def test07_delete_CPD_2_BPD_secure_key(self):
# ************************************************************************************************#
# Test #7: Test ability to remove/ddete/ default security key on CPD for BPD
# *************************************************************#
print "Showing default security key for BPD to CPD...\n"
Nm.nm_clear_logs(sendMode, IPV6)
rc = Nm.nm_show_mac_sec_key(sendMode, IPV6, BPD_DUT, 1)
self.assertTrue('Key' in rc,
"Secured Key for BPD should have been loaded...\n")
print "Trying to establish ALS to delete old key"
# Establihsing ALS connection and sendig first command via secured ALS
reqId = Nm.random_with_N_digits(5)
blobFileIn = CERTS_PATH + BLOB_FILE
privkeyFileIn = CERTS_PATH + PRIVKEY_FILE
# IPV6 = CPD_IPV6_AP
timeOut = 30
replyType2 = '03' # HMAC, ShA256 for secured send comands
(seqNum, assocId, ss) = Nm.nm_establish_ALS_connection(sendMode, IPV6, timeOut=60, reqId=12345, \
replyType=5, replyType2='03',
blobFileIn=CERTS_PATH + BLOB_FILE,
privkeyFileIn=CERTS_PATH + PRIVKEY_FILE)
# Making a second secured command request via ALS
cmdString = " mac_secmib delete " + str(BPD_DUT) + " 1"
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
# Bug: FIRMW-19441
rc = Nm.nm_show_mac_sec_key(sendMode, IPV6, BPD_DUT, 1)
self.assertFalse(
'Key' in rc,
"Key should of been deleted as expected, but delete is failing")
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
def test00_Preliminary_Requesites_Check(self):
IPV6 = CPD2_IPV6_FSU #CPD1_IPV6_AP
BPD_DUT = BPD2_BRICK_MAC_ID # BPD1_BRICK_MAC_ID
print "Get Image List...\n"
Nm.nm_get_image_list(sendMode, IPV6)
# get version str on device
print "Get Version Str...\n"
Nm.nm_get_version_str(sendMode, IPV6)
# Configure CPD to be able to proxy for BPDS: :
print "Configuring CPD for proper Proxy Mode on behalf of BPD...\n"
Nm.nm_configure_cpd(sendMode, IPV6, BPD_DUT)
# Display lls_nodeq:
print "Getting Link Layer Nodeq for the CPD and BPDs...\n"
rc = Nm.nm_show_BPD_LLS_Nodes(sendMode, IPV6)
# Get Random 5-digits Required ID to start communication
reqId = Nm.random_with_N_digits(5)
blobFileIn = CERTS_PATH + BLOB_FILE
privkeyFileIn = CERTS_PATH + PRIVKEY_FILE
#IPV6 = CPD_IPV6_AP
timeOut = 30
replyType = 5 # BC=0x1 + Blob=0x4 for nm.nm_sec_assoc assoc
replyType2 = '03' # HMAC, ShA256 for secured send comands
print "Validating & Checking certs ownership on devices... \'%s\'\n" % IPV6
rc = Nm.nm_validate_certs_ownership(sendMode, IPV6,
FULLY_DL_CHAINED_CERTS)
self.assertTrue('PASSED' in rc, "FAILED Certs Chain Verification")
print "Sleep for set CPD-2-BPD POLLING INTERVAL SETTING OF: \'%s\' seconds ..." % (
CPD_2_BPD_POLLING_INTERVAL)
time.sleep(CPD_2_BPD_POLLING_INTERVAL)
# Clear both the event and nlog for APP layer secure events:
rc = Nm.nm_clear_logs(sendMode, IPV6)
print rc
def setUp(self):
#self.certsTest = Widget('The widget')
sendMode = '-d'
timeOut = 60
#Nm.nm_discover_thy_neighbor(sendMode, CPD_MAC_ID, 30)
reqId = Nm.random_with_N_digits(5)
blobFileIn = CERTS_PATH + BLOB_FILE
privkeyFileIn = CERTS_PATH + PRIVKEY_FILE
IPV6 = CPD_IPV6_AP
replyType = 5 # BC=0x1 + Blob=0x4 for nm.nm_sec_assoc assoc
replyType2 = '03' # HMAC, ShA256 for secured send comands
# Configure CPD to talk to BPD:
Nm.nm_configure_cpd(sendMode, IPV6)
# Establihsing ALS connection and sendig first command via secured ALS
(seqNum, assocId, ss) = Nm.nm_establish_ALS_connection(sendMode, IPV6, timeOut=60, reqId=12345,
replyType=5, replyType2='03',
blobFileIn=CERTS_PATH + BLOB_FILE,
privkeyFileIn=CERTS_PATH + PRIVKEY_FILE)
self.assertTrue(self, (assocId !=0 or ss != ''), "Wrong response for ")
def test_removing_OP_chained_path_certs(self):
# Establihsing ALS connection and sendig first command via secured ALS
reqId = Nm.random_with_N_digits(5)
blobFileIn = CERTS_PATH + BLOB_FILE
privkeyFileIn = CERTS_PATH + PRIVKEY_FILE
timeOut = 30
replyType = 7 # BC=0x1 + Blob=0x4 for nm.nm_sec_assoc assoc
replyType2 = '03' # HMAC, ShA256 for secured send comands
IPV6 = 'fe80::213:50ff:fe30:5b5e' #'fe80::213:5005:008f:deb2' #'fe80::213:50ff:fe30:5b5e'
print "Trying to establish ALS Connection...\n"
(seqNum, assocId, ss) = Nm.nm_establish_ALS_connection(
sendMode,
IPV6,
timeOut=60,
reqId=12345,
replyType=5,
replyType2='03',
blobFileIn=CERTS_PATH + BLOB_FILE,
privkeyFileIn=CERTS_PATH + PRIVKEY_FILE)
# seqNum = seqNum + 15
# Making a second secured command request via ALS
cmdString = " certs esdump 4 "
print "Trying to send command via secured ALSConnection...\n"
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
# Removing DL cert:#1281, #1282
print "Removing DL cert 1280....\n"
#Nm.nm_remove_cert(sendMode, IPV6, '1280')
seqNum = seqNum + 15
privateID = 1283
cmdString = " certs erase " + str(privateID)
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
print "Removing DL cert 1283....\n"
#Nm.nm_remove_cert(sendMode, IPV6, '1283')
seqNum = seqNum + 15
privateID = 1281
cmdString = " certs erase " + str(privateID)
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
# Removing DLCA cert: #1283
print "Removing DLCA cert....\n"
# Nm.nm_remove_cert(sendMode, IPV6, '1025')
seqNum = seqNum + 15
privateID = 1283
cmdString = " certs erase " + str(privateID)
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
# Removing OP cert: #1027
print "Deleting Op cert and subordinates...\n"
# Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
cmdString = " certs delete_op"
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
"""
seqNum = seqNum + 15
print "Deleting NMENITY Cert...\n"
#Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
privateID = "0x200010"
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
seqNum = seqNum + 15
print "Deleting EBOCA CERT...\n"
#Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
privateID = "0x20000f"
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
"""
#NOTE: if all failed, try app_sysvar delete:360 (the certs cache)
# Removing APP_SYSVAR 360 cert:
print "Deleting app_sysvar:360...\n"
seqNum = seqNum + 15
cmdString = " app_sysvar delete:360"
(seqNum, assocId,
ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum,
assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
#print "Deleting out app_sysvar:360 for certs cache...\n"
#ID = 360
#Nm.nm_delete_sysvar(sendMode, IPV6, ID)
Nm.nm_dump_cert_cache(sendMode, IPV6)
seqNum = seqNum + 15
ret = Nm.nm_teardown_ALS_connection(sendMode, seqNum, assocId, ss,
IPV6)
print "Please restart your NIC before checking: certs esdump 4 again!\n"
class Test_Dut(unittest.TestCase):
sendMode = '-g -d' #//via FSU
# sendMode = '-d' #via corp network & AP
########################################################################################################################
# device discovery
# print "Neighbor Discovery...\n"
# Nm.nm_device_discovery('-i', CPD_MAC_ID)
# Check nodeq 0
# print "Check Nodeq...\n"
# Nm.nm_nodeq_x('-i', '0')
# Removing discovery for now, based on lls_nodeq show all for BPD to show up on CPD.
# check image list on device
print "Get Image List...\n"
#Nm.nm_get_image_list(sendMode, IPV6)
# get version str on device
print "Get Version Str...\n"
#Nm.nm_get_version_str(sendMode, IPV6)
# Configure CPD to be able to proxy for BPDS: :
#Nm.nm_configure_cpd(sendMode, IPV6, BPD_DUT)
# Get Random 5-digits Required ID to start communication
reqId = Nm.random_with_N_digits(5)
blobFileIn = CERTS_PATH + BLOB_FILE
privkeyFileIn = CERTS_PATH + PRIVKEY_FILE
#IPV6 = CPD_IPV6_AP
timeOut = 30
replyType = 5 # BC=0x1 + Blob=0x4 for nm.nm_sec_assoc assoc
replyType2 = '03' # HMAC, ShA256 for secured send comands
'''
# print "Validating & Checking certs ownership on devices... \'%s\'" % BPD2_IPV6_AP
# Nm.nm_validate_certs_ownership(sendMode, BPD2_IPV6_AP, FULLY_DL_CHAINED_CERTS)
print "Validating & Checking certs ownership on devices... \'%s\'" % IPV6
#Nm.nm_validate_certs_ownership(sendMode, IPV6, FULLY_DL_CHAINED_CERTS)
# Establihsing ALS connection and sendig first command via secured ALS
(seqNum, assocId, ss) = Nm.nm_establish_ALS_connection(sendMode,IPV6, timeOut=60, reqId=12345, \
replyType=5, replyType2='03', blobFileIn=CERTS_PATH + BLOB_FILE, privkeyFileIn=CERTS_PATH + PRIVKEY_FILE)
#seqNum = seqNum + 15
# Making a second secured command request via ALS
cmdString = " certs esdump 4 "
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
CPD_CERTS_PATH = "/home/pi/python-test-framework/certs/CPD_Certs/"
CPD_OP_CERT = "01_CPD_OPERATOR.x509"
CPD_DLCA_CERT = "02_CPD_DLCA.x509"
CPD_DL_CERT = "03_CPD_DL.x509"
#Removing DL cert:#1281, #1282
print "Removing DL cert 1281....\n"
#Nm.nm_remove_cert(sendMode, IPV6, '1281')
seqNum = seqNum + 15
privateID = 1282
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
print "Removing DL cert 1282....\n"
#Nm.nm_remove_cert(sendMode, IPV6, '1282')
seqNum = seqNum + 15
privateID = 1281
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
#Removing DLCA cert: #1283
print "Removing DLCA cert....\n"
#Nm.nm_remove_cert(sendMode, IPV6, '1025')
seqNum = seqNum + 15
privateID = 1283
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
#Removing OP cert: #1027
print "Deleting Op cert and subordinates...\n"
#Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
cmdString = " certs delete_op"
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
'''
"""
seqNum = seqNum + 15
print "Deleting NMENITY Cert...\n"
#Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
privateID = "0x200010"
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
seqNum = seqNum + 15
print "Deleting EBOCA CERT...\n"
#Nm.nm_certs_delete_op(sendMode, IPV6)
seqNum = seqNum + 15
privateID = "0x20000f"
cmdString = " certs erase " + str(privateID)
(seqNum, assocId, ss) = Nm.nm_als_secured_commands_send(sendMode, cmdString, seqNum, assocId, ss, IPV6, timeOut,
replyType2)
print "Return for next command request for: seqNum;\'%d\', assocId:\'%s\', and sharedsecret:\'%s\' \n" % (
seqNum, assocId, ss)
"""
#seqNum = seqNum + 15
#ret = Nm.nm_teardown_ALS_connection(sendMode, seqNum, assocId, ss, IPV6)
################################################################################
#To run from cmd line: python -m unittest sandbox.Test_Dut.Test_Dut.test_register_40_Devices
def test_register_40_Devices(self):
#"nm_trap force i5s_reg " + BPD2_BRICK_MAC_ID + " " + SST2 + " " + "04010a0c 101112131415161718192021222324"
TEST_SST = "4954554300e4e2"
TEST_BPD ="00:07:81:43:00:e4:e2:"
for i in range(01, 42): #42 for negative test case, #Will go to 41, expect OK, but node 41 will not be registered, not even Node #40, since its my real BPD itself.
i = '{num:02d}'.format(num=i)
print "Registering CPD device #:%s\n" % str(i)
cmd = NET_MGR_PATH + " " + sendMode + " " + IPV6 + " " + "nm_trap force i5s_reg " + TEST_BPD+str(i) + " " + TEST_SST+str(i) + " " + "04010a0c 101112131415161718192021222324"
ret = Nm.processCmd(cmd)
print ret
time.sleep(5)
seqNum = 0 seqNum = int(seqNum) #This is a break-out file, from the main section of Nm.py, to separate the testing portion for the library from the libary. #As it's gotten too big to be part of the library. print "Running nm.py module as script" print "NIC info" sendMode = '-d' timeOut = 60 #Nm.nm_discover_thy_neighbor(sendMode, CPD_MAC_ID, 30) # Get Random 5-digits Required ID to start communication reqId = Nm.random_with_N_digits(5) blobFileIn = CERTS_PATH + BLOB_FILE privkeyFileIn = CERTS_PATH + PRIVKEY_FILE IPV6 = CPD_IPV6_AP replyType = 5 # BC=0x1 + Blob=0x4 for nm.nm_sec_assoc assoc replyType2 = '03' # HMAC, ShA256 for secured send comands # Configure CPD to talk to BPD: Nm.nm_configure_cpd(sendMode, IPV6) #Nm.nm_configure_cpd(sendMode, BPD1_IPV6_AP) #Nm.nm_configure_cpd(sendMode, BPD2_IPV6_AP) #Nm.nm_restart_now(sendMode, IPV6) #Dont want to restart now #Check Certs Ownership level of device: #print "Validating & Checking certs ownership on devices... \'%s\'" % BPD1_IPV6_AP #Nm.nm_validate_certs_ownership(sendMode, BPD1_IPV6_AP, FULLY_DL_CHAINED_CERTS)