u32 seq;
u32 sa_seq;
u32 sa_seq_hi;
+ u32 pkt_seq_hi;
ipsec_crypto_alg_t crypto_alg;
ipsec_integ_alg_t integ_alg;
} esp_decrypt_trace_t;
+/* The number of byres in the hisequence number */
+#define N_HI_ESN_BYTES 4
+
/* packet trace format function */
static u8 *
format_esp_decrypt_trace (u8 * s, va_list * args)
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
esp_decrypt_trace_t *t = va_arg (*args, esp_decrypt_trace_t *);
- s =
- format (s,
- "esp: crypto %U integrity %U pkt-seq %d sa-seq %u sa-seq-hi %u",
- format_ipsec_crypto_alg, t->crypto_alg, format_ipsec_integ_alg,
- t->integ_alg, t->seq, t->sa_seq, t->sa_seq_hi);
+ s = format (s,
+ "esp: crypto %U integrity %U pkt-seq %d sa-seq %u sa-seq-hi %u "
+ "pkt-seq-hi %u",
+ format_ipsec_crypto_alg, t->crypto_alg, format_ipsec_integ_alg,
+ t->integ_alg, t->seq, t->sa_seq, t->sa_seq_hi, t->pkt_seq_hi);
return s;
}
return lb_curr;
}
-static_always_inline i16
-esp_insert_esn (vlib_main_t * vm, ipsec_sa_t * sa,
- esp_decrypt_packet_data2_t * pd2, u32 * data_len,
- u8 ** digest, u16 * len, vlib_buffer_t * b, u8 * payload)
+static_always_inline u16
+esp_insert_esn (vlib_main_t *vm, ipsec_sa_t *sa, esp_decrypt_packet_data_t *pd,
+ esp_decrypt_packet_data2_t *pd2, u32 *data_len, u8 **digest,
+ u16 *len, vlib_buffer_t *b, u8 *payload)
{
if (!ipsec_sa_is_set_USE_ESN (sa))
return 0;
-
/* shift ICV by 4 bytes to insert ESN */
- u32 seq_hi = clib_host_to_net_u32 (sa->seq_hi);
- u8 tmp[ESP_MAX_ICV_SIZE], sz = sizeof (sa->seq_hi);
+ u32 seq_hi = clib_host_to_net_u32 (pd->seq_hi);
+ u8 tmp[ESP_MAX_ICV_SIZE];
if (pd2->icv_removed)
{
u16 space_left = vlib_buffer_space_left_at_end (vm, pd2->lb);
- if (space_left >= sz)
+ if (space_left >= N_HI_ESN_BYTES)
{
- clib_memcpy_fast (vlib_buffer_get_tail (pd2->lb), &seq_hi, sz);
- *data_len += sz;
+ clib_memcpy_fast (vlib_buffer_get_tail (pd2->lb), &seq_hi,
+ N_HI_ESN_BYTES);
+ *data_len += N_HI_ESN_BYTES;
}
else
- return sz;
+ return N_HI_ESN_BYTES;
len[0] = b->current_length;
}
else
{
clib_memcpy_fast (tmp, payload + len[0], ESP_MAX_ICV_SIZE);
- clib_memcpy_fast (payload + len[0], &seq_hi, sz);
- clib_memcpy_fast (payload + len[0] + sz, tmp, ESP_MAX_ICV_SIZE);
- *data_len += sz;
- *digest += sz;
+ clib_memcpy_fast (payload + len[0], &seq_hi, N_HI_ESN_BYTES);
+ clib_memcpy_fast (payload + len[0] + N_HI_ESN_BYTES, tmp,
+ ESP_MAX_ICV_SIZE);
+ *data_len += N_HI_ESN_BYTES;
+ *digest += N_HI_ESN_BYTES;
}
- return sz;
+ return N_HI_ESN_BYTES;
}
static_always_inline u8 *
if (ipsec_sa_is_set_USE_ESN (sa))
{
- u8 sz = sizeof (sa->seq_hi);
- u32 seq_hi = clib_host_to_net_u32 (sa->seq_hi);
+ u32 seq_hi = clib_host_to_net_u32 (pd->seq_hi);
u16 space_left = vlib_buffer_space_left_at_end (vm, pd2->lb);
- if (space_left >= sz)
+ if (space_left >= N_HI_ESN_BYTES)
{
- clib_memcpy_fast (vlib_buffer_get_tail (pd2->lb), &seq_hi, sz);
- *len += sz;
+ clib_memcpy_fast (vlib_buffer_get_tail (pd2->lb), &seq_hi,
+ N_HI_ESN_BYTES);
+ *len += N_HI_ESN_BYTES;
}
else
{
* (with ICV data) */
ASSERT (pd2->icv_removed);
vlib_buffer_t *tmp = vlib_get_buffer (vm, pd2->free_buffer_index);
- clib_memcpy_fast (vlib_buffer_get_current (tmp) - sz, &seq_hi, sz);
+ clib_memcpy_fast (vlib_buffer_get_current (tmp) - N_HI_ESN_BYTES,
+ &seq_hi, N_HI_ESN_BYTES);
extra_esn[0] = 1;
}
}
}
static_always_inline int
-esp_decrypt_chain_integ (vlib_main_t * vm, ipsec_per_thread_data_t * ptd,
- esp_decrypt_packet_data2_t * pd2,
- ipsec_sa_t * sa0, vlib_buffer_t * b, u8 icv_sz,
- u8 * start_src, u32 start_len,
- u8 ** digest, u16 * n_ch, u32 * integ_total_len)
+esp_decrypt_chain_integ (vlib_main_t *vm, ipsec_per_thread_data_t *ptd,
+ const esp_decrypt_packet_data_t *pd,
+ esp_decrypt_packet_data2_t *pd2, ipsec_sa_t *sa0,
+ vlib_buffer_t *b, u8 icv_sz, u8 *start_src,
+ u32 start_len, u8 **digest, u16 *n_ch,
+ u32 *integ_total_len)
{
vnet_crypto_op_chunk_t *ch;
vlib_buffer_t *cb = vlib_get_buffer (vm, b->next_buffer);
ch->len = cb->current_length - icv_sz;
if (ipsec_sa_is_set_USE_ESN (sa0))
{
- u32 seq_hi = clib_host_to_net_u32 (sa0->seq_hi);
- u8 tmp[ESP_MAX_ICV_SIZE], sz = sizeof (sa0->seq_hi);
+ u32 seq_hi = clib_host_to_net_u32 (pd->seq_hi);
+ u8 tmp[ESP_MAX_ICV_SIZE];
u8 *esn;
vlib_buffer_t *tmp_b;
u16 space_left = vlib_buffer_space_left_at_end (vm, pd2->lb);
- if (space_left < sz)
+ if (space_left < N_HI_ESN_BYTES)
{
if (pd2->icv_removed)
{
/* use pre-data area from the last bufer
that was removed from the chain */
tmp_b = vlib_get_buffer (vm, pd2->free_buffer_index);
- esn = tmp_b->data - sz;
+ esn = tmp_b->data - N_HI_ESN_BYTES;
}
else
{
esn = tmp_b->data;
pd2->free_buffer_index = tmp_bi;
}
- clib_memcpy_fast (esn, &seq_hi, sz);
+ clib_memcpy_fast (esn, &seq_hi, N_HI_ESN_BYTES);
vec_add2 (ptd->chunks, ch, 1);
n_chunks += 1;
ch->src = esn;
- ch->len = sz;
+ ch->len = N_HI_ESN_BYTES;
}
else
{
if (pd2->icv_removed)
{
- clib_memcpy_fast (vlib_buffer_get_tail
- (pd2->lb), &seq_hi, sz);
+ clib_memcpy_fast (vlib_buffer_get_tail (pd2->lb),
+ &seq_hi, N_HI_ESN_BYTES);
}
else
{
clib_memcpy_fast (tmp, *digest, ESP_MAX_ICV_SIZE);
- clib_memcpy_fast (*digest, &seq_hi, sz);
- clib_memcpy_fast (*digest + sz, tmp, ESP_MAX_ICV_SIZE);
- *digest += sz;
+ clib_memcpy_fast (*digest, &seq_hi, N_HI_ESN_BYTES);
+ clib_memcpy_fast (*digest + N_HI_ESN_BYTES, tmp,
+ ESP_MAX_ICV_SIZE);
+ *digest += N_HI_ESN_BYTES;
}
- ch->len += sz;
+ ch->len += N_HI_ESN_BYTES;
}
}
total_len += ch->len;
op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
op->chunk_index = vec_len (ptd->chunks);
- if (esp_decrypt_chain_integ (vm, ptd, pd2, sa0, b, icv_sz,
+ if (esp_decrypt_chain_integ (vm, ptd, pd, pd2, sa0, b, icv_sz,
payload, pd->current_length,
&op->digest, &op->n_chunks, 0) < 0)
{
}
}
else
- esp_insert_esn (vm, sa0, pd2, &op->len, &op->digest, &len, b,
+ esp_insert_esn (vm, sa0, pd, pd2, &op->len, &op->digest, &len, b,
payload);
out:
vec_add_aligned (*(integ_ops[0]), op, 1, CLIB_CACHE_LINE_BYTES);
/* constuct aad in a scratch space in front of the nonce */
esp_header_t *esp0 = (esp_header_t *) (payload - esp_sz);
op->aad = (u8 *) nonce - sizeof (esp_aead_t);
- op->aad_len = esp_aad_fill (op->aad, esp0, sa0);
+ op->aad_len = esp_aad_fill (op->aad, esp0, sa0, pd->seq_hi);
op->tag = payload + len;
op->tag_len = 16;
}
vlib_buffer_t *b, u16 *next, u16 async_next)
{
const u8 esp_sz = sizeof (esp_header_t);
- u32 current_protect_index = vnet_buffer (b)->ipsec.protect_index;
esp_decrypt_packet_data_t *async_pd = &(esp_post_data (b))->decrypt_data;
esp_decrypt_packet_data2_t *async_pd2 = esp_post_data2 (b);
u8 *tag = payload + len, *iv = payload + esp_sz, *aad = 0;
tag = vlib_buffer_get_tail (pd2->lb) - icv_sz;
flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
- if (esp_decrypt_chain_integ (vm, ptd, pd2, sa0, b, icv_sz, payload,
- pd->current_length, &tag,
- 0, &integ_len) < 0)
+ if (esp_decrypt_chain_integ (vm, ptd, pd, pd2, sa0, b, icv_sz,
+ payload, pd->current_length, &tag, 0,
+ &integ_len) < 0)
{
/* allocate buffer failed, will not add to frame and drop */
return (ESP_DECRYPT_ERROR_NO_BUFFERS);
}
}
else
- esp_insert_esn (vm, sa0, pd2, &integ_len, &tag, &len, b, payload);
+ esp_insert_esn (vm, sa0, pd, pd2, &integ_len, &tag, &len, b, payload);
}
else
key_index = sa0->crypto_key_index;
/* constuct aad in a scratch space in front of the nonce */
esp_header_t *esp0 = (esp_header_t *) (payload - esp_sz);
aad = (u8 *) nonce - sizeof (esp_aead_t);
- esp_aad_fill (aad, esp0, sa0);
+ esp_aad_fill (aad, esp0, sa0, pd->seq_hi);
tag = payload + len;
}
else
*async_pd = *pd;
*async_pd2 = *pd2;
- pd->protect_index = current_protect_index;
/* for AEAD integ_len - crypto_len will be negative, it is ok since it
* is ignored by the engine. */
* a sequence s, s+1, s+2, s+3, ... s+n and nothing will prevent any
* implementation, sequential or batching, from decrypting these.
*/
- if (ipsec_sa_anti_replay_check (sa0, pd->seq))
+ if (ipsec_sa_anti_replay_and_sn_advance (sa0, pd->seq, pd->seq_hi, true,
+ NULL))
{
b->error = node->errors[ESP_DECRYPT_ERROR_REPLAY];
next[0] = ESP_DECRYPT_NEXT_DROP;
return;
}
- ipsec_sa_anti_replay_advance (sa0, pd->seq);
+ ipsec_sa_anti_replay_advance (sa0, pd->seq, pd->seq_hi);
if (pd->is_chain)
{
*/
const ipsec_tun_protect_t *itp;
- if (is_async)
- itp = ipsec_tun_protect_get (pd->protect_index);
- else
- itp =
- ipsec_tun_protect_get (vnet_buffer (b)->
- ipsec.protect_index);
+ itp =
+ ipsec_tun_protect_get (vnet_buffer (b)->ipsec.protect_index);
if (PREDICT_TRUE (next_header == IP_PROTOCOL_IP_IN_IP))
{
pd->current_length = b[0]->current_length;
/* anti-reply check */
- if (ipsec_sa_anti_replay_check (sa0, pd->seq))
+ if (ipsec_sa_anti_replay_and_sn_advance (sa0, pd->seq, ~0, false,
+ &pd->seq_hi))
{
err = ESP_DECRYPT_ERROR_REPLAY;
esp_set_next_index (b[0], node, err, n_noop, noop_nexts,
tr->crypto_alg = sa0->crypto_alg;
tr->integ_alg = sa0->integ_alg;
tr->seq = pd->seq;
- tr->sa_seq = sa0->last_seq;
+ tr->sa_seq = sa0->seq;
tr->sa_seq_hi = sa0->seq_hi;
+ tr->pkt_seq_hi = pd->seq_hi;
}
/* next */
tr->crypto_alg = sa0->crypto_alg;
tr->integ_alg = sa0->integ_alg;
tr->seq = pd->seq;
- tr->sa_seq = sa0->last_seq;
+ tr->sa_seq = sa0->seq;
tr->sa_seq_hi = sa0->seq_hi;
}
return count
+ def verify_hi_seq_num(self):
+ p = self.params[socket.AF_INET]
+ saf = VppEnum.vl_api_ipsec_sad_flags_t
+ esn_on = p.vpp_tra_sa.esn_en
+ ar_on = p.flags & saf.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY
+
+ seq_cycle_node_name = \
+ ('/err/%s/sequence number cycled (packet dropped)' %
+ self.tra4_encrypt_node_name)
+ replay_count = self.get_replay_counts(p)
+ hash_failed_count = self.get_hash_failed_counts(p)
+ seq_cycle_count = self.statistics.get_err_counter(seq_cycle_node_name)
+
+ # a few packets so we get the rx seq number above the window size and
+ # thus can simulate a wrap with an out of window packet
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=seq))
+ for seq in range(63, 80)]
+ recv_pkts = self.send_and_expect(self.tra_if, pkts, self.tra_if)
+
+ # these 4 packets will all choose seq-num 0 to decrpyt since none
+ # are out of window when first checked. however, once #200 has
+ # decrypted it will move the window to 200 and has #81 is out of
+ # window. this packet should be dropped.
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=200)),
+ (Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=81)),
+ (Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=201)),
+ (Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=202))]
+
+ # if anti-replay is off then we won't drop #81
+ n_rx = 3 if ar_on else 4
+ self.send_and_expect(self.tra_if, pkts, self.tra_if, n_rx=n_rx)
+ # this packet is one before the wrap
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=203))]
+ recv_pkts = self.send_and_expect(self.tra_if, pkts, self.tra_if)
+
+ # move the window over half way to a wrap
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=0x80000001))]
+ recv_pkts = self.send_and_expect(self.tra_if, pkts, self.tra_if)
+
+ # anti-replay will drop old packets, no anti-replay will not
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=0x44000001))]
+
+ if ar_on:
+ self.send_and_assert_no_replies(self.tra_if, pkts)
+ else:
+ recv_pkts = self.send_and_expect(self.tra_if, pkts, self.tra_if)
+
+ if esn_on:
+ #
+ # validate wrapping the ESN
+ #
+
+ # wrap scapy's TX SA SN
+ p.scapy_tra_sa.seq_num = 0x100000005
+
+ # send a packet that wraps the window for both AR and no AR
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=0x100000005))]
+
+ rxs = self.send_and_expect(self.tra_if, pkts, self.tra_if)
+ for rx in rxs:
+ decrypted = p.vpp_tra_sa.decrypt(rx[0][IP])
+
+ # move the window forward to half way to the next wrap
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=0x180000005))]
+
+ rxs = self.send_and_expect(self.tra_if, pkts, self.tra_if)
+
+ # a packet less than 2^30 from the current position is:
+ # - AR: out of window and dropped
+ # - non-AR: accepted
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=0x170000005))]
+
+ if ar_on:
+ self.send_and_assert_no_replies(self.tra_if, pkts)
+ else:
+ self.send_and_expect(self.tra_if, pkts, self.tra_if)
+
+ # a packet more than 2^30 from the current position is:
+ # - AR: out of window and dropped
+ # - non-AR: considered a wrap, but since it's not a wrap
+ # it won't decrpyt and so will be dropped
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=0x130000005))]
+
+ self.send_and_assert_no_replies(self.tra_if, pkts)
+
+ # a packet less than 2^30 from the current position and is a
+ # wrap; (the seq is currently at 0x180000005).
+ # - AR: out of window so considered a wrap, so accepted
+ # - non-AR: not considered a wrap, so won't decrypt
+ p.scapy_tra_sa.seq_num = 0x260000005
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=0x260000005))]
+ if ar_on:
+ self.send_and_expect(self.tra_if, pkts, self.tra_if)
+ else:
+ self.send_and_assert_no_replies(self.tra_if, pkts)
+
+ #
+ # window positions are different now for AR/non-AR
+ # move non-AR forward
+ #
+ if not ar_on:
+ # a packet more than 2^30 from the current position and is a
+ # wrap; (the seq is currently at 0x180000005).
+ # - AR: accepted
+ # - non-AR: not considered a wrap, so won't decrypt
+
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=0x200000005)),
+ (Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=0x200000006))]
+ self.send_and_expect(self.tra_if, pkts, self.tra_if)
+
+ pkts = [(Ether(src=self.tra_if.remote_mac,
+ dst=self.tra_if.local_mac) /
+ p.scapy_tra_sa.encrypt(IP(src=self.tra_if.remote_ip4,
+ dst=self.tra_if.local_ip4) /
+ ICMP(),
+ seq_num=0x260000005))]
+ self.send_and_expect(self.tra_if, pkts, self.tra_if)
+
def verify_tra_anti_replay(self):
p = self.params[socket.AF_INET]
esn_en = p.vpp_tra_sa.esn_en
recv_pkts = self.send_and_expect(self.tra_if, pkts, self.tra_if)
# replayed packets are dropped
- self.send_and_assert_no_replies(self.tra_if, pkts)
+ self.send_and_assert_no_replies(self.tra_if, pkts, timeout=0.2)
replay_count += len(pkts)
self.assertEqual(self.get_replay_counts(p), replay_count)
recv_pkts = self.send_and_expect(self.tra_if, [pkt], self.tra_if)
# replayed packets are dropped
- self.send_and_assert_no_replies(self.tra_if, pkt * 3)
+ self.send_and_assert_no_replies(self.tra_if, pkt * 3, timeout=0.2)
replay_count += 3
self.assertEqual(self.get_replay_counts(p), replay_count)
dst=self.tra_if.local_ip4) /
ICMP(),
seq_num=350))
- self.send_and_assert_no_replies(self.tra_if, pkt * 17)
+ self.send_and_assert_no_replies(self.tra_if, pkt * 17, timeout=0.2)
hash_failed_count += 17
self.assertEqual(self.get_hash_failed_counts(p), hash_failed_count)
dst=self.tra_if.local_ip4) /
ICMP(),
seq_num=350))
- self.send_and_assert_no_replies(self.tra_if, pkt * 17)
+ self.send_and_assert_no_replies(self.tra_if, pkt * 17, timeout=0.2)
undersize_count += 17
self.assert_error_counter_equal(undersize_node_name,
dst=self.tra_if.local_ip4) /
ICMP(),
seq_num=17))
- self.send_and_assert_no_replies(self.tra_if, pkt * 17)
+ self.send_and_assert_no_replies(self.tra_if, pkt * 17, timeout=0.2)
if esn_en:
# an out of window error with ESN looks like a high sequence
ICMP(),
seq_num=0x100000005))
rx = self.send_and_expect(self.tra_if, [pkt], self.tra_if)
+
decrypted = p.vpp_tra_sa.decrypt(rx[0][IP])
#
#
# While in case A we cannot wrap the high sequence number again
- # becuase VPP will consider this packet to be one that moves the
+ # because VPP will consider this packet to be one that moves the
# window forward
#
pkt = (Ether(src=self.tra_if.remote_mac,
dst=self.tra_if.local_ip4) /
ICMP(),
seq_num=0x200000999))
- self.send_and_assert_no_replies(self.tra_if, [pkt], self.tra_if)
+ self.send_and_assert_no_replies(self.tra_if, [pkt], self.tra_if,
+ timeout=0.2)
hash_failed_count += 1
self.assertEqual(self.get_hash_failed_counts(p), hash_failed_count)
#
- # but if we move the wondow forward to case B, then we can wrap
+ # but if we move the window forward to case B, then we can wrap
# again
#
p.scapy_tra_sa.seq_num = 0x100000555
# without ESN TX sequence numbers can't wrap and packets are
# dropped from here on out.
#
- self.send_and_assert_no_replies(self.tra_if, pkts)
+ self.send_and_assert_no_replies(self.tra_if, pkts, timeout=0.2)
seq_cycle_count += len(pkts)
self.assert_error_counter_equal(seq_cycle_node_name,
seq_cycle_count)
def tearDown(self):
super(ConfigIpsecESP, self).tearDown()
+ def config_anti_replay(self, params):
+ saf = VppEnum.vl_api_ipsec_sad_flags_t
+ for p in params:
+ p.flags |= saf.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY
+
def config_network(self, params):
self.net_objs = []
self.tun_if = self.pg0
crypt_key = params.crypt_key
addr_any = params.addr_any
addr_bcast = params.addr_bcast
- flags = (VppEnum.vl_api_ipsec_sad_flags_t.
- IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY)
e = VppEnum.vl_api_ipsec_spd_action_t
- flags = params.flags | flags
+ flags = params.flags
salt = params.salt
objs = []
def setUp(self):
super(TemplateIpsecEsp, self).setUp()
+ self.config_anti_replay(self.params.values())
self.config_network(self.params.values())
def tearDown(self):
p = self.ipv4_params
p.flags = (VppEnum.vl_api_ipsec_sad_flags_t.
- IPSEC_API_SAD_FLAG_UDP_ENCAP)
+ IPSEC_API_SAD_FLAG_UDP_ENCAP |
+ VppEnum.vl_api_ipsec_sad_flags_t.
+ IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY)
p.nat_header = UDP(sport=5454, dport=4500)
self.tra_spd = VppIpsecSpd(self, self.tra_spd_id)
class MyParameters():
def __init__(self):
- flag_esn = VppEnum.vl_api_ipsec_sad_flags_t.IPSEC_API_SAD_FLAG_USE_ESN
- self.flags = [0, flag_esn]
+ saf = VppEnum.vl_api_ipsec_sad_flags_t
+ flag_esn = saf.IPSEC_API_SAD_FLAG_USE_ESN
+ flag_ar = saf.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY
+ self.flags = [0, flag_esn, flag_ar]
# foreach crypto algorithm
self.algos = {
'AES-GCM-128/NONE': {
params = MyParameters()
self.engine = test_args[0]
self.flag = params.flags[0]
- if test_args[1] == 'ESN':
- self.flag = params.flags[1]
+ if test_args[1] == 'ESNon':
+ self.flag |= params.flags[1]
+ if test_args[2] == 'ARon':
+ self.flag |= params.flags[2]
- self.algo = params.algos[test_args[2]]
+ self.algo = params.algos[test_args[3]]
self.async_mode = False
if self.engine == "async":
self.async_mode = True
p.auth_algo = algo['scapy-integ']
p.crypt_key = algo['key']
p.salt = algo['salt']
- p.flags = p.flags | flag
+ p.flags = flag
p.outer_flow_label = 243224
p.async_mode = self.async_mode
count=NUM_PKTS, payload_size=sz)
#
- # swap the handlers while SAs are up
+ # reconfigure the network and SA to run the
+ # anti replay tests
#
- for e in engines:
- if e != engine:
- self.vapi.cli("set crypto handler all %s" % e)
- self.verify_tra_basic4(count=NUM_PKTS)
+ saf = VppEnum.vl_api_ipsec_sad_flags_t
+ if flag & saf.IPSEC_API_SAD_FLAG_USE_ANTI_REPLAY:
+ self.unconfig_network()
+ self.config_network(self.params.values())
+ self.verify_tra_anti_replay()
- #
- # remove the SPDs, SAs, etc
- #
self.unconfig_network()
+ self.config_network(self.params.values())
+ self.verify_hi_seq_num()
#
- # reconfigure the network and SA to run the
- # anti replay tests
+ # swap the handlers while SAs are up
#
+ self.unconfig_network()
self.config_network(self.params.values())
- self.verify_tra_anti_replay()
+ for e in engines:
+ if e != engine:
+ self.vapi.cli("set crypto handler all %s" % e)
+ self.verify_tra_basic4(count=NUM_PKTS)
+
self.unconfig_network()
#
# grep '# GEN' test_ipsec_esp.py | sed -e 's/# GEN //g' | bash
#
# GEN for ENG in native ipsecmb openssl; do \
-# GEN for FLG in noESN ESN; do for ALG in AES-GCM-128/NONE \
+# GEN for ESN in ESNon ESNoff; do for AR in ARon ARoff; do \
+# GEN for ALG in AES-GCM-128/NONE \
# GEN AES-GCM-192/NONE AES-GCM-256/NONE AES-CBC-128/MD5-96 \
# GEN AES-CBC-192/SHA1-96 AES-CBC-256/SHA1-96 \
# GEN 3DES-CBC/SHA1-96 NONE/SHA1-96 \
# GEN AES-CTR-128/SHA1-96 AES-CTR-192/SHA1-96 AES-CTR-256/SHA1-96; do \
-# GEN echo -e "\n\nclass Test_${ENG}_${FLG}_${ALG}(RunTestIpsecEspAll):" |
-# GEN sed -e 's/-/_/g' -e 's#/#_#g' ; \
-# GEN echo ' """'$ENG $FLG $ALG IPSec test'"""' ;
+# GEN echo -en "\n\nclass "
+# GEN echo -e "Test_${ENG}_${ESN}_${AR}_${ALG}(RunTestIpsecEspAll):" |
+# GEN sed -e 's/-/_/g' -e 's#/#_#g' ;
+# GEN echo ' """'$ENG $ESN $AR $ALG IPSec test'"""' ;
# GEN echo " def test_ipsec(self):";
+# GEN echo ' """'$ENG $ESN $AR $ALG IPSec test'"""' ;
# GEN echo " self.run_test()";
-# GEN done; done; done
+# GEN done; done; done; done
#
-# GEN for FLG in noESN ESN; do for ALG in \
+# GEN for ESN in ESNon ESNoff; do for AR in ARon ARoff; do \
+# GEN for ALG in \
# GEN AES-GCM-128/NONE AES-GCM-192/NONE AES-GCM-256/NONE \
# GEN AES-CBC-192/SHA1-96 AES-CBC-256/SHA1-96; do \
-# GEN echo -e "\n\nclass Test_async_${FLG}_${ALG}(RunTestIpsecEspAll):" |
-# GEN sed -e 's/-/_/g' -e 's#/#_#g' ; \
-# GEN echo ' """'async $FLG $ALG IPSec test'"""' ;
+# GEN echo -en "\n\nclass "
+# GEN echo -e "Test_async_${ESN}_${AR}_${ALG}(RunTestIpsecEspAll):" |
+# GEN sed -e 's/-/_/g' -e 's#/#_#g' ;
+# GEN echo ' """'async $ESN $AR $ALG IPSec test'"""' ;
# GEN echo " def test_ipsec(self):";
+# GEN echo ' """'async $ESN $AR $ALG IPSec test'"""' ;
# GEN echo " self.run_test()";
-# GEN done; done;
+# GEN done; done; done;
+
+
+class Test_native_ESNon_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """native ESNon ARon AES-GCM-128/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARon AES-GCM-128/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """native ESNon ARon AES-GCM-192/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARon AES-GCM-192/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """native ESNon ARon AES-GCM-256/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARon AES-GCM-256/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """native ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARon NONE/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARon NONE/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """native ESNon ARoff AES-GCM-128/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARoff AES-GCM-128/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """native ESNon ARoff AES-GCM-192/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARoff AES-GCM-192/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """native ESNon ARoff AES-GCM-256/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARoff AES-GCM-256/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """native ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARoff NONE/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARoff NONE/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNon_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """native ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """native ESNoff ARon AES-GCM-128/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARon AES-GCM-128/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """native ESNoff ARon AES-GCM-192/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARon AES-GCM-192/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """native ESNoff ARon AES-GCM-256/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARon AES-GCM-256/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """native ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARon NONE/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARon NONE/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """native ESNoff ARoff AES-GCM-128/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARoff AES-GCM-128/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """native ESNoff ARoff AES-GCM-192/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARoff AES-GCM-192/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """native ESNoff ARoff AES-GCM-256/NONE IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARoff AES-GCM-256/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """native ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARoff NONE/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARoff NONE/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_native_ESNoff_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """native ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """native ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARon AES-GCM-128/NONE IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARon AES-GCM-128/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARon AES-GCM-192/NONE IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARon AES-GCM-192/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARon AES-GCM-256/NONE IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARon AES-GCM-256/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARon NONE/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARon NONE/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARoff AES-GCM-128/NONE IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARoff AES-GCM-128/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARoff AES-GCM-192/NONE IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARoff AES-GCM-192/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARoff AES-GCM-256/NONE IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARoff AES-GCM-256/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARoff NONE/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARoff NONE/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNon_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNoff_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARon AES-GCM-128/NONE IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNoff ARon AES-GCM-128/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNoff_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARon AES-GCM-192/NONE IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNoff ARon AES-GCM-192/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNoff_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARon AES-GCM-256/NONE IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNoff ARon AES-GCM-256/NONE IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNoff_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNoff_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNoff_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNoff_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNoff_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARon NONE/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNoff ARon NONE/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNoff_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
+ self.run_test()
+
+
+class Test_ipsecmb_ESNoff_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
+ def test_ipsec(self):
+ """ipsecmb ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
+ self.run_test()
-class Test_native_noESN_AES_GCM_128_NONE(RunTestIpsecEspAll):
- """native noESN AES-GCM-128/NONE IPSec test"""
+class Test_ipsecmb_ESNoff_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_noESN_AES_GCM_192_NONE(RunTestIpsecEspAll):
- """native noESN AES-GCM-192/NONE IPSec test"""
+class Test_ipsecmb_ESNoff_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARoff AES-GCM-128/NONE IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARoff AES-GCM-128/NONE IPSec test"""
self.run_test()
-class Test_native_noESN_AES_GCM_256_NONE(RunTestIpsecEspAll):
- """native noESN AES-GCM-256/NONE IPSec test"""
+class Test_ipsecmb_ESNoff_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARoff AES-GCM-192/NONE IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARoff AES-GCM-192/NONE IPSec test"""
self.run_test()
-class Test_native_noESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
- """native noESN AES-CBC-128/MD5-96 IPSec test"""
+class Test_ipsecmb_ESNoff_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARoff AES-GCM-256/NONE IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARoff AES-GCM-256/NONE IPSec test"""
self.run_test()
-class Test_native_noESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
- """native noESN AES-CBC-192/SHA1-96 IPSec test"""
+class Test_ipsecmb_ESNoff_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
self.run_test()
-class Test_native_noESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
- """native noESN AES-CBC-256/SHA1-96 IPSec test"""
+class Test_ipsecmb_ESNoff_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_noESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
- """native noESN 3DES-CBC/SHA1-96 IPSec test"""
+class Test_ipsecmb_ESNoff_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_noESN_NONE_SHA1_96(RunTestIpsecEspAll):
- """native noESN NONE/SHA1-96 IPSec test"""
+class Test_ipsecmb_ESNoff_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_noESN_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
- """native noESN AES-CTR-128/SHA1-96 IPSec test"""
+class Test_ipsecmb_ESNoff_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARoff NONE/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARoff NONE/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_noESN_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
- """native noESN AES-CTR-192/SHA1-96 IPSec test"""
+class Test_ipsecmb_ESNoff_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_noESN_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
- """native noESN AES-CTR-256/SHA1-96 IPSec test"""
+class Test_ipsecmb_ESNoff_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_ESN_AES_GCM_128_NONE(RunTestIpsecEspAll):
- """native ESN AES-GCM-128/NONE IPSec test"""
+class Test_ipsecmb_ESNoff_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """ipsecmb ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """ipsecmb ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_ESN_AES_GCM_192_NONE(RunTestIpsecEspAll):
- """native ESN AES-GCM-192/NONE IPSec test"""
+class Test_openssl_ESNon_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-GCM-128/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARon AES-GCM-128/NONE IPSec test"""
self.run_test()
-class Test_native_ESN_AES_GCM_256_NONE(RunTestIpsecEspAll):
- """native ESN AES-GCM-256/NONE IPSec test"""
+class Test_openssl_ESNon_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-GCM-192/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARon AES-GCM-192/NONE IPSec test"""
self.run_test()
-class Test_native_ESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
- """native ESN AES-CBC-128/MD5-96 IPSec test"""
+class Test_openssl_ESNon_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-GCM-256/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARon AES-GCM-256/NONE IPSec test"""
self.run_test()
-class Test_native_ESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
- """native ESN AES-CBC-192/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARon AES-CBC-128/MD5-96 IPSec test"""
self.run_test()
-class Test_native_ESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
- """native ESN AES-CBC-256/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_ESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
- """native ESN 3DES-CBC/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_ESN_NONE_SHA1_96(RunTestIpsecEspAll):
- """native ESN NONE/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARon 3DES-CBC/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_ESN_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
- """native ESN AES-CTR-128/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARon NONE/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARon NONE/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_ESN_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
- """native ESN AES-CTR-192/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARon AES-CTR-128/SHA1-96 IPSec test"""
self.run_test()
-class Test_native_ESN_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
- """native ESN AES-CTR-256/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARon AES-CTR-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_noESN_AES_GCM_128_NONE(RunTestIpsecEspAll):
- """ipsecmb noESN AES-GCM-128/NONE IPSec test"""
+class Test_openssl_ESNon_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARon AES-CTR-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_noESN_AES_GCM_192_NONE(RunTestIpsecEspAll):
- """ipsecmb noESN AES-GCM-192/NONE IPSec test"""
+class Test_openssl_ESNon_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-GCM-128/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARoff AES-GCM-128/NONE IPSec test"""
self.run_test()
-class Test_ipsecmb_noESN_AES_GCM_256_NONE(RunTestIpsecEspAll):
- """ipsecmb noESN AES-GCM-256/NONE IPSec test"""
+class Test_openssl_ESNon_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-GCM-192/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARoff AES-GCM-192/NONE IPSec test"""
self.run_test()
-class Test_ipsecmb_noESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
- """ipsecmb noESN AES-CBC-128/MD5-96 IPSec test"""
+class Test_openssl_ESNon_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-GCM-256/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARoff AES-GCM-256/NONE IPSec test"""
self.run_test()
-class Test_ipsecmb_noESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb noESN AES-CBC-192/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARoff AES-CBC-128/MD5-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_noESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb noESN AES-CBC-256/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_noESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb noESN 3DES-CBC/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_noESN_NONE_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb noESN NONE/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARoff 3DES-CBC/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_noESN_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb noESN AES-CTR-128/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARoff NONE/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARoff NONE/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_noESN_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb noESN AES-CTR-192/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARoff AES-CTR-128/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_noESN_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb noESN AES-CTR-256/SHA1-96 IPSec test"""
+class Test_openssl_ESNon_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARoff AES-CTR-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_ESN_AES_GCM_128_NONE(RunTestIpsecEspAll):
- """ipsecmb ESN AES-GCM-128/NONE IPSec test"""
+class Test_openssl_ESNon_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNon ARoff AES-CTR-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_ESN_AES_GCM_192_NONE(RunTestIpsecEspAll):
- """ipsecmb ESN AES-GCM-192/NONE IPSec test"""
+class Test_openssl_ESNoff_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-GCM-128/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARon AES-GCM-128/NONE IPSec test"""
self.run_test()
-class Test_ipsecmb_ESN_AES_GCM_256_NONE(RunTestIpsecEspAll):
- """ipsecmb ESN AES-GCM-256/NONE IPSec test"""
+class Test_openssl_ESNoff_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-GCM-192/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARon AES-GCM-192/NONE IPSec test"""
self.run_test()
-class Test_ipsecmb_ESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
- """ipsecmb ESN AES-CBC-128/MD5-96 IPSec test"""
+class Test_openssl_ESNoff_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-GCM-256/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARon AES-GCM-256/NONE IPSec test"""
self.run_test()
-class Test_ipsecmb_ESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb ESN AES-CBC-192/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARon_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARon AES-CBC-128/MD5-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_ESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb ESN AES-CBC-256/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_ESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb ESN 3DES-CBC/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_ESN_NONE_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb ESN NONE/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARon_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARon 3DES-CBC/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_ESN_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb ESN AES-CTR-128/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARon_NONE_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARon NONE/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARon NONE/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_ESN_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb ESN AES-CTR-192/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARon_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARon AES-CTR-128/SHA1-96 IPSec test"""
self.run_test()
-class Test_ipsecmb_ESN_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
- """ipsecmb ESN AES-CTR-256/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARon_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARon AES-CTR-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_noESN_AES_GCM_128_NONE(RunTestIpsecEspAll):
- """openssl noESN AES-GCM-128/NONE IPSec test"""
+class Test_openssl_ESNoff_ARon_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARon AES-CTR-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_noESN_AES_GCM_192_NONE(RunTestIpsecEspAll):
- """openssl noESN AES-GCM-192/NONE IPSec test"""
+class Test_openssl_ESNoff_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-GCM-128/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARoff AES-GCM-128/NONE IPSec test"""
self.run_test()
-class Test_openssl_noESN_AES_GCM_256_NONE(RunTestIpsecEspAll):
- """openssl noESN AES-GCM-256/NONE IPSec test"""
+class Test_openssl_ESNoff_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-GCM-192/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARoff AES-GCM-192/NONE IPSec test"""
self.run_test()
-class Test_openssl_noESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
- """openssl noESN AES-CBC-128/MD5-96 IPSec test"""
+class Test_openssl_ESNoff_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-GCM-256/NONE IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARoff AES-GCM-256/NONE IPSec test"""
self.run_test()
-class Test_openssl_noESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
- """openssl noESN AES-CBC-192/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARoff_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARoff AES-CBC-128/MD5-96 IPSec test"""
self.run_test()
-class Test_openssl_noESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
- """openssl noESN AES-CBC-256/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_noESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
- """openssl noESN 3DES-CBC/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_noESN_NONE_SHA1_96(RunTestIpsecEspAll):
- """openssl noESN NONE/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARoff_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARoff 3DES-CBC/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_noESN_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
- """openssl noESN AES-CTR-128/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARoff_NONE_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff NONE/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARoff NONE/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_noESN_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
- """openssl noESN AES-CTR-192/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARoff_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARoff AES-CTR-128/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_noESN_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
- """openssl noESN AES-CTR-256/SHA1-96 IPSec test"""
+class Test_openssl_ESNoff_ARoff_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARoff AES-CTR-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_ESN_AES_GCM_128_NONE(RunTestIpsecEspAll):
- """openssl ESN AES-GCM-128/NONE IPSec test"""
+class Test_openssl_ESNoff_ARoff_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
+ """openssl ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """openssl ESNoff ARoff AES-CTR-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_ESN_AES_GCM_192_NONE(RunTestIpsecEspAll):
- """openssl ESN AES-GCM-192/NONE IPSec test"""
+class Test_async_ESNon_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """async ESNon ARon AES-GCM-128/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNon ARon AES-GCM-128/NONE IPSec test"""
self.run_test()
-class Test_openssl_ESN_AES_GCM_256_NONE(RunTestIpsecEspAll):
- """openssl ESN AES-GCM-256/NONE IPSec test"""
+class Test_async_ESNon_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """async ESNon ARon AES-GCM-192/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNon ARon AES-GCM-192/NONE IPSec test"""
self.run_test()
-class Test_openssl_ESN_AES_CBC_128_MD5_96(RunTestIpsecEspAll):
- """openssl ESN AES-CBC-128/MD5-96 IPSec test"""
+class Test_async_ESNon_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """async ESNon ARon AES-GCM-256/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNon ARon AES-GCM-256/NONE IPSec test"""
self.run_test()
-class Test_openssl_ESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
- """openssl ESN AES-CBC-192/SHA1-96 IPSec test"""
+class Test_async_ESNon_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """async ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """async ESNon ARon AES-CBC-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_ESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
- """openssl ESN AES-CBC-256/SHA1-96 IPSec test"""
+class Test_async_ESNon_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """async ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """async ESNon ARon AES-CBC-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_ESN_3DES_CBC_SHA1_96(RunTestIpsecEspAll):
- """openssl ESN 3DES-CBC/SHA1-96 IPSec test"""
+class Test_async_ESNon_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """async ESNon ARoff AES-GCM-128/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNon ARoff AES-GCM-128/NONE IPSec test"""
self.run_test()
-class Test_openssl_ESN_NONE_SHA1_96(RunTestIpsecEspAll):
- """openssl ESN NONE/SHA1-96 IPSec test"""
+class Test_async_ESNon_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """async ESNon ARoff AES-GCM-192/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNon ARoff AES-GCM-192/NONE IPSec test"""
self.run_test()
-class Test_openssl_ESN_AES_CTR_128_SHA1_96(RunTestIpsecEspAll):
- """openssl ESN AES-CTR-128/SHA1-96 IPSec test"""
+class Test_async_ESNon_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """async ESNon ARoff AES-GCM-256/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNon ARoff AES-GCM-256/NONE IPSec test"""
self.run_test()
-class Test_openssl_ESN_AES_CTR_192_SHA1_96(RunTestIpsecEspAll):
- """openssl ESN AES-CTR-192/SHA1-96 IPSec test"""
+class Test_async_ESNon_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """async ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """async ESNon ARoff AES-CBC-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_openssl_ESN_AES_CTR_256_SHA1_96(RunTestIpsecEspAll):
- """openssl ESN AES-CTR-256/SHA1-96 IPSec test"""
+class Test_async_ESNon_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """async ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """async ESNon ARoff AES-CBC-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_async_noESN_AES_GCM_128_NONE(RunTestIpsecEspAll):
- """async noESN AES-GCM-128/NONE IPSec test"""
+class Test_async_ESNoff_ARon_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """async ESNoff ARon AES-GCM-128/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNoff ARon AES-GCM-128/NONE IPSec test"""
self.run_test()
-class Test_async_noESN_AES_GCM_192_NONE(RunTestIpsecEspAll):
- """async noESN AES-GCM-192/NONE IPSec test"""
+class Test_async_ESNoff_ARon_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """async ESNoff ARon AES-GCM-192/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNoff ARon AES-GCM-192/NONE IPSec test"""
self.run_test()
-class Test_async_noESN_AES_GCM_256_NONE(RunTestIpsecEspAll):
- """async noESN AES-GCM-256/NONE IPSec test"""
+class Test_async_ESNoff_ARon_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """async ESNoff ARon AES-GCM-256/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNoff ARon AES-GCM-256/NONE IPSec test"""
self.run_test()
-class Test_async_noESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
- """async noESN AES-CBC-192/SHA1-96 IPSec test"""
+class Test_async_ESNoff_ARon_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """async ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """async ESNoff ARon AES-CBC-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_async_noESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
- """async noESN AES-CBC-256/SHA1-96 IPSec test"""
+class Test_async_ESNoff_ARon_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """async ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """async ESNoff ARon AES-CBC-256/SHA1-96 IPSec test"""
self.run_test()
-class Test_async_ESN_AES_GCM_128_NONE(RunTestIpsecEspAll):
- """async ESN AES-GCM-128/NONE IPSec test"""
+class Test_async_ESNoff_ARoff_AES_GCM_128_NONE(RunTestIpsecEspAll):
+ """async ESNoff ARoff AES-GCM-128/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNoff ARoff AES-GCM-128/NONE IPSec test"""
self.run_test()
-class Test_async_ESN_AES_GCM_192_NONE(RunTestIpsecEspAll):
- """async ESN AES-GCM-192/NONE IPSec test"""
+class Test_async_ESNoff_ARoff_AES_GCM_192_NONE(RunTestIpsecEspAll):
+ """async ESNoff ARoff AES-GCM-192/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNoff ARoff AES-GCM-192/NONE IPSec test"""
self.run_test()
-class Test_async_ESN_AES_GCM_256_NONE(RunTestIpsecEspAll):
- """async ESN AES-GCM-256/NONE IPSec test"""
+class Test_async_ESNoff_ARoff_AES_GCM_256_NONE(RunTestIpsecEspAll):
+ """async ESNoff ARoff AES-GCM-256/NONE IPSec test"""
def test_ipsec(self):
+ """async ESNoff ARoff AES-GCM-256/NONE IPSec test"""
self.run_test()
-class Test_async_ESN_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
- """async ESN AES-CBC-192/SHA1-96 IPSec test"""
+class Test_async_ESNoff_ARoff_AES_CBC_192_SHA1_96(RunTestIpsecEspAll):
+ """async ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """async ESNoff ARoff AES-CBC-192/SHA1-96 IPSec test"""
self.run_test()
-class Test_async_ESN_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
- """async ESN AES-CBC-256/SHA1-96 IPSec test"""
+class Test_async_ESNoff_ARoff_AES_CBC_256_SHA1_96(RunTestIpsecEspAll):
+ """async ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
def test_ipsec(self):
+ """async ESNoff ARoff AES-CBC-256/SHA1-96 IPSec test"""
self.run_test()