Code Review / vpp.git / blob
? search:


30496b3792f8ccbea8b8202c24f4d648d3a69043
[vpp.git] / test / test_ipsec_api.py
1 import unittest
2
3 from framework import VppTestCase, VppTestRunner
4 from template_ipsec import IPsecIPv4Params
5
6
7 class IpsecApiTestCase(VppTestCase):
8     """ IPSec API tests """
9
10     def setUp(self):
11         super(IpsecApiTestCase, self).setUp()
12         self.create_pg_interfaces([0])
13         self.pg0.config_ip4()
14         self.pg0.admin_up()
15
16         self.vpp_esp_protocol = 1
17         self.vpp_ah_protocol = 0
18         self.ipv4_params = IPsecIPv4Params()
19
20     def tearDown(self):
21         self.pg0.unconfig_ip4()
22         self.pg0.admin_down()
23         super(IpsecApiTestCase, self).tearDown()
24
25     def test_backend_dump(self):
26         """ backend dump """
27         d = self.vapi.ipsec_backend_dump()
28         self.assert_equal(len(d), 2, "number of ipsec backends in dump")
29         self.assert_equal(d[0].protocol, self.vpp_ah_protocol,
30                           "ipsec protocol in dump entry")
31         self.assert_equal(d[0].index, 0, "index in dump entry")
32         self.assert_equal(d[0].active, 1, "active flag in dump entry")
33         self.assert_equal(d[1].protocol, self.vpp_esp_protocol,
34                           "ipsec protocol in dump entry")
35         self.assert_equal(d[1].index, 0, "index in dump entry")
36         self.assert_equal(d[1].active, 1, "active flag in dump entry")
37
38     def test_select_valid_backend(self):
39         """ select valid backend """
40         self.vapi.ipsec_select_backend(self.vpp_ah_protocol, 0)
41         self.vapi.ipsec_select_backend(self.vpp_esp_protocol, 0)
42
43     def test_select_invalid_backend(self):
44         """ select invalid backend """
45         with self.vapi.assert_negative_api_retval():
46             self.vapi.ipsec_select_backend(self.vpp_ah_protocol, 200)
47         with self.vapi.assert_negative_api_retval():
48             self.vapi.ipsec_select_backend(self.vpp_esp_protocol, 200)
49
50     def test_select_backend_in_use(self):
51         """ attempt to change backend while sad configured """
52         params = self.ipv4_params
53         addr_type = params.addr_type
54         is_ipv6 = params.is_ipv6
55         scapy_tun_sa_id = params.scapy_tun_sa_id
56         scapy_tun_spi = params.scapy_tun_spi
57         auth_algo_vpp_id = params.auth_algo_vpp_id
58         auth_key = params.auth_key
59         crypt_algo_vpp_id = params.crypt_algo_vpp_id
60         crypt_key = params.crypt_key
61
62         self.vapi.ipsec_sad_add_del_entry(scapy_tun_sa_id, scapy_tun_spi,
63                                           auth_algo_vpp_id, auth_key,
64                                           crypt_algo_vpp_id, crypt_key,
65                                           self.vpp_ah_protocol,
66                                           self.pg0.local_addr_n[addr_type],
67                                           self.pg0.remote_addr_n[addr_type],
68                                           is_tunnel=1, is_tunnel_ipv6=is_ipv6)
69         with self.vapi.assert_negative_api_retval():
70             self.vapi.ipsec_select_backend(
71                 protocol=self.vpp_ah_protocol, index=0)
72
73         self.vapi.ipsec_sad_add_del_entry(scapy_tun_sa_id, scapy_tun_spi,
74                                           auth_algo_vpp_id, auth_key,
75                                           crypt_algo_vpp_id, crypt_key,
76                                           self.vpp_ah_protocol,
77                                           self.pg0.local_addr_n[addr_type],
78                                           self.pg0.remote_addr_n[addr_type],
79                                           is_tunnel=1, is_tunnel_ipv6=is_ipv6,
80                                           is_add=0)
81         self.vapi.ipsec_select_backend(
82             protocol=self.vpp_ah_protocol, index=0)
83
84
85 if __name__ == '__main__':
86     unittest.main(testRunner=VppTestRunner)
Vector Packet Processing