[dpdk-dev] [PATCH v5 0/5] Add lookaside IPsec tests

[Akhil Goyal]

> Add lookaside IPsec functional tests. Known vector tests and
> combined mode framework is added.
> 
> Known vectors are outbound vectors based on
> https://datatracker.ietf.org/doc/html/draft-mcgrew-gcm-test-01
> 
> The vectors are updated to have sequence number as 1 & L4 checksum
> computed correctly. And they have following properties,
> 1. ESP
> 2. Tunnel mode
> 3. IPv4
> 4. IPv4 tunnel
> 
> Known vector tests for inbound operation would generate test vectors by
> reversing outbound known vectors. The input_text would become encrypted
> packet and output_text would be the plain packet. Tests would then validate
> the operation by comparing against plain packet.
> 
> Combined mode tests are used to test all IPsec features against all ciphers
> supported by the PMD. The framework is introduced to avoid testing
> with any specific algo, thereby making it mandatory to be supported. Also,
> testing with all supported combinations will help with increasing coverage
> as well.
> 
> Four test cases use combined mode,
> 1. Display algo coverage and basic in + out tests
> 2. Negative test for ICV corruption
> 3. IV generation
> 4. UDP encapsulation
> 
> IV generation test case compares IV generated for a batch of packets and
> returns
> failure if IV is repeated.
> 
> Upcoming additions,
> 1. AES-CBC-SHA1-HMAC known vectors & combined mode
> 2. IPv6
> 3. Transport
> 4. Mixed mode (IPv4-in-IPv6 etc, all combinations)
> 
> Tested with following PMDs
> 1. crypto_octeontx2
> 2. crypto_cn10k
> 3. crypto_cn9k
> 
> Changes in v5:
> - Fixed lack of return check with dev_configure_and_start() (comment from
> Akhil)
> - Adjusted patch title and description (comment from Akhil)
> 
Applied to dpdk-next-crypto

Thanks.