3 from scapy.layers.ipsec import ESP
4 from scapy.layers.inet import IP, ICMP, UDP
6 from parameterized import parameterized
7 from framework import VppTestRunner
8 from template_ipsec import IpsecTra46Tests, IpsecTun46Tests, TemplateIpsec, \
9 IpsecTcpTests, IpsecTun4Tests, IpsecTra4Tests, config_tra_params, \
10 config_tun_params, IPsecIPv4Params, IPsecIPv6Params, \
11 IpsecTra4, IpsecTun4, IpsecTra6, IpsecTun6, \
12 IpsecTun6HandoffTests, IpsecTun4HandoffTests, \
14 from vpp_ipsec import VppIpsecSpd, VppIpsecSpdEntry, VppIpsecSA,\
16 from vpp_ip_route import VppIpRoute, VppRoutePath
17 from vpp_ip import DpoProto
18 from vpp_papi import VppEnum
21 engines_supporting_chain_bufs = ["openssl"]
24 class ConfigIpsecESP(TemplateIpsec):
26 tra4_encrypt_node_name = "esp4-encrypt"
27 tra4_decrypt_node_name = "esp4-decrypt"
28 tra6_encrypt_node_name = "esp6-encrypt"
29 tra6_decrypt_node_name = "esp6-decrypt"
30 tun4_encrypt_node_name = "esp4-encrypt"
31 tun4_decrypt_node_name = "esp4-decrypt"
32 tun6_encrypt_node_name = "esp6-encrypt"
33 tun6_decrypt_node_name = "esp6-decrypt"
37 super(ConfigIpsecESP, cls).setUpClass()
40 def tearDownClass(cls):
41 super(ConfigIpsecESP, cls).tearDownClass()
44 super(ConfigIpsecESP, self).setUp()
47 super(ConfigIpsecESP, self).tearDown()
49 def config_network(self, params):
51 self.tun_if = self.pg0
52 self.tra_if = self.pg2
53 self.logger.info(self.vapi.ppcli("show int addr"))
55 self.tra_spd = VppIpsecSpd(self, self.tra_spd_id)
56 self.tra_spd.add_vpp_config()
57 self.net_objs.append(self.tra_spd)
58 self.tun_spd = VppIpsecSpd(self, self.tun_spd_id)
59 self.tun_spd.add_vpp_config()
60 self.net_objs.append(self.tun_spd)
62 b = VppIpsecSpdItfBinding(self, self.tun_spd,
65 self.net_objs.append(b)
67 b = VppIpsecSpdItfBinding(self, self.tra_spd,
70 self.net_objs.append(b)
73 self.config_esp_tra(p)
74 config_tra_params(p, self.encryption_type)
76 self.config_esp_tun(p)
77 config_tun_params(p, self.encryption_type, self.tun_if)
80 d = DpoProto.DPO_PROTO_IP6 if p.is_ipv6 else DpoProto.DPO_PROTO_IP4
81 r = VppIpRoute(self, p.remote_tun_if_host, p.addr_len,
82 [VppRoutePath(self.tun_if.remote_addr[p.addr_type],
86 self.net_objs.append(r)
88 self.logger.info(self.vapi.ppcli("show ipsec all"))
90 def unconfig_network(self):
91 for o in reversed(self.net_objs):
95 def config_esp_tun(self, params):
96 addr_type = params.addr_type
97 scapy_tun_sa_id = params.scapy_tun_sa_id
98 scapy_tun_spi = params.scapy_tun_spi
99 vpp_tun_sa_id = params.vpp_tun_sa_id
100 vpp_tun_spi = params.vpp_tun_spi
101 auth_algo_vpp_id = params.auth_algo_vpp_id
102 auth_key = params.auth_key
103 crypt_algo_vpp_id = params.crypt_algo_vpp_id
104 crypt_key = params.crypt_key
105 remote_tun_if_host = params.remote_tun_if_host
106 addr_any = params.addr_any
107 addr_bcast = params.addr_bcast
108 e = VppEnum.vl_api_ipsec_spd_action_t
113 params.tun_sa_in = VppIpsecSA(self, scapy_tun_sa_id, scapy_tun_spi,
114 auth_algo_vpp_id, auth_key,
115 crypt_algo_vpp_id, crypt_key,
116 self.vpp_esp_protocol,
117 self.tun_if.local_addr[addr_type],
118 self.tun_if.remote_addr[addr_type],
121 params.tun_sa_out = VppIpsecSA(self, vpp_tun_sa_id, vpp_tun_spi,
122 auth_algo_vpp_id, auth_key,
123 crypt_algo_vpp_id, crypt_key,
124 self.vpp_esp_protocol,
125 self.tun_if.remote_addr[addr_type],
126 self.tun_if.local_addr[addr_type],
129 objs.append(params.tun_sa_in)
130 objs.append(params.tun_sa_out)
132 params.spd_policy_in_any = VppIpsecSpdEntry(self, self.tun_spd,
134 addr_any, addr_bcast,
135 addr_any, addr_bcast,
137 params.spd_policy_out_any = VppIpsecSpdEntry(self, self.tun_spd,
139 addr_any, addr_bcast,
140 addr_any, addr_bcast,
143 objs.append(params.spd_policy_out_any)
144 objs.append(params.spd_policy_in_any)
146 objs.append(VppIpsecSpdEntry(self, self.tun_spd, vpp_tun_sa_id,
147 remote_tun_if_host, remote_tun_if_host,
148 self.pg1.remote_addr[addr_type],
149 self.pg1.remote_addr[addr_type],
152 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
154 objs.append(VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id,
155 self.pg1.remote_addr[addr_type],
156 self.pg1.remote_addr[addr_type],
157 remote_tun_if_host, remote_tun_if_host,
159 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
161 objs.append(VppIpsecSpdEntry(self, self.tun_spd, vpp_tun_sa_id,
162 remote_tun_if_host, remote_tun_if_host,
163 self.pg0.local_addr[addr_type],
164 self.pg0.local_addr[addr_type],
167 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
169 objs.append(VppIpsecSpdEntry(self, self.tun_spd, scapy_tun_sa_id,
170 self.pg0.local_addr[addr_type],
171 self.pg0.local_addr[addr_type],
172 remote_tun_if_host, remote_tun_if_host,
174 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
178 self.net_objs = self.net_objs + objs
180 def config_esp_tra(self, params):
181 addr_type = params.addr_type
182 scapy_tra_sa_id = params.scapy_tra_sa_id
183 scapy_tra_spi = params.scapy_tra_spi
184 vpp_tra_sa_id = params.vpp_tra_sa_id
185 vpp_tra_spi = params.vpp_tra_spi
186 auth_algo_vpp_id = params.auth_algo_vpp_id
187 auth_key = params.auth_key
188 crypt_algo_vpp_id = params.crypt_algo_vpp_id
189 crypt_key = params.crypt_key
190 addr_any = params.addr_any
191 addr_bcast = params.addr_bcast
192 flags = (VppEnum.vl_api_ipsec_sad_flags_t.
193 IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY)
194 e = VppEnum.vl_api_ipsec_spd_action_t
195 flags = params.flags | flags
199 params.tra_sa_in = VppIpsecSA(self, scapy_tra_sa_id, scapy_tra_spi,
200 auth_algo_vpp_id, auth_key,
201 crypt_algo_vpp_id, crypt_key,
202 self.vpp_esp_protocol,
205 params.tra_sa_out = VppIpsecSA(self, vpp_tra_sa_id, vpp_tra_spi,
206 auth_algo_vpp_id, auth_key,
207 crypt_algo_vpp_id, crypt_key,
208 self.vpp_esp_protocol,
211 objs.append(params.tra_sa_in)
212 objs.append(params.tra_sa_out)
214 objs.append(VppIpsecSpdEntry(self, self.tra_spd, vpp_tra_sa_id,
215 addr_any, addr_bcast,
216 addr_any, addr_bcast,
218 objs.append(VppIpsecSpdEntry(self, self.tra_spd, vpp_tra_sa_id,
219 addr_any, addr_bcast,
220 addr_any, addr_bcast,
223 objs.append(VppIpsecSpdEntry(self, self.tra_spd, vpp_tra_sa_id,
224 self.tra_if.local_addr[addr_type],
225 self.tra_if.local_addr[addr_type],
226 self.tra_if.remote_addr[addr_type],
227 self.tra_if.remote_addr[addr_type],
229 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
231 objs.append(VppIpsecSpdEntry(self, self.tra_spd, scapy_tra_sa_id,
232 self.tra_if.local_addr[addr_type],
233 self.tra_if.local_addr[addr_type],
234 self.tra_if.remote_addr[addr_type],
235 self.tra_if.remote_addr[addr_type],
236 0, policy=e.IPSEC_API_SPD_ACTION_PROTECT,
240 self.net_objs = self.net_objs + objs
243 class TemplateIpsecEsp(ConfigIpsecESP):
245 Basic test for ipsec esp sanity - tunnel and transport modes.
247 Below 4 cases are covered as part of this test
248 1) ipsec esp v4 transport basic test - IPv4 Transport mode
249 scenario using HMAC-SHA1-96 integrity algo
250 2) ipsec esp v4 transport burst test
251 Above test for 257 pkts
252 3) ipsec esp 4o4 tunnel basic test - IPv4 Tunnel mode
253 scenario using HMAC-SHA1-96 integrity algo
254 4) ipsec esp 4o4 tunnel burst test
255 Above test for 257 pkts
260 |pg2| <-------> |VPP|
265 --- encrypt --- plain ---
266 |pg0| <------- |VPP| <------ |pg1|
269 --- decrypt --- plain ---
270 |pg0| -------> |VPP| ------> |pg1|
276 super(TemplateIpsecEsp, cls).setUpClass()
279 def tearDownClass(cls):
280 super(TemplateIpsecEsp, cls).tearDownClass()
283 super(TemplateIpsecEsp, self).setUp()
284 self.config_network(self.params.values())
287 self.unconfig_network()
288 super(TemplateIpsecEsp, self).tearDown()
291 class TestIpsecEsp1(TemplateIpsecEsp, IpsecTra46Tests,
292 IpsecTun46Tests, IpsecTra6ExtTests):
293 """ Ipsec ESP - TUN & TRA tests """
297 super(TestIpsecEsp1, cls).setUpClass()
300 def tearDownClass(cls):
301 super(TestIpsecEsp1, cls).tearDownClass()
304 super(TestIpsecEsp1, self).setUp()
307 super(TestIpsecEsp1, self).tearDown()
309 def test_tun_46(self):
310 """ ipsec 4o6 tunnel """
311 # add an SPD entry to direct 2.2.2.2 to the v6 tunnel SA
312 p6 = self.ipv6_params
313 p4 = self.ipv4_params
315 p6.remote_tun_if_host4 = "2.2.2.2"
316 e = VppEnum.vl_api_ipsec_spd_action_t
318 VppIpsecSpdEntry(self,
321 self.pg1.remote_addr[p4.addr_type],
322 self.pg1.remote_addr[p4.addr_type],
323 p6.remote_tun_if_host4,
324 p6.remote_tun_if_host4,
327 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
328 is_outbound=1).add_vpp_config()
329 VppIpRoute(self, p6.remote_tun_if_host4, p4.addr_len,
330 [VppRoutePath(self.tun_if.remote_addr[p4.addr_type],
331 0xffffffff)]).add_vpp_config()
333 old_name = self.tun6_encrypt_node_name
334 self.tun6_encrypt_node_name = "esp4-encrypt"
336 self.verify_tun_46(p6, count=63)
337 self.tun6_encrypt_node_name = old_name
339 def test_tun_64(self):
340 """ ipsec 6o4 tunnel """
341 # add an SPD entry to direct 4444::4 to the v4 tunnel SA
342 p6 = self.ipv6_params
343 p4 = self.ipv4_params
345 p4.remote_tun_if_host6 = "4444::4"
346 e = VppEnum.vl_api_ipsec_spd_action_t
348 VppIpsecSpdEntry(self,
351 self.pg1.remote_addr[p6.addr_type],
352 self.pg1.remote_addr[p6.addr_type],
353 p4.remote_tun_if_host6,
354 p4.remote_tun_if_host6,
357 policy=e.IPSEC_API_SPD_ACTION_PROTECT,
358 is_outbound=1).add_vpp_config()
359 d = DpoProto.DPO_PROTO_IP6
360 VppIpRoute(self, p4.remote_tun_if_host6, p6.addr_len,
361 [VppRoutePath(self.tun_if.remote_addr[p6.addr_type],
363 proto=d)]).add_vpp_config()
365 old_name = self.tun4_encrypt_node_name
366 self.tun4_encrypt_node_name = "esp6-encrypt"
367 self.verify_tun_64(p4, count=63)
368 self.tun4_encrypt_node_name = old_name
371 class TestIpsecEsp2(TemplateIpsecEsp, IpsecTcpTests):
372 """ Ipsec ESP - TCP tests """
376 class TestIpsecEspHandoff(TemplateIpsecEsp,
377 IpsecTun6HandoffTests,
378 IpsecTun4HandoffTests):
379 """ Ipsec ESP - handoff tests """
383 class TemplateIpsecEspUdp(ConfigIpsecESP):
390 super(TemplateIpsecEspUdp, cls).setUpClass()
393 def tearDownClass(cls):
394 super(TemplateIpsecEspUdp, cls).tearDownClass()
397 super(TemplateIpsecEspUdp, self).setUp()
399 self.tun_if = self.pg0
400 self.tra_if = self.pg2
401 self.logger.info(self.vapi.ppcli("show int addr"))
404 p.flags = (VppEnum.vl_api_ipsec_sad_flags_t.
405 IPSEC_API_SAD_FLAG_UDP_ENCAP)
406 p.nat_header = UDP(sport=5454, dport=4500)
408 self.tra_spd = VppIpsecSpd(self, self.tra_spd_id)
409 self.tra_spd.add_vpp_config()
410 VppIpsecSpdItfBinding(self, self.tra_spd,
411 self.tra_if).add_vpp_config()
413 self.config_esp_tra(p)
414 config_tra_params(p, self.encryption_type)
416 self.tun_spd = VppIpsecSpd(self, self.tun_spd_id)
417 self.tun_spd.add_vpp_config()
418 VppIpsecSpdItfBinding(self, self.tun_spd,
419 self.tun_if).add_vpp_config()
421 self.config_esp_tun(p)
422 self.logger.info(self.vapi.ppcli("show ipsec all"))
424 d = DpoProto.DPO_PROTO_IP4
425 VppIpRoute(self, p.remote_tun_if_host, p.addr_len,
426 [VppRoutePath(self.tun_if.remote_addr[p.addr_type],
428 proto=d)]).add_vpp_config()
431 super(TemplateIpsecEspUdp, self).tearDown()
433 def show_commands_at_teardown(self):
434 self.logger.info(self.vapi.cli("show hardware"))
437 class TestIpsecEspUdp(TemplateIpsecEspUdp, IpsecTra4Tests):
438 """ Ipsec NAT-T ESP UDP tests """
442 class MyParameters():
444 self.engines = ["ia32", "ipsecmb", "openssl"]
445 flag_esn = VppEnum.vl_api_ipsec_sad_flags_t.IPSEC_API_SAD_FLAG_USE_ESN
446 self.flags = [0, flag_esn]
447 # foreach crypto algorithm
449 'AES-GCM-128/NONE': {
450 'vpp-crypto': (VppEnum.vl_api_ipsec_crypto_alg_t.
451 IPSEC_API_CRYPTO_ALG_AES_GCM_128),
452 'vpp-integ': (VppEnum.vl_api_ipsec_integ_alg_t.
453 IPSEC_API_INTEG_ALG_NONE),
454 'scapy-crypto': "AES-GCM",
455 'scapy-integ': "NULL",
456 'key': b"JPjyOWBeVEQiMe7h",
458 'AES-GCM-192/NONE': {
459 'vpp-crypto': (VppEnum.vl_api_ipsec_crypto_alg_t.
460 IPSEC_API_CRYPTO_ALG_AES_GCM_192),
461 'vpp-integ': (VppEnum.vl_api_ipsec_integ_alg_t.
462 IPSEC_API_INTEG_ALG_NONE),
463 'scapy-crypto': "AES-GCM",
464 'scapy-integ': "NULL",
465 'key': b"JPjyOWBeVEQiMe7h01234567",
467 'AES-GCM-256/NONE': {
468 'vpp-crypto': (VppEnum.vl_api_ipsec_crypto_alg_t.
469 IPSEC_API_CRYPTO_ALG_AES_GCM_256),
470 'vpp-integ': (VppEnum.vl_api_ipsec_integ_alg_t.
471 IPSEC_API_INTEG_ALG_NONE),
472 'scapy-crypto': "AES-GCM",
473 'scapy-integ': "NULL",
474 'key': b"JPjyOWBeVEQiMe7h0123456787654321",
476 'AES-CBC-128/MD5-96': {
477 'vpp-crypto': (VppEnum.vl_api_ipsec_crypto_alg_t.
478 IPSEC_API_CRYPTO_ALG_AES_CBC_128),
479 'vpp-integ': (VppEnum.vl_api_ipsec_integ_alg_t.
480 IPSEC_API_INTEG_ALG_MD5_96),
481 'scapy-crypto': "AES-CBC",
482 'scapy-integ': "HMAC-MD5-96",
484 'key': b"JPjyOWBeVEQiMe7h"},
485 'AES-CBC-192/SHA1-96': {
486 'vpp-crypto': (VppEnum.vl_api_ipsec_crypto_alg_t.
487 IPSEC_API_CRYPTO_ALG_AES_CBC_192),
488 'vpp-integ': (VppEnum.vl_api_ipsec_integ_alg_t.
489 IPSEC_API_INTEG_ALG_SHA1_96),
490 'scapy-crypto': "AES-CBC",
491 'scapy-integ': "HMAC-SHA1-96",
493 'key': b"JPjyOWBeVEQiMe7hJPjyOWBe"},
494 'AES-CBC-256/SHA1-96': {
495 'vpp-crypto': (VppEnum.vl_api_ipsec_crypto_alg_t.
496 IPSEC_API_CRYPTO_ALG_AES_CBC_256),
497 'vpp-integ': (VppEnum.vl_api_ipsec_integ_alg_t.
498 IPSEC_API_INTEG_ALG_SHA1_96),
499 'scapy-crypto': "AES-CBC",
500 'scapy-integ': "HMAC-SHA1-96",
502 'key': b"JPjyOWBeVEQiMe7hJPjyOWBeVEQiMe7h"},
503 '3DES-CBC/SHA1-96': {
504 'vpp-crypto': (VppEnum.vl_api_ipsec_crypto_alg_t.
505 IPSEC_API_CRYPTO_ALG_3DES_CBC),
506 'vpp-integ': (VppEnum.vl_api_ipsec_integ_alg_t.
507 IPSEC_API_INTEG_ALG_SHA1_96),
508 'scapy-crypto': "3DES",
509 'scapy-integ': "HMAC-SHA1-96",
511 'key': b"JPjyOWBeVEQiMe7h00112233"},
513 'vpp-crypto': (VppEnum.vl_api_ipsec_crypto_alg_t.
514 IPSEC_API_CRYPTO_ALG_NONE),
515 'vpp-integ': (VppEnum.vl_api_ipsec_integ_alg_t.
516 IPSEC_API_INTEG_ALG_SHA1_96),
517 'scapy-crypto': "NULL",
518 'scapy-integ': "HMAC-SHA1-96",
520 'key': b"JPjyOWBeVEQiMe7h00112233"}}
523 class RunTestIpsecEspAll(ConfigIpsecESP,
524 IpsecTra4, IpsecTra6,
525 IpsecTun4, IpsecTun6):
526 """ Ipsec ESP all Algos """
529 super(RunTestIpsecEspAll, self).setUp()
530 test_args = str.split(self.__doc__, " ")
532 params = MyParameters()
533 self.engine = test_args[0]
534 self.flag = params.flags[0]
535 if test_args[1] == 'ESN':
536 self.flag = params.flags[1]
538 self.algo = params.algos[test_args[2]]
541 super(RunTestIpsecEspAll, self).tearDown()
544 self.run_a_test(self.engine, self.flag, self.algo)
546 def run_a_test(self, engine, flag, algo, payload_size=None):
549 self.vapi.cli("set crypto handler all %s" % engine)
551 self.ipv4_params = IPsecIPv4Params()
552 self.ipv6_params = IPsecIPv6Params()
554 self.params = {self.ipv4_params.addr_type:
556 self.ipv6_params.addr_type:
559 for _, p in self.params.items():
560 p.auth_algo_vpp_id = algo['vpp-integ']
561 p.crypt_algo_vpp_id = algo['vpp-crypto']
562 p.crypt_algo = algo['scapy-crypto']
563 p.auth_algo = algo['scapy-integ']
564 p.crypt_key = algo['key']
565 p.salt = algo['salt']
566 p.flags = p.flags | flag
568 self.reporter.send_keep_alive(self)
571 # configure the SPDs. SAs, etc
573 self.config_network(self.params.values())
577 # An exhautsive 4o6, 6o4 is not necessary
580 self.verify_tra_basic6(count=NUM_PKTS)
581 self.verify_tra_basic4(count=NUM_PKTS)
582 self.verify_tun_66(self.params[socket.AF_INET6],
585 # Use an odd-byte payload size to check for correct padding.
587 # 49 + 2 == 51 which should pad +1 to 52 for 4 byte alignment, +5
588 # to 56 for 8 byte alignment, and +13 to 64 for 64 byte alignment.
589 # This should catch bugs where the code is incorrectly over-padding
590 # for algorithms that don't require it
591 psz = 49 - len(IP()/ICMP()) if payload_size is None else payload_size
592 self.verify_tun_44(self.params[socket.AF_INET],
593 count=NUM_PKTS, payload_size=psz)
596 1970, # results in 2 chained buffers entering decrypt node
597 # but leaving as simple buffer due to ICV removal (tra4)
598 2004, # footer+ICV will be added to 2nd buffer (tun4)
599 4010, # ICV ends up splitted accross 2 buffers in esp_decrypt
600 # for transport4; transport6 takes normal path
601 4020, # same as above but tra4 and tra6 are switched
603 if self.engine in engines_supporting_chain_bufs:
604 for sz in LARGE_PKT_SZ:
605 self.verify_tra_basic4(count=NUM_PKTS, payload_size=sz)
606 self.verify_tra_basic6(count=NUM_PKTS, payload_size=sz)
607 self.verify_tun_66(self.params[socket.AF_INET6],
608 count=NUM_PKTS, payload_size=sz)
609 self.verify_tun_44(self.params[socket.AF_INET],
610 count=NUM_PKTS, payload_size=sz)
613 # remove the SPDs, SAs, etc
615 self.unconfig_network()
618 # reconfigure the network and SA to run the
621 self.config_network(self.params.values())
622 self.verify_tra_anti_replay()
623 self.unconfig_network()
626 # To generate test classes, do:
627 # grep '# GEN' test_ipsec_esp.py | sed -e 's/# GEN //g' | bash
629 # GEN for ENG in ia32 ipsecmb openssl; do \
630 # GEN for FLG in noESN ESN; do for ALG in AES-GCM-128/NONE \
631 # GEN AES-GCM-192/NONE AES-GCM-256/NONE AES-CBC-128/MD5-96 \
632 # GEN AES-CBC-192/SHA1-96 AES-CBC-256/SHA1-96 \
633 # GEN 3DES-CBC/SHA1-96 NONE/SHA1-96; do \
634 # GEN [[ ${FLG} == "ESN" && ${ALG} == *"NONE" ]] && continue
635 # GEN echo -e "\n\nclass Test_${ENG}_${FLG}_${ALG}(RunTestIpsecEspAll):" |
636 # GEN sed -e 's/-/_/g' -e 's#/#_#g' ; \
637 # GEN echo ' """'$ENG $FLG $ALG IPSec test'"""' ;
638 # GEN echo " def test_ipsec(self):";
639 # GEN echo " self.run_test()";
640 # GEN done; done; done
643 class Test_ia32_noESN_AES_GCM_128_NONE(RunTestIpsecEspAll):
644 """ia32 noESN AES-GCM-128/NONE IPSec test"""
645 def test_ipsec(self):
649 class Test_ia32_noESN_AES_GCM_192_NONE(RunTestIpsecEspAll):
650 """ia32 noESN AES-GCM-192/NONE IPSec test"""
651 def test_ipsec(self):
655 class Test_ia32_noESN_AES_GCM_256_NONE(RunTestIpsecEspAll):
656 """ia32 noESN AES-GCM-256/NONE IPSec test"""
657 def test_ipsec(self):
661 class Test_ia32_noESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
662 """ia32 noESN AES-CBC-128/MD5-96 IPSec test"""
663 def test_ipsec(self):
667 class Test_ia32_noESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
668 """ia32 noESN AES-CBC-192/SHA1-96 IPSec test"""
669 def test_ipsec(self):
673 class Test_ia32_noESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
674 """ia32 noESN AES-CBC-256/SHA1-96 IPSec test"""
675 def test_ipsec(self):
679 class Test_ia32_noESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
680 """ia32 noESN 3DES-CBC/SHA1-96 IPSec test"""
681 def test_ipsec(self):
685 class Test_ia32_noESN_NONE_SHA1_96(RunTestIpsecEspAll):
686 """ia32 noESN NONE/SHA1-96 IPSec test"""
687 def test_ipsec(self):
691 class Test_ia32_ESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
692 """ia32 ESN AES-CBC-128/MD5-96 IPSec test"""
693 def test_ipsec(self):
697 class Test_ia32_ESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
698 """ia32 ESN AES-CBC-192/SHA1-96 IPSec test"""
699 def test_ipsec(self):
703 class Test_ia32_ESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
704 """ia32 ESN AES-CBC-256/SHA1-96 IPSec test"""
705 def test_ipsec(self):
709 class Test_ia32_ESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
710 """ia32 ESN 3DES-CBC/SHA1-96 IPSec test"""
711 def test_ipsec(self):
715 class Test_ia32_ESN_NONE_SHA1_96(RunTestIpsecEspAll):
716 """ia32 ESN NONE/SHA1-96 IPSec test"""
717 def test_ipsec(self):
721 class Test_ipsecmb_noESN_AES_GCM_128_NONE(RunTestIpsecEspAll):
722 """ipsecmb noESN AES-GCM-128/NONE IPSec test"""
723 def test_ipsec(self):
727 class Test_ipsecmb_noESN_AES_GCM_192_NONE(RunTestIpsecEspAll):
728 """ipsecmb noESN AES-GCM-192/NONE IPSec test"""
729 def test_ipsec(self):
733 class Test_ipsecmb_noESN_AES_GCM_256_NONE(RunTestIpsecEspAll):
734 """ipsecmb noESN AES-GCM-256/NONE IPSec test"""
735 def test_ipsec(self):
739 class Test_ipsecmb_noESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
740 """ipsecmb noESN AES-CBC-128/MD5-96 IPSec test"""
741 def test_ipsec(self):
745 class Test_ipsecmb_noESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
746 """ipsecmb noESN AES-CBC-192/SHA1-96 IPSec test"""
747 def test_ipsec(self):
751 class Test_ipsecmb_noESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
752 """ipsecmb noESN AES-CBC-256/SHA1-96 IPSec test"""
753 def test_ipsec(self):
757 class Test_ipsecmb_noESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
758 """ipsecmb noESN 3DES-CBC/SHA1-96 IPSec test"""
759 def test_ipsec(self):
763 class Test_ipsecmb_noESN_NONE_SHA1_96(RunTestIpsecEspAll):
764 """ipsecmb noESN NONE/SHA1-96 IPSec test"""
765 def test_ipsec(self):
769 class Test_ipsecmb_ESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
770 """ipsecmb ESN AES-CBC-128/MD5-96 IPSec test"""
771 def test_ipsec(self):
775 class Test_ipsecmb_ESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
776 """ipsecmb ESN AES-CBC-192/SHA1-96 IPSec test"""
777 def test_ipsec(self):
781 class Test_ipsecmb_ESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
782 """ipsecmb ESN AES-CBC-256/SHA1-96 IPSec test"""
783 def test_ipsec(self):
787 class Test_ipsecmb_ESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
788 """ipsecmb ESN 3DES-CBC/SHA1-96 IPSec test"""
789 def test_ipsec(self):
793 class Test_ipsecmb_ESN_NONE_SHA1_96(RunTestIpsecEspAll):
794 """ipsecmb ESN NONE/SHA1-96 IPSec test"""
795 def test_ipsec(self):
799 class Test_openssl_noESN_AES_GCM_128_NONE(RunTestIpsecEspAll):
800 """openssl noESN AES-GCM-128/NONE IPSec test"""
801 def test_ipsec(self):
805 class Test_openssl_noESN_AES_GCM_192_NONE(RunTestIpsecEspAll):
806 """openssl noESN AES-GCM-192/NONE IPSec test"""
807 def test_ipsec(self):
811 class Test_openssl_noESN_AES_GCM_256_NONE(RunTestIpsecEspAll):
812 """openssl noESN AES-GCM-256/NONE IPSec test"""
813 def test_ipsec(self):
817 class Test_openssl_noESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
818 """openssl noESN AES-CBC-128/MD5-96 IPSec test"""
819 def test_ipsec(self):
823 class Test_openssl_noESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
824 """openssl noESN AES-CBC-192/SHA1-96 IPSec test"""
825 def test_ipsec(self):
829 class Test_openssl_noESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
830 """openssl noESN AES-CBC-256/SHA1-96 IPSec test"""
831 def test_ipsec(self):
835 class Test_openssl_noESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
836 """openssl noESN 3DES-CBC/SHA1-96 IPSec test"""
837 def test_ipsec(self):
841 class Test_openssl_noESN_NONE_SHA1_96(RunTestIpsecEspAll):
842 """openssl noESN NONE/SHA1-96 IPSec test"""
843 def test_ipsec(self):
847 class Test_openssl_ESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
848 """openssl ESN AES-CBC-128/MD5-96 IPSec test"""
849 def test_ipsec(self):
853 class Test_openssl_ESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
854 """openssl ESN AES-CBC-192/SHA1-96 IPSec test"""
855 def test_ipsec(self):
859 class Test_openssl_ESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
860 """openssl ESN AES-CBC-256/SHA1-96 IPSec test"""
861 def test_ipsec(self):
865 class Test_openssl_ESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
866 """openssl ESN 3DES-CBC/SHA1-96 IPSec test"""
867 def test_ipsec(self):
871 class Test_openssl_ESN_NONE_SHA1_96(RunTestIpsecEspAll):
872 """openssl ESN NONE/SHA1-96 IPSec test"""
873 def test_ipsec(self):
877 if __name__ == '__main__':
878 unittest.main(testRunner=VppTestRunner)
Code Review / vpp.git / blob