From e5d73b0dfa6bc57b2ed8745df4409308eeaf272e Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Fri, 31 Jan 2014 15:53:38 +0100 Subject: aead: Support custom AEAD salt sizes The salt, or often called implicit nonce, varies between AEAD algorithms and their use in protocols. For IKE and ESP, GCM uses 4 bytes, while CCM uses 3 bytes. With TLS, however, AEAD mode uses 4 bytes for both GCM and CCM. Our GCM backends currently support 4 bytes and CCM 3 bytes only. This is fine until we go for CCM mode support in TLS, which requires 4 byte nonces. --- src/libstrongswan/crypto/crypto_tester.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'src/libstrongswan/crypto/crypto_tester.c') diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c index 40c4fd362..c6780daf1 100644 --- a/src/libstrongswan/crypto/crypto_tester.c +++ b/src/libstrongswan/crypto/crypto_tester.c @@ -315,7 +315,7 @@ static u_int bench_aead(private_crypto_tester_t *this, { aead_t *aead; - aead = create(alg, 0); + aead = create(alg, 0, 0); if (aead) { char iv[aead->get_iv_size(aead)]; @@ -364,7 +364,8 @@ static u_int bench_aead(private_crypto_tester_t *this, METHOD(crypto_tester_t, test_aead, bool, private_crypto_tester_t *this, encryption_algorithm_t alg, size_t key_size, - aead_constructor_t create, u_int *speed, const char *plugin_name) + size_t salt_size, aead_constructor_t create, + u_int *speed, const char *plugin_name) { enumerator_t *enumerator; aead_test_vector_t *vector; @@ -386,10 +387,14 @@ METHOD(crypto_tester_t, test_aead, bool, { /* test only vectors with a specific key size, if key size given */ continue; } + if (salt_size && salt_size != vector->salt_size) + { + continue; + } tested++; failed = TRUE; - aead = create(alg, vector->key_size); + aead = create(alg, vector->key_size, vector->salt_size); if (!aead) { DBG1(DBG_LIB, "%N[%s]: %u bit key size not supported", @@ -1218,4 +1223,3 @@ crypto_tester_t *crypto_tester_create() return &this->public; } - -- cgit v1.2.3