IPSec Test Concept DONE

											out IntegrityResult p_integrityResult) 

	return FncRetCode;

	/* @desc 	This external function computes the Authenticator for 

	 *          return routability procedure

	 *			The Ipv6Packet shall be used excluding the Authenticator field itself.

	 * @param 	p_careOfAddr Care-of address

	 * @param 	p_cnAddr Address of the correspondant

	 * @param 	p_ipv6Packet Ipv6 Packet

	 * @param 	p_kbm Binding management key

	 * @return 	Authenticator

	/* @desc 	This external function runs the MipHeader through Codec and returns 

	 *			the octetstring representing the MipHeader

	 *			

	 * @param 	p_mipHeader MIp Header to be encoded to octetstring

	 * @return 	octetstring

	*/

	external function fx_bindingAuthenticator(in Ipv6Address p_careOfAddr, 

											  in Ipv6Address p_cnAddr,

											  in Ipv6Packet p_ipv6Packet,

											  in Oct20 p_kbm)

	external function fx_mipHdrToOct(MipHeader p_mipHeader)

	return octetstring;

	/* @desc 	This external function computes Integrity Check Value

		//else if (ischosen(p_mipHeader.mipMessage.careOfTest) and (PX_TEST_IPSEC == true)) {

		//TODO

		//}

		if (ischosen(p_mipHeader.mipMessage.bindingUpdate)) {

		if (ischosen(p_mipHeader.mipMessage.bindingUpdate)) {//Authorization data is only needed for BU sent to CN=IUT

			var UInt8 v_position := 0;

			if (f_isPresentBindingAuthorizationDataOption(p_mipHeader.mipMessage.bindingUpdate, v_position) == e_success) {

				var Oct20 v_bindingAuthenticator := fx_bindingAuthenticator(	  p_srcAddr,//careOfaddr 

																				  p_dstAddr,//cnAddr

																				  p_ipv6Packet,

																				  vc_mipSec.mnSimuParams.kbm) ;

			//Concept of including bindingAuthentication

			// specifiy on template level all options

			// 1) if authenticator == c_20ZeroBytes then value is calculated in f_setMipHeader

			// 2) if authenticator != c_20ZeroBytes then no value is calculated in f_setMipHeader,

			//     because it's assumed that the correct value was set on template level

			// 3) same applies to nonceIndex etc

			if (f_isPresentNonceIndices(p_mipHeader.mipMessage.bindingUpdate, v_position) == e_success

				and vc_mipSec.mnSimuParams.receivedHomeNonceIndex != c_uInt16Zero

				and vc_mipSec.mnSimuParams.receivedCareOfNonceIndex != c_uInt16Zero) {

					p_mipHeader.mipMessage.bindingUpdate.mipOptions[v_position].mipOptNonceIndices.homeNonceIndex

					:= vc_mipSec.mnSimuParams.receivedHomeNonceIndex;

					p_mipHeader.mipMessage.bindingUpdate.mipOptions[v_position].mipOptNonceIndices.careOfNonceIndex

					:= vc_mipSec.mnSimuParams.receivedCareOfNonceIndex;

			}

			else {

				log("f_setMipHeader: Error: NonceIndices included in Binding Update, but mnSimuParams.receivedCareOfNonceIndex/receivedHomeNonceIndex not initialized");

				return e_error;	

			}

			if (f_isPresentBindingAuthorizationDataOption(p_mipHeader.mipMessage.bindingUpdate, v_position) == e_success

				and vc_mipSec.mnSimuParams.receivedHomeKeygenToken != c_64ZeroBits

				and vc_mipSec.mnSimuParams.receivedCareOfKeygenToken != c_64ZeroBits) {

					vc_mipSec.mnSimuParams.kbm := fx_integrity(		e_sha1_96, c_1ZeroByte,

																	bit2oct(vc_mipSec.mnSimuParams.receivedHomeKeygenToken)

																	& bit2oct(vc_mipSec.mnSimuParams.receivedCareOfKeygenToken));

					var Oct20 v_bindingAuthenticator := fx_integrity(	e_hmac_sha1_96, vc_mipSec.mnSimuParams.kbm,

																		p_srcAddr//careOfaddr 

																		& p_dstAddr//cnAddr

																		& fx_mipHdrToOct(p_mipHeader) );

					p_mipHeader.mipMessage.bindingUpdate.mipOptions[v_position].mipBindingAuthorizationData := {

							mipOptType := 5,

							mipOptLen := lengthof(v_bindingAuthenticator),

							authenticator := v_bindingAuthenticator

					}

			}

			else {

				log("f_setMipHeader: Error: BindingAuthorizationDataOption included in Binding Update, but receivedHomeKeygenToken/receivedCareOfKeygenToken not initialized");

				return e_error;	

			}

		}

	//	else if (ischosen(p_mipHeader.mipMessage.bindingAck) and (PX_TEST_IPSEC == true)) {

		//TODO

	}

		/*

	 * @desc 	This goes through the BindingUpdate and

	 *			checks if a NonceIndicesOption is present.

	 * @param 	p_bindingUpdate Binding Update to be treated

	 * @param 	v_position Position of the NonceIndicesOption in the MipOptionList

	 * @return 	execution status 

	*/

	function f_isPresentNonceIndices(	in BindingUpdate p_bindingUpdate,

														inout UInt8 v_position)

	runs on LibIpv6Node

	return FncRetCode {

		var FncRetCode v_ret := e_error;

		var UInt8 i;

		//select ext hdrs that need special calculation

		for (i:=0; i<sizeof(p_bindingUpdate.mipOptions) and (v_ret != e_success); i:=i+1) {

			if (ischosen(p_bindingUpdate.mipOptions[i].mipOptNonceIndices)) {

					v_position := i;

					v_ret := e_success;

				}

		}

		return v_ret;

	}//end function f_isPresentNonceIndices

	/*

	 * @desc 	This goes through the BindingUpdate and

	 *			checks if a AuthorizationDataOption is present.

		/*

		 *	@param  p_extHdr1 First element in extension header

		 *	@param  p_extHdr2 Second element in extension header

		 *	@param  p_extHdr3 Second element in extension header		 

		 *	@param  p_extHdr3 Third element in extension header		 

		*/

		template ExtensionHeaderList m_extHdrList_3Elem ( template ExtensionHeader p_extHdr1,

			template ExtensionHeader p_extHdr2,

			p_extHdr3

		}

		/*

		 *	@param  p_extHdr1 First element in extension header

		 *	@param  p_extHdr2 Second element in extension header

		 *	@param  p_extHdr3 Third element in extension header

		 *	@param  p_extHdr4 Fourth element in extension header		 

		*/

		template ExtensionHeaderList m_extHdrList_4Elem ( template ExtensionHeader p_extHdr1,

			template ExtensionHeader p_extHdr2,

			template ExtensionHeader p_extHdr3,

			template ExtensionHeader p_extHdr4 ) := {

			p_extHdr1,

			p_extHdr2,

			p_extHdr3,

			p_extHdr4

		}

		}//end group extensionHeaderListTemplates

		group dstOptHeaderTemplates {

	group mobilityOptTemplates {

		/*

		 *	@param  p_dstOpt First element in the Destination option list

		 *	@param  p_mipOpt First element in the MipOption list

		*/

		template MipOptionList m_mipOptList_1Elem ( template MipOption p_mipOpt ) := {

			p_mipOpt

		}

		/*

		 *	@param  p_dstOpt First element in the Destination option list

		 *	@param  p_mipOpt1 First element in the MipOption list

		 *	@param  p_mipOpt2 2nd element in the MipOption list

		*/

		template MipOptionList m_mipOptList_2Elem ( template MipOption p_mipOpt1, template MipOption p_mipOpt2 ) := {

			p_mipOpt1, p_mipOpt2

		}

		/*

		 *	@param  p_mipOpt1 1st element in the MipOption list

		 *	@param  p_mipOpt2 2nd element in the MipOption list

		 *	@param  p_mipOpt3 3rd element in the MipOption list

		 *	@param  p_mipOpt4 4th element in the MipOption list

		*/

		template MipOptionList m_mipOptList_4Elem (

			template MipOption p_mipOpt1, template MipOption p_mipOpt2,

			template MipOption p_mipOpt3, template MipOption p_mipOpt4) := {

			p_mipOpt1, p_mipOpt2,

			p_mipOpt3, p_mipOpt4

		}

		template MipOption m_mipOpt_padN(template OptPadN p_optPadN) := {

			optPadN := p_optPadN

		}

			mipOptAltCoA := p_mipOptAltCoA

		}

		template MipOption m_mipOpt_nonceIndices(template MipOptNonceIndices p_mipOptNonceIndices) := {

			mipOptNonceIndices := p_mipOptNonceIndices

		}

		template MipOption m_mipOpt_bindingAuth(template MipBindingAuthorizationData p_mipBindingAuthorizationData) := {

			mipBindingAuthorizationData := p_mipBindingAuthorizationData

		}

		template MipBindingAuthorizationData m_bindingAuthData(octetstring p_authenticator) := {

			mipOptType := 5,

			mipOptLen := lengthof(p_authenticator),

			authenticator := p_authenticator

		}

		template MipBindingAuthorizationData m_bindingAuthData_dummy := {

			mipOptType := 5,

			mipOptLen := 0,

			authenticator := omit//value is set in f_setExtensionHeader

		}

		template MipOptNonceIndices m_mipOptNonceIndices_dummy := {

			mipOptType := 4,

			mipOptLen := 4,

			homeNonceIndex := c_uInt16Zero,//value is set in f_setExtensionHeader

			careOfNonceIndex := c_uInt16Zero//value is set in f_setExtensionHeader

		}

		template MipOptNonceIndices m_mipOptNonceIndices(

			UInt16 p_homeNonceIndex,

			UInt16 p_careOfNonceIndex) := {

			mipOptType := 4,

			mipOptLen := 4,

			homeNonceIndex := p_homeNonceIndex,

			careOfNonceIndex := p_careOfNonceIndex

		}

		template MipOptAltCoA m_altCoA(in template Ipv6Address p_addr) := {

			mipOptType :=3,

			mipOptLen := 16,

		type record MipBindingAuthorizationData {

			UInt8	mipOptType (5),

			UInt8	mipOptLen,

			octetstring	authenticator 

			octetstring	authenticator optional//so that it can be omiited when creating mobility data

		}

		with {

			encode "present=bytes(0,1,5);";

																								c_lFlag0,

																								c_kFlag0,

																								p_timeUnits,

																								m_mipOptList_2Elem(

																									m_mipOpt_padN(m_optPad2),//??

																									m_mipOpt_altCoa(m_altCoA(p_mnCoaTn))//,

																									//m_mipOpt_bindingAuth

																									))))));

																								m_mipOptList_4Elem(

																									m_mipOpt_padN(m_optPad2),

																									m_mipOpt_altCoa(m_altCoA(p_mnCoaTn)),

																									m_mipOpt_nonceIndices(m_mipOptNonceIndices_dummy), //TODO validate byte boundary. padding should not be needed here

																									m_mipOpt_bindingAuth(m_bindingAuthData_dummy)))))));

		if ( v_ret != e_success ) {return v_ret;}

		tc_ac.start;

		alt {

													mw_extHdr_mipHeader (	c_noNextHdr,

																			c_bindingAck,

																			mw_bindingAck(p_seqNr))))) {

					//TODO check on authenticator

					tc_ac.stop;	

					v_ret := e_success ;

				}