2017-07-24 23:00 GMT+08:00 Github ODP bot <odp...@yandex.ru>:
> From: Dmitry Eremin-Solenikov <dmitry.ereminsoleni...@linaro.org>
>
> Add several basic tests for IPsec API.
>
> Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsoleni...@linaro.org>
> ---
> /** Email created from pull request 81 (lumag:ipsec-packet-impl-2)
> ** https://github.com/Linaro/odp/pull/81
> ** Patch: https://github.com/Linaro/odp/pull/81.patch
> ** Base sha: db7cc41aeb559dd296f3a6d8570aa10326a31d5e
> ** Merge commit sha: ba0b39db1fc90b24a3db1e85e00c2c485b235a47
> **/
> test/common_plat/validation/api/ipsec/Makefile.am | 11 +-
> test/common_plat/validation/api/ipsec/ipsec.c | 876
> ++++++++++++++++++++-
> test/common_plat/validation/api/ipsec/ipsec.h | 68 +-
> .../validation/api/ipsec/ipsec_test_in.c | 831
> +++++++++++++++++++
> .../validation/api/ipsec/ipsec_test_out.c | 347 ++++++++
> .../validation/api/ipsec/test_vectors.h | 728
> +++++++++++++++++
> 6 files changed, 2850 insertions(+), 11 deletions(-)
> create mode 100644 test/common_plat/validation/api/ipsec/ipsec_test_in.c
> create mode 100644 test/common_plat/validation/api/ipsec/ipsec_test_out.c
> create mode 100644 test/common_plat/validation/api/ipsec/test_vectors.h
>
> diff --git a/test/common_plat/validation/api/ipsec/Makefile.am
> b/test/common_plat/validation/api/ipsec/Makefile.am
> index 106b8dce..9dba31fd 100644
> --- a/test/common_plat/validation/api/ipsec/Makefile.am
> +++ b/test/common_plat/validation/api/ipsec/Makefile.am
> @@ -1,10 +1,15 @@
> include ../Makefile.inc
>
> +AM_CPPFLAGS += -Wno-error=missing-field-initializers
> +
> noinst_LTLIBRARIES = libtestipsec.la
> -libtestipsec_la_SOURCES = ipsec.c
> +libtestipsec_la_SOURCES = \
> + test_vectors.h \
> + ipsec_test_in.c \
> + ipsec_test_out.c \
> + ipsec.h \
> + ipsec.c
>
> test_PROGRAMS = ipsec_main$(EXEEXT)
> dist_ipsec_main_SOURCES = ipsec_main.c
> ipsec_main_LDADD = libtestipsec.la $(LIBCUNIT_COMMON) $(LIBODP)
> -
> -EXTRA_DIST = ipsec.h
> diff --git a/test/common_plat/validation/api/ipsec/ipsec.c
> b/test/common_plat/validation/api/ipsec/ipsec.c
> index 78348032..910901d6 100644
> --- a/test/common_plat/validation/api/ipsec/ipsec.c
> +++ b/test/common_plat/validation/api/ipsec/ipsec.c
> @@ -10,6 +10,629 @@
>
> #include "ipsec.h"
>
> +#include "test_vectors.h"
> +
> +struct suite_context_s suite_context;
> +
> +#define PKT_POOL_NUM 64
> +#define PKT_POOL_LEN (1 * 1024)
> +
> +static
> +odp_pktio_t pktio_create(odp_queue_type_t q_type, odp_pool_t pool)
> +{
> + odp_pktio_t pktio;
> + odp_pktio_param_t pktio_param;
> + odp_pktin_queue_param_t pktin_param;
> + odp_pktio_capability_t capa;
> +
> + int ret;
> +
> + if (pool == ODP_POOL_INVALID)
> + return ODP_PKTIO_INVALID;
> +
> + odp_pktio_param_init(&pktio_param);
> + if (q_type == ODP_QUEUE_TYPE_PLAIN)
> + pktio_param.in_mode = ODP_PKTIN_MODE_QUEUE;
> + else
> + pktio_param.in_mode = ODP_PKTIN_MODE_SCHED;
> +
> + pktio = odp_pktio_open("loop", pool, &pktio_param);
> + if (pktio == ODP_PKTIO_INVALID) {
> + ret = odp_pool_destroy(pool);
> + if (ret)
> + fprintf(stderr, "unable to destroy pool.\n");
> + return ODP_PKTIO_INVALID;
> + }
> +
> + if (odp_pktio_capability(pktio, &capa)) {
> + fprintf(stderr, "pktio capabilities failed.\n");
> + return ODP_PKTIO_INVALID;
> + }
> +
> + odp_pktin_queue_param_init(&pktin_param);
> + pktin_param.queue_param.sched.sync = ODP_SCHED_SYNC_ATOMIC;
> +
> + if (odp_pktin_queue_config(pktio, &pktin_param)) {
> + fprintf(stderr, "pktin queue config failed.\n");
> + return ODP_PKTIO_INVALID;
> + }
> +
> + if (odp_pktout_queue_config(pktio, NULL)) {
> + fprintf(stderr, "pktout queue config failed.\n");
> + return ODP_PKTIO_INVALID;
> + }
> +
> + return pktio;
> +}
> +
> +static
> +int pktio_start(odp_bool_t in, odp_bool_t out)
> +{
> + odp_pktio_t pktio;
> + odp_pktio_capability_t capa;
> + odp_pktio_config_t config;
> +
> + pktio = odp_pktio_lookup("loop");
> + if (ODP_PKTIO_INVALID == pktio)
> + return -1;
> + if (odp_pktio_capability(pktio, &capa))
> + return -1;
> + /* If inline is not supported, return here. Tests will be marked as
> + * inactive when testing for IPsec capabilities. */
> + if (in && !capa.config.inbound_ipsec)
> + return 0;
> + if (out && !capa.config.outbound_ipsec)
> + return 0;
> +
> + odp_pktio_config_init(&config);
> + config.parser.layer = ODP_PKTIO_PARSER_LAYER_ALL;
> + config.inbound_ipsec = in;
> + config.outbound_ipsec = out;
> +
> + if (odp_pktio_config(pktio, &config))
> + return -1;
> + if (odp_pktio_start(pktio))
> + return -1;
> +
> + suite_context.pktio = pktio;
> +
> + return 1;
> +}
> +
> +static
> +void pktio_stop(odp_pktio_t pktio)
> +{
> + if (odp_pktio_stop(pktio))
> + fprintf(stderr, "IPsec pktio stop failed.\n");
> +
> + while (1) {
> + odp_event_t ev = odp_schedule(NULL, ODP_SCHED_NO_WAIT);
> +
> + if (ev != ODP_EVENT_INVALID)
> + odp_event_free(ev);
> + else
> + break;
> + }
> +}
> +
> +int ipsec_check(odp_bool_t ah,
> + odp_cipher_alg_t cipher,
> + odp_auth_alg_t auth)
> +{
> + odp_ipsec_capability_t capa;
> + odp_crypto_cipher_capability_t cipher_capa;
> + odp_crypto_auth_capability_t auth_capa;
> +
> + if (odp_ipsec_capability(&capa) < 0)
> + return ODP_TEST_INACTIVE;
> +
> + if ((ODP_IPSEC_OP_MODE_SYNC == suite_context.inbound_op_mode &&
> + ODP_SUPPORT_NO == capa.op_mode_sync) ||
> + (ODP_IPSEC_OP_MODE_ASYNC == suite_context.outbound_op_mode &&
> + ODP_SUPPORT_NO == capa.op_mode_sync) ||
> + (ODP_IPSEC_OP_MODE_ASYNC == suite_context.inbound_op_mode &&
> + ODP_SUPPORT_NO == capa.op_mode_async) ||
> + (ODP_IPSEC_OP_MODE_ASYNC == suite_context.outbound_op_mode &&
> + ODP_SUPPORT_NO == capa.op_mode_async) ||
> + (ODP_IPSEC_OP_MODE_INLINE == suite_context.inbound_op_mode &&
> + ODP_SUPPORT_NO == capa.op_mode_inline_in) ||
> + (ODP_IPSEC_OP_MODE_INLINE == suite_context.outbound_op_mode &&
> + ODP_SUPPORT_NO == capa.op_mode_inline_out))
> + return ODP_TEST_INACTIVE;
> +
> + if (ah && (ODP_SUPPORT_NO == capa.proto_ah))
> + return ODP_TEST_INACTIVE;
> +
> + /* Cipher algorithms */
> + switch (cipher) {
> + case ODP_CIPHER_ALG_NULL:
> + if (!capa.ciphers.bit.null)
> + return ODP_TEST_INACTIVE;
> + break;
> + case ODP_CIPHER_ALG_DES:
> + if (!capa.ciphers.bit.des)
> + return ODP_TEST_INACTIVE;
> + break;
> + case ODP_CIPHER_ALG_3DES_CBC:
> + if (!capa.ciphers.bit.trides_cbc)
> + return ODP_TEST_INACTIVE;
> + break;
> + case ODP_CIPHER_ALG_AES_CBC:
> + if (!capa.ciphers.bit.aes_cbc)
> + return ODP_TEST_INACTIVE;
> + break;
> + case ODP_CIPHER_ALG_AES_GCM:
> + if (!capa.ciphers.bit.aes_gcm)
> + return ODP_TEST_INACTIVE;
> + break;
> + default:
> + fprintf(stderr, "Unsupported cipher algorithm\n");
> + return ODP_TEST_INACTIVE;
> + }
> +
> + /* Authentication algorithms */
> + switch (auth) {
> + case ODP_AUTH_ALG_NULL:
> + if (!capa.auths.bit.null)
> + return ODP_TEST_INACTIVE;
> + break;
> + case ODP_AUTH_ALG_MD5_HMAC:
> + if (!capa.auths.bit.md5_hmac)
> + return ODP_TEST_INACTIVE;
> + break;
> + case ODP_AUTH_ALG_SHA1_HMAC:
> + if (!capa.auths.bit.sha1_hmac)
> + return ODP_TEST_INACTIVE;
> + break;
> + case ODP_AUTH_ALG_SHA256_HMAC:
> + if (!capa.auths.bit.sha256_hmac)
> + return ODP_TEST_INACTIVE;
> + break;
> + case ODP_AUTH_ALG_SHA512_HMAC:
> + if (!capa.auths.bit.sha512_hmac)
> + return ODP_TEST_INACTIVE;
> + break;
> + case ODP_AUTH_ALG_AES_GCM:
> + if (!capa.auths.bit.aes_gcm)
> + return ODP_TEST_INACTIVE;
> + break;
> + default:
> + fprintf(stderr, "Unsupported authentication algorithm\n");
> + return ODP_TEST_INACTIVE;
> + }
> +
> + if (odp_ipsec_cipher_capability(cipher, &cipher_capa, 1) <= 0) {
> + fprintf(stderr, "Wrong cipher capabilities\n");
> + return ODP_TEST_INACTIVE;
> + }
> +
> + if (odp_ipsec_auth_capability(auth, &auth_capa, 1) <= 0) {
> + fprintf(stderr, "Wrong auth capabilities\n");
> + return ODP_TEST_INACTIVE;
> + }
> +
> + return ODP_TEST_ACTIVE;
> +}
> +
> +int ipsec_check_ah_sha256(void)
> +{
> + return ipsec_check_ah(ODP_AUTH_ALG_SHA256_HMAC);
> +}
> +
> +int ipsec_check_esp_null_sha256(void)
> +{
> + return ipsec_check_esp(ODP_CIPHER_ALG_NULL,
> + ODP_AUTH_ALG_SHA256_HMAC);
> +}
> +
> +int ipsec_check_esp_aes_cbc_null(void)
> +{
> + return ipsec_check_esp(ODP_CIPHER_ALG_AES_CBC,
> + ODP_AUTH_ALG_NULL);
> +}
> +
> +int ipsec_check_esp_aes_cbc_sha256(void)
> +{
> + return ipsec_check_esp(ODP_CIPHER_ALG_AES_CBC,
> + ODP_AUTH_ALG_SHA256_HMAC);
> +}
> +
> +void ipsec_sa_param_fill(odp_ipsec_sa_param_t *param,
> + odp_bool_t in,
> + odp_bool_t ah,
> + uint32_t spi,
> + odp_ipsec_tunnel_param_t *tun,
> + odp_cipher_alg_t cipher_alg,
> + const odp_crypto_key_t *cipher_key,
> + odp_auth_alg_t auth_alg,
> + const odp_crypto_key_t *auth_key)
> +{
> + odp_ipsec_sa_param_init(param);
> + param->dir = in ? ODP_IPSEC_DIR_INBOUND :
> + ODP_IPSEC_DIR_OUTBOUND;
> + if (in)
> + param->inbound.lookup_mode = ODP_IPSEC_LOOKUP_SPI;
> +
> + param->proto = ah ? ODP_IPSEC_AH :
> + ODP_IPSEC_ESP;
> +
> + if (tun) {
> + param->mode = ODP_IPSEC_MODE_TUNNEL;
> + if (!in)
> + param->outbound.tunnel = *tun;
> + } else {
> + param->mode = ODP_IPSEC_MODE_TRANSPORT;
> + }
> +
> + param->spi = spi;
> +
> + param->dest_queue = suite_context.queue;
> +
> + if (cipher_key) {
> + param->crypto.cipher_alg = cipher_alg;
> + param->crypto.cipher_key = *cipher_key;
> + }
> +
> + if (auth_key) {
> + param->crypto.auth_alg = auth_alg;
> + param->crypto.auth_key = *auth_key;
> + }
> +}
> +
> +void ipsec_sa_destroy(odp_ipsec_sa_t sa)
> +{
> + odp_event_t event;
> + odp_ipsec_status_t status;
> +
> + CU_ASSERT_EQUAL(ODP_IPSEC_OK, odp_ipsec_sa_disable(sa));
> +
> + if (ODP_QUEUE_INVALID != suite_context.queue) {
> + do {
> + event = odp_queue_deq(suite_context.queue);
>
For SCHED queue type,direct call odp_queue_deq() is not allowed.
> + } while (event == ODP_EVENT_INVALID);
> +
> + CU_ASSERT_EQUAL(ODP_EVENT_IPSEC_STATUS,
> odp_event_type(event));
> +
> + CU_ASSERT_EQUAL(ODP_IPSEC_OK, odp_ipsec_status(&status,
> event));
> +
> + CU_ASSERT_EQUAL(ODP_IPSEC_STATUS_SA_DISABLE, status.id);
> + CU_ASSERT_EQUAL(sa, status.sa);
> + CU_ASSERT_EQUAL(0, status.result);
> + CU_ASSERT_EQUAL(0, status.warn.all);
> +
> + odp_event_free(event);
> + }
> +
> + CU_ASSERT_EQUAL(ODP_IPSEC_OK, odp_ipsec_sa_destroy(sa));
> +}
> +
> +#define PACKET_USER_PTR ((void *)0x1212fefe)
> +
> +odp_packet_t ipsec_packet(const ipsec_test_packet *itp)
> +{
> + odp_packet_t pkt = odp_packet_alloc(suite_context.pool, itp->len);
> +
> + CU_ASSERT_NOT_EQUAL(ODP_PACKET_INVALID, pkt);
> + if (ODP_PACKET_INVALID == pkt)
> + return pkt;
> +
> + CU_ASSERT_EQUAL(0, odp_packet_copy_from_mem(pkt, 0, itp->len,
> + itp->data));
> + if (itp->l2_offset != ODP_PACKET_OFFSET_INVALID)
> + CU_ASSERT_EQUAL(0, odp_packet_l2_offset_set(pkt,
> +
> itp->l2_offset));
> + if (itp->l3_offset != ODP_PACKET_OFFSET_INVALID)
> + CU_ASSERT_EQUAL(0, odp_packet_l3_offset_set(pkt,
> +
> itp->l3_offset));
> + if (itp->l4_offset != ODP_PACKET_OFFSET_INVALID)
> + CU_ASSERT_EQUAL(0, odp_packet_l4_offset_set(pkt,
> +
> itp->l4_offset));
> +
> + odp_packet_user_ptr_set(pkt, PACKET_USER_PTR);
> +
> + return pkt;
> +}
> +
> +/*
> + * Compare packages ignoring everything before L3 header
> + */
> +odp_bool_t ipsec_check_packet(const ipsec_test_packet *itp, odp_packet_t
> pkt)
> +{
> + uint32_t len = (ODP_PACKET_INVALID == pkt) ? 1 :
> odp_packet_len(pkt);
> + uint32_t l3, l4;
> + uint8_t data[len];
> +
> + if (!itp)
> + return true;
> +
> + if (ODP_PACKET_INVALID == pkt)
> + return false;
> +
> + CU_ASSERT_EQUAL(PACKET_USER_PTR, odp_packet_user_ptr(pkt));
> +
> + l3 = odp_packet_l3_offset(pkt);
> + l4 = odp_packet_l4_offset(pkt);
> + odp_packet_copy_to_mem(pkt, 0, len, data);
> +
> + if (len - l3 != itp->len - itp->l3_offset)
> + return false;
> +
> + if (l4 - l3 != itp->l4_offset - itp->l3_offset)
> + return false;
> +
> + return memcmp(data + l3,
> + itp->data + itp->l3_offset,
> + len - l3) ? false : true;
> +}
> +
> +static
> +int ipsec_send_in_one(const ipsec_test_part *part, odp_ipsec_sa_t sa,
> + odp_packet_t *pkto)
> +{
> + odp_ipsec_in_param_t param;
> + int num_out = part->out_pkt;
> + odp_packet_t pkt;
> + int i;
> +
> + pkt = ipsec_packet(part->pkt_in);
> +
> + memset(¶m, 0, sizeof(param));
> + if (!part->lookup) {
> + param.num_sa = 1;
> + param.sa = &sa;
> + } else {
> + param.num_sa = 0;
> + param.sa = NULL;
> + }
> +
> + if (ODP_IPSEC_OP_MODE_SYNC == suite_context.inbound_op_mode) {
> + CU_ASSERT_EQUAL(part->out_pkt, odp_ipsec_in(&pkt, 1,
> + pkto, &num_out,
> + ¶m));
> + CU_ASSERT_EQUAL(num_out, part->out_pkt);
> + } else if (ODP_IPSEC_OP_MODE_ASYNC ==
> suite_context.inbound_op_mode) {
> + CU_ASSERT_EQUAL(1, odp_ipsec_in_enq(&pkt, 1, ¶m));
> +
> + for (i = 0; i < num_out; i++) {
> + odp_event_t event;
> + odp_event_subtype_t subtype;
> +
> + do {
> + event = odp_queue_deq(suite_context.
> queue);
> + } while (event == ODP_EVENT_INVALID);
> +
> + CU_ASSERT_EQUAL(ODP_EVENT_PACKET,
> + odp_event_types(event, &subtype));
> + CU_ASSERT_EQUAL(ODP_EVENT_PACKET_IPSEC, subtype);
> + pkto[i] = odp_ipsec_packet_from_event(event);
> + }
> + } else {
> + odp_pktout_queue_t pktout;
> +
> + CU_ASSERT_EQUAL_FATAL(1, odp_pktout_queue(suite_
> context.pktio,
> + &pktout, 1));
> +
> + CU_ASSERT_EQUAL(1, odp_pktout_send(pktout, &pkt, 1));
> +
> + for (i = 0; i < num_out;) {
> + odp_event_t ev;
> + odp_event_subtype_t subtype;
> + odp_queue_t queue;
> +
> + ev = odp_schedule(&queue, ODP_SCHED_WAIT);
> + CU_ASSERT_NOT_EQUAL(ODP_EVENT_INVALID, ev);
> +
> + if (ODP_EVENT_INVALID == ev)
> + continue;
> +
> + CU_ASSERT_EQUAL(ODP_EVENT_PACKET,
> + odp_event_types(ev, &subtype));
> + if (queue == suite_context.queue) {
> + CU_ASSERT(!part->out[i].
> status.error.sa_lookup);
> + CU_ASSERT_EQUAL(ODP_EVENT_PACKET_IPSEC,
> + subtype);
> + } else {
> + CU_ASSERT(part->out[i].status.
> error.sa_lookup);
> + CU_ASSERT_EQUAL(ODP_EVENT_PACKET_BASIC,
> + subtype);
> + }
> + pkto[i++] = odp_ipsec_packet_from_event(ev);
> + }
> + }
> +
> + return num_out;
> +}
> +
> +static
> +int ipsec_send_out_one(const ipsec_test_part *part, odp_ipsec_sa_t sa,
> + odp_packet_t *pkto)
> +{
> + odp_ipsec_out_param_t param;
> + int num_out = part->out_pkt;
> + odp_packet_t pkt;
> + int i;
> +
> + pkt = ipsec_packet(part->pkt_in);
> +
> + memset(¶m, 0, sizeof(param));
> + param.num_sa = 1;
> + param.sa = &sa;
> + param.num_opt = 0;
> + param.opt = NULL;
> +
> + if (ODP_IPSEC_OP_MODE_SYNC == suite_context.outbound_op_mode) {
> + CU_ASSERT_EQUAL(part->out_pkt, odp_ipsec_out(&pkt, 1,
> + pkto,
> &num_out,
> + ¶m));
> + CU_ASSERT_EQUAL(num_out, part->out_pkt);
> + } else if (ODP_IPSEC_OP_MODE_ASYNC == suite_context.outbound_op_mode)
> {
> + CU_ASSERT_EQUAL(1, odp_ipsec_out_enq(&pkt, 1, ¶m));
> +
> + for (i = 0; i < num_out; i++) {
> + odp_event_t event;
> + odp_event_subtype_t subtype;
> +
> + do {
> + event = odp_queue_deq(suite_context.
> queue);
> + } while (event == ODP_EVENT_INVALID);
> +
> + CU_ASSERT_EQUAL(ODP_EVENT_PACKET,
> + odp_event_types(event, &subtype));
> + CU_ASSERT_EQUAL(ODP_EVENT_PACKET_IPSEC, subtype);
> + pkto[i] = odp_ipsec_packet_from_event(event);
> + }
> + } else {
> + struct odp_ipsec_out_inline_param_t inline_param;
> +
> + inline_param.pktio = suite_context.pktio;
> + inline_param.outer_hdr.ptr = part->out[0].pkt_out->data;
> + inline_param.outer_hdr.len = part->out[0].pkt_out->l3_
> offset;
> +
> + CU_ASSERT_EQUAL(1, odp_ipsec_out_inline(&pkt, 1, ¶m,
> + &inline_param));
> +
> + for (i = 0; i < num_out;) {
> + odp_event_t ev;
> + odp_event_subtype_t subtype;
> + odp_queue_t queue;
> +
> + ev = odp_schedule(&queue, ODP_SCHED_WAIT);
> + CU_ASSERT_NOT_EQUAL(ODP_EVENT_INVALID, ev);
> +
> + if (ODP_EVENT_INVALID == ev)
> + continue;
> +
> + CU_ASSERT_EQUAL(ODP_EVENT_PACKET,
> + odp_event_types(ev, &subtype));
> + if (queue == suite_context.queue) {
> + CU_ASSERT(part->out[i].status.error.all);
> + CU_ASSERT_EQUAL(ODP_EVENT_PACKET_IPSEC,
> + subtype);
> + } else {
> + CU_ASSERT(!part->out[i].status.error.all);
> + CU_ASSERT_EQUAL(ODP_EVENT_PACKET_BASIC,
> + subtype);
> + }
> + pkto[i++] = odp_ipsec_packet_from_event(ev);
> + }
> + }
> +
> + return num_out;
> +}
> +
> +void ipsec_check_in_one(const ipsec_test_part *part, odp_ipsec_sa_t sa)
> +{
> + int num_out = part->out_pkt;
> + odp_packet_t pkto[num_out];
> + int i;
> +
> + num_out = ipsec_send_in_one(part, sa, pkto);
> +
> + for (i = 0; i < num_out; i++) {
> + odp_ipsec_packet_result_t result;
> +
> + if (ODP_PACKET_INVALID == pkto[i]) {
> + CU_FAIL("ODP_PACKET_INVALID received");
> + continue;
> + }
> +
> + if (ODP_EVENT_PACKET_IPSEC !=
> + odp_event_subtype(odp_packet_to_event(pkto[i]))) {
> + /* Inline packet went through loop */
> + CU_ASSERT_EQUAL(1, part->out[i].status.error.sa_
> lookup);
> + } else {
> + CU_ASSERT_EQUAL(0, odp_ipsec_result(&result,
> pkto[i]));
> + CU_ASSERT_EQUAL(part->out[i].status.error.all,
> + result.status.error.all);
> + CU_ASSERT_EQUAL(sa, result.sa);
> + }
> + CU_ASSERT(ipsec_check_packet(part->out[i].pkt_out,
> + pkto[i]));
> + odp_packet_free(pkto[i]);
> + }
> +}
> +
> +void ipsec_check_out_one(const ipsec_test_part *part, odp_ipsec_sa_t sa)
> +{
> + int num_out = part->out_pkt;
> + odp_packet_t pkto[num_out];
> + int i;
> +
> + num_out = ipsec_send_out_one(part, sa, pkto);
> +
> + for (i = 0; i < num_out; i++) {
> + odp_ipsec_packet_result_t result;
> +
> + if (ODP_PACKET_INVALID == pkto[i]) {
> + CU_FAIL("ODP_PACKET_INVALID received");
> + continue;
> + }
> +
> + if (ODP_EVENT_PACKET_IPSEC !=
> + odp_event_subtype(odp_packet_to_event(pkto[i]))) {
> + /* Inline packet went through loop */
> + CU_ASSERT_EQUAL(0, part->out[i].status.error.all);
> + } else {
> + /* IPsec packet */
> + CU_ASSERT_EQUAL(0, odp_ipsec_result(&result,
> pkto[i]));
> + CU_ASSERT_EQUAL(part->out[i].status.error.all,
> + result.status.error.all);
> + CU_ASSERT_EQUAL(sa, result.sa);
> + }
> + CU_ASSERT(ipsec_check_packet(part->out[i].pkt_out,
> + pkto[i]));
> + odp_packet_free(pkto[i]);
> + }
> +}
> +
> +void ipsec_check_out_in_one(const ipsec_test_part *part,
> + odp_ipsec_sa_t sa,
> + odp_ipsec_sa_t sa_in)
> +{
> + int num_out = part->out_pkt;
> + odp_packet_t pkto[num_out];
> + int i;
> +
> + num_out = ipsec_send_out_one(part, sa, pkto);
> +
> + for (i = 0; i < num_out; i++) {
> + ipsec_test_part part_in = *part;
> + ipsec_test_packet pkt_in;
> + odp_ipsec_packet_result_t result;
> +
> + if (ODP_PACKET_INVALID == pkto[i]) {
> + CU_FAIL("ODP_PACKET_INVALID received");
> + continue;
> + }
> +
> + if (ODP_EVENT_PACKET_IPSEC !=
> + odp_event_subtype(odp_packet_to_event(pkto[i]))) {
> + /* Inline packet went through loop */
> + CU_ASSERT_EQUAL(0, part->out[i].status.error.all);
> + } else {
> + /* IPsec packet */
> + CU_ASSERT_EQUAL(0, odp_ipsec_result(&result,
> pkto[i]));
> + CU_ASSERT_EQUAL(part->out[i].status.error.all,
> + result.status.error.all);
> + CU_ASSERT_EQUAL(sa, result.sa);
> + }
> + CU_ASSERT_FATAL(odp_packet_len(pkto[i]) <=
> + sizeof(pkt_in.data));
> +
> + pkt_in.len = odp_packet_len(pkto[i]);
> + pkt_in.l2_offset = odp_packet_l2_offset(pkto[i]);
> + pkt_in.l3_offset = odp_packet_l3_offset(pkto[i]);
> + pkt_in.l4_offset = odp_packet_l4_offset(pkto[i]);
> + odp_packet_copy_to_mem(pkto[i], 0,
> + pkt_in.len,
> + pkt_in.data);
> + part_in.pkt_in = &pkt_in;
> + ipsec_check_in_one(&part_in, sa_in);
> + odp_packet_free(pkto[i]);
> + }
> +}
> +
> +static
> void ipsec_test_capability(void)
> {
> odp_ipsec_capability_t capa;
> @@ -22,11 +645,260 @@ odp_testinfo_t ipsec_suite[] = {
> ODP_TEST_INFO_NULL
> };
>
> +static
> +int ODP_UNUSED ipsec_sync_init(void)
> +{
> + suite_context.pool = odp_pool_lookup("packet_pool");
> + if (suite_context.pool == ODP_POOL_INVALID)
> + return -1;
> +
> + suite_context.queue = ODP_QUEUE_INVALID;
> + suite_context.pktio = ODP_PKTIO_INVALID;
> + suite_context.inbound_op_mode = ODP_IPSEC_OP_MODE_SYNC;
> + suite_context.outbound_op_mode = ODP_IPSEC_OP_MODE_SYNC;
> +
> + return 0;
> +}
> +
> +static
> +int ODP_UNUSED ipsec_async_init(void)
> +{
> + suite_context.pool = odp_pool_lookup("packet_pool");
> + if (suite_context.pool == ODP_POOL_INVALID)
> + return -1;
> + suite_context.queue = odp_queue_lookup("ipsec-out");
> + if (suite_context.queue == ODP_QUEUE_INVALID)
> + return -1;
> +
> + suite_context.pktio = ODP_PKTIO_INVALID;
> + suite_context.inbound_op_mode = ODP_IPSEC_OP_MODE_ASYNC;
> + suite_context.outbound_op_mode = ODP_IPSEC_OP_MODE_ASYNC;
> +
> + return 0;
> +}
> +
> +static
> +int ODP_UNUSED ipsec_in_inline_init(void)
> +{
> + int rc;
> +
> + suite_context.pool = odp_pool_lookup("packet_pool");
> + if (suite_context.pool == ODP_POOL_INVALID)
> + return -1;
> + suite_context.queue = odp_queue_lookup("ipsec-out-sched");
> + if (suite_context.queue == ODP_QUEUE_INVALID)
> + return -1;
> + rc = pktio_start(true, false);
> + if (rc <= 0)
> + return rc;
> + if (suite_context.pktio == ODP_PKTIO_INVALID)
> + return -1;
> +
> + suite_context.inbound_op_mode = ODP_IPSEC_OP_MODE_INLINE;
> + suite_context.outbound_op_mode = ODP_IPSEC_OP_MODE_ASYNC;
> +
> + return 0;
> +}
> +
> +static
> +int ODP_UNUSED ipsec_out_inline_init(void)
> +{
> + int rc;
> +
> + suite_context.pool = odp_pool_lookup("packet_pool");
> + if (suite_context.pool == ODP_POOL_INVALID)
> + return -1;
> + suite_context.queue = odp_queue_lookup("ipsec-out");
> + if (suite_context.queue == ODP_QUEUE_INVALID)
> + return -1;
> + rc = pktio_start(false, true);
> + if (rc <= 0)
> + return rc;
> + if (suite_context.pktio == ODP_PKTIO_INVALID)
> + return -1;
> +
> + suite_context.inbound_op_mode = ODP_IPSEC_OP_MODE_ASYNC;
> + suite_context.outbound_op_mode = ODP_IPSEC_OP_MODE_INLINE;
> +
> + return 0;
> +}
> +
> +static
> +int ipsec_suite_term(odp_testinfo_t *suite)
> +{
> + int i;
> + int first = 1;
> +
> + if (suite_context.pktio != ODP_PKTIO_INVALID)
> + pktio_stop(suite_context.pktio);
> +
> + for (i = 0; suite[i].pName; i++) {
> + if (suite[i].check_active &&
> + suite[i].check_active() == ODP_TEST_INACTIVE) {
> + if (first) {
> + first = 0;
> + printf("\n\n Inactive tests:\n");
> + }
> + printf(" %s\n", suite[i].pName);
> + }
> + }
> +
> + return 0;
> +}
> +
> +static
> +int ipsec_in_term(void)
> +{
> + return ipsec_suite_term(ipsec_in_suite);
> +}
> +
> +static
> +int ipsec_out_term(void)
> +{
> + return ipsec_suite_term(ipsec_out_suite);
> +}
> +
> odp_suiteinfo_t ipsec_suites[] = {
> {"IPsec", NULL, NULL, ipsec_suite},
> + {"IPsec-sync-in", ipsec_sync_init, ipsec_in_term, ipsec_in_suite},
> + {"IPsec-sync-out", ipsec_sync_init, ipsec_out_term,
> ipsec_out_suite},
> + {"IPsec-async-in", ipsec_async_init, ipsec_in_term,
> ipsec_in_suite},
> + {"IPsec-async-out", ipsec_async_init, ipsec_out_term,
> ipsec_out_suite},
> + {"IPsec-inline-in", ipsec_in_inline_init, ipsec_in_term,
> + ipsec_in_suite},
> + {"IPsec-inline-out", ipsec_out_inline_init, ipsec_out_term,
> + ipsec_out_suite},
> ODP_SUITE_INFO_NULL,
> };
>
> +static
> +int ipsec_init(odp_instance_t *inst)
> +{
> + odp_pool_param_t params;
> + odp_pool_t pool;
> + odp_queue_param_t queue_param;
> + odp_queue_t out_queue;
> + odp_pool_capability_t pool_capa;
> + odp_pktio_t pktio;
> +
> + if (0 != odp_init_global(inst, NULL, NULL)) {
> + fprintf(stderr, "error: odp_init_global() failed.\n");
> + return -1;
> + }
> +
> + if (0 != odp_init_local(*inst, ODP_THREAD_CONTROL)) {
> + fprintf(stderr, "error: odp_init_local() failed.\n");
> + return -1;
> + }
> +
> + if (odp_pool_capability(&pool_capa) < 0) {
> + fprintf(stderr, "error: odp_pool_capability() failed.\n");
> + return -1;
> + }
> +
> + odp_pool_param_init(¶ms);
> + params.pkt.seg_len = PKT_POOL_LEN;
> + params.pkt.len = PKT_POOL_LEN;
> + params.pkt.num = PKT_POOL_NUM;
> + params.type = ODP_POOL_PACKET;
> +
> + if (pool_capa.pkt.max_seg_len &&
> + PKT_POOL_LEN > pool_capa.pkt.max_seg_len) {
> + fprintf(stderr, "Warning: small packet segment length\n");
> + params.pkt.seg_len = pool_capa.pkt.max_seg_len;
> + }
> +
> + if (pool_capa.pkt.max_len &&
> + PKT_POOL_LEN > pool_capa.pkt.max_len) {
> + fprintf(stderr, "Pool max packet length too small\n");
> + return -1;
> + }
> +
> + pool = odp_pool_create("packet_pool", ¶ms);
> +
> + if (ODP_POOL_INVALID == pool) {
> + fprintf(stderr, "Packet pool creation failed.\n");
> + return -1;
> + }
> + out_queue = odp_queue_create("ipsec-out", NULL);
> + if (ODP_QUEUE_INVALID == out_queue) {
> + fprintf(stderr, "IPsec outq creation failed.\n");
> + return -1;
> + }
> +
> + odp_queue_param_init(&queue_param);
> + queue_param.type = ODP_QUEUE_TYPE_SCHED;
> + queue_param.sched.sync = ODP_SCHED_SYNC_PARALLEL;
> + queue_param.sched.prio = ODP_SCHED_PRIO_HIGHEST;
> + queue_param.sched.group = ODP_SCHED_GROUP_ALL;
> +
> + out_queue = odp_queue_create("ipsec-out-sched", &queue_param);
> + if (ODP_QUEUE_INVALID == out_queue) {
> + fprintf(stderr, "IPsec sched outq creation failed.\n");
> + return -1;
> + }
> +
> + pktio = pktio_create(ODP_QUEUE_TYPE_SCHED, pool);
> + if (ODP_PKTIO_INVALID == pktio) {
> + fprintf(stderr, "IPsec pktio creation failed.\n");
> + return -1;
> + }
> +
> + return 0;
> +}
> +
> +static
> +int ipsec_term(odp_instance_t inst)
> +{
> + odp_pool_t pool;
> + odp_queue_t out_queue;
> + odp_pktio_t pktio;
> +
> + pktio = odp_pktio_lookup("loop");
> + if (ODP_PKTIO_INVALID != pktio) {
> + if (odp_pktio_close(pktio))
> + fprintf(stderr, "IPsec pktio close failed.\n");
> + } else {
> + fprintf(stderr, "IPsec pktio not found.\n");
> + }
> +
> + out_queue = odp_queue_lookup("ipsec-out-sched");
> + if (ODP_QUEUE_INVALID != out_queue) {
> + if (odp_queue_destroy(out_queue))
> + fprintf(stderr, "IPsec sched outq destroy
> failed.\n");
> + } else {
> + fprintf(stderr, "IPsec sched outq not found.\n");
> + }
> +
> + out_queue = odp_queue_lookup("ipsec-out");
> + if (ODP_QUEUE_INVALID != out_queue) {
> + if (odp_queue_destroy(out_queue))
> + fprintf(stderr, "IPsec outq destroy failed.\n");
> + } else {
> + fprintf(stderr, "IPsec outq not found.\n");
> + }
> +
> + pool = odp_pool_lookup("packet_pool");
> + if (ODP_POOL_INVALID != pool) {
> + if (odp_pool_destroy(pool))
> + fprintf(stderr, "Packet pool destroy failed.\n");
> + } else {
> + fprintf(stderr, "Packet pool not found.\n");
> + }
> +
> + if (0 != odp_term_local()) {
> + fprintf(stderr, "error: odp_term_local() failed.\n");
> + return -1;
> + }
> +
> + if (0 != odp_term_global(inst)) {
> + fprintf(stderr, "error: odp_term_global() failed.\n");
> + return -1;
> + }
> +
> + return 0;
> +}
> +
> int ipsec_main(int argc, char *argv[])
> {
> int ret;
> @@ -35,8 +907,10 @@ int ipsec_main(int argc, char *argv[])
> if (odp_cunit_parse_options(argc, argv))
> return -1;
>
> - ret = odp_cunit_register(ipsec_suites);
> + odp_cunit_register_global_init(ipsec_init);
> + odp_cunit_register_global_term(ipsec_term);
>
> + ret = odp_cunit_register(ipsec_suites);
> if (ret == 0)
> ret = odp_cunit_run();
>
> diff --git a/test/common_plat/validation/api/ipsec/ipsec.h
> b/test/common_plat/validation/api/ipsec/ipsec.h
> index 290a186f..8ffe9f31 100644
> --- a/test/common_plat/validation/api/ipsec/ipsec.h
> +++ b/test/common_plat/validation/api/ipsec/ipsec.h
> @@ -9,16 +9,70 @@
>
> #include <odp_cunit_common.h>
>
> -/* test functions: */
> -void ipsec_test_capability(void);
> -
> /* test arrays: */
> -extern odp_testinfo_t ipsec_suite[];
> -
> -/* test registry: */
> -extern odp_suiteinfo_t ipsec_suites[];
> +extern odp_testinfo_t ipsec_in_suite[];
> +extern odp_testinfo_t ipsec_out_suite[];
>
> /* main test program: */
> int ipsec_main(int argc, char *argv[]);
>
> +struct suite_context_s {
> + odp_ipsec_op_mode_t inbound_op_mode;
> + odp_ipsec_op_mode_t outbound_op_mode;
> + odp_pool_t pool;
> + odp_queue_t queue;
> + odp_pktio_t pktio;
> +};
> +
> +extern struct suite_context_s suite_context;
> +
> +typedef struct {
> + uint32_t len;
> + uint32_t l2_offset;
> + uint32_t l3_offset;
> + uint32_t l4_offset;
> + uint8_t data[256];
> +} ipsec_test_packet;
> +
> +typedef struct {
> + const ipsec_test_packet *pkt_in;
> + odp_bool_t lookup;
> + int out_pkt;
> + struct {
> + odp_ipsec_op_status_t status;
> + const ipsec_test_packet *pkt_out;
> + } out[1];
> +} ipsec_test_part;
> +
> +void ipsec_sa_param_fill(odp_ipsec_sa_param_t *param,
> + odp_bool_t in,
> + odp_bool_t ah,
> + uint32_t spi,
> + odp_ipsec_tunnel_param_t *tun,
> + odp_cipher_alg_t cipher_alg,
> + const odp_crypto_key_t *cipher_key,
> + odp_auth_alg_t auth_alg,
> + const odp_crypto_key_t *auth_key);
> +
> +void ipsec_sa_destroy(odp_ipsec_sa_t sa);
> +odp_packet_t ipsec_packet(const ipsec_test_packet *itp);
> +odp_bool_t ipsec_check_packet(const ipsec_test_packet *itp, odp_packet_t
> pkt);
> +void ipsec_check_in_one(const ipsec_test_part *part, odp_ipsec_sa_t sa);
> +void ipsec_check_out_one(const ipsec_test_part *part, odp_ipsec_sa_t sa);
> +void ipsec_check_out_in_one(const ipsec_test_part *part,
> + odp_ipsec_sa_t sa,
> + odp_ipsec_sa_t sa_in);
> +
> +int ipsec_check(odp_bool_t ah,
> + odp_cipher_alg_t cipher,
> + odp_auth_alg_t auth);
> +#define ipsec_check_ah(auth) \
> + ipsec_check(true, ODP_CIPHER_ALG_NULL, auth)
> +#define ipsec_check_esp(cipher, auth) \
> + ipsec_check(false, cipher, auth)
> +int ipsec_check_ah_sha256(void);
> +int ipsec_check_esp_null_sha256(void);
> +int ipsec_check_esp_aes_cbc_null(void);
> +int ipsec_check_esp_aes_cbc_sha256(void);
> +
> #endif
> diff --git a/test/common_plat/validation/api/ipsec/ipsec_test_in.c
> b/test/common_plat/validation/api/ipsec/ipsec_test_in.c
> new file mode 100644
> index 00000000..bd9a47f1
> --- /dev/null
> +++ b/test/common_plat/validation/api/ipsec/ipsec_test_in.c
> @@ -0,0 +1,831 @@
> +/* Copyright (c) 2017, Linaro Limited
> + * All rights reserved.
> + *
> + * SPDX-License-Identifier: BSD-3-Clause
> + */
> +
> +#include "ipsec.h"
> +
> +#include "test_vectors.h"
> +
> +static
> +void test_in_ah_sha256(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, true, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_ah_sha256_1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_ah_sha256_tun(void)
> +{
> + odp_ipsec_tunnel_param_t tunnel = {};
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, true, 123, &tunnel,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_ah_tun_sha256_1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_ah_sha256_tun_notun(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, true, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_ah_tun_sha256_1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0_ipip },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_esp_null_sha256(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_esp_null_sha256_1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_esp_aes_cbc_null(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 123, NULL,
> + ODP_CIPHER_ALG_AES_CBC, &key_a5_128,
> + ODP_AUTH_ALG_NULL, NULL);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_esp_aes_cbc_null_1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_esp_aes_cbc_sha256(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 123, NULL,
> + ODP_CIPHER_ALG_AES_CBC, &key_a5_128,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_esp_aes_cbc_sha256_1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_lookup_ah_sha256(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, true, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_ah_sha256_1,
> + .lookup = 1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_lookup_esp_null_sha256(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_esp_null_sha256_1,
> + .lookup = 1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_esp_null_sha256_tun(void)
> +{
> + odp_ipsec_tunnel_param_t tunnel = {};
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 123, &tunnel,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_esp_tun_null_sha256_1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_ah_esp_pkt(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + /* This test will not work properly inbound inline mode.
> + * test_in_lookup_ah_esp_pkt will be used instead. */
> + if (suite_context.inbound_op_mode == ODP_IPSEC_OP_MODE_INLINE)
> + return;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, true, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_esp_null_sha256_1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.proto = 1,
> + .pkt_out = NULL },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_esp_ah_pkt(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + /* This test will not work properly inbound inline mode.
> + * test_in_lookup_esp_ah_pkt will be used instead. */
> + if (suite_context.inbound_op_mode == ODP_IPSEC_OP_MODE_INLINE)
> + return;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_ah_sha256_1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.proto = 1,
> + .pkt_out = NULL },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_lookup_ah_esp_pkt(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, true, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_esp_null_sha256_1,
> + .lookup = 1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.sa_lookup = 1,
> + .pkt_out = NULL },
> + },
> + };
> +
> + ipsec_check_in_one(&test, ODP_IPSEC_SA_INVALID);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_lookup_esp_ah_pkt(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_ah_sha256_1,
> + .lookup = 1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.sa_lookup = 1,
> + .pkt_out = NULL },
> + },
> + };
> +
> + ipsec_check_in_one(&test, ODP_IPSEC_SA_INVALID);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_ah_sha256_bad1(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, true, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_ah_sha256_1_bad1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.auth = 1,
> + .pkt_out = NULL },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_ah_sha256_bad2(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, true, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_ah_sha256_1_bad2,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.auth = 1,
> + .pkt_out = NULL },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_esp_null_sha256_bad1(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0_esp_null_sha256_1_bad1,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.auth = 1,
> + .pkt_out = NULL },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_rfc3602_5_esp(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 0x4321, NULL,
> + ODP_CIPHER_ALG_AES_CBC, &key_rfc3602,
> + ODP_AUTH_ALG_NULL, NULL);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_rfc3602_5_esp,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_rfc3602_5 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_rfc3602_6_esp(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 0x4321, NULL,
> + ODP_CIPHER_ALG_AES_CBC, &key_rfc3602,
> + ODP_AUTH_ALG_NULL, NULL);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_rfc3602_6_esp,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_rfc3602_6 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_rfc3602_7_esp(void)
> +{
> + odp_ipsec_tunnel_param_t tunnel = {};
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 0x8765, &tunnel,
> + ODP_CIPHER_ALG_AES_CBC, &key_rfc3602_2,
> + ODP_AUTH_ALG_NULL, NULL);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_rfc3602_7_esp,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_rfc3602_7 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_in_rfc3602_8_esp(void)
> +{
> + odp_ipsec_tunnel_param_t tunnel = {};
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 0x8765, &tunnel,
> + ODP_CIPHER_ALG_AES_CBC, &key_rfc3602_2,
> + ODP_AUTH_ALG_NULL, NULL);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_rfc3602_8_esp,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_rfc3602_8 },
> + },
> + };
> +
> + ipsec_check_in_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +odp_testinfo_t ipsec_in_suite[] = {
> + ODP_TEST_INFO_CONDITIONAL(test_in_rfc3602_5_esp,
> + ipsec_check_esp_aes_cbc_null),
> + ODP_TEST_INFO_CONDITIONAL(test_in_rfc3602_6_esp,
> + ipsec_check_esp_aes_cbc_null),
> + ODP_TEST_INFO_CONDITIONAL(test_in_rfc3602_7_esp,
> + ipsec_check_esp_aes_cbc_null),
> + ODP_TEST_INFO_CONDITIONAL(test_in_rfc3602_8_esp,
> + ipsec_check_esp_aes_cbc_null),
> + ODP_TEST_INFO_CONDITIONAL(test_in_ah_sha256,
> + ipsec_check_ah_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_ah_sha256_tun,
> + ipsec_check_ah_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_ah_sha256_tun_notun,
> + ipsec_check_ah_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_esp_null_sha256,
> + ipsec_check_esp_null_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_esp_aes_cbc_null,
> + ipsec_check_esp_aes_cbc_null),
> + ODP_TEST_INFO_CONDITIONAL(test_in_esp_aes_cbc_sha256,
> + ipsec_check_esp_aes_cbc_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_lookup_ah_sha256,
> + ipsec_check_ah_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_lookup_esp_null_sha256,
> + ipsec_check_esp_null_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_esp_null_sha256_tun,
> + ipsec_check_esp_null_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_ah_esp_pkt,
> + ipsec_check_ah_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_esp_ah_pkt,
> + ipsec_check_esp_null_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_lookup_ah_esp_pkt,
> + ipsec_check_ah_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_lookup_esp_ah_pkt,
> + ipsec_check_esp_null_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_ah_sha256_bad1,
> + ipsec_check_ah_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_ah_sha256_bad2,
> + ipsec_check_ah_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_in_esp_null_sha256_bad1,
> + ipsec_check_esp_null_sha256),
> + ODP_TEST_INFO_NULL,
> +};
> diff --git a/test/common_plat/validation/api/ipsec/ipsec_test_out.c
> b/test/common_plat/validation/api/ipsec/ipsec_test_out.c
> new file mode 100644
> index 00000000..a62f2549
> --- /dev/null
> +++ b/test/common_plat/validation/api/ipsec/ipsec_test_out.c
> @@ -0,0 +1,347 @@
> +/* Copyright (c) 2017, Linaro Limited
> + * All rights reserved.
> + *
> + * SPDX-License-Identifier: BSD-3-Clause
> + */
> +
> +#include "ipsec.h"
> +
> +#include "test_vectors.h"
> +
> +static
> +void test_out_ah_sha256(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + false, true, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0_ah_sha256_1 },
> + },
> + };
> +
> + ipsec_check_out_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +#define IPV4ADDR(a, b, c, d) odp_cpu_to_be_32((a << 24) | \
> + (b << 16) | \
> + (c << 8) | \
> + (d << 0))
> +
> +static
> +void test_out_ah_sha256_tun(void)
> +{
> + uint32_t src = IPV4ADDR(10, 0, 111, 2);
> + uint32_t dst = IPV4ADDR(10, 0, 222, 2);
> + odp_ipsec_tunnel_param_t tunnel = {
> + .type = ODP_IPSEC_TUNNEL_IPV4,
> + .ipv4.src_addr = &src,
> + .ipv4.dst_addr = &dst,
> + .ipv4.ttl = 64,
> + };
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + false, true, 123, &tunnel,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0_ah_tun_sha256_1 },
> + },
> + };
> +
> + ipsec_check_out_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_out_esp_null_sha256_out(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + false, false, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0_esp_null_sha256_1 },
> + },
> + };
> +
> + ipsec_check_out_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_out_esp_null_sha256_tun_out(void)
> +{
> + uint32_t src = IPV4ADDR(10, 0, 111, 2);
> + uint32_t dst = IPV4ADDR(10, 0, 222, 2);
> + odp_ipsec_tunnel_param_t tunnel = {
> + .type = ODP_IPSEC_TUNNEL_IPV4,
> + .ipv4.src_addr = &src,
> + .ipv4.dst_addr = &dst,
> + .ipv4.ttl = 64,
> + };
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + false, false, 123, &tunnel,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0_esp_tun_null_sha256_1 },
> + },
> + };
> +
> + ipsec_check_out_one(&test, sa);
> +
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_out_esp_null_sha256(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> + odp_ipsec_sa_t sa2;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + false, false, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 123, NULL,
> + ODP_CIPHER_ALG_NULL, NULL,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa2 = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa2);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0 },
> + },
> + };
> +
> + ipsec_check_out_in_one(&test, sa, sa2);
> +
> + ipsec_sa_destroy(sa2);
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_out_esp_aes_cbc_null(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> + odp_ipsec_sa_t sa2;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + false, false, 123, NULL,
> + ODP_CIPHER_ALG_AES_CBC, &key_a5_128,
> + ODP_AUTH_ALG_NULL, NULL);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 123, NULL,
> + ODP_CIPHER_ALG_AES_CBC, &key_a5_128,
> + ODP_AUTH_ALG_NULL, NULL);
> +
> + sa2 = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa2);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0 },
> + },
> + };
> +
> + ipsec_check_out_in_one(&test, sa, sa2);
> +
> + ipsec_sa_destroy(sa2);
> + ipsec_sa_destroy(sa);
> +}
> +
> +static
> +void test_out_esp_aes_cbc_sha256(void)
> +{
> + odp_ipsec_config_t ipsec_config;
> + odp_ipsec_sa_param_t param;
> + odp_ipsec_sa_t sa;
> + odp_ipsec_sa_t sa2;
> +
> + odp_ipsec_config_init(&ipsec_config);
> + ipsec_config.inbound_mode = suite_context.inbound_op_mode;
> + ipsec_config.outbound_mode = suite_context.outbound_op_mode;
> + ipsec_config.inbound.default_queue = suite_context.queue;
> +
> + CU_ASSERT_EQUAL_FATAL(ODP_IPSEC_OK, odp_ipsec_config(&ipsec_
> config));
> +
> + ipsec_sa_param_fill(¶m,
> + false, false, 123, NULL,
> + ODP_CIPHER_ALG_AES_CBC, &key_a5_128,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
> +
> + ipsec_sa_param_fill(¶m,
> + true, false, 123, NULL,
> + ODP_CIPHER_ALG_AES_CBC, &key_a5_128,
> + ODP_AUTH_ALG_SHA256_HMAC, &key_5a_256);
> +
> + sa2 = odp_ipsec_sa_create(¶m);
> +
> + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa2);
> +
> + ipsec_test_part test = {
> + .pkt_in = &pkt_icmp_0,
> + .out_pkt = 1,
> + .out = {
> + { .status.warn.all = 0,
> + .status.error.all = 0,
> + .pkt_out = &pkt_icmp_0 },
> + },
> + };
> +
> + ipsec_check_out_in_one(&test, sa, sa2);
> +
> + ipsec_sa_destroy(sa2);
> + ipsec_sa_destroy(sa);
> +}
> +
> +odp_testinfo_t ipsec_out_suite[] = {
> + ODP_TEST_INFO_CONDITIONAL(test_out_ah_sha256,
> + ipsec_check_ah_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_out_ah_sha256_tun,
> + ipsec_check_ah_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_out_esp_null_sha256_out,
> + ipsec_check_esp_null_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_out_esp_null_sha256_tun_out,
> + ipsec_check_esp_null_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_out_esp_null_sha256,
> + ipsec_check_esp_null_sha256),
> + ODP_TEST_INFO_CONDITIONAL(test_out_esp_aes_cbc_null,
> + ipsec_check_esp_aes_cbc_null),
> + ODP_TEST_INFO_CONDITIONAL(test_out_esp_aes_cbc_sha256,
> + ipsec_check_esp_aes_cbc_sha256),
> + ODP_TEST_INFO_NULL,
> +};
> diff --git a/test/common_plat/validation/api/ipsec/test_vectors.h
> b/test/common_plat/validation/api/ipsec/test_vectors.h
> new file mode 100644
> index 00000000..facd0636
> --- /dev/null
> +++ b/test/common_plat/validation/api/ipsec/test_vectors.h
> @@ -0,0 +1,728 @@
> +/* Copyright (c) 2017, Linaro Limited
> + * All rights reserved.
> + *
> + * SPDX-License-Identifier: BSD-3-Clause
> + */
> +
> +#ifndef _ODP_TEST_IPSEC_VECTORS_H_
> +#define _ODP_TEST_IPSEC_VECTORS_H_
> +
> +#define KEY(name, ...) \
> + static uint8_t name ## _data[] = { __VA_ARGS__ }; \
> + static const ODP_UNUSED odp_crypto_key_t name = { \
> + .data = name ## _data, \
> + .length = sizeof(name ## _data), \
> + }
> +
> +KEY(key_a5_128, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5,
> + 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5);
> +KEY(key_5a_128, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a,
> + 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a);
> +KEY(key_a5_256, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5,
> + 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5,
> + 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5,
> + 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5, 0xa5);
> +KEY(key_5a_256, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a,
> + 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a,
> + 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a,
> + 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a, 0x5a);
> +
> +KEY(key_rfc3602, 0x90, 0xd3, 0x82, 0xb4, 0x10, 0xee, 0xba, 0x7a,
> + 0xd9, 0x38, 0xc4, 0x6c, 0xec, 0x1a, 0x82, 0xbf);
> +KEY(key_rfc3602_2, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
> + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef);
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_icmp_0 = {
> + .len = 142,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x01, 0xac, 0x27, 0xc0, 0xa8, 0x6f, 0x02,
> + 0xc0, 0xa8, 0xde, 0x02,
> +
> + /* ICMP */
> + 0x08, 0x00, 0xfb, 0x37, 0x12, 0x34, 0x00, 0x00,
> + 0xba, 0xbe, 0x01, 0x23, 0x45, 0x67, 0xca, 0xfe,
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
> + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
> + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
> + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
> + 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
> + 0x58, 0x59, 0x5a, 0x5b,
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_ipip = {
> + .len = 162,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x94, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x04, 0x19, 0x62, 0x0a, 0x00, 0x6f, 0x02,
> + 0x0a, 0x00, 0xde, 0x02,
> +
> + /* Inner IP */
> + 0x45, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x01, 0xac, 0x27, 0xc0, 0xa8, 0x6f, 0x02,
> + 0xc0, 0xa8, 0xde, 0x02,
> +
> + /* ICMP */
> + 0x08, 0x00, 0xfb, 0x37, 0x12, 0x34, 0x00, 0x00,
> + 0xba, 0xbe, 0x01, 0x23, 0x45, 0x67, 0xca, 0xfe,
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
> + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
> + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
> + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
> + 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
> + 0x58, 0x59, 0x5a, 0x5b
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_ah_sha256_1 = {
> + .len = 170,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x9c, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x33, 0xab, 0xd9, 0xc0, 0xa8, 0x6f, 0x02,
> + 0xc0, 0xa8, 0xde, 0x02,
> +
> + /* AH */
> + 0x01, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7b,
> + 0x00, 0x00, 0x00, 0x01,
> + 0x6c, 0x2e, 0xf7, 0x1f, 0x7c, 0x70, 0x39, 0xa3,
> + 0x4a, 0x77, 0x01, 0x47, 0x9e, 0x45, 0x73, 0x51,
> +
> + /* ICMP */
> + 0x08, 0x00, 0xfb, 0x37, 0x12, 0x34, 0x00, 0x00,
> + 0xba, 0xbe, 0x01, 0x23, 0x45, 0x67, 0xca, 0xfe,
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
> + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
> + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
> + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
> + 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
> + 0x58, 0x59, 0x5a, 0x5b,
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_ah_tun_sha256_1 = {
> + .len = 190,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0xb0, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x33, 0x19, 0x17, 0x0a, 0x00, 0x6f, 0x02,
> + 0x0a, 0x00, 0xde, 0x02,
> +
> + /* AH */
> + 0x04, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7b,
> + 0x00, 0x00, 0x00, 0x01,
> + 0xd5, 0x35, 0x9b, 0x21, 0xe6, 0x14, 0x9b, 0x42,
> + 0x1f, 0x00, 0xfa, 0x36, 0x73, 0x4c, 0x53, 0xcf,
> +
> + /* Inner IP */
> + 0x45, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x01, 0xac, 0x27, 0xc0, 0xa8, 0x6f, 0x02,
> + 0xc0, 0xa8, 0xde, 0x02,
> +
> + /* ICMP */
> + 0x08, 0x00, 0xfb, 0x37, 0x12, 0x34, 0x00, 0x00,
> + 0xba, 0xbe, 0x01, 0x23, 0x45, 0x67, 0xca, 0xfe,
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
> + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
> + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
> + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
> + 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
> + 0x58, 0x59, 0x5a, 0x5b,
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_ah_sha256_1_bad1 = {
> + .len = 168,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x9a, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x33, 0xab, 0xd9, 0xc0, 0xa8, 0x6f, 0x02,
> + 0xc0, 0xa8, 0xde, 0x02,
> +
> + /* AH */
> + 0x01, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7b,
> + 0x00, 0x00, 0x00, 0x01,
> + 0x6c, 0x2e, 0xf7, 0x1f, 0x7c, 0x70, 0x39, 0xa3,
> + 0x4a, 0x77, 0x01, 0x47, 0x9e, 0x45, 0x73, 0x51,
> +
> + /* ICMP */
> + 0x08, 0x00, 0xfb, 0x37, 0x12, 0x34, 0x00, 0x00,
> + 0xba, 0xbe, 0x01, 0x23, 0x45, 0x67, 0xca, 0xfe,
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
> + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
> + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
> + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
> + 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
> + 0x58, 0x59,
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_ah_sha256_1_bad2 = {
> + .len = 170,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x9c, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x33, 0xab, 0xd9, 0xc0, 0xa8, 0x6f, 0x02,
> + 0xc0, 0xa8, 0xde, 0x02,
> +
> + /* AH */
> + 0x01, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7b,
> + 0x00, 0x00, 0x00, 0x01,
> + 0x6c, 0x2e, 0xf7, 0x1f, 0x7c, 0x70, 0x39, 0xa3,
> + 0x4a, 0x77, 0x01, 0x47, 0x9e, 0x45, 0x73, 0x51,
> +
> + /* ICMP */
> + 0x08, 0x00, 0xfb, 0x37, 0x12, 0x34, 0x00, 0x00,
> + 0xba, 0xbe, 0x01, 0x23, 0x45, 0x67, 0xca, 0xfe,
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
> + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
> + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
> + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
> + 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
> + 0x58, 0x59, 0x5a, 0x5d,
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_esp_null_sha256_1 = {
> + .len = 170,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x9c, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x32, 0xab, 0xda, 0xc0, 0xa8, 0x6f, 0x02,
> + 0xc0, 0xa8, 0xde, 0x02,
> +
> + /* ESP */
> + 0x00, 0x00, 0x00, 0x7b, 0x00, 0x00, 0x00, 0x01,
> +
> + /* ICMP */
> + 0x08, 0x00, 0xfb, 0x37, 0x12, 0x34, 0x00, 0x00,
> + 0xba, 0xbe, 0x01, 0x23, 0x45, 0x67, 0xca, 0xfe,
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
> + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
> + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
> + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
> + 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
> + 0x58, 0x59, 0x5a, 0x5b,
> +
> + /* ESP TRL */
> + 0x01, 0x02, 0x02, 0x01,
> +
> + /* ICV */
> + 0xe9, 0x81, 0xcd, 0x65, 0x9b, 0x25, 0x0b, 0x33,
> + 0xe2, 0xf3, 0x83, 0xf1, 0x6d, 0x14, 0xb4, 0x1f,
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_esp_tun_null_sha256_1
> = {
> + .len = 190,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0xb0, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x32, 0x19, 0x18, 0x0a, 0x00, 0x6f, 0x02,
> + 0x0a, 0x00, 0xde, 0x02,
> +
> + /* ESP */
> + 0x00, 0x00, 0x00, 0x7b, 0x00, 0x00, 0x00, 0x01,
> +
> + /* Inner IP */
> + 0x45, 0x00, 0x00, 0x80, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x01, 0xac, 0x27, 0xc0, 0xa8, 0x6f, 0x02,
> + 0xc0, 0xa8, 0xde, 0x02,
> +
> + /* ICMP */
> + 0x08, 0x00, 0xfb, 0x37, 0x12, 0x34, 0x00, 0x00,
> + 0xba, 0xbe, 0x01, 0x23, 0x45, 0x67, 0xca, 0xfe,
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
> + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
> + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
> + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
> + 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
> + 0x58, 0x59, 0x5a, 0x5b,
> +
> + /* ESP TRL */
> + 0x01, 0x02, 0x02, 0x04,
> +
> + /* ICV */
> + 0x73, 0x8d, 0xf6, 0x9a, 0x26, 0x06, 0x4d, 0xa1,
> + 0x88, 0x37, 0x65, 0xab, 0x0d, 0xe9, 0x95, 0x3b,
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_esp_null_sha256_1_bad1
> = {
> + .len = 170,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x9c, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x32, 0xab, 0xda, 0xc0, 0xa8, 0x6f, 0x02,
> + 0xc0, 0xa8, 0xde, 0x02,
> +
> + /* ESP */
> + 0x00, 0x00, 0x00, 0x7b, 0x00, 0x00, 0x00, 0x01,
> +
> + /* ICMP */
> + 0x08, 0x00, 0xfb, 0x37, 0x12, 0x34, 0x00, 0x00,
> + 0xba, 0xbe, 0x01, 0x23, 0x45, 0x67, 0xca, 0xfe,
> + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
> + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
> + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
> + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
> + 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
> + 0x58, 0x59, 0x5a, 0x5b,
> +
> + /* ESP TRL */
> + 0x01, 0x02, 0x02, 0x01,
> +
> + /* ICV */
> + 0x18, 0x00, 0x14, 0x3a, 0x54, 0x72, 0x98, 0xe8,
> + 0xc7, 0x2d, 0xfa, 0xeb, 0x70, 0xe0, 0x24, 0xdf,
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_esp_aes_cbc_null_1 =
> {
> + .len = 170,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x9c, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x32, 0xab, 0xca, 0xc0, 0xa8, 0x6f, 0x02,
> + 0xc0, 0xa8, 0xde, 0x02,
> +
> + /* ESP */
> + 0x00, 0x00, 0x00, 0x7b, 0x00, 0x00, 0x00, 0x01,
> +
> + /* IV */
> + 0x96, 0xfa, 0x74, 0x56, 0x78, 0xe4, 0xbb, 0x0c,
> + 0x9e, 0x6e, 0x4a, 0xeb, 0x44, 0xd9, 0xf2, 0xe6,
> +
> + /* data */
> + 0x2f, 0xb3, 0xa6, 0xfe, 0x2c, 0x2e, 0xce, 0x65,
> + 0x3a, 0x57, 0xe3, 0x09, 0x5d, 0x66, 0x36, 0x32,
> + 0xb1, 0xc2, 0x59, 0x58, 0xb6, 0xe5, 0x9e, 0xa2,
> + 0x07, 0xf8, 0x26, 0x4a, 0x64, 0xf5, 0x16, 0x01,
> + 0x51, 0x8e, 0xe5, 0x4b, 0x07, 0x2c, 0x4b, 0x23,
> + 0xfa, 0x4e, 0x6e, 0xdb, 0x35, 0xc7, 0x1d, 0x30,
> + 0x42, 0xd9, 0x0f, 0xba, 0x8a, 0x69, 0x7e, 0x29,
> + 0xe7, 0xbd, 0x15, 0xe9, 0x35, 0x9e, 0x81, 0xe7,
> + 0x9e, 0xc9, 0x7d, 0x66, 0x99, 0x58, 0xec, 0x45,
> + 0x29, 0xd0, 0xa4, 0xfd, 0xf1, 0xe7, 0x5b, 0x3e,
> + 0x2a, 0x77, 0x1d, 0x8f, 0x2b, 0x73, 0xba, 0xf8,
> + 0x72, 0xd2, 0xa0, 0x0b, 0x90, 0xb9, 0x73, 0x9c,
> + 0xde, 0x3c, 0xc3, 0xb8, 0x91, 0x97, 0xc4, 0x28,
> + 0xfa, 0x6d, 0xa8, 0x41, 0xb6, 0x83, 0xc8, 0xaa,
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_esp_aes_cbc_sha256_1
> = {
> + .len = 186,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0xac, 0x00, 0x00, 0x00, 0x00,
> + 0x40, 0x32, 0xab, 0xca, 0xc0, 0xa8, 0x6f, 0x02,
> + 0xc0, 0xa8, 0xde, 0x02,
> +
> + /* ESP */
> + 0x00, 0x00, 0x00, 0x7b, 0x00, 0x00, 0x00, 0x01,
> +
> + /* IV */
> + 0x96, 0xfa, 0x74, 0x56, 0x78, 0xe4, 0xbb, 0x0c,
> + 0x9e, 0x6e, 0x4a, 0xeb, 0x44, 0xd9, 0xf2, 0xe6,
> +
> + /* data */
> + 0x2f, 0xb3, 0xa6, 0xfe, 0x2c, 0x2e, 0xce, 0x65,
> + 0x3a, 0x57, 0xe3, 0x09, 0x5d, 0x66, 0x36, 0x32,
> + 0xb1, 0xc2, 0x59, 0x58, 0xb6, 0xe5, 0x9e, 0xa2,
> + 0x07, 0xf8, 0x26, 0x4a, 0x64, 0xf5, 0x16, 0x01,
> + 0x51, 0x8e, 0xe5, 0x4b, 0x07, 0x2c, 0x4b, 0x23,
> + 0xfa, 0x4e, 0x6e, 0xdb, 0x35, 0xc7, 0x1d, 0x30,
> + 0x42, 0xd9, 0x0f, 0xba, 0x8a, 0x69, 0x7e, 0x29,
> + 0xe7, 0xbd, 0x15, 0xe9, 0x35, 0x9e, 0x81, 0xe7,
> + 0x9e, 0xc9, 0x7d, 0x66, 0x99, 0x58, 0xec, 0x45,
> + 0x29, 0xd0, 0xa4, 0xfd, 0xf1, 0xe7, 0x5b, 0x3e,
> + 0x2a, 0x77, 0x1d, 0x8f, 0x2b, 0x73, 0xba, 0xf8,
> + 0x72, 0xd2, 0xa0, 0x0b, 0x90, 0xb9, 0x73, 0x9c,
> + 0xde, 0x3c, 0xc3, 0xb8, 0x91, 0x97, 0xc4, 0x28,
> + 0xfa, 0x6d, 0xa8, 0x41, 0xb6, 0x83, 0xc8, 0xaa,
> +
> + /* IV */
> + 0x8a, 0x39, 0x10, 0x07, 0x02, 0x97, 0xbb, 0x1c,
> + 0x59, 0xb7, 0x70, 0x33, 0xa4, 0x26, 0xa2, 0xb8
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_rfc3602_5 = {
> + .len = 98,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH - not a part of RFC, added for simplicity */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x54, 0x08, 0xf2, 0x00, 0x00,
> + 0x40, 0x01, 0xf9, 0xfe, 0xc0, 0xa8, 0x7b, 0x03,
> + 0xc0, 0xa8, 0x7b, 0x64,
> +
> + /* ICMP */
> + 0x08, 0x00, 0x0e, 0xbd, 0xa7, 0x0a, 0x00, 0x00,
> + 0x8e, 0x9c, 0x08, 0x3d, 0xb9, 0x5b, 0x07, 0x00,
> + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
> + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> +
> + },
> +};
> +
> +static const ODP_UNUSED ipsec_test_packet pkt_rfc3602_5_esp = {
> + .len = 138,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH - not a part of RFC, added for simplicity */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x7c, 0x08, 0xf2, 0x00, 0x00,
> + 0x40, 0x32, 0xf9, 0xa5, 0xc0, 0xa8, 0x7b, 0x03,
> + 0xc0, 0xa8, 0x7b, 0x64,
> +
> + /* ESP */
> + 0x00, 0x00, 0x43, 0x21, 0x00, 0x00, 0x00, 0x01,
> +
> + /* IV */
> + 0xe9, 0x6e, 0x8c, 0x08, 0xab, 0x46, 0x57, 0x63,
> + 0xfd, 0x09, 0x8d, 0x45, 0xdd, 0x3f, 0xf8, 0x93,
> +
> + /* data */
> + 0xf6, 0x63, 0xc2, 0x5d, 0x32, 0x5c, 0x18, 0xc6,
> + 0xa9, 0x45, 0x3e, 0x19, 0x4e, 0x12, 0x08, 0x49,
> + 0xa4, 0x87, 0x0b, 0x66, 0xcc, 0x6b, 0x99, 0x65,
> + 0x33, 0x00, 0x13, 0xb4, 0x89, 0x8d, 0xc8, 0x56,
> + 0xa4, 0x69, 0x9e, 0x52, 0x3a, 0x55, 0xdb, 0x08,
> + 0x0b, 0x59, 0xec, 0x3a, 0x8e, 0x4b, 0x7e, 0x52,
> + 0x77, 0x5b, 0x07, 0xd1, 0xdb, 0x34, 0xed, 0x9c,
> + 0x53, 0x8a, 0xb5, 0x0c, 0x55, 0x1b, 0x87, 0x4a,
> + 0xa2, 0x69, 0xad, 0xd0, 0x47, 0xad, 0x2d, 0x59,
> + 0x13, 0xac, 0x19, 0xb7, 0xcf, 0xba, 0xd4, 0xa6,
> + },
> +};
> +
> +static const ipsec_test_packet pkt_rfc3602_6 = {
> + .len = 62,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH - not a part of RFC, added for simplicity */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x30, 0x08, 0xfe, 0x00, 0x00,
> + 0x40, 0x01, 0xfa, 0x16, 0xc0, 0xa8, 0x7b, 0x03,
> + 0xc0, 0xa8, 0x7b, 0x64,
> +
> + /* ICMP */
> + 0x08, 0x00, 0xb5, 0xe8, 0xa8, 0x0a, 0x05, 0x00,
> + 0xa6, 0x9c, 0x08, 0x3d, 0x0b, 0x66, 0x0e, 0x00,
> + 0x77, 0x77, 0x77, 0x77, 0x77, 0x77, 0x77, 0x77,
> + 0x77, 0x77, 0x77, 0x77,
> + },
> +};
> +
> +static const ipsec_test_packet pkt_rfc3602_6_esp = {
> + .len = 90,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH - not a part of RFC, added for simplicity */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x4c, 0x08, 0xfe, 0x00, 0x00,
> + 0x40, 0x32, 0xf9, 0xc9, 0xc0, 0xa8, 0x7b, 0x03,
> + 0xc0, 0xa8, 0x7b, 0x64,
> +
> + /* ESP */
> + 0x00, 0x00, 0x43, 0x21, 0x00, 0x00, 0x00, 0x08,
> +
> + /* IV */
> + 0x69, 0xd0, 0x8d, 0xf7, 0xd2, 0x03, 0x32, 0x9d,
> + 0xb0, 0x93, 0xfc, 0x49, 0x24, 0xe5, 0xbd, 0x80,
> +
> + /* data */
> + 0xf5, 0x19, 0x95, 0x88, 0x1e, 0xc4, 0xe0, 0xc4,
> + 0x48, 0x89, 0x87, 0xce, 0x74, 0x2e, 0x81, 0x09,
> + 0x68, 0x9b, 0xb3, 0x79, 0xd2, 0xd7, 0x50, 0xc0,
> + 0xd9, 0x15, 0xdc, 0xa3, 0x46, 0xa8, 0x9f, 0x75,
> + },
> +};
> +
> +static const ipsec_test_packet pkt_rfc3602_7 = {
> + .len = 98,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH - not a part of RFC, added for simplicity */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x54, 0x09, 0x04, 0x00, 0x00,
> + 0x40, 0x01, 0xf9, 0x88, 0xc0, 0xa8, 0x7b, 0x03,
> + 0xc0, 0xa8, 0x7b, 0xc8,
> +
> + /* ICMP */
> + 0x08, 0x00, 0x9f, 0x76, 0xa9, 0x0a, 0x01, 0x00,
> + 0xb4, 0x9c, 0x08, 0x3d, 0x02, 0xa2, 0x04, 0x00,
> + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
> + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
> + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
> + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
> + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
> + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
> + },
> +};
> +
> +static const ipsec_test_packet pkt_rfc3602_7_esp = {
> + .len = 154,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH - not a part of RFC, added for simplicity */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x8c, 0x09, 0x05, 0x00, 0x00,
> + 0x40, 0x32, 0xf9, 0x1e, 0xc0, 0xa8, 0x7b, 0x03,
> + 0xc0, 0xa8, 0x7b, 0xc8,
> +
> + /* ESP */
> + 0x00, 0x00, 0x87, 0x65, 0x00, 0x00, 0x00, 0x02,
> +
> + /* IV */
> + 0xf4, 0xe7, 0x65, 0x24, 0x4f, 0x64, 0x07, 0xad,
> + 0xf1, 0x3d, 0xc1, 0x38, 0x0f, 0x67, 0x3f, 0x37,
> +
> + /* data */
> + 0x77, 0x3b, 0x52, 0x41, 0xa4, 0xc4, 0x49, 0x22,
> + 0x5e, 0x4f, 0x3c, 0xe5, 0xed, 0x61, 0x1b, 0x0c,
> + 0x23, 0x7c, 0xa9, 0x6c, 0xf7, 0x4a, 0x93, 0x01,
> + 0x3c, 0x1b, 0x0e, 0xa1, 0xa0, 0xcf, 0x70, 0xf8,
> + 0xe4, 0xec, 0xae, 0xc7, 0x8a, 0xc5, 0x3a, 0xad,
> + 0x7a, 0x0f, 0x02, 0x2b, 0x85, 0x92, 0x43, 0xc6,
> + 0x47, 0x75, 0x2e, 0x94, 0xa8, 0x59, 0x35, 0x2b,
> + 0x8a, 0x4d, 0x4d, 0x2d, 0xec, 0xd1, 0x36, 0xe5,
> + 0xc1, 0x77, 0xf1, 0x32, 0xad, 0x3f, 0xbf, 0xb2,
> + 0x20, 0x1a, 0xc9, 0x90, 0x4c, 0x74, 0xee, 0x0a,
> + 0x10, 0x9e, 0x0c, 0xa1, 0xe4, 0xdf, 0xe9, 0xd5,
> + 0xa1, 0x00, 0xb8, 0x42, 0xf1, 0xc2, 0x2f, 0x0d,
> + },
> +};
> +
> +static const ipsec_test_packet pkt_rfc3602_8 = {
> + .len = 82,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH - not a part of RFC, added for simplicity */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x44, 0x09, 0x0c, 0x00, 0x00,
> + 0x40, 0x01, 0xf9, 0x90, 0xc0, 0xa8, 0x7b, 0x03,
> + 0xc0, 0xa8, 0x7b, 0xc8,
> +
> + /* ICMP */
> + 0x08, 0x00, 0xd6, 0x3c, 0xaa, 0x0a, 0x02, 0x00,
> + 0xc6, 0x9c, 0x08, 0x3d, 0xa3, 0xde, 0x03, 0x00,
> + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
> + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
> + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
> + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
> + },
> +};
> +
> +static const ipsec_test_packet pkt_rfc3602_8_esp = {
> + .len = 138,
> + .l2_offset = 0,
> + .l3_offset = 14,
> + .l4_offset = 34,
> + .data = {
> + /* ETH - not a part of RFC, added for simplicity */
> + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
> + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
> +
> + /* IP */
> + 0x45, 0x00, 0x00, 0x7c, 0x09, 0x0d, 0x00, 0x00,
> + 0x40, 0x32, 0xf9, 0x26, 0xc0, 0xa8, 0x7b, 0x03,
> + 0xc0, 0xa8, 0x7b, 0xc8,
> +
> + /* ESP */
> + 0x00, 0x00, 0x87, 0x65, 0x00, 0x00, 0x00, 0x05,
> +
> + /* IV */
> + 0x85, 0xd4, 0x72, 0x24, 0xb5, 0xf3, 0xdd, 0x5d,
> + 0x21, 0x01, 0xd4, 0xea, 0x8d, 0xff, 0xab, 0x22,
> +
> + /* data */
> + 0x15, 0xb9, 0x26, 0x83, 0x81, 0x95, 0x96, 0xa8,
> + 0x04, 0x72, 0x32, 0xcc, 0x00, 0xf7, 0x04, 0x8f,
> + 0xe4, 0x53, 0x18, 0xe1, 0x1f, 0x8a, 0x0f, 0x62,
> + 0xed, 0xe3, 0xc3, 0xfc, 0x61, 0x20, 0x3b, 0xb5,
> + 0x0f, 0x98, 0x0a, 0x08, 0xc9, 0x84, 0x3f, 0xd3,
> + 0xa1, 0xb0, 0x6d, 0x5c, 0x07, 0xff, 0x96, 0x39,
> + 0xb7, 0xeb, 0x7d, 0xfb, 0x35, 0x12, 0xe5, 0xde,
> + 0x43, 0x5e, 0x72, 0x07, 0xed, 0x97, 0x1e, 0xf3,
> + 0xd2, 0x72, 0x6d, 0x9b, 0x5e, 0xf6, 0xaf, 0xfc,
> + 0x6d, 0x17, 0xa0, 0xde, 0xcb, 0xb1, 0x38, 0x92,
> + },
> +};
> +
> +#endif
>
>
--
Thanks,
Kevin
