Loading ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_CommonRfcs_Functions.ttcn +199 −3 Original line number Diff line number Diff line Loading @@ -467,6 +467,172 @@ group ipSecFns { return 0; } //in units of octets function f_getIv(EncryptionAlgo p_encryptionAlgo, out octetstring p_iv) runs on LibIpv6Node return FncRetCode { var UInt8 v_keyLen := 0; if (p_encryptionAlgo == e_encr_desIv64){ v_keyLen := 8; } else if(p_encryptionAlgo == e_encr_des/*e_des_cbc*/) { v_keyLen := 8; } else if(p_encryptionAlgo == e_encr_3Des/*e_tripleDes_cbc*/) { v_keyLen := 8; } else if(p_encryptionAlgo == e_encr_rc5){ v_keyLen := 0; } else if(p_encryptionAlgo == e_encr_idea){ v_keyLen := 0; } else if(p_encryptionAlgo == e_encr_cast){ v_keyLen := 0; } else if(p_encryptionAlgo == e_encr_blowfish){ v_keyLen := 0; } else if(p_encryptionAlgo == e_encr_3Idea){ v_keyLen := 0; } else if(p_encryptionAlgo == e_encr_desIv32){ v_keyLen := 4; } else if (p_encryptionAlgo == e_encr_aesCbc/*e_aes_cbc*/){ v_keyLen := 16; } else if(p_encryptionAlgo == e_encr_aesCtr/*e_aes_ctr*/) { v_keyLen := 8; } else if(p_encryptionAlgo == e_encr_null) { v_keyLen := 0; } else { log("**** f_getIvLen: Error: Unknown encryption algorithm ****"); v_keyLen := 255; p_iv := int2oct(float2int(int2float(20000-5000)*rnd())+5000, v_keyLen); return e_error; } p_iv := int2oct(float2int(int2float(20000-5000)*rnd())+5000, v_keyLen); return e_success; } //in units of octets function f_getEncrBlockSize(EncryptionAlgo p_encryptionAlgo, out UInt8 p_blockSize) runs on LibIpv6Node return FncRetCode { if (p_encryptionAlgo == e_encr_desIv64){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_des/*e_des_cbc*/) { p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_3Des/*e_tripleDes_cbc*/) { p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_rc5){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_idea){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_cast){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_blowfish){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_3Idea){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_desIv32){ p_blockSize := 8; return e_success; } else if (p_encryptionAlgo == e_encr_aesCbc/*e_aes_cbc*/){ p_blockSize := 16; return e_success; } else if(p_encryptionAlgo == e_encr_aesCtr/*e_aes_ctr*/) { p_blockSize := 16; return e_success; } else if(p_encryptionAlgo == e_encr_null) { p_blockSize := 1; return e_success; } else { log("**** f_getIvLen: Error: Unknown encryption algorithm ****"); p_blockSize := 255; return e_error; } return e_success; } //in units of octets function f_getIntegrBlockSize(IntegrityAlgo p_integrityAlgo, out UInt8 p_blockSize) runs on LibIpv6Node return FncRetCode { if(p_integrityAlgo == e_auth_hmacMd5_96){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_hmacSha1_96){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_desMac){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_kpdkMd5){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_aesXcbc_96){ p_blockSize := 16; return e_success; } else if(p_integrityAlgo == e_auth_sha1){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_sha1_96){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_hmacSha1_64){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_null){ p_blockSize := 1; return e_success; } else { log("**** f_getIntegrBlockSize: Error: Unknown integrity algorithm ****"); p_blockSize := 255; return e_error; } return e_success; } //in units of octets function f_checkEncryptionKeyLen( EncryptionAlgo p_encryptionAlgo, UInt8 p_keyLen) runs on LibIpv6Node Loading Loading @@ -574,6 +740,9 @@ group ipSecFns { return FncRetCode { var FncRetCode v_ret := e_success; var octetstring v_espIv := '00'O; var UInt8 v_espEncrBlockSize := 0; var UInt8 v_espIntegrBlockSize := 0; if (PX_IPSEC_CONTROL == e_manualSecParamsSetup ) { Loading @@ -597,11 +766,14 @@ group ipSecFns { ikeEncryptionAlgo := PX_IKE_ENCALGO, //ikeEncryptionKey := PX_IKE_ENC_KEY, ikeEncrKeyLen := omit, ikeIv := omit, ikeEncrBlockSize := 0, ikePseudoRandomFunction := PX_IKE_PSEUDORANDOM_FCT, prfKeyLen := omit, ikeIntegrityAlgo := PX_IKE_INTALGO, //ikeIntegrityKey := PX_IKE_INT_KEY, ikeIntegrKeyLen := omit, ikeIntegrBlockSize := 0, diffieHellmanGroup := PX_IKE_DIFFIEHELLMAN_GROUP, diffieHellmanPrivKey := PX_IKE_DIFFIEHELLMAN_PRIVKEY, diffieHellmanSharedSecret := '00'O, Loading @@ -618,6 +790,15 @@ group ipSecFns { } } v_ret := f_getIv(vc_sad[c_saOut].espEncryptionAlgo, v_espIv); if (v_ret != e_success) { return v_ret;} v_ret := f_getEncrBlockSize(vc_sad[c_saOut].espEncryptionAlgo, v_espEncrBlockSize); if (v_ret != e_success) { return v_ret;} v_ret := f_getIntegrBlockSize(vc_sad[c_saOut].espIntegrityAlgo, v_espIntegrBlockSize); if (v_ret != e_success) { return v_ret;} //TODO v_ahIntegrBlockSize // SAD-OUT vc_sad[c_saOut] := { spi := PX_SPI/*f_createSpi()*/, Loading @@ -632,10 +813,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading @@ -644,9 +828,6 @@ group ipSecFns { extentedSequenceNumbers := e_extentedSequenceNumbersNo } // espIntegrityAlgo := PX_INTEGRITY_ALGO, // espIntegrityKey := PX_INTEGRITY_KEY // SAD-IN vc_sad[c_saIn] := { spi := PX_SPI/*f_createSpi()*/, Loading @@ -661,10 +842,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading @@ -687,10 +871,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading @@ -713,10 +900,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading @@ -739,10 +929,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading @@ -765,10 +958,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_Functions.ttcn +7 −2 Original line number Diff line number Diff line Loading @@ -230,8 +230,13 @@ group rfc2460Root_Functions { v_activeIpv6Packet.ipv6Payload.ikeMsg.payloadList[0].encrypted.iv := omit; } else { v_activeIpv6Packet.ipv6Payload.ikeMsg.payloadList[0].encrypted.iv := int2oct(128, f_getEncryptionIvLen(vc_ikeSad[0].ikeEncryptionAlgo)); if (ispresent(vc_ikeSad[0].ikeIv)) { v_activeIpv6Packet.ipv6Payload.ikeMsg.payloadList[0].encrypted.iv := vc_ikeSad[0].ikeIv; } else { log("**** Errro: no IV provided.****"); v_ret := e_error; } } //Payload length if(v_activeIpv6Packet.ipv6Payload.ikeMsg.payloadList[0].encrypted.payloadLength == 0) { Loading ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Functions.ttcn +19 −5 Original line number Diff line number Diff line Loading @@ -399,7 +399,8 @@ module LibIpv6_Rfc4306Ikev2_Functions { v_auxiliary := p_IkeSa.nR & fx_pseudoRandom(p_IkeSa.ikePseudoRandomFunction, p_IkeSa.sevenSecrets.sK_pi, '05000000'O & // Header of Identification PL must be added int2oct(c_identificationIpv6Addr,1) & c_3ZeroBytes & p_IkeSa.iDi); } else // IUT acts as responder Loading Loading @@ -1264,16 +1265,21 @@ group establishSAFns_active { if (v_ret != e_success) { return v_ret;} //fill keyLen vc_ikeSad[0].ikeEncrKeyLen := 0; v_ret := f_getEncrKeyLen(vc_ikeSad[0].ikeEncryptionAlgo, vc_ikeSad[0].ikeEncrKeyLen); if (v_ret != e_success) { return v_ret;} vc_ikeSad[0].ikeIntegrKeyLen := 0; v_ret := f_getIntegrKeyLen(vc_ikeSad[0].ikeIntegrityAlgo, vc_ikeSad[0].ikeIntegrKeyLen); if (v_ret != e_success) { return v_ret;} vc_ikeSad[0].prfKeyLen :=0; v_ret := f_getPrfKeyLen(vc_ikeSad[0].ikePseudoRandomFunction, vc_ikeSad[0].prfKeyLen); if (v_ret != e_success) { return v_ret;} //fill iv and block sizes v_ret := f_getIv(vc_ikeSad[0].ikeEncryptionAlgo, vc_ikeSad[0].ikeIv); if (v_ret != e_success) { return v_ret;} v_ret := f_getEncrBlockSize(vc_ikeSad[0].ikeEncryptionAlgo, vc_ikeSad[0].ikeEncrBlockSize); if (v_ret != e_success) { return v_ret;} v_ret := f_getIntegrBlockSize(vc_ikeSad[0].ikeIntegrityAlgo, vc_ikeSad[0].ikeIntegrBlockSize); if (v_ret != e_success) { return v_ret;} // calculate and store the seven secrets vc_ikeSad[0].sevenSecrets := f_calculateSevenSecrets(vc_ikeSad[0]); Loading Loading @@ -1403,6 +1409,14 @@ group establishSAFns_active { v_ret := f_getIntegrKeyLen(vc_sad[c_saOut].espIntegrityAlgo, vc_sad[c_saOut].espIntegrKeyLen); if (v_ret != e_success) { return v_ret;} //fill iv and block sizes v_ret := f_getIv(vc_sad[c_saOut].espEncryptionAlgo, vc_sad[c_saOut].espIv); if (v_ret != e_success) { return v_ret;} v_ret := f_getEncrBlockSize(vc_sad[c_saOut].espEncryptionAlgo, vc_sad[c_saOut].espEncrBlockSize); if (v_ret != e_success) { return v_ret;} v_ret := f_getIntegrBlockSize(vc_sad[c_saOut].espIntegrityAlgo, vc_sad[c_saOut].espIntegrBlockSize); if (v_ret != e_success) { return v_ret;} v_ret := fx_setSecurityParameters(vc_sad); return v_ret; Loading ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_TypesAndValues.ttcn +6 −0 Original line number Diff line number Diff line Loading @@ -1042,9 +1042,12 @@ EncryptionAlgo espEncryptionAlgo, octetstring espEncryptionKey, UInt16 espEncrKeyLen optional, octetstring espIv optional, UInt8 espEncrBlockSize, IntegrityAlgo espIntegrityAlgo optional, octetstring espIntegrityKey, UInt16 espIntegrKeyLen optional, UInt8 espIntegrBlockSize, //CombinedModeAlgo espCombinedModeAlgo, //octetstring espCombinedModeKey, IpSecProtocolMode ipSecProtocolMode, Loading Loading @@ -1098,11 +1101,14 @@ EncryptionAlgo ikeEncryptionAlgo, //octetstring ikeEncryptionKey, UInt16 ikeEncrKeyLen optional, octetstring ikeIv optional, UInt8 ikeEncrBlockSize, PseudoRandomFunction ikePseudoRandomFunction, UInt16 prfKeyLen optional, IntegrityAlgo ikeIntegrityAlgo, //octetstring ikeIntegrityKey, UInt16 ikeIntegrKeyLen optional, UInt8 ikeIntegrBlockSize, DiffieHellmanGroup diffieHellmanGroup, octetstring diffieHellmanPrivKey, octetstring diffieHellmanSharedSecret, Loading Loading
ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_CommonRfcs_Functions.ttcn +199 −3 Original line number Diff line number Diff line Loading @@ -467,6 +467,172 @@ group ipSecFns { return 0; } //in units of octets function f_getIv(EncryptionAlgo p_encryptionAlgo, out octetstring p_iv) runs on LibIpv6Node return FncRetCode { var UInt8 v_keyLen := 0; if (p_encryptionAlgo == e_encr_desIv64){ v_keyLen := 8; } else if(p_encryptionAlgo == e_encr_des/*e_des_cbc*/) { v_keyLen := 8; } else if(p_encryptionAlgo == e_encr_3Des/*e_tripleDes_cbc*/) { v_keyLen := 8; } else if(p_encryptionAlgo == e_encr_rc5){ v_keyLen := 0; } else if(p_encryptionAlgo == e_encr_idea){ v_keyLen := 0; } else if(p_encryptionAlgo == e_encr_cast){ v_keyLen := 0; } else if(p_encryptionAlgo == e_encr_blowfish){ v_keyLen := 0; } else if(p_encryptionAlgo == e_encr_3Idea){ v_keyLen := 0; } else if(p_encryptionAlgo == e_encr_desIv32){ v_keyLen := 4; } else if (p_encryptionAlgo == e_encr_aesCbc/*e_aes_cbc*/){ v_keyLen := 16; } else if(p_encryptionAlgo == e_encr_aesCtr/*e_aes_ctr*/) { v_keyLen := 8; } else if(p_encryptionAlgo == e_encr_null) { v_keyLen := 0; } else { log("**** f_getIvLen: Error: Unknown encryption algorithm ****"); v_keyLen := 255; p_iv := int2oct(float2int(int2float(20000-5000)*rnd())+5000, v_keyLen); return e_error; } p_iv := int2oct(float2int(int2float(20000-5000)*rnd())+5000, v_keyLen); return e_success; } //in units of octets function f_getEncrBlockSize(EncryptionAlgo p_encryptionAlgo, out UInt8 p_blockSize) runs on LibIpv6Node return FncRetCode { if (p_encryptionAlgo == e_encr_desIv64){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_des/*e_des_cbc*/) { p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_3Des/*e_tripleDes_cbc*/) { p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_rc5){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_idea){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_cast){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_blowfish){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_3Idea){ p_blockSize := 8; return e_success; } else if(p_encryptionAlgo == e_encr_desIv32){ p_blockSize := 8; return e_success; } else if (p_encryptionAlgo == e_encr_aesCbc/*e_aes_cbc*/){ p_blockSize := 16; return e_success; } else if(p_encryptionAlgo == e_encr_aesCtr/*e_aes_ctr*/) { p_blockSize := 16; return e_success; } else if(p_encryptionAlgo == e_encr_null) { p_blockSize := 1; return e_success; } else { log("**** f_getIvLen: Error: Unknown encryption algorithm ****"); p_blockSize := 255; return e_error; } return e_success; } //in units of octets function f_getIntegrBlockSize(IntegrityAlgo p_integrityAlgo, out UInt8 p_blockSize) runs on LibIpv6Node return FncRetCode { if(p_integrityAlgo == e_auth_hmacMd5_96){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_hmacSha1_96){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_desMac){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_kpdkMd5){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_aesXcbc_96){ p_blockSize := 16; return e_success; } else if(p_integrityAlgo == e_auth_sha1){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_sha1_96){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_hmacSha1_64){ p_blockSize := 64; return e_success; } else if(p_integrityAlgo == e_auth_null){ p_blockSize := 1; return e_success; } else { log("**** f_getIntegrBlockSize: Error: Unknown integrity algorithm ****"); p_blockSize := 255; return e_error; } return e_success; } //in units of octets function f_checkEncryptionKeyLen( EncryptionAlgo p_encryptionAlgo, UInt8 p_keyLen) runs on LibIpv6Node Loading Loading @@ -574,6 +740,9 @@ group ipSecFns { return FncRetCode { var FncRetCode v_ret := e_success; var octetstring v_espIv := '00'O; var UInt8 v_espEncrBlockSize := 0; var UInt8 v_espIntegrBlockSize := 0; if (PX_IPSEC_CONTROL == e_manualSecParamsSetup ) { Loading @@ -597,11 +766,14 @@ group ipSecFns { ikeEncryptionAlgo := PX_IKE_ENCALGO, //ikeEncryptionKey := PX_IKE_ENC_KEY, ikeEncrKeyLen := omit, ikeIv := omit, ikeEncrBlockSize := 0, ikePseudoRandomFunction := PX_IKE_PSEUDORANDOM_FCT, prfKeyLen := omit, ikeIntegrityAlgo := PX_IKE_INTALGO, //ikeIntegrityKey := PX_IKE_INT_KEY, ikeIntegrKeyLen := omit, ikeIntegrBlockSize := 0, diffieHellmanGroup := PX_IKE_DIFFIEHELLMAN_GROUP, diffieHellmanPrivKey := PX_IKE_DIFFIEHELLMAN_PRIVKEY, diffieHellmanSharedSecret := '00'O, Loading @@ -618,6 +790,15 @@ group ipSecFns { } } v_ret := f_getIv(vc_sad[c_saOut].espEncryptionAlgo, v_espIv); if (v_ret != e_success) { return v_ret;} v_ret := f_getEncrBlockSize(vc_sad[c_saOut].espEncryptionAlgo, v_espEncrBlockSize); if (v_ret != e_success) { return v_ret;} v_ret := f_getIntegrBlockSize(vc_sad[c_saOut].espIntegrityAlgo, v_espIntegrBlockSize); if (v_ret != e_success) { return v_ret;} //TODO v_ahIntegrBlockSize // SAD-OUT vc_sad[c_saOut] := { spi := PX_SPI/*f_createSpi()*/, Loading @@ -632,10 +813,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading @@ -644,9 +828,6 @@ group ipSecFns { extentedSequenceNumbers := e_extentedSequenceNumbersNo } // espIntegrityAlgo := PX_INTEGRITY_ALGO, // espIntegrityKey := PX_INTEGRITY_KEY // SAD-IN vc_sad[c_saIn] := { spi := PX_SPI/*f_createSpi()*/, Loading @@ -661,10 +842,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading @@ -687,10 +871,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading @@ -713,10 +900,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading @@ -739,10 +929,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading @@ -765,10 +958,13 @@ group ipSecFns { espEncryptionAlgo := PX_ENCRYPTION_ALGO, espEncryptionKey := PX_ESP_ENCR_KEY/*f_createSecretKey()*/, espEncrKeyLen := omit, espIv := v_espIv, espEncrBlockSize := v_espEncrBlockSize, // ESP integrity espIntegrityAlgo := PX_INTEGRITY_ALGO, espIntegrityKey := PX_INTEGRITY_KEY/*f_createSecretKey()*/, espIntegrKeyLen := omit, espIntegrBlockSize := v_espIntegrBlockSize, // Combined mode //espCombinedModeAlgo := PX_COMBINED_MODE_ALGO, //espCombinedModeKey := PX_COMBINED_MODE_KEY/*f_createSecretKey()*/, Loading
ttcn3/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_Functions.ttcn +7 −2 Original line number Diff line number Diff line Loading @@ -230,8 +230,13 @@ group rfc2460Root_Functions { v_activeIpv6Packet.ipv6Payload.ikeMsg.payloadList[0].encrypted.iv := omit; } else { v_activeIpv6Packet.ipv6Payload.ikeMsg.payloadList[0].encrypted.iv := int2oct(128, f_getEncryptionIvLen(vc_ikeSad[0].ikeEncryptionAlgo)); if (ispresent(vc_ikeSad[0].ikeIv)) { v_activeIpv6Packet.ipv6Payload.ikeMsg.payloadList[0].encrypted.iv := vc_ikeSad[0].ikeIv; } else { log("**** Errro: no IV provided.****"); v_ret := e_error; } } //Payload length if(v_activeIpv6Packet.ipv6Payload.ikeMsg.payloadList[0].encrypted.payloadLength == 0) { Loading
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_Functions.ttcn +19 −5 Original line number Diff line number Diff line Loading @@ -399,7 +399,8 @@ module LibIpv6_Rfc4306Ikev2_Functions { v_auxiliary := p_IkeSa.nR & fx_pseudoRandom(p_IkeSa.ikePseudoRandomFunction, p_IkeSa.sevenSecrets.sK_pi, '05000000'O & // Header of Identification PL must be added int2oct(c_identificationIpv6Addr,1) & c_3ZeroBytes & p_IkeSa.iDi); } else // IUT acts as responder Loading Loading @@ -1264,16 +1265,21 @@ group establishSAFns_active { if (v_ret != e_success) { return v_ret;} //fill keyLen vc_ikeSad[0].ikeEncrKeyLen := 0; v_ret := f_getEncrKeyLen(vc_ikeSad[0].ikeEncryptionAlgo, vc_ikeSad[0].ikeEncrKeyLen); if (v_ret != e_success) { return v_ret;} vc_ikeSad[0].ikeIntegrKeyLen := 0; v_ret := f_getIntegrKeyLen(vc_ikeSad[0].ikeIntegrityAlgo, vc_ikeSad[0].ikeIntegrKeyLen); if (v_ret != e_success) { return v_ret;} vc_ikeSad[0].prfKeyLen :=0; v_ret := f_getPrfKeyLen(vc_ikeSad[0].ikePseudoRandomFunction, vc_ikeSad[0].prfKeyLen); if (v_ret != e_success) { return v_ret;} //fill iv and block sizes v_ret := f_getIv(vc_ikeSad[0].ikeEncryptionAlgo, vc_ikeSad[0].ikeIv); if (v_ret != e_success) { return v_ret;} v_ret := f_getEncrBlockSize(vc_ikeSad[0].ikeEncryptionAlgo, vc_ikeSad[0].ikeEncrBlockSize); if (v_ret != e_success) { return v_ret;} v_ret := f_getIntegrBlockSize(vc_ikeSad[0].ikeIntegrityAlgo, vc_ikeSad[0].ikeIntegrBlockSize); if (v_ret != e_success) { return v_ret;} // calculate and store the seven secrets vc_ikeSad[0].sevenSecrets := f_calculateSevenSecrets(vc_ikeSad[0]); Loading Loading @@ -1403,6 +1409,14 @@ group establishSAFns_active { v_ret := f_getIntegrKeyLen(vc_sad[c_saOut].espIntegrityAlgo, vc_sad[c_saOut].espIntegrKeyLen); if (v_ret != e_success) { return v_ret;} //fill iv and block sizes v_ret := f_getIv(vc_sad[c_saOut].espEncryptionAlgo, vc_sad[c_saOut].espIv); if (v_ret != e_success) { return v_ret;} v_ret := f_getEncrBlockSize(vc_sad[c_saOut].espEncryptionAlgo, vc_sad[c_saOut].espEncrBlockSize); if (v_ret != e_success) { return v_ret;} v_ret := f_getIntegrBlockSize(vc_sad[c_saOut].espIntegrityAlgo, vc_sad[c_saOut].espIntegrBlockSize); if (v_ret != e_success) { return v_ret;} v_ret := fx_setSecurityParameters(vc_sad); return v_ret; Loading
ttcn3/EtsiLibrary/LibIpv6/LibSec/LibIpv6_Rfc4306Ikev2_TypesAndValues.ttcn +6 −0 Original line number Diff line number Diff line Loading @@ -1042,9 +1042,12 @@ EncryptionAlgo espEncryptionAlgo, octetstring espEncryptionKey, UInt16 espEncrKeyLen optional, octetstring espIv optional, UInt8 espEncrBlockSize, IntegrityAlgo espIntegrityAlgo optional, octetstring espIntegrityKey, UInt16 espIntegrKeyLen optional, UInt8 espIntegrBlockSize, //CombinedModeAlgo espCombinedModeAlgo, //octetstring espCombinedModeKey, IpSecProtocolMode ipSecProtocolMode, Loading Loading @@ -1098,11 +1101,14 @@ EncryptionAlgo ikeEncryptionAlgo, //octetstring ikeEncryptionKey, UInt16 ikeEncrKeyLen optional, octetstring ikeIv optional, UInt8 ikeEncrBlockSize, PseudoRandomFunction ikePseudoRandomFunction, UInt16 prfKeyLen optional, IntegrityAlgo ikeIntegrityAlgo, //octetstring ikeIntegrityKey, UInt16 ikeIntegrKeyLen optional, UInt8 ikeIntegrBlockSize, DiffieHellmanGroup diffieHellmanGroup, octetstring diffieHellmanPrivKey, octetstring diffieHellmanSharedSecret, Loading
