summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1bcfe34)
raw | patch | inline | side by side (parent: 1bcfe34)
author | Tinku Mannan <tmannan@ti.com> | |
Thu, 31 Jan 2013 15:29:49 +0000 (10:29 -0500) | ||
committer | Tinku Mannan <tmannan@ti.com> | |
Thu, 31 Jan 2013 19:39:44 +0000 (14:39 -0500) |
12 files changed:
index b7a3e6c4ea97403fba92a71a3022f1d26aefc22b..2192be65ddbc517d4972987a7d054bdd72e55f38 100755 (executable)
#include "netapi_err.h"
#include "netapi_tune.h"
-//#include "ti/runtime/pktlib/pktlib_osal.h"
-//#include "ti/runtime/pktlib/pktlib.h"
#include "pktio.h"
-//#include "ti/drv/pa/pa.h"
#include "netcp_cfg.h"
#include "netapi_sec.h"
#include "netapi_sched.h"
-//#include "ti/drv/nwal/nwal.h"
#include "src/netapi_loc.h"
#include "hplib.h"
index 74d1e82d2718b408deb1ef56c0a406d2b770cb86..00b598c1e4f36936a6bc94db990f693ffa3969c7 100755 (executable)
* @ingroup cfg_security_structures
* @brief NETAPI SA Statistics
*
- * @details Pointer to this strucutre is passed in the call to netapi_getSaStats API. It will be popluated with the requested statistics.
- * Currently only IPSEC stats are valid.
+ * @details Pointer to this structure is passed in the call to netapi_getSaStats API. It will be popluated with the requested statistics.
*/
typedef struct NETAPI_SA_STATS_Tag
{
/**
* @def NETAPI_SIDEBAND_DATA_MODE_STAT_VALID
* @ingroup security_constants
- * Indicates to user application that IPSEC stats are valid for SIDEBAND mode
+ * Indicates to user application that IPSEC stats are valid for SIDEBAND mode
*/
#define NETAPI_SIDEBAND_DATA_MODE_STAT_VALID 0x0002
- Sa_IpsecStats_t saIpsecStats; /**< Structure containing IPSEC stats in INFLOW MODE*/
- Sa_DataModeStats_t dataModeStats; /**< Structure containing IPSEC stats in SIDEBAND MODE */
+ Sa_IpsecStats_t saIpsecStats; /**< Structure containing IPSEC stats for INFLOW MODE*/
+ Sa_DataModeStats_t dataModeStats; /**< Structure containing Data Mode stats for SIDEBAND MODE */
} NETAPI_SA_STATS_T;
index f75e2473816197da0a957e78272c511c240f610d..6238fdf81136ab0ff41bced2dcffa4663212fd4e 100755 (executable)
******************************************************************************
* FILE NAME: netcp_cfg.h
*
- * DESCRIPTION:netapi NETCP configuration API header file for user space transport library
+ * DESCRIPTION:netapi NETCP configuration API header file for user space transport library
*
* REVISION HISTORY:
*
NETCP_CFG_FLOW_HANDLE_T p ,
int * err);
-/**
- * @ingroup cfg_functions
- * @brief netcp_cfgDelMac API to delete MAC interface
- *
- * @details This api is used to delete a MAC interface
- * @param[in] h NETAPI instance handle, @ref NETAPI_T
- * @param[in] iface_no interface number (0,1,..)
- * @param[out] err pointer to error return
- * @retval returned AppID for attached rule. This is returned in RX meta data for packets matching this rule and no other, @ref NETCP_CFG_IP_T
- * @pre @ref netapi_init , @ref netcp_cfgCreateMacInterface
- */
-void netcp_cfgDelMac(NETAPI_T h,int iface_no, int *err);
-
-
-
/**
* @ingroup cfg_functions
* @brief API attaches an IP address and qualifier to a MAC interface
int * err
);
+/**
+ * @ingroup cfg_functions
+ * @brief netcp_cfgDelMac API to delete MAC interface
+ *
+ * @details This api is used to delete a MAC interface
+ * @param[in] h NETAPI instance handle, @ref NETAPI_T
+ * @param[in] iface_no interface number (0,1,..)
+ * @param[out] err pointer to error return
+ * @retval returned AppID for attached rule. This is returned in RX meta data for packets matching this rule and no other, @ref NETCP_CFG_IP_T
+ * @pre @ref netapi_init , @ref netcp_cfgCreateMacInterface
+ */
+void netcp_cfgDelMac(NETAPI_T h,int iface_no, int *err);
+
/**
* @brief This defines handle to installed classifier returned by API. Pkts matching this classifier will have meta data with this tag.
* Also used to delete classifier
*/
-typedef uint32_t NETCP_CFG_CLASS_T;
+typedef uint32_t NETCP_CFG_CLASS_T;
/**
index e0db4daf4d015951bac357301ae840e4aa2e1ef6..ea5cb25bf00cbdf1b64a8b5d81bd4a97e22673ac 100755 (executable)
#include <sys/resource.h>
#include "net_test.h"
#include <ti/drv/sa/salld.h>
-#include "ti/drv/nwal/nwal_util.h"
index 57b5ae58807af0e5c3b96e7a71856b94def6d1b6..c0128ff641f51db3378e75f01714f412588e993f 100755 (executable)
export NETAPI_INSTALL_PATH ?= $(TRANS_SDK_INSTALL_PATH)
TRIE_OBJS=$(ARMV7OBJDIR)/netapi/test/trie.o
-NT_OBJS= $(ARMV7OBJDIR)/netapi/test/net_test.o $(ARMV7OBJDIR)/netapi/test/stubs.o
-NTSA_OBJS= $(ARMV7OBJDIR)/netapi/test/addsa_test.o $(ARMV7OBJDIR)/netapi/test/stubs.o
-NTMT_OBJS= $(ARMV7OBJDIR)/netapi/test/mt_test.o $(ARMV7OBJDIR)/netapi/test/stubs.o
+NT_OBJS= $(ARMV7OBJDIR)/netapi/test/net_test.o $(ARMV7OBJDIR)/netapi/test/stubs.o $(ARMV7OBJDIR)/netapi/test/net_test_util.o
NTB_OBJS= $(ARMV7OBJDIR)/netapi/test/nt_bridge.o $(ARMV7OBJDIR)/netapi/test/stubs.o
# INCLUDE Directories
all: tests
-tests: $(ARMV7BINDIR)/netapi/test/.created $(ARMV7BINDIR)/netapi/test/net_test $(ARMV7BINDIR)/netapi/test/addsa_test $(ARMV7BINDIR)/netapi/test/mt_test
+tests: $(ARMV7BINDIR)/netapi/test/.created $(ARMV7BINDIR)/netapi/test/net_test
api_clean:
rm -f $(ARMV7OBJDIR)/netapi/test/*.o
rm -f $(ARMV7LIBDIR)/libnetapi.a
rm -f $(ARMV7BINDIR)/netapi/test/net_test
- rm -f $(ARMV7BINDIR)/netapi/test/addsa_test
- rm -f $(ARMV7BINDIR)/netapi/test/mt_test
$(ARMV7OBJDIR)/netapi/test/%.o:$(NETAPI_INC_DIR)/test/%.c $(ARMV7OBJDIR)/netapi/test/.created
$(ARMV7BINDIR)/netapi/test/nt_bridge: $(NTB_OBJS) $(TRIE_OBJS) $(ARMV7LIBDIR)/libnetapi.a
$(CC) $(LDFLAGS) $(NTB_OBJS) $(TRIE_OBJS) $(INTERNALLINKDEFS) -o $(ARMV7BINDIR)/netapi/test/nt_bridge
-
-$(ARMV7BINDIR)/netapi/test/addsa_test: $(NTSA_OBJS) $(TRIE_OBJS) $(ARMV7LIBDIR)/libnetapi.a
- $(CC) $(LDFLAGS) $(NTSA_OBJS) $(TRIE_OBJS) $(INTERNALLINKDEFS) -o $(ARMV7BINDIR)/netapi/test/addsa_test
-
-$(ARMV7BINDIR)/netapi/test/mt_test: $(NTMT_OBJS) $(TRIE_OBJS) $(ARMV7LIBDIR)/libnetapi.a
- $(CC) $(LDFLAGS) $(NTMT_OBJS) $(TRIE_OBJS) $(INTERNALLINKDEFS) -o $(ARMV7BINDIR)/netapi/test/mt_test
-
index 2f2e0f89f46d9f679f8846292d93ccc21c2218ac..fa2eb9ee67119f6bc72e26a2805084a0ec9dea48 100755 (executable)
#include <sys/resource.h>
#include "net_test.h"
#include <ti/drv/sa/salld.h>
-#include "ti/drv/nwal/nwal_util.h"
index 9b98f8ecb52c59e6cf704685f634730edbbfd55e..3b8441eca1f9229315e2bc5c6c29bd55a9ea983b 100755 (executable)
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*****************************************/
-//#define NET_TEST_ENABLE_SIDE_BAND_LOW_LEVEL_API
-#ifdef NET_TEST_ENABLE_SIDE_BAND_LOW_LEVEL_API
-#define NWAL_ENABLE_SA
-#endif
-#define AH_SUPPORT
-#define NET_TEST_ENABLE_INFLOW_LOW_LEVEL_API
-#ifdef NET_TEST_ENABLE_INFLOW_LOW_LEVEL_API
-#define NWAL_ENABLE_SA
-#endif
-//define this for multi-thread
-#define MULTI_THREAD
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <signal.h>
#include <pthread.h>
+#include "net_test.h"
#include "trie.h"
#include "string.h"
-#include "netapi.h"
-#include "pktio.h"
+
#include <sys/resource.h>
-#include "net_test.h"
+
#include <ti/drv/sa/salld.h>
#include <ti/drv/pa/pa.h>
+#include "net_test_util.h"
+
+extern int QUIT;
+
+/* Global definitions */
+#ifdef MULTI_THREAD
+ cpu_set_t cpu_set;
+#endif
+
+netTestConfig_t netTestCfg;
+static netTestConfigFile_t config_file;
+
+char input_file_name[] = "net_test_config.txt";
+
+nwal_RetValue nwalRetVal;
+Pktlib_HeapHandle ourHeap;
+Pktlib_HeapHandle specialSmall;
+Pktlib_HeapHandle specialLarge;
+
+PKTIO_HANDLE_T *our_chan;
+PKTIO_HANDLE_T *netcp_rx_chan;
+PKTIO_HANDLE_T *netcp_rx_chan2;
+PKTIO_HANDLE_T *netcp_tx_chan;
+PKTIO_HANDLE_T *netcp_sb_tx_chan;
+PKTIO_HANDLE_T *netcp_sb_rx_chan;
+PKTIO_CFG_T our_chan_cfg={PKTIO_RX_TX, PKTIO_LOCAL, PKTIO_Q_ANY, 8};
+PKTIO_CFG_T netcp_rx_cfg={PKTIO_RX, PKTIO_NA, PKTIO_NA, 8};
+PKTIO_CFG_T netcp_rx_cfg2={PKTIO_RX, (PKTIO_GLOBAL|PKTIO_PKT), PKTIO_Q_ANY, 8};
+PKTIO_CFG_T netcp_tx_cfg={PKTIO_TX, PKTIO_NA, PKTIO_NA, 8};
+PKTIO_CFG_T netcp_sb_rx_cfg={PKTIO_RX, PKTIO_NA, PKTIO_NA, 8};
+PKTIO_CFG_T netcp_sb_tx_cfg={PKTIO_TX, PKTIO_NA, PKTIO_NA, 8};
+
+NETCP_CFG_EXCEPTION_PKT_T expPkt_appid;
+static hplib_spinLock_T stats_lock;
+
+Trie * P_trie;
+Trie *p_trie_sa_rx;
+Trie *p_trie_sa_tx;
+
//#define EXPERIMENTAL
#ifdef EXPERIMENTAL
#include "router.c"
Trie * our_router;
-
-
OUR_ROUTE_T routes[MAX_ROUTES]=
{
{0,{0xD4,0xbe,0xd9,0x00,0xd3,0x7e, 0x00,0x01,0x02,0x03,0x14,0x02,0x08,0x00},0},
{0,{0xd4,0xbe,0xd9,0x00,0xd3,0x7e, 0x00,0x01,0x02,0x03,0x04,0x05,0x08,0x00},0}};
unsigned int ip[MAX_ROUTES]={BE(0x0a0100c8),BE(0x0a00000a),BE(0x0a02000a),BE(0xc0a8010a),BE(0x9eda6719)};
-
-#endif
-
-#ifdef MULTI_THREAD
- //__thread int our_core;
-
- cpu_set_t cpu_set;
#endif
-NETCP_CFG_EXCEPTION_PKT_T expPkt_appid;
-hplib_spinLock_T stats_lock;
-
-//#define TEST_TIMERS
-static int scnt=0;
-static int QUIT=0;
-void mysig(int x)
-{
- QUIT=1;
- scnt+=1;
- printf(">net_test: recv'd signal %d cnt=%d\n",x,scnt);
- if (scnt > 10) {printf(">net_test: WARNING EXITING WITH PROPER SHUTDOWN, LUTS LEFT ACTIVE\n");exit(1);}
-
-}
-
static unsigned char all_mac[]={0,0,0,0,0,0};
-/*************debug********************/
-void dump_descr(unsigned long *p, int n)
-{
- printf("--------dump of descriptor %d %x\n", n, (int) p);
- printf("> %x %x %x %x %x %x %x %x\n",p[0],p[1],p[2],p[3],p[4],p[5],p[6],p[7]);
- printf("> %x %x %x %x %x %x %x %x\n",p[8],p[9],p[10],p[11],p[12],p[13],p[14],p[15]);
- printf("-----------------------------\n");
-}
-void dump_header(unsigned long *p, int n, int a, int r)
-{
- printf("--------dump of header %d %x appID=%x flag1=%x\n", n, (int) p,a,r);
- printf("> %x %x %x %x %x %x %x %x\n",p[0],p[1],p[2],p[3],p[4],p[5],p[6],p[7]);
- printf("> %x %x %x %x %x %x %x %x\n",p[8],p[9],p[10],p[11],p[12],p[13],p[14],p[15]);
- printf("> %x %x %x %x %x %x %x %x\n",p[16],p[17],p[18],p[19],p[20],p[21],p[22],p[23]);
- printf("> %x %x %x %x %x %x %x %x\n",p[24],p[25],p[26],p[27],p[28],p[29],p[30],p[31]);
- printf("-----------------------------\n");
-}
-
-static void netapi_dump_buf
-(
- unsigned long * buf,
- uint32_t buf_length
-)
-{
- uint8_t count = 0;
- uint16_t dump_size;
- uint8_t* tmp_buf;
- uint8_t row_count;
- static uint8_t first = 0;
-
- //if(first > 2) return;
-
- //first++;
-
- dump_size = buf_length ;
-
- tmp_buf = (uint8_t *)(buf);
-
- printf("netapi *: - 8 bit word hex Length: %d Start \n",buf_length);
- do
- {
- row_count = (dump_size - count);
-
- if(row_count == 0)
- {
- break;
- }
-
- if(row_count > 4)
- {
- row_count = 4;
- }
-
- switch (row_count)
- {
- case 4:
- {
- printf("netapi *:%02d : %02x %02x %02x %02x \n",
- count,tmp_buf[0],tmp_buf[1],tmp_buf[2],tmp_buf[3]);
- break;
- }
- case 3:
- {
- printf("netapi *: %02d : %02x %02x %02x \n",
- count,tmp_buf[0],tmp_buf[1],tmp_buf[2]);
- break;
- }
-
- case 2:
- {
- printf("netapi *: %02d : %02x %02x \n",
- count,tmp_buf[0],tmp_buf[1]);
- break;
- }
-
- case 1:
- {
- printf("netapi *: %02d : %02x \n",
- count,tmp_buf[0]);
- break;
- }
-
- default:
- {
- /* Should never reach here */
- printf("netapi *: Internal Error in netapi_dump_buf().Row Count: %d \n",
- row_count);
- return;
- }
- }
-
- tmp_buf = tmp_buf + row_count;
- count = count + row_count;
-
- }while(count < dump_size);
-
- printf("netapi *: - Byte hex Dump End \n");
-
-}
-
-
-/*****************************************/
//************for multi pkt burst xfer test in loopback mode
#define TX_BURST 700
int pktloopback=TUNE_NETAPI_NWAL_ENABLE_PASS_LOOPBACK;
nwalTxPSCmdInfo_t flowPSCmdInfo;
-nwal_RetValue nwalRetVal;
+
/* Local Per Process default resourcese maintained at NWAL */
-nwalLocCxtInfo_t nwalLocCxt;
+//nwalLocCxtInfo_t nwalLocCxt;
//this device: 10.0.0.100, mac 0x,01,02,03,04,05 and .. 0x6
};
-char input_file_name[] = "net_test_config.txt";
-#define MAX_LINE_LENGTH 256
-
#define TEST_PAYLOAD_LEN 80
#define TEST_PKT_IP_OFFSET_BYTES 14
uint64_t ts );
-//#include "arpa/inet.h"
-long htonl(long x)
-{
- long temp = (x&0xff000000)>>24 | (x&0xff0000)>>8 | (x&0xff00)<<8 | (x&0xff)<<24 ;
- return temp;
-}
-
-
-unsigned long peek(unsigned long * p)
-{
- return *p;
-}
-
-
-/********************************************************************
- * FUNCTION PURPOSE: Ones complement addition utility
- ********************************************************************
- ********************************************************************/
-uint16_t test_utilOnesComplementAdd (uint16_t v1, uint16_t v2)
-{
- uint32_t result;
-
- result = (uint32_t)v1 + (uint32_t)v2;
- result = (result >> 16) + (result & 0xffff);
- result = (result >> 16) + (result & 0xffff);
-
- return ((uint16_t)result);
-}
-
-/********************************************************************
- * FUNCTION PURPOSE: Ones complement checksum utility
- ********************************************************************
- ********************************************************************/
- uint16_t test_utilOnesCompChkSum (uint8_t *p, uint32_t nwords)
-{
- uint16_t chksum = 0;
- uint16_t v;
- uint32_t i;
- uint32_t j;
-
- for (i = j = 0; i < nwords; i++, j+=2) {
- v = (p[j] << 8) | p[j+1];
- chksum = test_utilOnesComplementAdd (chksum, v);
- }
- return (chksum);
-} /* utilOnesCompChkSum */
-
-/**************************************************************************************
- * FUNCTION PURPOSE: Compute ipv4 psudo checksum
- **************************************************************************************
- * DESCRIPTION: Compute ipv4 psudo checksum
- **************************************************************************************/
-uint16_t test_utilGetIpv4PsudoChkSum (uint8_t *data, uint16_t payloadLen)
-{
- uint16_t psudo_chksum;
-
- psudo_chksum = test_utilOnesCompChkSum (&data[12], 4);
- psudo_chksum = test_utilOnesComplementAdd(psudo_chksum, (uint16_t) data[9]);
- psudo_chksum = test_utilOnesComplementAdd(psudo_chksum, payloadLen);
-
- return (psudo_chksum);
-
-} /* utilGetIpv4PsudoChkSum */
-
-
-
+#if 0
/* net test default configuration */
netTestConfig_t config =
{
- {0x00,0x01,0x02,0x03,0x05,0x05},
- {0x00,0x01,0x02,0x03,0x05,0x06},
+ {
+ {0x00,0x01,0x02,0x03,0x05,0x05},
+ {0x00,0x01,0x02,0x03,0x05,0x06}
+ },
+ 0,0,
+ {
+ {0x00,0x01,0x02,0x03,0x05,0x05},
+ {0x00,0x01,0x02,0x03,0x05,0x06}
+ },
{10, 0, 0, 100, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
{10, 0, 1, 100, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
{10, 0, 2, 100, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF,
0x30, 0x31, 0x32, 0x33 }
};
+#endif
#if 1 //goes with real tx (to laptop)
unsigned char real_mac_header[]={0xd4,0xbe,0xd9,0x00,0xd3,0x7e,
STATS_T stats[TUNE_NETAPI_NUM_CORES];
paSysStats_t netcp_stats;
-Trie * P_trie;
-Trie *p_trie_sa;
+
HEAD_T pkts[NP];
#define PERSLOW 10 //% of pkts that will not be fastpath'd
int perslow= PERSLOW;
256 //extra room
};
-Pktlib_HeapHandle ourHeap;
-Pktlib_HeapHandle specialSmall;
-Pktlib_HeapHandle specialLarge;
-PKTIO_HANDLE_T *our_chan;
-PKTIO_HANDLE_T *netcp_rx_chan;
-PKTIO_HANDLE_T *netcp_rx_chan2;
-PKTIO_HANDLE_T *netcp_tx_chan;
-PKTIO_HANDLE_T *netcp_sb_tx_chan;
-PKTIO_HANDLE_T *netcp_sb_rx_chan;
-PKTIO_CFG_T our_chan_cfg={PKTIO_RX_TX, PKTIO_LOCAL, PKTIO_Q_ANY, 8};
-PKTIO_CFG_T netcp_rx_cfg={PKTIO_RX, PKTIO_NA, PKTIO_NA, 8};
-PKTIO_CFG_T netcp_rx_cfg2={PKTIO_RX, (PKTIO_GLOBAL|PKTIO_PKT), PKTIO_Q_ANY, 8};
-PKTIO_CFG_T netcp_tx_cfg={PKTIO_TX, PKTIO_NA, PKTIO_NA, 8};
-PKTIO_CFG_T netcp_sb_rx_cfg={PKTIO_RX, PKTIO_NA, PKTIO_NA, 8};
-PKTIO_CFG_T netcp_sb_tx_cfg={PKTIO_TX, PKTIO_NA, PKTIO_NA, 8};
void house(NETAPI_SCHED_HANDLE_T *s);
NETAPI_T netapi_handle;
PKTIO_CONTROL_T zap_channel_control={PKTIO_CLEAR, NULL};
/* security objects. (for loopback mode) */
-netTestSA_t sa_info[8];
+netTestSA_t sa_info[MAX_SEC_INDEX];
int netapi_algorithm_set = 0;
int netapi_sec_sa_mode = 2;
-NETCP_CFG_IPSEC_POLICY_T rx_policy[7];
-
-
-
-NETAPI_SEC_SA_INFO_T rx_sa [8] = {
-{
- NWAL_SA_DIR_INBOUND,
- 0x11111111, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_HMAC_SHA1,
- NWAL_SA_EALG_AES_CBC,
- 0,0 //na
-},
-{
- NWAL_SA_DIR_INBOUND,
- 0x22222222, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_HMAC_SHA2_256,
- NWAL_SA_EALG_AES_CTR,
- 0,0 //na
-},
-{
- NWAL_SA_DIR_INBOUND,
- 0x33333333, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_HMAC_SHA2_256,
- NWAL_SA_EALG_3DES_CBC,
- 0,0 //na
-},
-{
- NWAL_SA_DIR_INBOUND,
- 0x44444444, //spi
- nwal_IpSecProtoAH, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_HMAC_MD5,
- NWAL_SA_EALG_NULL,
- 0,0 //na
-},
-{
- NWAL_SA_DIR_INBOUND,
- 0x55555555, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_NULL,
- NWAL_SA_EALG_AES_GCM,
- 0,0 //na
-},
-{
- NWAL_SA_DIR_INBOUND,
- 0x66666666, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_NULL,
- NWAL_SA_EALG_AES_CCM,
- 0,0 //na
-},
-{
- NWAL_SA_DIR_INBOUND,
- 0x77777777, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_AES_XCBC,
- NWAL_SA_EALG_NULL,
- 0,0 //na
-},
-{
- NWAL_SA_DIR_INBOUND,
- 0x88888888, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_GMAC,
- NWAL_SA_EALG_NULL,
- 0,0 //na
-}
-};
-
-/*tx */
-NETAPI_SEC_SA_INFO_T tx_sa[8]= {
-{
- NWAL_SA_DIR_OUTBOUND,
- 0x11111111, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (us) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (them) -> set below*/
- 64, /* NA replayWindow */
- NWAL_SA_AALG_HMAC_SHA1,
- NWAL_SA_EALG_AES_CBC,
- 0,0 //seq no
-},
- {
- NWAL_SA_DIR_OUTBOUND,
- 0x22222222, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (us) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (them) -> set below*/
- 64, /* NA replayWindow */
- NWAL_SA_AALG_HMAC_SHA2_256,
- NWAL_SA_EALG_AES_CTR,
- 0,0 //seq no
-},
-{
- NWAL_SA_DIR_OUTBOUND,
- 0x33333333, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (us) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (them) -> set below*/
- 64, /* NA replayWindow */
- NWAL_SA_AALG_HMAC_SHA2_256,
- NWAL_SA_EALG_3DES_CBC,
- 0,0 //seq no
-},
-{
- NWAL_SA_DIR_OUTBOUND,
- 0x44444444, //spi
- nwal_IpSecProtoAH, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (us) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (them) -> set below*/
- 64, /* NA replayWindow */
- NWAL_SA_AALG_HMAC_MD5,
- NWAL_SA_EALG_NULL,
-},
-{
- NWAL_SA_DIR_OUTBOUND,
- 0x55555555, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_NULL,
- NWAL_SA_EALG_AES_GCM,
- 0,0 //na
-},
-{
- NWAL_SA_DIR_OUTBOUND,
- 0x66666666, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_NULL,
- NWAL_SA_EALG_AES_CCM,
- 0,0 //na
-},
-{
- NWAL_SA_DIR_OUTBOUND,
- 0x77777777, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_AES_XCBC,
- NWAL_SA_EALG_NULL,
- 0,0 //na
-},
-{
- NWAL_SA_DIR_OUTBOUND,
- 0x88888888, //spi
- nwal_IpSecProtoESP, //ESP mode
- nwal_SA_MODE_TUNNEL, //tunnel mode
- nwal_IPV4, //v4
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* Src IP (them) -> set below */
- { 1, 2, 3, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }, /* dst IP (us)-> set below*/
- 64,/* replayWindow */
- NWAL_SA_AALG_GMAC,
- NWAL_SA_EALG_NULL,
- 0,0 //na
-}
-};
-
-
-static nwalSecKeyParams_t ourTXKeyParams[8] ={
-{
- 32, /* encKeySize: CTR 16 bytes Encryption Key and 4 bytes Salt : 24 bytes:NWAL_SA_EALG_3DES_CBC and 0 bytes Salt*/
- 20, /* macKeySize: 16 bytes NWAL_SA_AALG_HMAC_SHA1 */
- NULL, //set below
- NULL, //set below
-},
-{
- 20, /* encKeySize: CTR 16 bytes Encryption Key and 4 bytes Salt : 24 bytes:NWAL_SA_EALG_AES_CTR and 0 bytes Salt*/
- 32, /* macKeySize: 16 bytes NWAL_SA_AALG_HMAC_SHA2_256 */
- NULL, //set below
- NULL, //set below
-},
-{
- 24, /* encKeySize: DES-CBC: 24 bytes:NWAL_SA_EALG_3DES_CBC and 0 bytes Salt*/
- 32, /* macKeySize: 16 bytes NWAL_SA_AALG_HMAC_SHA2_256 */
- NULL, //set below
- NULL, //set below
-},
-{
- 0, /* NULL*/
- 16, /* MD5, 16 bytes */
- NULL, //set below
- NULL, //set below
-},
-{
- 20, /* encKeySize: GCM 16 bytes Encryption Key and 4 bytes Salt */
- 0, /* macKeySize: 0*/
- NULL, //set below
- NULL, //set below
-},
-{
- 19, /* encKeySize: CTR 16 bytes Encryption Key and 3 bytes Salt : 24 bytes:NWAL_SA_EALG_AES_CTR and 0 bytes Salt*/
- 0, /* macKeySize 0*/
- NULL, //set below
- NULL, //set below
-},
-{
- 0, /* encKeySize: CTR 16 bytes Encryption Key and 3 bytes Salt : 24 bytes:NWAL_SA_EALG_AES_CTR and 0 bytes Salt*/
- 16, /* macKeySize 0*/
- NULL, //set below
- NULL, //set below
-},
-{
- 0, /* encKeySize: GMAC 16 bytes Encryption Key and4 bytes Salt : 24 bytes:NWAL_SA_EALG_AES_CTR and 0 bytes Salt*/
- 20, /* macKeySize 0*/
- NULL, //set below
- NULL, //set below
-}
-};
+NETCP_CFG_IPSEC_POLICY_T rx_policy[MAX_SEC_INDEX];
-/* these keys are for aes-ctr and hmac sha2_256 */
-static nwalSecKeyParams_t ourRXKeyParams[8] ={
-{
- 32, /* encKeySize: CTR 16 bytes Encryption Key and 4 bytes Salt : 24 bytes:NWAL_SA_EALG_3DES_CBC and 0 bytes Salt*/
- 20, /* macKeySize: 16 bytes NWAL_SA_AALG_HMAC_SHA1 */
- NULL, //set below
- NULL, //set below
-},
-{
- 20, /* encKeySize: CTR 16 bytes Encryption Key and 4 bytes Salt */
- 32, /* macKeySize: 16 bytes NWAL_SA_AALG_HMAC_SHA2_256 */
- NULL, //set below
- NULL, //set below
-},
-{
- 24, /* encKeySize: DES-CBC: 24 bytes:NWAL_SA_EALG_3DES_CBC and 0 bytes Salt*/
- 32, /* macKeySize: 16 bytes NWAL_SA_AALG_HMAC_SHA2_256 */
- NULL, //set below
- NULL, //set below
-},
-{
- 0, /* NWAL_SA_EALG_NULL*/
- 16, /* NWAL_SA_AALG_HMAC_MD5, 16 bytes */
- NULL, //set below
- NULL, //set below
-},
-{
- 20, /* encKeySize: GCM 16 bytes Encryption Key and 4 bytes Salt */
- 0, /* macKeySize: 0*/
- NULL, //set below
- NULL, //set below
-},
-{
- 19, /* encKeySize: CTR 16 bytes Encryption Key and 3 bytes Salt t*/
- 0, /* macKeySize 0*/
- NULL, //set below
- NULL, //set below
-},
-{
- 0, /* encKeySize: CTR 16 bytes Encryption Key and 3 bytes Salt : 24 bytes:NWAL_SA_EALG_AES_CTR and 0 bytes Salt*/
- 16, /* macKeySize 0*/
- NULL, //set below
- NULL, //set below
-},
-{
- 0, /* encKeySize: GMAC 16 bytes Encryption Key and 3 bytes Salt : 24 bytes:NWAL_SA_EALG_AES_CTR and 0 bytes Salt*/
- 20, /* macKeySize 0*/
- NULL, //set below
- NULL, //set below
-}
-};
#if 0
@@ -1175,10 +682,13 @@ void flip_and_send_pkt(Ti_Pkt *tip, unsigned char * p_pkt, int len, int flag, u
uint8_t *p_spi;
netTestSA_t * p_sa_info;
+ netTestSA_t *p_sa_info_tx;
uint8_t p_iv[16];
uint8_t p_add[8];
Cppi_HostDesc* pPloadDesc;
uint8_t ah_len;
+ uint32_t tunnel_id;
+ nwalLocCxtInfo_t nwalLocCxt;
#ifdef AH_SUPPORT
HEAD_T * p_head;
HEAD_T temp_head;
{
p_spi = &(p_pkt[netTest_MAC_HEADER_LEN+netTest_IP_HEADER_LEN + 4]);
pkt_type = IPSEC_AH_PKT;
- printf("flip_and_send_pkt: IPSEC AH packet received\n");
}
else if ((p_head->ip[2]&0x0000ff00)==0x00003200)
{
p_spi = &(p_pkt[netTest_MAC_HEADER_LEN+netTest_IP_HEADER_LEN]);
pkt_type = IPSEC_ESP_PKT;
-
- printf("flip_and_send_pkt: IPSEC ESP packet received\n");
-
}
else
{
}
#endif
- //p_spi = &(p_pkt[netTest_MAC_HEADER_LEN+netTest_IP_HEADER_LEN + 4]);
- p_sa_info = (netTestSA_t *) trie_lookup(p_trie_sa, (char *)p_spi ,4);
+#if 1
+ //p_sa_info = (netTestSA_t *) trie_lookup(p_trie_sa_tx, (char *)p_spi ,4);
+ p_sa_info = (netTestSA_t *) trie_lookup(p_trie_sa_rx, (char *)p_spi ,4);
+#endif
if (p_sa_info == NULL)
{
printf("flip_and_send_pkt(): trie_lookup() failed\n");
Pktlib_freePacket(tip);
return;
}
+
+#if 1
+ tunnel_id = p_sa_info->tunnel_id;
+ p_sa_info_tx = (netTestSA_t *) trie_lookup(p_trie_sa_tx, (char *)&tunnel_id ,4);
+ if (p_sa_info_tx == NULL)
+ {
+ printf("flip_and_send_pkt(): trie_lookup() failed\n");
+ Pktlib_freePacket(tip);
+ return;
+ }
+#endif
+
//just drop non-udp packet
if (p_pkt[p_sa_info->tx_payload_info.encOffset+9]!=0x11)
{
}
/* flip inner IP */
- printf("flip_and_send_pkt: encOffSet %d\n", p_sa_info->tx_payload_info.encOffset);
memcpy(&ip_temp, &p_pkt[p_sa_info->tx_payload_info.encOffset+12],4);
memcpy(&p_pkt[p_sa_info->tx_payload_info.encOffset+12],&p_pkt[p_sa_info->tx_payload_info.encOffset+12+4],4);
memcpy(&p_pkt[p_sa_info->tx_payload_info.encOffset+12+4],&ip_temp,4);
memcpy(&p_pkt[p_sa_info->tx_payload_info.encOffset+20+2],&new_dest_port[0],2);
memset(&p_pkt[p_sa_info->tx_payload_info.encOffset+20+6],0,2); //checksum
- if (config.ipsec_mode_tx == IPSEC_MODE_TX_SIDEBAND)
+
+#if tmannan
+ /* this code may break everything for now */
+ memcpy(&p_pkt[14+20],&p_sa_info_tx->spi,4);
+
+#endif
+
+
+
+ if (netTestCfg.ipsec_mode_tx == IPSEC_MODE_TX_SIDEBAND)
{
/* inner ip checksum : leave alone */
/* outer ip, set to 0 (we will compute on way out */
/*IPSEC case */
if (flag)
{
- if (config.ipsec_mode_tx == IPSEC_MODE_TX_SIDEBAND)
+ if (netTestCfg.ipsec_mode_tx == IPSEC_MODE_TX_SIDEBAND)
//send to crypto for encryption
//12 byte auth tag
{
PKTIO_METADATA_T meta = {PKTIO_META_SB_TX,{0},0};
int err;
nwalDmTxPayloadInfo_t meta_tx={0};
- meta.sa_handle=p_sa_info->tx_data_mode_handle; //use TX SA context
-
+ meta.sa_handle=p_sa_info_tx->tx_data_mode_handle; //use TX SA context
+
memcpy(&meta_tx, &(p_sa_info->tx_payload_info), sizeof(nwalDmTxPayloadInfo_t));
-
+ meta_tx.appCtxId = (nwal_AppId)p_sa_info_tx;
meta_tx.encSize = len - p_sa_info->tx_payload_info.encOffset -p_sa_info->auth_tag_size;
meta_tx.authSize = len - meta_tx.authOffset - p_sa_info->auth_tag_size;
meta_tx.pAad=NULL;
if (p_sa_info->cipherMode == NWAL_SA_EALG_AES_CTR)
{
- //memcpy(&p_iv[0], &ourEncrKey[16], 4);
- memcpy(&p_iv[0], &config.encr_key[16], 4);
+ memcpy(&p_iv[0], &p_sa_info->key_params->pEncKey[16], 4);
memcpy(&p_iv[4], &p_pkt[netTest_MAC_HEADER_LEN +netTest_IP_HEADER_LEN + netTest_ESP_HEADER_LEN], 8);
p_iv[12] = 0;
p_iv[13] = 0;
//meta_tx.authIvSize=0;
/* post it to netcp sb tx channel*/
- meta_tx.appCtxId = (nwal_AppId)hplib_mUtilGetPmuCCNT();
+ //meta_tx.appCtxId = (nwal_AppId)hplib_mUtilGetPmuCCNT();
meta.u.tx_sb_meta=&meta_tx;
#ifdef NET_TEST_ENABLE_SIDE_BAND_LOW_LEVEL_API
&nwalLocCxt);
if(nwalRetVal == nwal_OK)
{
- p_sa_info->tx_dmPSCmdInfo.rxSbSaQ = nwalLocCxt.rxSbSaQ;
+ p_sa_info_tx->tx_dmPSCmdInfo.rxSbSaQ = nwalLocCxt.rxSbSaQ;
}
nwal_mCmdDMUpdate(tip,
- &p_sa_info->tx_dmPSCmdInfo,
+ &p_sa_info_tx->tx_dmPSCmdInfo,
meta_tx.appCtxId,
meta_tx.encOffset,
meta_tx.encSize,
meta_tx.pAad);
pPloadDesc = Pktlib_getDescFromPacket(tip);
pPloadDesc = Qmss_osalConvertDescVirtToPhy(pPloadDesc);
- Qmss_queuePushDescSizeRaw(p_sa_info->tx_dmPSCmdInfo.txQueue,
+ Qmss_queuePushDescSizeRaw(p_sa_info_tx->tx_dmPSCmdInfo.txQueue,
pPloadDesc,
NWAL_DESC_SIZE);
}
#endif
- meta.sa_handle=p_sa_info->tx_inflow_mode_handle; //this tells netapi that inflow crypto needs to be applied
+ meta.sa_handle=p_sa_info_tx->tx_inflow_mode_handle; //this tells netapi that inflow crypto needs to be applied
meta_tx.startOffset = p_sa_info->tx_pkt_info.startOffset;
meta_tx.ipOffBytes =p_sa_info->tx_payload_info.encOffset;
meta_tx.l4OffBytes = p_sa_info->tx_pkt_info.l4OffBytes;
meta_tx.saPayloadLen=len-netTest_MAC_HEADER_LEN; //don't inlcude mac
meta_tx.saAhMacSize = 12;
meta_tx.saAhIcvOffBytes = netTest_MAC_HEADER_LEN + netTest_IP_HEADER_LEN + netTest_IPSEC_AH_FIXED_HDR_SIZE;
- printf("flip_and_send_pkt: enet_port %d\n", enet_port);
+
meta_tx.enetPort = enet_port;
+ memcpy(&p_pkt[netTest_MAC_HEADER_LEN+netTest_IP_HEADER_LEN+4],&p_sa_info_tx->spi,4);
}
else if (pkt_type == IPSEC_ESP_PKT)
{
meta_tx.txFlag1 = p_sa_info->tx_pkt_info.txFlag1;
meta_tx.saPayloadLen=len-netTest_MAC_HEADER_LEN-netTest_IP_HEADER_LEN; //don't include mac and ip outer header
meta_tx.enetPort = 0;
+ memcpy(&p_pkt[netTest_MAC_HEADER_LEN+netTest_IP_HEADER_LEN],&p_sa_info_tx->spi,4);
}
else
{
meta.u.tx_meta=&meta_tx;
if (stats[coreid].sec_tx<20) dump_descr((long *) tip, stats[coreid].sec_tx);
#ifdef NET_TEST_ENABLE_INFLOW_LOW_LEVEL_API
-#if 0
- nwal_mCmdSetCrypPort (tip,
- &p_sa_info->tx_psCmdInfo,
- p_sa_info->tx_pkt_info.saOffBytes,
- meta_tx.saPayloadLen,
- p_sa_info->swInfo0,
- p_sa_info->swInfo1,
- NWAL_ENET_PORT_UNKNOWN);
-#endif
-
if ( pkt_type == IPSEC_ESP_PKT)
{
nwal_mCmdSetL4CkSumCrypPort(tip,
- &p_sa_info->tx_psCmdInfo,
+ &p_sa_info_tx->tx_psCmdInfo,
meta_tx.l4OffBytes,
meta_tx.ploadLen + meta_tx.l4HdrLen,
meta_tx.pseudoHdrChecksum,
- p_sa_info->tx_pkt_info.saOffBytes,
+ p_sa_info_tx->tx_pkt_info.saOffBytes,
meta_tx.saPayloadLen,
- p_sa_info->swInfo0,
- p_sa_info->swInfo1,
+ p_sa_info_tx->swInfo0,
+ p_sa_info_tx->swInfo1,
0);
}
else
{
nwal_mCmdSetL4CkSumAHCrypPort(tip,
- &p_sa_info->tx_psCmdInfo,
+ &p_sa_info_tx->tx_psCmdInfo,
meta_tx.l4OffBytes,
meta_tx.ploadLen + meta_tx.l4HdrLen,
meta_tx.pseudoHdrChecksum,
meta_tx.saOffBytes,
meta_tx.saPayloadLen,
- p_sa_info->swInfo0,
- p_sa_info->swInfo1,
+ p_sa_info_tx->swInfo0,
+ p_sa_info_tx->swInfo1,
meta_tx.saAhIcvOffBytes,
meta_tx.saAhMacSize,
meta_tx.enetPort);
}
pPloadDesc = Pktlib_getDescFromPacket(tip);
pPloadDesc = Qmss_osalConvertDescVirtToPhy(pPloadDesc);
- Qmss_queuePushDescSizeRaw(p_sa_info->tx_psCmdInfo.txQueue,
+ Qmss_queuePushDescSizeRaw(p_sa_info_tx->tx_psCmdInfo.txQueue,
pPloadDesc,
NWAL_DESC_SIZE);
#else
len = Pktlib_getPacketLen(tip);//real length
- p_spi = &(p_pkt[netTest_MAC_HEADER_LEN+netTest_IP_HEADER_LEN]);
-
- p_sa_info = (netTestSA_t *) trie_lookup(p_trie_sa, (char *)p_spi ,4);
+ /*p_sa_info is for rx context */
+ p_sa_info = (netTestSA_t*)meta[i].u.rx_sb_meta->appCtxId;
if (p_sa_info == NULL)
{
printf("recv_sb_cb(): trie_lookup failed\n");
continue;
}
+
//is this a decrypt (rx_tunnel) complete
if ((int)meta[i].u.rx_sb_meta->appId == p_sa_info->rx_tunnel)
{
- time = hplib_mUtilGetPmuCCNT();
- delta_time = time -(unsigned long) meta[i].u.rx_sb_meta->appCtxId;
+ //time = hplib_mUtilGetPmuCCNT();
+ //delta_time = time -(unsigned long) meta[i].u.rx_sb_meta->appCtxId;
stats[coreid].total_decrypt_time += delta_time;
stats[coreid].sb_rx+=1;
//copy hash out of meta data (for some reason it needs endian conversion)
uint8_t p_add1[1500];
int16_t retVal;
- nwalGlobCxtInfo_t nwalGlobCxt;
+ nwalGlobCxtInfo_t nwalGlobCxt;
nwalLocCxtInfo_t nwalLocCxt;
Cppi_HostDesc* pPloadDesc;
/* loop over received pkts */
for(i=0;i<n_pkts;i++)
{
+ printf("recv_cb: appId 0x%x\n", meta[i].u.rx_meta->appId);
ifno = ((unsigned int)meta[i].u.rx_meta->appId)&0xff;
enet_port = meta[i].u.rx_meta->enetPort;
}
//process IP SEC PACKET
- if (config.ipsec_mode_rx == IPSEC_MODE_RX_SIDEBAND)
+ if (netTestCfg.ipsec_mode_rx == IPSEC_MODE_RX_SIDEBAND)
{
p_spi = &(p_pkt[netTest_MAC_HEADER_LEN+netTest_IP_HEADER_LEN]);
- p_sa_info = (netTestSA_t *) trie_lookup(p_trie_sa, (char *)p_spi ,4);
+ p_sa_info = (netTestSA_t *) trie_lookup(p_trie_sa_rx, (char *)p_spi ,4);
if (p_sa_info == NULL)
{
printf("recv_cb(): trie_lookup() failed\n");
if (p_sa_info->cipherMode == NWAL_SA_EALG_AES_CTR)
{
- //memcpy(&p_iv[0], &ourEncrKey[16], 4);
- memcpy(&p_iv[0], &config.encr_key[16], 4);
+ memcpy(&p_iv[0], &p_sa_info->key_params->pEncKey[16], 4);
memcpy(&p_iv[4], &p_pkt[netTest_MAC_HEADER_LEN +netTest_IP_HEADER_LEN + netTest_ESP_HEADER_LEN], 8);
p_iv[12] = 0;
p_iv[13] = 0;
meta_tx.pEncIV = &p_pkt[netTest_MAC_HEADER_LEN +netTest_IP_HEADER_LEN + netTest_ESP_HEADER_LEN ];
}
- meta_tx.appCtxId = (nwal_AppId)hplib_mUtilGetPmuCCNT();
+ meta_tx.appCtxId = (nwal_AppId)p_sa_info;
//printf("recv_cb appCtxId: %lu\n", meta_tx.appCtxId);
/* post it to netcp sb tx channel*/
#endif
#ifdef TEST_TIMERS
//debug = dump timer polling stats
-dump_poll_stats();
+ dump_poll_stats();
//debug = dump timer polling stats
//dump_poll_stats();
#endif
-#ifndef EXPERIMENTAL
+
for (i = 0; i < MAX_SEC_INDEX; i++)
-#else
- for (i=0; i < 1;i++)
-#endif
{
/* Statistics for RX Tunnel */
memset(&netapi_sa_stats, 0, sizeof(netapi_sa_stats));
- netapi_getSaStats(netapi_handle, sa_info[i].rx_tunnel, &netapi_sa_stats);
- if (netapi_sa_stats.validParams & NETAPI_IPSEC_STAT_VALID)
+ if (sa_info[i].dir ==NWAL_SA_DIR_INBOUND )
{
- print_ipsec_stats(&(netapi_sa_stats.saIpsecStats),
- rx_sa[i].authMode,
- rx_sa[i].cipherMode);
- }
- if (netapi_sa_stats.validParams & NETAPI_SIDEBAND_DATA_MODE_STAT_VALID)
- {
- print_datamode_stats(&(netapi_sa_stats.dataModeStats),
- rx_sa[i].authMode,
- rx_sa[i].cipherMode);
- }
-
- /* Statistics for TX Tunnel */
- memset(&netapi_sa_stats, 0, sizeof(netapi_sa_stats));
- netapi_getSaStats(netapi_handle, sa_info[i].tx_tunnel, &netapi_sa_stats);
- if (netapi_sa_stats.validParams & NETAPI_IPSEC_STAT_VALID)
- {
- print_ipsec_stats(&(netapi_sa_stats.saIpsecStats),
- tx_sa[i].authMode,
- tx_sa[i].cipherMode);
+ netapi_getSaStats(netapi_handle, sa_info[i].rx_tunnel, &netapi_sa_stats);
+ if (netapi_sa_stats.validParams & NETAPI_IPSEC_STAT_VALID)
+ {
+ print_ipsec_stats(&(netapi_sa_stats.saIpsecStats),
+ sa_info[i].authMode,
+ sa_info[i].cipherMode);
+ }
+ if (netapi_sa_stats.validParams & NETAPI_SIDEBAND_DATA_MODE_STAT_VALID)
+ {
+ print_datamode_stats(&(netapi_sa_stats.dataModeStats),
+ sa_info[i].authMode,
+ sa_info[i].cipherMode);
+ }
}
- if (netapi_sa_stats.validParams & NETAPI_SIDEBAND_DATA_MODE_STAT_VALID)
+ else if (sa_info[i].dir ==NWAL_SA_DIR_OUTBOUND)
{
- print_datamode_stats(&(netapi_sa_stats.dataModeStats),
- tx_sa[i].authMode,
- tx_sa[i].cipherMode);
+ netapi_getSaStats(netapi_handle, sa_info[i].tx_tunnel, &netapi_sa_stats);
+ if (netapi_sa_stats.validParams & NETAPI_IPSEC_STAT_VALID)
+ {
+ print_ipsec_stats(&(netapi_sa_stats.saIpsecStats),
+ sa_info[i].authMode,
+ sa_info[i].cipherMode);
+ }
+ if (netapi_sa_stats.validParams & NETAPI_SIDEBAND_DATA_MODE_STAT_VALID)
+ {
+ print_datamode_stats(&(netapi_sa_stats.dataModeStats),
+ sa_info[i].authMode,
+ sa_info[i].cipherMode);
+ }
}
+ else
+ printf("our_stats_cb: invalid SA direction\n");
}
netapi_dump_internal_heap_stats();
}
Pktlib_getDataBuffer(tip,&pData,&len);
if(house_pkts_gened &0x1)
{
- memcpy(&pData[6],&config.mac1[0] ,6);
+ memcpy(&pData[6],&netTestCfg.mac[1][0] ,6);
}
pIpHdr = pData + meta_tx.ipOffBytes;
meta_tx.pseudoHdrChecksum =
Pktlib_getDataBuffer(tip,&pData,&len);
if(house_pkts_gened &0x1)
{
- memcpy(&pData[6],&config.mac1[0] ,6);
+ memcpy(&pData[6],&netTestCfg.mac[1][0] ,6);
}
meta_tx.txFlag1 = NWAL_TX_FLAG1_META_DATA_VALID;
meta_tx.startOffset = 0;
void build_sa_db(int i)
{
long tmp_spi;
- if ((tx_sa[i].authMode == NWAL_SA_AALG_HMAC_SHA1) && (tx_sa[i].cipherMode == NWAL_SA_EALG_AES_CBC))
+ long tmp_tunnel;
+ if ((netTestCfg.sa_info[i].authMode== NWAL_SA_AALG_HMAC_SHA1) && (netTestCfg.sa_info[i].cipherMode == NWAL_SA_EALG_AES_CBC))
{
/* static configuration, will not change */
sa_info[i].tx_payload_info.aadSize = 0;
sa_info[i].tx_payload_info.pEncIV = 0;
sa_info[i].tx_payload_info.pPkt = 0; /* not being referenced in net_test */
- sa_info[i].cipherMode = NWAL_SA_EALG_AES_CBC;
+ sa_info[i].cipherMode = netTestCfg.sa_info[i].cipherMode;
+ sa_info[i].authMode = netTestCfg.sa_info[i].authMode;
sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
sa_info[i].auth_tag_size = netTest_ICV_LEN; /* icv or mac size,. always 12 except for AES_CCM/AES_GCM */
-#ifdef EXPERIMENTAL
+
sa_info[i].iv_len=16;
sa_info[i].bl=16;
- sa_info[i].spi = tx_sa[i].spi;
- sa_info[i].src =*((unsigned int *)(&config.local_ipsec_ip.ipv4[0]));
- sa_info[i].dst =*((unsigned int *)(&config.remote_ipsec_ip.ipv4[0]));
-#endif
+ sa_info[i].src = *((unsigned int *)(&netTestCfg.sa_info[i].src));
+ sa_info[i].dst =*((unsigned int *)(&netTestCfg.sa_info[i].dst));
+
sa_info[i].tx_pkt_info.enetPort = 0;
sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
sa_info[i].tx_pkt_info.l4HdrLen = netTest_UDP_HEADER_LEN; /*UDP header len */
sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO| NWAL_TX_FLAG1_DO_UDP_CHKSUM| NWAL_TX_FLAG1_META_DATA_VALID ;
-
- tmp_spi = htonl((long)(tx_sa[i].spi));
- trie_insert(p_trie_sa,(char *)&tmp_spi,4, (void *) &sa_info[i]); //asociate with tx sa SPI
-
+ sa_info[i].dir =netTestCfg.sa_info[i].dir;
+ tmp_spi = htonl((long)(netTestCfg.sa_info[i].spi));
+ tmp_tunnel = htonl((long)(netTestCfg.tunnel_id[i]));
+ sa_info[i].spi =tmp_spi;
+ sa_info[i].tunnel_id = tmp_tunnel;
+
+ if (netTestCfg.sa_info[i].dir == NWAL_SA_DIR_INBOUND)
+ {
+ trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
+ }
+ else
+ {
+ trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
+ printf("**************************build_sa_db: tunnel id %d\n", tmp_tunnel);
+ }
}
- else if ((tx_sa[i].authMode == NWAL_SA_AALG_HMAC_SHA2_256) && (tx_sa[i].cipherMode == NWAL_SA_EALG_AES_CTR))
+ else if ((netTestCfg.sa_info[i].authMode== NWAL_SA_AALG_HMAC_SHA2_256) && (netTestCfg.sa_info[i].cipherMode == NWAL_SA_EALG_AES_CTR))
{
/* static configuration, will not change */
sa_info[i].tx_payload_info.aadSize = 0;
sa_info[i].tx_payload_info.pEncIV = 0;
sa_info[i].tx_payload_info.pPkt = 0;
- sa_info[i].cipherMode = NWAL_SA_EALG_AES_CTR;
+ sa_info[i].cipherMode = netTestCfg.sa_info[i].cipherMode;
+ sa_info[i].authMode = netTestCfg.sa_info[i].authMode;
sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
sa_info[i].auth_tag_size = netTest_ICV_LEN; /* icv or mac size,. always 12 except for AES_CCM/AES_GCM */
-#ifdef EXPERIMENTAL
+
sa_info[i].iv_len=8;
sa_info[i].bl=8;
- sa_info[i].spi = tx_sa[i].spi;
- sa_info[i].src =*((unsigned int *)(&config.local_ipsec_ip.ipv4[0]));
- sa_info[i].dst =*((unsigned int *)(&config.remote_ipsec_ip.ipv4[0]));
-#endif
+ sa_info[i].src = *((unsigned int *)(&netTestCfg.sa_info[i].src));
+ sa_info[i].dst =*((unsigned int *)(&netTestCfg.sa_info[i].dst));
sa_info[i].tx_pkt_info.enetPort = 0;
sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
sa_info[i].tx_pkt_info.saOffBytes = netTest_MAC_HEADER_LEN + netTest_IP_HEADER_LEN;
sa_info[i].tx_pkt_info.saPayloadLen = 0;
sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
-
+
+ sa_info[i].key_params = &netTestCfg.key_params[i];
+
sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO| NWAL_TX_FLAG1_DO_UDP_CHKSUM| NWAL_TX_FLAG1_META_DATA_VALID ;
- tmp_spi = htonl((long)(tx_sa[i].spi));
- trie_insert(p_trie_sa,(char *)&tmp_spi,4, (void *) &sa_info[i]); //asociate with tx sa SPI
+ sa_info[i].dir =netTestCfg.sa_info[i].dir;
+ tmp_spi = htonl((long)(netTestCfg.sa_info[i].spi));
+ tmp_tunnel = htonl((long)(netTestCfg.tunnel_id[i]));
+ sa_info[i].spi =tmp_spi;
+ sa_info[i].tunnel_id = tmp_tunnel;
+
+ if (netTestCfg.sa_info[i].dir == NWAL_SA_DIR_INBOUND)
+ {
+ trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
+ }
+ else
+ {
+ trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
+ printf("**************************build_sa_db: tunnel id %d\n", tmp_tunnel);
+ }
}
- else if ((tx_sa[i].authMode == NWAL_SA_AALG_HMAC_SHA2_256) && (tx_sa[i].cipherMode == NWAL_SA_EALG_3DES_CBC))
+ else if ((netTestCfg.sa_info[i].authMode== NWAL_SA_AALG_HMAC_SHA2_256) && (netTestCfg.sa_info[i].cipherMode == NWAL_SA_EALG_3DES_CBC))
{
/* static configuration, will not change */
sa_info[i].tx_payload_info.aadSize = 0;
sa_info[i].tx_payload_info.pEncIV = 0;
sa_info[i].tx_payload_info.pPkt = 0;
- sa_info[i].cipherMode = NWAL_SA_EALG_3DES_CBC;
+ sa_info[i].cipherMode = netTestCfg.sa_info[i].cipherMode;
+ sa_info[i].authMode = netTestCfg.sa_info[i].authMode;
sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
sa_info[i].auth_tag_size = netTest_ICV_LEN; /* icv or mac size,. always 12 except for AES_CCM/AES_GCM */
-#ifdef EXPERIMENTAL
+
sa_info[i].iv_len=8;
sa_info[i].bl=8;
- sa_info[i].spi = tx_sa[i].spi;
- sa_info[i].src =*((unsigned int *)(&config.local_ipsec_ip.ipv4[0]));
- sa_info[i].dst =*((unsigned int *)(&config.remote_ipsec_ip.ipv4[0]));
-#endif
+ sa_info[i].src = *((unsigned int *)(&netTestCfg.sa_info[i].src));
+ sa_info[i].dst =*((unsigned int *)(&netTestCfg.sa_info[i].dst));
sa_info[i].tx_pkt_info.enetPort = 0;
sa_info[i].tx_pkt_info.ipOffBytes = sa_info[i].tx_payload_info.encOffset;
sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO| NWAL_TX_FLAG1_DO_UDP_CHKSUM| NWAL_TX_FLAG1_META_DATA_VALID ;
- tmp_spi = htonl((long)(tx_sa[i].spi));
- trie_insert(p_trie_sa,(char *)&tmp_spi,4, (void *) &sa_info[i]); //asociate with tx sa SPI
+ sa_info[i].dir =netTestCfg.sa_info[i].dir;
+ tmp_spi = htonl((long)(netTestCfg.sa_info[i].spi));
+ tmp_tunnel = htonl((long)(netTestCfg.tunnel_id[i]));
+ sa_info[i].spi =tmp_spi;
+ sa_info[i].tunnel_id = tmp_tunnel;
+
+ if (netTestCfg.sa_info[i].dir == NWAL_SA_DIR_INBOUND)
+ {
+ trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
+ }
+ else
+ {
+ trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
+ printf("**************************build_sa_db: tunnel id %d\n", tmp_tunnel);
+ }
}
- else if ((tx_sa[i].authMode == NWAL_SA_AALG_HMAC_MD5) && (rx_sa[i].cipherMode == NWAL_SA_EALG_NULL))
+ else if ((netTestCfg.sa_info[i].authMode== NWAL_SA_AALG_HMAC_MD5) && (netTestCfg.sa_info[i].cipherMode == NWAL_SA_EALG_NULL))
{
/* static configuration, will not change */
sa_info[i].tx_payload_info.aadSize = 0;
netTest_NULL_ESP_HEADER_LEN +
netTest_NULL_IV_LEN +
24;
-
-
-#ifdef EXPERIMENTAL
sa_info[i].iv_len=0;
sa_info[i].bl=4;
- sa_info[i].spi = tx_sa[i].spi;
- sa_info[i].src =*((unsigned int *)(&config.local_ipsec_ip.ipv4[0]));
- sa_info[i].dst =*((unsigned int *)(&config.remote_ipsec_ip.ipv4[0]));
-#endif
-
+ sa_info[i].src = *((unsigned int *)(&netTestCfg.sa_info[i].src));
+ sa_info[i].dst =*((unsigned int *)(&netTestCfg.sa_info[i].dst));
/* dynamic configuration, will be calculated on the fly */
sa_info[i].tx_payload_info.authSize = 0;
sa_info[i].tx_payload_info.pEncIV = 0;
sa_info[i].tx_payload_info.pPkt = 0;
- sa_info[i].cipherMode = NWAL_SA_EALG_NULL;
+ sa_info[i].cipherMode = netTestCfg.sa_info[i].cipherMode;
+ sa_info[i].authMode = netTestCfg.sa_info[i].authMode;
sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
sa_info[i].auth_tag_size = netTest_ICV_LEN; /* icv or mac size,. always 12 except for AES_CCM/AES_GCM */
sa_info[i].tx_pkt_info.saPayloadLen = 0;
sa_info[i].tx_pkt_info.pseudoHdrChecksum =0;
sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_AH_CRYPTO| NWAL_TX_FLAG1_DO_UDP_CHKSUM | NWAL_TX_FLAG1_META_DATA_VALID ;
- tmp_spi = htonl((long)(tx_sa[i].spi));
- trie_insert(p_trie_sa,(char *)&tmp_spi,4, (void *) &sa_info[i]); //asociate with tx sa SPI
+ sa_info[i].dir =netTestCfg.sa_info[i].dir;
+ tmp_spi = htonl((long)(netTestCfg.sa_info[i].spi));
+ tmp_tunnel = htonl((long)(netTestCfg.tunnel_id[i]));
+ sa_info[i].spi =tmp_spi;
+ sa_info[i].tunnel_id = tmp_tunnel;
+
+ if (netTestCfg.sa_info[i].dir == NWAL_SA_DIR_INBOUND)
+ {
+ trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
+ }
+ else
+ {
+ trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
+ printf("**************************build_sa_db: tunnel id %d\n", tmp_tunnel);
+ }
}
- else if ((tx_sa[i].authMode == NWAL_SA_AALG_NULL) && (rx_sa[i].cipherMode == NWAL_SA_EALG_AES_GCM))
+ else if ((netTestCfg.sa_info[i].authMode== NWAL_SA_AALG_NULL) && (netTestCfg.sa_info[i].cipherMode == NWAL_SA_EALG_AES_GCM))
{
/* static configuration, will not change */
sa_info[i].tx_payload_info.aadSize = 0;
netTest_IP_HEADER_LEN +
netTest_ESP_HEADER_LEN +
netTest_AES_GCM_IV_LEN;
-#ifdef EXPERIMENTAL
+
sa_info[i].iv_len=0;
sa_info[i].bl=4;
- sa_info[i].spi = tx_sa[i].spi;
- sa_info[i].src =*((unsigned int *)(&config.local_ipsec_ip.ipv4[0]));
- sa_info[i].dst =*((unsigned int *)(&config.remote_ipsec_ip.ipv4[0]));
-#endif
-
+ sa_info[i].src = *((unsigned int *)(&netTestCfg.sa_info[i].src));
+ sa_info[i].dst =*((unsigned int *)(&netTestCfg.sa_info[i].dst));
/* dynamic configuration, will be calculated on the fly */
sa_info[i].tx_payload_info.authSize = 0;
sa_info[i].tx_payload_info.pEncIV = 0;
sa_info[i].tx_payload_info.pPkt = 0;
- sa_info[i].cipherMode = NWAL_SA_EALG_AES_GCM;
+ sa_info[i].cipherMode = netTestCfg.sa_info[i].cipherMode;
+ sa_info[i].authMode = netTestCfg.sa_info[i].authMode;
sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
sa_info[i].auth_tag_size = netTest_AES_GCM_CCM_ICV_LEN; /* icv or mac size,. always 12 except for AES_CCM/AES_GCM */
sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO| NWAL_TX_FLAG1_DO_UDP_CHKSUM| NWAL_TX_FLAG1_META_DATA_VALID ;
- tmp_spi = htonl((long)(tx_sa[i].spi));
- trie_insert(p_trie_sa,(char *)&tmp_spi,4, (void *) &sa_info[i]); //asociate with tx sa SPI
+ sa_info[i].dir =netTestCfg.sa_info[i].dir;
+ tmp_spi = htonl((long)(netTestCfg.sa_info[i].spi));
+ tmp_tunnel = htonl((long)(netTestCfg.tunnel_id[i]));
+ sa_info[i].spi =tmp_spi;
+ sa_info[i].tunnel_id = tmp_tunnel;
+
+ if (netTestCfg.sa_info[i].dir == NWAL_SA_DIR_INBOUND)
+ {
+ trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
+ }
+ else
+ {
+ trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
+ printf("**************************build_sa_db: tunnel id %d\n", tmp_tunnel);
+ }
}
- else if ((tx_sa[i].authMode == NWAL_SA_AALG_NULL) && (rx_sa[i].cipherMode == NWAL_SA_EALG_AES_CCM))
+ else if ((netTestCfg.sa_info[i].authMode== NWAL_SA_AALG_NULL) && (netTestCfg.sa_info[i].cipherMode == NWAL_SA_EALG_AES_CCM))
{
/* static configuration, will not change */
sa_info[i].tx_payload_info.aadSize = 0;
netTest_IP_HEADER_LEN +
netTest_ESP_HEADER_LEN +
netTest_AES_CCM_IV_LEN;
-#ifdef EXPERIMENTAL
+
sa_info[i].iv_len=0;
sa_info[i].bl=4;
- sa_info[i].spi = tx_sa[i].spi;
- sa_info[i].src =*((unsigned int *)(&config.local_ipsec_ip.ipv4[0]));
- sa_info[i].dst =*((unsigned int *)(&config.remote_ipsec_ip.ipv4[0]));
-#endif
-
+ sa_info[i].src = *((unsigned int *)(&netTestCfg.sa_info[i].src));
+ sa_info[i].dst =*((unsigned int *)(&netTestCfg.sa_info[i].dst));
/* dynamic configuration, will be calculated on the fly */
sa_info[i].tx_payload_info.authSize = 0;
sa_info[i].tx_payload_info.pEncIV = 0;
sa_info[i].tx_payload_info.pPkt = 0;
- sa_info[i].cipherMode = NWAL_SA_EALG_AES_CCM;
+ sa_info[i].cipherMode = netTestCfg.sa_info[i].cipherMode;
+ sa_info[i].authMode = netTestCfg.sa_info[i].authMode;
sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
sa_info[i].auth_tag_size = netTest_AES_GCM_CCM_ICV_LEN; /* icv or mac size,. always 12 except for AES_CCM/AES_GCM */
sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO| NWAL_TX_FLAG1_DO_UDP_CHKSUM| NWAL_TX_FLAG1_META_DATA_VALID ;
- tmp_spi = htonl((long)(tx_sa[i].spi));
- trie_insert(p_trie_sa,(char *)&tmp_spi,4, (void *) &sa_info[i]); //asociate with tx sa SPI
+ sa_info[i].dir =netTestCfg.sa_info[i].dir;
+ tmp_spi = htonl((long)(netTestCfg.sa_info[i].spi));
+ tmp_tunnel = htonl((long)(netTestCfg.tunnel_id[i]));
+ sa_info[i].spi =tmp_spi;
+ sa_info[i].tunnel_id = tmp_tunnel;
+
+ if (netTestCfg.sa_info[i].dir == NWAL_SA_DIR_INBOUND)
+ {
+ trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
+ }
+ else
+ {
+ trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
+ printf("**************************build_sa_db: tunnel id %d\n", tmp_tunnel);
+ }
}
- else if ((tx_sa[i].authMode == NWAL_SA_AALG_AES_XCBC) && (rx_sa[i].cipherMode == NWAL_SA_EALG_NULL))
+ else if ((netTestCfg.sa_info[i].authMode== NWAL_SA_AALG_AES_XCBC) && (netTestCfg.sa_info[i].cipherMode == NWAL_SA_EALG_NULL))
{
/* static configuration, will not change */
sa_info[i].tx_payload_info.aadSize = 0;
netTest_IP_HEADER_LEN +
netTest_ESP_HEADER_LEN +
netTest_NULL_IV_LEN;
-#ifdef EXPERIMENTAL
+
sa_info[i].iv_len=0;
sa_info[i].bl=4;
- sa_info[i].spi = tx_sa[i].spi;
- sa_info[i].src =*((unsigned int *)(&config.local_ipsec_ip.ipv4[0]));
- sa_info[i].dst =*((unsigned int *)(&config.remote_ipsec_ip.ipv4[0]));
-#endif
-
+ sa_info[i].src = *((unsigned int *)(&netTestCfg.sa_info[i].src));
+ sa_info[i].dst =*((unsigned int *)(&netTestCfg.sa_info[i].dst));
/* dynamic configuration, will be calculated on the fly */
sa_info[i].tx_payload_info.authSize = 0;
sa_info[i].tx_payload_info.pEncIV = 0;
sa_info[i].tx_payload_info.pPkt = 0;
- sa_info[i].cipherMode = NWAL_SA_EALG_NULL;
- sa_info[i].authMode = NWAL_SA_AALG_AES_XCBC;
+ sa_info[i].cipherMode = netTestCfg.sa_info[i].cipherMode;
+ sa_info[i].authMode = netTestCfg.sa_info[i].authMode;
sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
sa_info[i].auth_tag_size = netTest_ICV_LEN; /* icv or mac size,. always 12 except for AES_CCM/AES_GCM , GMAC*/
sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO| NWAL_TX_FLAG1_DO_UDP_CHKSUM| NWAL_TX_FLAG1_META_DATA_VALID ;
- tmp_spi = htonl((long)(tx_sa[i].spi));
- trie_insert(p_trie_sa,(char *)&tmp_spi,4, (void *) &sa_info[i]); //asociate with tx sa SPI
+ sa_info[i].dir =netTestCfg.sa_info[i].dir;
+ tmp_spi = htonl((long)(netTestCfg.sa_info[i].spi));
+ tmp_tunnel = htonl((long)(netTestCfg.tunnel_id[i]));
+ sa_info[i].spi =tmp_spi;
+ sa_info[i].tunnel_id = tmp_tunnel;
+
+ if (netTestCfg.sa_info[i].dir == NWAL_SA_DIR_INBOUND)
+ {
+ trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
+ }
+ else
+ {
+ trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
+ printf("**************************build_sa_db: tunnel id %d\n", tmp_tunnel);
+ }
}
- else if ((tx_sa[i].authMode == NWAL_SA_AALG_GMAC) && (rx_sa[i].cipherMode == NWAL_SA_EALG_NULL))
+ else if ((netTestCfg.sa_info[i].authMode== NWAL_SA_AALG_GMAC) && (netTestCfg.sa_info[i].cipherMode == NWAL_SA_EALG_NULL))
{
/* static configuration, will not change */
sa_info[i].tx_payload_info.aadSize = 0;
netTest_IP_HEADER_LEN +
netTest_ESP_HEADER_LEN +
netTest_AES_GMAC_IV_LEN;
-#ifdef EXPERIMENTAL
+
sa_info[i].iv_len=0;
sa_info[i].bl=4;
- sa_info[i].spi = tx_sa[i].spi;
- sa_info[i].src =*((unsigned int *)(&config.local_ipsec_ip.ipv4[0]));
- sa_info[i].dst =*((unsigned int *)(&config.remote_ipsec_ip.ipv4[0]));
-#endif
-
+ sa_info[i].src = *((unsigned int *)(&netTestCfg.sa_info[i].src));
+ sa_info[i].dst =*((unsigned int *)(&netTestCfg.sa_info[i].dst));
/* dynamic configuration, will be calculated on the fly */
sa_info[i].tx_payload_info.authSize = 0;
sa_info[i].tx_payload_info.pAuthIV = 0;
sa_info[i].tx_payload_info.pPkt = 0;
- sa_info[i].cipherMode = NWAL_SA_EALG_NULL;
- sa_info[i].authMode = NWAL_SA_AALG_GMAC;
+ sa_info[i].cipherMode = netTestCfg.sa_info[i].cipherMode;
+ sa_info[i].authMode = netTestCfg.sa_info[i].authMode;
sa_info[i].inner_ip_offset = sa_info[i].tx_payload_info.encOffset;
sa_info[i].auth_tag_size = netTest_AES_GMAC_ICV_LEN; /* icv or mac size,. always 12 except for AES_CCM/AES_GCM , GMAC*/
sa_info[i].tx_pkt_info.txFlag1 = NWAL_TX_FLAG1_DO_IPSEC_ESP_CRYPTO| NWAL_TX_FLAG1_DO_UDP_CHKSUM| NWAL_TX_FLAG1_META_DATA_VALID ;
- tmp_spi = htonl((long)(tx_sa[i].spi));
- trie_insert(p_trie_sa,(char *)&tmp_spi,4, (void *) &sa_info[i]); //asociate with tx sa SPI
+ sa_info[i].dir =netTestCfg.sa_info[i].dir;
+ tmp_spi = htonl((long)(netTestCfg.sa_info[i].spi));
+ tmp_tunnel = htonl((long)(netTestCfg.tunnel_id[i]));
+ sa_info[i].spi =tmp_spi;
+ sa_info[i].tunnel_id = tmp_tunnel;
+
+ if (netTestCfg.sa_info[i].dir == NWAL_SA_DIR_INBOUND)
+ {
+ trie_insert(p_trie_sa_rx,(char *)&tmp_spi,4, (void *) &sa_info[i]);
+ }
+ else
+ {
+ trie_insert(p_trie_sa_tx,(char *)&tmp_tunnel,4, (void *) &sa_info[i]);
+ printf("**************************build_sa_db: tunnel id %d\n", tmp_tunnel);
+ }
}
else
printf("build_sa_db(): invalid encryption/authentication combination selected\n");
-#define CHECK_SET_PARAM(ARG1, ARG2) \
- do { \
- if(strcmp(key, ARG1) == 0) { \
- if(data)strncpy(ARG2,data,CONFIG_STRING_LEN); \
- printf("CHECK_SET_PARM, match found, input cong string %s\n", ARG2); \
- continue; \
- } \
- } while(0)
-
-#define CHECK_SET_PARAM2(ARG1, ARG2, ARG3) \
- do { \
- if(strcmp(key, ARG1) == 0) { \
- if(data) strncpy(ARG2,data,CONFIG_STRING_LEN); \
- if(data2) strncpy(ARG3,data2,CONFIG_STRING_LEN); \
- printf("CHECK_SET_PARM2, match found, input cong string %s %s\n", ARG2, ARG3); \
- continue; \
- } \
- } while(0)
-
-unsigned char hex2dec(char *p_s)
-{
- int val;
- sscanf(p_s,"%x",&val);
- return val&0xff;
-}
-void parse_one_mac(char * p_mac_str, unsigned char *p_mac)
-{
- int index = 0;
- int i;
- char *pch = strtok (&(p_mac_str[0]),"-");
-
- while (pch != NULL)
- {
- printf ("%s\n",pch);
- p_mac[index] = hex2dec(pch);
- index++;
- pch = strtok (NULL,"-");
- }
- printf("index value : %d\n", index);
- for (i=0; i<6;i++)
- printf("************mac0[%d]: 0x%x\n",i, p_mac[i]);
-}
-
-
-void parse_one_key(char *p_key_str, unsigned char *p_key)
-{
- int index = 0;
- int i;
- char * pch = strtok (&p_key_str[0],",");
-
- while (pch != NULL)
- {
- printf ("%s\n",pch);
- p_key[index] = hex2dec(pch);
- index++;
- pch = strtok (NULL,",");
- }
- printf("index value for parse-auth_key: %d\n", index);
- for (i=0; i<36;i++)
- printf("************mac0[%d]: 0x%x\n",i, p_key[i]);
-}
-
-void parse_key(netTestConfigFile_t *pConfig)
-{
- if (strlen(&pConfig->auth_key[0]))
- parse_one_key(&pConfig->auth_key[0],&config.auth_key[0]);
- if (strlen(&pConfig->mac1[0]))
- parse_one_key(&pConfig->encr_key[0],&config.encr_key[0]);
-}
-
-
-
-
-void parse_one_ip(char * p_ip_addr_str, unsigned char * p_ip)
-{
- int index = 0;
- int i;
- char * pch = strtok (&p_ip_addr_str[0],".");
-
- while (pch != NULL)
- {
- printf ("xxxxx: %s\n",pch);
- p_ip[index] = atoi(pch);
- index++;
- pch = strtok (NULL,".");
- }
- printf("index value : %d\n", index);
- for (i=0; i<4;i++)
- printf("************ip[%d]: 0x%x\n",i, p_ip[i]);
-}
-
-void parse_mac_address(netTestConfigFile_t *pConfig)
-{
- if (strlen(&pConfig->mac0[0]))
- parse_one_mac(&pConfig->mac0[0],&config.mac0[0]);
- if (strlen(&pConfig->mac1[0]))
- parse_one_mac(&pConfig->mac1[0],&config.mac1[0]);
-}
-void parse_ip_address(netTestConfigFile_t *pConfig)
-{
- if (strlen(&pConfig->ip0[0]))
- parse_one_ip(&pConfig->ip0[0],&config.ip0.ipv4[0]);
- if (strlen(&pConfig->ip1[0]))
- parse_one_ip(&pConfig->ip1[0],&config.ip1.ipv4[0]);
- if (strlen(&pConfig->ip2[0]))
- parse_one_ip(&pConfig->ip2[0],&config.ip2.ipv4[0]);
- if (strlen(&pConfig->local_ipsec_ip[0]))
- parse_one_ip(&pConfig->local_ipsec_ip[0],&config.local_ipsec_ip.ipv4[0]);
- if (strlen(&pConfig->remote_ipsec_ip[0]))
- parse_one_ip(&pConfig->remote_ipsec_ip[0],&config.remote_ipsec_ip.ipv4[0]);
-}
-
-
-void parse_ipsec_mode(netTestConfigFile_t *pConfig)
-{
-
- if (strlen(&pConfig->ipsec_mode_rx[0]))
- {
- if (strcmp(pConfig->ipsec_mode_rx, "SIDEBAND") == 0)
- {
- config.ipsec_mode_rx = IPSEC_MODE_RX_SIDEBAND;
- }
- else if (strcmp(pConfig->ipsec_mode_rx, "INFLOW") == 0)
- {
- config.ipsec_mode_rx = IPSEC_MODE_RX_INFLOW;
- }
- else
- printf("parse_ipsec_mode(), invalid RX ipsec mode in config file \n");
- }
-
- if (strlen(&pConfig->ipsec_mode_tx[0]))
- {
- if (strcmp(pConfig->ipsec_mode_tx, "SIDEBAND") == 0)
- {
- config.ipsec_mode_tx = IPSEC_MODE_TX_SIDEBAND;
- }
- else if (strcmp(pConfig->ipsec_mode_tx, "INFLOW") == 0)
- {
- config.ipsec_mode_tx = IPSEC_MODE_TX_INFLOW;
- }
- else
- printf("parse_ipsec_mode(), invalid TX ipsec mode in config file \n");
- }
-
- printf("parse_ipsec_mode(): RX mode %d\n", config.ipsec_mode_rx);
- printf("parse_ipsec_mode(): TX mode %d\n", config.ipsec_mode_tx);
-
-
-}
-
-#ifdef EXPERIMENTAL
-int n_routes=0;
-int n_dst_ips=0;
-void parse_routes(netTestConfigFile_t *pConfig)
-{
-int i;
-int said=0;
-for(i=0;i<MAX_ROUTES;i++)
-{
- int port;
- if (pConfig->routes[i][0])
- {
- port=atoi(&pConfig->ports[i][0]);
- if((port<1)||(port>2)) continue; //bad port #: only 1 or 2 valid
- if(strncmp(&pConfig->routes[i][0],"MAC",3)==0)
- {
- routes[i].out_port = port;
- parse_one_mac(&pConfig->routes[i][3],&routes[i].out_mac[0]);
- memcpy(&routes[i].out_mac[6], ((port==1) ?&config.mac0[0]: &config.mac1[0] ),6);
- routes[i].out_mac[12]=0x08;
- routes[i].out_mac[13]=0x00;
- routes[i].sec_ptr=NULL;
- n_routes+=1;
- }
- else if (strncmp(&pConfig->routes[i][0],"SA",2)==0)
- {
- said=atoi(&pConfig->routes[i][2]) ;
- routes[i].sec_ptr=&sa_info[said];
- n_routes+=1;
- }
- }
-}
-our_router = route_init();
-for (i=0;i<MAX_ROUTES;i++)
-{
- unsigned long ip_be;
- int route_index;
- if (pConfig->dst_ips[i][0])
- {
- parse_one_ip(&pConfig->dst_ips[i][0],(unsigned char *)&ip_be);
- sscanf(&pConfig->paths[i][0],"route%d",&route_index);
- route_add(our_router,&ip_be,&routes[route_index]);
- n_dst_ips+=1;
- }
-}
-printf(">Route DB built. %d entries\n",n_dst_ips);
-}
-#endif
-static void parse_config_file(FILE * fpr, netTestConfigFile_t *pConfig)
-{
- char line[MAX_LINE_LENGTH + 1];
- int i;
-
- char *key, *data, *ep, *data2;
- char tokens[] = " :=;\n";
- char temp_str[50];
- memset(line, 0, MAX_LINE_LENGTH + 1);
- memset(pConfig, 0, sizeof(netTestConfigFile_t));
- while (fgets(line, MAX_LINE_LENGTH + 1, fpr))
- {
- if(line[0]=='#') continue; //skip comment
- key = (char *)strtok(line, tokens);
- data = (char *)strtok(NULL, tokens);
- data2 = (char *)strtok(NULL, tokens);
- if (!key) continue;
- if (!data) continue;
-
- if(strlen(data) == 0)
- {
- continue;
- }
-
- CHECK_SET_PARAM(INIT_CONFIG_MAC0,&(pConfig->mac0[0]));
- CHECK_SET_PARAM(INIT_CONFIG_MAC1,&(pConfig->mac1[0]));
- CHECK_SET_PARAM(INIT_CONFIG_IP0,&(pConfig->ip0[0]));
- CHECK_SET_PARAM(INIT_CONFIG_IP1,&(pConfig->ip1[0]));
- CHECK_SET_PARAM(INIT_CONFIG_IP2,&(pConfig->ip2[0]));
- CHECK_SET_PARAM(INIT_CONFIG_LOCAL_IPSEC_IP,&(pConfig->local_ipsec_ip[0]));
- CHECK_SET_PARAM(INIT_CONFIG_REMOTE_IPSEC_IP,&(pConfig->remote_ipsec_ip[0]));
- CHECK_SET_PARAM(INIT_CONFIG_IPSEC_MODE_RX,&(pConfig->ipsec_mode_rx[0]));
- CHECK_SET_PARAM(INIT_CONFIG_IPSEC_MODE_TX,&(pConfig->ipsec_mode_tx[0]));
- CHECK_SET_PARAM(INIT_CONFIG_IPSEC_IF_NO,&(pConfig->ipsec_if_no[0]));
- CHECK_SET_PARAM(INIT_CONFIG_AUTH_KEY,&(pConfig->auth_key[0]));
- CHECK_SET_PARAM(INIT_CONFIG_ENCR_KEY,&(pConfig->encr_key[0]));
-
-#ifdef EXPERIMENTAL
- for(i=0;i<MAX_ROUTES;i++)
- {
- sprintf(temp_str,"route%d",i);
- CHECK_SET_PARAM2(temp_str,&pConfig->routes[i][0],&pConfig->ports[i][0] );
- }
- for(i=0;i<MAX_ROUTES;i++)
- {
- sprintf(temp_str,"dstip%d",i);
- CHECK_SET_PARAM2(temp_str,&pConfig->dst_ips[i][0],&pConfig->paths[i][0] );
- }
-#endif
-
- }
- parse_mac_address(pConfig);
-
- parse_ip_address(pConfig);
-
- parse_ipsec_mode(pConfig);
-
- parse_key(pConfig);
-
-#ifdef EXPERIMENTAL
- if (strlen(&pConfig->ipsec_if_no[0]))
- config.ipsec_if_no = atoi(&pConfig->ipsec_if_no[0]);
- parse_routes(pConfig);
-#endif
-}
-
#ifdef MULTI_THREAD
NETAPI_T worker_nh[TUNE_NETAPI_NUM_CORES];
/*********************************************/
netapi_schedRun(scheduler[coreid], &err);
printf(">net_test: core %d worker thread done\n",coreid);
+
pktio_close(tx_chan, &err);
pktio_close(rx_chan, &err);
+#ifndef EXPERIMENTAL
pktio_close(sb_tx_chan, &err);
pktio_close(sb_tx_chan, &err);
+#endif
netapi_shutdown(worker_nh[coreid]);
}
printf(">net_test: core %d worker thread done\n",coreid);
pktio_close(tx_chan, &err);
pktio_close(rx_chan, &err);
+#ifndef EXPERIMENTAL
pktio_close(sb_tx_chan, &err);
pktio_close(sb_tx_chan, &err);
+#endif
netapi_shutdown(worker_nh[coreid]);
}
#endif
-static netTestConfigFile_t config_file;
+
/***************************************
********** test driver*****************
***************************************/
struct rlimit rl;
int32_t errCode;
Pktlib_HeapIfTable* pPktifTable;
-
+/* Local Per Process default resourcese maintained at NWAL */
+ nwalLocCxtInfo_t nwalLocCxt;
FILE * fpr = NULL;
}
else
{
+ memset(&config_file, 0, sizeof(netTestConfigFile_t));
+ memset(&netTestCfg, 0, sizeof(netTestConfig_t));
parse_config_file(fpr,&config_file);
}
memset(&sa_info, 0, sizeof(sa_info));
-
//real mode, so update our test packet mac header and ip header
if (pktloopback==0)
{
#endif
/* add mac intefaces */
+ printf("main, switch port0 %d\n", netTestCfg.switch_port[0]);
netcp_cfgCreateMacInterface(
netapi_handle,
- &config.mac0[0],
- ETH0,0,
+ &netTestCfg.mac[0][0],
+ ETH0,
+ netTestCfg.switch_port[0],
(NETCP_CFG_ROUTE_HANDLE_T) NULL,
(NETCP_CFG_VLAN_T ) NULL , //future
1,
netapi_handle,
ETH0,
nwal_IPV4,
- &config.ip0,
+ &netTestCfg.ip[0].ipv4[0],
NULL, //all IP
(NETCP_CFG_ROUTE_HANDLE_T) NULL,
&err
if (err) {printf("addip0 failed %d\n",err); exit(1); }
//create a 2nd mac instance
+ printf("main, switch port1 %d\n", netTestCfg.switch_port[1]);
netcp_cfgCreateMacInterface(
netapi_handle,
- &config.mac1[0],
- ETH1,1,
+ &netTestCfg.mac[1][0],
+ ETH1,
+ netTestCfg.switch_port[1],
(NETCP_CFG_ROUTE_HANDLE_T) NULL,
(NETCP_CFG_VLAN_T ) NULL , //future
1,
netapi_handle,
ETH1,
nwal_IPV4,
- &config.ip1,
+ &netTestCfg.ip[1].ipv4[0],
NULL, //all IP
(NETCP_CFG_ROUTE_HANDLE_T) NULL,
&err
);
- if (err) {printf("addip1 failed %d\n",err); exit(1); }
+ if (err) {printf("add ip1 failed %d\n",err); exit(1); }
#ifndef EXPERIMENTAL
//attach 2 classifiers to iface 0, ip0
//3rd classifier has a different IP and route
- class_2_cfg.u.c_l3_l4.ip_addr = &config.ip2;
-
+ class_2_cfg.u.c_l3_l4.ip_addr= &netTestCfg.ip[2].ipv4[0];
//create specialFlow for this classifier
{
Pktlib_HeapHandle heaps[2];
#endif
//security stuff
- p_trie_sa = trie_new();
- if (!p_trie_sa) {printf("trie alloc for SA failed\n"); exit(1);}
+ p_trie_sa_rx = trie_new();
+ p_trie_sa_tx = trie_new();
+ if (!p_trie_sa_rx || !p_trie_sa_tx)
+ {printf("trie alloc for SA failed\n"); exit(1);}
for (i=0; i < MAX_SEC_INDEX;i++)
{
- ourRXKeyParams[i].pEncKey = &config.encr_key[0];
- ourRXKeyParams[i].pAuthKey = &config.auth_key[0];
- memcpy(&(rx_sa[i].src), &config.remote_ipsec_ip,4);
- memcpy(&(rx_sa[i].dst), &config.local_ipsec_ip,4);
-
- build_sa_db(i);
- sa_info[i].rx_tunnel = netapi_secAddSA(
+ if(netTestCfg.sa_info[i].dir == NWAL_SA_DIR_INBOUND)
+ {
+ build_sa_db(i);
+ sa_info[i].rx_tunnel = netapi_secAddSA(
netapi_handle,
- config.ipsec_if_no, //iface #0
- &rx_sa[i],
- &ourRXKeyParams[i],
- config.ipsec_mode_rx == IPSEC_MODE_RX_SIDEBAND ? NETAPI_SEC_SA_SIDEBAND: NETAPI_SEC_SA_INFLOW,
+ netTestCfg.ipsec_if_no, //iface #0
+ &netTestCfg.sa_info[i],
+ &netTestCfg.key_params[i],
+ netTestCfg.ipsec_mode_rx == IPSEC_MODE_RX_SIDEBAND ? NETAPI_SEC_SA_SIDEBAND: NETAPI_SEC_SA_INFLOW,
NULL, //use default route
&(sa_info[i].rx_data_mode_handle),
&(sa_info[i].rx_inflow_mode_handle),
&err);
- if (err) {printf("addRxSa failed %d\n",err); exit(1);}
+ if (err) {printf("addRxSa failed %d\n",err); exit(1);}
- if (config.ipsec_mode_rx == IPSEC_MODE_RX_INFLOW)
- {
- //assume inner and outer ip is the same
- rx_policy[i]= netapi_secAddRxPolicy( netapi_handle,
+ if (netTestCfg.ipsec_mode_rx == IPSEC_MODE_RX_INFLOW)
+ {
+ //assume inner and outer ip is the same
+ rx_policy[i]= netapi_secAddRxPolicy( netapi_handle,
sa_info[i].rx_tunnel, //link to tunnel above
4, //ipv4
- &config.remote_ipsec_ip, //src -> them
- &config.local_ipsec_ip, //dst -> us
+ &netTestCfg.sa_info[i].src,
+ &netTestCfg.sa_info[i].dst,
NULL, // no qualifiers
NULL, //default route
&err);
- if (err) {printf("addSaPolicy failed %d, for index %d\n",err,i); exit(1);}
- }
- else
- {
- rx_policy[i] = 0;
-
- }
+ if (err) {printf("addSaPolicy failed %d, for index %d\n",err,i); exit(1);}
+ }
+ else
+ {
+ rx_policy[i] = 0;
+ }
+
#ifdef NET_TEST_ENABLE_SIDE_BAND_LOW_LEVEL_API
- /* Remember the NetCP Command Label so save cycles per Crypto
- * operation
- *
- */
- if(config.ipsec_mode_rx == IPSEC_MODE_RX_SIDEBAND)
- {
- nwalRetVal =
- nwal_initDMPSCmdInfo(pktio_mGetNwalInstance(netcp_sb_rx_chan),
- sa_info[i].rx_data_mode_handle,
- &sa_info[i].rx_dmPSCmdInfo);
- }
-
+ /* Remember the NetCP Command Label so save cycles per Crypto
+ * operation */
+ if(netTestCfg.ipsec_mode_rx == IPSEC_MODE_RX_SIDEBAND)
+ {
+ nwalRetVal =
+ nwal_initDMPSCmdInfo(pktio_mGetNwalInstance(netcp_sb_rx_chan),
+ sa_info[i].rx_data_mode_handle,
+ &sa_info[i].rx_dmPSCmdInfo);
+ }
#endif
- }
-
-//tx SA
-//security stuff
- for (i=0; i < MAX_SEC_INDEX;i++)
- {
- ourTXKeyParams[i].pEncKey = &config.encr_key[0];
- ourTXKeyParams[i].pAuthKey = &config.auth_key[0];
-
- memcpy(&(tx_sa[i].src), &config.local_ipsec_ip,4);
- memcpy(&(tx_sa[i].dst), &config.remote_ipsec_ip,4);
- sa_info[i].tx_tunnel = netapi_secAddSA( netapi_handle,
+ }
+//tx SA security stuff
+ //for (i=0; i < (MAX_SEC_INDEX+1);i++)
+ if(netTestCfg.sa_info[i].dir == NWAL_SA_DIR_OUTBOUND)
+ {
+ build_sa_db(i);
+ sa_info[i].tx_tunnel = netapi_secAddSA( netapi_handle,
0, //iface #0
- &(tx_sa[i]),
- &ourTXKeyParams[i],
- config.ipsec_mode_tx == IPSEC_MODE_TX_SIDEBAND ? NETAPI_SEC_SA_SIDEBAND: NETAPI_SEC_SA_INFLOW,
+ &netTestCfg.sa_info[i],
+ &netTestCfg.key_params[i],
+ netTestCfg.ipsec_mode_tx == IPSEC_MODE_TX_SIDEBAND ? NETAPI_SEC_SA_SIDEBAND: NETAPI_SEC_SA_INFLOW,
NULL, //use default route
&(sa_info[i].tx_data_mode_handle),
&(sa_info[i].tx_inflow_mode_handle),
&err);
- if (err) {printf("addTxSa failed %d\n",err); exit(1);}
+ if (err) {printf("addTxSa failed %d\n",err); exit(1);}
#ifdef NET_TEST_ENABLE_SIDE_BAND_LOW_LEVEL_API
-
/* Remember the NetCP Command Label so save cycles per Crypto
- * operation
- *
- */
- if(config.ipsec_mode_tx == IPSEC_MODE_TX_SIDEBAND)
- {
- nwalRetVal =
- nwal_initDMPSCmdInfo(pktio_mGetNwalInstance(netcp_sb_tx_chan),
+ * operation */
+ if(netTestCfg.ipsec_mode_tx == IPSEC_MODE_TX_SIDEBAND)
+ {
+ nwalRetVal =
+ nwal_initDMPSCmdInfo(pktio_mGetNwalInstance(netcp_sb_tx_chan),
sa_info[i].tx_data_mode_handle,
&sa_info[i].tx_dmPSCmdInfo);
- }
+ }
#endif
#ifdef NET_TEST_ENABLE_INFLOW_LOW_LEVEL_API
- if(config.ipsec_mode_tx == IPSEC_MODE_TX_INFLOW)
- {
- memset(&nwalSaIpSecId, 0, sizeof(nwalSaIpSecId_t));
- nwalSaIpSecId.spi = tx_sa[i].spi;
- memcpy(&(nwalSaIpSecId.src), &config.local_ipsec_ip,sizeof( nwalIpAddr_t));
- memcpy(&(nwalSaIpSecId.dst), &config.remote_ipsec_ip,sizeof( nwalIpAddr_t));
- nwalSaIpSecId.proto= tx_sa[i].proto;
+ if(netTestCfg.ipsec_mode_tx == IPSEC_MODE_TX_INFLOW)
+ {
+ memset(&nwalSaIpSecId, 0, sizeof(nwalSaIpSecId_t));
+ nwalSaIpSecId.spi = netTestCfg.sa_info[i].spi;
+ memcpy(&(nwalSaIpSecId.src), &netTestCfg.sa_info[i].src,sizeof( nwalIpAddr_t));
+ memcpy(&(nwalSaIpSecId.dst), &netTestCfg.sa_info[i].dst,sizeof( nwalIpAddr_t));
+ nwalSaIpSecId.proto = netTestCfg.sa_info[i].proto;
- nwalRetVal = nwal_initPSCmdInfo(pktio_mGetNwalInstance(netcp_tx_chan),
+ nwalRetVal = nwal_initPSCmdInfo(pktio_mGetNwalInstance(netcp_tx_chan),
&sa_info[i].tx_pkt_info,
&sa_info[i].tx_psCmdInfo);
- if (nwalRetVal == nwal_OK)
- {
- if (nwal_getSecAssoc(pktio_mGetNwalInstance(netcp_tx_chan),
- &nwalSaIpSecId,
- NWAL_SA_DIR_OUTBOUND,
- &(sa_info[i].tx_inflow_mode_handle),
- &sa_info[i].swInfo0,
- &sa_info[i].swInfo1) != nwal_TRUE)
- {
- printf("main: nwal_getSecAssoc failed\n");
- exit (1);
+ if (nwalRetVal == nwal_OK)
+ {
+ if (nwal_getSecAssoc(pktio_mGetNwalInstance(netcp_tx_chan),
+ &nwalSaIpSecId,
+ NWAL_SA_DIR_OUTBOUND,
+ &(sa_info[i].tx_inflow_mode_handle),
+ &sa_info[i].swInfo0,
+ &sa_info[i].swInfo1) != nwal_TRUE)
+ {
+ printf("main: nwal_getSecAssoc failed\n");
+ exit (1);
+ }
+ }
+ else
+ {
+ printf("main: nwal_initPSCmdInfo failed\n");
+ exit (1);
+ }
}
- }
- else
- {
- printf("main: nwal_initPSCmdInfo failed\n");
- exit (1);
- }
- }
#endif
+ }
}
-
#ifdef TEST_TIMERS
//timers
ourTimerBlock = hplib_Timer_CreateGroup(
netcp_cfgDelFlow(netapi_handle, specialFlow, &err);
#endif
#endif
-#if 1
-//delete policy
for (i=0; i < MAX_SEC_INDEX;i++)
{
- if (rx_policy[i])
- netapi_secDelRxPolicy(netapi_handle, rx_policy[i], &err);
-
- //delete tunnels
- netapi_secDelSA(netapi_handle, 0, sa_info[i].rx_tunnel, &err);
- netapi_secDelSA(netapi_handle, 0, sa_info[i].tx_tunnel, &err);
-#endif
+ if(sa_info[i].dir == NWAL_SA_DIR_INBOUND)
+ {
+ if (rx_policy[i])
+ netapi_secDelRxPolicy(netapi_handle, rx_policy[i], &err);
+ //delete tunnels
+ netapi_secDelSA(netapi_handle, 0, sa_info[i].rx_tunnel, &err);
+ }
+
+ if(sa_info[i].dir == NWAL_SA_DIR_OUTBOUND)
+ {
+ netapi_secDelSA(netapi_handle, 0, sa_info[i].tx_tunnel, &err);
+ }
}
//delete IPs and MAC Interfacess
netcp_cfgDelIp(netapi_handle, 0, 0, NULL, NULL, ip_rule0, &err);
{
asm volatile("pld [r0]");
}
-#include "ti/drv/nwal/nwal_util.h"
#define M 1008
static int l3_off[M], l4_off[M], L3_chk_ok[M], L4_chk_ok[M], len[M] ;
@@ -4136,6 +3481,12 @@ static inline void send_it(Ti_Pkt *tip, int len, ROUTE_SEC_T * p_sec, int out_po
PKTIO_METADATA_T meta2 = {PKTIO_META_TX,{0},0};
nwalTxPktInfo_t meta_tx2={0};
st1=hplib_mUtilGetPmuCCNT();
+#ifdef MULTI_THREAD
+ int coreid=Osal_nwalGetProcId(); //who we are(thread local)
+ //int coreid = our_core;
+#else
+ int coreid=0;
+#endif
if (len<60)
{
unsigned int templen;
index 4adb72c1ba7ee84309529fda2a57d246bf78d9c0..102f63128fa1fe353387e79edb1cfc749f1f8c0b 100755 (executable)
*/
/* ============================================================= */
+#ifndef __NET_TEST_H__
+#define __NET_TEST_H__
-#define MAX_SEC_INDEX 7
+#define NET_TEST_ENABLE_SIDE_BAND_LOW_LEVEL_API
+#ifdef NET_TEST_ENABLE_SIDE_BAND_LOW_LEVEL_API
+#define NWAL_ENABLE_SA
+#endif
+#define AH_SUPPORT
+#define NET_TEST_ENABLE_INFLOW_LOW_LEVEL_API
+#ifdef NET_TEST_ENABLE_INFLOW_LOW_LEVEL_API
+#define NWAL_ENABLE_SA
+#endif
+//define this for multi-thread
+#define MULTI_THREAD
-//IPSEC MODE(only choose one rx and one tx)
-#define IPSEC_MODE_RX_INFLOW 1
-#define IPSEC_MODE_TX_INFLOW 2
-#define IPSEC_MODE_RX_SIDEBAND 3
-#define IPSEC_MODE_TX_SIDEBAND 4
+//#define EXPERIMENTAL
+
+#include "netapi.h"
#define netTest_MAC_HEADER_LEN 14
#define netTest_IP_HEADER_LEN 20
#define netTest_NULL_ESP_HEADER_LEN 0
-/* The input strings for the input config file is given below */
-#define INIT_CONFIG_MAC0 "mac0"
-#define INIT_CONFIG_MAC1 "mac1"
-#define INIT_CONFIG_IP0 "ip0"
-#define INIT_CONFIG_IP1 "ip1"
-#define INIT_CONFIG_IP2 "ip2"
-#define INIT_CONFIG_LOCAL_IPSEC_IP "local_ipsec_ip"
-#define INIT_CONFIG_REMOTE_IPSEC_IP "remote_ipsec_ip"
-#define INIT_CONFIG_IPSEC_MODE_RX "ipsec_mode_rx"
-#define INIT_CONFIG_IPSEC_MODE_TX "ipsec_mode_tx"
-#define INIT_CONFIG_IPSEC_IF_NO "ipsec_if"
-#define INIT_CONFIG_AUTH_KEY "authkey"
-#define INIT_CONFIG_ENCR_KEY "encrkey"
-#define CONFIG_STRING_LEN 128
-
-#define MAX_ROUTES 16
-/* tmannan - begin */
typedef struct {
nwalDmTxPayloadInfo_t tx_payload_info;
uint32_t swInfo0;
uint32_t swInfo1;
#endif
-} netTestSA_t;
-
-
-
-typedef struct{
- char mac0[CONFIG_STRING_LEN];
- char mac1[CONFIG_STRING_LEN];
- char ip0[CONFIG_STRING_LEN];
- char ip1[CONFIG_STRING_LEN];
- char ip2[CONFIG_STRING_LEN];
- char local_ipsec_ip[CONFIG_STRING_LEN];
- char remote_ipsec_ip[CONFIG_STRING_LEN];
- char ipsec_mode_rx[CONFIG_STRING_LEN];
- char ipsec_mode_tx[CONFIG_STRING_LEN];
- char routes[MAX_ROUTES][CONFIG_STRING_LEN];
- char ports[MAX_ROUTES][CONFIG_STRING_LEN];
- char dst_ips[MAX_ROUTES][CONFIG_STRING_LEN];
- char paths[MAX_ROUTES][CONFIG_STRING_LEN];
- char ipsec_if_no[CONFIG_STRING_LEN];
- char auth_key[CONFIG_STRING_LEN];
- char encr_key[CONFIG_STRING_LEN];
+ uint32_t dir;
+ uint32_t tunnel_id;
+ nwalSecKeyParams_t *key_params;
-} netTestConfigFile_t;
-
-
-
-
-typedef struct {
-unsigned char mac0[6];
-unsigned char mac1[6];
-nwalIpAddr_t ip0;
-nwalIpAddr_t ip1;
-nwalIpAddr_t ip2;
-nwalIpAddr_t local_ipsec_ip;
-nwalIpAddr_t remote_ipsec_ip;
-uint8_t ipsec_mode_rx;
-uint8_t ipsec_mode_tx;
-int ipsec_if_no; /* 0 if mac0, 1 if mac 1 */
-uint8_t auth_key[36];
-uint8_t encr_key[36];
-} netTestConfig_t;
+} netTestSA_t;
typedef struct {
#define IPSEC_AH_PKT 1
#define IPSEC_ESP_PKT 2
+
+#define BE(x) ( (((x)&0xff000000)>>24) | (((x)&0xff0000)>>8) | (((x)&0xff00)<<8) | (((x)&0xff)<<24) )
+
+typedef struct iphead_t
+{
+ unsigned long w1;
+ unsigned long w2;
+ unsigned long w3;
+ unsigned long src;
+ unsigned long dst;
+} IP_HEAD_T;
+
+#define ROUTE_SEC_T netTestSA_t
+
+typedef struct our_route_t
+{
+ int out_port;
+ unsigned char out_mac[14];
+ ROUTE_SEC_T * sec_ptr;
+} OUR_ROUTE_T;
+
+
+
+
+#endif
diff --git a/ti/runtime/netapi/test/net_test_config.txt b/ti/runtime/netapi/test/net_test_config.txt
index 60885c4826244525afc67394e0d0847410bccddb..6e89ff593f35208c493d783f2ee6aa201cd964d5 100644 (file)
-mac0 = 00-01-02-03-05-05
-mac1 = 00-01-02-03-05-06
+mac0 = 00-01-02-03-05-05 0
+mac1 = 00-01-02-03-05-06 1
ip0 = 10.0.0.100
ip1 = 10.0.1.100
ip2 = 10.0.2.100
#ipsec_mode_tx = SIDEBAND
ipsec_mode_rx = INFLOW
ipsec_mode_tx = INFLOW
-authkey = 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23
-encrkey = 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33
route0 = MAC00-23-24-08-67-46 1
route1 = MAC00-22-33-44-55-56 2
dstip0 = 10.1.0.100 route1
dspip1 = 10.0.0.10 route0
+
+
+#sa0 = dir spi prot saMode iptype srcip destip window auth cipher esnlo esphi encrkeysize authkeysize encrkey pauthkey tunnel_id
+
+sa0 = INBOUND 0x11111111 ESP TUNNEL IPV4 192.168.1.10 192.168.1.100 64 HMAC_SHA1 AES_CBC 0 0 32 20 55,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x2
+
+sa1 = OUTBOUND 0x11111111 ESP TUNNEL IPV4 192.168.1.100 192.168.1.10 64 HMAC_SHA1 AES_CBC 0 0 32 20 55,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x2
+
+sa2 = INBOUND 0x44444444 AH TUNNEL IPV4 192.168.1.10 192.168.1.100 64 HMAC_MD5 NULL 0 0 0 16 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x1
+
+sa3 = OUTBOUND 0x44444444 AH TUNNEL IPV4 192.168.1.100 192.168.1.10 64 HMAC_MD5 NULL 0 0 0 16 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x1
+
+sa4 = INBOUND 0x22222222 ESP TUNNEL IPV4 192.168.1.10 192.168.1.100 64 HMAC_SHA2_256 AES_CTR 0 0 20 32 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x3
+
+sa5 = OUTBOUND 0x22222222 ESP TUNNEL IPV4 192.168.1.100 192.168.1.10 64 HMAC_SHA2_256 AES_CTR 0 0 20 32 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x3
+
+sa6 = INBOUND 0x55555555 ESP TUNNEL IPV4 192.168.1.10 192.168.1.100 64 NULL AES_GCM 0 0 20 0 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x4
+
+sa7 = OUTBOUND 0x55555555 ESP TUNNEL IPV4 192.168.1.100 192.168.1.10 64 NULL AES_GCM 0 0 20 0 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x4
+
+sa8 = INBOUND 0x66666666 ESP TUNNEL IPV4 192.168.1.10 192.168.1.100 64 NULL AES_CCM 0 0 19 0 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x5
+
+sa9 = OUTBOUND 0x66666666 ESP TUNNEL IPV4 192.168.1.100 192.168.1.10 64 NULL AES_CCM 0 0 19 0 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x5
+
+sa10 = INBOUND 0x33333333 ESP TUNNEL IPV4 192.168.1.10 192.168.1.100 64 HMAC_SHA2_256 3DES_CBC 0 0 24 32 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x6
+
+sa11 = OUTBOUND 0x33333333 ESP TUNNEL IPV4 192.168.1.100 192.168.1.10 64 HMAC_SHA2_256 3DES_CBC 0 0 24 32 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x6
+
+sa12 = INBOUND 0x77777777 ESP TUNNEL IPV4 192.168.1.10 192.168.1.100 64 AES_XCBC NULL 0 0 0 16 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x7
+
+sa13 = OUTBOUND 0x77777777 ESP TUNNEL IPV4 192.168.1.100 192.168.1.10 64 AES_XCBC NULL 0 0 0 16 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x7
+
+sa14 = INBOUND 0x88888888 ESP TUNNEL IPV4 192.168.1.10 192.168.1.100 64 GMAC NULL 0 0 0 20 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x8
+
+sa15 = OUTBOUND 0x88888888 ESP TUNNEL IPV4 192.168.1.100 192.168.1.10 64 GMAC NULL 0 0 0 20 00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,00,11,22,33,44,55,66,77,88,99,AA,BB,CC,DD,EE,FF,30,31,32,33 00,01,02,03,04,05,06,07,08,09,0A,0B,0C,0D,0E,0F,10,11,12,13,14,15,16,17,18,19,1A,1B,1C,1D,1E,1F,20,21,22,23 0x8
diff --git a/ti/runtime/netapi/test/net_test_util.c b/ti/runtime/netapi/test/net_test_util.c
--- /dev/null
@@ -0,0 +1,845 @@
+/******************************************
+ * File: net_test.c
+ * Purpose: test app for netapi
+ **************************************************************
+ * FILE: net_test.c
+ *
+ * DESCRIPTION: netapi user space transport
+ * library test application
+ *
+ * REVISION HISTORY: rev 0.0.1
+ *
+ * Copyright (c) Texas Instruments Incorporated 2010-2011
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the
+ * distribution.
+ *
+ * Neither the name of Texas Instruments Incorporated nor the names of
+ * its contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+ *****************************************/
+
+#include "net_test_util.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+#include <signal.h>
+#include <pthread.h>
+#include "trie.h"
+
+#include <ti/drv/sa/salld.h>
+#include <ti/drv/pa/pa.h>
+
+
+extern netTestConfig_t netTestCfg;
+extern netTestConfig_t config;
+extern netTestSA_t sa_info[];
+extern Trie * our_router;
+#ifdef EXPERIMENTAL
+extern OUR_ROUTE_T routes[];
+#endif
+
+static int scnt=0;
+int QUIT;
+void mysig(int x)
+{
+ QUIT=1;
+ scnt+=1;
+ printf(">net_test: recv'd signal %d cnt=%d\n",x,scnt);
+ if (scnt > 10)
+ {
+ printf(">net_test: WARNING EXITING WITH PROPER SHUTDOWN, LUTS LEFT ACTIVE\n");
+ exit(1);
+ }
+}
+unsigned long peek(unsigned long * p)
+{
+ return *p;
+}
+void dump_descr(unsigned long *p, int n)
+{
+ printf("--------dump of descriptor %d %x\n", n, (int) p);
+ printf("> %x %x %x %x %x %x %x %x\n",p[0],p[1],p[2],p[3],p[4],p[5],p[6],p[7]);
+ printf("> %x %x %x %x %x %x %x %x\n",p[8],p[9],p[10],p[11],p[12],p[13],p[14],p[15]);
+ printf("-----------------------------\n");
+}
+void dump_header(unsigned long *p, int n, int a, int r)
+{
+ printf("--------dump of header %d %x appID=%x flag1=%x\n", n, (int) p,a,r);
+ printf("> %x %x %x %x %x %x %x %x\n",p[0],p[1],p[2],p[3],p[4],p[5],p[6],p[7]);
+ printf("> %x %x %x %x %x %x %x %x\n",p[8],p[9],p[10],p[11],p[12],p[13],p[14],p[15]);
+ printf("> %x %x %x %x %x %x %x %x\n",p[16],p[17],p[18],p[19],p[20],p[21],p[22],p[23]);
+ printf("> %x %x %x %x %x %x %x %x\n",p[24],p[25],p[26],p[27],p[28],p[29],p[30],p[31]);
+ printf("-----------------------------\n");
+}
+
+void netapi_dump_buf
+(
+ unsigned long * buf,
+ uint32_t buf_length
+)
+{
+ uint8_t count = 0;
+ uint16_t dump_size;
+ uint8_t* tmp_buf;
+ uint8_t row_count;
+ static uint8_t first = 0;
+
+ //if(first > 2) return;
+
+ //first++;
+
+ dump_size = buf_length ;
+
+ tmp_buf = (uint8_t *)(buf);
+
+ printf("netapi *: - 8 bit word hex Length: %d Start \n",buf_length);
+ do
+ {
+ row_count = (dump_size - count);
+
+ if(row_count == 0)
+ {
+ break;
+ }
+
+ if(row_count > 4)
+ {
+ row_count = 4;
+ }
+
+ switch (row_count)
+ {
+ case 4:
+ {
+ printf("netapi *:%02d : %02x %02x %02x %02x \n",
+ count,tmp_buf[0],tmp_buf[1],tmp_buf[2],tmp_buf[3]);
+ break;
+ }
+ case 3:
+ {
+ printf("netapi *: %02d : %02x %02x %02x \n",
+ count,tmp_buf[0],tmp_buf[1],tmp_buf[2]);
+ break;
+ }
+
+ case 2:
+ {
+ printf("netapi *: %02d : %02x %02x \n",
+ count,tmp_buf[0],tmp_buf[1]);
+ break;
+ }
+
+ case 1:
+ {
+ printf("netapi *: %02d : %02x \n",
+ count,tmp_buf[0]);
+ break;
+ }
+
+ default:
+ {
+ /* Should never reach here */
+ printf("netapi *: Internal Error in netapi_dump_buf().Row Count: %d \n",
+ row_count);
+ return;
+ }
+ }
+
+ tmp_buf = tmp_buf + row_count;
+ count = count + row_count;
+
+ }while(count < dump_size);
+
+ printf("netapi *: - Byte hex Dump End \n");
+
+}
+long htonl(long x)
+{
+ long temp = (x&0xff000000)>>24 | (x&0xff0000)>>8 | (x&0xff00)<<8 | (x&0xff)<<24 ;
+ return temp;
+}
+
+unsigned char hex2dec(char *p_s)
+{
+ int val;
+ sscanf(p_s,"%x",&val);
+ return val&0xff;
+}
+
+/********************************************************************
+ * FUNCTION PURPOSE: Ones complement addition utility
+ ********************************************************************
+ ********************************************************************/
+uint16_t test_utilOnesComplementAdd (uint16_t v1, uint16_t v2)
+{
+ uint32_t result;
+
+ result = (uint32_t)v1 + (uint32_t)v2;
+ result = (result >> 16) + (result & 0xffff);
+ result = (result >> 16) + (result & 0xffff);
+
+ return ((uint16_t)result);
+}
+
+/********************************************************************
+ * FUNCTION PURPOSE: Ones complement checksum utility
+ ********************************************************************
+ ********************************************************************/
+ uint16_t test_utilOnesCompChkSum (uint8_t *p, uint32_t nwords)
+{
+ uint16_t chksum = 0;
+ uint16_t v;
+ uint32_t i;
+ uint32_t j;
+
+ for (i = j = 0; i < nwords; i++, j+=2) {
+ v = (p[j] << 8) | p[j+1];
+ chksum = test_utilOnesComplementAdd (chksum, v);
+ }
+ return (chksum);
+} /* utilOnesCompChkSum */
+
+/**************************************************************************************
+ * FUNCTION PURPOSE: Compute ipv4 psudo checksum
+ **************************************************************************************
+ * DESCRIPTION: Compute ipv4 psudo checksum
+ **************************************************************************************/
+uint16_t test_utilGetIpv4PsudoChkSum (uint8_t *data, uint16_t payloadLen)
+{
+ uint16_t psudo_chksum;
+
+ psudo_chksum = test_utilOnesCompChkSum (&data[12], 4);
+ psudo_chksum = test_utilOnesComplementAdd(psudo_chksum, (uint16_t) data[9]);
+ psudo_chksum = test_utilOnesComplementAdd(psudo_chksum, payloadLen);
+
+ return (psudo_chksum);
+
+} /* utilGetIpv4PsudoChkSum */
+
+#define CHECK_SET_PARAM(ARG1, ARG2) \
+ do { \
+ if(strcmp(key, ARG1) == 0) { \
+ if(data)strncpy(ARG2,data,CONFIG_STRING_LEN); \
+ printf("CHECK_SET_PARM, match found, input cong string %s\n", ARG2); \
+ continue; \
+ } \
+ } while(0)
+
+#define CHECK_SET_PARAM2(ARG1, ARG2, ARG3) \
+ do { \
+ if(strcmp(key, ARG1) == 0) { \
+ if(data) strncpy(ARG2,data,CONFIG_STRING_LEN); \
+ if(data2) strncpy(ARG3,data2,CONFIG_STRING_LEN); \
+ printf("CHECK_SET_PARM2, match found, input cong string %s %s\n", ARG2, ARG3); \
+ continue; \
+ } \
+ } while(0)
+
+#define CHECK_SET_PARAM_SA(ARG1, ARG2, ARG3, ARG4, ARG5, \
+ ARG6, ARG7, ARG8, ARG9, ARG10, \
+ ARG11, ARG12,ARG13, ARG14, ARG15, ARG16,ARG17, ARG18) \
+ do { \
+ if(data) strncpy(ARG2,data,CONFIG_STRING_LEN); \
+ if(data2) strncpy(ARG3,data2,CONFIG_STRING_LEN); \
+ if(d3) strncpy(ARG4,d3,CONFIG_STRING_LEN); \
+ if(d4) strncpy(ARG5,d4,CONFIG_STRING_LEN); \
+ if(d5) strncpy(ARG6, d5,CONFIG_STRING_LEN); \
+ if(d6) strncpy(ARG7,d6,CONFIG_STRING_LEN); \
+ if(d7) strncpy(ARG8,d7,CONFIG_STRING_LEN); \
+ if(d8) strncpy(ARG9,d8,CONFIG_STRING_LEN); \
+ if(d9) strncpy(ARG10,d9,CONFIG_STRING_LEN); \
+ if(d10) strncpy(ARG11,d10,CONFIG_STRING_LEN); \
+ if(d11) strncpy(ARG12,d11,CONFIG_STRING_LEN); \
+ if(d12) strncpy(ARG13,d12,CONFIG_STRING_LEN); \
+ if(d13) strncpy(ARG14,d13,CONFIG_STRING_LEN); \
+ if(d14) strncpy(ARG15,d14,CONFIG_STRING_LEN); \
+ if(d15) strncpy(ARG16,d15,CONFIG_STRING_LEN); \
+ if(d16) strncpy(ARG17,d16,CONFIG_STRING_LEN); \
+ if(d17) strncpy(ARG18,d17,CONFIG_STRING_LEN); \
+ printf("CHECK_SET_PARMSA, match found, input cong string %s %s %s %s\n", ARG2, ARG3, ARG4, ARG5); \
+ printf("CHECK_SET_PARMSA, match found, input cong string %s %s %s %s\n", ARG6, ARG7, ARG8, ARG9); \
+ printf("CHECK_SET_PARMSA, match found, input cong string %s %s %s %s\n", ARG10, ARG11, ARG12, ARG13); \
+ printf("CHECK_SET_PARMSA, match found, input cong string %s %s\n", ARG14, ARG15); \
+ printf("CHECK_SET_PARMSA, match found, encrykey: %s\n", ARG16); \
+ printf("CHECK_SET_PARMSA, match found, authkey :%s\n", ARG17); \
+ printf("CHECK_SET_PARMSA, match found, tunnel_id :%s\n", ARG18); \
+ continue; \
+ } while(0)
+
+
+
+
+void parse_one_mac(char * p_mac_str, unsigned char *p_mac)
+{
+ int index = 0;
+ int i;
+ char *pch = strtok (&(p_mac_str[0]),"-");
+
+ while (pch != NULL)
+ {
+ printf ("parse_one_mac %s\n",pch);
+ p_mac[index] = hex2dec(pch);
+ index++;
+ pch = strtok (NULL,"-");
+ }
+}
+
+
+void parse_one_key(char *p_key_str, unsigned char *p_key)
+{
+ int index = 0;
+ int i;
+ char * pch = strtok (&p_key_str[0],",");
+
+ //printf("parse_one_key %s\n", p_key_str);
+ while (pch != NULL)
+ {
+ //printf ("%s\n",pch);
+ p_key[index] = hex2dec(pch);
+ index++;
+ pch = strtok (NULL,",");
+ }
+}
+
+void parse_one_ip(char * p_ip_addr_str, unsigned char * p_ip)
+{
+ int index = 0;
+ int i;
+ char * pch = strtok (&p_ip_addr_str[0],".");
+
+ printf("parse_one_ip: ip string %s\n", p_ip_addr_str);
+ while (pch != NULL)
+ {
+ // printf ("xxxxx: %s\n",pch);
+ p_ip[index] = atoi(pch);
+ index++;
+ pch = strtok (NULL,".");
+ }
+ //printf("index value : %d\n", index);
+ for (i=0; i<4;i++)
+ printf("parse_one_ipip[%d]: 0x%x\n",i, p_ip[i]);
+}
+
+void parse_mac_address(netTestConfigFile_t *pConfig)
+{
+ int i;
+ int port = 0;
+ for(i=0;i<2;i++)
+ {
+ parse_one_mac(&pConfig->mac[i][0],&netTestCfg.mac[i][0]);
+ netTestCfg.switch_port[i] = atoi(&pConfig->switch_port[i][0]);
+ printf("parse_mac_address mac port %d\n", netTestCfg.switch_port[i]);
+ }
+
+}
+void parse_ip_address(netTestConfigFile_t *pConfig)
+{
+ int i;
+ for(i=0;i<3;i++)
+ {
+ if (strlen(&pConfig->ip[i][0]))
+ {
+ //printf("parse_ip: ip length %d\n", strlen(&pConfig->ip[i][0]));
+ parse_one_ip(&pConfig->ip[i][0],&netTestCfg.ip[i].ipv4[0]);
+ }
+ }
+}
+void parse_ipsec_mode(netTestConfigFile_t *pConfig)
+{
+
+ if (strlen(&pConfig->ipsec_mode_rx[0]))
+ {
+ if (strcmp(pConfig->ipsec_mode_rx, "SIDEBAND") == 0)
+ {
+ netTestCfg.ipsec_mode_rx = IPSEC_MODE_RX_SIDEBAND;
+ //config.ipsec_mode_rx = IPSEC_MODE_RX_SIDEBAND;
+ }
+ else if (strcmp(pConfig->ipsec_mode_rx, "INFLOW") == 0)
+ {
+ netTestCfg.ipsec_mode_rx = IPSEC_MODE_RX_INFLOW;
+ }
+ //else
+ // printf("parse_ipsec_mode(), invalid RX ipsec mode in config file \n");
+ }
+
+ if (strlen(&pConfig->ipsec_mode_tx[0]))
+ {
+ if (strcmp(pConfig->ipsec_mode_tx, "SIDEBAND") == 0)
+ {
+ netTestCfg.ipsec_mode_tx = IPSEC_MODE_TX_SIDEBAND;
+ }
+ else if (strcmp(pConfig->ipsec_mode_tx, "INFLOW") == 0)
+ {
+ netTestCfg.ipsec_mode_tx = IPSEC_MODE_TX_INFLOW;
+ }
+ //else
+ //printf("parse_ipsec_mode(), invalid TX ipsec mode in config file \n");
+ }
+
+ // printf("parse_ipsec_mode(): RX mode %d\n", config.ipsec_mode_rx);
+ // printf("parse_ipsec_mode(): TX mode %d\n", config.ipsec_mode_tx);
+
+}
+
+void parse_auth_mode(char *auth_mode_str, nwal_saAALG *auth_mode)
+{
+ if (strlen(auth_mode_str))
+ {
+ printf("strlen of auth_mode_str is %d\n", strlen(auth_mode_str));
+
+ if (strcmp(auth_mode_str, "NULL") == 0)
+ {
+ *auth_mode= NWAL_SA_AALG_NULL;
+ }
+ else if (strcmp(auth_mode_str, "HMAC_MD5") == 0)
+ {
+ *auth_mode= NWAL_SA_AALG_HMAC_MD5;
+ }
+ else if (strcmp(auth_mode_str, "HMAC_SHA1") == 0)
+ {
+ *auth_mode= NWAL_SA_AALG_HMAC_SHA1;
+ }
+ else if (strcmp(auth_mode_str, "HMAC_SHA2_224") == 0)
+ {
+ *auth_mode= NWAL_SA_AALG_HMAC_SHA2_224;
+ }
+ else if (strcmp(auth_mode_str, "HMAC_SHA2_256") == 0)
+ {
+ *auth_mode= NWAL_SA_AALG_HMAC_SHA2_256;
+ }
+ else if (strcmp(auth_mode_str, "GMAC") == 0)
+ {
+ *auth_mode= NWAL_SA_AALG_GMAC;
+ }
+ else if (strcmp(auth_mode_str, "AES_XCBC") == 0)
+ {
+ *auth_mode= NWAL_SA_AALG_AES_XCBC;
+ }
+ else
+ printf("parse_auth_mode: invalid auth mode specified\n");
+
+ printf("parse_auth_mode(): setting to %s, auth_mode: %d\n", auth_mode_str, *auth_mode);
+ }
+
+}
+
+void parse_encr_mode(char *ency_mode_str, nwal_saEALG*encr_mode)
+{
+ if (strlen(ency_mode_str))
+ {
+ printf("strlen of encr_mode_str is %d\n", strlen(ency_mode_str));
+
+ if (strcmp(ency_mode_str, "NULL") == 0)
+ {
+ *encr_mode= NWAL_SA_EALG_NULL;
+ }
+ else if (strcmp(ency_mode_str, "AES_CTR") == 0)
+ {
+ *encr_mode= NWAL_SA_EALG_AES_CTR;
+ }
+ else if (strcmp(ency_mode_str, "AES_CBC") == 0)
+ {
+ *encr_mode= NWAL_SA_EALG_AES_CBC;
+ }
+ else if (strcmp(ency_mode_str, "3DES_CBC") == 0)
+ {
+ *encr_mode= NWAL_SA_EALG_3DES_CBC;
+ }
+ else if (strcmp(ency_mode_str, "AES_CCM") == 0)
+ {
+ *encr_mode= NWAL_SA_EALG_AES_CCM;
+ }
+ else if (strcmp(ency_mode_str, "AES_GCM") == 0)
+ {
+ *encr_mode= NWAL_SA_EALG_AES_GCM;
+ }
+ else if (strcmp(ency_mode_str, "AES_XCBC") == 0)
+ {
+ *encr_mode= NWAL_SA_AALG_AES_XCBC;
+ }
+ else
+ printf("parse_encr_mode: invalid auth mode specified\n");
+
+ printf("parse_encr_mode(): setting to %s, encr_mode: %d\n", ency_mode_str, *encr_mode);
+ }
+
+}
+
+void parse_proto(char *proto_str, nwal_IpSecProto *proto)
+{
+ if (strlen(proto_str))
+ {
+ printf("strlen of proto is %d\n", strlen(proto_str));
+ if (strcmp(proto_str, "ESP") == 0)
+ {
+ *proto= nwal_IpSecProtoESP;
+ printf("parse_proto(): setting proto to ESP\n");
+ }
+ else if (strcmp(proto_str, "AH") == 0)
+ {
+ *proto = nwal_IpSecProtoAH;
+ printf("parse_proto(): setting proto to AH\n");
+ }
+ //else
+ // printf("parse_ipsec_mode(), invalid RX ipsec mode in config file \n");
+ }
+}
+
+
+
+void parse_mode(char *mode_str, nwal_saMode *mode)
+{
+ if (strlen(mode_str))
+ {
+ printf("strlen of mode is %d\n", strlen(mode_str));
+ if (strcmp(mode_str, "TUNNEL") == 0)
+ {
+ *mode= nwal_SA_MODE_TUNNEL;
+ printf("parse_mode(): setting proto to TUNNEL\n");
+ }
+ else if (strcmp(mode_str, "TRANSPORT") == 0)
+ {
+ *mode = nwal_SA_MODE_TRANSPORT;
+ printf("parse_mode(): setting proto to TUNNEL\n");
+ }
+ //else
+ // printf("parse_ipsec_mode(), invalid RX ipsec mode in config file \n");
+ }
+}
+
+void parse_ipType(char *ip_type_str, nwal_IpType *ipType)
+{
+ if (strlen(ip_type_str))
+ {
+ printf("strlen of ipType is %d\n", strlen(ip_type_str));
+ if (strcmp(ip_type_str, "IPV4") == 0)
+ {
+ *ipType= nwal_IPV4;
+ printf("parse_ipType(): setting proto to IPV4\n");
+ }
+ else if (strcmp(ip_type_str, "IPV6") == 0)
+ {
+ *ipType = nwal_IPV6;
+ printf("parse_ipType(): setting proto to IPV6\n");
+ }
+ //else
+ // printf("parse_ipsec_mode(), invalid RX ipsec mode in config file \n");
+ }
+}
+
+void parse_spi(char *spi_str, uint32_t *spi)
+{
+ if (strlen(spi_str))
+ {
+ printf("strlen of spi is %d\n", strlen(spi_str));
+ *spi = (int)strtol(spi_str, NULL, 0);
+ printf("parse_sa: spi 0x%x\n", spi);
+ }
+}
+
+void parse_replayWindow(char *replay_window_str, uint32_t *replay_window)
+{
+ *replay_window = atoi(replay_window_str);
+ printf("parse_replayWindow: %d\n", *replay_window);
+
+}
+
+void parse_esn(char *esn_str, uint32_t *esn)
+{
+ *esn = atoi(esn_str);
+ printf("parse_esn: %d\n", *esn);
+}
+
+void parse_key_size(char *key_size_str, uint32_t *key_size)
+{
+ *key_size = atoi(key_size_str);
+ printf("parse_key_size: %d\n", *key_size);
+}
+
+void parse_tunnel_id(char * tunnel_id_str, uint32_t *tunnel_id)
+{
+ if (strlen(tunnel_id_str))
+ {
+ printf("strlen of tunnel is %d\n", strlen(tunnel_id_str));
+ *tunnel_id = (int)strtol(tunnel_id_str, NULL, 0);
+ printf("***********************parse_tunnel_id spi 0x%x\n", tunnel_id);
+ }
+}
+
+void parse_dir(char* dir_str, nwal_SaDir *dir)
+{
+ if (strlen(dir_str))
+ {
+ printf("strlen of dir is %d\n", strlen(dir_str));
+ if (strcmp(dir_str, "INBOUND") == 0)
+ {
+ *dir= NWAL_SA_DIR_INBOUND;
+ printf("parse_dir(): setting dir to inbound\n");
+ }
+ else if (strcmp(dir_str, "OUTBOUND") == 0)
+ {
+ *dir = NWAL_SA_DIR_OUTBOUND;
+ printf("parse_dir(): setting dir to outbount\n");
+ }
+ else
+ printf("parse_dir: invalid direction\n");
+ }
+}
+
+
+void parse_sa(netTestConfigFile_t *pConfig, int i)
+{
+ parse_dir((char*) &pConfig->sa_config[i].dir, &netTestCfg.sa_info[i].dir);
+ parse_spi(&pConfig->sa_config[i].spi, &netTestCfg.sa_info[i].spi);
+ parse_proto(&pConfig->sa_config[i].proto, &netTestCfg.sa_info[i].proto);
+ parse_mode(&pConfig->sa_config[i].saMode, &netTestCfg.sa_info[i].saMode);
+ parse_ipType(&pConfig->sa_config[i].ipType, &netTestCfg.sa_info[i].ipType);
+ parse_one_ip(&pConfig->sa_config[i].src, &netTestCfg.sa_info[i].src);
+ parse_one_ip(&pConfig->sa_config[i].dst, &netTestCfg.sa_info[i].dst);
+ parse_replayWindow(&pConfig->sa_config[i].replayWindow, &netTestCfg.sa_info[i].replayWindow);
+ parse_auth_mode(&pConfig->sa_config[i].authMode, &netTestCfg.sa_info[i].authMode);
+ parse_encr_mode(&pConfig->sa_config[i].cipherMode, &netTestCfg.sa_info[i].cipherMode);
+ parse_esn(&pConfig->sa_config[i].esnLo, &netTestCfg.sa_info[i].esnLo);
+ parse_esn(&pConfig->sa_config[i].esnHi, &netTestCfg.sa_info[i].esnHi);
+ parse_key_size(&pConfig->sa_config[i].encKeySize, &netTestCfg.key_params[i].encKeySize);
+ parse_key_size(&pConfig->sa_config[i].macKeySize, &netTestCfg.key_params[i].macKeySize);
+
+
+ parse_one_key(&pConfig->sa_config[i].encr_key, &netTestCfg.encr_key[i][0]);
+ netTestCfg.key_params[i].pEncKey = (uint8_t*)&netTestCfg.encr_key[i][0];
+
+ parse_one_key(&pConfig->sa_config[i].auth_key, &netTestCfg.auth_key[i][0]);
+ netTestCfg.key_params[i].pAuthKey= (uint8_t*)&netTestCfg.auth_key[i][0];
+
+
+ parse_tunnel_id(&pConfig->sa_config[i].tunnel_id, &netTestCfg.tunnel_id[i]);
+
+
+}
+
+#ifdef EXPERIMENTAL
+int n_routes=0;
+int n_dst_ips=0;
+void parse_routes(netTestConfigFile_t *pConfig)
+{
+int i;
+int said=0;
+for(i=0;i<MAX_ROUTES;i++)
+{
+ int port;
+ if (pConfig->routes[i][0])
+ {
+ port=atoi(&pConfig->ports[i][0]);
+ if((port<1)||(port>2)) continue; //bad port #: only 1 or 2 valid
+ if(strncmp(&pConfig->routes[i][0],"MAC",3)==0)
+ {
+ routes[i].out_port = port;
+ parse_one_mac(&pConfig->routes[i][3],&routes[i].out_mac[0]);
+ //memcpy(&routes[i].out_mac[6], ((port==1) ?&config.mac0[0]: &config.mac1[0] ),6);
+ routes[i].out_mac[12]=0x08;
+ routes[i].out_mac[13]=0x00;
+ routes[i].sec_ptr=NULL;
+ n_routes+=1;
+ }
+ else if (strncmp(&pConfig->routes[i][0],"SA",2)==0)
+ {
+ said=atoi(&pConfig->routes[i][2]) ;
+ routes[i].sec_ptr=&sa_info[said];
+ n_routes+=1;
+ }
+ }
+}
+our_router = route_init();
+for (i=0;i<MAX_ROUTES;i++)
+{
+ unsigned long ip_be;
+ int route_index;
+ if (pConfig->dst_ips[i][0])
+ {
+ parse_one_ip(&pConfig->dst_ips[i][0],(unsigned char *)&ip_be);
+ sscanf(&pConfig->paths[i][0],"route%d",&route_index);
+ route_add(our_router,&ip_be,&routes[route_index]);
+ n_dst_ips+=1;
+ }
+}
+//printf(">Route DB built. %d entries\n",n_dst_ips);
+}
+#endif
+
+
+void parse_config_file(FILE * fpr, netTestConfigFile_t *pConfig)
+{
+ char line[MAX_LINE_LENGTH + 1];
+ int i;
+ static int sa_count = 0;
+
+ char *key, *data, *ep, *data2;
+ char * d1, *d2, *d3, *d4;
+ char * d5, *d6, *d7, *d8;
+ char * d9, *d10, *d11, *d12;
+ char * d13, *d14, *d15, *d16, *d17;
+ char tokens[] = " :=;\n";
+ char temp_str[50];
+ memset(line, 0, MAX_LINE_LENGTH + 1);
+ memset(pConfig, 0, sizeof(netTestConfigFile_t));
+ while (fgets(line, MAX_LINE_LENGTH + 1, fpr))
+ {
+ if(line[0]=='#')
+ continue; //skip comment
+ key = (char *)strtok(line, tokens);
+
+ data = (char *)strtok(NULL, tokens);
+ if (!key)
+ continue;
+ if (!data)
+ continue;
+
+ if(strlen(data) == 0)
+ {
+ continue;
+ }
+
+ //printf("d1: %s\n", data);
+ data2 = (char *)strtok(NULL, tokens);
+ //printf("d2: %s\n", data2);
+ d3 = (char *)strtok(NULL, tokens);
+ //printf("d3: %s\n", d3);
+ d4 = (char *)strtok(NULL, tokens);
+ //printf("d4: %s\n", d4);
+ d5 = (char *)strtok(NULL, tokens);
+ //printf("d5: %s\n", d5);
+ d6 = (char *)strtok(NULL, tokens);
+ // printf("d6: %s\n", d6);
+ d7 = (char *)strtok(NULL, tokens);
+ // printf("d7: %s\n", d7);
+ d8 = (char *)strtok(NULL, tokens);
+ //printf("d8: %s\n", d8);
+ d9 = (char *)strtok(NULL, tokens);
+ //printf("d9: %s\n", d9);
+ d10 = (char *)strtok(NULL, tokens);
+ // printf("d10: %s\n", d10);
+ d11 = (char *)strtok(NULL, tokens);
+ // printf("d11: %s\n", d11);
+ d12 = (char *)strtok(NULL, tokens);
+ //printf("d12: %s\n", d12);
+ d13 = (char *)strtok(NULL, tokens);
+ // printf("d13: %s\n", d13);
+ d14 = (char *)strtok(NULL, tokens);
+ // printf("d14: %s\n", d14);
+ d15 = (char *)strtok(NULL, tokens);
+ // printf("d15: %s\n", d15);
+ d16 = (char *)strtok(NULL, tokens);
+ d17 = (char *)strtok(NULL, tokens);
+ // printf("d16: %s\n", d16);
+
+ CHECK_SET_PARAM(INIT_CONFIG_IPSEC_MODE_RX,&(pConfig->ipsec_mode_rx[0]));
+ CHECK_SET_PARAM(INIT_CONFIG_IPSEC_MODE_TX,&(pConfig->ipsec_mode_tx[0]));
+ CHECK_SET_PARAM(INIT_CONFIG_IPSEC_IF_NO,&(pConfig->ipsec_if_no[0]));
+ sprintf(temp_str,"sa%d",sa_count);
+ if(strcmp(key, temp_str) == 0)
+ {
+ printf("parse_config_file, temp_str %s, sa_count: %d\n", temp_str, sa_count);
+ CHECK_SET_PARAM_SA(temp_str,
+ &pConfig->sa_config[sa_count].dir,
+ &pConfig->sa_config[sa_count].spi,
+ &pConfig->sa_config[sa_count].proto,
+ &pConfig->sa_config[sa_count].saMode,
+ &pConfig->sa_config[sa_count].ipType,
+ &pConfig->sa_config[sa_count].src,
+ &pConfig->sa_config[sa_count].dst,
+ &pConfig->sa_config[sa_count].replayWindow,
+ &pConfig->sa_config[sa_count].authMode,
+ &pConfig->sa_config[sa_count].cipherMode,
+ &pConfig->sa_config[sa_count].esnLo,
+ &pConfig->sa_config[sa_count].esnHi,
+ &pConfig->sa_config[sa_count].encKeySize,
+ &pConfig->sa_config[sa_count].macKeySize,
+ &pConfig->sa_config[sa_count].encr_key,
+ &pConfig->sa_config[sa_count].auth_key,
+ &pConfig->sa_config[sa_count].tunnel_id);
+ parse_sa(pConfig,sa_count);
+ sa_count++;
+ //parse_sa(pConfig,i);
+ continue;
+ }
+
+#ifdef EXPERIMENTAL
+ for(i=0;i<MAX_ROUTES;i++)
+ {
+ sprintf(temp_str,"route%d",i);
+ CHECK_SET_PARAM2(temp_str,&pConfig->routes[i][0],&pConfig->ports[i][0] );
+ }
+
+ for(i=0;i<MAX_ROUTES;i++)
+ {
+ sprintf(temp_str,"dstip%d",i);
+ CHECK_SET_PARAM2(temp_str,&pConfig->dst_ips[i][0],&pConfig->paths[i][0] );
+ }
+#endif
+ for(i=0;i<2;i++)
+ {
+ sprintf(temp_str,"mac%d",i);
+ //CHECK_SET_PARAM(temp_str,&(pConfig->mac[i][0]));
+ CHECK_SET_PARAM2(temp_str,&pConfig->mac[i][0],&pConfig->switch_port[i][0] );
+ }
+ for(i=0;i<3;i++)
+ {
+ sprintf(temp_str,"ip%d",i);
+ CHECK_SET_PARAM(temp_str,&pConfig->ip[i][0]);
+ }
+ }
+ parse_mac_address(pConfig);
+
+ parse_ip_address(pConfig);
+
+ parse_ipsec_mode(pConfig);
+
+ //parse_key(pConfig);
+
+#if 0
+ for (i=0; i < sa_count;i++)
+ {
+ printf("parse_config_file, calling parsing sa for sa_count %d\n", sa_count);
+ parse_sa(pConfig,i);
+ }
+#endif
+
+ if (strlen(&pConfig->ipsec_if_no[0]))
+ {
+ netTestCfg.ipsec_if_no = atoi(&pConfig->ipsec_if_no[0]);
+ }
+#ifdef EXPERIMENTAL
+ parse_routes(pConfig);
+#endif
+
+
+}
+
+
+
+
diff --git a/ti/runtime/netapi/test/net_test_util.h b/ti/runtime/netapi/test/net_test_util.h
--- /dev/null
@@ -0,0 +1,131 @@
+#ifndef __NET_TEST_UTIL_H__
+#define __NET_TEST_UTIL_H__
+
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+
+
+#include "net_test.h"
+
+
+#define MAX_SEC_INDEX 16
+
+#define MAX_LINE_LENGTH 512
+#define MAX_ROUTES 16
+/* The input strings for the input config file is given below */
+#define INIT_CONFIG_MAC0 "mac0"
+#define INIT_CONFIG_MAC1 "mac1"
+#define INIT_CONFIG_IP0 "ip0"
+#define INIT_CONFIG_IP1 "ip1"
+#define INIT_CONFIG_IP2 "ip2"
+#define INIT_CONFIG_LOCAL_IPSEC_IP "local_ipsec_ip"
+#define INIT_CONFIG_REMOTE_IPSEC_IP "remote_ipsec_ip"
+#define INIT_CONFIG_IPSEC_MODE_RX "ipsec_mode_rx"
+#define INIT_CONFIG_IPSEC_MODE_TX "ipsec_mode_tx"
+#define INIT_CONFIG_IPSEC_IF_NO "ipsec_if"
+#define INIT_CONFIG_AUTH_KEY "authkey"
+#define INIT_CONFIG_ENCR_KEY "encrkey"
+#define CONFIG_STRING_LEN 128
+
+//IPSEC MODE(only choose one rx and one tx)
+#define IPSEC_MODE_RX_INFLOW 1
+#define IPSEC_MODE_TX_INFLOW 2
+#define IPSEC_MODE_RX_SIDEBAND 3
+#define IPSEC_MODE_TX_SIDEBAND 4
+
+
+typedef struct {
+ unsigned char mac[2][6];
+ uint8_t switch_port[2];
+ unsigned char mac1[2][6];
+ nwalIpAddr_t ip[3];
+ nwalIpAddr_t ip1;
+ nwalIpAddr_t ip2;
+ nwalIpAddr_t local_ipsec_ip;
+ nwalIpAddr_t remote_ipsec_ip;
+ uint8_t ipsec_mode_rx;
+ uint8_t ipsec_mode_tx;
+ int ipsec_if_no;
+ uint8_t auth_key[MAX_SEC_INDEX][36];
+ uint8_t encr_key[MAX_SEC_INDEX][36];
+ uint32_t tunnel_id[MAX_SEC_INDEX];
+ NETAPI_SEC_SA_INFO_T sa_info[MAX_SEC_INDEX];
+ nwalSecKeyParams_t key_params[MAX_SEC_INDEX];
+
+} netTestConfig_t;
+
+typedef struct
+{
+ char dir[CONFIG_STRING_LEN];
+ char spi[CONFIG_STRING_LEN];
+ char proto[CONFIG_STRING_LEN];
+ char saMode[CONFIG_STRING_LEN];
+ char ipType[CONFIG_STRING_LEN];
+ char src[CONFIG_STRING_LEN];
+ char dst[CONFIG_STRING_LEN];
+ char replayWindow[CONFIG_STRING_LEN];
+ char authMode[CONFIG_STRING_LEN];
+ char cipherMode[CONFIG_STRING_LEN];
+ char esnLo[CONFIG_STRING_LEN];
+ char esnHi[CONFIG_STRING_LEN];
+ char encKeySize[CONFIG_STRING_LEN];
+ char macKeySize[CONFIG_STRING_LEN];
+ char auth_key[CONFIG_STRING_LEN];
+ char encr_key[CONFIG_STRING_LEN];
+ char tunnel_id[CONFIG_STRING_LEN];
+} netTestConfigSA_t;
+
+typedef struct{
+ char mac[2][CONFIG_STRING_LEN];
+ char switch_port[2][CONFIG_STRING_LEN];
+ char ip[3][CONFIG_STRING_LEN];
+ char ipsec_mode_rx[CONFIG_STRING_LEN];
+ char ipsec_mode_tx[CONFIG_STRING_LEN];
+ char routes[MAX_ROUTES][CONFIG_STRING_LEN];
+ char ports[MAX_ROUTES][CONFIG_STRING_LEN];
+ char dst_ips[MAX_ROUTES][CONFIG_STRING_LEN];
+ char paths[MAX_ROUTES][CONFIG_STRING_LEN];
+ char ipsec_if_no[CONFIG_STRING_LEN];
+ char tunnel_id[CONFIG_STRING_LEN];
+ netTestConfigSA_t sa_config[MAX_SEC_INDEX];
+
+} netTestConfigFile_t;
+
+
+void mysig(int x);
+unsigned long peek(unsigned long * p);
+void dump_descr(unsigned long *p, int n);
+void dump_header(unsigned long *p, int n, int a, int r);
+void netapi_dump_buf(unsigned long * buf,uint32_t buf_length);
+long htonl(long x);
+unsigned char hex2dec(char *p_s);
+uint16_t test_utilOnesComplementAdd (uint16_t v1, uint16_t v2);
+uint16_t test_utilOnesCompChkSum (uint8_t *p, uint32_t nwords);
+uint16_t test_utilGetIpv4PsudoChkSum (uint8_t *data, uint16_t payloadLen);
+void parse_one_mac(char * p_mac_str, unsigned char *p_mac);
+void parse_one_key(char *p_key_str, unsigned char *p_key);
+void parse_one_ip(char * p_ip_addr_str, unsigned char * p_ip);
+void parse_mac_address(netTestConfigFile_t *pConfig);
+void parse_ip_address(netTestConfigFile_t *pConfig);
+void parse_ipsec_mode(netTestConfigFile_t *pConfig);
+void parse_auth_mode(char *auth_mode_str, nwal_saAALG *auth_mode);
+void parse_encr_mode(char *ency_mode_str, nwal_saEALG*encr_mode);
+void parse_proto(char *proto_str, nwal_IpSecProto *proto);
+void parse_mode(char *mode_str, nwal_saMode *mode);
+void parse_ipType(char *ip_type_str, nwal_IpType *ipType);
+void parse_spi(char *spi_str, uint32_t *spi);
+void parse_replayWindow(char *replay_window_str, uint32_t *replay_window);
+void parse_esn(char *esn_str, uint32_t *esn);
+void parse_key_size(char *key_size_str, uint32_t *key_size);
+void parse_tunnel_id(char * tunnel_id_str, uint32_t *tunnel_id);
+void parse_dir(char* dir_str, nwal_SaDir *dir);
+void parse_sa(netTestConfigFile_t *pConfig, int i);
+#ifdef EXPERIMENTAL
+void parse_routes(netTestConfigFile_t *pConfig);
+#endif
+void parse_config_file(FILE * fpr, netTestConfigFile_t *pConfig);
+#endif
index e0f289ef96ed305f71cb3dc8b3e48b6d8446b498..4f6f88bb73f2e59698d4044d682df12e16dfd140 100755 (executable)
#include "trie.h"
+#include "net_test.h"
+
+#if 0
#define BE(x) ( (((x)&0xff000000)>>24) | (((x)&0xff0000)>>8) | (((x)&0xff00)<<8) | (((x)&0xff)<<24) )
typedef struct iphead_t
ROUTE_SEC_T * sec_ptr;
} OUR_ROUTE_T;
-
+#endif
Trie * route_init(void)