/****************************************************************************** * Copyright (c) 2000-2019 Ericsson Telecom AB * All rights reserved. This program and the accompanying materials * are made available under the terms of the Eclipse Public License v2.0 * which accompanies this distribution, and is available at * https://www.eclipse.org/org/documents/epl-2.0/EPL-2.0.html ******************************************************************************/ /////////////////////////////////////////////////////////////////////////////// // // File: TCCAssertion_Example.ttcn // Description: TCC Useful Functions: Assertion Functions. // Rev: R36B // Prodnr: CNL 113 472 // Updated: 2013-01-09 // Contact: http://ttcn.ericsson.se // /////////////////////////////////////////////////////////////////////////////// module TCCIPsec_Example { import from TCCIPsec_Functions all; import from TCCIPsec_Definitions all; type component test_CT {}; ////////////////////////////////////////////////////////////// // Simple tests ////////////////////////////////////////////////////////////// testcase SA_flush () runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SADB_flush (); log ( "f_IPsec_SADB_flush returns: ", res ); select ( res ) { case ( ok ) { setverdict(pass); } case ( insufficientPrivilege ) { log ( "Ensure that the test is run with sufficient (root) privileges!" ); setverdict(fail); } case ( notImplemented ) { log ( "Please, check the compilation flags!" ); log ( "Either USE_IPSEC or USE_KAME_IPSEC has to be specified." ); setverdict(fail); } case else { setverdict(fail); } } } testcase SA_add () runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SADB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_add ( "192.168.1.1", "192.168.1.2", esp, 2147483653, { { policyId := 101 }, { hardLifetime := 180 }, { softLifetime := 60 } }, { encrAndAuth := { ealgo := EALG_3DESCBC, ekey := { text := "123456789012345678901234" }, aalgo := AALG_MD5HMAC, akey := { text := "1234567890123456" } } } ); log ( "f_IPsec_SADB_add returns: ", res ); select ( res ) { case ( ok ) { setverdict(pass); } case else { setverdict(fail); } } res := f_IPsec_SADB_flush (); } /*testcase SA_update () runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SADB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_add ( "192.168.1.1", "192.168.1.2", esp, 11001, { { policyId := 101 }, { hardLifetime := 180 }, { softLifetime := 60 } }, { encrAndAuth := { ealgo := EALG_3DESCBC, ekey := { text := "123456789012345678901234" }, aalgo := AALG_MD5HMAC, akey := { text := "1234567890123456" } } } ); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_update ( "192.168.1.1", "192.168.1.2", esp, 11001, { { hardLifetime := 18 }, { softLifetime := 6 } } ); log ( "f_IPsec_SADB_update returns: ", res ); select ( res ) { case ( ok ) { setverdict(pass); } case else { setverdict(fail); } } res := f_IPsec_SADB_flush (); }*/ testcase SA_delete () runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SADB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_add ( "192.168.1.1", "192.168.1.2", esp, 2147483653, { { hardLifetime := 180 }, { softLifetime := 60 } }, { encrAndAuth := { ealgo := EALG_3DESCBC, ekey := { text := "123456789012345678901234" }, aalgo := AALG_MD5HMAC, akey := { text := "1234567890123456" } } } ); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_delete ( "192.168.1.1", "192.168.1.2", esp, 2147483653 ); log ( "f_IPsec_SADB_delete returns: ", res ); select ( res ) { case ( ok ) { setverdict(pass); } case else { setverdict(fail); } } } testcase SP_flush () runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SPDB_flush (); log ( "f_IPsec_SPDB_flush returns: ", res ); select ( res ) { case ( ok ) { setverdict(pass); } case ( notImplemented ) { log ( "Please, check the compilation flags!" ); log ( "SPD handling is supported only if USE_KAME_IPSEC is specified during compilation." ); setverdict(fail); } case else { setverdict(fail); } } } testcase SP_add () runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SPDB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SPDB_add ( "192.168.1.1", -, 2001, "192.168.1.2", -, 3001, tcpProto, outDir, { ipSec := { { protocol := ah, mode := { transport := {} }, level := { unique := { id := 101 } } } } } ); log ( "f_IPsec_SPDB_add returns: ", res ); select ( res ) { case ( ok ) { setverdict(pass); } case else { setverdict(fail); } } res := f_IPsec_SPDB_flush (); } testcase SP_delete () runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SPDB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SPDB_add ( "192.168.1.1", -, 2001, "192.168.1.2", -, 3001, tcpProto, outDir, { ipSec := { { protocol := ah, mode := { transport := {} }, level := { unique := { id := 101 } } } } } ); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SPDB_delete ( "192.168.1.1", -, 2001, "192.168.1.2", -, 3001, tcpProto, outDir ); log ( "f_IPsec_SPDB_delete returns: ", res ); select ( res ) { case ( ok ) { setverdict(pass); } case else { setverdict(fail); } } } ////////////////////////////////////////////////////////////// // Compound tests // To test functionality a bit better without using test ports ////////////////////////////////////////////////////////////// testcase SA_add_twice () runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SADB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_add ( "192.168.1.1", "192.168.1.2", esp, 11001, { { policyId := 101 }, { hardLifetime := 180 }, { softLifetime := 60 } }, { encrAndAuth := { ealgo := EALG_3DESCBC, ekey := { text := "123456789012345678901234" }, aalgo := AALG_MD5HMAC, akey := { text := "1234567890123456" } } } ); log ( "First f_IPsec_SADB_add returns: ", res ); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_add ( "192.168.1.1", "192.168.1.2", esp, 11001, { { policyId := 101 }, { hardLifetime := 180 }, { softLifetime := 60 } }, { encrAndAuth := { ealgo := EALG_3DESCBC, ekey := { text := "123456789012345678901234" }, aalgo := AALG_MD5HMAC, akey := { text := "1234567890123456" } } } ); if ( res == alreadyExisted ) { setverdict(pass); } else { log ( "Second f_IPsec_SADB_add returned unexpected result: ", res ); setverdict(fail); } res := f_IPsec_SADB_flush (); } testcase SA_flush_2 () runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SADB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_add ( "192.168.1.1", "192.168.1.2", esp, 11001, { { policyId := 101 }, { hardLifetime := 180 }, { softLifetime := 60 } }, { encrAndAuth := { ealgo := EALG_3DESCBC, ekey := { text := "123456789012345678901234" }, aalgo := AALG_MD5HMAC, akey := { text := "1234567890123456" } } } ); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_add ( "192.168.1.1", "192.168.1.2", esp, 11001, { { policyId := 101 }, { hardLifetime := 180 }, { softLifetime := 60 } }, { encrAndAuth := { ealgo := EALG_3DESCBC, ekey := { text := "123456789012345678901234" }, aalgo := AALG_MD5HMAC, akey := { text := "1234567890123456" } } } ); if ( res != alreadyExisted ) { setverdict(fail); } res := f_IPsec_SADB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_add ( "192.168.1.1", "192.168.1.2", esp, 11001, { { policyId := 101 }, { hardLifetime := 180 }, { softLifetime := 60 } }, { encrAndAuth := { ealgo := EALG_3DESCBC, ekey := { text := "123456789012345678901234" }, aalgo := AALG_MD5HMAC, akey := { text := "1234567890123456" } } } ); if ( res == ok ) { setverdict(pass); } else { log ( "f_IPsec_SADB_add after f_IPsec_SADB_flush returned unexpected result: ", res ); setverdict(fail); } res := f_IPsec_SADB_flush (); } testcase SA_delete_2 () runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SADB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_delete ( "192.168.1.1", "192.168.1.2", esp, 11001 ); if ( res != notFound ) { setverdict(fail); } res := f_IPsec_SADB_add ( "192.168.1.1", "192.168.1.2", esp, 11001, { { policyId := 101 }, { hardLifetime := 180 }, { softLifetime := 60 } }, { encrAndAuth := { ealgo := EALG_3DESCBC, ekey := { text := "123456789012345678901234" }, aalgo := AALG_MD5HMAC, akey := { text := "1234567890123456" } } } ); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_delete ( "192.168.1.1", "192.168.1.2", esp, 11001 ); if ( res == ok ) { setverdict(pass); } else { log ( "f_IPsec_SADB_delete after f_IPsec_SADB_add returned: ", res ); setverdict(fail); } } testcase SP_compound_test () runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SPDB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SPDB_add ( "192.168.1.1", -, 2001, "192.168.1.2", -, 3001, tcpProto, outDir, { ipSec := { { protocol := ah, mode := { transport := {} }, level := { unique := { id := 101 } } } } } ); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SPDB_add ( "192.168.1.1", -, 2001, "192.168.1.2", -, 3001, tcpProto, outDir, { ipSec := { { protocol := ah, mode := { transport := {} }, level := { unique := { id := 101 } } } } } ); if ( res != alreadyExisted ) { setverdict(fail); } res := f_IPsec_SPDB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SPDB_add ( "192.168.1.1", -, 2001, "192.168.1.2", -, 3001, tcpProto, outDir, { ipSec := { { protocol := ah, mode := { transport := {} }, level := { unique := { id := 101 } } } } } ); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SPDB_delete ( "192.168.1.1", -, 2001, "192.168.1.2", -, 3001, tcpProto, outDir ); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SPDB_delete ( "192.168.1.1", -, 2001, "192.168.1.2", -, 3001, tcpProto, outDir ); if ( res != notFound ) { setverdict(fail); } res := f_IPsec_SPDB_add ( "192.168.1.1", -, 2001, "192.168.1.2", -, 3001, tcpProto, outDir, { ipSec := { { protocol := ah, mode := { transport := {} }, level := { unique := { id := 101 } } } } } ); select ( res ) { case ( ok ) { setverdict(pass); } case else { setverdict(fail); } } res := f_IPsec_SADB_flush (); res := f_IPsec_SPDB_flush (); } testcase f_add() runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SADB_flush (); if ( res != ok ) { setverdict(fail); } res := f_IPsec_SADB_add ( "6.0.0.1", "6.0.0.2", esp, 1980010810, { { policyId := 111 }, { hardLifetime := 198 }, { softLifetime := 60 } }, { encrAndAuth := { ealgo := EALG_3DESCBC, ekey := { text := "221111111111111111111111" }, aalgo := AALG_MD5HMAC, akey := { text := "1411111111111111" } } }, -, useNatt := true, ipSecMode := tunnel); log ( "f_add returns: ", res ); select ( res ) { case ( ok ) {setverdict(pass);} case else {setverdict(fail);} } } testcase f_delete() runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SADB_delete( "6.0.0.1", "6.0.0.2", esp, 1980010810); log ( "f_IPsec_SPDB_delete returns: ", res ); select(res){ case(ok) {setverdict(pass);} case else {setverdict(fail);} } } testcase f_spadd() runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SPDB_add ( "172.23.31.0", 24, 1234, "172.23.32.0", 32, 4321, -, outDir, {ipSec := {{ protocol := esp, mode := { tunnel := { srcAddr := "6.0.0.1", srcPort := 4500, dstAddr := "6.0.0.1" , dstPort := 4500 } }, level := { require := {} } }} }); log ( "f_IPsec_SPDB_add returns: ", res ); select ( res ) { case ( ok ) { setverdict(pass);} case else {setverdict(fail);} } } testcase f_spdelete() runs on test_CT { var TCCIPsec_Result res; res := f_IPsec_SPDB_delete( "172.23.31.0", 24, 4500, "172.23.32.0", 32, 4500, -, outDir); log ( "f_IPsec_SPDB_delete returns: ", res ); select ( res ) { case ( ok ) { setverdict(pass); } case else {setverdict(fail); } } } control { // Simple tests execute ( SA_flush (), 1.0 ); execute ( SA_add (), 1.0 ); //execute ( SA_update (), 1.0 ); execute ( SA_delete (), 1.0 ); execute ( SP_flush (), 1.0 ); execute ( SP_add (), 1.0 ); execute ( SP_delete (), 1.0 ); // Compound tests execute ( SA_add_twice (), 1.0 ); execute ( SA_flush_2 (), 1.0 ); execute ( SA_delete_2 (), 1.0 ); execute ( SP_compound_test (), 1.0 ); // Test NAT-T execute(SA_flush ()); execute(f_add()); execute(f_delete()); execute(SP_flush ()); execute(f_spadd()); execute(f_spdelete()); } }