diff options
author | Tibor Král <tibor.kral@pantheon.tech> | 2018-11-14 18:20:02 +0100 |
---|---|---|
committer | Tibor Král <tibor.kral@pantheon.tech> | 2019-01-16 10:07:28 +0100 |
commit | 26589d440f332fe52238fa258d7d7b58df43eee5 (patch) | |
tree | dd3eaa8cf5cc3bd9fcfbff1239227c784ce935e7 /ipsec/ipsec-impl/src/test/resources | |
parent | 8ad4f38beb1350d1cd62d11a9a15ac78ee0623f9 (diff) |
HC2VPP-87: Expose IPSEC management
Change-Id: Ib13a2cdba5a0902581c455de67cc0ee64d20598d
Signed-off-by: Tibor Král <tibor.kral@pantheon.tech>
Diffstat (limited to 'ipsec/ipsec-impl/src/test/resources')
14 files changed, 280 insertions, 0 deletions
diff --git a/ipsec/ipsec-impl/src/test/resources/ikev2/addDelProfile_after.json b/ipsec/ipsec-impl/src/test/resources/ikev2/addDelProfile_after.json new file mode 100644 index 000000000..ac5f8c797 --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/ikev2/addDelProfile_after.json @@ -0,0 +1,25 @@ +{ + "ikev2": { + "policy": [ + { + "name": "testPolicy", + "lifetime": 0, + "connection-type": "both", + "authentication" : { + "rsa-signature" : "true" + }, + "certificate": "/home/localadmin/certs/server-cert.pem", + "traffic-selectors": [ + { + "ts-name":"TS1", + "protocol":0, + "remote-address-low":"192.168.124.0", + "remote-address-high":"192.168.124.255", + "remote-port-low":0, + "remote-port-high":65535 + } + ] + } + ] + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/ikev2/addDelProfile_before.json b/ipsec/ipsec-impl/src/test/resources/ikev2/addDelProfile_before.json new file mode 100644 index 000000000..3dfa39345 --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/ikev2/addDelProfile_before.json @@ -0,0 +1,25 @@ +{ + "ikev2": { + "policy": [ + { + "name": "testPolicy", + "lifetime": 0, + "connection-type": "both", + "authentication" : { + "preshared-key" : "true" + }, + "pre-shared-key": "0123456789012345", + "traffic-selectors": [ + { + "ts-name":"TS1", + "protocol":0, + "local-address-low":"192.168.124.0", + "local-address-high":"192.168.124.255", + "local-port-low":0, + "local-port-high":65535 + } + ] + } + ] + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/ikev2/addIkev2Profile.json b/ipsec/ipsec-impl/src/test/resources/ikev2/addIkev2Profile.json new file mode 100644 index 000000000..3dfa39345 --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/ikev2/addIkev2Profile.json @@ -0,0 +1,25 @@ +{ + "ikev2": { + "policy": [ + { + "name": "testPolicy", + "lifetime": 0, + "connection-type": "both", + "authentication" : { + "preshared-key" : "true" + }, + "pre-shared-key": "0123456789012345", + "traffic-selectors": [ + { + "ts-name":"TS1", + "protocol":0, + "local-address-low":"192.168.124.0", + "local-address-high":"192.168.124.255", + "local-port-low":0, + "local-port-high":65535 + } + ] + } + ] + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_local_ipv4.json b/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_local_ipv4.json new file mode 100644 index 000000000..f068bd78b --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_local_ipv4.json @@ -0,0 +1,8 @@ +{ + "identity" : { + "local": + { + "ipv4-address": "192.168.123.22" + } + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_local_rfc822.json b/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_local_rfc822.json new file mode 100644 index 000000000..6e152d9c4 --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_local_rfc822.json @@ -0,0 +1,8 @@ +{ + "identity" : { + "local": + { + "rfc822-address-string": "rfc822@example.com" + } + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_remote_fqdn.json b/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_remote_fqdn.json new file mode 100644 index 000000000..514f84116 --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_remote_fqdn.json @@ -0,0 +1,8 @@ +{ + "identity" : { + "remote": + { + "fqdn-string": "vpp.home" + } + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_remote_ipv6.json b/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_remote_ipv6.json new file mode 100644 index 000000000..0674d357f --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/ikev2/identity/identity_remote_ipv6.json @@ -0,0 +1,8 @@ +{ + "identity" : { + "remote": + { + "ipv6-address": "2001:DB8:0:0:8:800:200C:417A" + } + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/sadEntries/addDelSadEntry.json b/ipsec/ipsec-impl/src/test/resources/sadEntries/addDelSadEntry.json new file mode 100644 index 000000000..c522ba2de --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/sadEntries/addDelSadEntry.json @@ -0,0 +1,32 @@ +{ + "sad": { + "sad-entries": [ + { + "spi": 1002, + "direction": "outbound", + "sa-id": 10, + "security-protocol": "esp", + "sa-mode": "tunnel", + "esp": { + "authentication": { + "hmac-sha1-96": { + "key-str": "0123456789012346" + } + }, + "encryption": { + "aes-128-cbc": { + "key-str": "9876543210987654" + } + } + }, + "source-address": { + "ipv4-address": "192.168.1.1" + }, + "destination-address": { + "ipv4-address": "192.168.1.2" + }, + "anti-replay-window": 0 + } + ] + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/sadEntries/addDelSadEntry_Ipv6_after.json b/ipsec/ipsec-impl/src/test/resources/sadEntries/addDelSadEntry_Ipv6_after.json new file mode 100644 index 000000000..fa618a391 --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/sadEntries/addDelSadEntry_Ipv6_after.json @@ -0,0 +1,25 @@ +{ + "sad": { + "sad-entries": [ + { + "spi": 1002, + "direction": "inbound", + "sa-id": 10, + "security-protocol": "ah", + "sa-mode": "transport", + "ah": { + "hmac-md5-96": { + "key-str": "0123456789012346" + } + }, + "source-address": { + "ipv6-address": "2001::11" + }, + "destination-address": { + "ipv6-address": "2001::12" + }, + "anti-replay-window": 32 + } + ] + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/sadEntries/addDelSadEntry_Ipv6_before.json b/ipsec/ipsec-impl/src/test/resources/sadEntries/addDelSadEntry_Ipv6_before.json new file mode 100644 index 000000000..a88a14600 --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/sadEntries/addDelSadEntry_Ipv6_before.json @@ -0,0 +1,32 @@ +{ + "sad": { + "sad-entries": [ + { + "spi": 1002, + "direction": "outbound", + "sa-id": 10, + "security-protocol": "esp", + "sa-mode": "tunnel", + "esp": { + "authentication": { + "hmac-sha1-96": { + "key-str": "0123456789012346" + } + }, + "encryption": { + "aes-128-cbc": { + "key-str": "9876543210987654" + } + } + }, + "source-address": { + "ipv6-address": "2001::1" + }, + "destination-address": { + "ipv6-address": "2001::10" + }, + "anti-replay-window": 32 + } + ] + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/sadEntries/delSadEntry.json b/ipsec/ipsec-impl/src/test/resources/sadEntries/delSadEntry.json new file mode 100644 index 000000000..23998d60f --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/sadEntries/delSadEntry.json @@ -0,0 +1,11 @@ +{ + "sad": { + "sad-entries": [ + { + "spi": 1002, + "direction": "outbound", + "sa-id": 10 + } + ] + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/spdEntries/addDelSpd.json b/ipsec/ipsec-impl/src/test/resources/spdEntries/addDelSpd.json new file mode 100644 index 000000000..85fe81d0d --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/spdEntries/addDelSpd.json @@ -0,0 +1,31 @@ +{ + "ipsec" : { + "spd": [ + { + "spd-id": 10, + "spd-entries": [ + { + "name": "test", + "priority":100, + "direction":"outbound", + "operation":"bypass", + "laddr-start":"192.168.124.0", + "laddr-stop":"192.168.124.255", + "raddr-start":"192.168.125.0", + "raddr-stop":"192.168.125.255" + }, + { + "name": "TestSPDEntryIpv6", + "priority":100, + "direction":"inbound", + "operation":"bypass", + "laddr-start":"2001::1", + "laddr-stop":"2001::100", + "raddr-start":"2001::101", + "raddr-stop":"2001::200" + } + ] + } + ] + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/spdEntries/addDelSpd_after.json b/ipsec/ipsec-impl/src/test/resources/spdEntries/addDelSpd_after.json new file mode 100644 index 000000000..600dde46a --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/spdEntries/addDelSpd_after.json @@ -0,0 +1,21 @@ +{ + "ipsec" : { + "spd": [ + { + "spd-entries": [ + { + "name": "TestSPDEntryUpdate", + "priority":80, + "direction":"inbound", + "operation":"bypass", + "laddr-start":"2001::1", + "laddr-stop":"2001::100", + "raddr-start":"2001::101", + "raddr-stop":"2001::200" + } + ], + "spd-id": 10 + } + ] + } +} diff --git a/ipsec/ipsec-impl/src/test/resources/spdEntries/addDelSpd_before.json b/ipsec/ipsec-impl/src/test/resources/spdEntries/addDelSpd_before.json new file mode 100644 index 000000000..be14bd6f9 --- /dev/null +++ b/ipsec/ipsec-impl/src/test/resources/spdEntries/addDelSpd_before.json @@ -0,0 +1,21 @@ +{ + "ipsec" : { + "spd": [ + { + "spd-entries": [ + { + "name": "TestSPDEntryUpdate", + "priority":100, + "direction":"outbound", + "operation":"discard", + "laddr-start":"192.168.124.0", + "laddr-stop":"192.168.124.255", + "raddr-start":"192.168.125.0", + "raddr-stop":"192.168.125.255" + } + ], + "spd-id": 10 + } + ] + } +} |