aead: Support custom AEAD salt sizes

The salt, or often called implicit nonce, varies between AEAD algorithms and
their use in protocols. For IKE and ESP, GCM uses 4 bytes, while CCM uses
3 bytes. With TLS, however, AEAD mode uses 4 bytes for both GCM and CCM.

Our GCM backends currently support 4 bytes and CCM 3 bytes only. This is fine
until we go for CCM mode support in TLS, which requires 4 byte nonces.

1 files changed, 8 insertions, 4 deletions

diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 40c4fd362..c6780daf1 100644
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -315,7 +315,7 @@ static u_int bench_aead(private_crypto_tester_t *this,
 {
 	aead_t *aead;
 
-	aead = create(alg, 0);
+	aead = create(alg, 0, 0);
 	if (aead)
 	{
 		char iv[aead->get_iv_size(aead)];
@@ -364,7 +364,8 @@ static u_int bench_aead(private_crypto_tester_t *this,
 
 METHOD(crypto_tester_t, test_aead, bool,
 	private_crypto_tester_t *this, encryption_algorithm_t alg, size_t key_size,
-	aead_constructor_t create, u_int *speed, const char *plugin_name)
+	size_t salt_size, aead_constructor_t create,
+	u_int *speed, const char *plugin_name)
 {
 	enumerator_t *enumerator;
 	aead_test_vector_t *vector;
@@ -386,10 +387,14 @@ METHOD(crypto_tester_t, test_aead, bool,
 		{	/* test only vectors with a specific key size, if key size given */
 			continue;
 		}
+		if (salt_size && salt_size != vector->salt_size)
+		{
+			continue;
+		}
 
 		tested++;
 		failed = TRUE;
-		aead = create(alg, vector->key_size);
+		aead = create(alg, vector->key_size, vector->salt_size);
 		if (!aead)
 		{
 			DBG1(DBG_LIB, "%N[%s]: %u bit key size not supported",
@@ -1218,4 +1223,3 @@ crypto_tester_t *crypto_tester_create()
 
 	return &this->public;
 }
-