[dts] [PATCH v2] tests: Add l2fwd_crypto test plan and test suite

Chen, Zhaoyan zhaoyan.chen at intel.com
Thu Jul 28 08:50:27 CEST 2016


From: "Chen, Zhaoyan" <zhaoyan.chen at intel.com>

This suite will verify the cryptodev library via dpdk l2fwd, tests
will cover all supported PMDs and Algorithms.
---
 test_plans/l2fwd_crypto_test_plan.rst | 462 ++++++++++++++++++++
 tests/TestSuite_l2fwd_crypto.py       | 774 ++++++++++++++++++++++++++++++++++
 2 files changed, 1236 insertions(+)
 create mode 100644 test_plans/l2fwd_crypto_test_plan.rst
 create mode 100644 tests/TestSuite_l2fwd_crypto.py

diff --git a/test_plans/l2fwd_crypto_test_plan.rst b/test_plans/l2fwd_crypto_test_plan.rst
new file mode 100644
index 0000000..1492df7
--- /dev/null
+++ b/test_plans/l2fwd_crypto_test_plan.rst
@@ -0,0 +1,462 @@
+.. Copyright (c) 2010,2011 Intel Corporation
+   All rights reserved.
+   
+   Redistribution and use in source and binary forms, with or without
+   modification, are permitted provided that the following conditions
+   are met:
+   
+   - Redistributions of source code must retain the above copyright
+     notice, this list of conditions and the following disclaimer.
+   
+   - Redistributions in binary form must reproduce the above copyright
+     notice, this list of conditions and the following disclaimer in
+     the documentation and/or other materials provided with the
+     distribution.
+   
+   - Neither the name of Intel Corporation nor the names of its
+     contributors may be used to endorse or promote products derived
+     from this software without specific prior written permission.
+   
+   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+   FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+   COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+   INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+   (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+   SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+   HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+   STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+   ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+   OF THE POSSIBILITY OF SUCH DAMAGE.
+
+==============================================
+Testing of CryptoDev in DPDK
+==============================================
+
+
+Description
+===========
+
+This document provides the plan for testing CryptoDev API. CryptoDev API 
+provides the ability to do encryption/decryption by integrating QAT(Intel® QuickAssist 
+Technology) into DPDK. The QAT provides poll mode crypto driver support for 
+Intel® QuickAssist Adapter 8950 hardware accelerator.
+
+The testing of CrytpoDev API should be tested under either Intel QuickAssist Technology DH895xxC hardware 
+accelerator or AES-NI library.
+
+AES-NI algorithm table 
+The table below contains AES-NI Algorithms with CryptoDev API. 
+Part of the algorithms are not supported currently.
+
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+   
+|Algorithm|  Mode             | Detail                                                                    | 
+|         |                                                                                               |
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+
+| AES     | CBC               |  Encrypt/Decrypt;Key size: 128, 192, 256 bits                             | 
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+
+| SHA     |                   |  SHA-1, SHA-224, SHA-384, SHA-256, SHA-512                                | 
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+
+| HMAC    |                   |  Support SHA implementations SHA-1, SHA-224, SHA-256, SHA-384, SHA-512;   |
+|         |                   |  Key Size versus Block size support: Key Size must be <= block size;      |
+|         |                   |  Mac Len Supported SHA-1 10, 12, 16, 20 bytes;                            |
+|         |                   |  Mac Len Supported SHA-256 16, 24, 32 bytes;                              |
+|         |                   |  Mac Len Supported SHA-384 24,32, 40, 48 bytes;                           |
+|         |                   |  Mac Len Supported SHA-512 32, 40, 48, 56, 64 bytes;                      |
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+
+
+QAT algorithm table:
+The table below contains Cryptographic Algorithm Validation with CryptoDev API. 
+Part of the algorithms are not supported currently.
+
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+
+|Algorithm|  Mode             | Detail                                                                    | 
+|         |                                                                                               |
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+
+| AES     | CBC               |  Encrypt/Decrypt;Key size: 128, 192, 256 bits                             | 
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+
+| SHA     |                   |  SHA-1, SHA-224, SHA-256, SHA-512                                         |
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+
+| HMAC    |                   |  Support SHA implementations SHA-1, SHA-224, SHA-256, SHA-512;            |
+|         |                   |  Key Size versus Block size support: Key Size must be <= block size;      |
+|         |                   |  Mac Len Supported SHA-1 10, 12, 16, 20 bytes;                            |
+|         |                   |  Mac Len Supported SHA-224 14,16,20,24,28 bytes;                          |
+|         |                   |  Mac Len Supported SHA-256 16, 24, 32 bytes;                              |
+|         |                   |  Mac Len Supported SHA-384 24,32, 40, 48 bytes;                           |
+|         |                   |  Mac Len Supported SHA-512 32, 40, 48, 56, 64 bytes;                      |
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+
+| GCM     |                   |  Key Sizes:128, 192, 256 bits;                                            |
+|         |                   |  Associated Data Length: 0 ~ 240 bytes;                                   |
+|         |                   |  Payload Length: 0 ~ (2^32 -1) bytes;                                     |
+|         |                   |  IV source: external;                                                     |
+|         |                   |  IV Lengths: 96 bits;                                                     |
+|         |                   |  Tag Lengths: 8, 12, 16 bytes;                                            |
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+
+| Snow3G  |  UEA2             |  Encrypt/Decrypt; Key size: 128                                           |
++         +---------+---------+---------+----------+----------+----------+----------+----------+----------+
+|         |  UIA2             |  Encrypt/Decrypt; Key size: 128                                           |
++---------+---------+---------+---------+----------+----------+----------+----------+----------+----------+
+
+Limitations
+=============
+* Chained mbufs are not supported.
+* Hash only is not supported.
+* Cipher only is not supported (except Snow3g).
+* Only in-place is currently supported (destination address is the same as source address).
+* Only supports the session-oriented API implementation by QAT.  Support session-oriented and session-less APIs with AES-NI.
+* Not performance tuned.
+
+Prerequisites
+=============
+To test CryptoDev API, an example l2fwd-crypto is added into DPDK.
+
+The test commands of l2fwd-crypto is below::
+  * ./examples/l2fwd-crypto/build/app/l2fwd-crypto -n 4 -c COREMASK -- -p PORTMASK -q NQ --cdev (AESNI_MB|QAT) --chain (HASH_CIPHER|CIPHER_HASH) --cipher_algo (ALGO) --cipher_op (ENCRYPT|DECRYPT) --cipher_key (key_value) --iv (key_value) --auth_algo (ALGO) --auth_op (GENERATE|VERIFY) --auth_key (key_value) --sessionless
+
+The operation of l2fwd-crypto are in 2 ways.
+* For method CIPHER_HASH, the l2fwd-crypto will encrypt payload in packet first.
+Then do authentification for the encrypted data. 
+* For method HASH_CIPHER, the l2fwd-crypto will authenticate payload in packet first.
+Then do encryption for the encrypted data. 
+
+To do the function test, scapy can be used as traffic generator.
+To do the performance test, traffic generator can be hardware equipment or 
+software traffic generator.
+
+The CryptoDev API supports Fedora or FreeBSD.
+
+QAT/AES-NI installation 
+==========================
+If CryptoDev needs to use QAT to do encryption/decryption, QAT should be installed 
+correctly. The steps how to install QAT is described in DPDK code directory 
+dpdk/doc/guides/cryptodevs/qat.rst.
+
+Once the driver is loaded, the software versions may be checked for each ‘dh89xxCC_devX’ device as follows:
+    more /proc/icp_dh895xcc_dev0/version
+
+    +--------------------------------------------------+
+    | Hardware and Software versions for device 0      |
+    +--------------------------------------------------+
+    |Hardware Version:             A0 SKU4             |
+    |Firmware Version:             2.3.0               |
+    |MMP Version:                  1.0.0               |
+    |Driver Version:               2.3.0               |
+    |Lowest Compatible Driver:     2.3                 |
+    |QuickAssist API CY Version:   1.8                 |
+    |QuickAssist API DC Version:   1.4                 |
+    +--------------------------------------------------+
+
+If CryptoDev needs to use AES-NI to do encryption/decryption, AES-NI library should be install 
+correctly. The steps how to use AES-NI libary is described in DPDK code directory 
+dpdk/doc/guides/cryptodevs/aesni_mb.rst.
+
+Test case: Configuration test
+====================================================
+CryptoDev API supports different configuration.
+This test tests different configuration with CrptoDev API.
+
+Test case: CrytoDev Unit test
+====================================================
+The CrytoDev API has Unit test cases to support basic API level testing.
+
+Compile Unit test
+   cd isg_cid-dpdk_org/app/test
+   make
+
+Sub-case: AES-NI test case
+------------------------------------------------------
+run ./test -c 0xf -n 2 -- -i
+>>cryptodev_aesni_autotest
+  
+
+Sub-case: QAT test case
+------------------------------------------------------
+run ./test -c 0xf -n 2 -- -i
+>>cryptodev_qat_autotest
+
+Test case: CryptoDev Function test
+====================================================
+For function test, the DUT forward UDP packets generated by scapy. 
+
+After sending single packet from Scapy, Crytpodev function encrypt/decrypt the 
+payload in packet by using algorithm setting in command. The l2fwd-crypto 
+forward the packet back to tester. 
+Use TCPDump to capture the received packet on tester. Then tester parses the payload 
+and compare the payload with correct answer pre-stored in scripts.
++----------+                 +----------+
+|          |                 |          |
+|          | --------------> |          |
+|  Tester  |                 |   DUT    |
+|          |                 |          |
+|          | <-------------> |          |
++----------+                 +----------+
+
+Sub-case: AES-NI test case
+------------------------------------------------------
+Cryptodev AES-NI algorithm validation matrix is showed in table below.
++-------------+-------------+-------------+-------------+-------------+-------------+
+|   Method    | Cipher_algo |  Cipher_op  | Cipyer_key  |  Auth_algo  |   Auth_op   |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA512_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  XCBC_MAC   | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  MD5_HMAC   | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA224_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA512_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         | AES_XCMC_MAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA224_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+
+Sub-case: QAT AES test case
+------------------------------------------------------
+Cryptodev QAT AES algorithm validation matrix is showed in table below.
+
++-------------+-------------+-------------+-------------+-------------+-------------+
+|   Method    | Cipher_algo |  Cipher_op  | Cipyer_key  |  Auth_algo  |   Auth_op   |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA512_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  XCBC_MAC   | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  MD5_HMAC   | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA224_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA512_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         | AES_XCMC_MAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA224_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+
+Sub-case: QAT GCM test case
+------------------------------------------------------
+Cryptodev GCM algorithm validation matrix is showed in table below.
++-------------+-------------+-------------+-------------+-------------+-------------+
+|   Method    | Cipher_algo |  Cipher_op  | Cipyer_key  |  Auth_algo  |   Auth_op   |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 128         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 128         |  SHA512_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 128         |  XCBC_MAC   | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  MD5_HMAC   | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA224_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA512_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         | AES_XCMC_MAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA224_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+
+Sub-case: AES-NI GCM test case
+------------------------------------------------------
+Cryptodev GCM algorithm validation matrix is showed in table below.
++-------------+-------------+-------------+-------------+-------------+-------------+
+|   Method    | Cipher_algo |  Cipher_op  | Cipyer_key  |  Auth_algo  |   Auth_op   |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 128         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 128         |  SHA512_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_GCM     | ENCRYPT     | 128         |  XCBC_MAC   | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  MD5_HMAC   | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA224_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA512_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         | AES_XCMC_MAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_GCM     | ENCRYPT     | 128         |  SHA224_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+
+
+Sub-case: QAT Snow3G test case
+------------------------------------------------------
+Cryptodev Snow3G algorithm validation matrix is showed in table below.
+Cipher only, hash-only and chaining functionality is supported for Snow3g.
++-------------+-------------+-------------+-------------+
+|   Method    | Cipher_algo |  Cipher_op  | Cipyer_key  | 
++-------------+-------------+-------------+-------------+
+|    CIPHER   | ECB         | ENCRYPT     | 128         | 
++-------------+-------------+-------------+-------------+
+
+
+Test case: CryptoDev performance test
+=======================================
+For performance test, the DUT forward UDP packets generated by traffic generator. 
+Also, queue and core number should be set into maximun number. 
++----------+                 +----------+
+|          |                 |          |
+|          | --------------> |          |
+|   IXIA   |                 |   DUT    |
+|          |                 |          |
+|          | <-------------> |          |
++----------+                 +----------+
+
+CryptoDev performance should be measured from different aspects ad below.
++-------+---------+---------+---------+----------+----------+ 
+| Frame | 1S/1C/1T| 1S/1C/1T| 1S/2C/1T| 1S/2C/2T | 1S/2C/2T | 
+| Size  |         |         |         |          |          | 
++-------+---------+---------+---------+----------+----------+  
+|  64   |         |         |         |          |          | 
++-------+---------+---------+---------+----------+----------+ 
+|  65   |         |         |         |          |          | 
++-------+---------+---------+---------+----------+----------+ 
+|  128  |         |         |         |          |          | 
++-------+---------+---------+---------+----------+----------+ 
+|  256  |         |         |         |          |          | 
++-------+---------+---------+---------+----------+----------+ 
+|  512  |         |         |         |          |          | 
++-------+---------+---------+---------+----------+----------+ 
+|  1024 |         |         |         |          |          | 
++-------+---------+---------+---------+----------+----------+ 
+|  1280 |         |         |         |          |          | 
++-------+---------+---------+---------+----------+----------+ 
+|  1518 |         |         |         |          |          | 
++-------+---------+---------+---------+----------+----------+
+
+Sub-case: AES-NI test case
+------------------------------------------------------
++-------------+-------------+-------------+-------------+-------------+-------------+
+|   Method    | Cipher_algo |  Cipher_op  | Cipyer_key  |  Auth_algo  |   Auth_op   |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  MD5_HMAC   | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA224_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA512_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+
+Sub-case: QAT AES test case
+------------------------------------------------------
++-------------+-------------+-------------+-------------+-------------+-------------+
+|   Method    | Cipher_algo |  Cipher_op  | Cipyer_key  |  Auth_algo  |   Auth_op   |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| CIPHER_HASH | AES_CBC     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  MD5_HMAC   | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 192         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 256         |  SHA1_HMAC  | GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA224_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA256_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA384_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
+| HASH_CIPHER | AES_CBC     | ENCRYPT     | 128         |  SHA512_HMAC| GENERATE    |
++-------------+-------------+-------------+-------------+-------------+-------------+
diff --git a/tests/TestSuite_l2fwd_crypto.py b/tests/TestSuite_l2fwd_crypto.py
new file mode 100644
index 0000000..0d6a52a
--- /dev/null
+++ b/tests/TestSuite_l2fwd_crypto.py
@@ -0,0 +1,774 @@
+# BSD LICENSE
+#
+# Copyright(c) 2010-2014 Intel Corporation. All rights reserved.
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+#   * Redistributions of source code must retain the above copyright
+#     notice, this list of conditions and the following disclaimer.
+#   * Redistributions in binary form must reproduce the above copyright
+#     notice, this list of conditions and the following disclaimer in
+#     the documentation and/or other materials provided with the
+#     distribution.
+#   * Neither the name of Intel Corporation nor the names of its
+#     contributors may be used to endorse or promote products derived
+#     from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+import dts
+import time
+
+from test_case import TestCase
+
+
+class TestL2fwdCrypto(TestCase):
+
+    def set_up_all(self):
+
+        self.core_config = "1S/4C/1T"
+        self.number_of_ports = 2
+        self.dut_ports = self.dut.get_ports(self.nic)
+        self.verify(len(self.dut_ports) >= self.number_of_ports,
+                    "Not enough ports for " + self.nic)
+        self.ports_socket = self.dut.get_numa_id(self.dut_ports[0])
+
+        self.logger.info("core config = " + self.core_config)
+        self.logger.info("number of ports = " + str(self.number_of_ports))
+        self.logger.info("dut ports = " + str(self.dut_ports))
+        self.logger.info("ports_socket = " + str(self.ports_socket))
+
+        self.core_mask = dts.create_mask(self.dut.get_core_list(
+                                         self.core_config,
+                                         socket=self.ports_socket))
+        self.port_mask = dts.create_mask([self.dut_ports[0],
+                                         self.dut_ports[1]])
+
+        self.tx_port = self.tester.get_local_port(self.dut_ports[0])
+        self.rx_port = self.tester.get_local_port(self.dut_ports[1])
+
+        self.tx_interface = self.tester.get_interface(self.tx_port)
+        self.rx_interface = self.tester.get_interface(self.rx_port)
+
+        self.logger.info("core mask = " + self.core_mask)
+        self.logger.info("port mask = " + self.port_mask)
+        self.logger.info("tx interface = " + self.tx_interface)
+        self.logger.info("rx interface = " + self.rx_interface)
+
+        # Rebuild the dpdk with cryptodev pmds
+        self.dut.send_expect("export AESNI_MULTI_BUFFER_LIB_PATH=/root/ipsec_043/code/", "#")
+        self.dut.send_expect("export LIBSSO_SNOW3G_PATH=/root/libsso_snow3g/snow3g/", "#")
+        self.dut.send_expect("export LIBSSO_KASUMI_PATH=/root/LibSSO_0_3_1/isg_cid-wireless_libs/ciphers/kasumi/", "#")
+        self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_QAT=n$/CONFIG_RTE_LIBRTE_PMD_QAT=y/' config/common_base", "# ")
+        self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_AESNI_GCM=n$/CONFIG_RTE_LIBRTE_PMD_AESNI_GCM=y/' config/common_base", "# ")
+        self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=n$/CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=y/' config/common_base", "# ")
+        self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_SNOW3G=n$/CONFIG_RTE_LIBRTE_PMD_SNOW3G=y/' config/common_base", "# ")
+        self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_KASUMI=n$/CONFIG_RTE_LIBRTE_PMD_KASUMI=y/' config/common_base", "# ")
+        self.dut.build_install_dpdk(self.dut.target)
+
+        # l2fwd-crypto compile
+        out = self.dut.build_dpdk_apps("./examples/l2fwd-crypto")
+        self.verify("Error" not in out, "Compilation error")
+        self.verify("No such" not in out, "Compilation error")
+
+        # Bind QAT VF devices
+        out = self.dut.send_expect("lspci -d:443|awk '{print $1}'", "# ", 10)
+        self.dut.send_expect('echo "8086 0443" > /sys/bus/pci/drivers/igb_uio/new_id', "# ", 10)
+        for line in out.replace("\r", "\n").replace("\n\n", "\n").split("\n"):
+            cmd = "echo 0000:{} > /sys/bus/pci/devices/0000\:{}/driver/unbind".format(line, line.replace(":", "\:"))
+            self.dut.send_expect(cmd, "# ", 10)
+            cmd = "echo 0000:{} > /sys/bus/pci/drivers/igb_uio/bind".format(line)
+            self.dut.send_expect(cmd, "# ", 10)
+
+    def set_up(self):
+        pass
+
+    def test_qat_AES(self):
+
+        result = True
+
+        self.logger.info("Test qat_c_AES_CBC_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "qat_c_AES_CBC_01"):
+            result = False
+
+        self.logger.info("Test qat_c_AES_CTR_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "qat_c_AES_CTR_01"):
+            result = False
+
+        self.logger.info("Test qat_c_AES_GCM_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "qat_c_AES_GCM_01"):
+            result = False
+
+        self.verify(result, True)
+
+    def test_qat_SHA(self):
+
+        result = True
+
+        self.logger.info("Test qat_h_SHA1_HMAC_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "qat_h_SHA1_HMAC_01"):
+            result = False
+
+        self.logger.info("Test qat_h_SHA256_HMAC_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "qat_h_SHA256_HMAC_01"):
+            result = False
+
+        self.logger.info("Test qat_h_SHA512_HMAC_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "qat_h_SHA512_HMAC_01"):
+            result = False
+
+        self.verify(result, True)
+
+    def test_qat_AES_XCBC_MAC(self):
+
+        result = True
+
+        self.logger.info("Test qat_h_AES_XCBC_MAC_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "qat_h_AES_XCBC_MAC_01"):
+            result = False
+
+        self.verify(result, True)
+
+    def test_qat_SNOW3G(self):
+
+        result = True
+
+        self.logger.info("Test qat_c_UEA2_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "qat_c_UEA2_01"):
+            result = False
+
+        self.logger.info("Test qat_h_UIA2_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "qat_h_UIA2_01"):
+            result = False
+
+        self.verify(result, True)
+
+    def test_qat_AES_GCM_AES_GCM(self):
+
+        result = True
+
+        self.logger.info("Test qat_ch_AES_GCM_AES_GCM_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "qat_ch_AES_GCM_AES_GCM_01"):
+            result = False
+
+        self.verify(result, True)
+
+    def test_aesni_AES_GCM_AES_GCM(self):
+
+        result = True
+
+        self.logger.info("Test aesni_ch_AES_GCM_AES_GCM_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "aesni_ch_AES_GCM_AES_GCM_01"):
+            result = False
+
+        self.verify(result, True)
+
+    def test_kasumi_KASUMI(self):
+
+        result = True
+
+        self.logger.info("Test kasumi_c_F8_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "kasumi_c_F8_01"):
+            result = False
+
+        self.logger.info("Test kasumi_h_F9_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "kasumi_h_F9_01"):
+            result = False
+
+        self.verify(result, True)
+
+    def test_null_NULL(self):
+
+        result = True
+
+        self.logger.info("Test null_c_NULL_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "null_c_NULL_01"):
+            result = False
+
+        self.verify(result, True)
+
+    def test_snow3g_SNOW3G(self):
+
+        result = True
+
+        self.logger.info("Test snow3g_c_UEA2_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "snow3g_c_UEA2_01"):
+            result = False
+
+        self.logger.info("Test snow3g_h_UIA2_01")
+        if not self.__execute_l2fwd_crypto_test(
+                test_vectors, "snow3g_h_UIA2_01"):
+            result = False
+
+        self.verify(result, True)
+
+    def __execute_l2fwd_crypto_test(self, test_vectors, test_vector_name):
+
+        if test_vector_name not in test_vectors:
+            self.logger.warn("SKIP : " + test_vector_name)
+            return True
+
+        test_vector = test_vectors[test_vector_name]
+
+        result = True
+        cmd_str = self.__test_vector_to_cmd(test_vector,
+                                            core_mask=self.core_mask,
+                                            port_mask=self.port_mask)
+
+        self.dut.send_expect(cmd_str, "==", 30)
+
+        self.tester.send_expect("rm -rf %s.pcap" % (self.rx_interface), "#")
+        self.tester.send_expect("tcpdump -w %s.pcap -i %s &" % (self.rx_interface, self.rx_interface), "#")
+        # Wait 5 sec for tcpdump stable
+        time.sleep(5)
+
+        payload = self.__format_hex_to_param(test_vector["input"], "\\x", "\\x")
+
+        PACKET_COUNT = 65
+
+        self.tester.scapy_foreground()
+        self.tester.scapy_append('sendp([Ether(src="52:00:00:00:00:00")/IP(src="192.168.1.1",dst="192.168.1.2")/Raw(load=\"%s\")], iface="%s", count=%s)' % (payload, self.tx_interface, PACKET_COUNT))
+
+        self.tester.scapy_execute()
+
+        time.sleep(5)
+
+        self.tester.send_expect("killall tcpdump", "#")
+        self.tester.send_expect("^C", "#")
+
+        # Wait 5 secs for tcpdump exit
+        time.sleep(5)
+
+        self.tester.send_expect("scapy", ">>>")
+        self.tester.send_expect("p=rdpcap('%s.pcap', count=%s)" % (self.rx_interface, PACKET_COUNT), ">>>")
+
+        hex_list = []
+        for i in range(PACKET_COUNT):
+            cmd = "linehexdump(p[%s],onlyhex=1)" % i
+            hex_list.append(self.tester.send_expect(cmd, ">>>"))
+
+        # Exit the scapy
+        self.tester.send_expect("exit()", "#", 60)
+
+        for hex_str in hex_list:
+            packet_hex = hex_str.split(" ")
+            # self.logger.info(hex_str)
+            # self.logger.info(packet_hex)
+
+            cipher_offset = 34
+            cipher_length = len(test_vector["output_cipher"])/2
+            if cipher_length == 0:
+                cipher_length = len(test_vector["input"])/2
+            cipher_text = "".join(packet_hex[cipher_offset:cipher_offset+cipher_length])
+            # self.logger.info("Cipher text in packet = " + cipher_text)
+            # self.logger.info("Ref Cipher text       = " + test_vector["output_cipher"])
+            if str.lower(cipher_text) == str.lower(test_vector["output_cipher"]):
+                self.logger.info("Cipher Matched.")
+            else:
+                if test_vector["output_cipher"] != "":
+                    result = False
+                    self.logger.info("Cipher NOT Matched.")
+                    self.logger.info("Cipher text in packet = " + cipher_text)
+                    self.logger.info("Ref Cipher text       = " + test_vector["output_cipher"])
+                else:
+                    self.logger.info("Skip Cipher, Since no cipher text set")
+
+            hash_offset = cipher_offset + cipher_length
+            hash_length = len(test_vector["output_hash"])/2
+            if hash_length != 0:
+                hash_text = "".join(packet_hex[hash_offset:hash_offset+hash_length])
+                # self.logger.info("Hash text in packet = " + hash_text)
+                # self.logger.info("Ref Hash text       = " + test_vector["output_hash"])
+                if str.lower(hash_text) == str.lower(test_vector["output_hash"]):
+                    self.logger.info("Hash Matched")
+                else:
+                    result = False
+                    self.logger.info("Hash NOT Matched")
+                    self.logger.info("Hash text in packet = " + hash_text)
+                    self.logger.info("Ref Hash text       = " + test_vector["output_hash"])
+            else:
+                self.logger.info("Skip Hash, Since no hash text set")
+
+        # Close l2fwd-crypto
+        # self.dut.send_expect("killall -9 l2fwd-crypto", "# ", 15)
+        self.dut.send_expect("^C", "# ", 15)
+
+        if result:
+            self.logger.info("PASSED")
+        else:
+            self.logger.info("FAILED")
+
+        return result
+
+    def tear_down(self):
+        pass
+
+    def tear_down_all(self):
+        self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_QAT=y$/CONFIG_RTE_LIBRTE_PMD_QAT=n/' config/common_base", "# ")
+        self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_AESNI_GCM=y$/CONFIG_RTE_LIBRTE_PMD_AESNI_GCM=n/' config/common_base", "# ")
+        self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=y$/CONFIG_RTE_LIBRTE_PMD_NULL_CRYPTO=n/' config/common_base", "# ")
+        self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_SNOW3G=y$/CONFIG_RTE_LIBRTE_PMD_SNOW3G=n/' config/common_base", "# ")
+        self.dut.send_expect("sed -i 's/CONFIG_RTE_LIBRTE_PMD_KASUMI=y$/CONFIG_RTE_LIBRTE_PMD_KASUMI=n/' config/common_base", "# ")
+
+    def __test_vector_to_cmd(self, test_vector, core_mask="", port_mask=""):
+        L2FWD_CRYPTO_APP = "./examples/l2fwd-crypto/build/app/l2fwd-crypto"
+        EAL_CORE_MASK = " -cf" if core_mask == "" else " -c" + core_mask
+        EAL_MM_CHANNEL = " -n4"
+        EAL_SEP = " --"
+        PORT_MASK = "" if port_mask == "" else " -p" + port_mask
+        QUEUE_NUM = ""
+
+        vdev = ""
+        if self.__check_field_in_vector(test_vector, "vdev"):
+            vdev = " --vdev " + test_vector["vdev"]
+
+        chain = ""
+        if self.__check_field_in_vector(test_vector, "chain"):
+            chain = " --chain " + test_vector["chain"]
+
+        cdev_type = ""
+        if self.__check_field_in_vector(test_vector, "cdev_type"):
+            cdev_type = " --cdev_type " + test_vector["cdev_type"]
+
+        cipher_algo = ""
+        if self.__check_field_in_vector(test_vector, "cipher_algo"):
+            cipher_algo = " --cipher_algo " + test_vector["cipher_algo"]
+
+        cipher_op = ""
+        if self.__check_field_in_vector(test_vector, "cipher_op"):
+            cipher_op = " --cipher_op " + test_vector["cipher_op"]
+
+        cipher_key = ""
+        if self.__check_field_in_vector(test_vector, "cipher_key"):
+            cipher_key = " --cipher_key " + self.__format_hex_to_param(test_vector["cipher_key"])
+
+        iv = ""
+        if self.__check_field_in_vector(test_vector, "iv"):
+            iv = " --iv " + self.__format_hex_to_param(test_vector["iv"])
+
+        auth_algo = ""
+        if self.__check_field_in_vector(test_vector, "auth_algo"):
+            auth_algo = " --auth_algo " + test_vector["auth_algo"]
+
+        auth_op = ""
+        if self.__check_field_in_vector(test_vector, "auth_op"):
+            auth_op = " --auth_op " + test_vector["auth_op"]
+
+        auth_key = ""
+        if self.__check_field_in_vector(test_vector, "auth_key"):
+            auth_key = " --auth_key " + self.__format_hex_to_param(test_vector["auth_key"])
+
+        auth_key_random_size = ""
+        if self.__check_field_in_vector(test_vector, "auth_key_random_size"):
+            auth_key_random_size = " --auth_key_random_size " + test_vector["auth_key_random_size"]
+
+        aad = ""
+        if self.__check_field_in_vector(test_vector, "aad"):
+            aad = " --aad " + self.__format_hex_to_param(test_vector["aad"])
+
+        aad_random_size = ""
+        if self.__check_field_in_vector(test_vector, "aad_random_size"):
+            aad_random_size = " --aad_random_size " + test_vector["aad_random_size"]
+
+        cmd_str = "".join([L2FWD_CRYPTO_APP, EAL_CORE_MASK, EAL_MM_CHANNEL, vdev, vdev, EAL_SEP,
+                          PORT_MASK, QUEUE_NUM, chain, cdev_type, cipher_algo, cipher_op, cipher_key,
+                          iv, auth_algo, auth_op, auth_key, auth_key_random_size, aad, aad_random_size])
+
+        return cmd_str
+
+    def __check_field_in_vector(self, test_vector, field_name):
+        if field_name in test_vector and test_vector[field_name]:
+            return True
+        return False
+
+    def __format_hex_to_param(self, hex_str, sep=":", prefix=""):
+        if not hex_str:
+            return ""
+        if len(hex_str) == 1:
+            return prefix + "0" + hex_str
+
+        result = prefix + hex_str[0:2]
+        for i in range(2, len(hex_str), 2):
+            if len(hex_str) < i + 2:
+                result = result + sep + "0" + hex_str[i:]
+            else:
+                result = result + sep + hex_str[i:i+2]
+
+        return result
+
+test_vectors = {
+
+    "qat_c_AES_CBC_01": {
+        "vdev": "",
+        "chain": "CIPHER_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "AES_CBC",
+        "cipher_op": "ENCRYPT",
+        "cipher_key": "000102030405060708090a0b0c0d0e0f",
+        "iv": "000102030405060708090a0b0c0d0e0f",
+        "auth_algo": "",
+        "auth_op": "",
+        "auth_key": "",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "96A702D1CC8DD6D625D971915FCE8C40B8C522042B7126D51BB204CECA048C13793B75FF84A4B524370A45534C2BC476",
+        "output_hash": "",
+    },
+
+    "qat_c_AES_CTR_01": {
+        "vdev": "",
+        "chain": "CIPHER_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "AES_CTR",
+        "cipher_op": "ENCRYPT",
+        "cipher_key": "000102030405060708090a0b0c0d0e0f",
+        "iv": "000102030405060708090a0b0c0d0e0f",
+        "auth_algo": "",
+        "auth_op": "",
+        "auth_key": "",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "1B851AA4507FE154E0D28549D742FB4B1372FD85770963878BCBEC1E5AB51ECD0B3C85A2000DB4E9ACD3D95CDD38FD56",
+        "output_hash": "",
+    },
+
+    "qat_c_AES_GCM_01": {
+        "vdev": "",
+        "chain": "CIPHER_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "AES_GCM",
+        "cipher_op": "ENCRYPT",
+        "cipher_key": "000102030405060708090a0b0c0d0e0f",
+        "iv": "000102030405060708090a0b0c0d0e0f",
+        "auth_algo": "",
+        "auth_op": "",
+        "auth_key": "",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "1b851aa4507fe154e0d28549d742fb4b1372fd85770963878bcbec1e5ab51ecd0b3c85a2000db4e9acd3d95cdd38fd56",
+        "output_hash": "",
+    },
+
+    "qat_h_SHA1_HMAC_01": {
+        "vdev": "",
+        "chain": "HASH_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "",
+        "cipher_op": "",
+        "cipher_key": "",
+        "iv": "",
+        "auth_algo": "SHA1_HMAC",
+        "auth_op": "GENERATE",
+        "auth_key": "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111100000000000000000000000000000000",
+        "output_cipher": "",
+        "output_hash": "12E2EF8B7EBFE556C73307B04E1E46D12BA34884"
+    },
+
+    "qat_h_SHA256_HMAC_01": {
+        "vdev": "",
+        "chain": "HASH_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "",
+        "cipher_op": "",
+        "cipher_key": "",
+        "iv": "",
+        "auth_algo": "SHA256_HMAC",
+        "auth_op": "GENERATE",
+        "auth_key": "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "11111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111100000000000000000000000000000000",
+        "output_cipher": "",
+        "output_hash": "AC9E0BA3A0716F4F4A2734B407BE28D6F276CE0472B827D6EE47B7E518C2BC0D"
+    },
+
+    "qat_h_SHA512_HMAC_01": {
+        "vdev": "",
+        "chain": "HASH_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "",
+        "cipher_op": "",
+        "cipher_key": "",
+        "iv": "",
+        "auth_algo": "SHA512_HMAC",
+        "auth_op": "GENERATE",
+        "auth_key": "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111110000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+        "output_cipher": "",
+        "output_hash": "C8917E7490FC2CFF0CFDD0509C1C0D711CD27FFDFAAEA375E123F25F7532D4FA7D02D95CD52FAC8A27E21B3F5F734241897A37BB8953C52FFADB3B605A864569"
+    },
+
+    "qat_h_AES_XCBC_MAC_01": {
+        "vdev": "",
+        "chain": "HASH_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "",
+        "cipher_op": "",
+        "cipher_key": "",
+        "iv": "",
+        "auth_algo": "AES_XCBC_MAC",
+        "auth_op": "GENERATE",
+        "auth_key": "000102030405060708090a0b0c0d0e0f",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "",
+        "output_hash": "A7AD120ED744A9EC0618C0D9"
+    },
+
+    "qat_ch_AES_CBC_SHA1_HMAC_01": {
+        "vdev": "",
+        "chain": "CIPHER_HASH",
+        "cdev_type": "ANY",
+        "cipher_algo": "AES_CBC",
+        "cipher_op": "ENCRYPT",
+        "cipher_key": "000102030405060708090a0b0c0d0e0f",
+        "iv": "000102030405060708090a0b0c0d0e0f",
+        "auth_algo": "SHA1_HMAC",
+        "auth_op": "GENERATE",
+        "auth_key": "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "96A702D1CC8DD6D625D971915FCE8C40B8C522042B7126D51BB204CECA048C13793B75FF84A4B524370A45534C2BC476",
+        "output_hash": "2D6EFD5929812460E2DE34A1BD768F209C985143BA7333E8D59EFED291517EF7"
+    },
+
+    "qat_c_UEA2_01": {
+        "vdev": "",
+        "chain": "CIPHER_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "SNOW3G_UEA2",
+        "cipher_op": "ENCRYPT",
+        "cipher_key": "000102030405060708090a0b0c0d0e0f",
+        "iv": "000102030405060708090a0b0c0d0e0f",
+        "auth_algo": "",
+        "auth_op": "",
+        "auth_key": "",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "fa0d2ff5dbf973e7082b128396fbc2c1ff5721099a1eb82918e66c1fa1b8fd52ce1763963f73859595d89b0b8d3907a8",
+        "output_hash": ""
+    },
+
+    "qat_h_UIA2_01": {
+        "vdev": "",
+        "chain": "HASH_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "",
+        "cipher_op": "",
+        "cipher_key": "",
+        "iv": "",
+        "auth_algo": "SNOW3G_UIA2",
+        "auth_op": "GENERATE",
+        "auth_key": "000102030405060708090a0b0c0d0e0f",
+        "auth_key_random_size": "",
+        "aad": "000102030405060708090a0b0c0d0e0f",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "",
+        "output_hash": "741D4316"
+    },
+
+    "snow3g_c_UEA2_01": {
+        "vdev": "cryptodev_snow3g_pmd,socket_id=1,max_nb_sessions=128",
+        "chain": "CIPHER_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "SNOW3G_UEA2",
+        "cipher_op": "ENCRYPT",
+        "cipher_key": "000102030405060708090a0b0c0d0e0f",
+        "iv": "000102030405060708090a0b0c0d0e0f",
+        "auth_algo": "",
+        "auth_op": "",
+        "auth_key": "",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "fa0d2ff5dbf973e7082b128396fbc2c1ff5721099a1eb82918e66c1fa1b8fd52ce1763963f73859595d89b0b8d3907a8",
+        "output_hash": ""
+    },
+
+    "snow3g_h_UIA2_01": {
+        "vdev": "cryptodev_snow3g_pmd,socket_id=1,max_nb_sessions=128",
+        "chain": "HASH_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "",
+        "cipher_op": "",
+        "cipher_key": "",
+        "iv": "",
+        "auth_algo": "SNOW3G_UIA2",
+        "auth_op": "GENERATE",
+        "auth_key": "000102030405060708090a0b0c0d0e0f",
+        "auth_key_random_size": "",
+        "aad": "000102030405060708090a0b0c0d0e0f",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "",
+        "output_hash": "741D4316"
+    },
+
+    "kasumi_c_F8_01": {
+        "vdev": "cryptodev_kasumi_pmd,socket_id=1,max_nb_sessions=128",
+        "chain": "CIPHER_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "KASUMI_F8",
+        "cipher_op": "ENCRYPT",
+        "cipher_key": "000102030405060708090a0b0c0d0e0f",
+        "iv": "0001020304050607",
+        "auth_algo": "",
+        "auth_op": "",
+        "auth_key": "",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "ede654ff0caab546b654cd7a3b0a4199e957579214f45bd7e25fcbbda41e38fc885fbbd6195cf8e22905480191b2f861",
+        "output_hash": ""
+    },
+
+    "kasumi_h_F9_01": {
+        "vdev": "cryptodev_kasumi_pmd,socket_id=1,max_nb_sessions=128",
+        "chain": "HASH_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "",
+        "cipher_op": "",
+        "cipher_key": "",
+        "iv": "",
+        "auth_algo": "KASUMI_F9",
+        "auth_op": "GENERATE",
+        "auth_key": "000102030405060708090a0b0c0d0e0f",
+        "auth_key_random_size": "",
+        # aad length min=8 max=8
+        "aad": "0001020304050607",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "",
+        "output_hash": "D1C2BE1E"
+    },
+
+    "null_c_NULL_01": {
+        "vdev": "cryptodev_null_pmd,socket_id=1,max_nb_sessions=128",
+        "chain": "CIPHER_ONLY",
+        "cdev_type": "ANY",
+        "cipher_algo": "NULL",
+        "cipher_op": "ENCRYPT",
+        "cipher_key": "",
+        "iv": "",
+        "auth_algo": "",
+        "auth_op": "",
+        "auth_key": "",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_hash": ""
+    },
+
+    "qat_ch_AES_GCM_AES_GCM_01": {
+        "vdev": "",
+        "chain": "CIPHER_HASH",
+        "cdev_type": "ANY",
+        "cipher_algo": "AES_GCM",
+        "cipher_op": "ENCRYPT",
+        "cipher_key": "000102030405060708090a0b0c0d0e0f",
+        "iv": "000102030405060708090a0b0c0d0e0f",
+        "auth_algo": "AES_GCM",
+        "auth_op": "GENERATE",
+        "auth_key": "000102030405060708090a0b0c0d0e0f",
+        "auth_key_random_size": "",
+        # aad length min=8 max=12
+        "aad": "0001020304050607",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "1372fd85770963878bcbec1e5ab51ecd0b3c85a2000db4e9acd3d95cdd38fd565c1abac3884e8e167332357956a4c21f",
+        "output_hash": "00A2EBC33A8A1C8C"
+    },
+
+    "aesni_ch_AES_GCM_AES_GCM_01": {
+        "vdev": "cryptodev_aesni_gcm_pmd,socket_id=1,max_nb_sessions=128",
+        "chain": "CIPHER_HASH",
+        "cdev_type": "ANY",
+        "cipher_algo": "AES_GCM",
+        "cipher_op": "ENCRYPT",
+        "cipher_key": "000102030405060708090a0b0c0d0e0f",
+        "iv": "000102030405060708090a0b0c0d0e0f",
+        "auth_algo": "AES_GCM",
+        "auth_op": "GENERATE",
+        "auth_key": "000102030405060708090a0b0c0d0e0f",
+        "auth_key_random_size": "",
+        # aad length min=8 max=12
+        "aad": "0001020304050607",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "1372fd85770963878bcbec1e5ab51ecd0b3c85a2000db4e9acd3d95cdd38fd565c1abac3884e8e167332357956a4c21f",
+        "output_hash": "00A2EBC33A8A1C8C"
+    },
+
+    "aesni_ch_AES_CBC_SHA1_HMAC_01": {
+        "vdev": "cryptodev_aesni_mb_pmd,socket_id=1,max_nb_sessions=128",
+        "chain": "CIPHER_HASH",
+        "cdev_type": "ANY",
+        "cipher_algo": "AES_CBC",
+        "cipher_op": "ENCRYPT",
+        "cipher_key": "000102030405060708090a0b0c0d0e0f",
+        "iv": "000102030405060708090a0b0c0d0e0f",
+        "auth_algo": "SHA1_HMAC",
+        "auth_op": "GENERATE",
+        "auth_key": "000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f",
+        "auth_key_random_size": "",
+        "aad": "",
+        "aad_random_size": "",
+        "input": "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111",
+        "output_cipher": "96A702D1CC8DD6D625D971915FCE8C40B8C522042B7126D51BB204CECA048C13793B75FF84A4B524370A45534C2BC476",
+        "output_hash": "2D6EFD5929812460E2DE34A1BD768F209C985143BA7333E8D59EFED291517EF7"
+    },
+
+}
-- 
1.9.3



More information about the dts mailing list