diff mbox series

[API-NEXT,v13,18/18] validation: ipsec: add AES-CTR tests

Message ID 1510527615-30536-19-git-send-email-odpbot@yandex.ru
State Superseded
Headers show
Series [API-NEXT,v13,1/18] linux-gen: ipsec: use counter instead of random IV for GCM | expand

Commit Message

Github ODP bot Nov. 12, 2017, 11 p.m. UTC
From: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>


Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>

---
/** Email created from pull request 243 (lumag:ipsec-packet-impl-3)
 ** https://github.com/Linaro/odp/pull/243
 ** Patch: https://github.com/Linaro/odp/pull/243.patch
 ** Base sha: a908a4dead95321e84d6a8a23de060051dcd8969
 ** Merge commit sha: 7261a0ce35cc31342937cb57dcc287aea0c59ede
 **/
 test/validation/api/ipsec/ipsec.c          | 10 +++++++
 test/validation/api/ipsec/ipsec.h          |  1 +
 test/validation/api/ipsec/ipsec_test_in.c  | 32 ++++++++++++++++++++++
 test/validation/api/ipsec/ipsec_test_out.c | 44 ++++++++++++++++++++++++++++++
 test/validation/api/ipsec/test_vectors.h   | 39 ++++++++++++++++++++++++++
 5 files changed, 126 insertions(+)
diff mbox series

Patch

diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c
index 045718594..97d58a7f2 100644
--- a/test/validation/api/ipsec/ipsec.c
+++ b/test/validation/api/ipsec/ipsec.c
@@ -202,6 +202,10 @@  int ipsec_check(odp_bool_t ah,
 		if (!capa.ciphers.bit.aes_cbc)
 			return ODP_TEST_INACTIVE;
 		break;
+	case ODP_CIPHER_ALG_AES_CTR:
+		if (!capa.ciphers.bit.aes_ctr)
+			return ODP_TEST_INACTIVE;
+		break;
 	case ODP_CIPHER_ALG_AES_GCM:
 		if (!capa.ciphers.bit.aes_gcm)
 			return ODP_TEST_INACTIVE;
@@ -293,6 +297,12 @@  int ipsec_check_esp_aes_cbc_128_sha256(void)
 				ODP_AUTH_ALG_SHA256_HMAC);
 }
 
+int ipsec_check_esp_aes_ctr_128_null(void)
+{
+	return  ipsec_check_esp(ODP_CIPHER_ALG_AES_CTR, 128,
+				ODP_AUTH_ALG_NULL);
+}
+
 int ipsec_check_esp_aes_gcm_128(void)
 {
 	return  ipsec_check_esp(ODP_CIPHER_ALG_AES_GCM, 128,
diff --git a/test/validation/api/ipsec/ipsec.h b/test/validation/api/ipsec/ipsec.h
index 472179f91..a008dce68 100644
--- a/test/validation/api/ipsec/ipsec.h
+++ b/test/validation/api/ipsec/ipsec.h
@@ -86,6 +86,7 @@  int ipsec_check_ah_sha256(void);
 int ipsec_check_esp_null_sha256(void);
 int ipsec_check_esp_aes_cbc_128_null(void);
 int ipsec_check_esp_aes_cbc_128_sha256(void);
+int ipsec_check_esp_aes_ctr_128_null(void);
 int ipsec_check_esp_aes_gcm_128(void);
 int ipsec_check_esp_aes_gcm_256(void);
 
diff --git a/test/validation/api/ipsec/ipsec_test_in.c b/test/validation/api/ipsec/ipsec_test_in.c
index 598a83e3f..8c883262a 100644
--- a/test/validation/api/ipsec/ipsec_test_in.c
+++ b/test/validation/api/ipsec/ipsec_test_in.c
@@ -191,6 +191,36 @@  static void test_in_esp_aes_cbc_sha256(void)
 	ipsec_sa_destroy(sa);
 }
 
+static void test_in_esp_aes_ctr_null(void)
+{
+	odp_ipsec_sa_param_t param;
+	odp_ipsec_sa_t sa;
+
+	ipsec_sa_param_fill(&param,
+			    true, false, 123, NULL,
+			    ODP_CIPHER_ALG_AES_CTR, &key_a5_128,
+			    ODP_AUTH_ALG_NULL, NULL,
+			    &key_mcgrew_gcm_salt_3);
+
+	sa = odp_ipsec_sa_create(&param);
+
+	CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
+
+	ipsec_test_part test = {
+		.pkt_in = &pkt_icmp_0_esp_aes_ctr_null_1,
+		.out_pkt = 1,
+		.out = {
+			{ .status.warn.all = 0,
+			  .status.error.all = 0,
+			  .pkt_out = &pkt_icmp_0 },
+		},
+	};
+
+	ipsec_check_in_one(&test, sa);
+
+	ipsec_sa_destroy(sa);
+}
+
 static void test_in_lookup_ah_sha256(void)
 {
 	odp_ipsec_sa_param_t param;
@@ -987,6 +1017,8 @@  odp_testinfo_t ipsec_in_suite[] = {
 				  ipsec_check_esp_aes_cbc_128_null),
 	ODP_TEST_INFO_CONDITIONAL(test_in_esp_aes_cbc_sha256,
 				  ipsec_check_esp_aes_cbc_128_sha256),
+	ODP_TEST_INFO_CONDITIONAL(test_in_esp_aes_ctr_null,
+				  ipsec_check_esp_aes_ctr_128_null),
 	ODP_TEST_INFO_CONDITIONAL(test_in_lookup_ah_sha256,
 				  ipsec_check_ah_sha256),
 	ODP_TEST_INFO_CONDITIONAL(test_in_lookup_esp_null_sha256,
diff --git a/test/validation/api/ipsec/ipsec_test_out.c b/test/validation/api/ipsec/ipsec_test_out.c
index 39a3c30ff..b543271bf 100644
--- a/test/validation/api/ipsec/ipsec_test_out.c
+++ b/test/validation/api/ipsec/ipsec_test_out.c
@@ -277,6 +277,48 @@  static void test_out_esp_aes_cbc_sha256(void)
 	ipsec_sa_destroy(sa);
 }
 
+static void test_out_esp_aes_ctr_null(void)
+{
+	odp_ipsec_sa_param_t param;
+	odp_ipsec_sa_t sa;
+	odp_ipsec_sa_t sa2;
+
+	ipsec_sa_param_fill(&param,
+			    false, false, 123, NULL,
+			    ODP_CIPHER_ALG_AES_CTR, &key_a5_128,
+			    ODP_AUTH_ALG_NULL, NULL,
+			    &key_mcgrew_gcm_salt_3);
+
+	sa = odp_ipsec_sa_create(&param);
+
+	CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa);
+
+	ipsec_sa_param_fill(&param,
+			    true, false, 123, NULL,
+			    ODP_CIPHER_ALG_AES_CTR, &key_a5_128,
+			    ODP_AUTH_ALG_NULL, NULL,
+			    &key_mcgrew_gcm_salt_3);
+
+	sa2 = odp_ipsec_sa_create(&param);
+
+	CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa2);
+
+	ipsec_test_part test = {
+		.pkt_in = &pkt_icmp_0,
+		.out_pkt = 1,
+		.out = {
+			{ .status.warn.all = 0,
+			  .status.error.all = 0,
+			  .pkt_out = &pkt_icmp_0 },
+		},
+	};
+
+	ipsec_check_out_in_one(&test, sa, sa2);
+
+	ipsec_sa_destroy(sa2);
+	ipsec_sa_destroy(sa);
+}
+
 static void test_out_esp_aes_gcm128(void)
 {
 	odp_ipsec_sa_param_t param;
@@ -342,6 +384,8 @@  odp_testinfo_t ipsec_out_suite[] = {
 				  ipsec_check_esp_aes_cbc_128_null),
 	ODP_TEST_INFO_CONDITIONAL(test_out_esp_aes_cbc_sha256,
 				  ipsec_check_esp_aes_cbc_128_sha256),
+	ODP_TEST_INFO_CONDITIONAL(test_out_esp_aes_ctr_null,
+				  ipsec_check_esp_aes_ctr_128_null),
 	ODP_TEST_INFO_CONDITIONAL(test_out_esp_aes_gcm128,
 				  ipsec_check_esp_aes_gcm_128),
 	ODP_TEST_INFO_NULL,
diff --git a/test/validation/api/ipsec/test_vectors.h b/test/validation/api/ipsec/test_vectors.h
index 593a8f450..fbf7d366c 100644
--- a/test/validation/api/ipsec/test_vectors.h
+++ b/test/validation/api/ipsec/test_vectors.h
@@ -583,6 +583,45 @@  static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_esp_aes_cbc_sha256_1 = {
 	},
 };
 
+static const ODP_UNUSED ipsec_test_packet pkt_icmp_0_esp_aes_ctr_null_1 = {
+	.len = 162,
+	.l2_offset = 0,
+	.l3_offset = 14,
+	.l4_offset = 34,
+	.data = {
+		/* ETH */
+		0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1,
+		0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00,
+
+		/* IP */
+		0x45, 0x00, 0x00, 0x94, 0x00, 0x00, 0x00, 0x00,
+		0x40, 0x32, 0xab, 0xe2, 0xc0, 0xa8, 0x6f, 0x02,
+		0xc0, 0xa8, 0xde, 0x02,
+
+		/* ESP */
+		0x00, 0x00, 0x00, 0x7b, 0x00, 0x00, 0x00, 0x01,
+
+		/* IV */
+		0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+
+		/* data */
+		0x39, 0xab, 0xe5, 0xae, 0x74, 0x57, 0x76, 0x7f,
+		0x1d, 0x1f, 0xce, 0xe8, 0xca, 0xf1, 0x87, 0xf5,
+		0xfd, 0x9e, 0x1d, 0x20, 0x38, 0x30, 0x8a, 0xe5,
+		0xb9, 0x55, 0x80, 0x7b, 0xfd, 0x9d, 0xb9, 0x99,
+		0x85, 0xcd, 0xb5, 0x30, 0x86, 0xaa, 0xe1, 0x7a,
+		0x69, 0xe5, 0xfa, 0x38, 0xf3, 0x0f, 0x91, 0x18,
+		0x75, 0x7b, 0x5f, 0x4e, 0x69, 0x17, 0xaa, 0xe7,
+		0x84, 0x6c, 0x40, 0x31, 0xec, 0x87, 0x4c, 0x8c,
+		0xb3, 0xb4, 0x9f, 0x7e, 0xea, 0x83, 0x6f, 0xc6,
+		0x11, 0xd5, 0xce, 0xbe, 0x65, 0x37, 0x1c, 0xb6,
+		0xd3, 0xcb, 0x51, 0xa8, 0xa4, 0x0e, 0x3e, 0xe6,
+		0x26, 0xd8, 0x17, 0xec, 0x8b, 0xca, 0x79, 0x96,
+		0xa0, 0xcd, 0x6f, 0xdd, 0x9e, 0xe9, 0x6a, 0xc0,
+		0xf2, 0x6c, 0xdb, 0xfd, 0x99, 0xa2, 0xb5, 0xbf,
+	},
+};
+
 static const ODP_UNUSED ipsec_test_packet pkt_rfc3602_5 = {
 	.len = 98,
 	.l2_offset = 0,