return FALSE;
}
- aead = lib->crypto->create_aead(lib->crypto, alg, test->key.len);
+ aead = lib->crypto->create_aead(lib->crypto, alg, test->key.len, 4);
if (!aead)
{
DBG1(DBG_APP, "algorithm %N or key length (%d bits) not supported",
if (encryption_algorithm_is_aead(token->algorithm))
{
aead = lib->crypto->create_aead(lib->crypto,
- token->algorithm, token->keysize / 8);
+ token->algorithm, token->keysize / 8, 0);
if (!aead)
{
fprintf(stderr, "aead '%s' not supported!\n", argv[1]);
{
aead_t *aead_i, *aead_r;
chunk_t key = chunk_empty;
+ u_int salt_size;
+
+ switch (alg)
+ {
+ case ENCR_AES_GCM_ICV8:
+ case ENCR_AES_GCM_ICV12:
+ case ENCR_AES_GCM_ICV16:
+ /* RFC 4106 */
+ salt_size = 4;
+ break;
+ case ENCR_AES_CCM_ICV8:
+ case ENCR_AES_CCM_ICV12:
+ case ENCR_AES_CCM_ICV16:
+ /* RFC 4309 */
+ case ENCR_CAMELLIA_CCM_ICV8:
+ case ENCR_CAMELLIA_CCM_ICV12:
+ case ENCR_CAMELLIA_CCM_ICV16:
+ /* RFC 5529 */
+ salt_size = 3;
+ break;
+ default:
+ DBG1(DBG_IKE, "nonce size for %N unknown!",
+ encryption_algorithm_names, alg);
+ return FALSE;
+ }
/* SK_ei/SK_er used for encryption */
- aead_i = lib->crypto->create_aead(lib->crypto, alg, key_size / 8);
- aead_r = lib->crypto->create_aead(lib->crypto, alg, key_size / 8);
+ aead_i = lib->crypto->create_aead(lib->crypto, alg, key_size / 8, salt_size);
+ aead_r = lib->crypto->create_aead(lib->crypto, alg, key_size / 8, salt_size);
if (aead_i == NULL || aead_r == NULL)
{
DBG1(DBG_IKE, "%N %N (key size %d) not supported!",
case ENCR_AES_GCM_ICV12:
case ENCR_AES_GCM_ICV16:
/* the key includes a 4 byte salt */
- this->aead = lib->crypto->create_aead(lib->crypto, alg, key.len-4);
+ this->aead = lib->crypto->create_aead(lib->crypto, alg,
+ key.len - 4, 4);
break;
default:
break;
/**
* Get the size of the key material (for encryption and authentication).
*
+ * This includes any additional bytes requires for the implicit nonce part.
+ * For AEADs based on traditional ciphers, the length is for both
+ * the integrity and the encryption key in total.
+ *
* @return key size in bytes
*/
size_t (*get_key_size)(aead_t *this);
/**
* Set the key for encryption and authentication.
*
+ * If the AEAD uses an implicit nonce, the last part of the key shall
+ * be the implicit nonce. For AEADs based on traditional ciphers, the
+ * key shall include both integrity and encryption keys, concatenated
+ * in that order.
+ *
* @param key encryption and authentication key
* @return TRUE if key set successfully
*/
METHOD(crypto_factory_t, create_aead, aead_t*,
private_crypto_factory_t *this, encryption_algorithm_t algo,
- size_t key_size)
+ size_t key_size, size_t salt_size)
{
enumerator_t *enumerator;
entry_t *entry;
{
if (this->test_on_create &&
!this->tester->test_aead(this->tester, algo, key_size,
- entry->create_aead, NULL,
+ salt_size, entry->create_aead, NULL,
default_plugin_name))
{
continue;
}
- aead = entry->create_aead(algo, key_size);
+ aead = entry->create_aead(algo, key_size, salt_size);
if (aead)
{
break;
u_int speed = 0;
if (!this->test_on_add ||
- this->tester->test_aead(this->tester, algo, 0, create,
+ this->tester->test_aead(this->tester, algo, 0, 0, create,
this->bench ? &speed : NULL, plugin_name))
{
add_entry(this, this->aeads, algo, plugin_name, speed, create);
this->lock->read_lock(this->lock);
TEST_ALGORITHMS(crypter, 0);
- TEST_ALGORITHMS(aead, 0);
+ TEST_ALGORITHMS(aead, 0, 0);
TEST_ALGORITHMS(signer);
TEST_ALGORITHMS(hasher);
TEST_ALGORITHMS(prf);
* Constructor function for aead transforms
*/
typedef aead_t* (*aead_constructor_t)(encryption_algorithm_t algo,
- size_t key_size);
+ size_t key_size, size_t salt_size);
/**
* Constructor function for signers
*/
*
* @param algo encryption algorithm
* @param key_size length of the key in bytes
+ * @param salt_size size of salt, implicit part of the nonce
* @return aead_t instance, NULL if not supported
*/
aead_t* (*create_aead)(crypto_factory_t *this,
- encryption_algorithm_t algo, size_t key_size);
+ encryption_algorithm_t algo,
+ size_t key_size, size_t salt_size);
/**
* Create a symmetric signer instance.
{
aead_t *aead;
- aead = create(alg, 0);
+ aead = create(alg, 0, 0);
if (aead)
{
char iv[aead->get_iv_size(aead)];
METHOD(crypto_tester_t, test_aead, bool,
private_crypto_tester_t *this, encryption_algorithm_t alg, size_t key_size,
- aead_constructor_t create, u_int *speed, const char *plugin_name)
+ size_t salt_size, aead_constructor_t create,
+ u_int *speed, const char *plugin_name)
{
enumerator_t *enumerator;
aead_test_vector_t *vector;
{ /* test only vectors with a specific key size, if key size given */
continue;
}
+ if (salt_size && salt_size != vector->salt_size)
+ {
+ continue;
+ }
tested++;
failed = TRUE;
- aead = create(alg, vector->key_size);
+ aead = create(alg, vector->key_size, vector->salt_size);
if (!aead)
{
DBG1(DBG_LIB, "%N[%s]: %u bit key size not supported",
return &this->public;
}
-
encryption_algorithm_t alg;
/** key length to use, in bytes */
size_t key_size;
+ /** salt length to use, in bytes */
+ size_t salt_size;
/** encryption key of test vector */
u_char *key;
/** initialization vector, using crypters blocksize bytes */
*
* @param alg algorithm to test
* @param key_size key size to test, 0 for default
+ * @param salt_size salt length to test, 0 for default
* @param create constructor function for the aead transform
* @param speed speed test result, NULL to omit
* @return TRUE if test passed
*/
bool (*test_aead)(crypto_tester_t *this, encryption_algorithm_t alg,
- size_t key_size, aead_constructor_t create,
- u_int *speed, const char *plugin_name);
+ size_t key_size, size_t salt_size,
+ aead_constructor_t create,
+ u_int *speed, const char *plugin_name);
/**
* Test a signer algorithm.
*
/**
* See header
*/
-ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size)
+ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo,
+ size_t key_size, size_t salt_size)
{
private_ccm_aead_t *this;
size_t icv_size;
default:
return NULL;
}
+ if (salt_size && salt_size != SALT_SIZE)
+ {
+ /* currently not supported */
+ return NULL;
+ }
switch (algo)
{
case ENCR_AES_CCM_ICV8:
*
* @param algo algorithm to implement, a CCM mode
* @param key_size key size in bytes
+ * @param salt_size size of implicit salt length
* @return aead, NULL if not supported
*/
-ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size);
+ccm_aead_t *ccm_aead_create(encryption_algorithm_t algo, size_t key_size,
+ size_t salt_size);
#endif /** CCM_AEAD_H_ @}*/
/**
* See header
*/
-gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size)
+gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo,
+ size_t key_size, size_t salt_size)
{
private_gcm_aead_t *this;
size_t icv_size;
default:
return NULL;
}
+ if (salt_size && salt_size != SALT_SIZE)
+ {
+ /* currently not supported */
+ return NULL;
+ }
switch (algo)
{
case ENCR_AES_GCM_ICV8:
*
* @param algo algorithm to implement, a gcm mode
* @param key_size key size in bytes
+ * @param salt_size size of implicit salt length
* @return aead, NULL if not supported
*/
-gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size);
+gcm_aead_t *gcm_aead_create(encryption_algorithm_t algo, size_t key_size,
+ size_t salt_size);
#endif /** GCM_AEAD_H_ @}*/
/*
* Described in header
*/
-aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size)
+aead_t *openssl_gcm_create(encryption_algorithm_t algo,
+ size_t key_size, size_t salt_size)
{
private_aead_t *this;
return NULL;
}
+ if (salt_size && salt_size != SALT_LEN)
+ {
+ /* currently not supported */
+ free(this);
+ return NULL;
+ }
+
switch (algo)
{
case ENCR_AES_GCM_ICV8:
*
* @param algo algorithm to implement
* @param key_size key size in bytes
+ * @param salt_size size of implicit salt length
* @return aead_t object, NULL if not supported
*/
-aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size);
+aead_t *openssl_gcm_create(encryption_algorithm_t algo, size_t key_size,
+ size_t salt_size);
#endif /** OPENSSL_GCM_H_ @}*/
* originally from "fips cavs fax files on hand at Red Hat".
*/
aead_test_vector_t aes_ccm1 = {
- .alg = ENCR_AES_CCM_ICV16, .key_size = 16, .len = 32, .alen = 0,
+ .alg = ENCR_AES_CCM_ICV16, .key_size = 16, .salt_size = 3,
+ .len = 32, .alen = 0,
.key = "\x83\xac\x54\x66\xc2\xeb\xe5\x05\x2e\x01\xd1\xfc\x5d\x82\x66\x2e"
"\x96\xac\x59",
.iv = "\x30\x07\xa1\xe2\xa2\xc7\x55\x24",
};
aead_test_vector_t aes_ccm2 = {
- .alg = ENCR_AES_CCM_ICV16, .key_size = 16, .len = 32, .alen = 32,
+ .alg = ENCR_AES_CCM_ICV16, .key_size = 16, .salt_size = 3,
+ .len = 32, .alen = 32,
.key = "\x1e\x2c\x7e\x01\x41\x9a\xef\xc0\x0d\x58\x96\x6e\x5c\xa2\x4b\xd3"
"\x4f\xa3\x19",
.iv = "\xd3\x01\x5a\xd8\x30\x60\x15\x56",
};
aead_test_vector_t aes_ccm3 = {
- .alg = ENCR_AES_CCM_ICV16, .key_size = 24, .len = 0, .alen = 32,
+ .alg = ENCR_AES_CCM_ICV16, .key_size = 24, .salt_size = 3,
+ .len = 0, .alen = 32,
.key = "\xf4\x6b\xc2\x75\x62\xfe\xb4\xe1\xa3\xf0\xff\xdd\x4e\x4b\x12\x75"
"\x53\x14\x73\x66\x8d\x88\xf6\x80\xa0\x20\x35",
.iv = "\x26\xf2\x21\x8d\x50\x20\xda\xe2",
};
aead_test_vector_t aes_ccm4 = {
- .alg = ENCR_AES_CCM_ICV16, .key_size = 24, .len = 32, .alen = 32,
+ .alg = ENCR_AES_CCM_ICV16, .key_size = 24, .salt_size = 3,
+ .len = 32, .alen = 32,
.key = "\x56\xdf\x5c\x8f\x26\x3f\x0e\x42\xef\x7a\xd3\xce\xfc\x84\x60\x62"
"\xca\xb4\x40\xaf\x5f\xc9\xc9\x01\xd6\x3c\x8c",
.iv = "\x86\x84\xb6\xcd\xef\x09\x2e\x94",
};
aead_test_vector_t aes_ccm5 = {
- .alg = ENCR_AES_CCM_ICV8, .key_size = 32, .len = 32, .alen = 32,
+ .alg = ENCR_AES_CCM_ICV8, .key_size = 32, .salt_size = 3,
+ .len = 32, .alen = 32,
.key = "\xe0\x8d\x99\x71\x60\xd7\x97\x1a\xbd\x01\x99\xd5\x8a\xdf\x71\x3a"
"\xd3\xdf\x24\x4b\x5e\x3d\x4b\x4e\x30\x7a\xb9\xd8\x53\x0a\x5e\x2b"
"\x1e\x29\x91",
};
aead_test_vector_t aes_ccm6 = {
- .alg = ENCR_AES_CCM_ICV12, .key_size = 32, .len = 32, .alen = 32,
+ .alg = ENCR_AES_CCM_ICV12, .key_size = 32, .salt_size = 3,
+ .len = 32, .alen = 32,
.key = "\x7c\xc8\x18\x3b\x8d\x99\xe0\x7c\x45\x41\xb8\xbd\x5c\xa7\xc2\x32"
"\x8a\xb8\x02\x59\xa4\xfe\xa9\x2c\x09\x75\x9a\x9b\x3c\x9b\x27\x39"
"\xf9\xd9\x4e",
};
aead_test_vector_t aes_ccm7 = {
- .alg = ENCR_AES_CCM_ICV16, .key_size = 32, .len = 32, .alen = 32,
+ .alg = ENCR_AES_CCM_ICV16, .key_size = 32, .salt_size = 3,
+ .len = 32, .alen = 32,
.key = "\xab\xd0\xe9\x33\x07\x26\xe5\x83\x8c\x76\x95\xd4\xb6\xdc\xf3\x46"
"\xf9\x8f\xad\xe3\x02\x13\x83\x77\x3f\xb0\xf1\xa1\xa1\x22\x0f\x2b"
"\x24\xa7\x8b",
};
aead_test_vector_t aes_ccm8 = {
- .alg = ENCR_AES_CCM_ICV8, .key_size = 16, .len = 0, .alen = 0,
+ .alg = ENCR_AES_CCM_ICV8, .key_size = 16, .salt_size = 3,
+ .len = 0, .alen = 0,
.key = "\xab\x2f\x8a\x74\xb7\x1c\xd2\xb1\xff\x80\x2e\x48\x7d\x82\xf8\xb9"
"\xaf\x94\x87",
.iv = "\x78\x35\x82\x81\x7f\x88\x94\x68",
};
aead_test_vector_t aes_ccm9 = {
- .alg = ENCR_AES_CCM_ICV8, .key_size = 24, .len = 0, .alen = 32,
+ .alg = ENCR_AES_CCM_ICV8, .key_size = 24, .salt_size = 3,
+ .len = 0, .alen = 32,
.key = "\x39\xbb\xa7\xbe\x59\x97\x9e\x73\xa2\xbc\x6b\x98\xd7\x75\x7f\xe3"
"\xa4\x48\x93\x39\x26\x71\x4a\xc6\xee\x49\x83",
.iv = "\xe9\xa9\xff\xe9\x57\xba\xfd\x9e",
};
aead_test_vector_t aes_ccm10 = {
- .alg = ENCR_AES_CCM_ICV8, .key_size = 32, .len = 0, .alen = 0,
+ .alg = ENCR_AES_CCM_ICV8, .key_size = 32, .salt_size = 3,
+ .len = 0, .alen = 0,
.key = "\xa4\x4b\x54\x29\x0a\xb8\x6d\x01\x5b\x80\x2a\xcf\x25\xc4\xb7\x5c"
"\x20\x2c\xad\x30\xc2\x2b\x41\xfb\x0e\x85\xbc\x33\xad\x0f\x2b\xff"
"\xee\x49\x83",
};
aead_test_vector_t aes_ccm11 = {
- .alg = ENCR_AES_CCM_ICV8, .key_size = 24, .len = 32, .alen = 32,
+ .alg = ENCR_AES_CCM_ICV8, .key_size = 24, .salt_size = 3,
+ .len = 32, .alen = 32,
.key = "\x58\x5d\xa0\x96\x65\x1a\x04\xd7\x96\xe5\xc5\x68\xaa\x95\x35\xe0"
"\x29\xa0\xba\x9e\x48\x78\xd1\xba\xee\x49\x83",
.iv = "\xe9\xa9\xff\xe9\x57\xba\xfd\x9e",
* McGrew & Viega - http://citeseer.ist.psu.edu/656989.html
*/
aead_test_vector_t aes_gcm1 = {
- .alg = ENCR_AES_GCM_ICV8, .key_size = 16, .len = 64, .alen = 0,
+ .alg = ENCR_AES_GCM_ICV8, .key_size = 16, .salt_size = 4,
+ .len = 64, .alen = 0,
.key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
"\xca\xfe\xba\xbe",
.iv = "\xfa\xce\xdb\xad\xde\xca\xf8\x88",
};
aead_test_vector_t aes_gcm2 = {
- .alg = ENCR_AES_GCM_ICV12, .key_size = 16, .len = 64, .alen = 0,
+ .alg = ENCR_AES_GCM_ICV12, .key_size = 16, .salt_size = 4,
+ .len = 64, .alen = 0,
.key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
"\xca\xfe\xba\xbe",
.iv = "\xfa\xce\xdb\xad\xde\xca\xf8\x88",
};
aead_test_vector_t aes_gcm3 = {
- .alg = ENCR_AES_GCM_ICV16, .key_size = 16, .len = 64, .alen = 0,
+ .alg = ENCR_AES_GCM_ICV16, .key_size = 16, .salt_size = 4,
+ .len = 64, .alen = 0,
.key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
"\xca\xfe\xba\xbe",
.iv = "\xfa\xce\xdb\xad\xde\xca\xf8\x88",
};
aead_test_vector_t aes_gcm4 = {
- .alg = ENCR_AES_GCM_ICV16, .key_size = 16, .len = 60, .alen = 20,
+ .alg = ENCR_AES_GCM_ICV16, .key_size = 16, .salt_size = 4,
+ .len = 60, .alen = 20,
.key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
"\xca\xfe\xba\xbe",
.iv = "\xfa\xce\xdb\xad\xde\xca\xf8\x88",
};
aead_test_vector_t aes_gcm5 = {
- .alg = ENCR_AES_GCM_ICV16, .key_size = 24, .len = 64, .alen = 0,
+ .alg = ENCR_AES_GCM_ICV16, .key_size = 24, .salt_size = 4,
+ .len = 64, .alen = 0,
.key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
"\xfe\xff\xe9\x92\x86\x65\x73\x1c\xca\xfe\xba\xbe",
.iv = "\xfa\xce\xdb\xad\xde\xca\xf8\x88",
};
aead_test_vector_t aes_gcm6 = {
- .alg = ENCR_AES_GCM_ICV16, .key_size = 32, .len = 64, .alen = 0,
+ .alg = ENCR_AES_GCM_ICV16, .key_size = 32, .salt_size = 4,
+ .len = 64, .alen = 0,
.key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
"\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
"\xca\xfe\xba\xbe",
};
aead_test_vector_t aes_gcm7 = {
- .alg = ENCR_AES_GCM_ICV16, .key_size = 32, .len = 60, .alen = 20,
+ .alg = ENCR_AES_GCM_ICV16, .key_size = 32, .salt_size = 4,
+ .len = 60, .alen = 20,
.key = "\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
"\xfe\xff\xe9\x92\x86\x65\x73\x1c\x6d\x6a\x8f\x94\x67\x30\x83\x08"
"\xca\xfe\xba\xbe",
"\xc5\xf6\x1e\x63\x93\xba\x7a\x0a\xbc\xc9\xf6\x62\x76\xfc\x6e\xce"
"\x0f\x4e\x17\x68\xcd\xdf\x88\x53\xbb\x2d\x55\x1b",
};
-
projects / thirdparty / strongswan.git / commitdiff
