
> > +| | | Key Size versus Block size support: Key
> > Size must be <= block size; |
> > +| | | Mac Len Supported SHA-1 10, 12, 16, 20
> > bytes; |
> > +| | | Mac Len Supported SHA-224 14,16,20,24,28
> > bytes; |
> > +| | | Mac Len Supported SHA-256 16, 24, 32
> > bytes; |
> > +| | | Mac Len Supported SHA-384 24,32, 40, 48
> > bytes; |
> > +| | | Mac Len Supported SHA-512 32, 40, 48, 56,
> > 64 bytes; |
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +| GCM | | Key Sizes:128, 192, 256 bits;
> > |
> > +| | | Associated Data Length: 0 ~ 240 bytes;
> > |
> > +| | | Payload Length: 0 ~ (2^32 -1) bytes;
> > |
> > +| | | IV source: external;
> > |
> > +| | | IV Lengths: 96 bits;
> > |
> > +| | | Tag Lengths: 8, 12, 16 bytes;
> > |
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +| Snow3G | UEA2 | Encrypt/Decrypt; Key size: 128
> > |
> > ++ +---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +| | UIA2 | Encrypt/Decrypt; Key size: 128
> > |
> > ++---------+---------+---------+---------+----------+----------+----------
> > +----------+----------+----------+
> > +
> > +Limitations
> > +=============
> > +* Chained mbufs are not supported.
> > +* Hash only is not supported.
> > +* Cipher only is not supported (except Snow3g).
> > +* Only in-place is currently supported (destination address is the same
> > as source address).
> > +* Only supports the session-oriented API implementation by QAT.
> Support
> > session-oriented and session-less APIs with AES-NI.
> > +* Not performance tuned.
> > +
> > +Prerequisites
> > +=============
> > +To test CryptoDev API, an example l2fwd-crypto is added into DPDK.
> > +
> > +The test commands of l2fwd-crypto is below::
> > + * ./examples/l2fwd-crypto/build/app/l2fwd-crypto -n 4 -c COREMASK --
> -p
> > PORTMASK -q NQ --cdev (AESNI_MB|QAT) --chain
> (HASH_CIPHER|CIPHER_HASH) --
> > cipher_algo (ALGO) --cipher_op (ENCRYPT|DECRYPT) --cipher_key
> (key_value)
> > --iv (key_value) --auth_algo (ALGO) --auth_op (GENERATE|VERIFY) --
> auth_key
> > (key_value) --sessionless
> > +
> > +The operation of l2fwd-crypto are in 2 ways.
> > +* For method CIPHER_HASH, the l2fwd-crypto will encrypt payload in
> packet
> > first.
> > +Then do authentification for the encrypted data.
> > +* For method HASH_CIPHER, the l2fwd-crypto will authenticate payload in
> > packet first.
> > +Then do encryption for the encrypted data.
> > +
> > +To do the function test, scapy can be used as traffic generator.
> > +To do the performance test, traffic generator can be hardware equipment
> > or
> > +software traffic generator.
> > +
> > +The CryptoDev API supports Fedora or FreeBSD.
> > +
> > +QAT/AES-NI installation
> > +==========================
> > +If CryptoDev needs to use QAT to do encryption/decryption, QAT should
> be
> > installed
> > +correctly. The steps how to install QAT is described in DPDK code
> > directory
> > +dpdk/doc/guides/cryptodevs/qat.rst.
> > +
> > +Once the driver is loaded, the software versions may be checked for each
> > �dh89xxCC_devX� device as follows:
> > + more /proc/icp_dh895xcc_dev0/version
> > +
> > + +--------------------------------------------------+
> > + | Hardware and Software versions for device 0 |
> > + +--------------------------------------------------+
> > + |Hardware Version: A0 SKU4 |
> > + |Firmware Version: 2.3.0 |
> > + |MMP Version: 1.0.0 |
> > + |Driver Version: 2.3.0 |
> > + |Lowest Compatible Driver: 2.3 |
> > + |QuickAssist API CY Version: 1.8 |
> > + |QuickAssist API DC Version: 1.4 |
> > + +--------------------------------------------------+
> > +
> > +If CryptoDev needs to use AES-NI to do encryption/decryption, AES-NI
> > library should be install
> > +correctly. The steps how to use AES-NI libary is described in DPDK code
> > directory
> > +dpdk/doc/guides/cryptodevs/aesni_mb.rst.
> > +
> > +Test case: Configuration test
> > +====================================================
> > +CryptoDev API supports different configuration.
> > +This test tests different configuration with CrptoDev API.
> > +
> > +Test case: CrytoDev Unit test
> > +====================================================
> > +The CrytoDev API has Unit test cases to support basic API level testing.
> > +
> > +Compile Unit test
> > + cd isg_cid-dpdk_org/app/test
> > + make
> > +
> > +Sub-case: AES-NI test case
> > +------------------------------------------------------
> > +run ./test -c 0xf -n 2 -- -i
> > +>>cryptodev_aesni_autotest
> > +
> > +
> > +Sub-case: QAT test case
> > +------------------------------------------------------
> > +run ./test -c 0xf -n 2 -- -i
> > +>>cryptodev_qat_autotest
> > +
> > +Test case: CryptoDev Function test
> > +====================================================
> > +For function test, the DUT forward UDP packets generated by scapy.
> > +
> > +After sending single packet from Scapy, Crytpodev function
> > encrypt/decrypt the
> > +payload in packet by using algorithm setting in command. The l2fwd-
> crypto
> > +forward the packet back to tester.
> > +Use TCPDump to capture the received packet on tester. Then tester
> parses
> > the payload
> > +and compare the payload with correct answer pre-stored in scripts.
> > ++----------+ +----------+
> > +| | | |
> > +| | --------------> | |
> > +| Tester | | DUT |
> > +| | | |
> > +| | <-------------> | |
> > ++----------+ +----------+
> > +
> > +Sub-case: AES-NI test case
> > +------------------------------------------------------
> > +Cryptodev AES-NI algorithm validation matrix is showed in table below.
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo |
> > Auth_op |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA512_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | XCBC_MAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | MD5_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA512_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | AES_XCMC_MAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +
> > +Sub-case: QAT AES test case
> > +------------------------------------------------------
> > +Cryptodev QAT AES algorithm validation matrix is showed in table below.
> > +
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo |
> > Auth_op |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA512_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | XCBC_MAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | MD5_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA512_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | AES_XCMC_MAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +
> > +Sub-case: QAT GCM test case
> > +------------------------------------------------------
> > +Cryptodev GCM algorithm validation matrix is showed in table below.
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo |
> > Auth_op |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA512_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | XCBC_MAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | MD5_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA224_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA512_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | AES_XCMC_MAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA224_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +
> > +Sub-case: AES-NI GCM test case
> > +------------------------------------------------------
> > +Cryptodev GCM algorithm validation matrix is showed in table below.
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo |
> > Auth_op |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | SHA512_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_GCM | ENCRYPT | 128 | XCBC_MAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | MD5_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA224_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA512_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | AES_XCMC_MAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_GCM | ENCRYPT | 128 | SHA224_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +
> > +
> > +Sub-case: QAT Snow3G test case
> > +------------------------------------------------------
> > +Cryptodev Snow3G algorithm validation matrix is showed in table below.
> > +Cipher only, hash-only and chaining functionality is supported for Snow3g.
> > ++-------------+-------------+-------------+-------------+
> > +| Method | Cipher_algo | Cipher_op | Cipyer_key |
> > ++-------------+-------------+-------------+-------------+
> > +| CIPHER | ECB | ENCRYPT | 128 |
> > ++-------------+-------------+-------------+-------------+
> > +
> > +
> > +Test case: CryptoDev performance test
> > +=======================================
> > +For performance test, the DUT forward UDP packets generated by traffic
> > generator.
> > +Also, queue and core number should be set into maximun number.
> > ++----------+ +----------+
> > +| | | |
> > +| | --------------> | |
> > +| IXIA | | DUT |
> > +| | | |
> > +| | <-------------> | |
> > ++----------+ +----------+
> > +
> > +CryptoDev performance should be measured from different aspects ad
> below.
> > ++-------+---------+---------+---------+----------+----------+
> > +| Frame | 1S/1C/1T| 1S/1C/1T| 1S/2C/1T| 1S/2C/2T | 1S/2C/2T |
> > +| Size | | | | | |
> > ++-------+---------+---------+---------+----------+----------+
> > +| 64 | | | | | |
> > ++-------+---------+---------+---------+----------+----------+
> > +| 65 | | | | | |
> > ++-------+---------+---------+---------+----------+----------+
> > +| 128 | | | | | |
> > ++-------+---------+---------+---------+----------+----------+
> > +| 256 | | | | | |
> > ++-------+---------+---------+---------+----------+----------+
> > +| 512 | | | | | |
> > ++-------+---------+---------+---------+----------+----------+
> > +| 1024 | | | | | |
> > ++-------+---------+---------+---------+----------+----------+
> > +| 1280 | | | | | |
> > ++-------+---------+---------+---------+----------+----------+
> > +| 1518 | | | | | |
> > ++-------+---------+---------+---------+----------+----------+
> > +
> > +Sub-case: AES-NI test case
> > +------------------------------------------------------
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo |
> > Auth_op |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | MD5_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA512_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +
> > +Sub-case: QAT AES test case
> > +------------------------------------------------------
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| Method | Cipher_algo | Cipher_op | Cipyer_key | Auth_algo |
> > Auth_op |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| CIPHER_HASH | AES_CBC | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | MD5_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 192 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 256 | SHA1_HMAC |
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA224_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA256_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA384_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > +| HASH_CIPHER | AES_CBC | ENCRYPT | 128 | SHA512_HMAC|
> > GENERATE |
> > ++-------------+-------------+-------------+-------------+-------------+--
> > -----------+
> > diff --git a/tests/TestSuite_l2fwd_crypto.py
> > b/tests/TestSuite_l2fwd_crypto.py
> > new file mode 100644
> > index 0000000..27d0634
> > --- /dev/null
> > +++ b/tests/TestSuite_l2fwd_crypto.py
> > @@ -0,0 +1,770 @@
> > +# BSD LICENSE
> > +#
> > +# Copyright(c) 2010-2014 Intel Corporation. All rights reserved.
> > +# All rights reserved.
> > +#
> > +# Redistribution and use in source and binary forms, with or without
> > +# modification, are permitted provided that the following conditions
> > +# are met:
> > +#
> > +# * Redistributions of source code must retain the above copyright
> > +# notice, this list of conditions and the following disclaimer.
> > +# * Redistributions in binary form must reproduce the above copyright
> > +# notice, this list of conditions and the following disclaimer in
> > +# the documentation and/or other materials provided with the
> > +# distribution.
> > +# * Neither the name of Intel Corporation nor the names of its
> > +# contributors may be used to endorse or promote products derived
> > +# from this software without specific prior written permission.
> > +#
> > +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
> CONTRIBUTORS
> > +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT
> NOT
> > +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
> FITNESS FOR
> > +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
> COPYRIGHT
> > +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
> INCIDENTAL,
> > +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
> NOT
> > +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
> OF USE,
> > +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
> AND ON ANY
> > +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
> TORT
> > +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
> OF THE USE
> > +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
> DAMAGE.
> > +
> > +import dts
> > +import time
> > +
> > +from test_case import TestCase
> > +
> > +
> > +class TestL2fwdCrypto(TestCase):
> > +
> > + def set_up_all(self):
> > +
> > + self.core_config = "1S/4C/1T"
> > + self.number_of_ports = 2
> > + self.dut_ports = self.dut.get_ports(self.nic)
> > + self.verify(len(self.dut_ports) >= self.number_of_ports,
> > + "Not enough ports for " + self.nic)
> > + self.ports_socket = self.dut.get_numa_id(self.dut_ports[0])
> > +
> > + self.logger.info("core config = " + self.core_config)
> > + self.logger.info("number of ports = " + str(self.number_of_ports))
> > + self.logger.info("dut ports = " + str(self.dut_ports))
> > + self.logger.info("ports_socket = " + str(self.ports_socket))
> > +
> > + self.core_mask = dts.create_mask(self.dut.get_core_list(
> > + self.core_config,
> > + socket=self.ports_socket))
> > + self.port_mask = dts.create_mask([self.dut_ports[0],
> > + self.dut_ports[1]])
> > +
> > + self.tx_port = self.tester.get_local_port(self.dut_ports[0])
> > + self.rx_port = self.tester.get_local_port(self.dut_ports[1])
> > +
> > + self.tx_interface = self.tester.get_interface(self.tx_port)
> > + self.rx_interface = self.tester.get_interface(self.rx_port)
> > +
> > + self.logger.info("core mask = " + self.core_mask)
> > + self.logger.info("port mask = " + self.port_mask)
> > + self.logger.info("tx interface = " + self.tx_interface)
> > + self.logger.info("rx interface = " + self.rx_interface)
> > +
> > + # Rebuild the dpdk with cryptodev pmds
> > + self.dut.send_expect("export
> > AESNI_MULTI_BUFFER_LIB_PATH=/root/ipsec_043/code/", "#")
> > + self.dut.send_expect("export
> > LIBSSO_SNOW3G_PATH=/root/libsso_snow3g/snow3g/", "#")
> > + self.dut.send_expect("export
> > LIBSSO_KASUMI_PATH=/root/LibSSO_0_3_1/isg_cid-
> > wireless_libs/ciphers/kasumi/", "#")
> > + self.dut.send_expect("sed -i
> >
> 's/CONFIG_RTE_LIBRTE_PMD_QAT=n$/CONFIG_RTE_LIBRTE_PMD_QAT=y/'
> > config/common_base", "# ")
> > + self.dut.send_expect("sed -i
> >
> 's/CONFIG_RTE_LIBRTE_PMD_AESNI_GCM=n$/CONFIG_RTE_LIBRTE_PMD_
> AESNI_GCM=y/'
> > config/common_base", "# ")
> > + self.dut.send_expect("sed -i
> >
> 's/CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=n$/CONFIG_RTE_LIBRTE_PMD
> _NULL_CRYPTO=
> > y/' config/common_base", "# ")
> > + self.dut.send_expect("sed -i
> >
> 's/CONFIG_RTE_LIBRTE_PMD_SNOW3G=n$/CONFIG_RTE_LIBRTE_PMD_SN
> OW3G=y/'
> > config/common_base", "# ")
> > + self.dut.send_expect("sed -i
> >
> 's/CONFIG_RTE_LIBRTE_PMD_KASUMI=n$/CONFIG_RTE_LIBRTE_PMD_KAS
> UMI=y/'
> > config/common_base", "# ")
> > + self.dut.build_install_dpdk(self.dut.target)
> > +
> > + # l2fwd-crypto compile
> > + out = self.dut.build_dpdk_apps("./examples/l2fwd-crypto")
> > + self.verify("Error" not in out, "Compilation error")
> > + self.verify("No such" not in out, "Compilation error")
> > +
> > + # Bind QAT VF devices
> > + out = self.dut.send_expect("lspci -d:443|awk '{print $1}'", "# ",
> > 10)
> > + self.dut.send_expect('echo "8086 0443" >
> > /sys/bus/pci/drivers/igb_uio/new_id', "# ", 10)
> > + for line in out.replace("\r", "\n").replace("\n\n",
> > "\n").split("\n"):
> > + cmd = "echo 0000:{} >
> > /sys/bus/pci/devices/0000\:{}/driver/unbind".format(line, line.replace(":",
> > "\:"))
> > + self.dut.send_expect(cmd, "# ", 10)
> > + cmd = "echo 0000:{} >
> > /sys/bus/pci/drivers/igb_uio/bind".format(line)
> > + self.dut.send_expect(cmd, "# ", 10)
> > +
> > + def set_up(self):
> > + pass
> > +
> > + def test_qat_AES(self):
> > +
> > + result = True
> > +
> > + self.logger.info("Test qat_c_AES_CBC_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "qat_c_AES_CBC_01"):
> > + result = False
> > +
> > + self.logger.info("Test qat_c_AES_CTR_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "qat_c_AES_CTR_01"):
> > + result = False
> > +
> > + self.logger.info("Test qat_c_AES_GCM_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "qat_c_AES_GCM_01"):
> > + result = False
> > +
> > + self.verify(result, True)
> > +
> > + def test_qat_SHA(self):
> > +
> > + result = True
> > +
> > + self.logger.info("Test qat_h_SHA1_HMAC_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "qat_h_SHA1_HMAC_01"):
> > + result = False
> > +
> > + self.logger.info("Test qat_h_SHA256_HMAC_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "qat_h_SHA256_HMAC_01"):
> > + result = False
> > +
> > + self.logger.info("Test qat_h_SHA512_HMAC_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "qat_h_SHA512_HMAC_01"):
> > + result = False
> > +
> > + self.verify(result, True)
> > +
> > + def test_qat_AES_XCBC_MAC(self):
> > +
> > + result = True
> > +
> > + self.logger.info("Test qat_h_AES_XCBC_MAC_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "qat_h_AES_XCBC_MAC_01"):
> > + result = False
> > +
> > + self.verify(result, True)
> > +
> > + def test_qat_SNOW3G(self):
> > +
> > + result = True
> > +
> > + self.logger.info("Test qat_c_UEA2_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "qat_c_UEA2_01"):
> > + result = False
> > +
> > + self.logger.info("Test qat_h_UIA2_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "qat_h_UIA2_01"):
> > + result = False
> > +
> > + self.verify(result, True)
> > +
> > + def test_qat_AES_GCM_AES_GCM(self):
> > +
> > + result = True
> > +
> > + self.logger.info("Test qat_ch_AES_GCM_AES_GCM_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "qat_ch_AES_GCM_AES_GCM_01"):
> > + result = False
> > +
> > + self.verify(result, True)
> > +
> > + def test_aesni_AES_GCM_AES_GCM(self):
> > +
> > + result = True
> > +
> > + self.logger.info("Test aesni_ch_AES_GCM_AES_GCM_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "aesni_ch_AES_GCM_AES_GCM_01"):
> > + result = False
> > +
> > + self.verify(result, True)
> > +
> > + def test_kasumi_KASUMI(self):
> > +
> > + result = True
> > +
> > + self.logger.info("Test kasumi_c_F8_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "kasumi_c_F8_01"):
> > + result = False
> > +
> > + self.logger.info("Test kasumi_h_F9_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "kasumi_h_F9_01"):
> > + result = False
> > +
> > + self.verify(result, True)
> > +
> > + def test_null_NULL(self):
> > +
> > + result = True
> > +
> > + self.logger.info("Test null_c_NULL_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "null_c_NULL_01"):
> > + result = False
> > +
> > + self.verify(result, True)
> > +
> > + def test_snow3g_SNOW3G(self):
> > +
> > + result = True
> > +
> > + self.logger.info("Test snow3g_c_UEA2_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "snow3g_c_UEA2_01"):
> > + result = False
> > +
> > + self.logger.info("Test snow3g_h_UIA2_01")
> > + if not self.__execute_l2fwd_crypto_test(
> > + test_vectors, "snow3g_h_UIA2_01"):
> > + result = False
> > +
> > + self.verify(result, True)
> > +
> > + def __execute_l2fwd_crypto_test(self, test_vectors,
> test_vector_name):
> > +
> > + if test_vector_name not in test_vectors:
> > + self.logger.warn("SKIP : " + test_vector_name)
> > + return True
> > +
> > + test_vector = test_vectors[test_vector_name]
> > +
> > + result = True
> > + cmd_str = self.__test_vector_to_cmd(test_vector,
> > + core_mask=self.core_mask,
> > + port_mask=self.port_mask)
> > +
> > + self.dut.send_expect(cmd_str, "==", 30)
> > +
> > + self.tester.send_expect("rm -rf %s.pcap" % (self.rx_interface),
> > "#")
> > + self.tester.send_expect("tcpdump -w %s.pcap -i %s &" %
> > (self.rx_interface, self.rx_interface), "#")
> > + # Wait 5 sec for tcpdump stable
> > + time.sleep(5)
> > +
> > + payload = self.__format_hex_to_param(test_vector["input"], "\\x",
> > "\\x")
> > +
> > + PACKET_COUNT = 65
> > +
> > + self.tester.scapy_foreground()
> > +
> >
> self.tester.scapy_append('sendp([Ether(src="52:00:00:00:00:00")/IP(src="19
> > 2.168.1.1",dst="192.168.1.2")/Raw(load=\"%s\")], iface="%s", count=%s)' %
> > (payload, self.tx_interface, PACKET_COUNT))
> > +
> > + self.tester.scapy_execute()
> > +
> > + time.sleep(5)
> > +
> > + self.tester.send_expect("killall tcpdump", "#")
> > + self.tester.send_expect("^C", "#")
> > +
> > + # Wait 5 secs for tcpdump exit
> > + time.sleep(5)
> > +
> > + self.tester.send_expect("scapy", ">>>")
> > + self.tester.send_expect("p=rdpcap('%s.pcap', count=%s)" %
> > (self.rx_interface, PACKET_COUNT), ">>>")
> > +
> > + hex_list = []
> > + for i in range(PACKET_COUNT):
> > + cmd = "linehexdump(p[%s],onlyhex=1)" % i
> > + hex_list.append(self.tester.send_expect(cmd, ">>>"))
> > +
> > + # Exit the scapy
> > + self.tester.send_expect("exit()", "#", 60)
> > +
> > + for hex_str in hex_list:
> > + packet_hex = hex_str.split(" ")
> > + # self.logger.info(hex_str)
> > + # self.logger.info(packet_hex)
> > +
> > + cipher_offset = 34
> > + cipher_length = len(test_vector["output_cipher"])/2
> > + if cipher_length == 0:
> > + cipher_length = len(test_vector["input"])/2
> > + cipher_text =
> > "".join(packet_hex[cipher_offset:cipher_offset+cipher_length])
> > + # self.logger.info("Cipher text in packet = " + cipher_text)
> > + # self.logger.info("Ref Cipher text = " +
> > test_vector["output_cipher"])
> > + if str.lower(cipher_text) ==
> > str.lower(test_vector["output_cipher"]):
> > + self.logger.info("Cipher Matched.")
> > + else:
> > + if test_vector["output_cipher"] != "":
> > + result = False
> > + self.logger.info("Cipher NOT Matched.")
> > + self.logger.info("Cipher text in packet = " +
> > cipher_text)
> > + self.logger.info("Ref Cipher text = " +
> > test_vector["output_cipher"])
> > + else:
> > + self.logger.info("Skip Cipher, Since no cipher text
> > set")
> > +
> > + hash_offset = cipher_offset + cipher_length
> > + hash_length = len(test_vector["output_hash"])/2
> > + if hash_length != 0:
> > + hash_text =
> > "".join(packet_hex[hash_offset:hash_offset+hash_length])
> > + # self.logger.info("Hash text in packet = " + hash_text)
> > + # self.logger.info("Ref Hash text = " +
> > test_vector["output_hash"])
> > + if str.lower(hash_text) ==
> > str.lower(test_vector["output_hash"]):
> > + self.logger.info("Hash Matched")
> > + else:
> > + result = False
> > + self.logger.info("Hash NOT Matched")
> > + self.logger.info("Hash text in packet = " + hash_text)
> > + self.logger.info("Ref Hash text = " +
> > test_vector["output_hash"])
> > + else:
> > + self.logger.info("Skip Hash, Since no hash text set")
> > +
> > + # Close l2fwd-crypto
> > + # self.dut.send_expect("killall -9 l2fwd-crypto", "# ", 15)
> > + self.dut.send_expect("^C", "# ", 15)
> > +
> > + if result:
> > + self.logger.info("PASSED")
> > + else:
> > + self.logger.info("FAILED")
> > +
> > + return result
> > +
> > + def tear_down(self):
> > + pass
> > +
> > + def tear_down_all(self):
> > + pass
>
> Need to roll back dpdk configuration and rebuild dpdk for other suites.
[Chen, Zhaoyan]
I will fix the issue
>
> > +
> > + def __test_vector_to_cmd(self, test_vector, core_mask="",
> > port_mask=""):
> > + L2FWD_CRYPTO_APP = "./examples/l2fwd-crypto/build/app/l2fwd-
> > crypto"
> > + EAL_CORE_MASK = " -cf" if core_mask == "" else " -c" + core_mask
> > + EAL_MM_CHANNEL = " -n4"
> > + EAL_SEP = " --"
> > + PORT_MASK = "" if port_mask == "" else " -p" + port_mask
> > + QUEUE_NUM = ""
> > +
> > + vdev = ""
> > + if self.__check_field_in_vector(test_vector, "vdev"):
> > + vdev = " --vdev " + test_vector["vdev"]
> > +
> > + chain = ""
> > + if self.__check_field_in_vector(test_vector, "chain"):
> > + chain = " --chain " + test_vector["chain"]
> > +
> > + cdev_type = ""
> > + if self.__check_field_in_vector(test_vector, "cdev_type"):
> > + cdev_type = " --cdev_type " + test_vector["cdev_type"]
> > +
> > + cipher_algo = ""
> > + if self.__check_field_in_vector(test_vector, "cipher_algo"):
> > + cipher_algo = " --cipher_algo " + test_vector["cipher_algo"]
> > +
> > + cipher_op = ""
> > + if self.__check_field_in_vector(test_vector, "cipher_op"):
> > + cipher_op = " --cipher_op " + test_vector["cipher_op"]
> > +
> > + cipher_key = ""
> > + if self.__check_field_in_vector(test_vector, "cipher_key"):
> > + cipher_key = " --cipher_key " +
> > self.__format_hex_to_param(test_vector["cipher_key"])
> > +
> > + iv = ""
> > + if self.__check_field_in_vector(test_vector, "iv"):
> > + iv = " --iv " + self.__format_hex_to_param(test_vector["iv"])
> > +
> > + auth_algo = ""
> > + if self.__check_field_in_vector(test_vector, "auth_algo"):
> > + auth_algo = " --auth_algo " + test_vector["auth_algo"]
> > +
> > + auth_op = ""
> > + if self.__check_field_in_vector(test_vector, "auth_op"):
> > + auth_op = " --auth_op " + test_vector["auth_op"]
> > +
> > + auth_key = ""
> > + if self.__check_field_in_vector(test_vector, "auth_key"):
> > + auth_key = " --auth_key " +
> > self.__format_hex_to_param(test_vector["auth_key"])
> > +
> > + auth_key_random_size = ""
> > + if self.__check_field_in_vector(test_vector,
> > "auth_key_random_size"):
> > + auth_key_random_size = " --auth_key_random_size " +
> > test_vector["auth_key_random_size"]
> > +
> > + aad = ""
> > + if self.__check_field_in_vector(test_vector, "aad"):
> > + aad = " --aad " +
> > self.__format_hex_to_param(test_vector["aad"])
> > +
> > + aad_random_size = ""
> > + if self.__check_field_in_vector(test_vector, "aad_random_size"):
> > + aad_random_size = " --aad_random_size " +
> > test_vector["aad_random_size"]
> > +
> > + cmd_str = "".join([L2FWD_CRYPTO_APP, EAL_CORE_MASK,
> > EAL_MM_CHANNEL, vdev, vdev, EAL_SEP,
> > + PORT_MASK, QUEUE_NUM, chain, cdev_type,
> > cipher_algo, cipher_op, cipher_key,
> > + iv, auth_algo, auth_op, auth_key,
> > auth_key_random_size, aad, aad_random_size])
> > +
> > + return cmd_str
> > +
> > + def __check_field_in_vector(self, test_vector, field_name):
> > + if field_name in test_vector and test_vector[field_name]:
> > + return True
> > + return False
> > +
> > + def __format_hex_to_param(self, hex_str, sep=":", prefix=""):
> > + if not hex_str:
> > + return ""
> > + if len(hex_str) == 1:
> > + return prefix + "0" + hex_str
> > +
> > + result = prefix + hex_str[0:2]
> > + for i in range(2, len(hex_str), 2):
> > + if len(hex_str) < i + 2:
> > + result = result + sep + "0" + hex_str[i:]
> > + else:
> > + result = result + sep + hex_str[i:i+2]
> > +
> > + return result
> > +
> > +test_vectors = {
> > +
> > + "qat_c_AES_CBC_01": {
> > + "vdev": "",
> > + "chain": "CIPHER_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "AES_CBC",
> > + "cipher_op": "ENCRYPT",
> > + "cipher_key": "000102030405060708090a0b0c0d0e0f",
> > + "iv": "000102030405060708090a0b0c0d0e0f",
> > + "auth_algo": "",
> > + "auth_op": "",
> > + "auth_key": "",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher":
> >
> "96A702D1CC8DD6D625D971915FCE8C40B8C522042B7126D51BB204CECA048C
> 13793B75FF8
> > 4A4B524370A45534C2BC476",
> > + "output_hash": "",
> > + },
>
> Is it possible to generate outer cipher text by openssl command, which will
> help to enhance the stability.
[Chen, Zhaoyan]
Yes. It's a good suggestion. But so far we some algorithms are not supported
In openssl, and some cases are from RFC test vectors.
>
> > +
> > + "qat_c_AES_CTR_01": {
> > + "vdev": "",
> > + "chain": "CIPHER_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "AES_CTR",
> > + "cipher_op": "ENCRYPT",
> > + "cipher_key": "000102030405060708090a0b0c0d0e0f",
> > + "iv": "000102030405060708090a0b0c0d0e0f",
> > + "auth_algo": "",
> > + "auth_op": "",
> > + "auth_key": "",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher":
> >
> "1B851AA4507FE154E0D28549D742FB4B1372FD85770963878BCBEC1E5AB51EC
> D0B3C85A20
> > 00DB4E9ACD3D95CDD38FD56",
> > + "output_hash": "",
> > + },
> > +
> > + "qat_c_AES_GCM_01": {
> > + "vdev": "",
> > + "chain": "CIPHER_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "AES_GCM",
> > + "cipher_op": "ENCRYPT",
> > + "cipher_key": "000102030405060708090a0b0c0d0e0f",
> > + "iv": "000102030405060708090a0b0c0d0e0f",
> > + "auth_algo": "",
> > + "auth_op": "",
> > + "auth_key": "",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher":
> >
> "1b851aa4507fe154e0d28549d742fb4b1372fd85770963878bcbec1e5ab51ecd0
> b3c85a20
> > 00db4e9acd3d95cdd38fd56",
> > + "output_hash": "",
> > + },
> > +
> > + "qat_h_SHA1_HMAC_01": {
> > + "vdev": "",
> > + "chain": "HASH_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "",
> > + "cipher_op": "",
> > + "cipher_key": "",
> > + "iv": "",
> > + "auth_algo": "SHA1_HMAC",
> > + "auth_op": "GENERATE",
> > + "auth_key":
> >
> "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f00
> 0102030
> > 405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 1111111111111111111111100000000000000000000000000000000",
> > + "output_cipher": "",
> > + "output_hash": "12E2EF8B7EBFE556C73307B04E1E46D12BA34884"
> > + },
> > +
> > + "qat_h_SHA256_HMAC_01": {
> > + "vdev": "",
> > + "chain": "HASH_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "",
> > + "cipher_op": "",
> > + "cipher_key": "",
> > + "iv": "",
> > + "auth_algo": "SHA256_HMAC",
> > + "auth_op": "GENERATE",
> > + "auth_key":
> >
> "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f00
> 0102030
> > 405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 1111111111111111111111100000000000000000000000000000000",
> > + "output_cipher": "",
> > + "output_hash":
> >
> "AC9E0BA3A0716F4F4A2734B407BE28D6F276CE0472B827D6EE47B7E518C2BC0
> D"
> > + },
> > +
> > + "qat_h_SHA512_HMAC_01": {
> > + "vdev": "",
> > + "chain": "HASH_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "",
> > + "cipher_op": "",
> > + "cipher_key": "",
> > + "iv": "",
> > + "auth_algo": "SHA512_HMAC",
> > + "auth_op": "GENERATE",
> > + "auth_key":
> >
> "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f00
> 0102030
> >
> 405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405
> 0607080
> >
> 90a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a
> 0b0c0d0
> > e0f000102030405060708090a0b0c0d0e0f",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> >
> 1111111111111111111111100000000000000000000000000000000000000000000
> 0000000
> >
> 0000000000000000000000000000000000000000000000000000000000000000000
> 0000000
> > 00000000000000000000000000000000000",
> > + "output_cipher": "",
> > + "output_hash":
> >
> "C8917E7490FC2CFF0CFDD0509C1C0D711CD27FFDFAAEA375E123F25F7532D4
> FA7D02D95CD
> > 52FAC8A27E21B3F5F734241897A37BB8953C52FFADB3B605A864569"
> > + },
> > +
> > + "qat_h_AES_XCBC_MAC_01": {
> > + "vdev": "",
> > + "chain": "HASH_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "",
> > + "cipher_op": "",
> > + "cipher_key": "",
> > + "iv": "",
> > + "auth_algo": "AES_XCBC_MAC",
> > + "auth_op": "GENERATE",
> > + "auth_key": "000102030405060708090a0b0c0d0e0f",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher": "",
> > + "output_hash": "A7AD120ED744A9EC0618C0D9"
> > + },
> > +
> > + "qat_ch_AES_CBC_SHA1_HMAC_01": {
> > + "vdev": "",
> > + "chain": "CIPHER_HASH",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "AES_CBC",
> > + "cipher_op": "ENCRYPT",
> > + "cipher_key": "000102030405060708090a0b0c0d0e0f",
> > + "iv": "000102030405060708090a0b0c0d0e0f",
> > + "auth_algo": "SHA1_HMAC",
> > + "auth_op": "GENERATE",
> > + "auth_key":
> >
> "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f00
> 0102030
> > 405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher":
> >
> "96A702D1CC8DD6D625D971915FCE8C40B8C522042B7126D51BB204CECA048C
> 13793B75FF8
> > 4A4B524370A45534C2BC476",
> > + "output_hash":
> >
> "2D6EFD5929812460E2DE34A1BD768F209C985143BA7333E8D59EFED291517EF
> 7"
> > + },
> > +
> > + "qat_c_UEA2_01": {
> > + "vdev": "",
> > + "chain": "CIPHER_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "SNOW3G_UEA2",
> > + "cipher_op": "ENCRYPT",
> > + "cipher_key": "000102030405060708090a0b0c0d0e0f",
> > + "iv": "000102030405060708090a0b0c0d0e0f",
> > + "auth_algo": "",
> > + "auth_op": "",
> > + "auth_key": "",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher":
> >
> "fa0d2ff5dbf973e7082b128396fbc2c1ff5721099a1eb82918e66c1fa1b8fd52ce1
> 763963
> > f73859595d89b0b8d3907a8",
> > + "output_hash": ""
> > + },
> > +
> > + "qat_h_UIA2_01": {
> > + "vdev": "",
> > + "chain": "HASH_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "",
> > + "cipher_op": "",
> > + "cipher_key": "",
> > + "iv": "",
> > + "auth_algo": "SNOW3G_UIA2",
> > + "auth_op": "GENERATE",
> > + "auth_key": "000102030405060708090a0b0c0d0e0f",
> > + "auth_key_random_size": "",
> > + "aad": "000102030405060708090a0b0c0d0e0f",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher": "",
> > + "output_hash": "741D4316"
> > + },
> > +
> > + "snow3g_c_UEA2_01": {
> > + "vdev":
> "cryptodev_snow3g_pmd,socket_id=1,max_nb_sessions=128",
> > + "chain": "CIPHER_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "SNOW3G_UEA2",
> > + "cipher_op": "ENCRYPT",
> > + "cipher_key": "000102030405060708090a0b0c0d0e0f",
> > + "iv": "000102030405060708090a0b0c0d0e0f",
> > + "auth_algo": "",
> > + "auth_op": "",
> > + "auth_key": "",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher":
> >
> "fa0d2ff5dbf973e7082b128396fbc2c1ff5721099a1eb82918e66c1fa1b8fd52ce1
> 763963
> > f73859595d89b0b8d3907a8",
> > + "output_hash": ""
> > + },
> > +
> > + "snow3g_h_UIA2_01": {
> > + "vdev":
> "cryptodev_snow3g_pmd,socket_id=1,max_nb_sessions=128",
> > + "chain": "HASH_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "",
> > + "cipher_op": "",
> > + "cipher_key": "",
> > + "iv": "",
> > + "auth_algo": "SNOW3G_UIA2",
> > + "auth_op": "GENERATE",
> > + "auth_key": "000102030405060708090a0b0c0d0e0f",
> > + "auth_key_random_size": "",
> > + "aad": "000102030405060708090a0b0c0d0e0f",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher": "",
> > + "output_hash": "741D4316"
> > + },
> > +
> > + "kasumi_c_F8_01": {
> > + "vdev":
> "cryptodev_kasumi_pmd,socket_id=1,max_nb_sessions=128",
> > + "chain": "CIPHER_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "KASUMI_F8",
> > + "cipher_op": "ENCRYPT",
> > + "cipher_key": "000102030405060708090a0b0c0d0e0f",
> > + "iv": "0001020304050607",
> > + "auth_algo": "",
> > + "auth_op": "",
> > + "auth_key": "",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher":
> >
> "ede654ff0caab546b654cd7a3b0a4199e957579214f45bd7e25fcbbda41e38fc88
> 5fbbd61
> > 95cf8e22905480191b2f861",
> > + "output_hash": ""
> > + },
> > +
> > + "kasumi_h_F9_01": {
> > + "vdev":
> "cryptodev_kasumi_pmd,socket_id=1,max_nb_sessions=128",
> > + "chain": "HASH_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "",
> > + "cipher_op": "",
> > + "cipher_key": "",
> > + "iv": "",
> > + "auth_algo": "KASUMI_F9",
> > + "auth_op": "GENERATE",
> > + "auth_key": "000102030405060708090a0b0c0d0e0f",
> > + "auth_key_random_size": "",
> > + # aad length min=8 max=8
> > + "aad": "0001020304050607",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher": "",
> > + "output_hash": "D1C2BE1E"
> > + },
> > +
> > + "null_c_NULL_01": {
> > + "vdev": "cryptodev_null_pmd,socket_id=1,max_nb_sessions=128",
> > + "chain": "CIPHER_ONLY",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "NULL",
> > + "cipher_op": "ENCRYPT",
> > + "cipher_key": "",
> > + "iv": "",
> > + "auth_algo": "",
> > + "auth_op": "",
> > + "auth_key": "",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_hash": ""
> > + },
> > +
> > + "qat_ch_AES_GCM_AES_GCM_01": {
> > + "vdev": "",
> > + "chain": "CIPHER_HASH",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "AES_GCM",
> > + "cipher_op": "ENCRYPT",
> > + "cipher_key": "000102030405060708090a0b0c0d0e0f",
> > + "iv": "000102030405060708090a0b0c0d0e0f",
> > + "auth_algo": "AES_GCM",
> > + "auth_op": "GENERATE",
> > + "auth_key": "000102030405060708090a0b0c0d0e0f",
> > + "auth_key_random_size": "",
> > + # aad length min=8 max=12
> > + "aad": "0001020304050607",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher":
> >
> "1372fd85770963878bcbec1e5ab51ecd0b3c85a2000db4e9acd3d95cdd38fd565
> c1abac38
> > 84e8e167332357956a4c21f",
> > + "output_hash": "00A2EBC33A8A1C8C"
> > + },
> > +
> > + "aesni_ch_AES_GCM_AES_GCM_01": {
> > + "vdev":
> "cryptodev_aesni_gcm_pmd,socket_id=1,max_nb_sessions=128",
> > + "chain": "CIPHER_HASH",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "AES_GCM",
> > + "cipher_op": "ENCRYPT",
> > + "cipher_key": "000102030405060708090a0b0c0d0e0f",
> > + "iv": "000102030405060708090a0b0c0d0e0f",
> > + "auth_algo": "AES_GCM",
> > + "auth_op": "GENERATE",
> > + "auth_key": "000102030405060708090a0b0c0d0e0f",
> > + "auth_key_random_size": "",
> > + # aad length min=8 max=12
> > + "aad": "0001020304050607",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher":
> >
> "1372fd85770963878bcbec1e5ab51ecd0b3c85a2000db4e9acd3d95cdd38fd565
> c1abac38
> > 84e8e167332357956a4c21f",
> > + "output_hash": "00A2EBC33A8A1C8C"
> > + },
> > +
> > + "aesni_ch_AES_CBC_SHA1_HMAC_01": {
> > + "vdev":
> "cryptodev_aesni_mb_pmd,socket_id=1,max_nb_sessions=128",
> > + "chain": "CIPHER_HASH",
> > + "cdev_type": "ANY",
> > + "cipher_algo": "AES_CBC",
> > + "cipher_op": "ENCRYPT",
> > + "cipher_key": "000102030405060708090a0b0c0d0e0f",
> > + "iv": "000102030405060708090a0b0c0d0e0f",
> > + "auth_algo": "SHA1_HMAC",
> > + "auth_op": "GENERATE",
> > + "auth_key":
> >
> "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f00
> 0102030
> > 405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f",
> > + "auth_key_random_size": "",
> > + "aad": "",
> > + "aad_random_size": "",
> > + "input":
> >
> "111111111111111111111111111111111111111111111111111111111111111111
> 1111111
> > 11111111111111111111111",
> > + "output_cipher":
> >
> "96A702D1CC8DD6D625D971915FCE8C40B8C522042B7126D51BB204CECA048C
> 13793B75FF8
> > 4A4B524370A45534C2BC476",
> > + "output_hash":
> >
> "2D6EFD5929812460E2DE34A1BD768F209C985143BA7333E8D59EFED291517EF
> 7"
> > + },
> > +
> > +}
> > --
> > 1.9.3
More information about the dts
mailing list