From: Dmitry Eremin-Solenikov <dmitry.ereminsoleni...@linaro.org> Add check through auth capabilities, verifying that key length is supported.
Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsoleni...@linaro.org> --- /** Email created from pull request 288 (lumag:gmac) ** https://github.com/Linaro/odp/pull/288 ** Patch: https://github.com/Linaro/odp/pull/288.patch ** Base sha: a908a4dead95321e84d6a8a23de060051dcd8969 ** Merge commit sha: 9fff58cf77d87306efed89f77e84f957850623d5 **/ test/validation/api/ipsec/ipsec.c | 32 ++++++++++++++++++++++++-------- test/validation/api/ipsec/ipsec.h | 11 ++++++----- 2 files changed, 30 insertions(+), 13 deletions(-) diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c index a8fdf2b14..fb5f7863e 100644 --- a/test/validation/api/ipsec/ipsec.c +++ b/test/validation/api/ipsec/ipsec.c @@ -119,13 +119,14 @@ static void pktio_stop(odp_pktio_t pktio) int ipsec_check(odp_bool_t ah, odp_cipher_alg_t cipher, uint32_t cipher_bits, - odp_auth_alg_t auth) + odp_auth_alg_t auth, + uint32_t auth_bits) { odp_ipsec_capability_t capa; odp_crypto_cipher_capability_t cipher_capa[MAX_ALG_CAPA]; odp_crypto_auth_capability_t auth_capa[MAX_ALG_CAPA]; int i, num; - odp_bool_t found = false; + odp_bool_t found; if (odp_ipsec_capability(&capa) < 0) return ODP_TEST_INACTIVE; @@ -212,6 +213,7 @@ int ipsec_check(odp_bool_t ah, } /* Search for the test case */ + found = false; for (i = 0; i < num; i++) { if (cipher_capa[i].key_len == cipher_bits / 8) { found = 1; @@ -230,42 +232,56 @@ int ipsec_check(odp_bool_t ah, return ODP_TEST_INACTIVE; } + /* Search for the test case */ + found = false; + for (i = 0; i < num; i++) { + if (auth_capa[i].key_len == auth_bits / 8) { + found = 1; + break; + } + } + + if (!found) { + fprintf(stderr, "Unsupported auth key length\n"); + return ODP_TEST_INACTIVE; + } + return ODP_TEST_ACTIVE; } int ipsec_check_ah_sha256(void) { - return ipsec_check_ah(ODP_AUTH_ALG_SHA256_HMAC); + return ipsec_check_ah(ODP_AUTH_ALG_SHA256_HMAC, 256); } int ipsec_check_esp_null_sha256(void) { return ipsec_check_esp(ODP_CIPHER_ALG_NULL, 0, - ODP_AUTH_ALG_SHA256_HMAC); + ODP_AUTH_ALG_SHA256_HMAC, 256); } int ipsec_check_esp_aes_cbc_128_null(void) { return ipsec_check_esp(ODP_CIPHER_ALG_AES_CBC, 128, - ODP_AUTH_ALG_NULL); + ODP_AUTH_ALG_NULL, 0); } int ipsec_check_esp_aes_cbc_128_sha256(void) { return ipsec_check_esp(ODP_CIPHER_ALG_AES_CBC, 128, - ODP_AUTH_ALG_SHA256_HMAC); + ODP_AUTH_ALG_SHA256_HMAC, 256); } int ipsec_check_esp_aes_gcm_128(void) { return ipsec_check_esp(ODP_CIPHER_ALG_AES_GCM, 128, - ODP_AUTH_ALG_AES_GCM); + ODP_AUTH_ALG_AES_GCM, 0); } int ipsec_check_esp_aes_gcm_256(void) { return ipsec_check_esp(ODP_CIPHER_ALG_AES_GCM, 256, - ODP_AUTH_ALG_AES_GCM); + ODP_AUTH_ALG_AES_GCM, 0); } void ipsec_sa_param_fill(odp_ipsec_sa_param_t *param, diff --git a/test/validation/api/ipsec/ipsec.h b/test/validation/api/ipsec/ipsec.h index d1c6854b7..9dd0feabf 100644 --- a/test/validation/api/ipsec/ipsec.h +++ b/test/validation/api/ipsec/ipsec.h @@ -74,11 +74,12 @@ void ipsec_check_out_in_one(const ipsec_test_part *part, int ipsec_check(odp_bool_t ah, odp_cipher_alg_t cipher, uint32_t cipher_bits, - odp_auth_alg_t auth); -#define ipsec_check_ah(auth) \ - ipsec_check(true, ODP_CIPHER_ALG_NULL, 0, auth) -#define ipsec_check_esp(cipher, cipher_bits, auth) \ - ipsec_check(false, cipher, cipher_bits, auth) + odp_auth_alg_t auth, + uint32_t auth_bits); +#define ipsec_check_ah(auth, auth_bits) \ + ipsec_check(true, ODP_CIPHER_ALG_NULL, 0, auth, auth_bits) +#define ipsec_check_esp(cipher, cipher_bits, auth, auth_bits) \ + ipsec_check(false, cipher, cipher_bits, auth, auth_bits) int ipsec_check_ah_sha256(void); int ipsec_check_esp_null_sha256(void); int ipsec_check_esp_aes_cbc_128_null(void);
