[08/14] test/crypto: add TLS1.2 vectors

Message ID 20231207130216.140-9-anoobj@marvell.com (mailing list archive)
State Accepted
Delegated to: akhil goyal
Headers
Series Add TLS record test suite |

Checks

Context Check Description
ci/checkpatch success coding style OK

Commit Message

Anoob Joseph Dec. 7, 2023, 1:02 p.m. UTC
  From: Akhil Goyal <gakhil@marvell.com>

Added TLS 1.2 test vectors for AES-128-CBC-SHA1

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 app/test/test_cryptodev.c                     |  8 ++
 app/test/test_cryptodev_security_tls_record.h |  1 +
 ...yptodev_security_tls_record_test_vectors.h | 91 +++++++++++++++++++
 3 files changed, 100 insertions(+)
  

Patch

diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c
index e7e4b93c20..a82f971135 100644
--- a/app/test/test_cryptodev.c
+++ b/app/test/test_cryptodev.c
@@ -16817,10 +16817,18 @@  static struct unit_test_suite tls12_record_proto_testsuite  = {
 			"Write record known vector AES-GCM-128 (vector 1)",
 			ut_setup_security, ut_teardown,
 			test_tls_record_proto_known_vec, &tls_test_data_aes_128_gcm_v1),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Write record known vector AES-128-CBC-SHA1",
+			ut_setup_security, ut_teardown,
+			test_tls_record_proto_known_vec, &tls_test_data_aes_128_cbc_sha1_hmac),
 		TEST_CASE_NAMED_WITH_DATA(
 			"Read record known vector AES-GCM-128 (vector 1)",
 			ut_setup_security, ut_teardown,
 			test_tls_record_proto_known_vec_read, &tls_test_data_aes_128_gcm_v1),
+		TEST_CASE_NAMED_WITH_DATA(
+			"Read record known vector AES-128-CBC-SHA1",
+			ut_setup_security, ut_teardown,
+			test_tls_record_proto_known_vec_read, &tls_test_data_aes_128_cbc_sha1_hmac),
 		TEST_CASES_END() /**< NULL terminate unit test array */
 	}
 };
diff --git a/app/test/test_cryptodev_security_tls_record.h b/app/test/test_cryptodev_security_tls_record.h
index b9cadd5cd4..3e42db2c03 100644
--- a/app/test/test_cryptodev_security_tls_record.h
+++ b/app/test/test_cryptodev_security_tls_record.h
@@ -56,6 +56,7 @@  struct tls_record_test_flags {
 };
 
 extern struct tls_record_test_data tls_test_data_aes_128_gcm_v1;
+extern struct tls_record_test_data tls_test_data_aes_128_cbc_sha1_hmac;
 
 int test_tls_record_status_check(struct rte_crypto_op *op);
 
diff --git a/app/test/test_cryptodev_security_tls_record_test_vectors.h b/app/test/test_cryptodev_security_tls_record_test_vectors.h
index 52e97e8557..85ad2df500 100644
--- a/app/test/test_cryptodev_security_tls_record_test_vectors.h
+++ b/app/test/test_cryptodev_security_tls_record_test_vectors.h
@@ -78,4 +78,95 @@  struct tls_record_test_data tls_test_data_aes_128_gcm_v1 = {
 	.app_type = 0x17,
 };
 
+struct tls_record_test_data tls_test_data_aes_128_cbc_sha1_hmac = {
+	.key = {
+		.data = {
+			0xee, 0x2b, 0x2a, 0x59, 0xbf, 0x60, 0x36, 0xba,
+			0xe4, 0xdc, 0x7d, 0x8b, 0xc7, 0x0d, 0xbb, 0x85,
+		},
+	},
+	.auth_key = {
+		.data = {
+			0xcf, 0x4f, 0xc1, 0x7d, 0x6d, 0x4c, 0x0d, 0x13,
+			0x3d, 0x8f, 0x95, 0xb5, 0xdd, 0xb0, 0x85, 0x08,
+			0x38, 0x2c, 0xa1, 0xa0,
+		},
+	},
+	.input_text = {
+		.data = {
+			/* plain text data */
+			0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20,
+			0x54, 0x4c, 0x53, 0x20, 0x31, 0x2e, 0x32, 0x20,
+			0x41, 0x45, 0x53, 0x2d, 0x31, 0x32, 0x38, 0x2d,
+			0x43, 0x42, 0x43, 0x20, 0x53, 0x48, 0x41, 0x31,
+			0x20, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65,
+			0x20, 0x76, 0x65, 0x63, 0x74, 0x6f, 0x72, 0x0a,
+		},
+		.len = 48,
+	},
+	.output_text = {
+		.data = {
+			/* TLS header */
+			0x17, 0x03, 0x03, 0x00, 0x60,
+			/* Encrypted data */
+			0x30, 0x76, 0x10, 0x2e, 0xb2, 0xe3, 0xb6, 0x93,
+			0x70, 0xd4, 0xdf, 0x2a, 0x4f, 0x92, 0x1d, 0x3c,
+			0x9a, 0x87, 0x38, 0xb0, 0x8e, 0x82, 0xf1, 0x33,
+			0xa2, 0x5e, 0xce, 0xaf, 0x51, 0xf1, 0x51, 0x17,
+			0x4f, 0x63, 0x55, 0x60, 0xa5, 0x3f, 0xc5, 0x42,
+			0x9a, 0x80, 0x7a, 0x19, 0xb9, 0x77, 0x5b, 0x6f,
+			0x1b, 0x2e, 0x2c, 0x0a, 0xa1, 0xa9, 0xf4, 0xb1,
+			0xc7, 0x12, 0x7d, 0xfc, 0x92, 0x2f, 0xf4, 0xfc,
+			0x20, 0x16, 0x1a, 0xa3, 0x94, 0xc6, 0xfe, 0x64,
+			0x8d, 0x16, 0xd2, 0x52, 0x56, 0x83, 0x75, 0x3f,
+			0x5b, 0x89, 0xf4, 0x29, 0x72, 0x46, 0x19, 0xd2,
+			0xae, 0xea, 0xe3, 0xfc, 0x23, 0xd9, 0x00, 0x6c,
+		},
+		.len = 101,
+	},
+	.iv = {
+		.data = {
+			0x30, 0x76, 0x10, 0x2e, 0xb2, 0xe3, 0xb6, 0x93,
+			0x70, 0xd4, 0xdf, 0x2a, 0x4f, 0x92, 0x1d, 0x3c,
+		},
+	},
+
+	.xform = {
+		.chain = {
+			.auth = {
+				.next = NULL,
+				.type = RTE_CRYPTO_SYM_XFORM_AUTH,
+				.auth = {
+					.op = RTE_CRYPTO_AUTH_OP_GENERATE,
+					.algo = RTE_CRYPTO_AUTH_SHA1_HMAC,
+					.key.length = 20,
+					.iv.length = 0,
+					.iv.offset = 0,
+					.digest_length = 20,
+				},
+			},
+			.cipher = {
+				.next = NULL,
+				.type = RTE_CRYPTO_SYM_XFORM_CIPHER,
+				.cipher = {
+					.op = RTE_CRYPTO_CIPHER_OP_ENCRYPT,
+					.algo = RTE_CRYPTO_CIPHER_AES_CBC,
+					.key.length = 16,
+					.iv.length = 16,
+					.iv.offset = IV_OFFSET,
+				},
+			},
+		},
+	},
+
+	.tls_record_xform = {
+		.ver = RTE_SECURITY_VERSION_TLS_1_2,
+		.type = RTE_SECURITY_TLS_SESS_TYPE_WRITE,
+		.tls_1_2.seq_no = 0x1,
+	},
+
+	.aead = false,
+	.app_type = 0x17,
+};
+
 #endif