Loading ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_CommonRfcs_Functions.ttcn +3 −3 Original line number Diff line number Diff line Loading @@ -349,7 +349,7 @@ group ipSecFns { } //in units of octets function f_getIntegrKeyLen( in template IntegrityAlgo p_integrityAlgo) function f_getIntegrKeyLen( in IntegrityAlgo p_integrityAlgo) return UInt8 { if(p_integrityAlgo == e_auth_hmacMd5_96){ Loading Loading @@ -553,7 +553,7 @@ group ipSecFns { } //in units of octets function f_getIntegrBlockSize(in template IntegrityAlgo p_integrityAlgo) function f_getIntegrBlockSize(in IntegrityAlgo p_integrityAlgo) runs on LibIpv6Node return UInt8 { Loading ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Functions.ttcn +98 −19 Original line number Diff line number Diff line Loading @@ -1291,8 +1291,8 @@ group sendRequests { m_ikeSaInitReq ( p_addrTn, p_addrIut, PX_UDP_PORT_HS02, PX_UDP_PORT_IUT_1, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].spiInitiator, c_saPL, vc_ikeSad[0].messageID, Loading Loading @@ -1353,7 +1353,6 @@ group sendRequests { runs on LibIpv6Node return FncRetCode { var IkeSaInitRequest v_ipPkt := valueof(p_ikeSaInitRequest); var FncRetCode v_ret := e_error; if(f_setExtensionHeaders(v_ipPkt) != e_success) { log(" **** f_sendIkeSaInitReq: Error when calculating length ****"); Loading Loading @@ -1477,8 +1476,8 @@ group sendRequests { m_ikeAuthReq ( p_addrTn, p_addrIut, PX_UDP_PORT_HS02, PX_UDP_PORT_IUT_1, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, c_encryptedPL, Loading Loading @@ -1537,8 +1536,8 @@ group sendRequests { m_ikeAuthReq ( p_addrTn, p_addrIut, PX_UDP_PORT_HS02, PX_UDP_PORT_IUT_1, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, c_encryptedPL, Loading Loading @@ -1593,7 +1592,6 @@ group sendRequests { return FncRetCode { var IkeAuthRequest v_ipPkt; v_ipPkt := valueof(p_ikeAuthRequest); var FncRetCode v_ret := e_error; if(f_setExtensionHeaders(v_ipPkt) != e_success) { log(" **** f_sendIkeAuthReq: Error when calculating length ****"); Loading @@ -1611,6 +1609,62 @@ group sendRequests { return e_success; } // end f_sendIkeAuthReq function f_createAndSendInfoReq( template Ipv6Address p_addrTn, template Ipv6Address p_addrIut, UInt1 p_iFlag, template IkePayload p_payload ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret := e_success; v_ret := f_sendIkeInfoReq ( m_ikeInfoReq ( p_addrTn, p_addrIut, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, p_iFlag, c_encryptedPL, vc_ikeSad[0].messageID, m_ikePlList_1Elem( m_encryptedPL( c_deletePL, m_ikePlList_1Elem(p_payload) ) ) ) ); return v_ret ; } // end f_createAndSendInfoReq function f_sendIkeInfoReq(in template InformationalRequest p_ikeInfoRequest) runs on LibIpv6Node return FncRetCode { var InformationalRequest v_ipPkt; v_ipPkt := valueof(p_ikeInfoRequest); if(f_setExtensionHeaders(v_ipPkt) != e_success) { log(" **** f_sendIkeInfoReq: Error when calculating length ****"); return e_error; } // fill padding field with '00000000'O for UDP port 4500 if(vc_ikeSad[0].udpTnPort == c_udpPort4500) { v_ipPkt.ipv6Payload.ikeMsg.padding := c_4ZeroBytes; } //send ipPort.send(v_ipPkt); return e_success; } // end f_sendIkeInfoReq } // end group sendRequests group sendResponses { Loading Loading @@ -1646,8 +1700,8 @@ group sendResponses { m_ikeSaInitRsp ( p_addrTn, p_addrIut, PX_UDP_PORT_HS02, PX_UDP_PORT_IUT_1, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, c_saPL, Loading Loading @@ -1834,8 +1888,8 @@ group sendResponses { m_ikeAuthRsp ( p_addrIut, p_addrTn, PX_UDP_PORT_IUT_1, PX_UDP_PORT_HS02, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, c_encryptedPL, Loading Loading @@ -1884,8 +1938,8 @@ group sendResponses { m_ikeAuthRsp ( p_addrIut, p_addrTn, PX_UDP_PORT_IUT_1, PX_UDP_PORT_HS02, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, c_encryptedPL, Loading Loading @@ -1957,7 +2011,7 @@ group establishSAFns_active { ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret := e_error; var FncRetCode v_ret := e_success; v_ret := f_createAndSendSaInitReq( p_addrTn, Loading Loading @@ -1995,7 +2049,7 @@ group establishSAFns_active { in UInt8 p_protocolId ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret; var FncRetCode v_ret := e_success; if ((p_protocolId != c_protocolEsp) and (p_protocolId != c_protocolAh)) { log("**** f_sndAuthReqAndWaitForRsp: ERROR: Invalid protocol Id, only ESP and AH allowed here !**** "); Loading Loading @@ -2055,7 +2109,7 @@ group establishSAFns_passive { ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret; var FncRetCode v_ret := e_success; v_ret := f_waitForIkeSaInitReq(p_addrIut,p_addrTn); if(v_ret != e_success) { return v_ret;} Loading Loading @@ -2095,7 +2149,7 @@ group establishSAFns_passive { ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret; var FncRetCode v_ret := e_success; var UInt8 v_protocolId; v_ret := f_waitForIkeAuthReq(p_addrIut,p_addrTn,v_protocolId); Loading Loading @@ -2154,4 +2208,29 @@ group establishSAFns_passive { } // end group establishSAFns_passive group deleteSAFns { function f_delIkeSa( template Ipv6Address p_addrTn, template Ipv6Address p_addrIut, UInt1 p_iFlag ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret := e_success; v_ret := f_createAndSendInfoReq( p_addrTn, p_addrIut, p_iFlag, m_delIkeSaPL(c_noNextPL) ); if (v_ret != e_success) { return v_ret;} return v_ret; } // end deleteSAFns } // end group deleteSAFns } // end module LibIpv6_Rfc4306Ikev2_Functions ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Templates.ttcn +110 −1 Original line number Diff line number Diff line Loading @@ -335,6 +335,87 @@ }//end group ikeAuthResponseTemplates group ikeInfoRequestTemplates { template InformationalRequest mw_ikeInfoReq (template Ipv6Address p_src, template Ipv6Address p_dst, UInt16 p_udpSourcePort, UInt16 p_udpDestPort, Oct8 p_initiatorSpi, Oct8 p_responderSpi, UInt32 p_messageID, template IkePayloadList p_ikepayloads) := { ipv6Hdr := mw_ipHdr_nextHdr_srcDst(c_udpHdr, p_src, p_dst), extHdrList := omit, ipv6Payload := { ikeMsg := { sourcePort := p_udpSourcePort, destPort := p_udpDestPort, msgLength := ?, checksum := ?, padding := c_4ZeroBytes ifpresent, // IKEv2 Header ikev2Header := { initiatorSpi := p_initiatorSpi, responderSpi := p_responderSpi, nextPayload := ?, majorVersion := c_ikeMajorVersion2, minorVersion := c_ikeMinorVersion0, exchangeType := c_informational, twoXFlags := ?, rFlag := c_rFlagRequest, vFlag := c_vFlag, iFlag := c_iFlagInitiator, threeXFlags := ?, messageID := p_messageID, messageLength := ? }, // IKEv2 Payloads payloadList := p_ikepayloads }} } template InformationalRequest m_ikeInfoReq (template Ipv6Address p_src, template Ipv6Address p_dst, UInt16 p_udpsourcePort, UInt16 p_udpdestPort, Oct8 p_initiatorSpi, Oct8 p_responderSpi, UInt1 p_iFlag, UInt8 p_nextPayload, UInt32 p_messageID, template IkePayloadList p_ikepayloads) := { ipv6Hdr := m_ipHdr_nextHdr_srcDst(c_udpHdr, p_src, p_dst), extHdrList := omit, ipv6Payload := { ikeMsg := { sourcePort := p_udpsourcePort, destPort := p_udpdestPort, msgLength := c_uInt16Zero, checksum := c_2ZeroBytes, padding := omit, // IKEv2 Header ikev2Header := { initiatorSpi := p_initiatorSpi, responderSpi := p_responderSpi, nextPayload := p_nextPayload, majorVersion := c_ikeMajorVersion2, minorVersion := c_ikeMinorVersion0, exchangeType := c_informational, twoXFlags := 0, rFlag := c_rFlagRequest, vFlag := c_vFlag, iFlag := p_iFlag, threeXFlags := 0, messageID := p_messageID, messageLength := 0 }, // IKEv2 Payloads payloadList := p_ikepayloads } } } }//end group ikeInfoRequestTemplates group payLoadListTemplates { template IkePayloadList mw_ikeSaInitReqPLL := Loading Loading @@ -831,6 +912,34 @@ group identificationPLTmplts { }//end authPLTmplts group deletePLTmplts { template IkePayload mw_delIkeSaPL := { delete := { nextPayload := ?, criticalFlag := 0, reserved := ?, protocolId := c_protocolIke, spiSize := c_spiSize0, numberOfSpi := c_uInt16Zero, spis := omit } } template IkePayload m_delIkeSaPL(UInt8 p_nextPayload) := { delete := { nextPayload := p_nextPayload, criticalFlag := 0, reserved := c_uInt7Zero, protocolId := c_protocolIke, spiSize := c_spiSize0, numberOfSpi := c_uInt16Zero, spis := omit } } }//end deletePLTmplts group trafficSelectionPLTmplts { template IkePayload mw_tsInitiatorPL := { Loading ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_TypesAndValues.ttcn +1 −1 Original line number Diff line number Diff line Loading @@ -685,7 +685,7 @@ UInt8 protocolId, UInt8 spiSize, UInt16 numberOfSpi, octetstring spis octetstring spis optional } with { variant (nextPayload) "tag='nextPayload';"; Loading Loading
ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_CommonRfcs_Functions.ttcn +3 −3 Original line number Diff line number Diff line Loading @@ -349,7 +349,7 @@ group ipSecFns { } //in units of octets function f_getIntegrKeyLen( in template IntegrityAlgo p_integrityAlgo) function f_getIntegrKeyLen( in IntegrityAlgo p_integrityAlgo) return UInt8 { if(p_integrityAlgo == e_auth_hmacMd5_96){ Loading Loading @@ -553,7 +553,7 @@ group ipSecFns { } //in units of octets function f_getIntegrBlockSize(in template IntegrityAlgo p_integrityAlgo) function f_getIntegrBlockSize(in IntegrityAlgo p_integrityAlgo) runs on LibIpv6Node return UInt8 { Loading
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Functions.ttcn +98 −19 Original line number Diff line number Diff line Loading @@ -1291,8 +1291,8 @@ group sendRequests { m_ikeSaInitReq ( p_addrTn, p_addrIut, PX_UDP_PORT_HS02, PX_UDP_PORT_IUT_1, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].spiInitiator, c_saPL, vc_ikeSad[0].messageID, Loading Loading @@ -1353,7 +1353,6 @@ group sendRequests { runs on LibIpv6Node return FncRetCode { var IkeSaInitRequest v_ipPkt := valueof(p_ikeSaInitRequest); var FncRetCode v_ret := e_error; if(f_setExtensionHeaders(v_ipPkt) != e_success) { log(" **** f_sendIkeSaInitReq: Error when calculating length ****"); Loading Loading @@ -1477,8 +1476,8 @@ group sendRequests { m_ikeAuthReq ( p_addrTn, p_addrIut, PX_UDP_PORT_HS02, PX_UDP_PORT_IUT_1, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, c_encryptedPL, Loading Loading @@ -1537,8 +1536,8 @@ group sendRequests { m_ikeAuthReq ( p_addrTn, p_addrIut, PX_UDP_PORT_HS02, PX_UDP_PORT_IUT_1, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, c_encryptedPL, Loading Loading @@ -1593,7 +1592,6 @@ group sendRequests { return FncRetCode { var IkeAuthRequest v_ipPkt; v_ipPkt := valueof(p_ikeAuthRequest); var FncRetCode v_ret := e_error; if(f_setExtensionHeaders(v_ipPkt) != e_success) { log(" **** f_sendIkeAuthReq: Error when calculating length ****"); Loading @@ -1611,6 +1609,62 @@ group sendRequests { return e_success; } // end f_sendIkeAuthReq function f_createAndSendInfoReq( template Ipv6Address p_addrTn, template Ipv6Address p_addrIut, UInt1 p_iFlag, template IkePayload p_payload ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret := e_success; v_ret := f_sendIkeInfoReq ( m_ikeInfoReq ( p_addrTn, p_addrIut, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, p_iFlag, c_encryptedPL, vc_ikeSad[0].messageID, m_ikePlList_1Elem( m_encryptedPL( c_deletePL, m_ikePlList_1Elem(p_payload) ) ) ) ); return v_ret ; } // end f_createAndSendInfoReq function f_sendIkeInfoReq(in template InformationalRequest p_ikeInfoRequest) runs on LibIpv6Node return FncRetCode { var InformationalRequest v_ipPkt; v_ipPkt := valueof(p_ikeInfoRequest); if(f_setExtensionHeaders(v_ipPkt) != e_success) { log(" **** f_sendIkeInfoReq: Error when calculating length ****"); return e_error; } // fill padding field with '00000000'O for UDP port 4500 if(vc_ikeSad[0].udpTnPort == c_udpPort4500) { v_ipPkt.ipv6Payload.ikeMsg.padding := c_4ZeroBytes; } //send ipPort.send(v_ipPkt); return e_success; } // end f_sendIkeInfoReq } // end group sendRequests group sendResponses { Loading Loading @@ -1646,8 +1700,8 @@ group sendResponses { m_ikeSaInitRsp ( p_addrTn, p_addrIut, PX_UDP_PORT_HS02, PX_UDP_PORT_IUT_1, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, c_saPL, Loading Loading @@ -1834,8 +1888,8 @@ group sendResponses { m_ikeAuthRsp ( p_addrIut, p_addrTn, PX_UDP_PORT_IUT_1, PX_UDP_PORT_HS02, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, c_encryptedPL, Loading Loading @@ -1884,8 +1938,8 @@ group sendResponses { m_ikeAuthRsp ( p_addrIut, p_addrTn, PX_UDP_PORT_IUT_1, PX_UDP_PORT_HS02, vc_ikeSad[0].udpIutPort, vc_ikeSad[0].udpTnPort, vc_ikeSad[0].spiInitiator, vc_ikeSad[0].spiResponder, c_encryptedPL, Loading Loading @@ -1957,7 +2011,7 @@ group establishSAFns_active { ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret := e_error; var FncRetCode v_ret := e_success; v_ret := f_createAndSendSaInitReq( p_addrTn, Loading Loading @@ -1995,7 +2049,7 @@ group establishSAFns_active { in UInt8 p_protocolId ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret; var FncRetCode v_ret := e_success; if ((p_protocolId != c_protocolEsp) and (p_protocolId != c_protocolAh)) { log("**** f_sndAuthReqAndWaitForRsp: ERROR: Invalid protocol Id, only ESP and AH allowed here !**** "); Loading Loading @@ -2055,7 +2109,7 @@ group establishSAFns_passive { ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret; var FncRetCode v_ret := e_success; v_ret := f_waitForIkeSaInitReq(p_addrIut,p_addrTn); if(v_ret != e_success) { return v_ret;} Loading Loading @@ -2095,7 +2149,7 @@ group establishSAFns_passive { ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret; var FncRetCode v_ret := e_success; var UInt8 v_protocolId; v_ret := f_waitForIkeAuthReq(p_addrIut,p_addrTn,v_protocolId); Loading Loading @@ -2154,4 +2208,29 @@ group establishSAFns_passive { } // end group establishSAFns_passive group deleteSAFns { function f_delIkeSa( template Ipv6Address p_addrTn, template Ipv6Address p_addrIut, UInt1 p_iFlag ) runs on LibIpv6Node return FncRetCode { var FncRetCode v_ret := e_success; v_ret := f_createAndSendInfoReq( p_addrTn, p_addrIut, p_iFlag, m_delIkeSaPL(c_noNextPL) ); if (v_ret != e_success) { return v_ret;} return v_ret; } // end deleteSAFns } // end group deleteSAFns } // end module LibIpv6_Rfc4306Ikev2_Functions
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Templates.ttcn +110 −1 Original line number Diff line number Diff line Loading @@ -335,6 +335,87 @@ }//end group ikeAuthResponseTemplates group ikeInfoRequestTemplates { template InformationalRequest mw_ikeInfoReq (template Ipv6Address p_src, template Ipv6Address p_dst, UInt16 p_udpSourcePort, UInt16 p_udpDestPort, Oct8 p_initiatorSpi, Oct8 p_responderSpi, UInt32 p_messageID, template IkePayloadList p_ikepayloads) := { ipv6Hdr := mw_ipHdr_nextHdr_srcDst(c_udpHdr, p_src, p_dst), extHdrList := omit, ipv6Payload := { ikeMsg := { sourcePort := p_udpSourcePort, destPort := p_udpDestPort, msgLength := ?, checksum := ?, padding := c_4ZeroBytes ifpresent, // IKEv2 Header ikev2Header := { initiatorSpi := p_initiatorSpi, responderSpi := p_responderSpi, nextPayload := ?, majorVersion := c_ikeMajorVersion2, minorVersion := c_ikeMinorVersion0, exchangeType := c_informational, twoXFlags := ?, rFlag := c_rFlagRequest, vFlag := c_vFlag, iFlag := c_iFlagInitiator, threeXFlags := ?, messageID := p_messageID, messageLength := ? }, // IKEv2 Payloads payloadList := p_ikepayloads }} } template InformationalRequest m_ikeInfoReq (template Ipv6Address p_src, template Ipv6Address p_dst, UInt16 p_udpsourcePort, UInt16 p_udpdestPort, Oct8 p_initiatorSpi, Oct8 p_responderSpi, UInt1 p_iFlag, UInt8 p_nextPayload, UInt32 p_messageID, template IkePayloadList p_ikepayloads) := { ipv6Hdr := m_ipHdr_nextHdr_srcDst(c_udpHdr, p_src, p_dst), extHdrList := omit, ipv6Payload := { ikeMsg := { sourcePort := p_udpsourcePort, destPort := p_udpdestPort, msgLength := c_uInt16Zero, checksum := c_2ZeroBytes, padding := omit, // IKEv2 Header ikev2Header := { initiatorSpi := p_initiatorSpi, responderSpi := p_responderSpi, nextPayload := p_nextPayload, majorVersion := c_ikeMajorVersion2, minorVersion := c_ikeMinorVersion0, exchangeType := c_informational, twoXFlags := 0, rFlag := c_rFlagRequest, vFlag := c_vFlag, iFlag := p_iFlag, threeXFlags := 0, messageID := p_messageID, messageLength := 0 }, // IKEv2 Payloads payloadList := p_ikepayloads } } } }//end group ikeInfoRequestTemplates group payLoadListTemplates { template IkePayloadList mw_ikeSaInitReqPLL := Loading Loading @@ -831,6 +912,34 @@ group identificationPLTmplts { }//end authPLTmplts group deletePLTmplts { template IkePayload mw_delIkeSaPL := { delete := { nextPayload := ?, criticalFlag := 0, reserved := ?, protocolId := c_protocolIke, spiSize := c_spiSize0, numberOfSpi := c_uInt16Zero, spis := omit } } template IkePayload m_delIkeSaPL(UInt8 p_nextPayload) := { delete := { nextPayload := p_nextPayload, criticalFlag := 0, reserved := c_uInt7Zero, protocolId := c_protocolIke, spiSize := c_spiSize0, numberOfSpi := c_uInt16Zero, spis := omit } } }//end deletePLTmplts group trafficSelectionPLTmplts { template IkePayload mw_tsInitiatorPL := { Loading
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_TypesAndValues.ttcn +1 −1 Original line number Diff line number Diff line Loading @@ -685,7 +685,7 @@ UInt8 protocolId, UInt8 spiSize, UInt16 numberOfSpi, octetstring spis octetstring spis optional } with { variant (nextPayload) "tag='nextPayload';"; Loading
