openssl plugin 3des routine iv_len fix

Since 3DES has 8 bytes of initialization vector and
code contains hardcode for 16 bytes, check added to
determine if crypto algorythm is 3DES_CBC and set
corresponding iv_len param

Change-Id: Iac50c8a8241e321e3b4d576c88f2496852bd905c
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>

src/plugins/crypto_openssl/main.c

@@ -70,9 +70,15 @@ openssl_ops_enc_cbc (vlib_main_t * vm, vnet_crypto_op_t * ops[], u32 n_ops,
       vnet_crypto_op_t *op = ops[i];
       vnet_crypto_key_t *key = vnet_crypto_get_key (op->key_index);
       int out_len;
+      int iv_len;
+
+      if (op->op == VNET_CRYPTO_OP_3DES_CBC_ENC)
+	iv_len = 8;
+      else
+	iv_len = 16;
 
       if (op->flags & VNET_CRYPTO_OP_FLAG_INIT_IV)
-	RAND_bytes (op->iv, 16);
+	RAND_bytes (op->iv, iv_len);
 
       EVP_EncryptInit_ex (ctx, cipher, NULL, key->data, op->iv);
       EVP_EncryptUpdate (ctx, op->dst, &out_len, op->src, op->len);

test/test_ipsec_esp.py

@@ -363,7 +363,7 @@ class TestIpsecEspAll(ConfigIpsecESP,
         super(TestIpsecEspAll, self).tearDown()
 
     def test_crypto_algs(self):
-        """All engines AES-[CBC, GCM]-[128, 192, 256] w/ & w/o ESN"""
+        """All engines AES-[CBC, GCM]-[128, 192, 256] 3DES-CBC w/ & w/o ESN"""
 
         # foreach VPP crypto engine
         engines = ["ia32", "ipsecmb", "openssl"]
@@ -416,7 +416,15 @@ class TestIpsecEspAll(ConfigIpsecESP,
                   'scapy-crypto': "AES-CBC",
                   'scapy-integ': "HMAC-SHA1-96",
                   'salt': 0,
-                  'key': "JPjyOWBeVEQiMe7hJPjyOWBeVEQiMe7h"}]
+                  'key': "JPjyOWBeVEQiMe7hJPjyOWBeVEQiMe7h"},
+                 {'vpp-crypto': (VppEnum.vl_api_ipsec_crypto_alg_t.
+                                 IPSEC_API_CRYPTO_ALG_3DES_CBC),
+                  'vpp-integ': (VppEnum.vl_api_ipsec_integ_alg_t.
+                                IPSEC_API_INTEG_ALG_SHA1_96),
+                  'scapy-crypto': "3DES",
+                  'scapy-integ': "HMAC-SHA1-96",
+                  'salt': 0,
+                  'key': "JPjyOWBeVEQiMe7h00112233"}]
 
         # with and without ESN
         flags = [0,