ipsec: add support for RFC-4543 ENCR_NULL_AUTH_AES_GMAC

Type: improvement

Change-Id: I830f7a2ea3ac0aff5185698b9fa7a278c45116b0
Signed-off-by: Benoît Ganne <bganne@cisco.com>
diff --git a/test/test_ipsec_esp.py b/test/test_ipsec_esp.py
index 4dc74bc..927863c 100644
--- a/test/test_ipsec_esp.py
+++ b/test/test_ipsec_esp.py
@@ -1033,6 +1033,42 @@
                 "salt": 2020,
                 "key": b"JPjyOWBeVEQiMe7hJPjyOWBeVEQiMe7h",
             },
+            "AES-NULL-GMAC-128/NONE": {
+                "vpp-crypto": (
+                    VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_NULL_GMAC_128
+                ),
+                "vpp-integ": (
+                    VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
+                ),
+                "scapy-crypto": "AES-NULL-GMAC",
+                "scapy-integ": "NULL",
+                "key": b"JPjyOWBeVEQiMe7h",
+                "salt": 0,
+            },
+            "AES-NULL-GMAC-192/NONE": {
+                "vpp-crypto": (
+                    VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_NULL_GMAC_192
+                ),
+                "vpp-integ": (
+                    VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
+                ),
+                "scapy-crypto": "AES-NULL-GMAC",
+                "scapy-integ": "NULL",
+                "key": b"JPjyOWBeVEQiMe7h01234567",
+                "salt": 1010,
+            },
+            "AES-NULL-GMAC-256/NONE": {
+                "vpp-crypto": (
+                    VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_NULL_GMAC_256
+                ),
+                "vpp-integ": (
+                    VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
+                ),
+                "scapy-crypto": "AES-NULL-GMAC",
+                "scapy-integ": "NULL",
+                "key": b"JPjyOWBeVEQiMe7h0123456787654321",
+                "salt": 2020,
+            },
         }
 
 
@@ -1182,7 +1218,8 @@
 # GEN     AES-GCM-192/NONE AES-GCM-256/NONE AES-CBC-128/MD5-96 \
 # GEN     AES-CBC-192/SHA1-96 AES-CBC-256/SHA1-96 \
 # GEN     3DES-CBC/SHA1-96 NONE/SHA1-96 \
-# GEN     AES-CTR-128/SHA1-96 AES-CTR-192/SHA1-96 AES-CTR-256/SHA1-96; do \
+# GEN     AES-CTR-128/SHA1-96 AES-CTR-192/SHA1-96 AES-CTR-256/SHA1-96 \
+# GEN     AES-NULL-GMAC-128/NONE AES-NULL-GMAC-192/NONE AES-NULL-GMAC-256/NONE; do \
 # GEN      echo -en "\n\nclass "
 # GEN      echo -e "Test_${ENG}_${ESN}_${AR}_${ALG}(RunTestIpsecEspAll):" |
 # GEN             sed -e 's/-/_/g' -e 's#/#_#g' ;
@@ -1998,6 +2035,30 @@
         self.run_test()
 
 
+class Test_openssl_ESNon_ARon_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
+    """openssl ESNon ARon AES-NULL-GMAC-128/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNon ARon AES-NULL-GMAC-128/NONE IPSec test"""
+        self.run_test()
+
+
+class Test_openssl_ESNon_ARon_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
+    """openssl ESNon ARon AES-NULL-GMAC-192/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNon ARon AES-NULL-GMAC-192/NONE IPSec test"""
+        self.run_test()
+
+
+class Test_openssl_ESNon_ARon_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
+    """openssl ESNon ARon AES-NULL-GMAC-256/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNon ARon AES-NULL-GMAC-256/NONE IPSec test"""
+        self.run_test()
+
+
 class Test_openssl_ESNon_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
     """openssl ESNon ARoff AES-GCM-128/NONE IPSec test"""
 
@@ -2086,6 +2147,30 @@
         self.run_test()
 
 
+class Test_openssl_ESNon_ARoff_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
+    """openssl ESNon ARoff AES-NULL-GMAC-128/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNon ARoff AES-NULL-GMAC-128/NONE IPSec test"""
+        self.run_test()
+
+
+class Test_openssl_ESNon_ARoff_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
+    """openssl ESNon ARoff AES-NULL-GMAC-192/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNon ARoff AES-NULL-GMAC-192/NONE IPSec test"""
+        self.run_test()
+
+
+class Test_openssl_ESNon_ARoff_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
+    """openssl ESNon ARoff AES-NULL-GMAC-256/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNon ARoff AES-NULL-GMAC-256/NONE IPSec test"""
+        self.run_test()
+
+
 class Test_openssl_ESNoff_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
     """openssl ESNoff ARon AES-GCM-128/NONE IPSec test"""
 
@@ -2174,6 +2259,30 @@
         self.run_test()
 
 
+class Test_openssl_ESNoff_ARon_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
+    """openssl ESNoff ARon AES-NULL-GMAC-128/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNoff ARon AES-NULL-GMAC-128/NONE IPSec test"""
+        self.run_test()
+
+
+class Test_openssl_ESNoff_ARon_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
+    """openssl ESNoff ARon AES-NULL-GMAC-192/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNoff ARon AES-NULL-GMAC-192/NONE IPSec test"""
+        self.run_test()
+
+
+class Test_openssl_ESNoff_ARon_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
+    """openssl ESNoff ARon AES-NULL-GMAC-256/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNoff ARon AES-NULL-GMAC-256/NONE IPSec test"""
+        self.run_test()
+
+
 class Test_openssl_ESNoff_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
     """openssl ESNoff ARoff AES-GCM-128/NONE IPSec test"""
 
@@ -2262,6 +2371,30 @@
         self.run_test()
 
 
+class Test_openssl_ESNoff_ARoff_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
+    """openssl ESNoff ARoff AES-NULL-GMAC-128/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNoff ARoff AES-NULL-GMAC-128/NONE IPSec test"""
+        self.run_test()
+
+
+class Test_openssl_ESNoff_ARoff_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
+    """openssl ESNoff ARoff AES-NULL-GMAC-192/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNoff ARoff AES-NULL-GMAC-192/NONE IPSec test"""
+        self.run_test()
+
+
+class Test_openssl_ESNoff_ARoff_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
+    """openssl ESNoff ARoff AES-NULL-GMAC-256/NONE IPSec test"""
+
+    def test_ipsec(self):
+        """openssl ESNoff ARoff AES-NULL-GMAC-256/NONE IPSec test"""
+        self.run_test()
+
+
 class Test_async_ESNon_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
     """async ESNon ARon AES-GCM-128/NONE IPSec test"""