2.52. test_ikev2 module

class test_ikev2.AuthAlgo(name, mac, mod, key_len, trunc_len=None)

Bases: object

class test_ikev2.CryptoAlgo(name, cipher, mode)

Bases: object

decrypt(data, key, aad=None, icv=None)
encrypt(data, key, aad=None)
pad(data)
class test_ikev2.IKEv2ChildSA(local_ts, remote_ts, spi=None)

Bases: object

class test_ikev2.IKEv2SA(test, is_initiator=True, spi=b'x04x04x04x04x04x04x04x04', i_id=None, r_id=None, id_type='fqdn', nonce=None, auth_data=None, local_ts=None, remote_ts=None, auth_method='shared-key', priv_key=None, natt=False)

Bases: object

auth_init()
calc_child_keys()
calc_keys()
calc_prf(prf, key, data)
calc_prfplus(prf, key, seed, length)
complete_dh_data()
compute_hmac(integ, key, data)
compute_nat_sha1(ip, port)
compute_secret()
concat(alg, key_len)
crypto_attr(key_len)
decrypt(data, aad=None, icv=None)
dh_pub_key()
encrypt(data, aad=None)
esp_crypto_attr()
generate_authmsg(prf, packet)
generate_dh_data()
generate_ts()
hmac_and_decrypt(ike)
ike_crypto_attr()
property my_authkey
property my_cryptokey
property peer_authkey
property peer_cryptokey
set_esp_props(crypto, crypto_key_len, integ)
set_ike_props(crypto, crypto_key_len, integ, prf, dh)
verify_hmac(ikemsg)
property vpp_esp_cypto_alg
property vpp_ike_cypto_alg
class test_ikev2.Ikev2Params

Bases: object

config_params(params={})
class test_ikev2.TemplateResponder(methodName='runTest')

Bases: framework.VppTestCase

responder test template

create_ike_msg(src_if, msg, sport=500, dport=500, natt=False)
get_ike_header(packet)
send_sa_auth()
send_sa_init(behind_nat=False)
setUp()

Clear trace before running each test

classmethod setUpClass()

Perform class setup before running the testcase Remove shared memory files, start vpp and connect the vpp-api

tearDown()

Show various debug prints after each test

classmethod tearDownClass()

Perform final cleanup after running all tests in this test-case

test_responder()
verify_and_remove_non_esp_marker(packet)
verify_id(api_id, exp_id)
verify_ike_sas()
verify_ipsec_sas()
verify_keymat(api_keys, keys, name)
verify_nonce(api_nonce, nonce)
verify_sa_auth(packet)
verify_sa_init(packet)
verify_ts(api_ts, ts, is_initiator)
verify_udp(udp)
class test_ikev2.TestAES_CBC_128_SHA256_128_MODP3072_ESP_AES_GCM_16(methodName='runTest')

Bases: test_ikev2.TemplateResponder, test_ikev2.Ikev2Params

IKE:AES_CBC_128_SHA256_128,DH=modp3072 ESP:AES_GCM_16

config_tc()
class test_ikev2.TestApi(methodName='runTest')

Bases: framework.VppTestCase

Test IKEV2 API

configure_profile(cfg)
classmethod setUpClass()

Perform class setup before running the testcase Remove shared memory files, start vpp and connect the vpp-api

tearDown()

Show various debug prints after each test

classmethod tearDownClass()

Perform final cleanup after running all tests in this test-case

test_profile_api()

test profile dump API

verify_auth(api_auth, cfg_auth)
verify_esp_transforms(api_ts, cfg_ts)
verify_id(api_id, cfg_id)
verify_ike_transforms(api_ts, cfg_ts)
verify_lifetime_data(p, ld)
verify_profile(ap, cp)
verify_responder(api_r, cfg_r)
verify_transforms(api_ts, cfg_ts)
verify_ts(api_ts, cfg_ts)
class test_ikev2.TestResponderNATT(methodName='runTest')

Bases: test_ikev2.TemplateResponder, test_ikev2.Ikev2Params

test ikev2 responder - nat traversal

config_tc()
class test_ikev2.TestResponderPsk(methodName='runTest')

Bases: test_ikev2.TemplateResponder, test_ikev2.Ikev2Params

test ikev2 responder - pre shared key auth

config_tc()
class test_ikev2.TestResponderRsaSign(methodName='runTest')

Bases: test_ikev2.TemplateResponder, test_ikev2.Ikev2Params

test ikev2 responder - cert based auth

config_tc()
class test_ikev2.Test_IKE_AES_CBC_128_SHA256_128_MODP2048_ESP_AES_CBC_192_SHA_384_192(methodName='runTest')

Bases: test_ikev2.TemplateResponder, test_ikev2.Ikev2Params

IKE:AES_CBC_128_SHA256_128,DH=modp2048 ESP:AES_CBC_192_SHA_384_192

config_tc()
class test_ikev2.Test_IKE_AES_GCM_16_256(methodName='runTest')

Bases: test_ikev2.TemplateResponder, test_ikev2.Ikev2Params

IKE:AES_GCM_16_256

config_tc()