GW ESP TC re-converted to IpSecHost TCs (7766005e) · Commits · TTCN-3 Libraries / LibIPv6

ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_Functions.ttcn

+33 −10

Original line number	Diff line number	Diff line
		@@ -155,7 +155,7 @@ group rfc2460Root_Functions {
		else if (ischosen(v_activeIpv6Packet.extHdrList[i].espHeader)) {

		//set IV
		if (vc_sad[0].espEncryptionAlgo == e_null) {
		if (vc_sad[c_saOut].espEncryptionAlgo == e_null) {
		v_activeIpv6Packet.extHdrList[i].espHeader.espPayload.iv := omit;
		}
		else {
		@@ -257,23 +257,23 @@ group rfc2460Root_Functions {
		else if (ischosen(v_activeIpv6Packet.extHdrList[i].authHeader)) {

		//Set Dummy ICV of correct length
		if (vc_sad[0].icvLen == 0) {
		if (vc_sad[c_saOut].icvLen == 0) {
		p_ipv6Packet.extHdrList[i].authHeader.icv := omit;
		}
		else {
		p_ipv6Packet.extHdrList[i].authHeader.icv := int2oct(0, vc_sad[0].icvLen);
		p_ipv6Packet.extHdrList[i].authHeader.icv := int2oct(0, vc_sad[c_saOut].icvLen);
		}

		// Check ICV padding
		if (vc_sad[0].icvPadLen == 0) {
		if (vc_sad[c_saOut].icvPadLen == 0) {
		p_ipv6Packet.extHdrList[i].authHeader.icvPadding := omit;
		}
		else {
		p_ipv6Packet.extHdrList[i].authHeader.icvPadding := int2oct(0, vc_sad[0].icvPadLen);
		p_ipv6Packet.extHdrList[i].authHeader.icvPadding := int2oct(0, vc_sad[c_saOut].icvPadLen);
		}

		// Update AuthHeader payloadLen
		p_ipv6Packet.extHdrList[i].authHeader.payloadLen := (12 + vc_sad[0].icvLen + vc_sad[0].icvPadLen) / 4 - 2;
		p_ipv6Packet.extHdrList[i].authHeader.payloadLen := (12 + vc_sad[c_saOut].icvLen + vc_sad[c_saOut].icvPadLen) / 4 - 2;
		//Update IPv6 payload based on the calculated ICV + padding
		p_ipv6Packet.ipv6Hdr.payloadLength := fx_payloadLength (p_ipv6Packet);

		@@ -284,8 +284,8 @@ group rfc2460Root_Functions {
		v_activeIpv6Packet.ipv6Hdr.hopLimit := 0;

		//compute icv
		if (vc_sad[0].icvLen != 0) {
		p_ipv6Packet.extHdrList[i].authHeader.icv := fx_mac( vc_sad[0].ahIntegrityAlgo , vc_sad[0].ahIntegrityKey, fx_encodeMessage(v_activeIpv6Packet));
		if (vc_sad[c_saOut].icvLen != 0) {
		p_ipv6Packet.extHdrList[i].authHeader.icv := fx_mac( vc_sad[c_saOut].ahIntegrityAlgo , vc_sad[c_saOut].ahIntegrityKey, fx_encodeMessage(v_activeIpv6Packet));
		}

		v_loop := false;
		@@ -1086,7 +1086,30 @@ group rfc4303Esp_ExtHdrFunctions {
		log("** fx_setSecurityParameters: ERROR: Incorrect key length for the selected integrity algorithm **");
		}

		vc_sad[0] := {
		// SAD-OUT
		vc_sad[c_saOut] := {
		spi := PX_SPI/f_createSpi()/,
		seqNr := c_uInt32Zero,
		// AH Integrity
		ahIntegrityAlgo := PX_INTEGRITY_ALGO,
		ahIntegrityKey := PX_INTEGRITY_KEY/f_createSecretKey()/,
		icvLen := f_getIcvLen(PX_INTEGRITY_ALGO),
		icvPadLen := f_getIcvPadLen(PX_INTEGRITY_ALGO),
		// ESP encryption
		espEncryptionAlgo := PX_ENCRYPTION_ALGO,
		espEncryptionKey := PX_ESP_ENCR_KEY/f_createSecretKey()/,
		// ESP integrity
		espIntegrityAlgo := PX_INTEGRITY_ALGO,
		espIntegrityKey := PX_INTEGRITY_KEY/f_createSecretKey()/,
		// Combined mode
		espCombinedModeAlgo := PX_COMBINED_MODE_ALGO,
		espCombinedModeKey := PX_COMBINED_MODE_KEY/f_createSecretKey()/,
		// Protocol mode
		ipSecProtocolMode := PX_IP_SEC_PROTOCOL_MODE
		}

		// SAD-IN
		vc_sad[c_saIn] := {
		spi := PX_SPI/f_createSpi()/,
		seqNr := c_uInt32Zero,
		// AH Integrity
		@@ -1108,7 +1131,7 @@ group rfc4303Esp_ExtHdrFunctions {
		}

		//TODO chose in function of PX_SPI the SAD to be used for testing
		v_ret := fx_setSecurityParameters(vc_sad[0]);
		v_ret := fx_setSecurityParameters(vc_sad[c_saOut]);
		if (v_ret != e_success) {log("fx_setSecurityParameters: Error when settign security parameters");}

		}//end f_init_ipSecParams

ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_Templates.ttcn

+1 −1

Original line number	Diff line number	Diff line
		@@ -1363,7 +1363,7 @@ module LibIpv6_Interface_Templates {

		template ExtensionHeader mw_extHdr_espHeader(
		in UInt32 p_spi,
		in UInt32 p_seqNr,
		in template UInt32 p_seqNr,
		in template EspIpDatagram p_espIpDatagram,
		in UInt8 p_nextHdr) := {
		espHeader := {

ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_TypesAndValues.ttcn

+3 −4

Original line number	Diff line number	Diff line
		@@ -1147,6 +1147,9 @@ module LibIpv6_Interface_TypesAndValues {
		//Security Association Database
		type record length (1 .. c_maxNrDa) of Sa Sad;
		const UInt8 c_maxNrDa := 8;
		const UInt8 c_saOut := 0;
		const UInt8 c_saIn := 1;


		//Security Association
		type record Sa {
		@@ -1182,13 +1185,9 @@ module LibIpv6_Interface_TypesAndValues {

		type record MipSec {
		MnSimuParams mnSimuParams,
		HaSimuParams haSimuParams,
		CnSimuParams cnSimuParams
		}

		//keep it until its clear if neeed
		type CnSimuParams HaSimuParams;

		type record CnSimuParams {
		UInt16 nonceIndex,
		NonceList nonceList,

ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_ModuleParameters.ttcn

+7 −7

Original line number	Diff line number	Diff line
		@@ -37,22 +37,22 @@ module LibIpv6_ModuleParameters {
		modulepar { IpSecProtocol PX_IP_SEC_PROTOCOL := e_esp }

		/*
		* @desc Which protocol mode shall be used in vc_sad[0]?
		* @desc Which protocol mode shall be used in vc_sad[c_saOut]?
		*/
		modulepar { IpSecProtocolMode PX_IP_SEC_PROTOCOL_MODE := e_transportMode }

		/*
		* @desc Which Algo mode shall be used for Encryption in vc_sad[0]?
		* @desc Which Algo mode shall be used for Encryption in vc_sad[c_saOut]?
		*/
		modulepar { EncryptionAlgo PX_ENCRYPTION_ALGO := e_tripleDes_cbc }

		/*
		* @desc Which Algo mode shall be used for Integrity in vc_sad[0]?
		* @desc Which Algo mode shall be used for Integrity in vc_sad[c_saOut]?
		*/
		modulepar { IntegrityAlgo PX_INTEGRITY_ALGO := e_hmac_sha1_96 }

		/*
		* @desc Which Algo mode shall be used for Integrity in vc_sad[0]?
		* @desc Which Algo mode shall be used for Integrity in vc_sad[c_saOut]?
		*/
		modulepar { CombinedModeAlgo PX_COMBINED_MODE_ALGO := e_null }

		@@ -67,17 +67,17 @@ module LibIpv6_ModuleParameters {
		modulepar {octetstring PX_IV := '000102030405'O }

		/*
		* @desc Key for integrity vc_sad[0]
		* @desc Key for integrity vc_sad[c_saOut]
		*/
		modulepar {octetstring PX_INTEGRITY_KEY := '000102030405'O }

		/*
		* @desc Key for encryption in vc_sad[0]
		* @desc Key for encryption in vc_sad[c_saOut]
		*/
		modulepar {octetstring PX_ESP_ENCR_KEY := 'A1A2A3A4'O}

		/*
		* @desc Key for combined mode in vc_sad[0]
		* @desc Key for combined mode in vc_sad[c_saOut]
		*/
		modulepar {octetstring PX_COMBINED_MODE_KEY := 'B1B2B3B4'O}

ttcn3/EtsiLibrary/LibIpv6/LibMobility/LibIpv6_Rfc3775Mipv6_Functions.ttcn

+16 −18

Original line number	Diff line number	Diff line
		@@ -272,7 +272,7 @@ module LibIpv6_Rfc3775Mipv6_Functions {
		m_mobileOpt_altCoa(m_altCoA(p_mnCoaTn)))))),
		omit) );

		// v_ret := f_buildEspExtHdr( vc_sad[0],
		// v_ret := f_buildEspExtHdr( vc_sad[c_saOut],
		// v_plaintextData,
		// v_extHdr_espHeader);
		// if ( v_ret != e_success ) {return v_ret;}
		@@ -288,8 +288,8 @@ module LibIpv6_Rfc3775Mipv6_Functions {
		m_dstOpt_padN(m_optPad4),
		m_dstOpt_homeAddr(p_mnHoaTn))),
		m_extHdr_espHeader(
		vc_sad[0].spi,
		vc_sad[0].seqNr,
		vc_sad[c_saOut].spi,
		vc_sad[c_saOut].seqNr,
		v_espIpDatagram,
		c_mobileHdr))));

		@@ -297,7 +297,7 @@ module LibIpv6_Rfc3775Mipv6_Functions {
		tc_ac.start;
		alt {
		//the test adapter process consists of decrypt and integrity check
		//TODO SMU replace vc_sad[0] with vc_sad[vc_sad.secParamsIndex]
		//TODO SMU replace vc_sad[c_saOut] with vc_sad[vc_sad.secParamsIndex]
		[] ipPort.receive(mw_bindingAck_noData(
		c_routeHdr,
		p_haGlaNut,
		@@ -310,8 +310,8 @@ module LibIpv6_Rfc3775Mipv6_Functions {
		c_routeHdrSegmentsLeft1,
		m_routingHeaderData_homeAddress(p_mnHoaTn)),
		mw_extHdr_espHeader(
		vc_sad[0].securityParametersIndex,
		vc_sad[0].sequenceNumber + 1,
		vc_sad[c_saOut].securityParametersIndex,
		vc_sad[c_saOut].sequenceNumber + 1,
		m_plaintextData(
		m_extHdrList_1Elem(
		mw_extHdr_mobileHeader(
		@@ -390,16 +390,16 @@ module LibIpv6_Rfc3775Mipv6_Functions {

		var EncryptResult v_encryptResult := fx_encryptModularIpPacket(
		e_transportMode,
		vc_sad[0].espEncryptionAlgo,
		vc_sad[0].espEncryptionKey,
		vc_sad[c_saOut].espEncryptionAlgo,
		vc_sad[c_saOut].espEncryptionKey,
		v_modularIpv6Packet);


		//Fill EspExtHdr
		var EspHeader_snd v_espHeader_snd := {
		// Header
		securityParametersIndex := vc_sad[0].securityParametersIndex,
		sequenceNumber := vc_sad[0].sequenceNumber,
		securityParametersIndex := vc_sad[c_saOut].securityParametersIndex,
		sequenceNumber := vc_sad[c_saOut].sequenceNumber,
		// Payload
		iv := v_encryptResult.iv,
		espPayloadData := v_encryptResult.espPayloadData,
		@@ -414,8 +414,8 @@ module LibIpv6_Rfc3775Mipv6_Functions {
		var ExtensionHeader v_extHdr_espHeader := {espHeader_snd := v_espHeader_snd};

		v_espHeader_snd.icv := fx_integrityExtHdr(
		vc_sad[0].espIntegrityAlgo,
		vc_sad[0].espIntegrityKey,
		vc_sad[c_saOut].espIntegrityAlgo,
		vc_sad[c_saOut].espIntegrityKey,
		v_extHdr_espHeader);


		@@ -450,8 +450,8 @@ module LibIpv6_Rfc3775Mipv6_Functions {
		1,
		2,
		e_transportMode,
		vc_sad[0].espEncryptionAlgo,
		vc_sad[0].espEncryptionKey,
		vc_sad[c_saOut].espEncryptionAlgo,
		vc_sad[c_saOut].espEncryptionKey,
		v_ipv6Packet.extHdrList[1].espHeader_rcv.espHeaderData );
		// fx_match( valueof(mw_extHdr_mobileHeader(
		// c_noNextHdr,
		@@ -1118,8 +1118,6 @@ group mobileSecurityFns {
		kbm := c_20ZeroBytes
		}

		//vc_mobileSec.haSimuParams := vc_mobileSec.cnSimuParams;

		}//end function f_initMipSecParams

		/*
		@@ -2413,8 +2411,8 @@ group mobileSecurityFns {
		p_paramsIut.mnHoa,
		p_paramsCn.gla ),
		mw_extHdr_espHeader(
		vc_sad[0].spi,
		vc_sad[0].seqNr + 1,
		vc_sad[c_saOut].spi,
		vc_sad[c_saOut].seqNr + 1,
		m_espIpDatagram (
		m_extHdrList_1Elem(
		mw_extHdr_mobileHeader (