-
Task
-
Resolution: Done
-
High
-
None
Transport mode tests:
TC16: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys
[Documentation]
[Top] TG-DUT1.
[Ref] RFC4303.
[Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport mode. Then update SA keys - use new keys.
[Ver] Send and receive ESP packet between TG and VPP node before and after SA keys update.
TC17: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption alogrithms used
[Documentation]
[Top] TG-DUT1.
[Ref] RFC4303.
[Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport mode. Then update SA keys - use new keys.
[Ver] Send an ESP packet encrypted by encryption key different from encryption key stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.
TC18: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different integrity alogrithms used
[Documentation]
[Top] TG-DUT1.
[Ref] RFC4303.
[Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport mode. Then update SA keys - use new keys.
[Ver] Send an ESP packet authenticated by integrity key different from integrity key stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.
TC19: VPP process ESP packet in Transport Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption and integrity alogrithms used
[Documentation]
[Top] TG-DUT1.
[Ref] RFC4303.
[Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in transport mode. Then update SA keys - use new keys.
[Ver] Send an ESP packet authenticated by integrity key and encrypted by encryption key different from integrity and encryption keys stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.
Tunnel mode tests:
TC16: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys
[Documentation]
[Top] TG-DUT1.
[Ref] RFC4303.
[Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode. Then update SA keys - use new keys.
[Ver] Send and receive ESP packet between TG and VPP node before and after SA keys update.
TC17: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption alogrithms used
[Documentation]
[Top] TG-DUT1.
[Ref] RFC4303.
[Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode. Then update SA keys - use new keys.
[Ver] Send an ESP packet encrypted by encryption key different from encryption key stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.
TC18: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different integrity alogrithms used
[Documentation]
[Top] TG-DUT1.
[Ref] RFC4303.
[Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode. Then update SA keys - use new keys.
[Ver] Send an ESP packet authenticated by integrity key different from integrity key stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.
TC19: VPP process ESP packet in Tunnel Mode with AES-CBC-128 encryption and SHA1-96 integrity with update SA keys - different encryption and integrity alogrithms used
[Documentation]
[Top] TG-DUT1.
[Ref] RFC4303.
[Cfg] On DUT1 configure IPsec manual keyed connection with encryption algorithm AES-CBC-128 and integrity algorithm SHA1-96 in tunnel mode. Then update SA keys - use new keys.
[Ver] Send an ESP packet authenticated by integrity key and encrypted by encryption key different from integrity and encryption keys stored on VPP node from TG to VPP node and expect no response to be received on TG before and after SA keys update.