Loading ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_CommonRfcs_Functions.ttcn +235 −20 Original line number Diff line number Diff line Loading @@ -707,14 +707,12 @@ group ipSecFns { spiResponder := PX_IKE_SPI, messageID := 0, ikeEncryptionAlgo := PX_IKE_ENCALGO, //ikeEncryptionKey := PX_IKE_ENC_KEY, ikeEncrKeyLen := omit, ikeIv := omit, ikeEncrBlockSize := 0, ikePseudoRandomFunction := PX_IKE_PSEUDORANDOM_FCT, prfKeyLen := omit, ikeIntegrityAlgo := PX_IKE_INTALGO, //ikeIntegrityKey := PX_IKE_INT_KEY, ikeIntegrKeyLen := omit, ikeIntegrBlockSize := 0, ikeIcvLen := f_getIcvLen(PX_IKE_INTALGO), Loading Loading @@ -762,9 +760,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading Loading @@ -792,9 +787,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading Loading @@ -823,9 +815,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading Loading @@ -854,9 +843,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading Loading @@ -885,9 +871,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading Loading @@ -916,9 +899,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading @@ -929,6 +909,241 @@ group ipSecFns { }//end f_init_ipSecParams //same as f_init_ipSecParams bu twith more paramsters that allow control of IKE process function f_init_ipSecParams_params( IpSecControl p_ipSecControl, IpSecProtocolMode p_ipSecProtocolMode ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret := e_success; var octetstring v_espIv := '00'O; var UInt8 v_espEncrBlockSize := 0; var UInt8 v_espIntegrBlockSize := 0; if (p_ipSecControl == e_manualSecParamsSetup ) { //ESP - AH if( f_checkEncryptionKeyLen(PX_ENCRYPTION_ALGO,lengthof(PX_ESP_ENCR_KEY)) != true) { log("**** f_init_ipSecParams: ERROR: Incorrect key length for the selected encryption algorithm " & int2str(lengthof(PX_ESP_ENCR_KEY)) & " ****"); return e_error; } if( f_checkIntegrityKeyLen(PX_INTEGRITY_ALGO, lengthof(PX_INTEGRITY_KEY)) != true) { log("**** f_init_ipSecParams: ERROR: Incorrect key length for the selected integrity algorithm ****"); return e_error; } } else { vc_ikeSad[0] := { spiInitiator := PX_IKE_SPI, spiResponder := PX_IKE_SPI, messageID := 0, ikeEncryptionAlgo := PX_IKE_ENCALGO, ikeEncrKeyLen := omit, ikeIv := omit, ikeEncrBlockSize := 0, ikePseudoRandomFunction := PX_IKE_PSEUDORANDOM_FCT, prfKeyLen := omit, ikeIntegrityAlgo := PX_IKE_INTALGO, ikeIntegrKeyLen := omit, ikeIntegrBlockSize := 0, ikeIcvLen := f_getIcvLen(PX_IKE_INTALGO), diffieHellmanGroup := PX_IKE_DIFFIEHELLMAN_GROUP, diffieHellmanPrivKey := PX_IKE_DIFFIEHELLMAN_PRIVKEY, diffieHellmanSharedSecret := '00'O, sevenSecrets := omit, nI := int2oct(float2int(int2float(20000-5000)*rnd())+5000, 16), nR := int2oct(float2int(int2float(20000-5000)*rnd())+5000, 16), proposalNr := 1,//smu not needed anymore delete udpTnPort := PX_UDP_PORT_IUT_1, udpIutPort := PX_UDP_PORT_HS02, iDi := PX_IDENTIFICATION_DATA, iDr := PX_IDENTIFICATION_DATA, ikev2Header := omit, ikePayloadList := omit } } v_espIv := f_getIv(PX_ENCRYPTION_ALGO); v_espEncrBlockSize := f_getEncrBlockSize(PX_ENCRYPTION_ALGO); v_espIntegrBlockSize := f_getIntegrBlockSize(PX_INTEGRITY_ALGO); //TODO v_ahIntegrBlockSize // SAD for ESP and AH Tests vc_sad[c_saIni] := { spi := PX_SPI/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } vc_sad[c_saRes] := { spi := PX_SPI/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } // SAD-OUT vc_sad[c_saRrpOut] := { spi := c_saRrpOut/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } // SAD-IN vc_sad[c_saRrpIn] := { spi := c_saRrpIn/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } // SAD-OUT vc_sad[c_saCnOut] := { spi := c_saCnOut/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } // SAD-IN vc_sad[c_saCnIn] := { spi := c_saCnIn/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } return v_ret; }//end f_init_ipSecParams_params function f_getLenSaProposalList(in template SaProposalList p_saProposalList) return UInt8 { var UInt8 v_len := 0; Loading ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_ModuleParameters.ttcn +0 −15 Original line number Diff line number Diff line Loading @@ -51,11 +51,6 @@ module LibIpv6_ModuleParameters { */ modulepar { IntegrityAlgo PX_INTEGRITY_ALGO := e_auth_hmacSha1_96 } /* * @desc Which Algo mode shall be used for Integrity in vc_sad[c_saRes]? */ // modulepar { CombinedModeAlgo PX_COMBINED_MODE_ALGO := e_null } /* * @desc Which SPI shall be used for testing? */ Loading @@ -76,11 +71,6 @@ module LibIpv6_ModuleParameters { */ modulepar {octetstring PX_ESP_ENCR_KEY := 'A1A2A3A4'O} /* * @desc Key for combined mode in vc_sad[c_saRes] */ // modulepar {octetstring PX_COMBINED_MODE_KEY := 'B1B2B3B4'O} group ikeSecurity { /* Loading @@ -98,8 +88,6 @@ module LibIpv6_ModuleParameters { */ modulepar {EncryptionAlgo PX_IKE_ENCALGO := e_encr_3Des} // modulepar {octetstring PX_IKE_ENC_KEY := '010203040506'O} /* * @desc Which pseudo random function shall be used for testing IKE? */ Loading @@ -110,8 +98,6 @@ module LibIpv6_ModuleParameters { */ modulepar {IntegrityAlgo PX_IKE_INTALGO := e_auth_hmacMd5_96} // modulepar {octetstring PX_IKE_INT_KEY := '010203040506'O} /* * @desc Which Diffie-Hellman group shall be used for testing IKE? */ Loading @@ -122,7 +108,6 @@ module LibIpv6_ModuleParameters { */ modulepar {octetstring PX_IKE_DIFFIEHELLMAN_PRIVKEY := '0123456789ABCDEF'O} /* * @desc Are Sec Params configured manually or is IKE used to setup Sec Params? */ Loading ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_TypesAndValues.ttcn +1 −34 Original line number Diff line number Diff line Loading @@ -970,37 +970,6 @@ variant "use=com.testingtech.ttcn.tci.LibIpv6_Interface_TypesAndValues.*;"; } // type enumerated EncryptionAlgo { // e_null(0), // e_tripleDes_cbc(1),//iv needed // e_aes_cbc(2),//iv needed // e_aes_ctr(3),//iv needed // e_des_cbc(4)//iv needed // } // with { // variant "use=com.testingtech.ttcn.tci.LibIpv6_Interface_TypesAndValues.*;"; // } // type enumerated IntegrityAlgo { // e_null(0), // e_hmac_sha1_96(1),//RFC4305 // //not yet implemented e_aes_xcbc_mac_96(2),//RFC4305 // e_hmac_md5_96(3),//RFC4305 // e_sha1(4),//used in MIPv6 5.2.5 to calculate KBM // e_sha1_96(5),//used in MIPv6 5.2.5 to calculate KBM // e_hmac_sha1_64(6)//used in MIPv6 5.2.5 to calculate HomeKeyGenToken // } // with { // variant "use=com.testingtech.ttcn.tci.LibIpv6_Interface_TypesAndValues.*;"; // } type enumerated CombinedModeAlgo { e_null(0) } with { variant "use=com.testingtech.ttcn.tci.LibIpv6_Interface_TypesAndValues.*;"; } type enumerated IpSecProtocolMode { e_transportMode (0), e_tunnelMode (1) Loading Loading @@ -1051,8 +1020,6 @@ UInt16 espIntegrKeyLen optional, UInt8 espIntegrBlockSize, UInt8 espIcvLen, //CombinedModeAlgo espCombinedModeAlgo, //octetstring espCombinedModeKey, IpSecProtocolMode ipSecProtocolMode, ExtentedSequenceNumbers extentedSequenceNumbers, TsTrafficSelector trafficSelector optional Loading Loading
ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_CommonRfcs_Functions.ttcn +235 −20 Original line number Diff line number Diff line Loading @@ -707,14 +707,12 @@ group ipSecFns { spiResponder := PX_IKE_SPI, messageID := 0, ikeEncryptionAlgo := PX_IKE_ENCALGO, //ikeEncryptionKey := PX_IKE_ENC_KEY, ikeEncrKeyLen := omit, ikeIv := omit, ikeEncrBlockSize := 0, ikePseudoRandomFunction := PX_IKE_PSEUDORANDOM_FCT, prfKeyLen := omit, ikeIntegrityAlgo := PX_IKE_INTALGO, //ikeIntegrityKey := PX_IKE_INT_KEY, ikeIntegrKeyLen := omit, ikeIntegrBlockSize := 0, ikeIcvLen := f_getIcvLen(PX_IKE_INTALGO), Loading Loading @@ -762,9 +760,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading Loading @@ -792,9 +787,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading Loading @@ -823,9 +815,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading Loading @@ -854,9 +843,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading Loading @@ -885,9 +871,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading Loading @@ -916,9 +899,6 @@ group ipSecFns { espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, // Protocol mode ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE, extentedSequenceNumbers := e_extentedSequenceNumbersNo, Loading @@ -929,6 +909,241 @@ group ipSecFns { }//end f_init_ipSecParams //same as f_init_ipSecParams bu twith more paramsters that allow control of IKE process function f_init_ipSecParams_params( IpSecControl p_ipSecControl, IpSecProtocolMode p_ipSecProtocolMode ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret := e_success; var octetstring v_espIv := '00'O; var UInt8 v_espEncrBlockSize := 0; var UInt8 v_espIntegrBlockSize := 0; if (p_ipSecControl == e_manualSecParamsSetup ) { //ESP - AH if( f_checkEncryptionKeyLen(PX_ENCRYPTION_ALGO,lengthof(PX_ESP_ENCR_KEY)) != true) { log("**** f_init_ipSecParams: ERROR: Incorrect key length for the selected encryption algorithm " & int2str(lengthof(PX_ESP_ENCR_KEY)) & " ****"); return e_error; } if( f_checkIntegrityKeyLen(PX_INTEGRITY_ALGO, lengthof(PX_INTEGRITY_KEY)) != true) { log("**** f_init_ipSecParams: ERROR: Incorrect key length for the selected integrity algorithm ****"); return e_error; } } else { vc_ikeSad[0] := { spiInitiator := PX_IKE_SPI, spiResponder := PX_IKE_SPI, messageID := 0, ikeEncryptionAlgo := PX_IKE_ENCALGO, ikeEncrKeyLen := omit, ikeIv := omit, ikeEncrBlockSize := 0, ikePseudoRandomFunction := PX_IKE_PSEUDORANDOM_FCT, prfKeyLen := omit, ikeIntegrityAlgo := PX_IKE_INTALGO, ikeIntegrKeyLen := omit, ikeIntegrBlockSize := 0, ikeIcvLen := f_getIcvLen(PX_IKE_INTALGO), diffieHellmanGroup := PX_IKE_DIFFIEHELLMAN_GROUP, diffieHellmanPrivKey := PX_IKE_DIFFIEHELLMAN_PRIVKEY, diffieHellmanSharedSecret := '00'O, sevenSecrets := omit, nI := int2oct(float2int(int2float(20000-5000)*rnd())+5000, 16), nR := int2oct(float2int(int2float(20000-5000)*rnd())+5000, 16), proposalNr := 1,//smu not needed anymore delete udpTnPort := PX_UDP_PORT_IUT_1, udpIutPort := PX_UDP_PORT_HS02, iDi := PX_IDENTIFICATION_DATA, iDr := PX_IDENTIFICATION_DATA, ikev2Header := omit, ikePayloadList := omit } } v_espIv := f_getIv(PX_ENCRYPTION_ALGO); v_espEncrBlockSize := f_getEncrBlockSize(PX_ENCRYPTION_ALGO); v_espIntegrBlockSize := f_getIntegrBlockSize(PX_INTEGRITY_ALGO); //TODO v_ahIntegrBlockSize // SAD for ESP and AH Tests vc_sad[c_saIni] := { spi := PX_SPI/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } vc_sad[c_saRes] := { spi := PX_SPI/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } // SAD-OUT vc_sad[c_saRrpOut] := { spi := c_saRrpOut/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } // SAD-IN vc_sad[c_saRrpIn] := { spi := c_saRrpIn/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } // SAD-OUT vc_sad[c_saCnOut] := { spi := c_saCnOut/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } // SAD-IN vc_sad[c_saCnIn] := { spi := c_saCnIn/*f_createSpi()*/, seqNr := c_uInt32Zero, // AH Integrity ahIntegrityAlgo := PX_INTEGRITY_ALGO, ahIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, ahIntegrKeyLen := omit, ahIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), ahIcvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO), // ESP encryption espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, espIcvLen := f_getIcvLen(PX_INTEGRITY_ALGO), // Protocol mode ipSecProtocolMode := p_ipSecProtocolMode, extentedSequenceNumbers := e_extentedSequenceNumbersNo, trafficSelector:= omit } return v_ret; }//end f_init_ipSecParams_params function f_getLenSaProposalList(in template SaProposalList p_saProposalList) return UInt8 { var UInt8 v_len := 0; Loading
ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_ModuleParameters.ttcn +0 −15 Original line number Diff line number Diff line Loading @@ -51,11 +51,6 @@ module LibIpv6_ModuleParameters { */ modulepar { IntegrityAlgo PX_INTEGRITY_ALGO := e_auth_hmacSha1_96 } /* * @desc Which Algo mode shall be used for Integrity in vc_sad[c_saRes]? */ // modulepar { CombinedModeAlgo PX_COMBINED_MODE_ALGO := e_null } /* * @desc Which SPI shall be used for testing? */ Loading @@ -76,11 +71,6 @@ module LibIpv6_ModuleParameters { */ modulepar {octetstring PX_ESP_ENCR_KEY := 'A1A2A3A4'O} /* * @desc Key for combined mode in vc_sad[c_saRes] */ // modulepar {octetstring PX_COMBINED_MODE_KEY := 'B1B2B3B4'O} group ikeSecurity { /* Loading @@ -98,8 +88,6 @@ module LibIpv6_ModuleParameters { */ modulepar {EncryptionAlgo PX_IKE_ENCALGO := e_encr_3Des} // modulepar {octetstring PX_IKE_ENC_KEY := '010203040506'O} /* * @desc Which pseudo random function shall be used for testing IKE? */ Loading @@ -110,8 +98,6 @@ module LibIpv6_ModuleParameters { */ modulepar {IntegrityAlgo PX_IKE_INTALGO := e_auth_hmacMd5_96} // modulepar {octetstring PX_IKE_INT_KEY := '010203040506'O} /* * @desc Which Diffie-Hellman group shall be used for testing IKE? */ Loading @@ -122,7 +108,6 @@ module LibIpv6_ModuleParameters { */ modulepar {octetstring PX_IKE_DIFFIEHELLMAN_PRIVKEY := '0123456789ABCDEF'O} /* * @desc Are Sec Params configured manually or is IKE used to setup Sec Params? */ Loading
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_TypesAndValues.ttcn +1 −34 Original line number Diff line number Diff line Loading @@ -970,37 +970,6 @@ variant "use=com.testingtech.ttcn.tci.LibIpv6_Interface_TypesAndValues.*;"; } // type enumerated EncryptionAlgo { // e_null(0), // e_tripleDes_cbc(1),//iv needed // e_aes_cbc(2),//iv needed // e_aes_ctr(3),//iv needed // e_des_cbc(4)//iv needed // } // with { // variant "use=com.testingtech.ttcn.tci.LibIpv6_Interface_TypesAndValues.*;"; // } // type enumerated IntegrityAlgo { // e_null(0), // e_hmac_sha1_96(1),//RFC4305 // //not yet implemented e_aes_xcbc_mac_96(2),//RFC4305 // e_hmac_md5_96(3),//RFC4305 // e_sha1(4),//used in MIPv6 5.2.5 to calculate KBM // e_sha1_96(5),//used in MIPv6 5.2.5 to calculate KBM // e_hmac_sha1_64(6)//used in MIPv6 5.2.5 to calculate HomeKeyGenToken // } // with { // variant "use=com.testingtech.ttcn.tci.LibIpv6_Interface_TypesAndValues.*;"; // } type enumerated CombinedModeAlgo { e_null(0) } with { variant "use=com.testingtech.ttcn.tci.LibIpv6_Interface_TypesAndValues.*;"; } type enumerated IpSecProtocolMode { e_transportMode (0), e_tunnelMode (1) Loading Loading @@ -1051,8 +1020,6 @@ UInt16 espIntegrKeyLen optional, UInt8 espIntegrBlockSize, UInt8 espIcvLen, //CombinedModeAlgo espCombinedModeAlgo, //octetstring espCombinedModeKey, IpSecProtocolMode ipSecProtocolMode, ExtentedSequenceNumbers extentedSequenceNumbers, TsTrafficSelector trafficSelector optional Loading
