Uploaded image for project: 'csit'
  1. csit
  2. CSIT-385

IPv4 encaps - ip4-ipsec-ip4, part III

XMLWordPrintable

      Transport mode tests:

      TC16: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys
      [Documentation]
      [Top] TG-DUT1.
      [Ref] RFC4303.
      [Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport mode. Then update SA keys - use new keys.
      [Ver] Send and receive ESP packet between TG and VPP node before and after SA keys update.

      TC17: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption alogrithms used
      [Documentation]
      [Top] TG-DUT1.
      [Ref] RFC4303.
      [Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport mode. Then update SA keys - use new keys.
      [Ver] Send an ESP packet encrypted by encryption key different from encryption key stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.

      TC18: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different integrity alogrithms used
      [Documentation]
      [Top] TG-DUT1.
      [Ref] RFC4303.
      [Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport mode. Then update SA keys - use new keys.
      [Ver] Send an ESP packet authenticated by integrity key different from integrity key stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.

      TC19: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption and integrity alogrithms used
      [Documentation]
      [Top] TG-DUT1.
      [Ref] RFC4303.
      [Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport mode. Then update SA keys - use new keys.
      [Ver] Send an ESP packet authenticated by integrity key and encrypted by encryption key different from integrity and encryption keys stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.

      Tunnel mode tests:

      TC16: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys
      [Documentation]
      [Top] TG-DUT1.
      [Ref] RFC4303.
      [Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode. Then update SA keys - use new keys.
      [Ver] Send and receive ESP packet between TG and VPP node before and after SA keys update.

      TC17: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption alogrithms used
      [Documentation]
      [Top] TG-DUT1.
      [Ref] RFC4303.
      [Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode. Then update SA keys - use new keys.
      [Ver] Send an ESP packet encrypted by encryption key different from encryption key stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.

      TC18: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different integrity alogrithms used
      [Documentation]
      [Top] TG-DUT1.
      [Ref] RFC4303.
      [Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode. Then update SA keys - use new keys.
      [Ver] Send an ESP packet authenticated by integrity key different from integrity key stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.

      TC19: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption and integrity alogrithms used
      [Documentation]
      [Top] TG-DUT1.
      [Ref] RFC4303.
      [Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode. Then update SA keys - use new keys.
      [Ver] Send an ESP packet authenticated by integrity key and encrypted by encryption key different from integrity and encryption keys stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.

            phrnciar Patrik Hrnciar
            jgelety Jan Gelety
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 3 days
                3d
                Remaining:
                Remaining Estimate - 3 days
                3d
                Logged:
                Time Spent - Not Specified
                Not Specified