[v2,02/13] test/crypto: add IPsec AES-CBC-HMAC-SHA256 known vectors

diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index 6d94085..c91b745 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -9197,7 +9197,7 @@  test_ipsec_proto_process(const struct ipsec_test_data td[],
 		       sizeof(ut_params->auth_xform));
 		ut_params->cipher_xform.cipher.key.data = td[0].key.data;
 		ut_params->cipher_xform.cipher.iv.offset = IV_OFFSET;
-		ut_params->auth_xform.auth.key.data = td[0].key.data;
+		ut_params->auth_xform.auth.key.data = td[0].auth_key.data;
 
 		/* Verify crypto capabilities */
 
@@ -14423,6 +14423,11 @@  static struct unit_test_suite ipsec_proto_testsuite  = {
 			ut_setup_security, ut_teardown,
 			test_ipsec_proto_known_vec, &pkt_aes_256_gcm),
 		TEST_CASE_NAMED_WITH_DATA(
+			"Outbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA256 [16B ICV])",
+			ut_setup_security, ut_teardown,
+			test_ipsec_proto_known_vec,
+			&pkt_aes_128_cbc_hmac_sha256),
+		TEST_CASE_NAMED_WITH_DATA(
 			"Inbound known vector (ESP tunnel mode IPv4 AES-GCM 128)",
 			ut_setup_security, ut_teardown,
 			test_ipsec_proto_known_vec_inb, &pkt_aes_128_gcm),
@@ -14438,6 +14443,11 @@  static struct unit_test_suite ipsec_proto_testsuite  = {
 			"Inbound known vector (ESP tunnel mode IPv4 AES-CBC 128)",
 			ut_setup_security, ut_teardown,
 			test_ipsec_proto_known_vec_inb, &pkt_aes_128_cbc_null),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Inbound known vector (ESP tunnel mode IPv4 AES-CBC 128 HMAC-SHA256 [16B ICV])",
+			ut_setup_security, ut_teardown,
+			test_ipsec_proto_known_vec_inb,
+			&pkt_aes_128_cbc_hmac_sha256),
 		TEST_CASE_NAMED_ST(
 			"Combined test alg list",
 			ut_setup_security, ut_teardown,
diff --git a/app/test/test_cryptodev_security_ipsec.h b/app/test/test_cryptodev_security_ipsec.h
index 91c6cd4..70a264a 100644
--- a/app/test/test_cryptodev_security_ipsec.h
+++ b/app/test/test_cryptodev_security_ipsec.h
@@ -14,6 +14,9 @@  struct ipsec_test_data {
 	struct {
 		uint8_t data[32];
 	} key;
+	struct {
+		uint8_t data[32];
+	} auth_key;
 
 	struct {
 		uint8_t data[1024];
diff --git a/app/test/test_cryptodev_security_ipsec_test_vectors.h b/app/test/test_cryptodev_security_ipsec_test_vectors.h
index bf831e9..16c88fe 100644
--- a/app/test/test_cryptodev_security_ipsec_test_vectors.h
+++ b/app/test/test_cryptodev_security_ipsec_test_vectors.h
@@ -434,4 +434,113 @@  struct ipsec_test_data pkt_aes_128_cbc_null = {
 	},
 };
 
+struct ipsec_test_data pkt_aes_128_cbc_hmac_sha256 = {
+	.key = {
+		.data = {
+			0x00, 0x04, 0x05, 0x01, 0x23, 0x00, 0x00, 0x00,
+			0x00, 0x00, 0x0a, 0x0b, 0x0c, 0x0f, 0x00, 0x00,
+		},
+	},
+	.auth_key = {
+		.data = {
+			0xde, 0x34, 0x56, 0x00, 0x00, 0x00, 0x78, 0x00,
+			0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02,
+			0x10, 0x30, 0x40, 0x00, 0x01, 0x02, 0x03, 0x04,
+			0x0a, 0x0b, 0x0c, 0x0d, 0x05, 0x06, 0x07, 0x08,
+		},
+	},
+	.input_text = {
+		.data = {
+			/* IP */
+			0x45, 0x00, 0x00, 0x32, 0x00, 0x01, 0x00, 0x00,
+			0x1f, 0x11, 0x17, 0x8b, 0xc0, 0xa8, 0x01, 0x6f,
+			0xc0, 0xa8, 0x01, 0x70,
+
+			/* UDP */
+			0x00, 0x09, 0x00, 0x09, 0x00, 0x1e, 0x00, 0x00,
+			0xbe, 0x9b, 0xe9, 0x55, 0x00, 0x00, 0x00, 0x21,
+			0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+			0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		},
+		.len = 50,
+	},
+	.output_text = {
+		.data = {
+			/* IP - outer header */
+			0x45, 0x00, 0x00, 0x7c, 0x00, 0x01, 0x00, 0x00,
+			0x40, 0x32, 0x52, 0x4d, 0x14, 0x00, 0x00, 0x01,
+			0x14, 0x00, 0x00, 0x02,
+
+			/* ESP */
+			0x00, 0x00, 0x00, 0x34, 0x00, 0x00, 0x00, 0x01,
+
+			/* IV */
+			0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00,
+			0x20, 0xbf, 0xe8, 0x39, 0x00, 0x00, 0x00, 0x00,
+
+			/* Data */
+			0x67, 0xb5, 0x46, 0x6e, 0x78, 0x17, 0xd3, 0x5a,
+			0xac, 0x62, 0x62, 0x62, 0xb0, 0x57, 0x9b, 0x09,
+			0x19, 0x4f, 0x06, 0x59, 0xc8, 0xb0, 0x30, 0x65,
+			0x1f, 0x45, 0x57, 0x41, 0x72, 0x17, 0x28, 0xe9,
+			0xad, 0x50, 0xbe, 0x44, 0x1d, 0x2d, 0x9a, 0xd0,
+			0x48, 0x75, 0x0d, 0x1c, 0x8d, 0x24, 0xa8, 0x6f,
+			0x6b, 0x24, 0xb6, 0x5d, 0x43, 0x1e, 0x55, 0xf0,
+			0xf7, 0x14, 0x1f, 0xf2, 0x61, 0xd4, 0xe0, 0x30,
+			0x16, 0xbe, 0x1b, 0x5c, 0xcc, 0xb7, 0x66, 0x1c,
+			0x47, 0xad, 0x07, 0x6c, 0xd5, 0xcb, 0xce, 0x6c,
+		},
+		.len = 124,
+	},
+	.iv = {
+		.data = {
+			0x34, 0x12, 0x67, 0x45, 0xff, 0xff, 0x00, 0x00,
+			0x20, 0xbf, 0xe8, 0x39, 0x00, 0x00, 0x00, 0x00,
+		},
+	},
+
+	.ipsec_xform = {
+		.spi = 52,
+		.options.esn = 0,
+		.options.udp_encap = 0,
+		.options.copy_dscp = 0,
+		.options.copy_flabel = 0,
+		.options.copy_df = 0,
+		.options.dec_ttl = 0,
+		.options.ecn = 0,
+		.options.stats = 0,
+		.options.tunnel_hdr_verify = 0,
+		.direction = RTE_SECURITY_IPSEC_SA_DIR_EGRESS,
+		.proto = RTE_SECURITY_IPSEC_SA_PROTO_ESP,
+		.mode = RTE_SECURITY_IPSEC_SA_MODE_TUNNEL,
+		.tunnel.type = RTE_SECURITY_IPSEC_TUNNEL_IPV4,
+		.replay_win_sz = 0,
+	},
+
+	.aead = false,
+
+	.xform = {
+		.chain.cipher = {
+			.next = NULL,
+			.type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+			.cipher = {
+				.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT,
+				.algo = RTE_CRYPTO_CIPHER_AES_CBC,
+				.key.length = 16,
+				.iv.length = 16,
+			},
+		},
+		.chain.auth = {
+			.next = NULL,
+			.type = RTE_CRYPTO_SYM_XFORM_AUTH,
+			.auth = {
+				.op = RTE_CRYPTO_AUTH_OP_GENERATE,
+				.algo = RTE_CRYPTO_AUTH_SHA256_HMAC,
+				.key.length = 32,
+				.digest_length = 16,
+			},
+		},
+	},
+};
+
 #endif /* TEST_CRYPTODEV_SECURITY_IPSEC_TEST_VECTORS_H_ */
diff --git a/doc/guides/rel_notes/release_22_03.rst b/doc/guides/rel_notes/release_22_03.rst
index 9fccddc..83536ed 100644
--- a/doc/guides/rel_notes/release_22_03.rst
+++ b/doc/guides/rel_notes/release_22_03.rst
@@ -58,6 +58,7 @@  New Features
 * **Updated lookaside protocol (IPsec) tests in dpdk-test.**
 
   * Added AES-CBC 128 NULL auth known vector tests.
+  * Added AES-CBC 128 HMAC-SHA256 known vector tests.
 
 
 Removed Items