Change-Id: I06e4000d93a86d885200ef1d0dd9b00e520ba77f
Signed-off-by: Jan Gelety <jgelety@cisco.com>
class CryptoAlg(Enum):
"""Encryption algorithms."""
AES_CBC_128 = ('aes-cbc-128', 'AES-CBC', 16)
class CryptoAlg(Enum):
"""Encryption algorithms."""
AES_CBC_128 = ('aes-cbc-128', 'AES-CBC', 16)
- AES_CBC_192 = ('aes-cbc-128', 'AES-CBC', 24)
+ AES_CBC_192 = ('aes-cbc-192', 'AES-CBC', 24)
AES_CBC_256 = ('aes-cbc-256', 'AES-CBC', 32)
def __init__(self, alg_name, scapy_name, key_len):
AES_CBC_256 = ('aes-cbc-256', 'AES-CBC', 32)
def __init__(self, alg_name, scapy_name, key_len):
@staticmethod
def vpp_ipsec_spd_add_if(node, spd_id, interface):
@staticmethod
def vpp_ipsec_spd_add_if(node, spd_id, interface):
- """Add interface to the SPD.
+ """Add interface to the Security Policy Database.
:param node: VPP node.
:param spd_id: SPD ID to add interface on.
:param node: VPP node.
:param spd_id: SPD ID to add interface on.
format IP/prefix or IP/mask. If no mask is provided, it's considered
to be /32.
:param proto: Policy selector next layer protocol number.
format IP/prefix or IP/mask. If no mask is provided, it's considered
to be /32.
:param proto: Policy selector next layer protocol number.
- :param lport_range: Policy selector local TCP/UDP port range in foramt
+ :param lport_range: Policy selector local TCP/UDP port range in format
- :param rport_range: Policy selector remote TCP/UDP port range in foramt
+ :param rport_range: Policy selector remote TCP/UDP port range in format
<port_start>-<port_end>.
:type node: dict
:type spd_id: int
<port_start>-<port_end>.
:type node: dict
:type spd_id: int
:type sa_id: int
:type laddr_range: string
:type raddr_range: string
:type sa_id: int
:type laddr_range: string
:type raddr_range: string
+ :type proto: intPolicyAction
:type lport_range: string
:type rport_range: string
"""
:type lport_range: string
:type rport_range: string
"""
- direction = 'outbound'
- if inbound:
- direction = 'inbound'
+ direction = 'inbound' if inbound else 'outbound'
act_str = action.value
if PolicyAction.PROTECT == action and sa_id is not None:
act_str = action.value
if PolicyAction.PROTECT == action and sa_id is not None:
| | ... | *Example:*
| | ... | \| ${encr_alg}= \| Crypto Alg AES CBC 128 \|
| | ... | \| ${auth_alg}= \| Integ Alg SHA1 96 \|
| | ... | *Example:*
| | ... | \| ${encr_alg}= \| Crypto Alg AES CBC 128 \|
| | ... | \| ${auth_alg}= \| Integ Alg SHA1 96 \|
-| | ... | \| Setup IPsec Manual Keyed Connection \| ${nodes['DUT1']} \
+| | ... | \| VPP Setup IPsec Manual Keyed Connection \| ${nodes['DUT1']} \
| | ... | \| GigabitEthernet0/8/0 \| ${encr_alg} \| sixteenbytes_key \
| | ... | \| ${auth_alg} \| twentybytessecretkey \| ${1000} \| ${1001} \
| | ... | \| 192.168.4.4 \| 192.168.3.3 \| 192.168.100.3 \| 192.168.100.2 \|
| | ... | \| GigabitEthernet0/8/0 \| ${encr_alg} \| sixteenbytes_key \
| | ... | \| ${auth_alg} \| twentybytessecretkey \| ${1000} \| ${1001} \
| | ... | \| 192.168.4.4 \| 192.168.3.3 \| 192.168.100.3 \| 192.168.100.2 \|
Code Review / csit.git / commitdiff