3131#include <sys/select.h>
3232#include <sys/socket.h>
3333#include <sys/types.h>
34+ #include <unistd.h>
35+ /* wolfip includes */
3436#include "config.h"
3537#include "wolfip.h"
3638#include "wolfesp.h"
3739
40+ static void __attribute__((noreturn )) print_usage_and_die (void );
41+ #if 0
3842#include "esp_sa_list.c"
43+ #endif
3944
4045#define TEST_SIZE (12 * 1024)
4146
4247#define BUFFER_SIZE TEST_SIZE
4348
49+ static int disable_ipsec = 0 ;
4450static int listen_fd = -1 , client_fd = -1 ;
4551static int exit_ok = 0 , exit_count = 0 ;
4652static uint8_t buf [TEST_SIZE ];
@@ -51,9 +57,34 @@ static int closed = 0;
5157static int conn_fd = -1 ;
5258static int client_connected = 0 ;
5359/* "Test pattern - -" 16 chars without trailing null. */
54- static const uint8_t test_pattern [16 ] = {0x54 , 0x65 , 0x73 , 0x74 , 0x20 , 0x70 ,
55- 0x61 , 0x74 , 0x74 , 0x65 , 0x72 , 0x6e ,
56- 0x20 , 0x2d , 0x20 , 0x2d };
60+ static const uint8_t test_pattern [16 ] =
61+ {0x54 , 0x65 , 0x73 , 0x74 , 0x20 , 0x70 ,
62+ 0x61 , 0x74 , 0x74 , 0x65 , 0x72 , 0x6e ,
63+ 0x20 , 0x2d , 0x20 , 0x2d };
64+ static uint8_t in_sa_gcm [ESP_SPI_LEN ] = {0x01 , 0x01 , 0x01 , 0x01 };
65+ static uint8_t out_sa_gcm [ESP_SPI_LEN ] = {0x02 , 0x02 , 0x02 , 0x02 };
66+ static uint8_t in_sa_cbc [ESP_SPI_LEN ] = {0x03 , 0x03 , 0x03 , 0x03 };
67+ static uint8_t out_sa_cbc [ESP_SPI_LEN ] = {0x04 , 0x04 , 0x04 , 0x04 };
68+ /* 32 byte key + 4 byte nonce*/
69+ static uint8_t in_enc_key [36 ] =
70+ {0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 ,
71+ 0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 ,
72+ 0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 ,
73+ 0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 , 0x03 ,
74+ 0x0a , 0x0b , 0x0c , 0x0d };
75+ static uint8_t out_enc_key [36 ] =
76+ {0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 ,
77+ 0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 ,
78+ 0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 ,
79+ 0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 , 0x04 ,
80+ 0x0a , 0x0b , 0x0c , 0x0d };
81+
82+ static uint8_t in_auth_key [16 ] =
83+ {0x01 , 0x01 , 0x01 , 0x01 , 0x01 , 0x01 , 0x01 , 0x01 ,
84+ 0x01 , 0x01 , 0x01 , 0x01 , 0x01 , 0x01 , 0x01 , 0x01 };
85+ static uint8_t out_auth_key [16 ] =
86+ {0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 ,
87+ 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 , 0x02 };
5788
5889
5990/* wolfIP: server side callback. */
@@ -494,14 +525,36 @@ int main(int argc, char **argv)
494525 struct in_addr host_stack_ip ;
495526 uint32_t srv_ip = 0 ;
496527 int err = 0 ;
528+ int opt = 0 ;
529+ int mode = 0 ; /* 0 aead example, 1 cbc-auth example*/
530+
531+ while ((opt = getopt (argc , argv , "pm:?" )) != -1 ) {
532+ switch (opt ) {
533+ case 'p' :
534+ disable_ipsec = 1 ;
535+ break ;
536+ case 'm' :
537+ mode = atoi (optarg );
538+ break ;
539+ case '?' :
540+ print_usage_and_die ();
541+ break ;
542+ default : /* '?' */
543+ fprintf (stderr , "Usage: %s [-t nsecs] [-n] name\n" ,
544+ argv [0 ]);
545+ exit (EXIT_FAILURE );
546+ }
547+ }
497548
498549 (void )argc ;
499550 (void )argv ;
500551
501- err = wolfIP_esp_init ();
502- if (err ) {
503- perror ("esp_init" );
504- return 2 ;
552+ if (!disable_ipsec ) {
553+ err = wolfIP_esp_init ();
554+ if (err ) {
555+ perror ("esp_init" );
556+ return 2 ;
557+ }
505558 }
506559
507560 wolfIP_init_static (& s );
@@ -532,8 +585,36 @@ int main(int argc, char **argv)
532585 printf ("IP: manually configured\n" );
533586 inet_pton (AF_INET , WOLFIP_IP , & srv_ip );
534587
535- wolfIP_esp_load_sa_list (test_in_sa_list , WOLFIP_ESP_NUM_SA , 1 );
536- wolfIP_esp_load_sa_list (test_out_sa_list , WOLFIP_ESP_NUM_SA , 0 );
588+ if (!disable_ipsec ) {
589+ switch (mode ) {
590+ case 0 :
591+ err = wolfIP_esp_sa_new_aead (1 , in_sa_gcm , atoip4 (HOST_STACK_IP ),
592+ atoip4 (WOLFIP_IP ),
593+ in_enc_key , sizeof (in_enc_key ));
594+
595+ err = wolfIP_esp_sa_new_aead (0 , out_sa_gcm , atoip4 (WOLFIP_IP ),
596+ atoip4 (HOST_STACK_IP ),
597+ out_enc_key , sizeof (out_enc_key ));
598+ break ;
599+
600+ case 1 :
601+ err = wolfIP_esp_sa_new_cbc_sha256 (1 , in_sa_cbc , atoip4 (HOST_STACK_IP ),
602+ atoip4 (WOLFIP_IP ),
603+ in_enc_key , sizeof (in_enc_key ) - 4 ,
604+ in_auth_key , sizeof (in_auth_key ),
605+ ESP_ICVLEN_HMAC_128 );
606+
607+ err = wolfIP_esp_sa_new_cbc_sha256 (0 , out_sa_cbc , atoip4 (WOLFIP_IP ),
608+ atoip4 (HOST_STACK_IP ),
609+ out_enc_key , sizeof (out_enc_key - 4 ),
610+ out_auth_key , sizeof (out_auth_key ),
611+ ESP_ICVLEN_HMAC_128 );
612+ break ;
613+
614+ default :
615+ break ;
616+ }
617+ }
537618
538619 /* Server side test */
539620 test_wolfip_echoserver (s , srv_ip );
@@ -546,3 +627,14 @@ int main(int argc, char **argv)
546627#endif
547628 return 0 ;
548629}
630+
631+ static void
632+ print_usage_and_die (void )
633+ {
634+ printf ("./test-esp [-m <mode>] [-p]\n" );
635+ printf ("\n" );
636+ printf ("options:\n" );
637+ printf (" -p force plaintext (disable ipsec)\n" );
638+ printf (" -m <mode> 0 aead (default), 1 cbc auth\n" );
639+ exit (1 );
640+ }
0 commit comments