From 7645a98e4c92a20d45a8a1417db498db1b075080 Mon Sep 17 00:00:00 2001
From: Tibor Král <tibor.kral@pantheon.tech>
Date: Fri, 18 Jan 2019 16:54:28 +0100
Subject: Update IPSec writers
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

 - Fix data_len fields in api messages
 - Add enum for authentication types

Change-Id: I266bb096488b41d4e97b6fa4c5a557b71925be77
Signed-off-by: Tibor Král <tibor.kral@pantheon.tech>
---
 .../java/io/fd/hc2vpp/ipsec/dto/AuthMethod.java    | 32 ++++++++++++++++++++++
 .../hc2vpp/ipsec/write/Ikev2PolicyCustomizer.java  |  8 ++++--
 .../ipsec/write/Ikev2PolicyIdentityCustomizer.java |  1 +
 .../ipsec/write/IpsecSadEntryCustomizer.java       |  3 ++
 .../ipsec/write/Ikev2PolicyCustomizerTest.java     |  7 +++--
 .../write/Ikev2PolicyIdentityCustomizerTest.java   |  4 +++
 .../ipsec/write/IpsecSadEntryCustomizerTest.java   |  3 ++
 7 files changed, 54 insertions(+), 4 deletions(-)
 create mode 100644 ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/dto/AuthMethod.java

diff --git a/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/dto/AuthMethod.java b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/dto/AuthMethod.java
new file mode 100644
index 000000000..9131d14e0
--- /dev/null
+++ b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/dto/AuthMethod.java
@@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2019 PANTHEON.tech.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.fd.hc2vpp.ipsec.dto;
+
+public enum AuthMethod {
+    RSA_SIG((byte) 1),
+    SHARED_KEY_MIC((byte) 2);
+
+    private final byte value;
+
+    AuthMethod(final byte method) {
+        this.value = method;
+    }
+
+    public byte getValue() {
+        return value;
+    }
+}
diff --git a/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyCustomizer.java b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyCustomizer.java
index 300ea6b8e..6cb37329c 100644
--- a/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyCustomizer.java
+++ b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyCustomizer.java
@@ -20,6 +20,7 @@ import io.fd.hc2vpp.common.translate.util.ByteDataTranslator;
 import io.fd.hc2vpp.common.translate.util.FutureJVppCustomizer;
 import io.fd.hc2vpp.common.translate.util.Ipv4Translator;
 import io.fd.hc2vpp.common.translate.util.JvppReplyConsumer;
+import io.fd.hc2vpp.ipsec.dto.AuthMethod;
 import io.fd.honeycomb.translate.spi.write.ListWriterCustomizer;
 import io.fd.honeycomb.translate.write.WriteContext;
 import io.fd.honeycomb.translate.write.WriteFailedException;
@@ -137,7 +138,9 @@ public class Ikev2PolicyCustomizer extends FutureJVppCustomizer
         Ikev2ProfileSetAuth request = new Ikev2ProfileSetAuth();
         request.name = name.getBytes();
         request.data = fileName.getBytes();
-        request.authMethod = BYTE_TRUE;
+        request.dataLen = request.data.length;
+        request.isHex = BYTE_FALSE;
+        request.authMethod = AuthMethod.RSA_SIG.getValue();
         getReplyForWrite(getFutureJVpp().ikev2ProfileSetAuth(request).toCompletableFuture(), id);
     }
 
@@ -145,11 +148,12 @@ public class Ikev2PolicyCustomizer extends FutureJVppCustomizer
                                             final IkeGeneralPolicyProfileGrouping.PreSharedKey preSharedKey,
                                             final InstanceIdentifier<Policy> id) throws WriteFailedException {
         final Ikev2ProfileSetAuth request = new Ikev2ProfileSetAuth();
-        request.authMethod = BYTE_FALSE;
+        request.authMethod = AuthMethod.SHARED_KEY_MIC.getValue();
         if (preSharedKey.getHexString() != null) {
             request.isHex = BYTE_TRUE;
         }
         request.data = preSharedKey.stringValue().getBytes();
+        request.dataLen = request.data.length;
         request.name = name.getBytes();
         getReplyForWrite(getFutureJVpp().ikev2ProfileSetAuth(request).toCompletableFuture(), id);
     }
diff --git a/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyIdentityCustomizer.java b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyIdentityCustomizer.java
index 4c11f1633..f6b100c54 100644
--- a/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyIdentityCustomizer.java
+++ b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyIdentityCustomizer.java
@@ -93,6 +93,7 @@ public class Ikev2PolicyIdentityCustomizer extends FutureJVppCustomizer
             request.idType = 5;
             request.data = ipv6AddressNoZoneToArray(((Ipv6Address) identityData).getIpv6Address());
         }
+        request.dataLen = request.data.length;
     }
 
     @Override
diff --git a/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java
index d7bbee32d..c29137d26 100644
--- a/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java
+++ b/ipsec/ipsec-impl/src/main/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizer.java
@@ -153,6 +153,7 @@ public class IpsecSadEntryCustomizer extends FutureJVppCustomizer
                 return;
             }
             targetEntry.integrityKey = integKey.getBytes();
+            targetEntry.integrityKeyLength = (byte) integKey.getBytes().length;
         }
     }
 
@@ -174,6 +175,7 @@ public class IpsecSadEntryCustomizer extends FutureJVppCustomizer
                 return;
             }
             targetEntry.integrityKey = integKey.getBytes();
+            targetEntry.integrityKeyLength = (byte) integKey.getBytes().length;
         }
     }
 
@@ -199,6 +201,7 @@ public class IpsecSadEntryCustomizer extends FutureJVppCustomizer
                 return;
             }
             targetEntry.cryptoKey = cryptoKey.getBytes();
+            targetEntry.cryptoKeyLength = (byte) cryptoKey.getBytes().length;
         }
     }
 
diff --git a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyCustomizerTest.java b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyCustomizerTest.java
index 0c7b65f1b..e2062e56c 100644
--- a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyCustomizerTest.java
+++ b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyCustomizerTest.java
@@ -25,6 +25,7 @@ import io.fd.hc2vpp.common.test.write.WriterCustomizerTest;
 import io.fd.hc2vpp.common.translate.util.ByteDataTranslator;
 import io.fd.hc2vpp.common.translate.util.Ipv4Translator;
 import io.fd.hc2vpp.common.translate.util.Ipv6Translator;
+import io.fd.hc2vpp.ipsec.dto.AuthMethod;
 import io.fd.hc2vpp.ipsec.helpers.SchemaContextTestHelper;
 import io.fd.honeycomb.test.tools.HoneycombTestRunner;
 import io.fd.honeycomb.test.tools.annotations.InjectTestData;
@@ -149,16 +150,18 @@ public class Ikev2PolicyCustomizerTest extends WriterCustomizerTest implements S
         if (auth != null) {
             request.name = policy.getName().getBytes();
             if (auth.isPresharedKey() != null && policy.getPreSharedKey() != null) {
-                request.authMethod = ByteDataTranslator.BYTE_FALSE;
+                request.authMethod = AuthMethod.SHARED_KEY_MIC.getValue();
                 if (policy.getPreSharedKey().getHexString() != null) {
                     request.isHex = ByteDataTranslator.BYTE_TRUE;
                 }
                 request.data = policy.getPreSharedKey().stringValue().getBytes();
+                request.dataLen = request.data.length;
             } else if (auth.isRsaSignature() != null) {
                 IpsecIkev2PolicyAugmentation aug = policy.augmentation(IpsecIkev2PolicyAugmentation.class);
                 if (aug != null && aug.getCertificate() != null) {
                     request.data = aug.getCertificate().getBytes();
-                    request.authMethod = ByteDataTranslator.BYTE_TRUE;
+                    request.dataLen = request.data.length;
+                    request.authMethod = AuthMethod.RSA_SIG.getValue();
                 }
             }
         }
diff --git a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyIdentityCustomizerTest.java b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyIdentityCustomizerTest.java
index bb8f0d762..3f57acdbb 100644
--- a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyIdentityCustomizerTest.java
+++ b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/Ikev2PolicyIdentityCustomizerTest.java
@@ -69,6 +69,7 @@ public class Ikev2PolicyIdentityCustomizerTest extends WriterCustomizerTest impl
         request.idType = (byte) 1;
         request.isLocal = BYTE_TRUE;
         request.data = ipv4AddressNoZoneToArray(IPV4_TYPE_DATA);
+        request.dataLen = request.data.length;
         verify(api).ikev2ProfileSetId(request);
     }
 
@@ -82,6 +83,7 @@ public class Ikev2PolicyIdentityCustomizerTest extends WriterCustomizerTest impl
         request.idType = (byte) 2;
         request.isLocal = BYTE_FALSE;
         request.data = FQDN_TYPE_DATA.getBytes();
+        request.dataLen = request.data.length;
         verify(api).ikev2ProfileSetId(request);
     }
 
@@ -95,6 +97,7 @@ public class Ikev2PolicyIdentityCustomizerTest extends WriterCustomizerTest impl
         request.idType = (byte) 5;
         request.isLocal = BYTE_FALSE;
         request.data = ipv6AddressNoZoneToArray(new Ipv6Address(IPV6_TYPE_DATA));
+        request.dataLen = request.data.length;
         verify(api).ikev2ProfileSetId(request);
     }
 
@@ -109,6 +112,7 @@ public class Ikev2PolicyIdentityCustomizerTest extends WriterCustomizerTest impl
         request.idType = (byte) 3;
         request.isLocal = BYTE_TRUE;
         request.data = RFC822_TYPE_DATA.getBytes();
+        request.dataLen = request.data.length;
         verify(api).ikev2ProfileSetId(request);
     }
 
diff --git a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java
index 912f50f27..e477467db 100644
--- a/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java
+++ b/ipsec/ipsec-impl/src/test/java/io/fd/hc2vpp/ipsec/write/IpsecSadEntryCustomizerTest.java
@@ -94,7 +94,9 @@ public class IpsecSadEntryCustomizerTest extends WriterCustomizerTest implements
         request.isTunnel = BYTE_TRUE;
         request.isTunnelIpv6 = BYTE_FALSE;
         request.integrityKey = INTEG_KEY.getBytes();
+        request.integrityKeyLength = (byte) request.integrityKey.length;
         request.cryptoKey = CRYPTO_KEY.getBytes();
+        request.cryptoKeyLength = (byte) request.cryptoKey.length;
         request.useAntiReplay = 0;
         request.tunnelSrcAddress = ipv4AddressNoZoneToArray(TNL_SRC_ADDR);
         request.tunnelDstAddress = ipv4AddressNoZoneToArray(TNL_DST_ADDR);
@@ -158,6 +160,7 @@ public class IpsecSadEntryCustomizerTest extends WriterCustomizerTest implements
         request.isTunnelIpv6 = BYTE_TRUE;
         request.integrityAlgorithm = 1;
         request.integrityKey = INTEG_KEY.getBytes();
+        request.integrityKeyLength = (byte) request.integrityKey.length;
         request.useAntiReplay = BYTE_TRUE;
         request.tunnelSrcAddress = ipv6AddressNoZoneToArray(Ipv6Address.getDefaultInstance("2001::11"));
         request.tunnelDstAddress = ipv6AddressNoZoneToArray(Ipv6Address.getDefaultInstance("2001::12"));
-- 
cgit 1.2.3-korg