Ejemplo n.º 1
0
class IrisConfigStore:
    def __init__(self):
        self.objects = ConfigStore.objects
        self.templates = ConfigStore.templates
        self.specs = ConfigStore.specs

        # Custom Database for easy access.
        self.trunks = ObjectDatabase()
        self.tunnels = ObjectDatabase()
        return

    def SetTunnels(self, objs):
        return self.tunnels.SetAll(objs)

    def GetTunnelsVxlan(self):
        vxlan_tunnels = []
        for tun in self.tunnels.GetAllInList():
            if tun.IsVxlan(): vxlan_tunnels.append(tun)
        return vxlan_tunnels

    def GetTrunkingUplinks(self):
        return self.trunks.GetAllInList()

    def SetTrunkingUplinks(self, objs):
        return self.trunks.SetAll(objs)
Ejemplo n.º 2
0
    def __init__(self):
        self.objects = ConfigStore.objects
        self.templates = ConfigStore.templates
        self.specs = ConfigStore.specs

        # Custom Database for easy access.
        self.trunks = ObjectDatabase()
        self.tunnels = ObjectDatabase()
        return
Ejemplo n.º 3
0
def TestCaseSetup(tc):

    print("TestCaseSetup(): Start")

    tc.pvtdata = ObjectDatabase()
    tcp_proxy.SetupProxyArgs(tc)
    id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)
    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    tcp_proxy.init_tcb_inorder(tc, tcb)
    # set tcb state to ESTABLISHED(1)
    tcb.state = 1
    tcb.SetObjValPd()

    # 2. Clone objects that are needed for verification
    rnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"])
    rnmdpr.GetMeta()
    rnmdpr.GetRingEntries([rnmdpr.pi])
    tnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"])
    tnmdpr.GetMeta()
    tnmdpr.GetRingEntries([tnmdpr.pi])

    if tc.module.args.cipher_suite == "CCM":
        brq = copy.deepcopy(
            tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_CCM"])
    elif tc.module.args.cipher_suite == "CBC":
        brq = copy.deepcopy(
            tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_CBC"])
    else:
        brq = copy.deepcopy(
            tc.infra_data.ConfigStore.objects.db["BRQ_DECRYPT_GCM"])
    brq.GetMeta()

    tlscbid = "TlsCb%04d" % id
    tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid])

    tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_proxy | \
                            tcp_tls_proxy.tls_debug_dol_sesq_stop
    if hasattr(tc.module.args, 'reassemble'):
        if tc.module.args.reassemble == True:
            print("Enabling reassembly support")
            tlscb.debug_dol = tlscb.debug_dol | tcp_tls_proxy.tls_debug_dol_dec_reasm_path
    tlscb.other_fid = 0xffff
    tlscb.serq_pi = 0
    tlscb.serq_ci = 0
    tlscb.SetObjValPd()

    if tc.module.args.key_size == 16:
        tcp_tls_proxy.tls_aes128_decrypt_setup(tc, tlscb)
    elif tc.module.args.key_size == 32:
        tcp_tls_proxy.tls_aes256_decrypt_setup(tc, tlscb)

    tc.pvtdata.Add(tlscb)
    tc.pvtdata.Add(rnmdpr)
    tc.pvtdata.Add(tnmdpr)
    tc.pvtdata.Add(brq)

    return
Ejemplo n.º 4
0
    def __init__(self):
        self.headers = ObjectDatabase()
        self.packets = ObjectDatabase()
        self.payloads = ObjectDatabase()

        self.templates = ObjectDatabase()
        self.specs = ObjectDatabase()

        self.testobjects = ObjectDatabase()
        return
Ejemplo n.º 5
0
def TestCaseSetup(tc):
    global ipseccbq
    global ipseccb
    global rnmdr
    global iv
    global seq

    tc.pvtdata = ObjectDatabase()
    tc.pvtdata.seqNo = 0
    print("TestCaseSetup(): Sample Implementation.")
    # 2. Clone objects that are needed for verification
    rnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMDR"])
    rnmdr.GetMeta()
    rnmdr.GetRingEntries([rnmdr.pi, rnmdr.pi + 1])
    rnmdr.GetRingEntryAOL([rnmdr.pi, rnmdr.pi + 1])

    id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)
    IpsecCbHelper.main(id)
    ipsecid = "IPSECCB%04d" % id
    ipseccb = tc.infra_data.ConfigStore.objects.db[ipsecid]
    ipsec_cbq_id = ipsecid + "_IPSECCBQ"

    ipseccbq = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db[ipsec_cbq_id])
    ipseccb = tc.infra_data.ConfigStore.objects.db[ipsecid]

    rnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMPR"])
    rnmpr.GetMeta()
    rnmpr.GetRingEntries([rnmpr.pi])
    tnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMDR"])
    tnmdr.GetMeta()
    tnmdr.GetRingEntries([tnmdr.pi])
    tnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMPR"])
    tnmpr.GetMeta()
    tnmpr.GetRingEntries([tnmpr.pi])

    brq = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"])
    brq.GetMeta()
    brq.GetRingEntries([brq.pi])

    iv = ipseccb.iv
    seq = ipseccb.esn_lo

    tc.pvtdata.Add(rnmdr)
    tc.pvtdata.Add(rnmpr)
    tc.pvtdata.Add(tnmdr)
    tc.pvtdata.Add(tnmpr)
    tc.pvtdata.Add(brq)
    return
Ejemplo n.º 6
0
def TestCaseSetup(tc):

    tc.pvtdata = ObjectDatabase()
    tcp_proxy.SetupProxyArgs(tc)
    id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)
    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    tcp_proxy.init_tcb_inorder(tc, tcb)
    # set tcb state to ESTABLISHED(1)
    tcb.state = 1
    tcb.l7_proxy_type = 0
    tcb.debug_dol = 0
    tcb.SetObjValPd()

    # 2. Clone objects that are needed for verification
    rnmdpr_big = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"])
    rnmdpr_big.GetMeta()
    tnmdpr_big = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"])
    #tnmdpr_big.GetMeta()

    brq = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"])
    #brq.GetMeta()

    tlscbid = "TlsCb%04d" % id
    tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid])

    tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_proxy | \
                            tcp_tls_proxy.tls_debug_dol_sesq_stop
    tlscb.other_fid = 0xffff
    tlscb.l7_proxy_type = tcp_proxy.l7_proxy_type_REDIR
    tlscb.serq_pi = 0
    tlscb.serq_ci = 0

    if tc.module.args.key_size == 16:
        tcp_tls_proxy.tls_aes128_decrypt_setup(tc, tlscb)
    elif tc.module.args.key_size == 32:
        tcp_tls_proxy.tls_aes256_decrypt_setup(tc, tlscb)

    tc.pvtdata.Add(tlscb)
    tc.pvtdata.Add(rnmdpr_big)
    tc.pvtdata.Add(tnmdpr_big)
    tc.pvtdata.Add(brq)

    return
Ejemplo n.º 7
0
def TestCaseSetup(tc):
    tc.pvtdata = ObjectDatabase()

    tcp_proxy.SetupProxyArgs(tc)

    id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)
    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    tcp_proxy.init_tcb_inorder(tc, tcb)
    # set tcb state to ESTABLISHED(1)
    tcb.state = tcp_proxy.tcp_state_ESTABLISHED
    tcb.debug_dol_tx |= tcp_proxy.tcp_tx_debug_dol_dont_tx
    tcb.SetObjValPd()

    # 2. Clone objects that are needed for verification
    rnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"])
    rnmdpr.GetMeta()
    tnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"])
    tnmdpr.GetMeta()
    arq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["CPU0000_ARQ"])

    sesqid = "TCPCB%04d_SESQ" % id
    sesq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[sesqid])
    sesq.GetMeta()
    tlscbid = "TlsCb%04d" % id
    tlscb_cur = tc.infra_data.ConfigStore.objects.db[tlscbid]
    #tlscb_cur.debug_dol = (tcp_tls_proxy.tls_debug_dol_leave_in_arq | tcp_tls_proxy.tls_debug_dol_bypass_proxy | tcp_tls_proxy.tls_debug_dol_bypass_barco | tcp_tls_proxy.tls_debug_dol_fake_handshake_msg)
    tlscb_cur.debug_dol = (tcp_tls_proxy.tls_debug_dol_bypass_proxy
                           | tcp_tls_proxy.tls_debug_dol_bypass_barco
                           | tcp_tls_proxy.tls_debug_dol_arm_loop_ctlr_pkts)
    tlscb_cur.other_fid = 0xffff
    tlscb_cur.is_decrypt_flow = 1
    tlscb_cur.serq_pi = 0
    tlscb_cur.serq_ci = 0
    tlscb_cur.SetObjValPd()
    tlscb = copy.deepcopy(tlscb_cur)
    tlscb.GetObjValPd()
    tcpcb = copy.deepcopy(tcb)
    tcpcb.GetObjValPd()

    tc.pvtdata.Add(tlscb)
    tc.pvtdata.Add(rnmdpr)
    tc.pvtdata.Add(tnmdpr)
    tc.pvtdata.Add(tcpcb)
    tc.pvtdata.Add(sesq)
    tc.pvtdata.Add(arq)
    return
Ejemplo n.º 8
0
def TestCaseSetup(tc):
    tc.pvtdata = ObjectDatabase()
    tcp_proxy.SetupProxyArgs(tc)

    id1, id2 = ProxyCbServiceHelper.GetSessionQids(tc.config.flow._FlowObject__session)
    if tc.config.flow.IsIflow():
        id = id1
        other_fid = id2
    else:
        id = id2
        other_fid = id1

    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    tcp_proxy.init_tcb_inorder(tc, tcb)
    tcb.debug_dol = 0
    # set tcb state to SYN_SENT(2)
    tcb.state = tcp_proxy.tcp_state_SYN_SENT
    tcb.SetObjValPd()

    TcpCbHelper.main(other_fid)
    tcbid2 = "TcpCb%04d" % (other_fid)
    logger.info("Configuring %s" % tcbid2)
    tcb2 = tc.infra_data.ConfigStore.objects.db[tcbid2]
    tcp_proxy.init_tcb_inorder2(tc, tcb2)
    tcb2.SetObjValPd()



    # 2. Clone objects that are needed for verification
    arq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["CPU0000_ARQ"])
    arq.Configure()

    sesqid = "TCPCB%04d_SESQ" % id
    sesq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[sesqid])
    tlscbid = "TlsCb%04d" % id
    tlscb_cur = tc.infra_data.ConfigStore.objects.db[tlscbid]
    tlscb_cur.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_barco
    tlscb_cur.SetObjValPd()
    tlscb = copy.deepcopy(tlscb_cur)
    tcpcb = copy.deepcopy(tcb)

    tc.pvtdata.Add(tlscb)
    tc.pvtdata.Add(tcpcb)
    tc.pvtdata.Add(sesq)
    tc.pvtdata.Add(arq)
    return
Ejemplo n.º 9
0
def TestCaseSetup(tc):
    global cpurx_dpr
    tc.SetRetryEnabled(True)
    tc.pvtdata = ObjectDatabase()

    # For this test, we'd like app_redir flow miss pipeline to configure
    # the necessary rawr/rawc CBs so we refrain from doing that here.


    # Clone objects that are needed for verification
    cpurx_dpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["CPU_RX_DPR"])
    cpurx_dpr.GetMeta()
    cpurx_dpr.GetRingEntries([cpurx_dpr.pi])

    return
Ejemplo n.º 10
0
def TestCaseSetup(tc):

    tc.pvtdata = ObjectDatabase()
    tcp_proxy.SetupProxyArgs(tc)
    id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)
    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    tcp_proxy.init_tcb_inorder(tc, tcb)
    tcb.l7_proxy_type = tcp_proxy.l7_proxy_type_SPAN
    tcb.debug_dol |= tcp_proxy.tcp_debug_dol_pkt_to_serq
    tcb.debug_dol |= tcp_proxy.tcp_debug_dol_pkt_to_l7q
    if hasattr(tc.module.args, 'atomic_stats') and tc.module.args.atomic_stats:
        print("Testing atomic stats")
        tcb.debug_dol |= tcp_proxy.tcp_debug_dol_test_atomic_stats
    tcb.bytes_rcvd = 0
    # set tcb state to ESTABLISHED(1)
    tcb.state = 1
    tcb.SetObjValPd()

    tlscbid = "TlsCb%04d" % id
    tlscb = tc.infra_data.ConfigStore.objects.db[tlscbid]
    tlscb.debug_dol = 0
    tlscb.is_decrypt_flow = False
    tlscb.other_fid = 0xffff
    tlscb.serq_pi = 0
    tlscb.serq_ci = 0
    tlscb.SetObjValPd()

    # 2. Clone objects that are needed for verification
    rnmdpr_big = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"])
    rnmdpr_big.GetMeta()
    rnmdpr_big.GetRingEntries([rnmdpr_big.pi])
    serqid = "TLSCB%04d_SERQ" % id
    serq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[serqid])
    serq.GetMeta()
    tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid])
    tlscb.GetObjValPd()
    tcpcb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tcbid])
    tcpcb.GetObjValPd()

    tc.pvtdata.Add(tlscb)
    tc.pvtdata.Add(rnmdpr_big)
    tc.pvtdata.Add(tcpcb)
    tc.pvtdata.Add(serq)
    return
Ejemplo n.º 11
0
def TestCaseSetup(tc):
    global cpurx_dpr
    global rawrcbid
    global rawccbid
    global rawrcb
    global rawccb
    global redir_span
    tc.SetRetryEnabled(True)
    tc.pvtdata = ObjectDatabase()
    redir_span = getattr(tc.module.args, 'redir_span', False)
    id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)
    if redir_span:
        id = app_redir_shared.app_redir_span_rawrcb_id

    rawrcbid = "RawrCb%04d" % id
    rawccbid = "RawcCb%04d" % id

    RawrCbHelper.main(id)
    rawrcb = tc.infra_data.ConfigStore.objects.db[rawrcbid]
    RawcCbHelper.main(id)
    rawccb = tc.infra_data.ConfigStore.objects.db[rawccbid]

    # 1. Configure RAWRCB in HBM before packet injection
    # let HAL fill in defaults for chain_rxq_base, etc.
    rawrcb.chain_txq_base = 0
    rawrcb.chain_rxq_base = 0
    rawrcb.rawrcb_flags = app_redir_shared.app_redir_dol_pipeline_loopbk_en
    rawrcb.SetObjValPd()

    # 1. Configure RAWCCB in HBM before packet injection
    # let HAL fill in defaults for my_txq_base, etc.
    rawccb.my_txq_base = 0
    rawccb.SetObjValPd()

    # 2. Clone objects that are needed for verification
    cpurx_dpr = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["CPU_RX_DPR"])
    cpurx_dpr.GetMeta()
    cpurx_dpr.GetRingEntries([cpurx_dpr.pi])

    rawrcb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[rawrcbid])
    rawrcb.GetObjValPd()
    rawccb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[rawccbid])
    rawccb.GetObjValPd()

    return
Ejemplo n.º 12
0
class FactoryStoreObject:
    def __init__(self):
        self.headers = ObjectDatabase()
        self.packets = ObjectDatabase()
        self.payloads = ObjectDatabase()

        self.templates = ObjectDatabase()
        self.specs = ObjectDatabase()

        self.testobjects = ObjectDatabase()
        return

    def GetHeaderByScapyId(self, sid):
        for hdr in self.headers.GetAll():
            if hdr.meta.scapy == sid:
                return hdr
        return None
Ejemplo n.º 13
0
def TestCaseSetup(tc):
    tc.pvtdata = ObjectDatabase()
    tcp_proxy.SetupProxyArgs(tc)

    id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)
    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    tcp_proxy.init_tcb_inorder(tc, tcb)
    # set tcb state to ESTABLISHED(1)
    tcb.state = 1
    tcb.SetObjValPd()

    # 2. Clone objects that are needed for verification
    rnmdpr_big = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"])
    rnmdpr_big.GetMeta()
    rnmdpr_big.GetRingEntries([rnmdpr_big.pi])
    tnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"])
    tnmdpr.GetMeta()
    sesqid = "TCPCB%04d_SESQ" % id
    sesq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[sesqid])
    sesq.GetMeta()
    tlscbid = "TlsCb%04d" % id
    tlscb_cur = tc.infra_data.ConfigStore.objects.db[tlscbid]
    tlscb_cur.debug_dol = (tcp_tls_proxy.tls_debug_dol_bypass_proxy
                           | tcp_tls_proxy.tls_debug_dol_sesq_stop
                           | tcp_tls_proxy.tls_debug_dol_bypass_barco)
    tlscb_cur.other_fid = 0xffff
    tlscb_cur.is_decrypt_flow = False
    tlscb_cur.serq_pi = 0
    tlscb_cur.serq_ci = 0
    tlscb_cur.SetObjValPd()
    tlscb = copy.deepcopy(tlscb_cur)
    tlscb.GetObjValPd()
    tcpcb = copy.deepcopy(tcb)
    tcpcb.GetObjValPd()

    tc.pvtdata.Add(tlscb)
    tc.pvtdata.Add(rnmdpr_big)
    tc.pvtdata.Add(tnmdpr)
    tc.pvtdata.Add(tcpcb)
    tc.pvtdata.Add(sesq)
    return
Ejemplo n.º 14
0
def TestCaseSetup(tc):
    tc.pvtdata = ObjectDatabase()
    tcp_proxy.SetupProxyArgs(tc)

    id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)
    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    tcp_proxy.init_tcb_inorder(tc, tcb)
    tcb.debug_dol |= tcp_proxy.tcp_debug_dol_leave_in_arq
    # set tcb state to SYN_SENT(2)
    tcb.state = tcp_proxy.tcp_state_SYN_SENT
    tcb.SetObjValPd()

    # 2. Clone objects that are needed for verification
    rnmdpr_big = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"])
    rnmdpr_big.GetMeta()
    rnmdpr_big.GetRingEntries([rnmdpr_big.pi])
    tnmdpr_big = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"])
    tnmdpr_big.GetMeta()
    actl = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["CPU0000_TCP_ACTL"])
    actl.GetMeta()

    sesqid = "TCPCB%04d_SESQ" % id
    sesq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[sesqid])
    tlscbid = "TlsCb%04d" % id
    tlscb_cur = tc.infra_data.ConfigStore.objects.db[tlscbid]
    tlscb_cur.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_barco
    tlscb_cur.SetObjValPd()
    tlscb = copy.deepcopy(tlscb_cur)
    tcpcb = copy.deepcopy(tcb)

    tc.pvtdata.Add(tlscb)
    tc.pvtdata.Add(rnmdpr_big)
    tc.pvtdata.Add(tnmdpr_big)
    tc.pvtdata.Add(tcpcb)
    tc.pvtdata.Add(sesq)
    tc.pvtdata.Add(actl)
    return
Ejemplo n.º 15
0
def TestCaseSetup(tc):
    global ipseccbq
    global ipseccb
    global rnmdr
    global iv
    global seq

    tc.pvtdata = ObjectDatabase()
    print("TestCaseSetup(): Sample Implementation.")
    # 1. Configure IPSECCB in HBM before packet injection
    ipseccb = tc.infra_data.ConfigStore.objects.db["IPSECCB0000"]
    key_type = types_pb2.CRYPTO_KEY_TYPE_AES128
    key_size = 16
    key = b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
    ipseccb.crypto_key.Update(key_type, key_size, key)

    ipseccb.tunnel_sip4 = 0x0A010001
    ipseccb.tunnel_dip4 = 0x0A010002
    ipseccb.iv_size = 8
    ipseccb.icv_size = 16
    ipseccb.block_size = 16
    ipseccb.key_index = 0
    ipseccb.barco_enc_cmd = 0x30000000
    ipseccb.iv = 0xaaaaaaaaaaaaaaaa
    ipseccb.iv_salt = 0xbbbbbbbb
    ipseccb.esn_hi = 0
    ipseccb.esn_lo = 0
    ipseccb.spi = 0
    ipseccb.is_nat_t = 1
    ipseccb.is_v6 = 0
    ipseccb.vrf_vlan = 0x0005
    ipseccb.key_index = ipseccb.crypto_key.keyindex
    ipseccb.SetObjValPd()

    seq = ipseccb.esn_lo
    iv = ipseccb.iv

    # 2. Clone objects that are needed for verification
    rnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMDR"])
    rnmdr.GetMeta()
    rnmdr.GetRingEntries([rnmdr.pi, rnmdr.pi + 1])
    rnmdr.GetRingEntryAOL([rnmdr.pi, rnmdr.pi + 1])
    ipseccbq = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["IPSECCB0000_IPSECCBQ"])
    ipseccb = tc.infra_data.ConfigStore.objects.db["IPSECCB0000"]

    rnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMPR"])
    rnmpr.GetMeta()
    rnmpr.GetRingEntries([rnmpr.pi])
    tnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMDR"])
    tnmdr.GetMeta()
    tnmdr.GetRingEntries([tnmdr.pi])
    tnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMPR"])
    tnmpr.GetMeta()
    tnmpr.GetRingEntries([tnmpr.pi])

    brq = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"])
    brq.GetMeta()
    brq.GetRingEntries([brq.pi])

    tc.pvtdata.Add(rnmdr)
    tc.pvtdata.Add(rnmpr)
    tc.pvtdata.Add(tnmdr)
    tc.pvtdata.Add(tnmpr)
    tc.pvtdata.Add(brq)
    return
Ejemplo n.º 16
0
def TestCaseSetup(tc):
    tc.pvtdata = ObjectDatabase()
    tc.SetRetryEnabled(True)
    tcp_proxy.SetupProxyArgs(tc)

    id1, id2 = ProxyCbServiceHelper.GetSessionQids(
        tc.config.flow._FlowObject__session)
    if tc.config.flow.IsIflow():
        id = id1
        other_fid = id2
    else:
        id = id2
        other_fid = id1

    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    logger.info("Configuring %s" % tcbid)
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    tcp_proxy.init_tcb_inorder(tc, tcb)
    tcb.SetObjValPd()

    TcpCbHelper.main(other_fid)
    tcbid2 = "TcpCb%04d" % (other_fid)
    logger.info("Configuring %s" % tcbid2)
    tcb2 = tc.infra_data.ConfigStore.objects.db[tcbid2]
    tcp_proxy.init_tcb_inorder2(tc, tcb2)
    tcb2.SetObjValPd()

    # 2. Configure TLS CB in HBM before packet injection
    tlscbid = "TlsCb%04d" % id
    tlscbid2 = "TlsCb%04d" % (other_fid)
    tlscb = tc.infra_data.ConfigStore.objects.db[tlscbid]
    tlscb2 = tc.infra_data.ConfigStore.objects.db[tlscbid2]

    tlscb.debug_dol = 0
    tlscb2.debug_dol = 0
    if tc.pvtdata.bypass_barco:
        print("Bypassing Barco")
        tlscb.is_decrypt_flow = False
        tlscb2.is_decrypt_flow = False
        tlscb.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_barco
        tlscb2.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_barco
    if tc.pvtdata.same_flow:
        print("Same flow")
        tlscb.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_proxy
        tlscb2.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_proxy
        tlscb.other_fid = 0xffff
        tlscb2.other_fid = 0xffff
    else:
        print("Other flow")
        tlscb.other_fid = other_fid
        tlscb2.other_fid = id

    tlscb.SetObjValPd()
    tlscb2.SetObjValPd()

    # 3. Clone objects that are needed for verification
    tcpcb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tcbid])
    tcpcb.GetObjValPd()
    tc.pvtdata.Add(tcpcb)

    tcpcb2 = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tcbid2])
    tcpcb2.GetObjValPd()
    tc.pvtdata.Add(tcpcb2)

    tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid])
    tlscb.GetObjValPd()
    tc.pvtdata.Add(tlscb)

    other_tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid2])
    other_tlscb.GetObjValPd()
    tc.pvtdata.Add(other_tlscb)

    rnmdpr_big = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"])
    rnmdpr_big.GetMeta()
    tc.pvtdata.Add(rnmdpr_big)

    return
Ejemplo n.º 17
0
class EzAccessStore:
    # Static variables and methods
    # Batch client
    batchClient = None
    templates = ConfigStore.templates
    specs = ConfigStore.specs
    dutNode = 1
    configClientDict = dict()
    testbedSpec = None

    # Class members
    def __init__(self, node, parent=None):
        self.Node = node
        self.NodeObj = parent
        self.objects = ConfigStore.objects

        # Custom Database for easy access.
        self.trunks = ObjectDatabase()
        self.dhcprelayObjs = ObjectDatabase()
        self.dhcpproxyObjs = ObjectDatabase()
        self.tunnels = ObjectDatabase()
        self.nexthops = ObjectDatabase()
        self.nexthopgroups = ObjectDatabase()
        self.ipsec_encrypt_objs = ObjectDatabase()
        self.ipsec_decrypt_objs = ObjectDatabase()
        self.device = None
        self.underlay_vpc = None
        self.hostport = None
        self.switchport = None
        self.securityprofile = None
        self.upgrade = None
        self.dutNode = 1
        self.underlay_ips = []
        return

    def SetTunnels(self, objs):
        if len(objs) == 0: return
        if defs.TEST_TYPE == "IOTA":
            self.tunnels.db.clear()
        return self.tunnels.SetAll(objs)

    def SetNexthops(self, objs):
        if len(objs) == 0: return
        if defs.TEST_TYPE == "IOTA":
            self.nexthops.db.clear()
        return self.nexthops.SetAll(objs)

    def SetNexthopgroups(self, objs):
        if len(objs) == 0: return
        if defs.TEST_TYPE == "IOTA":
            self.nexthopgroups.db.clear()
        return self.nexthopgroups.SetAll(objs)

    def SetIpsecEncryptSA(self, objs):
        if len(objs) == 0: return
        if defs.TEST_TYPE == "IOTA":
            self.ipsec_encrypt_objs.db.clear()
        return self.ipsec_encrypt_objs.SetAll(objs)

    def SetIpsecDecryptSA(self, objs):
        if len(objs) == 0: return
        if defs.TEST_TYPE == "IOTA":
            self.ipsec_decrypt_objs.db.clear()
        return self.ipsec_encrypt_objs.SetAll(objs)

    def SetDevice(self, obj):
        self.device = obj

    def GetDevice(self):
        return self.device

    def SetHostPort(self, port):
        self.hostport = port

    def GetHostPort(self):
        return self.hostport

    def SetSwitchPort(self, port):
        self.switchport = port

    def GetSwitchPort(self):
        return self.switchport

    def SetUnderlayVPC(self, obj):
        self.underlay_vpc = obj

    def GetUnderlayVPCId(self):
        if self.underlay_vpc:
            return self.underlay_vpc.VPCId
        else:
            return -1

    def SetSecurityProfile(self, obj):
        self.securityprofile = obj

    def GetSecurityProfile(self):
        return self.securityprofile

    def SetUpgrade(self, obj):
        self.upgrade = obj

    def GetUpgrade(self):
        return self.upgrade

    def GetProviderIPAddr(self, count):
        if self.underlay_vpc:
            return self.underlay_vpc.GetProviderIPAddr(count)
        else:
            return None, -1

    def GetSvcMapping(self, ipversion):
        if self.underlay_vpc:
            return self.underlay_vpc.GetSvcMapping(ipversion)
        else:
            return None, -1

    def IsBitwMode(self):
        return self.device.IsBitwMode()

    def IsHostMode(self):
        return self.device.IsHostMode()

    def IsDeviceEncapTypeMPLS(self):
        return self.device.IsEncapTypeMPLS()

    def IsDeviceEncapTypeVXLAN(self):
        return self.device.IsEncapTypeVXLAN()

    def IsDeviceLearningEnabled(self):
        return self.device.IsLearningEnabled()

    def IsBridgingEnabled(self):
        return self.device.IsBridgingEnabled()

    def IsDeviceOverlayRoutingEnabled(self):
        if self.device is None:
            return False
        return self.device.IsOverlayRoutingEnabled()

    def GetDeviceEncapType(self):
        return self.device.EncapType

    def GetWorkloadTunnels(self):
        tunnels = []
        for tun in self.tunnels.GetAllInList():
            if tun.IsWorkload(): tunnels.append(tun)
        return tunnels

    def GetIgwNonNatTunnels(self):
        tunnels = []
        for tun in self.tunnels.GetAllInList():
            if tun.IsIgw() and tun.IsNat() is False:
                tunnels.append(tun)
        return tunnels

    def GetIgwNatTunnels(self):
        tunnels = []
        for tun in self.tunnels.GetAllInList():
            if tun.IsIgw() and tun.IsNat(): tunnels.append(tun)
        return tunnels

    def GetSvcTunnels(self, remote=False):
        tunnels = []
        for tun in self.tunnels.GetAllInList():
            if tun.IsSvc() and tun.Remote is remote:
                tunnels.append(tun)
        return tunnels

    def GetIpsecTunnels(self):
        tunnels = []
        for tun in self.tunnels.GetAllInList():
            if tun.IsIpsec():
                tunnels.append(tun)
        return tunnels

    def GetIpsecTunnelModeTunnels(self):
        tunnels = []
        for tun in self.tunnels.GetAllInList():
            if tun.IsIpsecTunnelMode():
                tunnels.append(tun)
        return tunnels

    def GetIpsecTransportModeTunnels(self):
        tunnels = []
        for tun in self.tunnels.GetAllInList():
            if tun.IsIpsecTransportMode():
                tunnels.append(tun)
        return tunnels

    def GetUnderlayTunnels(self, ecmp=False):
        tunnels = []
        for tun in self.tunnels.GetAllInList():
            if ecmp is False:
                if tun.IsUnderlay(): tunnels.append(tun)
            elif ecmp is True:
                if tun.IsUnderlayEcmp(): tunnels.append(tun)
        return tunnels

    def GetOverlayTunnels(self):
        tunnels = []
        for tun in self.tunnels.GetAllInList():
            if tun.IsOverlay(): tunnels.append(tun)
        return tunnels

    def GetUnderlayNexthops(self, ecmp=False):
        nhops = []
        for nh in self.nexthops.GetAllInList():
            if ecmp is False:
                if nh.IsUnderlay(): nhops.append(nh)
            if ecmp is True:
                if nh.IsUnderlayEcmp(): nhops.append(nh)
        return nhops

    def GetUnderlayNhGroups(self):
        nhgs = []
        for nhg in self.nexthopgroups.GetAllInList():
            if nhg.IsUnderlay():
                nhgs.append(nhg)
        return nhgs

    def GetOverlayNexthops(self, ecmp=False):
        nhops = []
        for nh in self.nexthops.GetAllInList():
            if nh.IsOverlay(): nhops.append(nh)
        return nhops

    def GetDualEcmpNexthops(self):
        nhops = []
        for nh in self.nexthops.GetAllInList():
            if nh.IsOverlay() and nh.DualEcmp: nhops.append(nh)
        return nhops

    def GetOverlayNhGroups(self):
        nhgs = []
        for nhg in self.nexthopgroups.GetAllInList():
            if nhg.IsOverlay(): nhgs.append(nhg)
        return nhgs

    def GetDualEcmpNhGroups(self):
        nhgs = []
        for nhg in self.nexthopgroups.GetAllInList():
            if nhg.IsOverlay() and nhg.DualEcmp: nhgs.append(nhg)
        return nhgs

    def GetIpsecEncryptSAs(self):
        encrypt_sas = []
        for obj in self.ipsec_encrypt_objs.GetAllInList():
            encrypt_sas.append(obj)
        return encrypt_sas

    def GetIpsecDecryptSAs(self):
        decrypt_sas = []
        for obj in self.ipsec_decrypt_objs.GetAllInList():
            decrypt_sas.append(obj)
        return decrypt_sas

    @staticmethod
    def SetTestbedSpec(tbspec):
        EzAccessStore.testbedSpec = tbspec

    @staticmethod
    def GetTestbedSpec():
        return EzAccessStore.testbedSpec

    def GetDhcpRelayObjects(self):
        return self.dhcprelayObjs.GetAllInList()

    def SetDhcpRelayObjects(self, objs):
        return self.dhcprelayObjs.SetAll(objs)

    def GetDhcpProxyObjects(self):
        return self.dhcpproxyObjs.GetAllInList()

    def SetDhcpProxyObjects(self, objs):
        return self.dhcpproxyObjs.SetAll(objs)

    def GetTrunkingUplinks(self):
        return self.trunks.GetAllInList()

    def SetTrunkingUplinks(self, objs):
        return self.trunks.SetAll(objs)

    def GetNodeUuid(self, node):
        if node in self.uuid_map:
            node_uuid = self.uuid_map[node]
            node_uuid = node_uuid.replace('.', '')
            if node_uuid == '':
                return None
            return int(node_uuid, 16)
        return None

    def SetUnderlayIPs(self, underlay_ips):
        self.underlay_ips = underlay_ips

    def GetUnderlayIPs(self):
        return self.underlay_ips

    def GetLoopbackIp(self):
        for ip in self.underlay_ips:
            if 'Loopback' in ip.Name:
                return ip.IP
        return None

    def GetLoopbackRemoteTEP(self):
        for ip in self.underlay_ips:
            if 'Loopback' in ip.Name:
                return ip.RemoteTEP
        return None

    def GetUnderlayIp(self, intf_name):
        for ip in self.underlay_ips:
            if ip.Name == intf_name:
                return ip.IP
        return None

    def GetUnderlayMaskLen(self, intf_name):
        for ip in self.underlay_ips:
            if ip.Name == intf_name:
                return ip.MaskLen
        return None

    def GetUnderlayBGPRemoteASN(self, intf_name):
        for ip in self.underlay_ips:
            if ip.Name == intf_name:
                return getattr(ip, "BGPRemoteASN", None)
        return None

    def GetUnderlayNexthop(self, intf_name):
        for ip in self.underlay_ips:
            if ip.Name == intf_name:
                return getattr(ip, "Nexthop", None)
        return None

    @staticmethod
    def SetBatchClient(obj):
        EzAccessStore.batchClient = obj

    @staticmethod
    def GetBatchClient():
        return EzAccessStore.batchClient

    @staticmethod
    def SetDUTNode(node):
        EzAccessStore.dutNode = node

    @staticmethod
    def GetDUTNode():
        return EzAccessStore.dutNode

    @staticmethod
    def SetUuidMap(uuid_map):
        EzAccessStore.uuid_map = uuid_map

    @staticmethod
    def GetUuidMap(node):
        return EzAccessStore.uuid_map

    @staticmethod
    def SetConfigClientDict(obj):
        EzAccessStore.configClientDict = obj
        return

    @staticmethod
    def GetConfigClient(objType):
        return EzAccessStore.configClientDict.get(objType.name.lower(), None)
Ejemplo n.º 18
0
def TestCaseSetup(tc):
    skip_config = False
    if hasattr(tc.module.args, 'skip_config') and tc.module.args.skip_config:
        logger.info("skipping config")
        skip_config = True

    tc.pvtdata = ObjectDatabase()

    if hasattr(tc.module.args, 'rnmdr_big_pi'):
        tc.pvtdata.rnmdr_big_pi = tc.module.args.rnmdr_big_pi
    else:
        tc.pvtdata.rnmdr_big_pi = None

    if hasattr(tc.module.args, 'rnmdr_big_ci'):
        tc.pvtdata.rnmdr_big_ci = tc.module.args.rnmdr_big_ci
    else:
        tc.pvtdata.rnmdr_big_ci = None

    tcp_proxy.SetupProxyArgs(tc)

    id1, id2 = ProxyCbServiceHelper.GetSessionQids(
        tc.config.flow._FlowObject__session)
    if tc.config.flow.IsIflow():
        id = id1
        other_fid = id2
    else:
        id = id2
        other_fid = id1

    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    logger.info("Configuring %s" % tcbid)
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    if not skip_config:
        tcp_proxy.init_tcb_inorder(tc, tcb)
        if tc.pvtdata.serq_full:
            tcb.serq_pi = 5
            tcb.serq_ci = 6
        else:
            if tc.pvtdata.serq_pi:
                tcb.serq_pi = tc.pvtdata.serq_pi
            if tc.pvtdata.serq_ci:
                tcb.serq_ci = tc.pvtdata.serq_ci
        tcb.SetObjValPd()
    else:
        tc.pvtdata.flow1_bytes_rxed = 0
        tc.pvtdata.flow1_bytes_txed = 0
        tc.pvtdata.flow2_bytes_rxed = 0
        tc.pvtdata.flow2_bytes_txed = 0

    TcpCbHelper.main(other_fid)
    tcbid2 = "TcpCb%04d" % (other_fid)
    logger.info("Configuring %s" % tcbid2)
    tcb2 = tc.infra_data.ConfigStore.objects.db[tcbid2]
    if not skip_config:
        tcp_proxy.init_tcb_inorder2(tc, tcb2)
        tcb2.SetObjValPd()

    tc.pvtdata.tcb1 = tcb
    tc.pvtdata.tcb2 = tcb2

    # 2. Configure TLS CB in HBM before packet injection
    tlscbid = "TlsCb%04d" % id
    tlscbid2 = "TlsCb%04d" % (other_fid)
    tlscb = tc.infra_data.ConfigStore.objects.db[tlscbid]
    tlscb2 = tc.infra_data.ConfigStore.objects.db[tlscbid2]
    if tc.pvtdata.serq_full:
        tlscb.serq_pi = 5
        tlscb.serq_ci = 6
        tlscb2.serq_pi = 5
        tlscb2.serq_ci = 6
    else:
        tlscb.serq_pi = 0
        tlscb.serq_pi = 0
        tlscb.serq_ci = 0
        tlscb.serq_ci = 0
        tlscb2.serq_pi = 0
        tlscb2.serq_pi = 0
        tlscb2.serq_ci = 0
        tlscb2.serq_ci = 0

    tlscb.debug_dol = 0
    tlscb2.debug_dol = 0
    tlscb.other_fid = other_fid
    tlscb2.other_fid = id

    if tc.pvtdata.bypass_barco:
        logger.info("Bypassing Barco")
        tlscb.is_decrypt_flow = False
        tlscb2.is_decrypt_flow = False
        tlscb.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_barco
        tlscb2.debug_dol |= tcp_tls_proxy.tls_debug_dol_bypass_barco

    if not skip_config:
        tlscb.SetObjValPd()
        tlscb2.SetObjValPd()

    if skip_config:
        return

    # 3. Clone objects that are needed for verification
    tcpcb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tcbid])
    tcpcb.GetObjValPd()
    tc.pvtdata.Add(tcpcb)

    tcpcb2 = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tcbid2])
    tcpcb2.GetObjValPd()
    tc.pvtdata.Add(tcpcb2)

    tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid])
    tlscb.GetObjValPd()
    tc.pvtdata.Add(tlscb)

    other_tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid2])
    other_tlscb.GetObjValPd()
    tc.pvtdata.Add(other_tlscb)

    rnmdpr_big = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"])
    rnmdpr_big.GetMeta()
    if tc.pvtdata.sem_full and tc.pvtdata.sem_full == 'nmdr':
        rnmdpr_big.pi = 0
        rnmdpr_big.ci = 2  # ring size of 2, so can hold 1 entry
        rnmdpr_big.SetMeta()
    else:
        setMeta = False
        if tc.pvtdata.rnmdr_big_pi is not None:
            rnmdpr_big.pi = tc.pvtdata.rnmdr_big_pi
            setMeta = True
        if tc.pvtdata.rnmdr_big_ci is not None:
            rnmdpr_big.ci = tc.pvtdata.rnmdr_big_ci
            setMeta = True
        if setMeta:
            rnmdpr_big.SetMeta()
    tc.pvtdata.Add(rnmdpr_big)

    if tc.pvtdata.test_ooo_queue:
        ooo_rx_wring = copy.deepcopy(
            tc.infra_data.ConfigStore.objects.db["OOO_RX"])
        ooo_rx_wring.GetMeta()
        tc.pvtdata.Add(ooo_rx_wring)

    tnmdpr_big = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"])
    tnmdpr_big.GetMeta()
    tc.pvtdata.Add(tnmdpr_big)

    return
Ejemplo n.º 19
0
def TestCaseSetup(tc):
    global ipseccbq
    global ipseccb
    global rnmdr
    global iv
    global seq

    tc.pvtdata = ObjectDatabase()
    print("TestCaseSetup(): Sample Implementation.")
    # 1. Configure IPSECCB in HBM before packet injection
    id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)
    IpsecCbHelper.main(id)
    ipsecid = "IPSECCB%04d" % id
    ipseccb = tc.infra_data.ConfigStore.objects.db[ipsecid]

    key_type = types_pb2.CRYPTO_KEY_TYPE_AES128
    key_size = 16
    key = b'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc'
    sip6 = b'\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xaa'
    dip6 = b'\x20\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbb\xbb'
    ipseccb.crypto_key.Update(key_type, key_size, key)

    ipseccb.tunnel_sip4 = 0x0A010001
    ipseccb.tunnel_dip4 = 0x0A010002
    ipseccb.iv_size = 8
    ipseccb.icv_size = 16
    ipseccb.block_size = 16
    ipseccb.key_index = 0
    ipseccb.barco_enc_cmd = 0x30000000
    ipseccb.iv = 0xaaaaaaaaaaaaaaaa
    ipseccb.iv_salt = 0xbbbbbbbb
    ipseccb.esn_hi = 0
    ipseccb.esn_lo = 0
    ipseccb.spi = 0
    ipseccb.is_nat_t = 0
    ipseccb.is_v6 = 0
    ipseccb.key_index = ipseccb.crypto_key.keyindex
    ipseccb.sip6.ip_af = 2
    ipseccb.sip6.v6_addr = sip6
    ipseccb.dip6.ip_af = 2
    ipseccb.dip6.v6_addr = dip6
    ipseccb.SetObjValPd()
    # 2. Clone objects that are needed for verification
    rnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMDR"])
    rnmdr.GetMeta()
    rnmdr.GetRingEntries([rnmdr.pi, rnmdr.pi + 1])
    rnmdr.GetRingEntryAOL([rnmdr.pi, rnmdr.pi + 1])

    ipsec_cbq_id = ipsecid + "_IPSECCBQ"
    ipseccbq = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db[ipsec_cbq_id])
    ipseccb = tc.infra_data.ConfigStore.objects.db[ipsecid]

    rnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_RNMPR"])
    rnmpr.GetMeta()
    rnmpr.GetRingEntries([rnmpr.pi])
    tnmdr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMDR"])
    tnmdr.GetMeta()
    tnmdr.GetRingEntries([tnmdr.pi])
    tnmpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["IPSEC_TNMPR"])
    tnmpr.GetMeta()
    tnmpr.GetRingEntries([tnmpr.pi])

    brq = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"])
    brq.GetMeta()
    brq.GetRingEntries([brq.pi])

    iv = ipseccb.iv
    seq = ipseccb.esn_lo

    tc.pvtdata.Add(rnmdr)
    tc.pvtdata.Add(rnmpr)
    tc.pvtdata.Add(tnmdr)
    tc.pvtdata.Add(tnmpr)
    tc.pvtdata.Add(brq)
    return
Ejemplo n.º 20
0
def TestCaseSetup(tc):
    global rnmdpr_big
    global proxyrcbid
    global proxyccbid
    global proxyrcb
    global proxyccb
    global redir_span
    tc.SetRetryEnabled(True)
    redir_span = getattr(tc.module.args, 'redir_span', False)

    tc.pvtdata = ObjectDatabase()
    tcp_proxy.SetupProxyArgs(tc)
    id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)
    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    tcp_proxy.init_tcb_inorder(tc, tcb)
    # set tcb state to ESTABLISHED(1)
    tcb.state = 1
    tcb.l7_proxy_type = 0
    tcb.debug_dol = 0
    if redir_span:
        tcb.debug_dol_tx |= tcp_proxy.tcp_tx_debug_dol_dont_tx

    tcb.SetObjValPd()

    _proxyrcb_id = id
    ProxyrCbHelper.main(_proxyrcb_id)
    proxyrcbid = "ProxyrCb%04d" % _proxyrcb_id
    # 1. Configure PROXYRCB in HBM before packet injection
    proxyrcb = tc.infra_data.ConfigStore.objects.db[proxyrcbid]
    # let HAL fill in defaults for chain_rxq_base, etc.
    proxyrcb.my_txq_base = 0
    proxyrcb.chain_rxq_base = 0
    proxyrcb.redir_span = redir_span
    proxyrcb.proxyrcb_flags = app_redir_shared.app_redir_dol_pipeline_loopbk_en

    # fill in flow key
    proxyrcb.FlowKeyBuild(tc.config.flow)
    print("vrf %d flow sport %d dport %d" %
          (proxyrcb.vrf, proxyrcb.sport, proxyrcb.dport))
    proxyrcb.SetObjValPd()

    tlscbid = "TlsCb%04d" % id
    tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid])

    tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_proxy
    tlscb.other_fid = 0xffff
    tlscb.l7_proxy_type = tcp_proxy.l7_proxy_type_REDIR
    if redir_span:
        tlscb.l7_proxy_type = tcp_proxy.l7_proxy_type_SPAN
    tlscb.serq_pi = 0
    tlscb.serq_ci = 0

    if tc.module.args.key_size == 16:
        tcp_tls_proxy.tls_aes128_decrypt_setup(tc, tlscb)
    elif tc.module.args.key_size == 32:
        tcp_tls_proxy.tls_aes256_decrypt_setup(tc, tlscb)

    _proxyccb_id = id
    ProxycCbHelper.main(_proxyccb_id)
    proxyccbid = "ProxycCb%04d" % _proxyccb_id
    # 1. Configure PROXYCCB in HBM before packet injection
    proxyccb = tc.infra_data.ConfigStore.objects.db[proxyccbid]
    # let HAL fill in defaults for my_txq_base, etc.
    proxyccb.redir_span = redir_span
    proxyccb.my_txq_base = 0
    proxyccb.chain_txq_base = 0
    proxyccb.chain_txq_lif = app_redir_shared.service_lif_tcp_proxy
    proxyccb.chain_txq_qtype = 0
    proxyccb.chain_txq_qid = id
    proxyccb.chain_txq_ring = 0
    proxyccb.proxyccb_flags = app_redir_shared.app_redir_chain_desc_add_aol_offset | \
                              app_redir_shared.app_redir_dol_skip_chain_doorbell
    proxyccb.SetObjValPd()

    # 2. Clone objects that are needed for verification
    rnmdpr_big = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"])
    rnmdpr_big.GetMeta()

    proxyrcb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[proxyrcbid])
    proxyrcb.GetObjValPd()
    proxyccb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[proxyccbid])
    proxyccb.GetObjValPd()

    return
Ejemplo n.º 21
0
 def __init__(self):
     self.objects    = ObjectDatabase()
     self.templates  = ObjectDatabase()
     self.specs      = ObjectDatabase()
     return
Ejemplo n.º 22
0
def TestCaseSetup(tc):
    tc.pvtdata = ObjectDatabase()
    tcp_proxy.SetupProxyArgs(tc)

    skip_config = False
    if hasattr(tc.module.args, 'skip_config') and tc.module.args.skip_config:
        print("skipping config")
        skip_config = True

    #id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)

    id1, id2 = ProxyCbServiceHelper.GetSessionQids(tc.config.flow._FlowObject__session)
    if tc.config.flow.IsIflow():
        id = id1
        other_fid = id2
    else:
        id = id2
        other_fid = id1

    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    if not skip_config:
       tcp_proxy.init_tcb_inorder(tc, tcb)
       # set tcb state to ESTABLISHED(1)
       tcb.state = 1
       tcb.SetObjValPd()
    else:
        tc.pvtdata.flow1_bytes_rxed = 0
        tc.pvtdata.flow1_bytes_txed = 0
        tc.pvtdata.flow2_bytes_rxed = 0
        tc.pvtdata.flow2_bytes_txed = 0

    TcpCbHelper.main(other_fid)
    tcbid2 = "TcpCb%04d" % (other_fid)
    logger.info("Configuring %s" % tcbid2)
    tcb2 = tc.infra_data.ConfigStore.objects.db[tcbid2]
    if not skip_config:
        tcp_proxy.init_tcb_inorder2(tc, tcb2)
        tcb2.SetObjValPd()

    tc.pvtdata.tcb1 = tcb
    tc.pvtdata.tcb2 = tcb2


    tlscbid = "TlsCb%04d" % id
    tlscbid2 = "TlsCb%04d" % (other_fid)
    tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid])
    #tlscb = tc.infra_data.ConfigStore.objects.db[tlscbid]
    #tlscb2 = tc.infra_data.ConfigStore.objects.db[tlscbid2]
    tlscb2 = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid2])

    tlscb.serq_pi = 0
    tlscb.serq_pi = 0
    tlscb.serq_ci = 0
    tlscb.serq_ci = 0
    tlscb2.serq_pi = 0
    tlscb2.serq_pi = 0
    tlscb2.serq_ci = 0
    tlscb2.serq_ci = 0
    tlscb.debug_dol = 0
    tlscb2.debug_dol = 0

    #tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_proxy | \
    #                        tcp_tls_proxy.tls_debug_dol_sesq_stop
    #tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_proxy

    #If 'use_random_iv' is set, set the corresponding debug-dol flag to indicate
    #datapath to pick a random value from DRBG as IV.
    if hasattr(tc.module.args, 'use_random_iv') and tc.module.args.use_random_iv == 1:
        tlscb.debug_dol |= tcp_tls_proxy.tls_debug_dol_explicit_iv_use_random
        tlscb2.debug_dol |= tcp_tls_proxy.tls_debug_dol_explicit_iv_use_random

    if tc.pvtdata.same_flow:
        tlscb.other_fid = 0xffff
        tlscb2.other_fid = 0xffff
    else:
        tlscb.other_fid = other_fid
        tlscb2.other_fid = id


    if not skip_config:    
       if tc.module.args.key_size == 16:
           tcp_tls_proxy.tls_aes128_encrypt_setup(tc, tlscb)
           tcp_tls_proxy.tls_aes128_encrypt_setup(tc, tlscb2)
       elif tc.module.args.key_size == 32:
           tcp_tls_proxy.tls_aes256_encrypt_setup(tc, tlscb)
           tcp_tls_proxy.tls_aes256_encrypt_setup(tc, tlscb2)

       tlscb.SetObjValPd()
       tlscb2.SetObjValPd()

    if skip_config:
        return

    # 2. Clone objects that are needed for verification
    rnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"])
    rnmdpr.GetMeta()
    rnmdpr.GetRingEntries([rnmdpr.pi])
    tnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"])
    tnmdpr.GetMeta()
    tnmdpr.GetRingEntries([tnmdpr.pi])

    print("snapshot1: tnmdpr_alloc %d enc_requests %d" % (tlscb.tnmdpr_alloc, tlscb.enc_requests))
    print("snapshot1: rnmdpr_free %d enc_completions %d" % (tlscb.rnmdpr_free, tlscb.enc_completions))

    if tc.module.args.cipher_suite == "CCM":
        brq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_CCM"])
    elif tc.module.args.cipher_suite == "CBC":
        brq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_CBC"])
    else:
        brq = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"])

    tcpcb = copy.deepcopy(tcb)
    tcpcb.GetObjValPd()
    tc.pvtdata.Add(tcpcb)
    tcpcb2 = copy.deepcopy(tcb2)
    tcpcb2.GetObjValPd()
    tc.pvtdata.Add(tcpcb2)

    tlscb.GetObjValPd()
    tc.pvtdata.Add(tlscb)
    tlscb2.GetObjValPd()
    tc.pvtdata.Add(tlscb2)
    tc.pvtdata.Add(rnmdpr)
    tc.pvtdata.Add(tnmdpr)


    return
Ejemplo n.º 23
0
    def __init__(self, node, parent=None):
        self.Node = node
        self.NodeObj = parent
        self.objects = ConfigStore.objects

        # Custom Database for easy access.
        self.trunks = ObjectDatabase()
        self.dhcprelayObjs = ObjectDatabase()
        self.dhcpproxyObjs = ObjectDatabase()
        self.tunnels = ObjectDatabase()
        self.nexthops = ObjectDatabase()
        self.nexthopgroups = ObjectDatabase()
        self.ipsec_encrypt_objs = ObjectDatabase()
        self.ipsec_decrypt_objs = ObjectDatabase()
        self.device = None
        self.underlay_vpc = None
        self.hostport = None
        self.switchport = None
        self.securityprofile = None
        self.upgrade = None
        self.dutNode = 1
        self.underlay_ips = []
        return
Ejemplo n.º 24
0
def TestCaseSetup(tc):

    tc.pvtdata = ObjectDatabase()
    tcp_proxy.SetupProxyArgs(tc)
    id = ProxyCbServiceHelper.GetFlowInfo(tc.config.flow._FlowObject__session)
    TcpCbHelper.main(id)
    tcbid = "TcpCb%04d" % id
    # 1. Configure TCB in HBM before packet injection
    tcb = tc.infra_data.ConfigStore.objects.db[tcbid]
    tcp_proxy.init_tcb_inorder(tc, tcb)
    tcb.debug_dol_tx |= tcp_proxy.tcp_tx_debug_dol_dont_send_ack
    # set tcb state to ESTABLISHED(1)
    tcb.state = 1
    tcb.SetObjValPd()

    # 2. Clone objects that are needed for verification
    rnmdpr_big = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["RNMDPR_BIG"])
    rnmdpr_big.GetMeta()
    rnmdpr_big.GetRingEntries([rnmdpr_big.pi])
    tnmdpr = copy.deepcopy(tc.infra_data.ConfigStore.objects.db["TNMDPR_BIG"])
    tnmdpr.GetMeta()

    brq = copy.deepcopy(
        tc.infra_data.ConfigStore.objects.db["BRQ_ENCRYPT_GCM"])
    brq.GetMeta()
    brq.GetRingEntries([brq.pi])
    tcpcb = copy.deepcopy(tcb)
    tcpcb.GetObjValPd()

    tlscbid = "TlsCb%04d" % id
    tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid])

    # Key Setup
    key_type = types_pb2.CRYPTO_KEY_TYPE_AES128
    key_size = 16
    key = b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
    tlscb.crypto_key.Update(key_type, key_size, key)

    # TLS-CB Setup
    tlscb.command = 0x30000000
    tlscb.crypto_key_idx = tlscb.crypto_key.keyindex
    tlscb.salt = 0x12345678
    tlscb.explicit_iv = 0xfedcba9876543210
    tlscb.enc_requests = 0
    tlscb.enc_completions = 0
    tlscb.serq_pi = 0
    tlscb.serq_ci = 0
    tlscb.debug_dol = tcp_tls_proxy.tls_debug_dol_bypass_barco | \
                        tcp_tls_proxy.tls_debug_dol_bypass_proxy | \
                        tcp_tls_proxy.tls_debug_dol_sesq_stop
    tlscb.other_fid = 0xffff
    tlscb.is_decrypt_flow = False
    tlscb.SetObjValPd()

    tlscb = copy.deepcopy(tc.infra_data.ConfigStore.objects.db[tlscbid])
    tlscb.GetObjValPd()

    tc.pvtdata.Add(tlscb)
    tc.pvtdata.Add(rnmdpr_big)
    tc.pvtdata.Add(tnmdpr)
    tc.pvtdata.Add(tcpcb)
    tc.pvtdata.Add(brq)
    return