IPSEC_API_CRYPTO_ALG_AES_CBC_128)
self.crypt_algo = 'AES-CBC' # scapy name
self.crypt_key = 'JPjyOWBeVEQiMe7h'
+ self.crypt_salt = ''
self.flags = 0
self.nat_header = None
IPSEC_API_CRYPTO_ALG_AES_CBC_128)
self.crypt_algo = 'AES-CBC' # scapy name
self.crypt_key = 'JPjyOWBeVEQiMe7h'
+ self.crypt_salt = ''
self.flags = 0
self.nat_header = None
IPSEC_API_SAD_FLAG_USE_ESN))
p.scapy_tun_sa = SecurityAssociation(
encryption_type, spi=p.vpp_tun_spi,
- crypt_algo=p.crypt_algo, crypt_key=p.crypt_key,
+ crypt_algo=p.crypt_algo, crypt_key=p.crypt_key + p.crypt_salt,
auth_algo=p.auth_algo, auth_key=p.auth_key,
tunnel_header=ip_class_by_addr_type[p.addr_type](
src=tun_if.remote_addr[p.addr_type],
use_esn=use_esn)
p.vpp_tun_sa = SecurityAssociation(
encryption_type, spi=p.scapy_tun_spi,
- crypt_algo=p.crypt_algo, crypt_key=p.crypt_key,
+ crypt_algo=p.crypt_algo, crypt_key=p.crypt_key + p.crypt_salt,
auth_algo=p.auth_algo, auth_key=p.auth_key,
tunnel_header=ip_class_by_addr_type[p.addr_type](
dst=tun_if.remote_addr[p.addr_type],
encryption_type,
spi=p.vpp_tra_spi,
crypt_algo=p.crypt_algo,
- crypt_key=p.crypt_key,
+ crypt_key=p.crypt_key + p.crypt_salt,
auth_algo=p.auth_algo,
auth_key=p.auth_key,
nat_t_header=p.nat_header,
encryption_type,
spi=p.scapy_tra_spi,
crypt_algo=p.crypt_algo,
- crypt_key=p.crypt_key,
+ crypt_key=p.crypt_key + p.crypt_salt,
auth_algo=p.auth_algo,
auth_key=p.auth_key,
nat_t_header=p.nat_header,
IPSEC_API_PROTO_AH)
self.config_interfaces()
+
self.ipsec_select_backend()
def unconfig_interfaces(self):
self.unconfig_interfaces()
- if not self.vpp_dead:
- self.vapi.cli("show hardware")
+ def show_commands_at_teardown(self):
+ self.logger.info(self.vapi.cli("show hardware"))
def gen_encrypt_pkts(self, sa, sw_intf, src, dst, count=1,
payload_size=54):