From patchwork Tue Jan 30 17:00:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126295 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp3551014ljd; Tue, 30 Jan 2018 09:20:11 -0800 (PST) X-Google-Smtp-Source: AH8x227/FpkH07U612Xy3yn1+f5dCw78fVvgRDUyBPA8i9P+mYfyWrrFyA9RZZOlXSatSHpMqJv2 X-Received: by 10.55.105.129 with SMTP id e123mr43726869qkc.192.1517332810979; Tue, 30 Jan 2018 09:20:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517332810; cv=none; d=google.com; s=arc-20160816; b=VHN9/a83yQOWYYAEbsT1H0vc1n5vPw0neDhLh3vHTle0ZfuW5pyPIV7q8U7vAgb0pb iZxj5aUK4UMbtRLJ9QzArUvRWYXafzv+rXFXrh+vLecAwBCbJWXYWy3EKNmC3H7/S+IK 2jQ4QbXFfTeCn09EkW9BMupXj+GefLc0FY2widHBbs6o0XPQMScn1AizlS9VR+RL0NCk KKeZGAa5vLUDdYTikmJtKukdu4O/lOGCGqeZCUjm7HZVYCnJBXhI9/cuEK7A9TnIDoz1 Fblltx25x4Yk8pEb7+Y+w4+YziXdM5FylpbloP8n9g2BDGZE/iE/74sueZZjyU4FmEtC XBig== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=63ACmLMfpjG5RVIofjdiUUdc21hIus1QNDn1CjqVVto=; b=UrW12waFo4lkiDeq/4BPmlWsBUGmdW5mTANY/pjHnrsfcpYbGktONiMTrA1gFBPtYu 6YV4i47Km2SLf3OdLRy4PXteu2Tu034SFelmQDsnzV9oRQqE5CUPCdahIXUimJ3QS60r iHN2Vpv5t9I3QYOCr4U1NLRqG7LYMQZ++KynNILpRRr5CDCysurMuhoMNr3ACQXolH7s n8QYpF9j1y/b9pytEA1Pkiy1oRxVyRU+2zgpkGRR4e2ILiP6VJshciW/AzkpMbdDmg0z Gp2ckoi9bIrJ8GPZ4QXIY3OdlwsDmCvw8XCl5tvfOmZ4hgDh1ooMheqM/416fnaJOQFi fH6g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id v30si5863767qtg.324.2018.01.30.09.20.10; Tue, 30 Jan 2018 09:20:10 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id A62DD607C8; Tue, 30 Jan 2018 17:20:10 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 723A1617B8; Tue, 30 Jan 2018 17:04:04 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 2C8D4609C7; Tue, 30 Jan 2018 17:03:20 +0000 (UTC) Received: from forward101o.mail.yandex.net (forward101o.mail.yandex.net [37.140.190.181]) by lists.linaro.org (Postfix) with ESMTPS id 9135861732 for ; Tue, 30 Jan 2018 17:00:47 +0000 (UTC) Received: from mxback9o.mail.yandex.net (mxback9o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::23]) by forward101o.mail.yandex.net (Yandex) with ESMTP id E3EF11341D87 for ; Tue, 30 Jan 2018 20:00:43 +0300 (MSK) Received: from smtp1p.mail.yandex.net (smtp1p.mail.yandex.net [2a02:6b8:0:1472:2741:0:8b6:6]) by mxback9o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id mGfpa0fo2y-0hKatZOr; Tue, 30 Jan 2018 20:00:43 +0300 Received: by smtp1p.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id 3C5hSSv4xg-0hreRC6F; Tue, 30 Jan 2018 20:00:43 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Tue, 30 Jan 2018 20:00:18 +0300 Message-Id: <1517331619-18755-15-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517331619-18755-1-git-send-email-odpbot@yandex.ru> References: <1517331619-18755-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 434 Subject: [lng-odp] [PATCH API-NEXT v4 14/15] validation: ipsec: add ChaCha20-Poly1305 test vectors X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 434 (lumag:crypto-upd) ** https://github.com/Linaro/odp/pull/434 ** Patch: https://github.com/Linaro/odp/pull/434.patch ** Base sha: 5718327018debbb02aacb464493504c95fbe57a3 ** Merge commit sha: c5d9389a8d3b1a532e290aff4508756a920173ee **/ test/validation/api/ipsec/ipsec.c | 14 +++++++ test/validation/api/ipsec/ipsec.h | 1 + test/validation/api/ipsec/ipsec_test_in.c | 33 +++++++++++++++ test/validation/api/ipsec/ipsec_test_out.c | 44 ++++++++++++++++++++ test/validation/api/ipsec/test_vectors.h | 66 ++++++++++++++++++++++++++++++ 5 files changed, 158 insertions(+) diff --git a/test/validation/api/ipsec/ipsec.c b/test/validation/api/ipsec/ipsec.c index 5d3112a27..31bd557fe 100644 --- a/test/validation/api/ipsec/ipsec.c +++ b/test/validation/api/ipsec/ipsec.c @@ -177,6 +177,10 @@ int ipsec_check(odp_bool_t ah, if (!capa.ciphers.bit.aes_gcm) return ODP_TEST_INACTIVE; break; + case ODP_CIPHER_ALG_CHACHA20_POLY1305: + if (!capa.ciphers.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported cipher algorithm\n"); return ODP_TEST_INACTIVE; @@ -212,6 +216,10 @@ int ipsec_check(odp_bool_t ah, if (!capa.auths.bit.aes_gmac) return ODP_TEST_INACTIVE; break; + case ODP_AUTH_ALG_CHACHA20_POLY1305: + if (!capa.auths.bit.chacha20_poly1305) + return ODP_TEST_INACTIVE; + break; default: fprintf(stderr, "Unsupported authentication algorithm\n"); return ODP_TEST_INACTIVE; @@ -313,6 +321,12 @@ int ipsec_check_esp_null_aes_gmac_128(void) ODP_AUTH_ALG_AES_GMAC, 128); } +int ipsec_check_esp_chacha20_poly1305(void) +{ + return ipsec_check_esp(ODP_CIPHER_ALG_CHACHA20_POLY1305, 256, + ODP_AUTH_ALG_CHACHA20_POLY1305, 0); +} + void ipsec_sa_param_fill(odp_ipsec_sa_param_t *param, odp_bool_t in, odp_bool_t ah, diff --git a/test/validation/api/ipsec/ipsec.h b/test/validation/api/ipsec/ipsec.h index 31ebed789..7ba9ef10e 100644 --- a/test/validation/api/ipsec/ipsec.h +++ b/test/validation/api/ipsec/ipsec.h @@ -91,5 +91,6 @@ int ipsec_check_esp_aes_gcm_128(void); int ipsec_check_esp_aes_gcm_256(void); int ipsec_check_ah_aes_gmac_128(void); int ipsec_check_esp_null_aes_gmac_128(void); +int ipsec_check_esp_chacha20_poly1305(void); #endif diff --git a/test/validation/api/ipsec/ipsec_test_in.c b/test/validation/api/ipsec/ipsec_test_in.c index 8a82abe49..8138defb5 100644 --- a/test/validation/api/ipsec/ipsec_test_in.c +++ b/test/validation/api/ipsec/ipsec_test_in.c @@ -1136,6 +1136,37 @@ static void test_in_ipv4_mcgrew_gcm_15_esp(void) ipsec_sa_destroy(sa); } +static void test_in_ipv4_rfc7634_chacha(void) +{ + odp_ipsec_tunnel_param_t tunnel = {}; + odp_ipsec_sa_param_t param; + odp_ipsec_sa_t sa; + + ipsec_sa_param_fill(¶m, + true, false, 0x01020304, &tunnel, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa); + + ipsec_test_part test = { + .pkt_in = &pkt_ipv4_rfc7634_esp, + .out_pkt = 1, + .out = { + { .status.warn.all = 0, + .status.error.all = 0, + .pkt_out = &pkt_ipv4_rfc7634}, + }, + }; + + ipsec_check_in_one(&test, sa); + + ipsec_sa_destroy(sa); +} + static void test_in_ipv4_ah_aes_gmac_128(void) { odp_ipsec_sa_param_t param; @@ -1474,6 +1505,8 @@ odp_testinfo_t ipsec_in_suite[] = { #endif ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_mcgrew_gcm_15_esp, ipsec_check_esp_null_aes_gmac_128), + ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_rfc7634_chacha, + ipsec_check_esp_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_ah_sha256, ipsec_check_ah_sha256), ODP_TEST_INFO_CONDITIONAL(test_in_ipv4_ah_sha256_tun_ipv4, diff --git a/test/validation/api/ipsec/ipsec_test_out.c b/test/validation/api/ipsec/ipsec_test_out.c index 971fbbf8d..0f49c7e1f 100644 --- a/test/validation/api/ipsec/ipsec_test_out.c +++ b/test/validation/api/ipsec/ipsec_test_out.c @@ -500,6 +500,48 @@ static void test_out_ipv4_esp_null_aes_gmac_128(void) ipsec_sa_destroy(sa); } +static void test_out_ipv4_esp_chacha20_poly1305(void) +{ + odp_ipsec_sa_param_t param; + odp_ipsec_sa_t sa; + odp_ipsec_sa_t sa2; + + ipsec_sa_param_fill(¶m, + false, false, 123, NULL, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa); + + ipsec_sa_param_fill(¶m, + true, false, 123, NULL, + ODP_CIPHER_ALG_CHACHA20_POLY1305, &key_rfc7634, + ODP_AUTH_ALG_CHACHA20_POLY1305, NULL, + &key_rfc7634_salt); + + sa2 = odp_ipsec_sa_create(¶m); + + CU_ASSERT_NOT_EQUAL_FATAL(ODP_IPSEC_SA_INVALID, sa2); + + ipsec_test_part test = { + .pkt_in = &pkt_ipv4_icmp_0, + .out_pkt = 1, + .out = { + { .status.warn.all = 0, + .status.error.all = 0, + .pkt_out = &pkt_ipv4_icmp_0 }, + }, + }; + + ipsec_check_out_in_one(&test, sa, sa2); + + ipsec_sa_destroy(sa2); + ipsec_sa_destroy(sa); +} + static void test_out_ipv4_ah_sha256_frag_check(void) { odp_ipsec_sa_param_t param; @@ -978,6 +1020,8 @@ odp_testinfo_t ipsec_out_suite[] = { ipsec_check_ah_aes_gmac_128), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_esp_null_aes_gmac_128, ipsec_check_esp_null_aes_gmac_128), + ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_esp_chacha20_poly1305, + ipsec_check_esp_chacha20_poly1305), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_ah_sha256_frag_check, ipsec_check_ah_sha256), ODP_TEST_INFO_CONDITIONAL(test_out_ipv4_ah_sha256_frag_check_2, diff --git a/test/validation/api/ipsec/test_vectors.h b/test/validation/api/ipsec/test_vectors.h index 4732d6ca5..f14fdb2b3 100644 --- a/test/validation/api/ipsec/test_vectors.h +++ b/test/validation/api/ipsec/test_vectors.h @@ -48,6 +48,11 @@ KEY(key_mcgrew_gcm_salt_12, 0xd9, 0x66, 0x42, 0x67); KEY(key_mcgrew_gcm_15, 0x4c, 0x80, 0xcd, 0xef, 0xbb, 0x5d, 0x10, 0xda, 0x90, 0x6a, 0xc7, 0x3c, 0x36, 0x13, 0xa6, 0x34); KEY(key_mcgrew_gcm_salt_15, 0x22, 0x43, 0x3c, 0x64); +KEY(key_rfc7634, 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f); +KEY(key_rfc7634_salt, 0xa0, 0xa1, 0xa2, 0xa3); static const ODP_UNUSED ipsec_test_packet pkt_ipv4_icmp_0 = { .len = 142, @@ -1730,6 +1735,67 @@ static const ipsec_test_packet pkt_mcgrew_gcm_test_15_esp = { }, }; +static const ODP_UNUSED ipsec_test_packet pkt_ipv4_rfc7634 = { + .len = 98, + .l2_offset = 0, + .l3_offset = 14, + .l4_offset = 34, + .data = { + /* ETH - not a part of RFC, added for simplicity */ + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00, + + /* IP */ + 0x45, 0x00, 0x00, 0x54, 0xa6, 0xf2, 0x00, 0x00, + 0x40, 0x01, 0xe7, 0x78, 0xc6, 0x33, 0x64, 0x05, + 0xc0, 0x00, 0x02, 0x05, + + /* ICMP */ + 0x08, 0x00, 0x5b, 0x7a, 0x3a, 0x08, 0x00, 0x00, + 0x55, 0x3b, 0xec, 0x10, 0x00, 0x07, 0x36, 0x27, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + }, +}; + +static const ODP_UNUSED ipsec_test_packet pkt_ipv4_rfc7634_esp = { + .len = 154, + .l2_offset = 0, + .l3_offset = 14, + .l4_offset = 34, + .data = { + /* ETH - not a part of RFC, added for simplicity */ + 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, 0xf1, + 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0xf2, 0x08, 0x00, + + /* IP */ + 0x45, 0x00, 0x00, 0x8c, 0x23, 0x45, 0x00, 0x00, + 0x40, 0x32, 0xde, 0x5b, 0xcb, 0x00, 0x71, 0x99, + 0xcb, 0x00, 0x71, 0x05, + + /* ESP */ + 0x01, 0x02, 0x03, 0x04, 0x00, 0x00, 0x00, 0x05, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x24, 0x03, 0x94, 0x28, 0xb9, 0x7f, 0x41, 0x7e, + 0x3c, 0x13, 0x75, 0x3a, 0x4f, 0x05, 0x08, 0x7b, + 0x67, 0xc3, 0x52, 0xe6, 0xa7, 0xfa, 0xb1, 0xb9, + 0x82, 0xd4, 0x66, 0xef, 0x40, 0x7a, 0xe5, 0xc6, + 0x14, 0xee, 0x80, 0x99, 0xd5, 0x28, 0x44, 0xeb, + 0x61, 0xaa, 0x95, 0xdf, 0xab, 0x4c, 0x02, 0xf7, + 0x2a, 0xa7, 0x1e, 0x7c, 0x4c, 0x4f, 0x64, 0xc9, + 0xbe, 0xfe, 0x2f, 0xac, 0xc6, 0x38, 0xe8, 0xf3, + 0xcb, 0xec, 0x16, 0x3f, 0xac, 0x46, 0x9b, 0x50, + 0x27, 0x73, 0xf6, 0xfb, 0x94, 0xe6, 0x64, 0xda, + 0x91, 0x65, 0xb8, 0x28, 0x29, 0xf6, 0x41, 0xe0, + 0x76, 0xaa, 0xa8, 0x26, 0x6b, 0x7f, 0xb0, 0xf7, + 0xb1, 0x1b, 0x36, 0x99, 0x07, 0xe1, 0xad, 0x43, + }, +}; + static const ODP_UNUSED ipsec_test_packet pkt_ipv6_icmp_0_esp_udp_null_sha256_1 = { .len = 206,