From efcad1a9d22c4a664f3004cafe09d9c3a68e1620 Mon Sep 17 00:00:00 2001 From: Filip Tehlar Date: Tue, 4 Feb 2020 09:36:04 +0000 Subject: ipsec: add support for chained buffers Type: feature Change-Id: Ie072a7c2bbb1e4a77f7001754f01897efd30fc53 Signed-off-by: Filip Tehlar --- src/plugins/unittest/crypto/aes_cbc.c | 15 +++++++++++++++ src/plugins/unittest/crypto/aes_gcm.c | 20 ++++++++++++++++++++ src/plugins/unittest/crypto/crypto.h | 8 ++++++++ src/plugins/unittest/crypto/rfc2202_hmac_md5.c | 12 ++++++++++++ src/plugins/unittest/crypto/rfc2202_hmac_sha1.c | 15 +++++++++++++++ src/plugins/unittest/crypto/rfc4231.c | 14 ++++++++++++++ 6 files changed, 84 insertions(+) (limited to 'src/plugins/unittest/crypto') diff --git a/src/plugins/unittest/crypto/aes_cbc.c b/src/plugins/unittest/crypto/aes_cbc.c index b52f728a1cb..b3e95e4c093 100644 --- a/src/plugins/unittest/crypto/aes_cbc.c +++ b/src/plugins/unittest/crypto/aes_cbc.c @@ -122,6 +122,21 @@ UNITTEST_REGISTER_CRYPTO_TEST (nist_aes256_cbc) = { .ciphertext = TEST_DATA (ciphertext256), }; +UNITTEST_REGISTER_CRYPTO_TEST (nist_aes256_cbc_chained) = { + .name = "NIST SP 800-38A [chained]", + .alg = VNET_CRYPTO_ALG_AES_256_CBC, + .iv = TEST_DATA (iv), + .key = TEST_DATA (key256), + .is_chained = 1, + .pt_chunks = { + TEST_DATA_CHUNK (plaintext, 0, 32), + TEST_DATA_CHUNK (plaintext, 32, 32), + }, + .ct_chunks = { + TEST_DATA_CHUNK (ciphertext256, 0, 32), + TEST_DATA_CHUNK (ciphertext256, 32, 32), + }, +}; /* *INDENT-ON* */ /* diff --git a/src/plugins/unittest/crypto/aes_gcm.c b/src/plugins/unittest/crypto/aes_gcm.c index 0a7aafca100..764ca9e97c5 100644 --- a/src/plugins/unittest/crypto/aes_gcm.c +++ b/src/plugins/unittest/crypto/aes_gcm.c @@ -244,6 +244,26 @@ UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_tc4) = { .aad = TEST_DATA(tc4_aad), .tag = TEST_DATA (tc4_tag256), }; + +UNITTEST_REGISTER_CRYPTO_TEST (aes_gcm256_tc4_chain) = { + .name = "256-GCM Spec. TC4 [chained]", + .alg = VNET_CRYPTO_ALG_AES_256_GCM, + .iv = TEST_DATA (tc3_iv), + .key = TEST_DATA (tc3_key256), + .aad = TEST_DATA(tc4_aad), + .tag = TEST_DATA (tc4_tag256), + .is_chained = 1, + .pt_chunks = { + TEST_DATA_CHUNK (tc4_plaintext, 0, 20), + TEST_DATA_CHUNK (tc4_plaintext, 20, 20), + TEST_DATA_CHUNK (tc4_plaintext, 40, 20), + }, + .ct_chunks = { + TEST_DATA_CHUNK (tc4_ciphertext256, 0, 20), + TEST_DATA_CHUNK (tc4_ciphertext256, 20, 20), + TEST_DATA_CHUNK (tc4_ciphertext256, 40, 20), + }, +}; /* *INDENT-ON* */ /* diff --git a/src/plugins/unittest/crypto/crypto.h b/src/plugins/unittest/crypto/crypto.h index f15e34b02f0..d95c994dfd2 100644 --- a/src/plugins/unittest/crypto/crypto.h +++ b/src/plugins/unittest/crypto/crypto.h @@ -17,6 +17,8 @@ #ifndef included_unittest_crypto_crypto_h #define included_unittest_crypto_crypto_h +#define CRYPTO_TEST_MAX_OP_CHUNKS 8 + typedef struct { u32 length; @@ -29,6 +31,11 @@ typedef struct unittest_crypto_test_registration vnet_crypto_alg_t alg; unittest_crypto_test_data_t iv, key, digest, plaintext, ciphertext, aad, tag; + u8 is_chained; + + /* plaintext and cipher text data used for testing chained buffers */ + unittest_crypto_test_data_t pt_chunks[CRYPTO_TEST_MAX_OP_CHUNKS + 1]; + unittest_crypto_test_data_t ct_chunks[CRYPTO_TEST_MAX_OP_CHUNKS + 1]; /* next */ struct unittest_crypto_test_registration *next; @@ -52,6 +59,7 @@ typedef struct extern crypto_test_main_t crypto_test_main; #define TEST_DATA(n) { .data = (u8 *) n, .length = sizeof (n)} +#define TEST_DATA_CHUNK(s,off,n) { .data = (u8 *) s + off, .length = n} #define UNITTEST_REGISTER_CRYPTO_TEST(x) \ unittest_crypto_test_registration_t __unittest_crypto_test_##x; \ diff --git a/src/plugins/unittest/crypto/rfc2202_hmac_md5.c b/src/plugins/unittest/crypto/rfc2202_hmac_md5.c index 76bd8a5f443..7a39aed3030 100644 --- a/src/plugins/unittest/crypto/rfc2202_hmac_md5.c +++ b/src/plugins/unittest/crypto/rfc2202_hmac_md5.c @@ -191,6 +191,18 @@ UNITTEST_REGISTER_CRYPTO_TEST (rfc_2202_md5_tc7) = { .plaintext = TEST_DATA (md5_tc7_data), .digest = TEST_DATA (md5_tc7_digest), }; + +UNITTEST_REGISTER_CRYPTO_TEST (rfc_2202_md5_tc7_chained) = { + .name = "RFC2202 HMAC-MD5 TC7 [chained]", + .alg = VNET_CRYPTO_ALG_HMAC_MD5, + .key = TEST_DATA (md5_tc6_key), + .digest = TEST_DATA (md5_tc7_digest), + .is_chained = 1, + .pt_chunks = { + TEST_DATA_CHUNK (md5_tc7_data, 0, 40), + TEST_DATA_CHUNK (md5_tc7_data, 40, 33) + }, +}; /* *INDENT-ON* */ /* diff --git a/src/plugins/unittest/crypto/rfc2202_hmac_sha1.c b/src/plugins/unittest/crypto/rfc2202_hmac_sha1.c index b3942aafa59..d009afe6af7 100644 --- a/src/plugins/unittest/crypto/rfc2202_hmac_sha1.c +++ b/src/plugins/unittest/crypto/rfc2202_hmac_sha1.c @@ -218,6 +218,21 @@ UNITTEST_REGISTER_CRYPTO_TEST (rfc_2202_sha1_tc7) = { }; /* *INDENT-ON* */ +/* *INDENT-OFF* */ +UNITTEST_REGISTER_CRYPTO_TEST (rfc_2202_sha1_tc7_chained) = { + .name = "RFC2202 HMAC-SHA-1 TC7 [chained]", + .alg = VNET_CRYPTO_ALG_HMAC_SHA1, + .key = TEST_DATA (sha1_tc6_key), + .digest = TEST_DATA (sha1_tc7_digest), + + .is_chained = 1, + .pt_chunks = { + TEST_DATA_CHUNK (sha1_tc7_data, 0, 40), + TEST_DATA_CHUNK (sha1_tc7_data, 40, 33) + }, +}; +/* *INDENT-ON* */ + /* * fd.io coding-style-patch-verification: ON * diff --git a/src/plugins/unittest/crypto/rfc4231.c b/src/plugins/unittest/crypto/rfc4231.c index b247d62f2a9..127e1bfe521 100644 --- a/src/plugins/unittest/crypto/rfc4231.c +++ b/src/plugins/unittest/crypto/rfc4231.c @@ -584,6 +584,20 @@ UNITTEST_REGISTER_CRYPTO_TEST (rfc4231_tc7_sha512) = { .plaintext = TEST_DATA (tc7_data), .digest = TEST_DATA (tc7_digest_sha512), }; + +UNITTEST_REGISTER_CRYPTO_TEST (rfc4231_tc7_sha512_chain) = { + .name = "RFC4231 TC7 [chained]", + .alg = VNET_CRYPTO_ALG_HMAC_SHA512, + .key = TEST_DATA (tc7_key), + .digest = TEST_DATA (tc7_digest_sha512), + .is_chained = 1, + .pt_chunks = { + TEST_DATA_CHUNK (tc7_data, 0, 50), + TEST_DATA_CHUNK (tc7_data, 50, 50), + TEST_DATA_CHUNK (tc7_data, 100, 50), + TEST_DATA_CHUNK (tc7_data, 150, 2), + }, +}; /* *INDENT-ON* */ /* -- cgit 1.2.3-korg