ipsec: add support for RFC-4543 ENCR_NULL_AUTH_AES_GMAC
Type: improvement
Change-Id: I830f7a2ea3ac0aff5185698b9fa7a278c45116b0
Signed-off-by: Benoît Ganne <bganne@cisco.com>
diff --git a/test/test_ipsec_esp.py b/test/test_ipsec_esp.py
index 4dc74bc..927863c 100644
--- a/test/test_ipsec_esp.py
+++ b/test/test_ipsec_esp.py
@@ -1033,6 +1033,42 @@
"salt": 2020,
"key": b"JPjyOWBeVEQiMe7hJPjyOWBeVEQiMe7h",
},
+ "AES-NULL-GMAC-128/NONE": {
+ "vpp-crypto": (
+ VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_NULL_GMAC_128
+ ),
+ "vpp-integ": (
+ VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
+ ),
+ "scapy-crypto": "AES-NULL-GMAC",
+ "scapy-integ": "NULL",
+ "key": b"JPjyOWBeVEQiMe7h",
+ "salt": 0,
+ },
+ "AES-NULL-GMAC-192/NONE": {
+ "vpp-crypto": (
+ VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_NULL_GMAC_192
+ ),
+ "vpp-integ": (
+ VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
+ ),
+ "scapy-crypto": "AES-NULL-GMAC",
+ "scapy-integ": "NULL",
+ "key": b"JPjyOWBeVEQiMe7h01234567",
+ "salt": 1010,
+ },
+ "AES-NULL-GMAC-256/NONE": {
+ "vpp-crypto": (
+ VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_NULL_GMAC_256
+ ),
+ "vpp-integ": (
+ VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
+ ),
+ "scapy-crypto": "AES-NULL-GMAC",
+ "scapy-integ": "NULL",
+ "key": b"JPjyOWBeVEQiMe7h0123456787654321",
+ "salt": 2020,
+ },
}
@@ -1182,7 +1218,8 @@
# GEN AES-GCM-192/NONE AES-GCM-256/NONE AES-CBC-128/MD5-96 \
# GEN AES-CBC-192/SHA1-96 AES-CBC-256/SHA1-96 \
# GEN 3DES-CBC/SHA1-96 NONE/SHA1-96 \
-# GEN AES-CTR-128/SHA1-96 AES-CTR-192/SHA1-96 AES-CTR-256/SHA1-96; do \
+# GEN AES-CTR-128/SHA1-96 AES-CTR-192/SHA1-96 AES-CTR-256/SHA1-96 \
+# GEN AES-NULL-GMAC-128/NONE AES-NULL-GMAC-192/NONE AES-NULL-GMAC-256/NONE; do \
# GEN echo -en "\n\nclass "
# GEN echo -e "Test_${ENG}_${ESN}_${AR}_${ALG}(RunTestIpsecEspAll):" |
# GEN sed -e 's/-/_/g' -e 's#/#_#g' ;
@@ -1998,6 +2035,30 @@
self.run_test()
+class Test_openssl_ESNon_ARon_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-NULL-GMAC-128/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNon ARon AES-NULL-GMAC-128/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_openssl_ESNon_ARon_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-NULL-GMAC-192/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNon ARon AES-NULL-GMAC-192/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_openssl_ESNon_ARon_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-NULL-GMAC-256/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNon ARon AES-NULL-GMAC-256/NONE IPSec test"""
+ self.run_test()
+
+
class Test_openssl_ESNon_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
"""openssl ESNon ARoff AES-GCM-128/NONE IPSec test"""
@@ -2086,6 +2147,30 @@
self.run_test()
+class Test_openssl_ESNon_ARoff_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-NULL-GMAC-128/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNon ARoff AES-NULL-GMAC-128/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_openssl_ESNon_ARoff_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-NULL-GMAC-192/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNon ARoff AES-NULL-GMAC-192/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_openssl_ESNon_ARoff_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-NULL-GMAC-256/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNon ARoff AES-NULL-GMAC-256/NONE IPSec test"""
+ self.run_test()
+
+
class Test_openssl_ESNoff_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
"""openssl ESNoff ARon AES-GCM-128/NONE IPSec test"""
@@ -2174,6 +2259,30 @@
self.run_test()
+class Test_openssl_ESNoff_ARon_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-NULL-GMAC-128/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNoff ARon AES-NULL-GMAC-128/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_openssl_ESNoff_ARon_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-NULL-GMAC-192/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNoff ARon AES-NULL-GMAC-192/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_openssl_ESNoff_ARon_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-NULL-GMAC-256/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNoff ARon AES-NULL-GMAC-256/NONE IPSec test"""
+ self.run_test()
+
+
class Test_openssl_ESNoff_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
"""openssl ESNoff ARoff AES-GCM-128/NONE IPSec test"""
@@ -2262,6 +2371,30 @@
self.run_test()
+class Test_openssl_ESNoff_ARoff_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-NULL-GMAC-128/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNoff ARoff AES-NULL-GMAC-128/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_openssl_ESNoff_ARoff_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-NULL-GMAC-192/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNoff ARoff AES-NULL-GMAC-192/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_openssl_ESNoff_ARoff_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-NULL-GMAC-256/NONE IPSec test"""
+
+ def test_ipsec(self):
+ """openssl ESNoff ARoff AES-NULL-GMAC-256/NONE IPSec test"""
+ self.run_test()
+
+
class Test_async_ESNon_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
"""async ESNon ARon AES-GCM-128/NONE IPSec test"""