Loading ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_TypesAndValues.ttcn +4 −1 Original line number Diff line number Diff line Loading @@ -1260,7 +1260,10 @@ module LibIpv6_Interface_TypesAndValues { DiffieHellmanGroup diffieHellmanGroup, octetstring diffieHellmanPrivKey, octetstring diffieHellmanSharedSecret, SevenSecrets sevenSecrets SevenSecrets sevenSecrets, octetstring nI,//new smu nonce octetstring nR,//new smu nonce UInt8 proposalNr//new smu nonce } with { variant "TODO"; Loading ttcn3/EtsiLibrary/LibIpv6/LibMultiRfcs/LibIpv6_MultiRfcs_Functions.ttcn +69 −22 Original line number Diff line number Diff line Loading @@ -29,6 +29,9 @@ import from LibIpv6_Rfc2461NeighborDiscovery_TypesAndValues all; //used for mixed procedure import from LibIpv6_Rfc2461NeighborDiscovery_Templates all; //used for mixed procedure import from LibIpv6_Rfc2461NeighborDiscovery_Functions all; //used for mixed procedure import from LibIpv6_Rfc4306Ikev2_Templates all; import from LibIpv6_Rfc4306Ikev2_Functions all; import from LibIpv6_Rfc4306Ikev2_TypesAndValues all; group echoProcedureFnsMixedWithOtherRfcs { Loading Loading @@ -853,32 +856,76 @@ group IcmpAndAuthHeaderFns { group ikeFns { /* function f_ikeSaUp(in template IkeSaInitRequest p_ikeSaInitRequest) function f_ikeSaUp( template Ipv6NodeParams p_paramsTn, template Ipv6NodeParams p_paramsIut) runs on Ipv6Node return FncRetCode { var FncRetCode v_ret := e_error; f_sendIkeSaInitReq(m_ikeSaInitReq ( p_paramsTn.gla, v_ret := f_sendIkeSaInitReq ( m_ikeSaInitReq ( p_paramsTn.gla, p_paramsIut.gla, PX_UDP_PORT_HS02, PX_UDP_PORT_IUT_1, c_sa, template IkePayloadList p_ikepayloads)); }//end f_ikeSaUp m_securityAssociationPL ( c_keyExchange, SaProposal p_saProposal) m_keyExchangePL (c_nonce, DiffieHellmanGroup p_dhGroup, octetstring p_data) c_saPL, m_ikePlList_3Elem( m_securityAssociationPL( c_keyExchangePL, m_saProposalIke( c_lastProposal, vc_ikeSad[0].proposalNr, c_ipSec_ike, 0,//lengthof(vc_ikeSad[0].spiInitiator), c_4Transforms, vc_ikeSad[0].spiInitiator, m_saTransformList_4Elem ( m_saTransform ( c_moreTransform, c_transformTypeEncr, m_transformId_encr(vc_ikeSad[0].ikeEncryptionAlgo), omit ), m_saTransform ( c_moreTransform, c_transformTypeInteg, m_transformId_integ(vc_ikeSad[0].ikeIntegrityAlgo), omit ), m_saTransform ( c_moreTransform, c_transformTypePrf, m_transformId_prf(vc_ikeSad[0].ikePseudoRandomFunction), omit ), m_saTransform ( c_lastTransform, c_transformTypeDh, m_transformId_dh(vc_ikeSad[0].diffieHellmanGroup), omit ) ) ) ), m_keyExchangePL ( c_noncePL, vc_ikeSad[0].diffieHellmanGroup, fx_dHKeyToSend( vc_ikeSad[0].diffieHellmanGroup, vc_ikeSad[0].diffieHellmanPrivKey ) ), m_noncePL ( c_noNextPL, vc_ikeSad[0].nI ) ) ) ); m_noncePL ( c_vendorId, NonceData p_data) return v_ret; m_vendorIdPL ( c_noNextPL, octetstring p_vendorId ) */ }//end f_ikeSaUp }//end ikeFns Loading ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Functions.ttcn +43 −18 Original line number Diff line number Diff line Loading @@ -33,6 +33,29 @@ module LibIpv6_Rfc4306Ikev2_Functions { group fillIkeSa { /* * @desc Fills IkeSa with PIXIT values */ function f_initIkeSa() runs on Ipv6Node { vc_ikeSad[0].spiInitiator := PX_IKE_SPI; // vc_ikeSad[0].spiResponder := ; fill from IKE Header vc_ikeSad[0].messageID := 0; vc_ikeSad[0].ikeEncryptionAlgo := PX_IKE_ENCALGO; // p_ikeSa.ikeEncryptionKey := ; ToDo!!! vc_ikeSad[0].ikePseudoRandomFunction := PX_IKE_PSEUDORANDOM_FCT; vc_ikeSad[0].ikeIntegrityAlgo := PX_IKE_INTALGO; // p_ikeSa.ikeIntegrityKey := ; ToDo!!! vc_ikeSad[0].diffieHellmanGroup := PX_IKE_DIFFIEHELLMAN_GROUP; vc_ikeSad[0].diffieHellmanPrivKey := PX_IKE_DIFFIEHELLMAN_PRIVKEY; vc_ikeSad[0].nI := int2oct(float2int(int2float(20000-5000)*rnd())+5000, 16); vc_ikeSad[0].nR := int2oct(float2int(int2float(20000-5000)*rnd())+5000, 16); vc_ikeSad[0].proposalNr := 1; } // end f_fillIkeSaFromPIXIT SaProposal /* * @desc Fills IkeSa with PIXIT values */ Loading @@ -51,6 +74,8 @@ module LibIpv6_Rfc4306Ikev2_Functions { vc_ikeSad[0].diffieHellmanPrivKey := PX_IKE_DIFFIEHELLMAN_PRIVKEY; } // end f_fillIkeSaFromPIXIT SaProposal /* * @desc Fills IkeSa with data from one Security Association proposal * @param p_SaProposal received SA proposal Loading Loading @@ -99,7 +124,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { for(i := 0; (i < sizeof(p_ikePayloadList) and (v_ret != e_success) and (v_ret != e_error)); i:= i + 1) { // next payload is Security Association if(v_nextPayload == c_sa) if(v_nextPayload == c_saPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -113,7 +138,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Key Exchange else if(v_nextPayload == c_keyExchange) else if(v_nextPayload == c_keyExchangePL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -127,7 +152,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Identification Initiator else if(v_nextPayload == c_idInitiator) else if(v_nextPayload == c_idInitiatorPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -141,7 +166,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Identification Responder else if(v_nextPayload == c_idResponder) else if(v_nextPayload == c_idResponderPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -155,7 +180,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Certificate else if(v_nextPayload == c_certificate) else if(v_nextPayload == c_certificatePL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -169,7 +194,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Certificate Request else if(v_nextPayload == c_certificateRequest) else if(v_nextPayload == c_certificateRequestPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -183,7 +208,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Authentication else if(v_nextPayload == c_authentication) else if(v_nextPayload == c_authenticationPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -197,7 +222,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Nonce else if(v_nextPayload == c_nonce) else if(v_nextPayload == c_noncePL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -211,7 +236,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Notify else if(v_nextPayload == c_notify) else if(v_nextPayload == c_notifyPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -225,7 +250,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Delete else if(v_nextPayload == c_delete) else if(v_nextPayload == c_deletePL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -239,7 +264,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Vendor Id else if(v_nextPayload == c_vendorId) else if(v_nextPayload == c_vendorIdPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -253,7 +278,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Traffic Selector Initiator else if(v_nextPayload == c_tsInitiator) else if(v_nextPayload == c_tsInitiatorPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -267,7 +292,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Traffic Selector Responder else if(v_nextPayload == c_tsResponder) else if(v_nextPayload == c_tsResponderPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -281,7 +306,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Configuration else if(v_nextPayload == c_configuration) else if(v_nextPayload == c_configurationPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -295,7 +320,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Extensible Authentication else if(v_nextPayload == c_extensibleAuth) else if(v_nextPayload == c_extensibleAuthPL) { if(v_nextPayload == p_searchedPayload) { Loading Loading @@ -363,14 +388,14 @@ module LibIpv6_Rfc4306Ikev2_Functions { v_ikePayloadList := v_ipv6Packet.ipv6Payload.ikeMsg.payloadList; // get Nonce payload data v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_nonce,v_ikePayload); v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_noncePL,v_ikePayload); if (v_ret == e_success) { v_nonceData := v_ikePayload.nonce.data; } else { log("**** f_waitForIkeSaInitreq: ERROR: No Nonce payload in payload list **** ") } // get Key exchange payload data v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_keyExchange,v_ikePayload); v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_keyExchangePL,v_ikePayload); if (v_ret == e_success) { v_keyExchangeData := v_ikePayload.keyExchange.data; vc_ikeSad[0].diffieHellmanGroup := v_ikePayload.keyExchange.dhGroup; } Loading @@ -378,7 +403,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { { log("**** f_waitForIkeSaInitreq: ERROR: No Key Exchange payload in payload list **** ") } // get Security Association payload proposal data v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_sa,v_ikePayload); v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_saPL,v_ikePayload); if (v_ret == e_success) { v_saProposalList := v_ikePayload.securityAssociation.saProposalList; v_saPreferredProposal := v_ikePayload.securityAssociation.saProposalList[0] } Loading ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Templates.ttcn +167 −61 Original line number Diff line number Diff line Loading @@ -163,33 +163,57 @@ group ikeSaInitRequestPayloadListTemplates { template IkePayloadList mw_ikeSaInitReqPLL := superset ({securityAssociation := mw_securityAssociationPL},{nonce := mw_noncePL},{keyExchange := mw_keyExchangePL}); superset ( mw_securityAssociationPL, mw_noncePL, mw_keyExchangePL); }//end group ikeSaInitRequestPayloadListTemplates group ikeSecurityAssociationPayloadTemplates { template SecurityAssociationPayload mw_securityAssociationPL := { template IkePayload mw_securityAssociationPL := { securityAssociation := { nextPayload := ?, criticalFlag := 0, reserved := ?, payloadLength := ?, saProposalList := superset(mw_saProposalIke) } }; template SecurityAssociationPayload m_securityAssociationPL (UInt8 p_nextPayload, SaProposal p_saProposal) := { template IkePayload m_securityAssociationPL (UInt8 p_nextPayload, template SaProposal p_saProposal) := { securityAssociation := { nextPayload := p_nextPayload, criticalFlag := 0, reserved := c_uInt7Zero, payloadLength := c_uInt16Zero, saProposalList := {p_saProposal} } }; }//end group ikeSecurityAssociationPayloadPayloadTemplates group IkeRfc4306SaProposalTemplates { template SaProposal m_saProposalIke ( UInt8 p_lastProposal, UInt8 p_proposalNumber, UInt8 p_protocolId, UInt8 p_spiSize, UInt8 p_numberOfTransforms, octetstring p_spi, template SaTransformList p_saTransformList ) := { lastProposal:= p_lastProposal, reserved := 0, proposalLength := 0, proposalNumber := p_proposalNumber, protocolId := p_protocolId, spiSize := p_spiSize, numberOfTransforms := p_numberOfTransforms, spi := p_spi, saTransformList := p_saTransformList } template SaProposal mw_saProposalIke := { lastProposal := ?, reserved := ?, Loading @@ -202,11 +226,83 @@ saTransformList := ? } /* * @param p_ikePayload1 First element in SaTransformList * @param p_ikePayload2 Second element in SaTransformList * @param p_ikePayload3 Third element in SaTransformList * @param p_ikePayload4 Third element in SaTransformList */ template SaTransformList m_saTransformList_4Elem( template SaTransform p_saTransform1, template SaTransform p_saTransform2, template SaTransform p_saTransform3, template SaTransform p_saTransform4) := { p_saTransform1, p_saTransform2, p_saTransform3, p_saTransform4 } template SaTransform m_saTransform ( UInt8 p_lastTransform, UInt8 p_transformType, template TransformId p_transformId, template SaTransformAttributeList p_saTransformAttributeList ) := { lastTransform := p_lastTransform, reserved1 := 0, transformLength := 0, transformType := p_transformType, reserved2 := 0, transformId := p_transformId, saTransformAttributeList := p_saTransformAttributeList } }//end group IkeRfc4306SaProposalTemplates group transformTmplts { template TransformId m_transformId_encr(IkeEncryptionAlgo p_ikeEncryptionAlgo) := { ikeEncryptionAlgo := p_ikeEncryptionAlgo } template TransformId m_transformId_integ(IkeIntegrityAlgo p_ikeIntegrityAlgo) := { integAlgorithms := p_ikeIntegrityAlgo } template TransformId m_transformId_prf(IkePseudoRandomFunction p_ikePseudoRandomFunction) := { pseudoRandomFunctions := p_ikePseudoRandomFunction } template TransformId m_transformId_dh(DiffieHellmanGroup p_diffieHellmanGroup) := { diffieHellman := p_diffieHellmanGroup } }//end group transformTmplts group payloadTemplates { /* * @param p_ikePayload1 First element in IkePayloadList * @param p_ikePayload2 Second element in IkePayloadList * @param p_ikePayload3 Third element in IkePayloadList */ template IkePayloadList m_ikePlList_3Elem( template IkePayload p_ikePayload1, template IkePayload p_ikePayload2, template IkePayload p_ikePayload3) := { p_ikePayload1, p_ikePayload2, p_ikePayload3 } }//end payloadTemplates group ikeKeyExchangePayloadTemplates { template KeyExchangePayload mw_keyExchangePL := { template IkePayload mw_keyExchangePL := { keyExchange := { nextPayload := ?, criticalFlag := 0, reserved1 := ?, Loading @@ -214,12 +310,13 @@ group ikeKeyExchangePayloadTemplates { dhGroup := ?, reserved2 := ?, data := ? }; } } template KeyExchangePayload m_keyExchangePL (UInt8 p_nextPayload, template IkePayload m_keyExchangePL (UInt8 p_nextPayload, DiffieHellmanGroup p_dhGroup, octetstring p_data) := { keyExchange := { nextPayload := p_nextPayload, criticalFlag := 0, reserved1 := c_uInt7Zero, Loading @@ -227,51 +324,60 @@ group ikeKeyExchangePayloadTemplates { dhGroup := p_dhGroup, reserved2 := c_uInt8Zero, data := p_data }; } } }//end group ikeKeyExchangePayloadTemplates group ikeNoncePayloadTemplates { template NoncePayload mw_noncePL := { template IkePayload mw_noncePL := { nonce := { nextPayload := ?, criticalFlag := 0, reserved := ?, payloadLength := ?, data := ? } } template NoncePayload m_noncePL (UInt8 p_nextPayload, template IkePayload m_noncePL (UInt8 p_nextPayload, NonceData p_data) := { nonce := { nextPayload := p_nextPayload, criticalFlag := 0, reserved := c_uInt7Zero, payloadLength := lengthof(p_data), data := p_data } } }//end group ikeNoncePayloadTemplates group vendorIdTemplates { group vendorIdPayloadTemplates { template VendorIdPayload m_vendorIdPL ( template IkePayload m_vendorIdPL ( UInt8 p_nextPayload, octetstring p_vendorId ) := { vendorId := { nextPayload := p_nextPayload, criticalFlag := 0, reserved := c_uInt7Zero, payloadLength := lengthof(p_vendorId), vendorId := p_vendorId } } template VendorIdPayload mw_vendorIdPL := { template IkePayload mw_vendorIdPL := { vendorId := { nextPayload := ?, criticalFlag := 0, reserved := c_uInt7Zero, payloadLength := ?, vendorId := ? } } }//end vendorIdTemplates }//end vendorIdPayloadTemplates } // end module LibIpv6_Rfc4306Ikev2_Templates ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_TypesAndValues.ttcn +32 −21 Original line number Diff line number Diff line Loading @@ -37,6 +37,15 @@ const UInt8 c_certEncodingHashAndUrlOfX509Bundle := 13; } // end group IkeRfc4306CertEncodings const octetstring c_vendorId_HS02 := 'FFFF'O; const UInt8 c_lastProposal := 0; const UInt8 c_moreProposal := 2; const UInt8 c_lastTransform := 0; const UInt8 c_moreTransform := 3; const UInt8 c_ipSec_ike := 1; const UInt8 c_ipSec_ah := 2; const UInt8 c_ipSec_esp := 3; } // end group IkeRfc4306CommonConstants group ikeRfc4306Packets { Loading Loading @@ -110,22 +119,22 @@ group IkeRfc4306PayloadIds { const UInt8 c_noNextPL := 0; const UInt8 c_sa := 33; const UInt8 c_keyExchange := 34; const UInt8 c_idInitiator := 35; const UInt8 c_idResponder := 36; const UInt8 c_certificate := 37; const UInt8 c_certificateRequest := 38; const UInt8 c_authentication := 39; const UInt8 c_nonce := 40; const UInt8 c_notify := 41; const UInt8 c_delete := 42; const UInt8 c_vendorId := 43; const UInt8 c_tsInitiator := 44; const UInt8 c_tsResponder := 45; const UInt8 c_encrypted := 46; const UInt8 c_configuration := 47; const UInt8 c_extensibleAuth := 48; const UInt8 c_saPL := 33; const UInt8 c_keyExchangePL := 34; const UInt8 c_idInitiatorPL := 35; const UInt8 c_idResponderPL := 36; const UInt8 c_certificatePL := 37; const UInt8 c_certificateRequestPL := 38; const UInt8 c_authenticationPL := 39; const UInt8 c_noncePL := 40; const UInt8 c_notifyPL := 41; const UInt8 c_deletePL := 42; const UInt8 c_vendorIdPL := 43; const UInt8 c_tsInitiatorPL := 44; const UInt8 c_tsResponderPL := 45; const UInt8 c_encryptedPL := 46; const UInt8 c_configurationPL := 47; const UInt8 c_extensibleAuthPL := 48; } // end group IkeRfc4306PayloadIDs /* Loading Loading @@ -217,6 +226,7 @@ } const UInt8 c_maxIkeSaProposals := 10; //FIXME const UInt8 c_4Transforms := 4; /* * @desc TODO Loading @@ -226,11 +236,11 @@ group IkeRfc4306SaTransform { group IkeRfc4306SaTransformTypes { const UInt8 c_transformEncr := 1; const UInt8 c_transformPrf := 2; const UInt8 c_transformInteg := 3; const UInt8 c_transformDh := 4; const UInt8 c_transformEsn := 5; const UInt8 c_transformTypeEncr := 1; const UInt8 c_transformTypePrf := 2; const UInt8 c_transformTypeInteg := 3; const UInt8 c_transformTypeDh := 4; const UInt8 c_transformTypeEsn := 5; } // end group IkeRfc4306SaTransformTypes /* Loading Loading @@ -309,6 +319,7 @@ } // end group IkeRfc4306SaProposal group IkeRfc4306SaTransformIDs { type union TransformId { IkeEncryptionAlgo ikeEncryptionAlgo, Loading ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_ModuleParameters.ttcn +1 −1 File changed.Contains only whitespace changes. Show changes Loading
ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_TypesAndValues.ttcn +4 −1 Original line number Diff line number Diff line Loading @@ -1260,7 +1260,10 @@ module LibIpv6_Interface_TypesAndValues { DiffieHellmanGroup diffieHellmanGroup, octetstring diffieHellmanPrivKey, octetstring diffieHellmanSharedSecret, SevenSecrets sevenSecrets SevenSecrets sevenSecrets, octetstring nI,//new smu nonce octetstring nR,//new smu nonce UInt8 proposalNr//new smu nonce } with { variant "TODO"; Loading
ttcn3/EtsiLibrary/LibIpv6/LibMultiRfcs/LibIpv6_MultiRfcs_Functions.ttcn +69 −22 Original line number Diff line number Diff line Loading @@ -29,6 +29,9 @@ import from LibIpv6_Rfc2461NeighborDiscovery_TypesAndValues all; //used for mixed procedure import from LibIpv6_Rfc2461NeighborDiscovery_Templates all; //used for mixed procedure import from LibIpv6_Rfc2461NeighborDiscovery_Functions all; //used for mixed procedure import from LibIpv6_Rfc4306Ikev2_Templates all; import from LibIpv6_Rfc4306Ikev2_Functions all; import from LibIpv6_Rfc4306Ikev2_TypesAndValues all; group echoProcedureFnsMixedWithOtherRfcs { Loading Loading @@ -853,32 +856,76 @@ group IcmpAndAuthHeaderFns { group ikeFns { /* function f_ikeSaUp(in template IkeSaInitRequest p_ikeSaInitRequest) function f_ikeSaUp( template Ipv6NodeParams p_paramsTn, template Ipv6NodeParams p_paramsIut) runs on Ipv6Node return FncRetCode { var FncRetCode v_ret := e_error; f_sendIkeSaInitReq(m_ikeSaInitReq ( p_paramsTn.gla, v_ret := f_sendIkeSaInitReq ( m_ikeSaInitReq ( p_paramsTn.gla, p_paramsIut.gla, PX_UDP_PORT_HS02, PX_UDP_PORT_IUT_1, c_sa, template IkePayloadList p_ikepayloads)); }//end f_ikeSaUp m_securityAssociationPL ( c_keyExchange, SaProposal p_saProposal) m_keyExchangePL (c_nonce, DiffieHellmanGroup p_dhGroup, octetstring p_data) c_saPL, m_ikePlList_3Elem( m_securityAssociationPL( c_keyExchangePL, m_saProposalIke( c_lastProposal, vc_ikeSad[0].proposalNr, c_ipSec_ike, 0,//lengthof(vc_ikeSad[0].spiInitiator), c_4Transforms, vc_ikeSad[0].spiInitiator, m_saTransformList_4Elem ( m_saTransform ( c_moreTransform, c_transformTypeEncr, m_transformId_encr(vc_ikeSad[0].ikeEncryptionAlgo), omit ), m_saTransform ( c_moreTransform, c_transformTypeInteg, m_transformId_integ(vc_ikeSad[0].ikeIntegrityAlgo), omit ), m_saTransform ( c_moreTransform, c_transformTypePrf, m_transformId_prf(vc_ikeSad[0].ikePseudoRandomFunction), omit ), m_saTransform ( c_lastTransform, c_transformTypeDh, m_transformId_dh(vc_ikeSad[0].diffieHellmanGroup), omit ) ) ) ), m_keyExchangePL ( c_noncePL, vc_ikeSad[0].diffieHellmanGroup, fx_dHKeyToSend( vc_ikeSad[0].diffieHellmanGroup, vc_ikeSad[0].diffieHellmanPrivKey ) ), m_noncePL ( c_noNextPL, vc_ikeSad[0].nI ) ) ) ); m_noncePL ( c_vendorId, NonceData p_data) return v_ret; m_vendorIdPL ( c_noNextPL, octetstring p_vendorId ) */ }//end f_ikeSaUp }//end ikeFns Loading
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Functions.ttcn +43 −18 Original line number Diff line number Diff line Loading @@ -33,6 +33,29 @@ module LibIpv6_Rfc4306Ikev2_Functions { group fillIkeSa { /* * @desc Fills IkeSa with PIXIT values */ function f_initIkeSa() runs on Ipv6Node { vc_ikeSad[0].spiInitiator := PX_IKE_SPI; // vc_ikeSad[0].spiResponder := ; fill from IKE Header vc_ikeSad[0].messageID := 0; vc_ikeSad[0].ikeEncryptionAlgo := PX_IKE_ENCALGO; // p_ikeSa.ikeEncryptionKey := ; ToDo!!! vc_ikeSad[0].ikePseudoRandomFunction := PX_IKE_PSEUDORANDOM_FCT; vc_ikeSad[0].ikeIntegrityAlgo := PX_IKE_INTALGO; // p_ikeSa.ikeIntegrityKey := ; ToDo!!! vc_ikeSad[0].diffieHellmanGroup := PX_IKE_DIFFIEHELLMAN_GROUP; vc_ikeSad[0].diffieHellmanPrivKey := PX_IKE_DIFFIEHELLMAN_PRIVKEY; vc_ikeSad[0].nI := int2oct(float2int(int2float(20000-5000)*rnd())+5000, 16); vc_ikeSad[0].nR := int2oct(float2int(int2float(20000-5000)*rnd())+5000, 16); vc_ikeSad[0].proposalNr := 1; } // end f_fillIkeSaFromPIXIT SaProposal /* * @desc Fills IkeSa with PIXIT values */ Loading @@ -51,6 +74,8 @@ module LibIpv6_Rfc4306Ikev2_Functions { vc_ikeSad[0].diffieHellmanPrivKey := PX_IKE_DIFFIEHELLMAN_PRIVKEY; } // end f_fillIkeSaFromPIXIT SaProposal /* * @desc Fills IkeSa with data from one Security Association proposal * @param p_SaProposal received SA proposal Loading Loading @@ -99,7 +124,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { for(i := 0; (i < sizeof(p_ikePayloadList) and (v_ret != e_success) and (v_ret != e_error)); i:= i + 1) { // next payload is Security Association if(v_nextPayload == c_sa) if(v_nextPayload == c_saPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -113,7 +138,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Key Exchange else if(v_nextPayload == c_keyExchange) else if(v_nextPayload == c_keyExchangePL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -127,7 +152,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Identification Initiator else if(v_nextPayload == c_idInitiator) else if(v_nextPayload == c_idInitiatorPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -141,7 +166,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Identification Responder else if(v_nextPayload == c_idResponder) else if(v_nextPayload == c_idResponderPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -155,7 +180,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Certificate else if(v_nextPayload == c_certificate) else if(v_nextPayload == c_certificatePL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -169,7 +194,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Certificate Request else if(v_nextPayload == c_certificateRequest) else if(v_nextPayload == c_certificateRequestPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -183,7 +208,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Authentication else if(v_nextPayload == c_authentication) else if(v_nextPayload == c_authenticationPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -197,7 +222,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Nonce else if(v_nextPayload == c_nonce) else if(v_nextPayload == c_noncePL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -211,7 +236,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Notify else if(v_nextPayload == c_notify) else if(v_nextPayload == c_notifyPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -225,7 +250,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Delete else if(v_nextPayload == c_delete) else if(v_nextPayload == c_deletePL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -239,7 +264,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Vendor Id else if(v_nextPayload == c_vendorId) else if(v_nextPayload == c_vendorIdPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -253,7 +278,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Traffic Selector Initiator else if(v_nextPayload == c_tsInitiator) else if(v_nextPayload == c_tsInitiatorPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -267,7 +292,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Traffic Selector Responder else if(v_nextPayload == c_tsResponder) else if(v_nextPayload == c_tsResponderPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -281,7 +306,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Configuration else if(v_nextPayload == c_configuration) else if(v_nextPayload == c_configurationPL) { if(v_nextPayload == p_searchedPayload) { Loading @@ -295,7 +320,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { } // next payload is Extensible Authentication else if(v_nextPayload == c_extensibleAuth) else if(v_nextPayload == c_extensibleAuthPL) { if(v_nextPayload == p_searchedPayload) { Loading Loading @@ -363,14 +388,14 @@ module LibIpv6_Rfc4306Ikev2_Functions { v_ikePayloadList := v_ipv6Packet.ipv6Payload.ikeMsg.payloadList; // get Nonce payload data v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_nonce,v_ikePayload); v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_noncePL,v_ikePayload); if (v_ret == e_success) { v_nonceData := v_ikePayload.nonce.data; } else { log("**** f_waitForIkeSaInitreq: ERROR: No Nonce payload in payload list **** ") } // get Key exchange payload data v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_keyExchange,v_ikePayload); v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_keyExchangePL,v_ikePayload); if (v_ret == e_success) { v_keyExchangeData := v_ikePayload.keyExchange.data; vc_ikeSad[0].diffieHellmanGroup := v_ikePayload.keyExchange.dhGroup; } Loading @@ -378,7 +403,7 @@ module LibIpv6_Rfc4306Ikev2_Functions { { log("**** f_waitForIkeSaInitreq: ERROR: No Key Exchange payload in payload list **** ") } // get Security Association payload proposal data v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_sa,v_ikePayload); v_ret := f_getPayload(v_ikePayloadList,v_nextPayload,c_saPL,v_ikePayload); if (v_ret == e_success) { v_saProposalList := v_ikePayload.securityAssociation.saProposalList; v_saPreferredProposal := v_ikePayload.securityAssociation.saProposalList[0] } Loading
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Templates.ttcn +167 −61 Original line number Diff line number Diff line Loading @@ -163,33 +163,57 @@ group ikeSaInitRequestPayloadListTemplates { template IkePayloadList mw_ikeSaInitReqPLL := superset ({securityAssociation := mw_securityAssociationPL},{nonce := mw_noncePL},{keyExchange := mw_keyExchangePL}); superset ( mw_securityAssociationPL, mw_noncePL, mw_keyExchangePL); }//end group ikeSaInitRequestPayloadListTemplates group ikeSecurityAssociationPayloadTemplates { template SecurityAssociationPayload mw_securityAssociationPL := { template IkePayload mw_securityAssociationPL := { securityAssociation := { nextPayload := ?, criticalFlag := 0, reserved := ?, payloadLength := ?, saProposalList := superset(mw_saProposalIke) } }; template SecurityAssociationPayload m_securityAssociationPL (UInt8 p_nextPayload, SaProposal p_saProposal) := { template IkePayload m_securityAssociationPL (UInt8 p_nextPayload, template SaProposal p_saProposal) := { securityAssociation := { nextPayload := p_nextPayload, criticalFlag := 0, reserved := c_uInt7Zero, payloadLength := c_uInt16Zero, saProposalList := {p_saProposal} } }; }//end group ikeSecurityAssociationPayloadPayloadTemplates group IkeRfc4306SaProposalTemplates { template SaProposal m_saProposalIke ( UInt8 p_lastProposal, UInt8 p_proposalNumber, UInt8 p_protocolId, UInt8 p_spiSize, UInt8 p_numberOfTransforms, octetstring p_spi, template SaTransformList p_saTransformList ) := { lastProposal:= p_lastProposal, reserved := 0, proposalLength := 0, proposalNumber := p_proposalNumber, protocolId := p_protocolId, spiSize := p_spiSize, numberOfTransforms := p_numberOfTransforms, spi := p_spi, saTransformList := p_saTransformList } template SaProposal mw_saProposalIke := { lastProposal := ?, reserved := ?, Loading @@ -202,11 +226,83 @@ saTransformList := ? } /* * @param p_ikePayload1 First element in SaTransformList * @param p_ikePayload2 Second element in SaTransformList * @param p_ikePayload3 Third element in SaTransformList * @param p_ikePayload4 Third element in SaTransformList */ template SaTransformList m_saTransformList_4Elem( template SaTransform p_saTransform1, template SaTransform p_saTransform2, template SaTransform p_saTransform3, template SaTransform p_saTransform4) := { p_saTransform1, p_saTransform2, p_saTransform3, p_saTransform4 } template SaTransform m_saTransform ( UInt8 p_lastTransform, UInt8 p_transformType, template TransformId p_transformId, template SaTransformAttributeList p_saTransformAttributeList ) := { lastTransform := p_lastTransform, reserved1 := 0, transformLength := 0, transformType := p_transformType, reserved2 := 0, transformId := p_transformId, saTransformAttributeList := p_saTransformAttributeList } }//end group IkeRfc4306SaProposalTemplates group transformTmplts { template TransformId m_transformId_encr(IkeEncryptionAlgo p_ikeEncryptionAlgo) := { ikeEncryptionAlgo := p_ikeEncryptionAlgo } template TransformId m_transformId_integ(IkeIntegrityAlgo p_ikeIntegrityAlgo) := { integAlgorithms := p_ikeIntegrityAlgo } template TransformId m_transformId_prf(IkePseudoRandomFunction p_ikePseudoRandomFunction) := { pseudoRandomFunctions := p_ikePseudoRandomFunction } template TransformId m_transformId_dh(DiffieHellmanGroup p_diffieHellmanGroup) := { diffieHellman := p_diffieHellmanGroup } }//end group transformTmplts group payloadTemplates { /* * @param p_ikePayload1 First element in IkePayloadList * @param p_ikePayload2 Second element in IkePayloadList * @param p_ikePayload3 Third element in IkePayloadList */ template IkePayloadList m_ikePlList_3Elem( template IkePayload p_ikePayload1, template IkePayload p_ikePayload2, template IkePayload p_ikePayload3) := { p_ikePayload1, p_ikePayload2, p_ikePayload3 } }//end payloadTemplates group ikeKeyExchangePayloadTemplates { template KeyExchangePayload mw_keyExchangePL := { template IkePayload mw_keyExchangePL := { keyExchange := { nextPayload := ?, criticalFlag := 0, reserved1 := ?, Loading @@ -214,12 +310,13 @@ group ikeKeyExchangePayloadTemplates { dhGroup := ?, reserved2 := ?, data := ? }; } } template KeyExchangePayload m_keyExchangePL (UInt8 p_nextPayload, template IkePayload m_keyExchangePL (UInt8 p_nextPayload, DiffieHellmanGroup p_dhGroup, octetstring p_data) := { keyExchange := { nextPayload := p_nextPayload, criticalFlag := 0, reserved1 := c_uInt7Zero, Loading @@ -227,51 +324,60 @@ group ikeKeyExchangePayloadTemplates { dhGroup := p_dhGroup, reserved2 := c_uInt8Zero, data := p_data }; } } }//end group ikeKeyExchangePayloadTemplates group ikeNoncePayloadTemplates { template NoncePayload mw_noncePL := { template IkePayload mw_noncePL := { nonce := { nextPayload := ?, criticalFlag := 0, reserved := ?, payloadLength := ?, data := ? } } template NoncePayload m_noncePL (UInt8 p_nextPayload, template IkePayload m_noncePL (UInt8 p_nextPayload, NonceData p_data) := { nonce := { nextPayload := p_nextPayload, criticalFlag := 0, reserved := c_uInt7Zero, payloadLength := lengthof(p_data), data := p_data } } }//end group ikeNoncePayloadTemplates group vendorIdTemplates { group vendorIdPayloadTemplates { template VendorIdPayload m_vendorIdPL ( template IkePayload m_vendorIdPL ( UInt8 p_nextPayload, octetstring p_vendorId ) := { vendorId := { nextPayload := p_nextPayload, criticalFlag := 0, reserved := c_uInt7Zero, payloadLength := lengthof(p_vendorId), vendorId := p_vendorId } } template VendorIdPayload mw_vendorIdPL := { template IkePayload mw_vendorIdPL := { vendorId := { nextPayload := ?, criticalFlag := 0, reserved := c_uInt7Zero, payloadLength := ?, vendorId := ? } } }//end vendorIdTemplates }//end vendorIdPayloadTemplates } // end module LibIpv6_Rfc4306Ikev2_Templates
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_TypesAndValues.ttcn +32 −21 Original line number Diff line number Diff line Loading @@ -37,6 +37,15 @@ const UInt8 c_certEncodingHashAndUrlOfX509Bundle := 13; } // end group IkeRfc4306CertEncodings const octetstring c_vendorId_HS02 := 'FFFF'O; const UInt8 c_lastProposal := 0; const UInt8 c_moreProposal := 2; const UInt8 c_lastTransform := 0; const UInt8 c_moreTransform := 3; const UInt8 c_ipSec_ike := 1; const UInt8 c_ipSec_ah := 2; const UInt8 c_ipSec_esp := 3; } // end group IkeRfc4306CommonConstants group ikeRfc4306Packets { Loading Loading @@ -110,22 +119,22 @@ group IkeRfc4306PayloadIds { const UInt8 c_noNextPL := 0; const UInt8 c_sa := 33; const UInt8 c_keyExchange := 34; const UInt8 c_idInitiator := 35; const UInt8 c_idResponder := 36; const UInt8 c_certificate := 37; const UInt8 c_certificateRequest := 38; const UInt8 c_authentication := 39; const UInt8 c_nonce := 40; const UInt8 c_notify := 41; const UInt8 c_delete := 42; const UInt8 c_vendorId := 43; const UInt8 c_tsInitiator := 44; const UInt8 c_tsResponder := 45; const UInt8 c_encrypted := 46; const UInt8 c_configuration := 47; const UInt8 c_extensibleAuth := 48; const UInt8 c_saPL := 33; const UInt8 c_keyExchangePL := 34; const UInt8 c_idInitiatorPL := 35; const UInt8 c_idResponderPL := 36; const UInt8 c_certificatePL := 37; const UInt8 c_certificateRequestPL := 38; const UInt8 c_authenticationPL := 39; const UInt8 c_noncePL := 40; const UInt8 c_notifyPL := 41; const UInt8 c_deletePL := 42; const UInt8 c_vendorIdPL := 43; const UInt8 c_tsInitiatorPL := 44; const UInt8 c_tsResponderPL := 45; const UInt8 c_encryptedPL := 46; const UInt8 c_configurationPL := 47; const UInt8 c_extensibleAuthPL := 48; } // end group IkeRfc4306PayloadIDs /* Loading Loading @@ -217,6 +226,7 @@ } const UInt8 c_maxIkeSaProposals := 10; //FIXME const UInt8 c_4Transforms := 4; /* * @desc TODO Loading @@ -226,11 +236,11 @@ group IkeRfc4306SaTransform { group IkeRfc4306SaTransformTypes { const UInt8 c_transformEncr := 1; const UInt8 c_transformPrf := 2; const UInt8 c_transformInteg := 3; const UInt8 c_transformDh := 4; const UInt8 c_transformEsn := 5; const UInt8 c_transformTypeEncr := 1; const UInt8 c_transformTypePrf := 2; const UInt8 c_transformTypeInteg := 3; const UInt8 c_transformTypeDh := 4; const UInt8 c_transformTypeEsn := 5; } // end group IkeRfc4306SaTransformTypes /* Loading Loading @@ -309,6 +319,7 @@ } // end group IkeRfc4306SaProposal group IkeRfc4306SaTransformIDs { type union TransformId { IkeEncryptionAlgo ikeEncryptionAlgo, Loading
ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_ModuleParameters.ttcn +1 −1 File changed.Contains only whitespace changes. Show changes
