summaryrefslogtreecommitdiffstats
path: root/src/vnet/crypto
AgeCommit message (Collapse)AuthorFilesLines
2019-04-26crypto, ipsec: change GCM IV handlingDamjan Marion1-1/+1
- nonce construction out of salt and iv is ipsec specific so it should be handled in ipsec code - fixes GCM unit tests - GCM IV is constructed out of simple counter, per RFC4106 section 3.1 Change-Id: Ib7712cc9612830daa737f5171d8384f1d361bb61 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25crypto: AES GCM IV length is always 12Damjan Marion1-1/+1
... at least for use cases we are interested in Change-Id: I1156ff354635e8f990ce2664ebc8dcd3786ddca5 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25crypto: improve key handlingDamjan Marion2-11/+118
Change-Id: If96f661d507305da4b96cac7b1a8f14ba90676ad Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-16IPSEC: support GCM in ESPNeale Ranns1-1/+1
Change-Id: Id2ddb77b4ec3dd543d6e638bc882923f2bac011d Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-14crypto: add support for AES-CTR cipherfituldo1-1/+4
Change-Id: I7d84bab7768421ed37813702c0413e52167f41ab Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-04-11IPSEC-MB: Use random & non-repeating IV (VPP-1642)Neale Ranns1-2/+5
hard code IV and key lengths based on cipher. Init IV from random data, use AES instruction to rotate. Change-Id: I13a6507d12267b823c528660a903787baeba47a0 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-11crypto: add performace test to unittest pluginDamjan Marion2-0/+22
Change-Id: I49c710c5ace24a4c1f083120fd4c2972566a1695 Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-04-07crypto: add support for AEAD and AES-GCMDamjan Marion4-104/+228
Change-Id: Iff6f81a49b9cff5522fbb4914d47472423eac5db Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-07crypto: coverity issuesDamjan Marion1-1/+1
Change-Id: I9db1b74097c9df587b9265b14a969d347bcb731a Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-04crypto: pass multiple ops to handlerDamjan Marion1-6/+41
Change-Id: I438ef1f50d83560ecc608f898cfc61d7f51e1724 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-03-29ipsec: esp-decrypt reworkDamjan Marion1-11/+7
Change-Id: Icf83c876d0880d1872b84e0a3d34be654b76149f Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-03-28crypto: add vnet_crypto_op_init (...)Damjan Marion1-0/+10
Change-Id: I2018d8367bb010e1ab30d9c7c23d9501fc38a2e5 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-03-27ipsec: compress ipsec_sa_t so data used by dataplane code fits in cachelineDamjan Marion2-5/+11
Change-Id: I81ecdf9fdcfcb017117b47dc031f93208e004d7c Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-26crypto: add set crypto handler CLIFilip Tehlar3-8/+135
Change-Id: I40124f8d6e529256b1ccc6eb78dda9c5119b8951 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-03-26ipsec: esp-encrypt reworkDamjan Marion1-0/+1
Change-Id: Ibe7f806b9d600994e83c9f1be526fdb0a1ef1833 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-03-20crypto: add hmac truncate optionDamjan Marion1-1/+1
This reverts commit 785368e559dbdf50676f74f43f13423c817abb52. Change-Id: I782ac2be4e161790c73ccd4b08492e2188a6d79d Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-03-20tests: implement crypto tests per RFC2202Filip Tehlar1-0/+1
Change-Id: I18b30d5ee8aa60c34d52b7716b5feb7225cb0d59 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-03-19crypto: introduce crypto infraDamjan Marion4-0/+452
Change-Id: Ibf320b3e7b054b686f3af9a55afd5d5bda9b1048 Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com>