crypto: add support for AES-CTR cipher

Change-Id: I7d84bab7768421ed37813702c0413e52167f41ab
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>

diff --git a/src/plugins/crypto_openssl/main.c b/src/plugins/crypto_openssl/main.c
index 13981e9..9b741bb 100644 (file)
--- a/src/plugins/crypto_openssl/main.c
+++ b/src/plugins/crypto_openssl/main.c
@@ -44,7 +44,10 @@ static openssl_per_thread_data_t *per_thread_data = 0;
   _(cbc, AES_256_CBC, EVP_aes_256_cbc) \
   _(gcm, AES_128_GCM, EVP_aes_128_gcm) \
   _(gcm, AES_192_GCM, EVP_aes_192_gcm) \
-  _(gcm, AES_256_GCM, EVP_aes_256_gcm)
+  _(gcm, AES_256_GCM, EVP_aes_256_gcm) \
+  _(cbc, AES_128_CTR, EVP_aes_128_ctr) \
+  _(cbc, AES_192_CTR, EVP_aes_192_ctr) \
+  _(cbc, AES_256_CTR, EVP_aes_256_ctr) \
 
 #define foreach_openssl_hmac_op \
   _(MD5, EVP_md5) \

diff --git a/src/plugins/unittest/CMakeLists.txt b/src/plugins/unittest/CMakeLists.txt
index 5576617..60a7cc1 100644 (file)
--- a/src/plugins/unittest/CMakeLists.txt
+++ b/src/plugins/unittest/CMakeLists.txt
@@ -1,4 +1,4 @@
-# Copyright (c) 2018 Cisco and/or its affiliates.
+# Copyright (c) 2018-2019 Cisco and/or its affiliates.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at:
@@ -18,6 +18,7 @@ add_vpp_plugin(unittest
   crypto_test.c
   crypto/aes_cbc.c
   crypto/aes_gcm.c
+  crypto/aes_ctr.c
   crypto/rfc2202_hmac_sha1.c
   crypto/rfc2202_hmac_md5.c
   crypto/rfc4231.c

diff --git a/src/plugins/unittest/crypto/aes_ctr.c b/src/plugins/unittest/crypto/aes_ctr.c
new file mode 100644 (file)
index 0000000..80e6611
--- /dev/null
+++ b/src/plugins/unittest/crypto/aes_ctr.c
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* Test vectors for AES-CTR published here:
+ * https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38a.pdf
+ */
+
+#include <vppinfra/clib.h>
+#include <vnet/crypto/crypto.h>
+#include <unittest/crypto/crypto.h>
+
+static u8 tc1_key[] = {
+  0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
+  0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
+};
+
+static u8 tc1_iv[] = {
+  0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+  0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff,
+};
+
+static u8 tc1_plaintext[] = {
+  0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+  0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
+};
+
+static u8 tc1_ciphertext[] = {
+  0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20, 0xe3, 0x26,
+  0x1b, 0xef, 0x68, 0x64, 0x99, 0x0d, 0xb6, 0xce,
+};
+
+/* *INDENT-OFF* */
+UNITTEST_REGISTER_CRYPTO_TEST (nist_aes128_ctr_tc1) = {
+  .name = "CTR-AES128 TC1",
+  .alg = VNET_CRYPTO_ALG_AES_128_CTR,
+  .key = TEST_DATA (tc1_key),
+  .iv = TEST_DATA (tc1_iv),
+  .plaintext = TEST_DATA (tc1_plaintext),
+  .ciphertext = TEST_DATA (tc1_ciphertext),
+};
+/* *INDENT-ON* */
+
+static u8 tc1_192_key[] = {
+  0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
+  0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
+  0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b,
+};
+
+static u8 tc1_192_iv[] = {
+  0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+  0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff,
+};
+
+static u8 tc1_192_ciphertext[] = {
+  0x1a, 0xbc, 0x93, 0x24, 0x17, 0x52, 0x1c, 0xa2,
+  0x4f, 0x2b, 0x04, 0x59, 0xfe, 0x7e, 0x6e, 0x0b,
+};
+
+/* *INDENT-OFF* */
+UNITTEST_REGISTER_CRYPTO_TEST (nist_aes192_ctr_tc1) = {
+  .name = "CTR-AES192 TC1",
+  .alg = VNET_CRYPTO_ALG_AES_192_CTR,
+  .key = TEST_DATA (tc1_192_key),
+  .iv = TEST_DATA (tc1_192_iv),
+  .plaintext = TEST_DATA (tc1_plaintext),
+  .ciphertext = TEST_DATA (tc1_192_ciphertext),
+};
+/* *INDENT-ON* */
+
+static u8 tc1_256_key[] = {
+  0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
+  0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
+  0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+  0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4,
+};
+
+static u8 tc1_256_iv[] = {
+  0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+  0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff,
+};
+
+static u8 tc1_256_ciphertext[] = {
+  0x60, 0x1e, 0xc3, 0x13, 0x77, 0x57, 0x89, 0xa5,
+  0xb7, 0xa7, 0xf5, 0x04, 0xbb, 0xf3, 0xd2, 0x28,
+};
+
+/* *INDENT-OFF* */
+UNITTEST_REGISTER_CRYPTO_TEST (nist_aes256_ctr_tc1) = {
+  .name = "CTR-AES256 TC1",
+  .alg = VNET_CRYPTO_ALG_AES_256_CTR,
+  .key = TEST_DATA (tc1_256_key),
+  .iv = TEST_DATA (tc1_256_iv),
+  .plaintext = TEST_DATA (tc1_plaintext),
+  .ciphertext = TEST_DATA (tc1_256_ciphertext),
+};
+/* *INDENT-ON* */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */

diff --git a/src/vnet/crypto/crypto.h b/src/vnet/crypto/crypto.h
index 92b65a4..06f7e53 100644 (file)
--- a/src/vnet/crypto/crypto.h
+++ b/src/vnet/crypto/crypto.h
@@ -25,7 +25,10 @@
   _(3DES_CBC,    "3des-cbc") \
   _(AES_128_CBC, "aes-128-cbc") \
   _(AES_192_CBC, "aes-192-cbc") \
-  _(AES_256_CBC, "aes-256-cbc")
+  _(AES_256_CBC, "aes-256-cbc") \
+  _(AES_128_CTR, "aes-128-ctr") \
+  _(AES_192_CTR, "aes-192-ctr") \
+  _(AES_256_CTR, "aes-256-ctr")
 
 #define foreach_crypto_aead_alg \
   _(AES_128_GCM, "aes-128-gcm") \