3 from scapy.layers.ipsec import ESP
4 from scapy.layers.inet import IP, ICMP, UDP
5 from scapy.layers.inet6 import IPv6
6 from scapy.layers.l2 import Ether
7 from scapy.packet import Raw
9 from parameterized import parameterized
10 from framework import VppTestRunner
11 from template_ipsec import (
26 IpsecTun6HandoffTests,
27 IpsecTun4HandoffTests,
30 from vpp_ipsec import VppIpsecSpd, VppIpsecSpdEntry, VppIpsecSA, VppIpsecSpdItfBinding
31 from vpp_ip_route import VppIpRoute, VppRoutePath
32 from vpp_ip import DpoProto
33 from vpp_papi import VppEnum
36 engines_supporting_chain_bufs = ["openssl", "async"]
37 engines = ["ia32", "ipsecmb", "openssl"]
40 class ConfigIpsecESP(TemplateIpsec):
42 tra4_encrypt_node_name = "esp4-encrypt"
43 tra4_decrypt_node_name = ["esp4-decrypt", "esp4-decrypt-post"]
44 tra6_encrypt_node_name = "esp6-encrypt"
45 tra6_decrypt_node_name = ["esp6-decrypt", "esp6-decrypt-post"]
46 tun4_encrypt_node_name = "esp4-encrypt"
47 tun4_decrypt_node_name = ["esp4-decrypt", "esp4-decrypt-post"]
48 tun6_encrypt_node_name = "esp6-encrypt"
49 tun6_decrypt_node_name = ["esp6-decrypt", "esp6-decrypt-post"]
53 super(ConfigIpsecESP, cls).setUpClass()
56 def tearDownClass(cls):
57 super(ConfigIpsecESP, cls).tearDownClass()
60 super(ConfigIpsecESP, self).setUp()
63 super(ConfigIpsecESP, self).tearDown()
65 def config_anti_replay(self, params, anti_replay_window_size=64):
66 saf = VppEnum.vl_api_ipsec_sad_flags_t
68 p.flags |= saf.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY
69 p.anti_replay_window_size = anti_replay_window_size
71 def config_network(self, params):
73 self.tun_if = self.pg0
74 self.tra_if = self.pg2
75 self.logger.info(self.vapi.ppcli("show int addr"))
77 self.tra_spd = VppIpsecSpd(self, self.tra_spd_id)
78 self.tra_spd.add_vpp_config()
79 self.net_objs.append(self.tra_spd)
80 self.tun_spd = VppIpsecSpd(self, self.tun_spd_id)
81 self.tun_spd.add_vpp_config()
82 self.net_objs.append(self.tun_spd)
84 b = VppIpsecSpdItfBinding(self, self.tun_spd, self.tun_if)
86 self.net_objs.append(b)
88 b = VppIpsecSpdItfBinding(self, self.tra_spd, self.tra_if)
90 self.net_objs.append(b)
93 self.config_esp_tra(p)
94 config_tra_params(p, self.encryption_type)
96 self.config_esp_tun(p)
97 config_tun_params(p, self.encryption_type, self.tun_if)
100 d = DpoProto.DPO_PROTO_IP6 if p.is_ipv6 else DpoProto.DPO_PROTO_IP4
103 p.remote_tun_if_host,
107 self.tun_if.remote_addr[p.addr_type], 0xFFFFFFFF, proto=d
112 self.net_objs.append(r)
114 self.logger.info(self.vapi.ppcli("show ipsec all"))
116 def unconfig_network(self):
117 for o in reversed(self.net_objs):
118 o.remove_vpp_config()
121 def config_esp_tun(self, params):
122 addr_type = params.addr_type
123 scapy_tun_sa_id = params.scapy_tun_sa_id
124 scapy_tun_spi = params.scapy_tun_spi
125 vpp_tun_sa_id = params.vpp_tun_sa_id
126 vpp_tun_spi = params.vpp_tun_spi
127 auth_algo_vpp_id = params.auth_algo_vpp_id
128 auth_key = params.auth_key
129 crypt_algo_vpp_id = params.crypt_algo_vpp_id
130 crypt_key = params.crypt_key
131 remote_tun_if_host = params.remote_tun_if_host
132 addr_any = params.addr_any
133 addr_bcast = params.addr_bcast
134 e = VppEnum.vl_api_ipsec_spd_action_t
136 tun_flags = params.tun_flags
138 anti_replay_window_size = params.anti_replay_window_size
141 params.tun_sa_in = VppIpsecSA(
149 self.vpp_esp_protocol,
150 self.tun_if.remote_addr[addr_type],
151 self.tun_if.local_addr[addr_type],
156 hop_limit=params.outer_hop_limit,
157 anti_replay_window_size=anti_replay_window_size,
159 params.tun_sa_out = VppIpsecSA(
167 self.vpp_esp_protocol,
168 self.tun_if.local_addr[addr_type],
169 self.tun_if.remote_addr[addr_type],
174 hop_limit=params.outer_hop_limit,
175 anti_replay_window_size=anti_replay_window_size,
177 objs.append(params.tun_sa_in)
178 objs.append(params.tun_sa_out)
180 params.spd_policy_in_any = VppIpsecSpdEntry(
190 params.spd_policy_out_any = VppIpsecSpdEntry(
201 objs.append(params.spd_policy_out_any)
202 objs.append(params.spd_policy_in_any)
211 self.pg1.remote_addr[addr_type],
212 self.pg1.remote_addr[addr_type],
215 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
224 self.pg1.remote_addr[addr_type],
225 self.pg1.remote_addr[addr_type],
229 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
240 self.pg0.local_addr[addr_type],
241 self.pg0.local_addr[addr_type],
244 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
253 self.pg0.local_addr[addr_type],
254 self.pg0.local_addr[addr_type],
258 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
264 self.net_objs = self.net_objs + objs
266 def config_esp_tra(self, params):
267 addr_type = params.addr_type
268 scapy_tra_sa_id = params.scapy_tra_sa_id
269 scapy_tra_spi = params.scapy_tra_spi
270 vpp_tra_sa_id = params.vpp_tra_sa_id
271 vpp_tra_spi = params.vpp_tra_spi
272 auth_algo_vpp_id = params.auth_algo_vpp_id
273 auth_key = params.auth_key
274 crypt_algo_vpp_id = params.crypt_algo_vpp_id
275 crypt_key = params.crypt_key
276 addr_any = params.addr_any
277 addr_bcast = params.addr_bcast
278 e = VppEnum.vl_api_ipsec_spd_action_t
281 anti_replay_window_size = params.anti_replay_window_size
284 params.tra_sa_in = VppIpsecSA(
292 self.vpp_esp_protocol,
295 anti_replay_window_size=anti_replay_window_size,
297 params.tra_sa_out = VppIpsecSA(
305 self.vpp_esp_protocol,
308 anti_replay_window_size=anti_replay_window_size,
310 objs.append(params.tra_sa_in)
311 objs.append(params.tra_sa_out)
343 self.tra_if.local_addr[addr_type],
344 self.tra_if.local_addr[addr_type],
345 self.tra_if.remote_addr[addr_type],
346 self.tra_if.remote_addr[addr_type],
349 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
358 self.tra_if.local_addr[addr_type],
359 self.tra_if.local_addr[addr_type],
360 self.tra_if.remote_addr[addr_type],
361 self.tra_if.remote_addr[addr_type],
363 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
369 self.net_objs = self.net_objs + objs
372 class TemplateIpsecEsp(ConfigIpsecESP):
374 Basic test for ipsec esp sanity - tunnel and transport modes.
376 Below 4 cases are covered as part of this test
378 #. ipsec esp v4 transport basic test - IPv4 Transport mode
379 scenario using HMAC-SHA1-96 integrity algo
381 #. ipsec esp v4 transport burst test
382 Above test for 257 pkts
384 #. ipsec esp 4o4 tunnel basic test - IPv4 Tunnel mode
385 scenario using HMAC-SHA1-96 integrity algo
387 #. ipsec esp 4o4 tunnel burst test
388 Above test for 257 pkts
393 |pg2| <-------> |VPP|
398 --- encrypt --- plain ---
399 |pg0| <------- |VPP| <------ |pg1|
402 --- decrypt --- plain ---
403 |pg0| -------> |VPP| ------> |pg1|
410 super(TemplateIpsecEsp, cls).setUpClass()
413 def tearDownClass(cls):
414 super(TemplateIpsecEsp, cls).tearDownClass()
417 super(TemplateIpsecEsp, self).setUp()
418 self.config_anti_replay(self.params.values())
419 self.config_network(self.params.values())
422 self.unconfig_network()
423 super(TemplateIpsecEsp, self).tearDown()
427 TemplateIpsecEsp, IpsecTra46Tests, IpsecTun46Tests, IpsecTra6ExtTests
429 """Ipsec ESP - TUN & TRA tests"""
433 super(TestIpsecEsp1, cls).setUpClass()
436 def tearDownClass(cls):
437 super(TestIpsecEsp1, cls).tearDownClass()
440 super(TestIpsecEsp1, self).setUp()
443 super(TestIpsecEsp1, self).tearDown()
445 def test_tun_46(self):
446 """ipsec 4o6 tunnel"""
447 # add an SPD entry to direct 2.2.2.2 to the v6 tunnel SA
448 p6 = self.ipv6_params
449 p4 = self.ipv4_params
451 p6.remote_tun_if_host4 = "2.2.2.2"
452 e = VppEnum.vl_api_ipsec_spd_action_t
458 self.pg1.remote_addr[p4.addr_type],
459 self.pg1.remote_addr[p4.addr_type],
460 p6.remote_tun_if_host4,
461 p6.remote_tun_if_host4,
464 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
469 p6.remote_tun_if_host4,
471 [VppRoutePath(self.tun_if.remote_addr[p4.addr_type], 0xFFFFFFFF)],
474 old_name = self.tun6_encrypt_node_name
475 self.tun6_encrypt_node_name = "esp4-encrypt"
477 self.verify_tun_46(p6, count=63)
478 self.tun6_encrypt_node_name = old_name
480 def test_tun_64(self):
481 """ipsec 6o4 tunnel"""
482 # add an SPD entry to direct 4444::4 to the v4 tunnel SA
483 p6 = self.ipv6_params
484 p4 = self.ipv4_params
486 p4.remote_tun_if_host6 = "4444::4"
487 e = VppEnum.vl_api_ipsec_spd_action_t
493 self.pg1.remote_addr[p6.addr_type],
494 self.pg1.remote_addr[p6.addr_type],
495 p4.remote_tun_if_host6,
496 p4.remote_tun_if_host6,
499 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
502 d = DpoProto.DPO_PROTO_IP6
505 p4.remote_tun_if_host6,
507 [VppRoutePath(self.tun_if.remote_addr[p6.addr_type], 0xFFFFFFFF, proto=d)],
510 old_name = self.tun4_encrypt_node_name
511 self.tun4_encrypt_node_name = "esp6-encrypt"
512 self.verify_tun_64(p4, count=63)
513 self.tun4_encrypt_node_name = old_name
516 class TestIpsecEspTun(TemplateIpsecEsp, IpsecTun46Tests):
517 """Ipsec ESP - TUN encap tests"""
520 self.ipv4_params = IPsecIPv4Params()
521 self.ipv6_params = IPsecIPv6Params()
524 VppEnum.vl_api_tunnel_encap_decap_flags_t.TUNNEL_API_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP
527 VppEnum.vl_api_tunnel_encap_decap_flags_t.TUNNEL_API_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN
530 self.ipv4_params.tun_flags = c
531 self.ipv6_params.tun_flags = c1
533 super(TestIpsecEspTun, self).setUp()
535 def gen_pkts(self, sw_intf, src, dst, count=1, payload_size=54):
536 # set the DSCP + ECN - flags are set to copy only DSCP
538 Ether(src=sw_intf.remote_mac, dst=sw_intf.local_mac)
539 / IP(src=src, dst=dst, tos=5)
540 / UDP(sport=4444, dport=4444)
541 / Raw(b"X" * payload_size)
542 for i in range(count)
545 def gen_pkts6(self, p, sw_intf, src, dst, count=1, payload_size=54):
546 # set the DSCP + ECN - flags are set to copy both
548 Ether(src=sw_intf.remote_mac, dst=sw_intf.local_mac)
549 / IPv6(src=src, dst=dst, tc=5)
550 / UDP(sport=4444, dport=4444)
551 / Raw(b"X" * payload_size)
552 for i in range(count)
555 def verify_encrypted(self, p, sa, rxs):
556 # just check that only the DSCP is copied
558 self.assertEqual(rx[IP].tos, 4)
560 def verify_encrypted6(self, p, sa, rxs):
561 # just check that the DSCP & ECN are copied
563 self.assertEqual(rx[IPv6].tc, 5)
566 class TestIpsecEspTun2(TemplateIpsecEsp, IpsecTun46Tests):
567 """Ipsec ESP - TUN DSCP tests"""
570 self.ipv4_params = IPsecIPv4Params()
571 self.ipv6_params = IPsecIPv6Params()
573 self.ipv4_params.dscp = VppEnum.vl_api_ip_dscp_t.IP_API_DSCP_EF
574 self.ipv6_params.dscp = VppEnum.vl_api_ip_dscp_t.IP_API_DSCP_AF11
576 super(TestIpsecEspTun2, self).setUp()
578 def gen_pkts(self, sw_intf, src, dst, count=1, payload_size=54):
580 Ether(src=sw_intf.remote_mac, dst=sw_intf.local_mac)
581 / IP(src=src, dst=dst)
582 / UDP(sport=4444, dport=4444)
583 / Raw(b"X" * payload_size)
584 for i in range(count)
587 def gen_pkts6(self, p, sw_intf, src, dst, count=1, payload_size=54):
589 Ether(src=sw_intf.remote_mac, dst=sw_intf.local_mac)
590 / IPv6(src=src, dst=dst)
591 / UDP(sport=4444, dport=4444)
592 / Raw(b"X" * payload_size)
593 for i in range(count)
596 def verify_encrypted(self, p, sa, rxs):
597 # just check that only the DSCP is set
599 self.assertEqual(rx[IP].tos, VppEnum.vl_api_ip_dscp_t.IP_API_DSCP_EF << 2)
601 def verify_encrypted6(self, p, sa, rxs):
602 # just check that the DSCP is set
605 rx[IPv6].tc, VppEnum.vl_api_ip_dscp_t.IP_API_DSCP_AF11 << 2
609 class TestIpsecEsp2(TemplateIpsecEsp, IpsecTcpTests):
610 """Ipsec ESP - TCP tests"""
615 class TestIpsecEspAsync(TemplateIpsecEsp):
616 """Ipsec ESP - Aysnc tests"""
621 super(TestIpsecEspAsync, self).setUp()
623 self.p_sync = IPsecIPv4Params()
625 self.p_sync.crypt_algo_vpp_id = (
626 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_CBC_256
628 self.p_sync.crypt_algo = "AES-CBC" # scapy name
629 self.p_sync.crypt_key = b"JPjyOWBeVEQiMe7hJPjyOWBeVEQiMe7h"
631 self.p_sync.scapy_tun_sa_id += 0xF0000
632 self.p_sync.scapy_tun_spi += 0xF0000
633 self.p_sync.vpp_tun_sa_id += 0xF0000
634 self.p_sync.vpp_tun_spi += 0xF0000
635 self.p_sync.remote_tun_if_host = "2.2.2.2"
636 e = VppEnum.vl_api_ipsec_spd_action_t
638 self.p_sync.sa = VppIpsecSA(
640 self.p_sync.vpp_tun_sa_id,
641 self.p_sync.vpp_tun_spi,
642 self.p_sync.auth_algo_vpp_id,
643 self.p_sync.auth_key,
644 self.p_sync.crypt_algo_vpp_id,
645 self.p_sync.crypt_key,
646 self.vpp_esp_protocol,
647 self.tun_if.local_addr[self.p_sync.addr_type],
648 self.tun_if.remote_addr[self.p_sync.addr_type],
650 self.p_sync.spd = VppIpsecSpdEntry(
653 self.p_sync.vpp_tun_sa_id,
654 self.pg1.remote_addr[self.p_sync.addr_type],
655 self.pg1.remote_addr[self.p_sync.addr_type],
656 self.p_sync.remote_tun_if_host,
657 self.p_sync.remote_tun_if_host,
660 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
665 self.p_sync.remote_tun_if_host,
666 self.p_sync.addr_len,
667 [VppRoutePath(self.tun_if.remote_addr[self.p_sync.addr_type], 0xFFFFFFFF)],
669 config_tun_params(self.p_sync, self.encryption_type, self.tun_if)
671 self.p_async = IPsecIPv4Params()
673 self.p_async.crypt_algo_vpp_id = (
674 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_GCM_256
676 self.p_async.auth_algo_vpp_id = (
677 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
679 self.p_async.crypt_algo = "AES-GCM" # scapy name
680 self.p_async.crypt_key = b"JPjyOWBeVEQiMe7hJPjyOWBeVEQiMe7h"
681 self.p_async.auth_algo = "NULL"
683 self.p_async.scapy_tun_sa_id += 0xE0000
684 self.p_async.scapy_tun_spi += 0xE0000
685 self.p_async.vpp_tun_sa_id += 0xE0000
686 self.p_async.vpp_tun_spi += 0xE0000
687 self.p_async.remote_tun_if_host = "2.2.2.3"
689 iflags = VppEnum.vl_api_ipsec_sad_flags_t
690 self.p_async.flags = (
691 iflags.IPSEC_API_SAD_FLAG_USE_ESN
692 | iflags.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY
693 | iflags.IPSEC_API_SAD_FLAG_ASYNC
696 self.p_async.sa = VppIpsecSA(
698 self.p_async.vpp_tun_sa_id,
699 self.p_async.vpp_tun_spi,
700 self.p_async.auth_algo_vpp_id,
701 self.p_async.auth_key,
702 self.p_async.crypt_algo_vpp_id,
703 self.p_async.crypt_key,
704 self.vpp_esp_protocol,
705 self.tun_if.local_addr[self.p_async.addr_type],
706 self.tun_if.remote_addr[self.p_async.addr_type],
707 flags=self.p_async.flags,
709 self.p_async.spd = VppIpsecSpdEntry(
712 self.p_async.vpp_tun_sa_id,
713 self.pg1.remote_addr[self.p_async.addr_type],
714 self.pg1.remote_addr[self.p_async.addr_type],
715 self.p_async.remote_tun_if_host,
716 self.p_async.remote_tun_if_host,
719 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
724 self.p_async.remote_tun_if_host,
725 self.p_async.addr_len,
726 [VppRoutePath(self.tun_if.remote_addr[self.p_async.addr_type], 0xFFFFFFFF)],
728 config_tun_params(self.p_async, self.encryption_type, self.tun_if)
730 def test_dual_stream(self):
731 """Alternating SAs"""
732 p = self.params[self.p_sync.addr_type]
733 self.vapi.ipsec_set_async_mode(async_enable=True)
737 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
738 / IP(src=self.pg1.remote_ip4, dst=self.p_sync.remote_tun_if_host)
739 / UDP(sport=4444, dport=4444)
743 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
744 / IP(src=self.pg1.remote_ip4, dst=p.remote_tun_if_host)
745 / UDP(sport=4444, dport=4444)
751 rxs = self.send_and_expect(self.pg1, pkts, self.pg0)
753 self.assertEqual(len(rxs), len(pkts))
756 if rx[ESP].spi == p.vpp_tun_spi:
757 decrypted = p.vpp_tun_sa.decrypt(rx[IP])
758 elif rx[ESP].spi == self.p_sync.vpp_tun_spi:
759 decrypted = self.p_sync.vpp_tun_sa.decrypt(rx[IP])
762 self.assertTrue(False)
764 self.p_sync.spd.remove_vpp_config()
765 self.p_sync.sa.remove_vpp_config()
766 self.p_async.spd.remove_vpp_config()
767 self.p_async.sa.remove_vpp_config()
768 self.vapi.ipsec_set_async_mode(async_enable=False)
770 def test_sync_async_noop_stream(self):
771 """Alternating SAs sync/async/noop"""
772 p = self.params[self.p_sync.addr_type]
774 # first pin the default/noop SA to worker 0
777 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
778 / IP(src=self.pg1.remote_ip4, dst=p.remote_tun_if_host)
779 / UDP(sport=4444, dport=4444)
783 rxs = self.send_and_expect(self.pg1, pkts, self.pg0, worker=0)
785 self.logger.info(self.vapi.cli("sh ipsec sa"))
786 self.logger.info(self.vapi.cli("sh crypto async status"))
788 # then use all the other SAs on worker 1.
789 # some will handoff, other take the sync and async paths
792 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
793 / IP(src=self.pg1.remote_ip4, dst=self.p_sync.remote_tun_if_host)
794 / UDP(sport=4444, dport=4444)
798 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
799 / IP(src=self.pg1.remote_ip4, dst=p.remote_tun_if_host)
800 / UDP(sport=4444, dport=4444)
804 Ether(src=self.pg1.remote_mac, dst=self.pg1.local_mac)
805 / IP(src=self.pg1.remote_ip4, dst=self.p_async.remote_tun_if_host)
806 / UDP(sport=4444, dport=4444)
812 rxs = self.send_and_expect(self.pg1, pkts, self.pg0, worker=1)
814 self.assertEqual(len(rxs), len(pkts))
817 if rx[ESP].spi == p.vpp_tun_spi:
818 decrypted = p.vpp_tun_sa.decrypt(rx[IP])
819 elif rx[ESP].spi == self.p_sync.vpp_tun_spi:
820 decrypted = self.p_sync.vpp_tun_sa.decrypt(rx[IP])
821 elif rx[ESP].spi == self.p_async.vpp_tun_spi:
822 decrypted = self.p_async.vpp_tun_sa.decrypt(rx[IP])
825 self.assertTrue(False)
827 self.p_sync.spd.remove_vpp_config()
828 self.p_sync.sa.remove_vpp_config()
829 self.p_async.spd.remove_vpp_config()
830 self.p_async.sa.remove_vpp_config()
833 class TestIpsecEspHandoff(
834 TemplateIpsecEsp, IpsecTun6HandoffTests, IpsecTun4HandoffTests
836 """Ipsec ESP - handoff tests"""
841 class TemplateIpsecEspUdp(ConfigIpsecESP):
848 super(TemplateIpsecEspUdp, cls).setUpClass()
851 def tearDownClass(cls):
852 super(TemplateIpsecEspUdp, cls).tearDownClass()
855 super(TemplateIpsecEspUdp, self).setUp()
857 self.tun_if = self.pg0
858 self.tra_if = self.pg2
859 self.logger.info(self.vapi.ppcli("show int addr"))
863 VppEnum.vl_api_ipsec_sad_flags_t.IPSEC_API_SAD_FLAG_UDP_ENCAP
864 | VppEnum.vl_api_ipsec_sad_flags_t.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY
866 p.nat_header = UDP(sport=5454, dport=4500)
868 self.tra_spd = VppIpsecSpd(self, self.tra_spd_id)
869 self.tra_spd.add_vpp_config()
870 VppIpsecSpdItfBinding(self, self.tra_spd, self.tra_if).add_vpp_config()
872 self.config_esp_tra(p)
873 config_tra_params(p, self.encryption_type)
875 self.tun_spd = VppIpsecSpd(self, self.tun_spd_id)
876 self.tun_spd.add_vpp_config()
877 VppIpsecSpdItfBinding(self, self.tun_spd, self.tun_if).add_vpp_config()
879 self.config_esp_tun(p)
880 self.logger.info(self.vapi.ppcli("show ipsec all"))
882 d = DpoProto.DPO_PROTO_IP4
885 p.remote_tun_if_host,
887 [VppRoutePath(self.tun_if.remote_addr[p.addr_type], 0xFFFFFFFF, proto=d)],
891 super(TemplateIpsecEspUdp, self).tearDown()
893 def show_commands_at_teardown(self):
894 self.logger.info(self.vapi.cli("show hardware"))
897 class TestIpsecEspUdp(TemplateIpsecEspUdp, IpsecTra4Tests):
898 """Ipsec NAT-T ESP UDP tests"""
905 saf = VppEnum.vl_api_ipsec_sad_flags_t
906 flag_esn = saf.IPSEC_API_SAD_FLAG_USE_ESN
907 flag_ar = saf.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY
908 self.flags = [0, flag_esn, flag_ar]
909 # foreach crypto algorithm
911 "AES-GCM-128/NONE": {
913 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_GCM_128
916 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
918 "scapy-crypto": "AES-GCM",
919 "scapy-integ": "NULL",
920 "key": b"JPjyOWBeVEQiMe7h",
923 "AES-GCM-192/NONE": {
925 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_GCM_192
928 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
930 "scapy-crypto": "AES-GCM",
931 "scapy-integ": "NULL",
932 "key": b"JPjyOWBeVEQiMe7h01234567",
935 "AES-GCM-256/NONE": {
937 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_GCM_256
940 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
942 "scapy-crypto": "AES-GCM",
943 "scapy-integ": "NULL",
944 "key": b"JPjyOWBeVEQiMe7h0123456787654321",
947 "AES-CBC-128/MD5-96": {
949 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_CBC_128
952 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_MD5_96
954 "scapy-crypto": "AES-CBC",
955 "scapy-integ": "HMAC-MD5-96",
957 "key": b"JPjyOWBeVEQiMe7h",
959 "AES-CBC-192/SHA1-96": {
961 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_CBC_192
964 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_SHA1_96
966 "scapy-crypto": "AES-CBC",
967 "scapy-integ": "HMAC-SHA1-96",
969 "key": b"JPjyOWBeVEQiMe7hJPjyOWBe",
971 "AES-CBC-256/SHA1-96": {
973 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_CBC_256
976 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_SHA1_96
978 "scapy-crypto": "AES-CBC",
979 "scapy-integ": "HMAC-SHA1-96",
981 "key": b"JPjyOWBeVEQiMe7hJPjyOWBeVEQiMe7h",
983 "3DES-CBC/SHA1-96": {
985 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_3DES_CBC
988 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_SHA1_96
990 "scapy-crypto": "3DES",
991 "scapy-integ": "HMAC-SHA1-96",
993 "key": b"JPjyOWBeVEQiMe7h00112233",
997 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_NONE
1000 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_SHA1_96
1002 "scapy-crypto": "NULL",
1003 "scapy-integ": "HMAC-SHA1-96",
1005 "key": b"JPjyOWBeVEQiMe7h00112233",
1007 "AES-CTR-128/SHA1-96": {
1009 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_CTR_128
1012 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_SHA1_96
1014 "scapy-crypto": "AES-CTR",
1015 "scapy-integ": "HMAC-SHA1-96",
1017 "key": b"JPjyOWBeVEQiMe7h",
1019 "AES-CTR-192/SHA1-96": {
1021 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_CTR_192
1024 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_SHA1_96
1026 "scapy-crypto": "AES-CTR",
1027 "scapy-integ": "HMAC-SHA1-96",
1029 "key": b"JPjyOWBeVEQiMe7hJPjyOWBe",
1031 "AES-CTR-256/SHA1-96": {
1033 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_CTR_256
1036 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_SHA1_96
1038 "scapy-crypto": "AES-CTR",
1039 "scapy-integ": "HMAC-SHA1-96",
1041 "key": b"JPjyOWBeVEQiMe7hJPjyOWBeVEQiMe7h",
1043 "AES-NULL-GMAC-128/NONE": {
1045 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_NULL_GMAC_128
1048 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
1050 "scapy-crypto": "AES-NULL-GMAC",
1051 "scapy-integ": "NULL",
1052 "key": b"JPjyOWBeVEQiMe7h",
1055 "AES-NULL-GMAC-192/NONE": {
1057 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_NULL_GMAC_192
1060 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
1062 "scapy-crypto": "AES-NULL-GMAC",
1063 "scapy-integ": "NULL",
1064 "key": b"JPjyOWBeVEQiMe7h01234567",
1067 "AES-NULL-GMAC-256/NONE": {
1069 VppEnum.vl_api_ipsec_crypto_alg_t.IPSEC_API_CRYPTO_ALG_AES_NULL_GMAC_256
1072 VppEnum.vl_api_ipsec_integ_alg_t.IPSEC_API_INTEG_ALG_NONE
1074 "scapy-crypto": "AES-NULL-GMAC",
1075 "scapy-integ": "NULL",
1076 "key": b"JPjyOWBeVEQiMe7h0123456787654321",
1082 class RunTestIpsecEspAll(ConfigIpsecESP, IpsecTra4, IpsecTra6, IpsecTun4, IpsecTun6):
1083 """Ipsec ESP all Algos"""
1086 def setUpConstants(cls):
1087 test_args = str.split(cls.__doc__, " ")
1088 engine = test_args[0]
1089 if engine == "async":
1090 cls.vpp_worker_count = 2
1091 super(RunTestIpsecEspAll, cls).setUpConstants()
1094 super(RunTestIpsecEspAll, self).setUp()
1095 test_args = str.split(self.__doc__, " ")
1097 params = MyParameters()
1098 self.engine = test_args[0]
1099 self.flag = params.flags[0]
1100 if test_args[1] == "ESNon":
1101 self.flag |= params.flags[1]
1102 if test_args[2] == "ARon":
1103 self.flag |= params.flags[2]
1105 self.algo = params.algos[test_args[3]]
1106 self.async_mode = False
1107 if self.engine == "async":
1108 self.async_mode = True
1111 super(RunTestIpsecEspAll, self).tearDown()
1114 self.run_a_test(self.engine, self.flag, self.algo)
1116 def run_a_test(self, engine, flag, algo, payload_size=None):
1118 self.vapi.cli("set ipsec async mode on")
1120 self.vapi.cli("set crypto handler all %s" % engine)
1122 self.logger.info(self.vapi.cli("show crypto async status"))
1123 self.ipv4_params = IPsecIPv4Params()
1124 self.ipv6_params = IPsecIPv6Params()
1127 self.ipv4_params.addr_type: self.ipv4_params,
1128 self.ipv6_params.addr_type: self.ipv6_params,
1131 for _, p in self.params.items():
1132 p.auth_algo_vpp_id = algo["vpp-integ"]
1133 p.crypt_algo_vpp_id = algo["vpp-crypto"]
1134 p.crypt_algo = algo["scapy-crypto"]
1135 p.auth_algo = algo["scapy-integ"]
1136 p.crypt_key = algo["key"]
1137 p.salt = algo["salt"]
1139 p.outer_flow_label = 243224
1140 p.async_mode = self.async_mode
1142 self.reporter.send_keep_alive(self)
1145 # configure the SPDs. SAs, etc
1147 self.config_network(self.params.values())
1151 # An exhautsive 4o6, 6o4 is not necessary
1154 self.verify_tra_basic6(count=NUM_PKTS)
1155 self.verify_tra_basic4(count=NUM_PKTS)
1156 self.verify_tun_66(self.params[socket.AF_INET6], count=NUM_PKTS)
1158 # Use an odd-byte payload size to check for correct padding.
1160 # 49 + 2 == 51 which should pad +1 to 52 for 4 byte alignment, +5
1161 # to 56 for 8 byte alignment, and +13 to 64 for 64 byte alignment.
1162 # This should catch bugs where the code is incorrectly over-padding
1163 # for algorithms that don't require it
1164 psz = 49 - len(IP() / ICMP()) if payload_size is None else payload_size
1166 self.params[socket.AF_INET], count=NUM_PKTS, payload_size=psz
1170 1970, # results in 2 chained buffers entering decrypt node
1171 # but leaving as simple buffer due to ICV removal (tra4)
1172 2004, # footer+ICV will be added to 2nd buffer (tun4)
1173 4010, # ICV ends up splitted across 2 buffers in esp_decrypt
1174 # for transport4; transport6 takes normal path
1175 4020, # same as above but tra4 and tra6 are switched
1177 if self.engine in engines_supporting_chain_bufs:
1178 for sz in LARGE_PKT_SZ:
1179 self.verify_tra_basic4(count=NUM_PKTS, payload_size=sz)
1180 self.verify_tra_basic6(count=NUM_PKTS, payload_size=sz)
1182 self.params[socket.AF_INET6], count=NUM_PKTS, payload_size=sz
1185 self.params[socket.AF_INET], count=NUM_PKTS, payload_size=sz
1189 # reconfigure the network and SA to run the
1192 saf = VppEnum.vl_api_ipsec_sad_flags_t
1193 if flag & saf.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY:
1194 for anti_replay_window_size in (
1198 self.unconfig_network()
1199 self.config_anti_replay(self.params.values(), anti_replay_window_size)
1200 self.config_network(self.params.values())
1201 self.verify_tra_anti_replay()
1202 self.verify_tra_anti_replay_algorithm()
1203 self.config_anti_replay(self.params.values())
1205 self.unconfig_network()
1206 self.config_network(self.params.values())
1207 self.verify_hi_seq_num()
1208 self.unconfig_network()
1209 self.config_network(self.params.values())
1210 self.verify_tra_lost()
1213 # swap the handlers while SAs are up
1215 self.unconfig_network()
1216 self.config_network(self.params.values())
1219 self.vapi.cli("set crypto handler all %s" % e)
1220 self.verify_tra_basic4(count=NUM_PKTS)
1222 self.unconfig_network()
1226 # To generate test classes, do:
1227 # grep '# GEN' test_ipsec_esp.py | sed -e 's/# GEN //g' | bash
1229 # GEN for ENG in native ipsecmb openssl; do \
1230 # GEN for ESN in ESNon ESNoff; do for AR in ARon ARoff; do \
1231 # GEN for ALG in AES-GCM-128/NONE \
1232 # GEN AES-GCM-192/NONE AES-GCM-256/NONE AES-CBC-128/MD5-96 \
1233 # GEN AES-CBC-192/SHA1-96 AES-CBC-256/SHA1-96 \
1234 # GEN 3DES-CBC/SHA1-96 NONE/SHA1-96 \
1235 # GEN AES-CTR-128/SHA1-96 AES-CTR-192/SHA1-96 AES-CTR-256/SHA1-96 \
1236 # GEN AES-NULL-GMAC-128/NONE AES-NULL-GMAC-192/NONE AES-NULL-GMAC-256/NONE; do \
1237 # GEN echo -en "\n\nclass "
1238 # GEN echo -e "Test_${ENG}_${ESN}_${AR}_${ALG}(RunTestIpsecEspAll):" |
1239 # GEN sed -e 's/-/_/g' -e 's#/#_#g' ;
1240 # GEN echo ' """'$ENG $ESN $AR $ALG IPSec test'"""' ;
1241 # GEN echo " def test_ipsec(self):";
1242 # GEN echo ' """'$ENG $ESN $AR $ALG IPSec test'"""' ;
1243 # GEN echo " self.run_test()";
1244 # GEN done; done; done; done
1246 # GEN for ESN in ESNon ESNoff; do for AR in ARon ARoff; do \
1248 # GEN AES-GCM-128/NONE AES-GCM-192/NONE AES-GCM-256/NONE \
1249 # GEN AES-CBC-192/SHA1-96 AES-CBC-256/SHA1-96; do \
1250 # GEN echo -en "\n\nclass "
1251 # GEN echo -e "Test_async_${ESN}_${AR}_${ALG}(RunTestIpsecEspAll):" |
1252 # GEN sed -e 's/-/_/g' -e 's#/#_#g' ;
1253 # GEN echo ' """'async $ESN $AR $ALG IPSec test'"""' ;
1254 # GEN echo " def test_ipsec(self):";
1255 # GEN echo ' """'async $ESN $AR $ALG IPSec test'"""' ;
1256 # GEN echo " self.run_test()";
1257 # GEN done; done; done;
1260 class Test_native_ESNon_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
1261 """native ESNon ARon AES-GCM-128/NONE IPSec test"""
1263 def test_ipsec(self):
1264 """native ESNon ARon AES-GCM-128/NONE IPSec test"""
1268 class Test_native_ESNon_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
1269 """native ESNon ARon AES-GCM-192/NONE IPSec test"""
1271 def test_ipsec(self):
1272 """native ESNon ARon AES-GCM-192/NONE IPSec test"""
1276 class Test_native_ESNon_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
1277 """native ESNon ARon AES-GCM-256/NONE IPSec test"""
1279 def test_ipsec(self):
1280 """native ESNon ARon AES-GCM-256/NONE IPSec test"""
1284 class Test_native_ESNon_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
1285 """native ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
1287 def test_ipsec(self):
1288 """native ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
1292 class Test_native_ESNon_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
1293 """native ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
1295 def test_ipsec(self):
1296 """native ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
1300 class Test_native_ESNon_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
1301 """native ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
1303 def test_ipsec(self):
1304 """native ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
1308 class Test_native_ESNon_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
1309 """native ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
1311 def test_ipsec(self):
1312 """native ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
1316 class Test_native_ESNon_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
1317 """native ESNon ARon NONE/SHA1-96 IPSec test"""
1319 def test_ipsec(self):
1320 """native ESNon ARon NONE/SHA1-96 IPSec test"""
1324 class Test_native_ESNon_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
1325 """native ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
1327 def test_ipsec(self):
1328 """native ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
1332 class Test_native_ESNon_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
1333 """native ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
1335 def test_ipsec(self):
1336 """native ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
1340 class Test_native_ESNon_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
1341 """native ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
1343 def test_ipsec(self):
1344 """native ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
1348 class Test_native_ESNon_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
1349 """native ESNon ARoff AES-GCM-128/NONE IPSec test"""
1351 def test_ipsec(self):
1352 """native ESNon ARoff AES-GCM-128/NONE IPSec test"""
1356 class Test_native_ESNon_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
1357 """native ESNon ARoff AES-GCM-192/NONE IPSec test"""
1359 def test_ipsec(self):
1360 """native ESNon ARoff AES-GCM-192/NONE IPSec test"""
1364 class Test_native_ESNon_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
1365 """native ESNon ARoff AES-GCM-256/NONE IPSec test"""
1367 def test_ipsec(self):
1368 """native ESNon ARoff AES-GCM-256/NONE IPSec test"""
1372 class Test_native_ESNon_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
1373 """native ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
1375 def test_ipsec(self):
1376 """native ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
1380 class Test_native_ESNon_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
1381 """native ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
1383 def test_ipsec(self):
1384 """native ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
1388 class Test_native_ESNon_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
1389 """native ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
1391 def test_ipsec(self):
1392 """native ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
1396 class Test_native_ESNon_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
1397 """native ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
1399 def test_ipsec(self):
1400 """native ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
1404 class Test_native_ESNon_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
1405 """native ESNon ARoff NONE/SHA1-96 IPSec test"""
1407 def test_ipsec(self):
1408 """native ESNon ARoff NONE/SHA1-96 IPSec test"""
1412 class Test_native_ESNon_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
1413 """native ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
1415 def test_ipsec(self):
1416 """native ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
1420 class Test_native_ESNon_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
1421 """native ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
1423 def test_ipsec(self):
1424 """native ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
1428 class Test_native_ESNon_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
1429 """native ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
1431 def test_ipsec(self):
1432 """native ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
1436 class Test_native_ESNoff_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
1437 """native ESNoff ARon AES-GCM-128/NONE IPSec test"""
1439 def test_ipsec(self):
1440 """native ESNoff ARon AES-GCM-128/NONE IPSec test"""
1444 class Test_native_ESNoff_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
1445 """native ESNoff ARon AES-GCM-192/NONE IPSec test"""
1447 def test_ipsec(self):
1448 """native ESNoff ARon AES-GCM-192/NONE IPSec test"""
1452 class Test_native_ESNoff_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
1453 """native ESNoff ARon AES-GCM-256/NONE IPSec test"""
1455 def test_ipsec(self):
1456 """native ESNoff ARon AES-GCM-256/NONE IPSec test"""
1460 class Test_native_ESNoff_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
1461 """native ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
1463 def test_ipsec(self):
1464 """native ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
1468 class Test_native_ESNoff_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
1469 """native ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
1471 def test_ipsec(self):
1472 """native ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
1476 class Test_native_ESNoff_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
1477 """native ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
1479 def test_ipsec(self):
1480 """native ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
1484 class Test_native_ESNoff_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
1485 """native ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
1487 def test_ipsec(self):
1488 """native ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
1492 class Test_native_ESNoff_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
1493 """native ESNoff ARon NONE/SHA1-96 IPSec test"""
1495 def test_ipsec(self):
1496 """native ESNoff ARon NONE/SHA1-96 IPSec test"""
1500 class Test_native_ESNoff_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
1501 """native ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
1503 def test_ipsec(self):
1504 """native ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
1508 class Test_native_ESNoff_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
1509 """native ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
1511 def test_ipsec(self):
1512 """native ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
1516 class Test_native_ESNoff_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
1517 """native ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
1519 def test_ipsec(self):
1520 """native ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
1524 class Test_native_ESNoff_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
1525 """native ESNoff ARoff AES-GCM-128/NONE IPSec test"""
1527 def test_ipsec(self):
1528 """native ESNoff ARoff AES-GCM-128/NONE IPSec test"""
1532 class Test_native_ESNoff_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
1533 """native ESNoff ARoff AES-GCM-192/NONE IPSec test"""
1535 def test_ipsec(self):
1536 """native ESNoff ARoff AES-GCM-192/NONE IPSec test"""
1540 class Test_native_ESNoff_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
1541 """native ESNoff ARoff AES-GCM-256/NONE IPSec test"""
1543 def test_ipsec(self):
1544 """native ESNoff ARoff AES-GCM-256/NONE IPSec test"""
1548 class Test_native_ESNoff_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
1549 """native ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
1551 def test_ipsec(self):
1552 """native ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
1556 class Test_native_ESNoff_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
1557 """native ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
1559 def test_ipsec(self):
1560 """native ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
1564 class Test_native_ESNoff_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
1565 """native ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
1567 def test_ipsec(self):
1568 """native ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
1572 class Test_native_ESNoff_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
1573 """native ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
1575 def test_ipsec(self):
1576 """native ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
1580 class Test_native_ESNoff_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
1581 """native ESNoff ARoff NONE/SHA1-96 IPSec test"""
1583 def test_ipsec(self):
1584 """native ESNoff ARoff NONE/SHA1-96 IPSec test"""
1588 class Test_native_ESNoff_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
1589 """native ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
1591 def test_ipsec(self):
1592 """native ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
1596 class Test_native_ESNoff_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
1597 """native ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
1599 def test_ipsec(self):
1600 """native ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
1604 class Test_native_ESNoff_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
1605 """native ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
1607 def test_ipsec(self):
1608 """native ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
1612 class Test_ipsecmb_ESNon_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
1613 """ipsecmb ESNon ARon AES-GCM-128/NONE IPSec test"""
1615 def test_ipsec(self):
1616 """ipsecmb ESNon ARon AES-GCM-128/NONE IPSec test"""
1620 class Test_ipsecmb_ESNon_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
1621 """ipsecmb ESNon ARon AES-GCM-192/NONE IPSec test"""
1623 def test_ipsec(self):
1624 """ipsecmb ESNon ARon AES-GCM-192/NONE IPSec test"""
1628 class Test_ipsecmb_ESNon_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
1629 """ipsecmb ESNon ARon AES-GCM-256/NONE IPSec test"""
1631 def test_ipsec(self):
1632 """ipsecmb ESNon ARon AES-GCM-256/NONE IPSec test"""
1636 class Test_ipsecmb_ESNon_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
1637 """ipsecmb ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
1639 def test_ipsec(self):
1640 """ipsecmb ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
1644 class Test_ipsecmb_ESNon_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
1645 """ipsecmb ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
1647 def test_ipsec(self):
1648 """ipsecmb ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
1652 class Test_ipsecmb_ESNon_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
1653 """ipsecmb ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
1655 def test_ipsec(self):
1656 """ipsecmb ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
1660 class Test_ipsecmb_ESNon_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
1661 """ipsecmb ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
1663 def test_ipsec(self):
1664 """ipsecmb ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
1668 class Test_ipsecmb_ESNon_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
1669 """ipsecmb ESNon ARon NONE/SHA1-96 IPSec test"""
1671 def test_ipsec(self):
1672 """ipsecmb ESNon ARon NONE/SHA1-96 IPSec test"""
1676 class Test_ipsecmb_ESNon_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
1677 """ipsecmb ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
1679 def test_ipsec(self):
1680 """ipsecmb ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
1684 class Test_ipsecmb_ESNon_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
1685 """ipsecmb ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
1687 def test_ipsec(self):
1688 """ipsecmb ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
1692 class Test_ipsecmb_ESNon_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
1693 """ipsecmb ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
1695 def test_ipsec(self):
1696 """ipsecmb ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
1700 class Test_ipsecmb_ESNon_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
1701 """ipsecmb ESNon ARoff AES-GCM-128/NONE IPSec test"""
1703 def test_ipsec(self):
1704 """ipsecmb ESNon ARoff AES-GCM-128/NONE IPSec test"""
1708 class Test_ipsecmb_ESNon_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
1709 """ipsecmb ESNon ARoff AES-GCM-192/NONE IPSec test"""
1711 def test_ipsec(self):
1712 """ipsecmb ESNon ARoff AES-GCM-192/NONE IPSec test"""
1716 class Test_ipsecmb_ESNon_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
1717 """ipsecmb ESNon ARoff AES-GCM-256/NONE IPSec test"""
1719 def test_ipsec(self):
1720 """ipsecmb ESNon ARoff AES-GCM-256/NONE IPSec test"""
1724 class Test_ipsecmb_ESNon_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
1725 """ipsecmb ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
1727 def test_ipsec(self):
1728 """ipsecmb ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
1732 class Test_ipsecmb_ESNon_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
1733 """ipsecmb ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
1735 def test_ipsec(self):
1736 """ipsecmb ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
1740 class Test_ipsecmb_ESNon_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
1741 """ipsecmb ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
1743 def test_ipsec(self):
1744 """ipsecmb ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
1748 class Test_ipsecmb_ESNon_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
1749 """ipsecmb ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
1751 def test_ipsec(self):
1752 """ipsecmb ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
1756 class Test_ipsecmb_ESNon_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
1757 """ipsecmb ESNon ARoff NONE/SHA1-96 IPSec test"""
1759 def test_ipsec(self):
1760 """ipsecmb ESNon ARoff NONE/SHA1-96 IPSec test"""
1764 class Test_ipsecmb_ESNon_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
1765 """ipsecmb ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
1767 def test_ipsec(self):
1768 """ipsecmb ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
1772 class Test_ipsecmb_ESNon_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
1773 """ipsecmb ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
1775 def test_ipsec(self):
1776 """ipsecmb ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
1780 class Test_ipsecmb_ESNon_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
1781 """ipsecmb ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
1783 def test_ipsec(self):
1784 """ipsecmb ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
1788 class Test_ipsecmb_ESNoff_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
1789 """ipsecmb ESNoff ARon AES-GCM-128/NONE IPSec test"""
1791 def test_ipsec(self):
1792 """ipsecmb ESNoff ARon AES-GCM-128/NONE IPSec test"""
1796 class Test_ipsecmb_ESNoff_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
1797 """ipsecmb ESNoff ARon AES-GCM-192/NONE IPSec test"""
1799 def test_ipsec(self):
1800 """ipsecmb ESNoff ARon AES-GCM-192/NONE IPSec test"""
1804 class Test_ipsecmb_ESNoff_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
1805 """ipsecmb ESNoff ARon AES-GCM-256/NONE IPSec test"""
1807 def test_ipsec(self):
1808 """ipsecmb ESNoff ARon AES-GCM-256/NONE IPSec test"""
1812 class Test_ipsecmb_ESNoff_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
1813 """ipsecmb ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
1815 def test_ipsec(self):
1816 """ipsecmb ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
1820 class Test_ipsecmb_ESNoff_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
1821 """ipsecmb ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
1823 def test_ipsec(self):
1824 """ipsecmb ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
1828 class Test_ipsecmb_ESNoff_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
1829 """ipsecmb ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
1831 def test_ipsec(self):
1832 """ipsecmb ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
1836 class Test_ipsecmb_ESNoff_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
1837 """ipsecmb ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
1839 def test_ipsec(self):
1840 """ipsecmb ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
1844 class Test_ipsecmb_ESNoff_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
1845 """ipsecmb ESNoff ARon NONE/SHA1-96 IPSec test"""
1847 def test_ipsec(self):
1848 """ipsecmb ESNoff ARon NONE/SHA1-96 IPSec test"""
1852 class Test_ipsecmb_ESNoff_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
1853 """ipsecmb ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
1855 def test_ipsec(self):
1856 """ipsecmb ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
1860 class Test_ipsecmb_ESNoff_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
1861 """ipsecmb ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
1863 def test_ipsec(self):
1864 """ipsecmb ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
1868 class Test_ipsecmb_ESNoff_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
1869 """ipsecmb ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
1871 def test_ipsec(self):
1872 """ipsecmb ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
1876 class Test_ipsecmb_ESNoff_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
1877 """ipsecmb ESNoff ARoff AES-GCM-128/NONE IPSec test"""
1879 def test_ipsec(self):
1880 """ipsecmb ESNoff ARoff AES-GCM-128/NONE IPSec test"""
1884 class Test_ipsecmb_ESNoff_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
1885 """ipsecmb ESNoff ARoff AES-GCM-192/NONE IPSec test"""
1887 def test_ipsec(self):
1888 """ipsecmb ESNoff ARoff AES-GCM-192/NONE IPSec test"""
1892 class Test_ipsecmb_ESNoff_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
1893 """ipsecmb ESNoff ARoff AES-GCM-256/NONE IPSec test"""
1895 def test_ipsec(self):
1896 """ipsecmb ESNoff ARoff AES-GCM-256/NONE IPSec test"""
1900 class Test_ipsecmb_ESNoff_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
1901 """ipsecmb ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
1903 def test_ipsec(self):
1904 """ipsecmb ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
1908 class Test_ipsecmb_ESNoff_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
1909 """ipsecmb ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
1911 def test_ipsec(self):
1912 """ipsecmb ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
1916 class Test_ipsecmb_ESNoff_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
1917 """ipsecmb ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
1919 def test_ipsec(self):
1920 """ipsecmb ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
1924 class Test_ipsecmb_ESNoff_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
1925 """ipsecmb ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
1927 def test_ipsec(self):
1928 """ipsecmb ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
1932 class Test_ipsecmb_ESNoff_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
1933 """ipsecmb ESNoff ARoff NONE/SHA1-96 IPSec test"""
1935 def test_ipsec(self):
1936 """ipsecmb ESNoff ARoff NONE/SHA1-96 IPSec test"""
1940 class Test_ipsecmb_ESNoff_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
1941 """ipsecmb ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
1943 def test_ipsec(self):
1944 """ipsecmb ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
1948 class Test_ipsecmb_ESNoff_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
1949 """ipsecmb ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
1951 def test_ipsec(self):
1952 """ipsecmb ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
1956 class Test_ipsecmb_ESNoff_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
1957 """ipsecmb ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
1959 def test_ipsec(self):
1960 """ipsecmb ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
1964 class Test_openssl_ESNon_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
1965 """openssl ESNon ARon AES-GCM-128/NONE IPSec test"""
1967 def test_ipsec(self):
1968 """openssl ESNon ARon AES-GCM-128/NONE IPSec test"""
1972 class Test_openssl_ESNon_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
1973 """openssl ESNon ARon AES-GCM-192/NONE IPSec test"""
1975 def test_ipsec(self):
1976 """openssl ESNon ARon AES-GCM-192/NONE IPSec test"""
1980 class Test_openssl_ESNon_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
1981 """openssl ESNon ARon AES-GCM-256/NONE IPSec test"""
1983 def test_ipsec(self):
1984 """openssl ESNon ARon AES-GCM-256/NONE IPSec test"""
1988 class Test_openssl_ESNon_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
1989 """openssl ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
1991 def test_ipsec(self):
1992 """openssl ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
1996 class Test_openssl_ESNon_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
1997 """openssl ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
1999 def test_ipsec(self):
2000 """openssl ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
2004 class Test_openssl_ESNon_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
2005 """openssl ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
2007 def test_ipsec(self):
2008 """openssl ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
2012 class Test_openssl_ESNon_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
2013 """openssl ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
2015 def test_ipsec(self):
2016 """openssl ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
2020 class Test_openssl_ESNon_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
2021 """openssl ESNon ARon NONE/SHA1-96 IPSec test"""
2023 def test_ipsec(self):
2024 """openssl ESNon ARon NONE/SHA1-96 IPSec test"""
2028 class Test_openssl_ESNon_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
2029 """openssl ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
2031 def test_ipsec(self):
2032 """openssl ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
2036 class Test_openssl_ESNon_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
2037 """openssl ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
2039 def test_ipsec(self):
2040 """openssl ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
2044 class Test_openssl_ESNon_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
2045 """openssl ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
2047 def test_ipsec(self):
2048 """openssl ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
2052 class Test_openssl_ESNon_ARon_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
2053 """openssl ESNon ARon AES-NULL-GMAC-128/NONE IPSec test"""
2055 def test_ipsec(self):
2056 """openssl ESNon ARon AES-NULL-GMAC-128/NONE IPSec test"""
2060 class Test_openssl_ESNon_ARon_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
2061 """openssl ESNon ARon AES-NULL-GMAC-192/NONE IPSec test"""
2063 def test_ipsec(self):
2064 """openssl ESNon ARon AES-NULL-GMAC-192/NONE IPSec test"""
2068 class Test_openssl_ESNon_ARon_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
2069 """openssl ESNon ARon AES-NULL-GMAC-256/NONE IPSec test"""
2071 def test_ipsec(self):
2072 """openssl ESNon ARon AES-NULL-GMAC-256/NONE IPSec test"""
2076 class Test_openssl_ESNon_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
2077 """openssl ESNon ARoff AES-GCM-128/NONE IPSec test"""
2079 def test_ipsec(self):
2080 """openssl ESNon ARoff AES-GCM-128/NONE IPSec test"""
2084 class Test_openssl_ESNon_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
2085 """openssl ESNon ARoff AES-GCM-192/NONE IPSec test"""
2087 def test_ipsec(self):
2088 """openssl ESNon ARoff AES-GCM-192/NONE IPSec test"""
2092 class Test_openssl_ESNon_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
2093 """openssl ESNon ARoff AES-GCM-256/NONE IPSec test"""
2095 def test_ipsec(self):
2096 """openssl ESNon ARoff AES-GCM-256/NONE IPSec test"""
2100 class Test_openssl_ESNon_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
2101 """openssl ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
2103 def test_ipsec(self):
2104 """openssl ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
2108 class Test_openssl_ESNon_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
2109 """openssl ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
2111 def test_ipsec(self):
2112 """openssl ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
2116 class Test_openssl_ESNon_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
2117 """openssl ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
2119 def test_ipsec(self):
2120 """openssl ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
2124 class Test_openssl_ESNon_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
2125 """openssl ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
2127 def test_ipsec(self):
2128 """openssl ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
2132 class Test_openssl_ESNon_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
2133 """openssl ESNon ARoff NONE/SHA1-96 IPSec test"""
2135 def test_ipsec(self):
2136 """openssl ESNon ARoff NONE/SHA1-96 IPSec test"""
2140 class Test_openssl_ESNon_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
2141 """openssl ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
2143 def test_ipsec(self):
2144 """openssl ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
2148 class Test_openssl_ESNon_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
2149 """openssl ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
2151 def test_ipsec(self):
2152 """openssl ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
2156 class Test_openssl_ESNon_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
2157 """openssl ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
2159 def test_ipsec(self):
2160 """openssl ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
2164 class Test_openssl_ESNon_ARoff_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
2165 """openssl ESNon ARoff AES-NULL-GMAC-128/NONE IPSec test"""
2167 def test_ipsec(self):
2168 """openssl ESNon ARoff AES-NULL-GMAC-128/NONE IPSec test"""
2172 class Test_openssl_ESNon_ARoff_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
2173 """openssl ESNon ARoff AES-NULL-GMAC-192/NONE IPSec test"""
2175 def test_ipsec(self):
2176 """openssl ESNon ARoff AES-NULL-GMAC-192/NONE IPSec test"""
2180 class Test_openssl_ESNon_ARoff_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
2181 """openssl ESNon ARoff AES-NULL-GMAC-256/NONE IPSec test"""
2183 def test_ipsec(self):
2184 """openssl ESNon ARoff AES-NULL-GMAC-256/NONE IPSec test"""
2188 class Test_openssl_ESNoff_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
2189 """openssl ESNoff ARon AES-GCM-128/NONE IPSec test"""
2191 def test_ipsec(self):
2192 """openssl ESNoff ARon AES-GCM-128/NONE IPSec test"""
2196 class Test_openssl_ESNoff_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
2197 """openssl ESNoff ARon AES-GCM-192/NONE IPSec test"""
2199 def test_ipsec(self):
2200 """openssl ESNoff ARon AES-GCM-192/NONE IPSec test"""
2204 class Test_openssl_ESNoff_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
2205 """openssl ESNoff ARon AES-GCM-256/NONE IPSec test"""
2207 def test_ipsec(self):
2208 """openssl ESNoff ARon AES-GCM-256/NONE IPSec test"""
2212 class Test_openssl_ESNoff_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
2213 """openssl ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
2215 def test_ipsec(self):
2216 """openssl ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
2220 class Test_openssl_ESNoff_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
2221 """openssl ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
2223 def test_ipsec(self):
2224 """openssl ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
2228 class Test_openssl_ESNoff_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
2229 """openssl ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
2231 def test_ipsec(self):
2232 """openssl ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
2236 class Test_openssl_ESNoff_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
2237 """openssl ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
2239 def test_ipsec(self):
2240 """openssl ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
2244 class Test_openssl_ESNoff_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
2245 """openssl ESNoff ARon NONE/SHA1-96 IPSec test"""
2247 def test_ipsec(self):
2248 """openssl ESNoff ARon NONE/SHA1-96 IPSec test"""
2252 class Test_openssl_ESNoff_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
2253 """openssl ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
2255 def test_ipsec(self):
2256 """openssl ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
2260 class Test_openssl_ESNoff_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
2261 """openssl ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
2263 def test_ipsec(self):
2264 """openssl ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
2268 class Test_openssl_ESNoff_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
2269 """openssl ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
2271 def test_ipsec(self):
2272 """openssl ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
2276 class Test_openssl_ESNoff_ARon_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
2277 """openssl ESNoff ARon AES-NULL-GMAC-128/NONE IPSec test"""
2279 def test_ipsec(self):
2280 """openssl ESNoff ARon AES-NULL-GMAC-128/NONE IPSec test"""
2284 class Test_openssl_ESNoff_ARon_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
2285 """openssl ESNoff ARon AES-NULL-GMAC-192/NONE IPSec test"""
2287 def test_ipsec(self):
2288 """openssl ESNoff ARon AES-NULL-GMAC-192/NONE IPSec test"""
2292 class Test_openssl_ESNoff_ARon_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
2293 """openssl ESNoff ARon AES-NULL-GMAC-256/NONE IPSec test"""
2295 def test_ipsec(self):
2296 """openssl ESNoff ARon AES-NULL-GMAC-256/NONE IPSec test"""
2300 class Test_openssl_ESNoff_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
2301 """openssl ESNoff ARoff AES-GCM-128/NONE IPSec test"""
2303 def test_ipsec(self):
2304 """openssl ESNoff ARoff AES-GCM-128/NONE IPSec test"""
2308 class Test_openssl_ESNoff_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
2309 """openssl ESNoff ARoff AES-GCM-192/NONE IPSec test"""
2311 def test_ipsec(self):
2312 """openssl ESNoff ARoff AES-GCM-192/NONE IPSec test"""
2316 class Test_openssl_ESNoff_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
2317 """openssl ESNoff ARoff AES-GCM-256/NONE IPSec test"""
2319 def test_ipsec(self):
2320 """openssl ESNoff ARoff AES-GCM-256/NONE IPSec test"""
2324 class Test_openssl_ESNoff_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
2325 """openssl ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
2327 def test_ipsec(self):
2328 """openssl ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
2332 class Test_openssl_ESNoff_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
2333 """openssl ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
2335 def test_ipsec(self):
2336 """openssl ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
2340 class Test_openssl_ESNoff_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
2341 """openssl ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
2343 def test_ipsec(self):
2344 """openssl ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
2348 class Test_openssl_ESNoff_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
2349 """openssl ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
2351 def test_ipsec(self):
2352 """openssl ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
2356 class Test_openssl_ESNoff_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
2357 """openssl ESNoff ARoff NONE/SHA1-96 IPSec test"""
2359 def test_ipsec(self):
2360 """openssl ESNoff ARoff NONE/SHA1-96 IPSec test"""
2364 class Test_openssl_ESNoff_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
2365 """openssl ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
2367 def test_ipsec(self):
2368 """openssl ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
2372 class Test_openssl_ESNoff_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
2373 """openssl ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
2375 def test_ipsec(self):
2376 """openssl ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
2380 class Test_openssl_ESNoff_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
2381 """openssl ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
2383 def test_ipsec(self):
2384 """openssl ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
2388 class Test_openssl_ESNoff_ARoff_AES_NULL_GMAC_128_NONE(RunTestIpsecEspAll):
2389 """openssl ESNoff ARoff AES-NULL-GMAC-128/NONE IPSec test"""
2391 def test_ipsec(self):
2392 """openssl ESNoff ARoff AES-NULL-GMAC-128/NONE IPSec test"""
2396 class Test_openssl_ESNoff_ARoff_AES_NULL_GMAC_192_NONE(RunTestIpsecEspAll):
2397 """openssl ESNoff ARoff AES-NULL-GMAC-192/NONE IPSec test"""
2399 def test_ipsec(self):
2400 """openssl ESNoff ARoff AES-NULL-GMAC-192/NONE IPSec test"""
2404 class Test_openssl_ESNoff_ARoff_AES_NULL_GMAC_256_NONE(RunTestIpsecEspAll):
2405 """openssl ESNoff ARoff AES-NULL-GMAC-256/NONE IPSec test"""
2407 def test_ipsec(self):
2408 """openssl ESNoff ARoff AES-NULL-GMAC-256/NONE IPSec test"""
2412 class Test_async_ESNon_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
2413 """async ESNon ARon AES-GCM-128/NONE IPSec test"""
2415 def test_ipsec(self):
2416 """async ESNon ARon AES-GCM-128/NONE IPSec test"""
2420 class Test_async_ESNon_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
2421 """async ESNon ARon AES-GCM-192/NONE IPSec test"""
2423 def test_ipsec(self):
2424 """async ESNon ARon AES-GCM-192/NONE IPSec test"""
2428 class Test_async_ESNon_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
2429 """async ESNon ARon AES-GCM-256/NONE IPSec test"""
2431 def test_ipsec(self):
2432 """async ESNon ARon AES-GCM-256/NONE IPSec test"""
2436 class Test_async_ESNon_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
2437 """async ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
2439 def test_ipsec(self):
2440 """async ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
2444 class Test_async_ESNon_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
2445 """async ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
2447 def test_ipsec(self):
2448 """async ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
2452 class Test_async_ESNon_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
2453 """async ESNon ARoff AES-GCM-128/NONE IPSec test"""
2455 def test_ipsec(self):
2456 """async ESNon ARoff AES-GCM-128/NONE IPSec test"""
2460 class Test_async_ESNon_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
2461 """async ESNon ARoff AES-GCM-192/NONE IPSec test"""
2463 def test_ipsec(self):
2464 """async ESNon ARoff AES-GCM-192/NONE IPSec test"""
2468 class Test_async_ESNon_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
2469 """async ESNon ARoff AES-GCM-256/NONE IPSec test"""
2471 def test_ipsec(self):
2472 """async ESNon ARoff AES-GCM-256/NONE IPSec test"""
2476 class Test_async_ESNon_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
2477 """async ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
2479 def test_ipsec(self):
2480 """async ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
2484 class Test_async_ESNon_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
2485 """async ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
2487 def test_ipsec(self):
2488 """async ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
2492 class Test_async_ESNoff_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
2493 """async ESNoff ARon AES-GCM-128/NONE IPSec test"""
2495 def test_ipsec(self):
2496 """async ESNoff ARon AES-GCM-128/NONE IPSec test"""
2500 class Test_async_ESNoff_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
2501 """async ESNoff ARon AES-GCM-192/NONE IPSec test"""
2503 def test_ipsec(self):
2504 """async ESNoff ARon AES-GCM-192/NONE IPSec test"""
2508 class Test_async_ESNoff_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
2509 """async ESNoff ARon AES-GCM-256/NONE IPSec test"""
2511 def test_ipsec(self):
2512 """async ESNoff ARon AES-GCM-256/NONE IPSec test"""
2516 class Test_async_ESNoff_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
2517 """async ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
2519 def test_ipsec(self):
2520 """async ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
2524 class Test_async_ESNoff_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
2525 """async ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
2527 def test_ipsec(self):
2528 """async ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
2532 class Test_async_ESNoff_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
2533 """async ESNoff ARoff AES-GCM-128/NONE IPSec test"""
2535 def test_ipsec(self):
2536 """async ESNoff ARoff AES-GCM-128/NONE IPSec test"""
2540 class Test_async_ESNoff_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
2541 """async ESNoff ARoff AES-GCM-192/NONE IPSec test"""
2543 def test_ipsec(self):
2544 """async ESNoff ARoff AES-GCM-192/NONE IPSec test"""
2548 class Test_async_ESNoff_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
2549 """async ESNoff ARoff AES-GCM-256/NONE IPSec test"""
2551 def test_ipsec(self):
2552 """async ESNoff ARoff AES-GCM-256/NONE IPSec test"""
2556 class Test_async_ESNoff_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
2557 """async ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
2559 def test_ipsec(self):
2560 """async ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
2564 class Test_async_ESNoff_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
2565 """async ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
2567 def test_ipsec(self):
2568 """async ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""