This commit adds the following:
[keystone-rtos/netapi.git] / ti / runtime / netapi / test / net_test_sa_utils.c
1 /******************************************
2  * File: net_test_sa_utils.c
3  * Purpose: net_test application security associations utilities
4  **************************************************************
5  * FILE:  net_test_sa_utils.c
6  * 
7  * DESCRIPTION:  net_test application security associations utilities
8  * 
9  * REVISION HISTORY:
10  *
11  *  Copyright (c) Texas Instruments Incorporated 2013
12  * 
13  *  Redistribution and use in source and binary forms, with or without 
14  *  modification, are permitted provided that the following conditions 
15  *  are met:
16  *
17  *    Redistributions of source code must retain the above copyright 
18  *    notice, this list of conditions and the following disclaimer.
19  *
20  *    Redistributions in binary form must reproduce the above copyright
21  *    notice, this list of conditions and the following disclaimer in the 
22  *    documentation and/or other materials provided with the   
23  *    distribution.
24  *
25  *    Neither the name of Texas Instruments Incorporated nor the names of
26  *    its contributors may be used to endorse or promote products derived
27  *    from this software without specific prior written permission.
28  *
29  *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
30  *  "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
31  *  LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
32  *  A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 
33  *  OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 
34  *  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 
35  *  LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
36  *  DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
37  *  THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 
38  *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 
39  *  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
41  *****************************************/
43 #include "net_test.h"
45 #include <signal.h>
46 #include <pthread.h>
48 #include <ti/drv/sa/salld.h>
49 #include <ti/drv/pa/pa.h>
51 extern NETAPI_T netapi_handle;
52 extern netTestConfig_t netTestCfg;
53 extern netTestConfig_t config;
54 extern netTestSA_t sa_info[];
55 extern NETCP_CFG_IPSEC_POLICY_T rx_policy[];
57 /* pktio channels externs */
58 extern PKTIO_HANDLE_T *netcp_rx_chan;
59 extern PKTIO_HANDLE_T *netcp_rx_chan2;
60 extern PKTIO_HANDLE_T *netcp_tx_chan;
61 extern PKTIO_HANDLE_T *netcp_tx_chan_ah;
62 extern PKTIO_HANDLE_T *netcp_sb_tx_chan;
63 extern PKTIO_HANDLE_T *netcp_sb_rx_chan;
64 extern PKTIO_CFG_T our_chan_cfg;
65 extern PKTIO_CFG_T netcp_rx_cfg;
66 extern PKTIO_CFG_T netcp_rx_cfg2;
67 extern PKTIO_CFG_T netcp_tx_cfg;
68 extern PKTIO_CFG_T netcp_sb_rx_cfg;
69 extern PKTIO_CFG_T netcp_sb_tx_cfg;
70 /* end pktio channels externs */
72 extern Trie *p_trie_sa_rx;
73 extern Trie *p_trie_sa_tx;
77 void  netTest_utilBuildSADB(int i)
78 {
79     long tmp_spi;
80     long tmp_tunnel;
81     if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_HMAC_SHA1) &&
82         (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_AES_CBC))
83     {
84         /* static configuration, will not change */
85         sa_info[i].tx_payload_info.aadSize = 0;
86         sa_info[i].tx_payload_info.pAad = NULL;
87         sa_info[i].tx_payload_info.pAuthIV = NULL;
88         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
89                                                 netTest_IP_HEADER_LEN;
90         
91         sa_info[i].tx_payload_info.encOffset = netTest_MAC_HEADER_LEN +
92                                                netTest_IP_HEADER_LEN +
93                                                netTest_ESP_HEADER_LEN +
94                                                netTest_AES_CBC_IV_LEN;
96         /* dynamic configuration, will  be calculated on the fly */
97         sa_info[i].tx_payload_info.authSize = 0;
98         sa_info[i].tx_payload_info.encSize = 0;
99         sa_info[i].tx_payload_info.pEncIV = 0;
101         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
102         sa_info[i].authMode = netTestCfg.sa[i].authMode;
103         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
104         sa_info[i].auth_tag_size = netTest_ICV_LEN;
106         sa_info[i].iv_len=16;
107         sa_info[i].bl=16;
109         sa_info[i].tx_pkt_info.enetPort = 0;
110         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
111         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
112         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
113         sa_info[i].tx_pkt_info.startOffset = 0;
114         sa_info[i].tx_pkt_info.lpbackPass = 0;
115         sa_info[i].tx_pkt_info.ploadLen = 0; 
116         sa_info[i].tx_pkt_info.pPkt = NULL;
117         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN + netTest_IP_HEADER_LEN;
118         sa_info[i].tx_pkt_info.saPayloadLen = 0;
119         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
120        
121         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
122                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
123                                          NWAL_TX_FLAG1_META_DATA_VALID ;
124         sa_info[i].dir =netTestCfg.sa[i].dir;
125         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
126         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
127         sa_info[i].spi =tmp_spi;
128         sa_info[i].tunnel_id = tmp_tunnel;
130         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
131         {
132             trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
133         }
134         else
135         {
136            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
137         }
138     }
139     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_HMAC_SHA2_256) &&
140              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_AES_CTR))
141     {
142         /* static configuration, will not change */
143         sa_info[i].tx_payload_info.aadSize = 0;
144         sa_info[i].tx_payload_info.pAad = NULL;
145         sa_info[i].tx_payload_info.pAuthIV = NULL;
146         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
147                                                 netTest_IP_HEADER_LEN;
149         sa_info[i].tx_payload_info.encOffset = netTest_MAC_HEADER_LEN +
150                                                netTest_IP_HEADER_LEN +
151                                                netTest_ESP_HEADER_LEN +
152                                                netTest_AES_CTR_IV_LEN;
154         /* dynamic configuration, will  be calculated on the fly */
155         sa_info[i].tx_payload_info.authSize = 0;
156         sa_info[i].tx_payload_info.encSize = 0;
157         sa_info[i].tx_payload_info.pEncIV = 0;
159         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
160         sa_info[i].authMode = netTestCfg.sa[i].authMode;
161         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
162         sa_info[i].auth_tag_size = netTest_ICV_LEN;
163         sa_info[i].iv_len=8;
164         sa_info[i].bl=8;
166         sa_info[i].tx_pkt_info.enetPort = 0;
167         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
168         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
169         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
170         sa_info[i].tx_pkt_info.startOffset = 0;
171         sa_info[i].tx_pkt_info.lpbackPass = 0;
172         sa_info[i].tx_pkt_info.ploadLen = 0;
173         sa_info[i].tx_pkt_info.pPkt = NULL;
174         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
175         sa_info[i].tx_pkt_info.saPayloadLen = 0;
176         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
178         sa_info[i].key_params = &netTestCfg.key_params[i];
180         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO| NWAL_TX_FLAG1_DO_UDP_CHKSUM| NWAL_TX_FLAG1_META_DATA_VALID ;
181         sa_info[i].dir =netTestCfg.sa[i].dir;
182         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
183         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
184         sa_info[i].spi =tmp_spi;
185         sa_info[i].tunnel_id = tmp_tunnel;
187         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
188         {
189            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
190         }
191         else
192         {
193            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
194         }
195     }
196     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_HMAC_SHA2_256) &&
197              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_3DES_CBC))
198     {
199         /* static configuration, will not change */
200         sa_info[i].tx_payload_info.aadSize = 0;
201         sa_info[i].tx_payload_info.pAad = NULL;
202         sa_info[i].tx_payload_info.pAuthIV = NULL;
203         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
204                                                 netTest_IP_HEADER_LEN;
206         sa_info[i].tx_payload_info.encOffset = netTest_MAC_HEADER_LEN +
207                                                netTest_IP_HEADER_LEN +
208                                                netTest_ESP_HEADER_LEN +
209                                                netTest_3DES_CBC_IV_LEN;
211         /* dynamic configuration, will  be calculated on the fly */
212         sa_info[i].tx_payload_info.authSize = 0;
213         sa_info[i].tx_payload_info.encSize = 0;
214         sa_info[i].tx_payload_info.pEncIV = 0;
216         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
217         sa_info[i].authMode = netTestCfg.sa[i].authMode;
218         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
219         sa_info[i].auth_tag_size = netTest_ICV_LEN;
221         sa_info[i].iv_len=8;
222         sa_info[i].bl=8;
224         sa_info[i].tx_pkt_info.enetPort = 0;
225         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
226         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
227         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
228         sa_info[i].tx_pkt_info.startOffset = 0;
229         sa_info[i].tx_pkt_info.lpbackPass = 0;
230         sa_info[i].tx_pkt_info.ploadLen = 0;
231         sa_info[i].tx_pkt_info.pPkt = NULL;
232         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
233         sa_info[i].tx_pkt_info.saPayloadLen = 0;
234         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
235        
236         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
237                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
238                                          NWAL_TX_FLAG1_META_DATA_VALID ;
240         sa_info[i].dir =netTestCfg.sa[i].dir;
241         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
242         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
243         sa_info[i].spi =tmp_spi;
244         sa_info[i].tunnel_id = tmp_tunnel;
246         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
247         {
248            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
249         }
250         else
251         {
252            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
253         }
254     }
255     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_HMAC_MD5) &&
256              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_NULL))
257     {
258         /* static configuration, will not change */
259         sa_info[i].tx_payload_info.aadSize = 0;
260         sa_info[i].tx_payload_info.pAad = NULL;
261         sa_info[i].tx_payload_info.pAuthIV = NULL;
262         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN;
264         sa_info[i].tx_payload_info.encOffset =         netTest_MAC_HEADER_LEN +
265                                                        netTest_IP_HEADER_LEN +
266                                                        netTest_NULL_ESP_HEADER_LEN +
267                                                        netTest_NULL_IV_LEN +
268                                                        24;
269         sa_info[i].iv_len=0;
270         sa_info[i].bl=4;
272         /* dynamic configuration, will  be calculated on the fly */
273         sa_info[i].tx_payload_info.authSize = 0;
274         sa_info[i].tx_payload_info.encSize = 0;
275         sa_info[i].tx_payload_info.pEncIV = 0;
277         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
278         sa_info[i].authMode = netTestCfg.sa[i].authMode;
279         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
280         sa_info[i].auth_tag_size = netTest_ICV_LEN;
282         sa_info[i].tx_pkt_info.enetPort = 0;
283         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
284         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
285         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
286         sa_info[i].tx_pkt_info.startOffset = 0;
287         sa_info[i].tx_pkt_info.lpbackPass = 0;
288         sa_info[i].tx_pkt_info.ploadLen = 0;
289         sa_info[i].tx_pkt_info.pPkt = NULL;
290         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN;
291         sa_info[i].tx_pkt_info.saPayloadLen = 0;
292         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
293         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_AH_CRYPTO |
294                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
295                                          NWAL_TX_FLAG1_META_DATA_VALID;
296         sa_info[i].dir =netTestCfg.sa[i].dir;
297         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
298         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
299         sa_info[i].spi =tmp_spi;
300         sa_info[i].tunnel_id = tmp_tunnel;
302         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
303         {
304            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
305         }
306         else
307         {
308            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
309         }
310     }
311     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_NULL) &&
312              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_AES_GCM))
313     {
314         /* static configuration, will not change */
315         sa_info[i].tx_payload_info.aadSize = 0;
316         sa_info[i].tx_payload_info.pAad = NULL;
317         sa_info[i].tx_payload_info.pAuthIV = NULL;
318         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
319                                                 netTest_IP_HEADER_LEN;
321         sa_info[i].tx_payload_info.encOffset =         netTest_MAC_HEADER_LEN +
322                                                        netTest_IP_HEADER_LEN +
323                                                        netTest_ESP_HEADER_LEN +
324                                                        netTest_AES_GCM_IV_LEN;
326         sa_info[i].iv_len=0;
327         sa_info[i].bl=4;
329         /* dynamic configuration, will  be calculated on the fly */
330         sa_info[i].tx_payload_info.authSize = 0;
331         sa_info[i].tx_payload_info.encSize = 0;
332         sa_info[i].tx_payload_info.pEncIV = 0;
334         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
335         sa_info[i].authMode = netTestCfg.sa[i].authMode;
336         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
337         sa_info[i].auth_tag_size = netTest_AES_GCM_CCM_ICV_LEN;
339         sa_info[i].tx_pkt_info.enetPort = 0;
340         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
341         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
342         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
343         sa_info[i].tx_pkt_info.startOffset = 0;
344         sa_info[i].tx_pkt_info.lpbackPass = 0;
345         sa_info[i].tx_pkt_info.ploadLen = 0;
346         sa_info[i].tx_pkt_info.pPkt = NULL;
347         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN + netTest_IP_HEADER_LEN;
348         sa_info[i].tx_pkt_info.saPayloadLen = 0;
349         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
350        
351         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
352                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
353                                          NWAL_TX_FLAG1_META_DATA_VALID;
355         sa_info[i].dir =netTestCfg.sa[i].dir;
356         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
357         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
358         sa_info[i].spi =tmp_spi;
359         sa_info[i].tunnel_id = tmp_tunnel;
361         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
362         {
363            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
364         }
365         else
366         {
367            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
368         }
369     }
370     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_NULL) &&
371              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_AES_CCM))
372     {
373         /* static configuration, will not change */
374         sa_info[i].tx_payload_info.aadSize = 0;
375         sa_info[i].tx_payload_info.pAad = NULL;
376         sa_info[i].tx_payload_info.pAuthIV = NULL;
377         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
378                                                 netTest_IP_HEADER_LEN;
380         sa_info[i].tx_payload_info.encOffset =         netTest_MAC_HEADER_LEN +
381                                                        netTest_IP_HEADER_LEN +
382                                                        netTest_ESP_HEADER_LEN +
383                                                        netTest_AES_CCM_IV_LEN;
385         sa_info[i].iv_len=0;
386         sa_info[i].bl=4;
388         /* dynamic configuration, will  be calculated on the fly */
389         sa_info[i].tx_payload_info.authSize = 0;
390         sa_info[i].tx_payload_info.encSize = 0;
391         sa_info[i].tx_payload_info.pEncIV = 0;
393         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
394         sa_info[i].authMode = netTestCfg.sa[i].authMode;
395         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
396         sa_info[i].auth_tag_size = netTest_AES_GCM_CCM_ICV_LEN;
398         sa_info[i].tx_pkt_info.enetPort = 0;
399         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
400         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
401         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
402         sa_info[i].tx_pkt_info.startOffset = 0;
403         sa_info[i].tx_pkt_info.lpbackPass = 0;
404         sa_info[i].tx_pkt_info.ploadLen = 0;
405         sa_info[i].tx_pkt_info.pPkt = NULL;
406         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
407         sa_info[i].tx_pkt_info.saPayloadLen = 0;
408         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
409        
410         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
411                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
412                                          NWAL_TX_FLAG1_META_DATA_VALID;
413         
414         sa_info[i].dir =netTestCfg.sa[i].dir;
415         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
416         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
417         sa_info[i].spi =tmp_spi;
418         sa_info[i].tunnel_id = tmp_tunnel;
420         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
421         {
422            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
423         }
424         else
425         {
426            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
427         }
428     }
429     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_AES_XCBC) &&
430              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_NULL))
431     {
432         /* static configuration, will not change */
433         sa_info[i].tx_payload_info.aadSize = 0;
434         sa_info[i].tx_payload_info.pAad = NULL;
435         sa_info[i].tx_payload_info.pAuthIV = NULL;
436         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
437                                                 netTest_IP_HEADER_LEN;
439         sa_info[i].tx_payload_info.encOffset =         netTest_MAC_HEADER_LEN +
440                                                        netTest_IP_HEADER_LEN +
441                                                        netTest_ESP_HEADER_LEN +
442                                                        netTest_NULL_IV_LEN;
444         sa_info[i].iv_len=0;
445         sa_info[i].bl=4;
447         /* dynamic configuration, will  be calculated on the fly */
448         sa_info[i].tx_payload_info.authSize = 0;
449         sa_info[i].tx_payload_info.encSize = 0;
450         //sa_info[i].tx_payload_info.ploadLen = 0;
451         sa_info[i].tx_payload_info.pEncIV = 0;
453         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
454         sa_info[i].authMode = netTestCfg.sa[i].authMode;
455         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
456         sa_info[i].auth_tag_size = netTest_ICV_LEN;
458         sa_info[i].tx_pkt_info.enetPort = 0;
459         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
460         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
461         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
462         sa_info[i].tx_pkt_info.startOffset = 0;
463         sa_info[i].tx_pkt_info.lpbackPass = 0;
464         sa_info[i].tx_pkt_info.ploadLen = 0;
465         sa_info[i].tx_pkt_info.pPkt = NULL;
466         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
467         sa_info[i].tx_pkt_info.saPayloadLen = 0;
468         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
469        
470         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
471                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM|
472                                          NWAL_TX_FLAG1_META_DATA_VALID;
473         
474         sa_info[i].dir =netTestCfg.sa[i].dir;
475         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
476         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
477         sa_info[i].spi =tmp_spi;
478         sa_info[i].tunnel_id = tmp_tunnel;
480         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
481         {
482            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
483         }
484         else
485         {
486            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
487         }
488     }
489     else if ((netTestCfg.sa[i].authMode== NWAL_SA_AALG_GMAC) &&
490              (netTestCfg.sa[i].cipherMode == NWAL_SA_EALG_NULL))
491     {
492         /* static configuration, will not change */
493         sa_info[i].tx_payload_info.aadSize = 0;
494         sa_info[i].tx_payload_info.pAad = NULL;
495         sa_info[i].tx_payload_info.pAuthIV = NULL;
496         sa_info[i].tx_payload_info.authOffset = netTest_MAC_HEADER_LEN +
497                                                 netTest_IP_HEADER_LEN;
499         sa_info[i].tx_payload_info.encOffset =         netTest_MAC_HEADER_LEN +
500                                                        netTest_IP_HEADER_LEN +
501                                                        netTest_ESP_HEADER_LEN +
502                                                        netTest_AES_GMAC_IV_LEN;
504         sa_info[i].iv_len=0;
505         sa_info[i].bl=4;
507         /* dynamic configuration, will  be calculated on the fly */
508         sa_info[i].tx_payload_info.authSize = 0;
509         sa_info[i].tx_payload_info.encSize = 0;
510         sa_info[i].tx_payload_info.pEncIV = 0;
511         sa_info[i].tx_payload_info.pAuthIV = 0;
513         sa_info[i].cipherMode = netTestCfg.sa[i].cipherMode;
514         sa_info[i].authMode = netTestCfg.sa[i].authMode;
515         sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
516         sa_info[i].auth_tag_size = netTest_AES_GMAC_ICV_LEN;
518         sa_info[i].tx_pkt_info.enetPort = 0;
519         sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
520         sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN;
521         sa_info[i].tx_pkt_info.l4OffBytes = sa_info[i].inner_ip_offset + netTest_IP_HEADER_LEN;
522         sa_info[i].tx_pkt_info.startOffset = 0;
523         sa_info[i].tx_pkt_info.lpbackPass = 0;
524         sa_info[i].tx_pkt_info.ploadLen = 0;
525         sa_info[i].tx_pkt_info.pPkt = NULL;
526         sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN  + netTest_IP_HEADER_LEN;
527         sa_info[i].tx_pkt_info.saPayloadLen = 0;
528         sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
529        
530         sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO |
531                                          NWAL_TX_FLAG1_DO_UDP_CHKSUM |
532                                          NWAL_TX_FLAG1_META_DATA_VALID;
533         
534         sa_info[i].dir =netTestCfg.sa[i].dir;
535         tmp_spi = netTest_utilHtonl((long)(netTestCfg.sa[i].spi));
536         tmp_tunnel = netTest_utilHtonl((long)(netTestCfg.tunnel_id[i]));
537         sa_info[i].spi =tmp_spi;
538         sa_info[i].tunnel_id = tmp_tunnel;
540         if (netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
541         {
542            trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
543         }
544         else
545         {
546            trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
547         }
548     }
549     else
550         netapi_Log("netTest_utilBuildSADB(): invalid encryption/authentication combination selected\n");
553 int netTest_utilCreateSecAssoc(void)
555     nwal_RetValue       nwalRetVal;
556     int err,i;
557     nwalSaIpSecId_t  nwalSaIpSecId;
558     uint32_t saId;
559     for (i=0; i < netTestCfg.num_sa;i++)
560     {
561         err = 0;
562         if(netTestCfg.sa[i].dir == NWAL_SA_DIR_INBOUND)
563         {
564             netTest_utilBuildSADB(i);
565             saId = i;
566             sa_info[i].rx_tunnel = netapi_secAddSA(
567             netapi_handle,
568             netTestCfg.ipsec_if_no, //iface #0 
569             &netTestCfg.sa[i],
570             &netTestCfg.key_params[i],
571             netTestCfg.ipsec_mode_rx == IPSEC_MODE_RX_SIDEBAND ? NETAPI_SEC_SA_SIDEBAND: NETAPI_SEC_SA_INFLOW,
572                 NULL,  //use default route 
573             &(sa_info[i].rx_data_mode_handle),
574             &(sa_info[i].rx_inflow_mode_handle),
575             (void*) saId,
576             &err);
577             if (err)
578             {
579                 netapi_Log("addRxSa failed %d\n",err);
580                 exit(1);
581             }
584             if (netTestCfg.ipsec_mode_rx == IPSEC_MODE_RX_INFLOW)
585             {
586                 //assume inner and outer ip is the same
587                 rx_policy[i]= netapi_secAddRxPolicy( netapi_handle,
588                              sa_info[i].rx_tunnel,  //link to tunnel above
589                              4,         //ipv4
590                              &netTestCfg.sa[i].src,
591                              &netTestCfg.sa[i].dst,
592                             NULL,  // no qualifiers
593                             NULL,  //default route
594                             NULL, //user_data
595                              &err);
596                 if (err)
597                 {
598                     netapi_Log("addSaPolicy failed  %d, for index %d\n",err,i); 
599                     exit(1);
600                 }
601             }
602             else
603             {
604                 rx_policy[i] = 0;
605             }
606         }
607         //tx SA security stuff
608         if(netTestCfg.sa[i].dir == NWAL_SA_DIR_OUTBOUND)
609         {
610             netTest_utilBuildSADB(i);
611             saId = i;
612             sa_info[i].tx_tunnel = netapi_secAddSA( netapi_handle,
613                  0, //iface #0 
614                  &netTestCfg.sa[i],
615                  &netTestCfg.key_params[i],
616                 netTestCfg.ipsec_mode_tx == IPSEC_MODE_TX_SIDEBAND ? NETAPI_SEC_SA_SIDEBAND: NETAPI_SEC_SA_INFLOW,
617                 NULL,  //use default route 
618                 &(sa_info[i].tx_data_mode_handle),
619                 &(sa_info[i].tx_inflow_mode_handle),
620                 (void*)saId,
621                 &err);
622             if (err) {netapi_Log("addTxSa failed %d\n",err); exit(1);}
623         }
624     }
628 void netTest_utilDeleteSecAssoc()
630     int err,i;
631     for (i=0; i < netTestCfg.num_sa;i++)
632     {
633         err = 0;
634         if(sa_info[i].dir == NWAL_SA_DIR_INBOUND)
635         {
636             if (rx_policy[i])
637                 netapi_secDelRxPolicy(netapi_handle, rx_policy[i], &err);
638             if (err == 0) netapi_Log("polcicy deleted  %d\n", i );
639                 //delete tunnels
640             netapi_secDelSA(netapi_handle, 0, sa_info[i].rx_tunnel, &err);
641         }
642         
643         if(sa_info[i].dir == NWAL_SA_DIR_OUTBOUND)
644         {
645             netapi_secDelSA(netapi_handle, 0, sa_info[i].tx_tunnel, &err);
646         }
647     }