def test_cosem_obis_get_fw_version(self):
#####################################################################################
# Begin of BPD-CPD Security unit test DUT
BPD_DUT = BPD2_BRICK_MAC_ID
# *********************************************************************************************#
# Test #1: Sending COSEM/OBIS formatted command to BPD to get version
# Request BPD's FW Version
obisInvokeID = 22222
obisCommand = OBIS_FW_VERSION
print "REQUEST BPD FW VERSION\n"
Nm.nm_OBIS_read(sendMode, obisInvokeID, obisCommand, BPD_DUT, IPV6)
obisInvokeID += 1
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
# Get resonse:
rc = Nm.nm_get_latest_IMU_data_response(sendMode, IPV6)
print "Response Data for BPD's FW Version is: \n\%s\'\n" % rc
# print "Check 'nlog show dev' should see: \n"
# print "raw tx [78]: 09 d3 2b 0f db 00 4d 00 00 00 01 00 78 00 01 00 3d e1 40 00 56 ce 01 01 08 49 54 52 63 00 00 00 00 01 08 49 54 55 43 1b ad a5 51 01 0c 07 e2 09 1a ff 0b 14 0e 00 00 00 00 00 00 56 ce 00 01 01 01 00 01 00 01 00 02 00 ff 01 02 00 02 00"
# print "\n"
# print "raw rx [74]: 08 0f db 0f db 00 49 00 00 00 01 00 01 00 78 00 39 e2 00 00 56 ce 01 01 08 49 54 52 63 00 00 00 00 01 08 49 54 55 43 1b ad a5 51 01 0c 07 e1 05 01 01 01 0e 28 00 00 00 00 00 00 56 ce 00 01 01 01 00 01 00 09 04 4a 01 01 14"
# print "\n"
self.assertTrue(BPD_FW_VERSION in rc,
"Did not get FW Version as expected")
def test_send_various_size_payloads_to_BPD(self):
# ************************************************************************************************#
# Test #3: Test with various length payload to BPD:
# *************************************************************#
print "Sending Test PAYLOAD_ZERO to BPD...\n"
rc = Nm.nm_send_CPD_cmd(sendMode, IPV6, BPD_DUT, PAYLOAD_ZERO)
print "Response Data for BPD cmd Payload of zero is: \n\%s\'\n" % rc
self.assertTrue('Ok' in rc, "Did not get 'OK' message as expected")
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
print "Sending Test PAYLOAD_1000 to BPD...\n"
rc = Nm.nm_send_CPD_cmd(sendMode, IPV6, BPD_DUT, PAYLOAD_1000)
self.assertTrue('Ok' in rc, "Did not get 'OK' message as expected")
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
print "Sending Test PAYLOAD_1001 to BPD...\n"
rc = retCode = Nm.nm_send_CPD_cmd(sendMode, IPV6, BPD_DUT,
PAYLOAD_1001)
self.assertTrue(
'Erroneous request' in rc,
"Did not get received 'Erroneous Request' message as expected")
def test06_load_CPD_2_BPD_secure_key(self):
# ************************************************************************************************#
# Test #6: Test ability to load and set default security key on CPD for BPD
# *************************************************************#
Nm.nm_clear_logs(sendMode, IPV6)
print "Uploading default security key for BPD to CPD...\n"
# Inject default security key between CPD and BPD
rc = Nm.nm_inject_security_key(sendMode, IPV6, BPD_DUT,
DEFAULT_SECURITY_KEY, 1)
self.assertTrue('Ok' in rc, "Did not get 'OK' message as expected")
def test11_send_lls_nodeq_cmd_with_payload_to_request_FW_Version(self):
# ************************************************************************************************#
# Test #11: Test using lls_nodeq cmd at the Link Layer with payload that requests FW version
# Verify imu_data last_read and fw version read back.
# *************************************************************#
Nm.nm_clear_logs(sendMode, IPV6)
print "Testing BPD send raw payload for FW Version at LLS level...\n"
rc = Nm.nm_send_CPD_cmd(sendMode, IPV6, BPD_DUT, PAYLOAD_FW_VER)
print("Displaying the current BPD node security key...\n")
Nm.nm_show_mac_sec_key(sendMode, IPV6, BPD_DUT, 1)
# Take a read of stats after send:
print "lls_nodeq data send statistic before send....\n"
rc = Nm.nm_check_lls_enabled(sendMode, IPV6)
self.assertTrue(
BPD_DUT.lower() in rc,
'Did not get BPD under test Mac ID in lls_nodeq show all')
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
# Get resonse:
rc = Nm.nm_get_latest_IMU_data_response(sendMode, IPV6)
print "Response Data for BPD's FW Version is: \n\%s\'\n" % rc
self.assertTrue(BPD_FW_VERSION in rc,
"Did not get FW Version as expected")
def test05_send_1001_bytes_payload_to_BPD(self):
# ************************************************************************************************#
# Test #5: Test with 1001 bytes length payload to BPD:
# *************************************************************#
print "Sending Test PAYLOAD_1001 to BPD...\n"
rc = Nm.nm_send_CPD_cmd(sendMode, IPV6, BPD_DUT, PAYLOAD_1001)
self.assertTrue(
'Erroneous request' in rc,
"Did not get received 'Erroneous Request' message as expected")
def test_send_raw_payload_to_BPD(self):
# ************************************************************************************************#
# Test #2: Send raw payload to the BPD:
print "Sending Test PAYLOAD1 to BPD...\n"
rc = Nm.nm_send_CPD_cmd(sendMode, IPV6, BPD_DUT, PAYLOAD1)
print "Response Data for BPD cmd Payload is: \n\%s\'\n" % rc
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
self.assertTrue('Ok' in rc, "Did not get 'OK' message as expected")
def test10_test_send_secure_mode_cosem_obis_cmd(self):
# ************************************************************************************************#
# Test #10: Test with COSEM OBIS command via secured channel
# NOTE: THis is an APP level security testing.
# Testing security enforcement down the stack.
# *************************************************************#
Nm.nm_clear_logs(sendMode, IPV6)
# NOTE: Loac/inject security is no longer supported if Security is enable, since A3-Integration
#print("Displaying the current BPD node security key...\n")
#Nm.nm_show_mac_sec_key(sendMode, IPV6, BPD_DUT, 1)
print "Testing BPD COSEM/OBIS command send with temp default secure key...\n"
obisInvokeID = 5555
rc1 = Nm.nm_get_TxFrameCounter(sendMode, IPV6, BPD_DUT, 1)
print "Tx Frame Counter before command is: \'%s\' \n" % rc1
obisCommand = OBIS_FW_VERSION # Not secured? OBIS_MAC
print "OBIS REQUEST FOR BPD MAC ID\n"
Nm.nm_OBIS_read(sendMode, obisInvokeID, obisCommand, BPD_DUT, IPV6)
obisInvokeID += 1
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
#NOTE:TxFrameCounter will only be increasing for MAC and App layer requests.
rc2 = Nm.nm_get_TxFrameCounter(sendMode, IPV6, BPD_DUT, 1)
print "Tx Frame Counter before command is: \'%s\' \n" % rc2
self.assertTrue(rc2 > rc1,
"BPD's Tx Frame Counter didn't increment as expected")
# In COSEM DevBench, expecting to see this:
# Lls Rx Cmd: Len = 90, SecLvl = 6
# Get resonse:
rc = Nm.nm_get_latest_IMU_data_response(sendMode, IPV6)
print "Response Data for BPD's FW Version is: \n\%s\'\n" % rc
# Sleep a little longer to ensure we get the expected event in the event log.
print "Sleep a little longer to ensure robustness of respond messages..."
time.sleep(60)
# Get event log for APP layer secure events:
rc = Nm.nm_event(sendMode, IPV6)
print rc
self.assertTrue(
'sec_level=6' in rc,
"Did not get proper security level in the event log 'sec_level=6' as expected"
)
def test04_send_1000_bytes_payload_to_BPD(self):
# ************************************************************************************************#
# Test #4: Test with 1000 bytes length payload to BPD:
# *************************************************************#
print "Sending Test PAYLOAD_1000 to BPD...\n"
rc = Nm.nm_send_CPD_cmd(sendMode, IPV6, BPD_DUT, PAYLOAD_1000)
self.assertTrue('Ok' in rc, "Did not get 'OK' message as expected")
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
def test_register_40_Devices(self):
#"nm_trap force i5s_reg " + BPD2_BRICK_MAC_ID + " " + SST2 + " " + "04010a0c 101112131415161718192021222324"
TEST_SST = "4954554300e4e2"
TEST_BPD ="00:07:81:43:00:e4:e2:"
for i in range(01, 42): #42 for negative test case, #Will go to 41, expect OK, but node 41 will not be registered, not even Node #40, since its my real BPD itself.
i = '{num:02d}'.format(num=i)
print "Registering CPD device #:%s\n" % str(i)
cmd = NET_MGR_PATH + " " + sendMode + " " + IPV6 + " " + "nm_trap force i5s_reg " + TEST_BPD+str(i) + " " + TEST_SST+str(i) + " " + "04010a0c 101112131415161718192021222324"
ret = Nm.processCmd(cmd)
print ret
time.sleep(5)
def test03_send_zero_bytes_payload_to_BPD(self):
# ************************************************************************************************#
# Test #3: Test with zero byte length payload to BPD:
# *************************************************************#
print "Sending Test PAYLOAD_ZERO to BPD...\n"
rc = Nm.nm_send_CPD_cmd(sendMode, IPV6, BPD_DUT, PAYLOAD_ZERO)
print "Response Data for BPD cmd Payload of zero is: \n\%s\'\n" % rc
self.assertTrue('Ok' in rc, "Did not get 'OK' message as expected")
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
def test00_Preliminary_Requesites_Check(self):
IPV6 = CPD2_IPV6_FSU #CPD1_IPV6_AP
BPD_DUT = BPD2_BRICK_MAC_ID # BPD1_BRICK_MAC_ID
print "Get Image List...\n"
Nm.nm_get_image_list(sendMode, IPV6)
# get version str on device
print "Get Version Str...\n"
Nm.nm_get_version_str(sendMode, IPV6)
# Configure CPD to be able to proxy for BPDS: :
print "Configuring CPD for proper Proxy Mode on behalf of BPD...\n"
Nm.nm_configure_cpd(sendMode, IPV6, BPD_DUT)
# Display lls_nodeq:
print "Getting Link Layer Nodeq for the CPD and BPDs...\n"
rc = Nm.nm_show_BPD_LLS_Nodes(sendMode, IPV6)
# Get Random 5-digits Required ID to start communication
reqId = Nm.random_with_N_digits(5)
blobFileIn = CERTS_PATH + BLOB_FILE
privkeyFileIn = CERTS_PATH + PRIVKEY_FILE
#IPV6 = CPD_IPV6_AP
timeOut = 30
replyType = 5 # BC=0x1 + Blob=0x4 for nm.nm_sec_assoc assoc
replyType2 = '03' # HMAC, ShA256 for secured send comands
print "Validating & Checking certs ownership on devices... \'%s\'\n" % IPV6
rc = Nm.nm_validate_certs_ownership(sendMode, IPV6,
FULLY_DL_CHAINED_CERTS)
self.assertTrue('PASSED' in rc, "FAILED Certs Chain Verification")
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
# Clear both the event and nlog for APP layer secure events:
rc = Nm.nm_clear_logs(sendMode, IPV6)
print rc
def test09_test_send_secure_mode_1K_payload(self):
# ************************************************************************************************#
# Test #9: Test with Mac security enabled and Sec Mode=6 SAFE_SECURED_PAYLOAD length payload to BPD:
# This test will not work after A3-Integration, since no more manual key injection
# *************************************************************#
Sec_Mode = 6
index = 1
Nm.nm_clear_logs(sendMode, IPV6)
#rc1 = Nm.nm_get_TxFrameCounter(sendMode, IPV6, BPD_DUT, 1)
#print "Tx Frame Counter before command is: \'%s\' \n" % rc1
#TODO: Figure out how to do security Key after A3-Integration, for the time, will use unsercure send.
#print "Testing BPD secure send raw payload at LLS level, using key and Sec Mode set to 6 for the time being...\n"
#rc = Nm.nm_send_secured_CPD_cmd(sendMode, IPV6, BPD_DUT, SAFE_SECURED_PAYLOAD, Sec_Mode, index)
print "Testing BPD secure send raw payload at LLS level, using key and Sec Mode set to 6 for the time being...\n"
rc = Nm.nm_send_CPD_cmd(sendMode, IPV6, BPD_DUT, SAFE_SECURED_PAYLOAD)
self.assertTrue('Ok' in rc, "Did not get 'OK' message as expected")
# Lls Rx Cmd: Len = 942, SecLvl = 6
# NOTE: Expect to see on COSEM DevBench for BPD's log as:
# 2018/10/03 09:16:48.003 => Lls Rx BLS
# 2018/10/03 09:16:48.065 => Lls Lw Pending Cmd
# 2018/10/03 09:16:48.065 => MAC Rx Valid Frame Len: 966
# 2018/10/03 09:16:48.128 => MAC Rx Ack Sent
# 2018/10/03 09:16:48.190 => Lls Rx Cmd: Len = 934, SecLvl = 6
# 2018/10/03 09:17:17.911 => LLS Lw: chan=39, dur=6.8ms, freqVar=0.0ppm, freqErr=0.1ppm
# 2018/10/03 09:17:17.911 => MAC Rx Valid Frame Len: 18
print "Please Manually Check COSEM DevBench for proper SecLevel...\n"
# TODO: Once Security is fully implemented and BPD's events are supported,
# need to detect, SecLevel=6 and check and assert accorindgly.
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
def setUp(self):
#self.certsTest = Widget('The widget')
sendMode = '-d'
timeOut = 60
#Nm.nm_discover_thy_neighbor(sendMode, CPD_MAC_ID, 30)
reqId = Nm.random_with_N_digits(5)
blobFileIn = CERTS_PATH + BLOB_FILE
privkeyFileIn = CERTS_PATH + PRIVKEY_FILE
IPV6 = CPD_IPV6_AP
replyType = 5 # BC=0x1 + Blob=0x4 for nm.nm_sec_assoc assoc
replyType2 = '03' # HMAC, ShA256 for secured send comands
# Configure CPD to talk to BPD:
Nm.nm_configure_cpd(sendMode, IPV6)
# Establihsing ALS connection and sendig first command via secured ALS
(seqNum, assocId, ss) = Nm.nm_establish_ALS_connection(sendMode, IPV6, timeOut=60, reqId=12345,
replyType=5, replyType2='03',
blobFileIn=CERTS_PATH + BLOB_FILE,
privkeyFileIn=CERTS_PATH + PRIVKEY_FILE)
self.assertTrue(self, (assocId !=0 or ss != ''), "Wrong response for ")
def test08_send_package_with_mac_security_enabled(self):
# ************************************************************************************************#
# Test #8: Test with Mac security enabled 1000 bytes length payload to BPD:
# *************************************************************#
Nm.nm_clear_logs(sendMode, IPV6)
print("Re-infecting default secure key on CPD for BPD....\n")
Nm.nm_inject_security_key(sendMode, IPV6, DEFAULT_SECURITY_KEY, 1)
# Take a read of stats before send:
print "lls_nodeq data send statistic before send....\n"
Nm.nm_check_lls_enabled(sendMode, IPV6)
print "Sending Test PAYLOAD_1000 to BPD...\n"
rc = Nm.nm_send_CPD_cmd(sendMode, IPV6, BPD_DUT, PAYLOAD_1000)
self.assertTrue('Ok' in rc, "Did not get 'OK' message as expected")
# TODO: Once Security is fully implemented,
# Need to revisit this test and check and assert for SecLevel=6
# without requiring the [SecMode][Index] options.
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
# Take a read of stats after send:
print "lls_nodeq data send statistic before send....\n"
rc = Nm.nm_check_lls_enabled(sendMode, IPV6)
self.assertTrue(
BPD_DUT.lower() in rc,
'Did not get BPD under test Mac ID in lls_nodeq show all')
#NOTE: Loac/inject security is no longer supported if Security is enable, since A3-Integration
# Show current Secure Key:
#print "Display current loaded secured key for BPD on CPD\n"
#rc = Nm.nm_show_mac_sec_key(sendMode, IPV6, BPD_DUT, 1)
#self.assertTrue(DEFAULT_SECURITY_KEY.lower() in rc,
#'Did not get DEFAULT_SECURITY_KEY in mac_secmib show BPD_DUT')
# Get event log for APP layer secure events:
rc = Nm.nm_event(
sendMode, IPV6) #Note: lls cmd is a link layer send, so wont see
def test_dump_certs(self):
# Dump Cert Cache and returning a cert cache text table as a list
certs_list = Nm.nm_dump_cert_cache(sendMode, CPD_IPV6_AP)
# print "certs output: ", certs_list
# print '{:s}'.format(certs_list)
# Load output Cert Cache table into a list
certs_array = []
lines = certs_list.split('\n') # split by rows
for rows in lines:
elements = rows.split('\t')
print elements
certs_array.append(elements)
for e in certs_array:
print e
def test07_delete_CPD_2_BPD_secure_key(self):
# ************************************************************************************************#
# Test #7: Test ability to remove/ddete/ default security key on CPD for BPD
# *************************************************************#
print "Showing default security key for BPD to CPD...\n"
Nm.nm_clear_logs(sendMode, IPV6)
rc = Nm.nm_show_mac_sec_key(sendMode, IPV6, BPD_DUT, 1)
self.assertTrue('Key' in rc,
"Secured Key for BPD should have been loaded...\n")
print "Trying to establish ALS to delete old key"
# Establihsing ALS connection and sendig first command via secured ALS
reqId = Nm.random_with_N_digits(5)
blobFileIn = CERTS_PATH + BLOB_FILE
privkeyFileIn = CERTS_PATH + PRIVKEY_FILE
# IPV6 = CPD_IPV6_AP
timeOut = 30
replyType2 = '03' # HMAC, ShA256 for secured send comands
(seqNum, assocId, ss) = Nm.nm_establish_ALS_connection(sendMode, IPV6, timeOut=60, reqId=12345, \
replyType=5, replyType2='03',
blobFileIn=CERTS_PATH + BLOB_FILE,
privkeyFileIn=CERTS_PATH + PRIVKEY_FILE)
# Making a second secured command request via ALS
cmdString = " mac_secmib delete " + str(BPD_DUT) + " 1"
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
# Bug: FIRMW-19441
rc = Nm.nm_show_mac_sec_key(sendMode, IPV6, BPD_DUT, 1)
self.assertFalse(
'Key' in rc,
"Key should of been deleted as expected, but delete is failing")
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
seqNum = 0 seqNum = int(seqNum) #This is a break-out file, from the main section of Nm.py, to separate the testing portion for the library from the libary. #As it's gotten too big to be part of the library. print "Running nm.py module as script" print "NIC info" sendMode = '-d' timeOut = 60 #Nm.nm_discover_thy_neighbor(sendMode, CPD_MAC_ID, 30) # Get Random 5-digits Required ID to start communication reqId = Nm.random_with_N_digits(5) blobFileIn = CERTS_PATH + BLOB_FILE privkeyFileIn = CERTS_PATH + PRIVKEY_FILE IPV6 = CPD_IPV6_AP replyType = 5 # BC=0x1 + Blob=0x4 for nm.nm_sec_assoc assoc replyType2 = '03' # HMAC, ShA256 for secured send comands # Configure CPD to talk to BPD: Nm.nm_configure_cpd(sendMode, IPV6) #Nm.nm_configure_cpd(sendMode, BPD1_IPV6_AP) #Nm.nm_configure_cpd(sendMode, BPD2_IPV6_AP) #Nm.nm_restart_now(sendMode, IPV6) #Dont want to restart now #Check Certs Ownership level of device: #print "Validating & Checking certs ownership on devices... \'%s\'" % BPD1_IPV6_AP #Nm.nm_validate_certs_ownership(sendMode, BPD1_IPV6_AP, FULLY_DL_CHAINED_CERTS)
def test_removing_OP_chained_path_certs(self):
# Establihsing ALS connection and sendig first command via secured ALS
reqId = Nm.random_with_N_digits(5)
blobFileIn = CERTS_PATH + BLOB_FILE
privkeyFileIn = CERTS_PATH + PRIVKEY_FILE
timeOut = 30
replyType = 7 # BC=0x1 + Blob=0x4 for nm.nm_sec_assoc assoc
replyType2 = '03' # HMAC, ShA256 for secured send comands
IPV6 = 'fe80::213:50ff:fe30:5b5e' #'fe80::213:5005:008f:deb2' #'fe80::213:50ff:fe30:5b5e'
print "Trying to establish ALS Connection...\n"
(seqNum, assocId, ss) = Nm.nm_establish_ALS_connection(
sendMode,
IPV6,
timeOut=60,
reqId=12345,
replyType=5,
replyType2='03',
blobFileIn=CERTS_PATH + BLOB_FILE,
privkeyFileIn=CERTS_PATH + PRIVKEY_FILE)
# seqNum = seqNum + 15
# Making a second secured command request via ALS
cmdString = " certs esdump 4 "
print "Trying to send command via secured ALSConnection...\n"
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
# Removing DL cert:#1281, #1282
print "Removing DL cert 1280....\n"
#Nm.nm_remove_cert(sendMode, IPV6, '1280')
seqNum = seqNum + 15
privateID = 1283
cmdString = " certs erase " + str(privateID)
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
print "Removing DL cert 1283....\n"
#Nm.nm_remove_cert(sendMode, IPV6, '1283')
seqNum = seqNum + 15
privateID = 1281
cmdString = " certs erase " + str(privateID)
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
# Removing DLCA cert: #1283
print "Removing DLCA cert....\n"
# Nm.nm_remove_cert(sendMode, IPV6, '1025')
seqNum = seqNum + 15
privateID = 1283
cmdString = " certs erase " + str(privateID)
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
# Removing OP cert: #1027
print "Deleting Op cert and subordinates...\n"
# Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
cmdString = " certs delete_op"
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
"""
seqNum = seqNum + 15
print "Deleting NMENITY Cert...\n"
#Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
privateID = "0x200010"
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
seqNum = seqNum + 15
print "Deleting EBOCA CERT...\n"
#Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
privateID = "0x20000f"
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
"""
#NOTE: if all failed, try app_sysvar delete:360 (the certs cache)
# Removing APP_SYSVAR 360 cert:
print "Deleting app_sysvar:360...\n"
seqNum = seqNum + 15
cmdString = " app_sysvar delete:360"
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
#print "Deleting out app_sysvar:360 for certs cache...\n"
#ID = 360
#Nm.nm_delete_sysvar(sendMode, IPV6, ID)
Nm.nm_dump_cert_cache(sendMode, IPV6)
seqNum = seqNum + 15
ret = Nm.nm_teardown_ALS_connection(sendMode, seqNum, assocId, ss,
IPV6)
print "Please restart your NIC before checking: certs esdump 4 again!\n"
def test99_test_new_feature(self):
rc = Nm.nm_get_TxFrameCounter(sendMode, IPV6, BPD_DUT, 1)
print "Inside test99, TxFrameCounter is: \'%s\' \n" % rc
def test_inject_OP_chained_path_certs(self):
#NOTE:
# NEED TO INJECT OP, ECBOCA, then NMENITY for ALS
# NEED TO INJECT OP, DLCA, and DL for LLS
#Certs generated form i5sim V.
CPD_CERTS_PATH = pwd + "/certs/CPD_Certs/"
CPD_OP_CERT = "01_CPD_OPERATOR.x509"
CPD_DLCA_CERT = "02_CPD_DLCA.x509"
CPD_DL_CERT = "03_CPD_DL.x509"
blobFileIn = CERTS_PATH + BLOB_FILE
privkeyFileIn = CERTS_PATH + PRIVKEY_FILE
#Upload Operator cert test:
op_x509_path = CPD_CERTS_PATH + CPD_OP_CERT
print "Uploading OP Cert...\n"
Nm.nm_upload_op_cert(sendMode, IPV6, op_x509_path)
#Upload ECBOCA cert test:
ecboca_x509_path = CERTS_PATH + SUB_CA_ECBOCA_CERT
print "Uploading ECBOCA cert...\n"
Nm.nm_upload_dl_cert(sendMode, IPV6, ecboca_x509_path)
#Upload NMenity cert test:
dl_x509_path = CERTS_PATH + SUB_NM_CERT
print "Uploading NMenity Cert...\n"
Nm.nm_upload_op_cert(sendMode, IPV6, dl_x509_path)
#Upload DLCA cert test:
dl_x509_path = CPD_CERTS_PATH + CPD_DLCA_CERT
print "Uploading DLCA Cert...\n"
Nm.nm_upload_dl_cert(sendMode, IPV6, dl_x509_path)
#Upload DL cert test:
dl_x509_path = CPD_CERTS_PATH + CPD_DL_CERT
print "Uploading DL Cert...\n"
Nm.nm_upload_dl_cert(sendMode, IPV6, dl_x509_path)
#Sync certs write from temp to flash
print "Sync Certs chains...\n"
ret = Nm.nm_cert_sync(sendMode, IPV6)
print("Output of Sync Certs....= %r \n" % ret)
#Check cert chain node:
print "Check Certs chains...\n"
chain = Nm.nm_cert_own(sendMode, IPV6)
#Check valid certs chain ownership:
chain.rstrip('\r\n')
ret = Nm.nm_check_valid_chain(chain)
print("Output of valid cert check = %r \n" % ret)
class Test_Dut(unittest.TestCase):
sendMode = '-g -d' #//via FSU
# sendMode = '-d' #via corp network & AP
########################################################################################################################
# device discovery
# print "Neighbor Discovery...\n"
# Nm.nm_device_discovery('-i', CPD_MAC_ID)
# Check nodeq 0
# print "Check Nodeq...\n"
# Nm.nm_nodeq_x('-i', '0')
# Removing discovery for now, based on lls_nodeq show all for BPD to show up on CPD.
# check image list on device
print "Get Image List...\n"
#Nm.nm_get_image_list(sendMode, IPV6)
# get version str on device
print "Get Version Str...\n"
#Nm.nm_get_version_str(sendMode, IPV6)
# Configure CPD to be able to proxy for BPDS: :
#Nm.nm_configure_cpd(sendMode, IPV6, BPD_DUT)
# Get Random 5-digits Required ID to start communication
reqId = Nm.random_with_N_digits(5)
blobFileIn = CERTS_PATH + BLOB_FILE
privkeyFileIn = CERTS_PATH + PRIVKEY_FILE
#IPV6 = CPD_IPV6_AP
timeOut = 30
replyType = 5 # BC=0x1 + Blob=0x4 for nm.nm_sec_assoc assoc
replyType2 = '03' # HMAC, ShA256 for secured send comands
'''
# print "Validating & Checking certs ownership on devices... \'%s\'" % BPD2_IPV6_AP
# Nm.nm_validate_certs_ownership(sendMode, BPD2_IPV6_AP, FULLY_DL_CHAINED_CERTS)
print "Validating & Checking certs ownership on devices... \'%s\'" % IPV6
#Nm.nm_validate_certs_ownership(sendMode, IPV6, FULLY_DL_CHAINED_CERTS)
# Establihsing ALS connection and sendig first command via secured ALS
(seqNum, assocId, ss) = Nm.nm_establish_ALS_connection(sendMode,IPV6, timeOut=60, reqId=12345, \
replyType=5, replyType2='03', blobFileIn=CERTS_PATH + BLOB_FILE, privkeyFileIn=CERTS_PATH + PRIVKEY_FILE)
#seqNum = seqNum + 15
# Making a second secured command request via ALS
cmdString = " certs esdump 4 "
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
CPD_CERTS_PATH = "/home/pi/python-test-framework/certs/CPD_Certs/"
CPD_OP_CERT = "01_CPD_OPERATOR.x509"
CPD_DLCA_CERT = "02_CPD_DLCA.x509"
CPD_DL_CERT = "03_CPD_DL.x509"
#Removing DL cert:#1281, #1282
print "Removing DL cert 1281....\n"
#Nm.nm_remove_cert(sendMode, IPV6, '1281')
seqNum = seqNum + 15
privateID = 1282
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
print "Removing DL cert 1282....\n"
#Nm.nm_remove_cert(sendMode, IPV6, '1282')
seqNum = seqNum + 15
privateID = 1281
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
#Removing DLCA cert: #1283
print "Removing DLCA cert....\n"
#Nm.nm_remove_cert(sendMode, IPV6, '1025')
seqNum = seqNum + 15
privateID = 1283
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
#Removing OP cert: #1027
print "Deleting Op cert and subordinates...\n"
#Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
cmdString = " certs delete_op"
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
'''
"""
seqNum = seqNum + 15
print "Deleting NMENITY Cert...\n"
#Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
privateID = "0x200010"
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
seqNum = seqNum + 15
print "Deleting EBOCA CERT...\n"
#Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
privateID = "0x20000f"
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
"""
#seqNum = seqNum + 15
#ret = Nm.nm_teardown_ALS_connection(sendMode, seqNum, assocId, ss, IPV6)
################################################################################
#To run from cmd line: python -m unittest sandbox.Test_Dut.Test_Dut.test_register_40_Devices
def test_register_40_Devices(self):
#"nm_trap force i5s_reg " + BPD2_BRICK_MAC_ID + " " + SST2 + " " + "04010a0c 101112131415161718192021222324"
TEST_SST = "4954554300e4e2"
TEST_BPD ="00:07:81:43:00:e4:e2:"
for i in range(01, 42): #42 for negative test case, #Will go to 41, expect OK, but node 41 will not be registered, not even Node #40, since its my real BPD itself.
i = '{num:02d}'.format(num=i)
print "Registering CPD device #:%s\n" % str(i)
cmd = NET_MGR_PATH + " " + sendMode + " " + IPV6 + " " + "nm_trap force i5s_reg " + TEST_BPD+str(i) + " " + TEST_SST+str(i) + " " + "04010a0c 101112131415161718192021222324"
ret = Nm.processCmd(cmd)
print ret
time.sleep(5)
/tmp/tail -f trap_file.txt
Received *test* trap id = 0x529, seq=15, bootcnt=85, confirm=yes at time Thu Sep 6 22:32:53 2018 UTC (rx time Thu Sep 6 22:33:02 2018 UTC)
-> reason="Authority Key Missing Test Trap" subj_key_id="da:39:a3:ee:5e:6b:4b:0d:32:55:bf:ef:95:60:18:90:af:d8:07:09" from 00:13:50:05:00:69:ce:38
'''
#Iterate over Dictionary and process Trap triggering and verification.
###################################################################################
#retValue = nm_tail_file(TRAP_LOG) #Flush initial value
sendMode = "-d "
#Call to initialize the server
Nm.nm_config_trap_server(sendMode, CPD_IPV6_AP, TRAP_SERVER_IPV6)
#Excecute the trap server tests
for key, value in trapsToTest.iteritems():
print key + " corresponds to " + trapsToTest[key] + "\n"
#Dummy read first
#Nm.nm_tail_file(TRAP_LOG)
ret = Nm.nm_force_trap_event(key, sendMode, CPD_IPV6_AP)
print "Returned value of nm_force_trap_event is: \'%s\' \n" % ret
time.sleep(10)
retValue = Nm.nm_tail_file(TRAP_LOG, trapsToTest[key])
print "Ret Value of parsing is: \'%s\' \n" % retValue
