Imported Upstream version 5.3.3

6 files changed, 318 insertions, 2 deletions

diff --git a/src/libcharon/tests/Makefile.am b/src/libcharon/tests/Makefile.am
index c8be28594..5fd8ca26d 100644
--- a/src/libcharon/tests/Makefile.am
+++ b/src/libcharon/tests/Makefile.am
@@ -3,7 +3,9 @@ TESTS = libcharon_tests
 check_PROGRAMS = $(TESTS)
 
 libcharon_tests_SOURCES = \
+  suites/test_ike_cfg.c \
   suites/test_mem_pool.c \
+  suites/test_message_chapoly.c \
   libcharon_tests.h libcharon_tests.c
 
 libcharon_tests_CFLAGS = \
@@ -11,6 +13,8 @@ libcharon_tests_CFLAGS = \
   -I$(top_srcdir)/src/libhydra \
   -I$(top_srcdir)/src/libstrongswan \
   -I$(top_srcdir)/src/libstrongswan/tests \
+  -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \
+  -DPLUGINS=\""${s_plugins}\"" \
   @COVERAGE_CFLAGS@
 
 libcharon_tests_LDFLAGS = @COVERAGE_LDFLAGS@
diff --git a/src/libcharon/tests/Makefile.in b/src/libcharon/tests/Makefile.in
index 7f4f4b24e..910aad928 100644
--- a/src/libcharon/tests/Makefile.in
+++ b/src/libcharon/tests/Makefile.in
@@ -102,7 +102,9 @@ CONFIG_CLEAN_VPATH_FILES =
 am__EXEEXT_1 = libcharon_tests$(EXEEXT)
 am__dirstamp = $(am__leading_dot)dirstamp
 am_libcharon_tests_OBJECTS =  \
+	suites/libcharon_tests-test_ike_cfg.$(OBJEXT) \
 	suites/libcharon_tests-test_mem_pool.$(OBJEXT) \
+	suites/libcharon_tests-test_message_chapoly.$(OBJEXT) \
 	libcharon_tests-libcharon_tests.$(OBJEXT)
 libcharon_tests_OBJECTS = $(am_libcharon_tests_OBJECTS)
 libcharon_tests_DEPENDENCIES =  \
@@ -427,7 +429,9 @@ urandom_device = @urandom_device@
 xml_CFLAGS = @xml_CFLAGS@
 xml_LIBS = @xml_LIBS@
 libcharon_tests_SOURCES = \
+  suites/test_ike_cfg.c \
   suites/test_mem_pool.c \
+  suites/test_message_chapoly.c \
   libcharon_tests.h libcharon_tests.c
 
 libcharon_tests_CFLAGS = \
@@ -435,6 +439,8 @@ libcharon_tests_CFLAGS = \
   -I$(top_srcdir)/src/libhydra \
   -I$(top_srcdir)/src/libstrongswan \
   -I$(top_srcdir)/src/libstrongswan/tests \
+  -DPLUGINDIR=\""$(abs_top_builddir)/src/libstrongswan/plugins\"" \
+  -DPLUGINS=\""${s_plugins}\"" \
   @COVERAGE_CFLAGS@
 
 libcharon_tests_LDFLAGS = @COVERAGE_LDFLAGS@
@@ -493,8 +499,12 @@ suites/$(am__dirstamp):
 suites/$(DEPDIR)/$(am__dirstamp):
 	@$(MKDIR_P) suites/$(DEPDIR)
 	@: > suites/$(DEPDIR)/$(am__dirstamp)
+suites/libcharon_tests-test_ike_cfg.$(OBJEXT): suites/$(am__dirstamp) \
+	suites/$(DEPDIR)/$(am__dirstamp)
 suites/libcharon_tests-test_mem_pool.$(OBJEXT):  \
 	suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp)
+suites/libcharon_tests-test_message_chapoly.$(OBJEXT):  \
+	suites/$(am__dirstamp) suites/$(DEPDIR)/$(am__dirstamp)
 
 libcharon_tests$(EXEEXT): $(libcharon_tests_OBJECTS) $(libcharon_tests_DEPENDENCIES) $(EXTRA_libcharon_tests_DEPENDENCIES) 
 	@rm -f libcharon_tests$(EXEEXT)
@@ -508,7 +518,9 @@ distclean-compile:
 	-rm -f *.tab.c
 
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libcharon_tests-libcharon_tests.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/libcharon_tests-test_mem_pool.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@suites/$(DEPDIR)/libcharon_tests-test_message_chapoly.Po@am__quote@
 
 .c.o:
 @am__fastdepCC_TRUE@	$(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\
@@ -534,6 +546,20 @@ distclean-compile:
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
 @am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $<
 
+suites/libcharon_tests-test_ike_cfg.o: suites/test_ike_cfg.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT suites/libcharon_tests-test_ike_cfg.o -MD -MP -MF suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Tpo -c -o suites/libcharon_tests-test_ike_cfg.o `test -f 'suites/test_ike_cfg.c' || echo '$(srcdir)/'`suites/test_ike_cfg.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Tpo suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='suites/test_ike_cfg.c' object='suites/libcharon_tests-test_ike_cfg.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -c -o suites/libcharon_tests-test_ike_cfg.o `test -f 'suites/test_ike_cfg.c' || echo '$(srcdir)/'`suites/test_ike_cfg.c
+
+suites/libcharon_tests-test_ike_cfg.obj: suites/test_ike_cfg.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT suites/libcharon_tests-test_ike_cfg.obj -MD -MP -MF suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Tpo -c -o suites/libcharon_tests-test_ike_cfg.obj `if test -f 'suites/test_ike_cfg.c'; then $(CYGPATH_W) 'suites/test_ike_cfg.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_ike_cfg.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Tpo suites/$(DEPDIR)/libcharon_tests-test_ike_cfg.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='suites/test_ike_cfg.c' object='suites/libcharon_tests-test_ike_cfg.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -c -o suites/libcharon_tests-test_ike_cfg.obj `if test -f 'suites/test_ike_cfg.c'; then $(CYGPATH_W) 'suites/test_ike_cfg.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_ike_cfg.c'; fi`
+
 suites/libcharon_tests-test_mem_pool.o: suites/test_mem_pool.c
 @am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT suites/libcharon_tests-test_mem_pool.o -MD -MP -MF suites/$(DEPDIR)/libcharon_tests-test_mem_pool.Tpo -c -o suites/libcharon_tests-test_mem_pool.o `test -f 'suites/test_mem_pool.c' || echo '$(srcdir)/'`suites/test_mem_pool.c
 @am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) suites/$(DEPDIR)/libcharon_tests-test_mem_pool.Tpo suites/$(DEPDIR)/libcharon_tests-test_mem_pool.Po
@@ -548,6 +574,20 @@ suites/libcharon_tests-test_mem_pool.obj: suites/test_mem_pool.c
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
 @am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -c -o suites/libcharon_tests-test_mem_pool.obj `if test -f 'suites/test_mem_pool.c'; then $(CYGPATH_W) 'suites/test_mem_pool.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_mem_pool.c'; fi`
 
+suites/libcharon_tests-test_message_chapoly.o: suites/test_message_chapoly.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT suites/libcharon_tests-test_message_chapoly.o -MD -MP -MF suites/$(DEPDIR)/libcharon_tests-test_message_chapoly.Tpo -c -o suites/libcharon_tests-test_message_chapoly.o `test -f 'suites/test_message_chapoly.c' || echo '$(srcdir)/'`suites/test_message_chapoly.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) suites/$(DEPDIR)/libcharon_tests-test_message_chapoly.Tpo suites/$(DEPDIR)/libcharon_tests-test_message_chapoly.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='suites/test_message_chapoly.c' object='suites/libcharon_tests-test_message_chapoly.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -c -o suites/libcharon_tests-test_message_chapoly.o `test -f 'suites/test_message_chapoly.c' || echo '$(srcdir)/'`suites/test_message_chapoly.c
+
+suites/libcharon_tests-test_message_chapoly.obj: suites/test_message_chapoly.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT suites/libcharon_tests-test_message_chapoly.obj -MD -MP -MF suites/$(DEPDIR)/libcharon_tests-test_message_chapoly.Tpo -c -o suites/libcharon_tests-test_message_chapoly.obj `if test -f 'suites/test_message_chapoly.c'; then $(CYGPATH_W) 'suites/test_message_chapoly.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_message_chapoly.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) suites/$(DEPDIR)/libcharon_tests-test_message_chapoly.Tpo suites/$(DEPDIR)/libcharon_tests-test_message_chapoly.Po
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	$(AM_V_CC)source='suites/test_message_chapoly.c' object='suites/libcharon_tests-test_message_chapoly.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
+@am__fastdepCC_FALSE@	$(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -c -o suites/libcharon_tests-test_message_chapoly.obj `if test -f 'suites/test_message_chapoly.c'; then $(CYGPATH_W) 'suites/test_message_chapoly.c'; else $(CYGPATH_W) '$(srcdir)/suites/test_message_chapoly.c'; fi`
+
 libcharon_tests-libcharon_tests.o: libcharon_tests.c
 @am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(libcharon_tests_CFLAGS) $(CFLAGS) -MT libcharon_tests-libcharon_tests.o -MD -MP -MF $(DEPDIR)/libcharon_tests-libcharon_tests.Tpo -c -o libcharon_tests-libcharon_tests.o `test -f 'libcharon_tests.c' || echo '$(srcdir)/'`libcharon_tests.c
 @am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/libcharon_tests-libcharon_tests.Tpo $(DEPDIR)/libcharon_tests-libcharon_tests.Po
diff --git a/src/libcharon/tests/libcharon_tests.c b/src/libcharon/tests/libcharon_tests.c
index 1ed0f0c95..ec96de711 100644
--- a/src/libcharon/tests/libcharon_tests.c
+++ b/src/libcharon/tests/libcharon_tests.c
@@ -27,8 +27,8 @@
 static test_configuration_t tests[] = {
 #define TEST_SUITE(x) \
 	{ .suite = x, },
-#define TEST_SUITE_DEPEND(x, type, args) \
-	{ .suite = x, .feature = PLUGIN_DEPENDS(type, args) },
+#define TEST_SUITE_DEPEND(x, type, ...) \
+	{ .suite = x, .feature = PLUGIN_DEPENDS(type, __VA_ARGS__) },
 #include "libcharon_tests.h"
 	{ .suite = NULL, }
 };
@@ -37,13 +37,27 @@ static bool test_runner_init(bool init)
 {
 	if (init)
 	{
+		char *plugins, *plugindir;
+
 		libhydra_init();
 		libcharon_init();
+
+		plugins = getenv("TESTS_PLUGINS") ?:
+					lib->settings->get_str(lib->settings,
+										"tests.load", PLUGINS);
+		plugindir = lib->settings->get_str(lib->settings,
+										"tests.plugindir", PLUGINDIR);
+		plugin_loader_add_plugindirs(plugindir, plugins);
+		if (!lib->plugins->load(lib->plugins, plugins))
+		{
+			return FALSE;
+		}
 	}
 	else
 	{
 		lib->processor->set_threads(lib->processor, 0);
 		lib->processor->cancel(lib->processor);
+		lib->plugins->unload(lib->plugins);
 		libcharon_deinit();
 		libhydra_deinit();
 	}
diff --git a/src/libcharon/tests/libcharon_tests.h b/src/libcharon/tests/libcharon_tests.h
index dc9681aeb..fb82baccb 100644
--- a/src/libcharon/tests/libcharon_tests.h
+++ b/src/libcharon/tests/libcharon_tests.h
@@ -13,4 +13,6 @@
  * for more details.
  */
 
+TEST_SUITE(ike_cfg_suite_create)
 TEST_SUITE(mem_pool_suite_create)
+TEST_SUITE_DEPEND(message_chapoly_suite_create, AEAD, ENCR_CHACHA20_POLY1305, 32)
diff --git a/src/libcharon/tests/suites/test_ike_cfg.c b/src/libcharon/tests/suites/test_ike_cfg.c
new file mode 100644
index 000000000..8062179b9
--- /dev/null
+++ b/src/libcharon/tests/suites/test_ike_cfg.c
@@ -0,0 +1,118 @@
+/*
+ * Copyright (C) 2015 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <config/ike_cfg.h>
+
+static void assert_family(int expected, char *addr, bool local)
+{
+	ike_cfg_t *cfg;
+	int family;
+
+	cfg = ike_cfg_create(IKEV2, FALSE, FALSE, local ? addr : "%any", 500,
+						 local ? "%any" : addr, 500, FRAGMENTATION_NO, 0);
+	family = ike_cfg_get_family(cfg, local);
+	ck_assert_msg(expected == family, "expected family %d != %d (addr: '%s')",
+				  expected, family, addr);
+	cfg->destroy(cfg);
+}
+
+START_TEST(test_get_address_family_empty)
+{
+	assert_family(AF_UNSPEC, "", _i);
+}
+END_TEST
+
+START_TEST(test_get_address_family_addr)
+{
+	assert_family(AF_INET, "192.168.1.1", _i);
+	assert_family(AF_INET6, "fec::1", _i);
+}
+END_TEST
+
+START_TEST(test_get_address_family_multi)
+{
+	assert_family(AF_INET, "192.168.1.1,192.168.2.2", _i);
+	assert_family(AF_INET6, "fec::1,fec::2", _i);
+
+	assert_family(AF_UNSPEC, "192.168.1.1,fec::1", _i);
+	assert_family(AF_UNSPEC, "fec::1,192.168.1.1", _i);
+}
+END_TEST
+
+START_TEST(test_get_address_family_any)
+{
+	assert_family(AF_UNSPEC, "%any", _i);
+
+	assert_family(AF_INET, "%any4", _i);
+	assert_family(AF_INET, "0.0.0.0", _i);
+
+	assert_family(AF_INET6, "%any6", _i);
+	assert_family(AF_INET6, "::", _i);
+
+	assert_family(AF_INET, "192.168.1.1,%any", _i);
+	assert_family(AF_INET, "192.168.1.1,%any4", _i);
+	assert_family(AF_UNSPEC, "192.168.1.1,%any6", _i);
+
+	assert_family(AF_INET6, "fec::1,%any", _i);
+	assert_family(AF_UNSPEC, "fec::1,%any4", _i);
+	assert_family(AF_INET6, "fec::1,%any6", _i);
+}
+END_TEST
+
+START_TEST(test_get_address_family_other)
+{
+	assert_family(AF_INET, "192.168.1.0", _i);
+	assert_family(AF_UNSPEC, "192.168.1.0/24", _i);
+	assert_family(AF_UNSPEC, "192.168.1.0-192.168.1.10", _i);
+
+	assert_family(AF_INET, "192.168.1.0/24,192.168.2.1", _i);
+	assert_family(AF_INET, "192.168.1.0-192.168.1.10,192.168.2.1", _i);
+	assert_family(AF_INET6, "192.168.1.0/24,fec::1", _i);
+	assert_family(AF_INET6, "192.168.1.0-192.168.1.10,fec::1", _i);
+
+	assert_family(AF_INET6, "fec::", _i);
+	assert_family(AF_UNSPEC, "fec::/64", _i);
+	assert_family(AF_UNSPEC, "fec::1-fec::10", _i);
+
+	assert_family(AF_INET6, "fec::/64,fed::1", _i);
+	assert_family(AF_INET6, "fec::1-fec::10,fec::1", _i);
+	assert_family(AF_INET, "fec::/64,192.168.1.1", _i);
+	assert_family(AF_INET, "fec::1-fec::10,192.168.1.1", _i);
+
+	assert_family(AF_UNSPEC, "strongswan.org", _i);
+	assert_family(AF_INET, "192.168.1.0,strongswan.org", _i);
+	assert_family(AF_INET6, "fec::1,strongswan.org", _i);
+}
+END_TEST
+
+Suite *ike_cfg_suite_create()
+{
+	Suite *s;
+	TCase *tc;
+
+	s = suite_create("ike_cfg");
+
+	tc = tcase_create("ike_cfg_get_address_family");
+	tcase_add_loop_test(tc, test_get_address_family_empty, 0, 2);
+	tcase_add_loop_test(tc, test_get_address_family_addr, 0, 2);
+	tcase_add_loop_test(tc, test_get_address_family_multi, 0, 2);
+	tcase_add_loop_test(tc, test_get_address_family_any, 0, 2);
+	tcase_add_loop_test(tc, test_get_address_family_other, 0, 2);
+	suite_add_tcase(s, tc);
+
+	return s;
+}
diff --git a/src/libcharon/tests/suites/test_message_chapoly.c b/src/libcharon/tests/suites/test_message_chapoly.c
new file mode 100644
index 000000000..e871cf6c2
--- /dev/null
+++ b/src/libcharon/tests/suites/test_message_chapoly.c
@@ -0,0 +1,138 @@
+/*
+ * Copyright (C) 2015 Martin Willi
+ * Copyright (C) 2015 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <encoding/message.h>
+
+static aead_t *aead;
+
+static iv_gen_t *ivgen;
+
+METHOD(keymat_t, get_version, ike_version_t,
+	keymat_t *this)
+{
+	return IKEV2;
+}
+
+METHOD(keymat_t, get_aead, aead_t*,
+	keymat_t *this, bool in)
+{
+	return aead;
+}
+
+METHOD(aead_t, get_iv_gen, iv_gen_t*,
+	aead_t *this)
+{
+	return ivgen;
+}
+
+METHOD(iv_gen_t, get_iv, bool,
+	iv_gen_t *this, u_int64_t seq, size_t size, u_int8_t *buffer)
+{
+	if (size != 8)
+	{
+		return FALSE;
+	}
+	memcpy(buffer, "\x10\x11\x12\x13\x14\x15\x16\x17", 8);
+	return TRUE;
+}
+
+METHOD(iv_gen_t, allocate_iv, bool,
+	iv_gen_t *this, u_int64_t seq, size_t size, chunk_t *chunk)
+{
+	if (size != 8)
+	{
+		return FALSE;
+	}
+	*chunk = chunk_alloc(size);
+	return get_iv(this, seq, chunk->len, chunk->ptr);
+}
+
+/**
+ * Appendix B draft-ietf-ipsecme-chacha20-poly1305-06
+ */
+START_TEST(test_chacha20poly1305)
+{
+	u_int64_t spii, spir;
+	ike_sa_id_t *id;
+	message_t *m;
+	u_int32_t window = htonl(10);
+	chunk_t chunk, exp;
+	keymat_t keymat = {
+		.get_version = _get_version,
+		.create_dh = (void*)return_null,
+		.create_nonce_gen = (void*)return_null,
+		.get_aead = _get_aead,
+	};
+
+	m = message_create(IKEV2, 0);
+	m->set_exchange_type(m, INFORMATIONAL);
+	htoun64(&spii, 0xc0c1c2c3c4c5c6c7);
+	htoun64(&spir, 0xd0d1d2d3d4d5d6d7);
+	id = ike_sa_id_create(IKEV2, spii, spir, FALSE);
+	m->set_ike_sa_id(m, id);
+	id->destroy(id);
+	m->set_source(m, host_create_from_string("1.2.3.4", 4500));
+	m->set_destination(m, host_create_from_string("4.3.2.1", 4500));
+	m->set_message_id(m, 9);
+	m->add_notify(m, TRUE, SET_WINDOW_SIZE, chunk_from_thing(window));
+
+	aead = lib->crypto->create_aead(lib->crypto, ENCR_CHACHA20_POLY1305, 32, 4);
+	ck_assert(aead);
+	ck_assert(aead->set_key(aead, chunk_from_chars(
+									0x80,0x81,0x82,0x83,0x84,0x85,0x86,0x87,
+									0x88,0x89,0x8a,0x8b,0x8c,0x8d,0x8e,0x8f,
+									0x90,0x91,0x92,0x93,0x94,0x95,0x96,0x97,
+									0x98,0x99,0x9a,0x9b,0x9c,0x9d,0x9e,0x9f,
+									0xa0,0xa1,0xa2,0xa3)));
+	INIT(ivgen,
+		.get_iv = _get_iv,
+		.allocate_iv = _allocate_iv,
+		.destroy = (void*)free,
+	);
+	aead->get_iv_gen = _get_iv_gen,
+
+	ck_assert(m->generate(m, &keymat, NULL) == SUCCESS);
+	chunk = m->get_packet_data(m);
+	exp = chunk_from_chars(0xc0,0xc1,0xc2,0xc3,0xc4,0xc5,0xc6,0xc7,
+						   0xd0,0xd1,0xd2,0xd3,0xd4,0xd5,0xd6,0xd7,
+						   0x2e,0x20,0x25,0x00,0x00,0x00,0x00,0x09,
+						   0x00,0x00,0x00,0x45,0x29,0x00,0x00,0x29,
+						   0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,
+						   0x61,0x03,0x94,0x70,0x1f,0x8d,0x01,0x7f,
+						   0x7c,0x12,0x92,0x48,0x89,0x6b,0x71,0xbf,
+						   0xe2,0x52,0x36,0xef,0xd7,0xcd,0xc6,0x70,
+						   0x66,0x90,0x63,0x15,0xb2);
+	ck_assert_msg(chunk_equals(chunk, exp), "got %B\nexp %B", &chunk, &exp);
+	ivgen->destroy(ivgen);
+	aead->destroy(aead);
+	m->destroy(m);
+}
+END_TEST
+
+Suite *message_chapoly_suite_create()
+{
+	Suite *s;
+	TCase *tc;
+
+	s = suite_create("chapoly");
+
+	tc = tcase_create("ChaCha20Poly1305 IKEv2 encryption");
+	tcase_add_test(tc, test_chacha20poly1305);
+	suite_add_tcase(s, tc);
+
+	return s;
+}