This commit is contained in:
parent
3310592d8f
commit
4390159698
@ -2,7 +2,7 @@
|
|||||||
"MACSEC_PROFILE|macsec_profile": {
|
"MACSEC_PROFILE|macsec_profile": {
|
||||||
"cipher_suite": "GCM-AES-XPN-256",
|
"cipher_suite": "GCM-AES-XPN-256",
|
||||||
"policy": "security",
|
"policy": "security",
|
||||||
"primary_cak": "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF",
|
"primary_cak": "5207554155500e5d5157786d6c2a3d2031425a5e577e7e727f6b6c03312432262706080a00005b554f4e007975707670725b0a54540c0252445e5d7a29252b046a",
|
||||||
"primary_ckn": "6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435",
|
"primary_ckn": "6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435",
|
||||||
"priority": "0",
|
"priority": "0",
|
||||||
"rekey_period": "900",
|
"rekey_period": "900",
|
||||||
|
@ -8,7 +8,7 @@ import macsec
|
|||||||
|
|
||||||
|
|
||||||
profile_name = "test"
|
profile_name = "test"
|
||||||
primary_cak = "01234567890123456789012345678912"
|
primary_cak = "2363647040534355560e000802065d574d400e000e030307075f0e5050000e5541"
|
||||||
primary_ckn = "01234567890123456789012345678912"
|
primary_ckn = "01234567890123456789012345678912"
|
||||||
|
|
||||||
|
|
||||||
@ -48,7 +48,7 @@ class TestConfigMACsec(object):
|
|||||||
|
|
||||||
profile_name = "test"
|
profile_name = "test"
|
||||||
profile_map = {
|
profile_map = {
|
||||||
"primary_cak": "0123456789012345678901234567891201234567890123456789012345678912",
|
"primary_cak": "3946080a0407070303530256560a04504650530352565e731f1a5c4f524f4b5a5e547b79777c6663754b5e465253050d0d0503565a48470b0b030604020c520a54",
|
||||||
"primary_ckn": "01234567890123456789012345678912",
|
"primary_ckn": "01234567890123456789012345678912",
|
||||||
"priority": 64,
|
"priority": 64,
|
||||||
"cipher_suite": "GCM-AES-XPN-256",
|
"cipher_suite": "GCM-AES-XPN-256",
|
||||||
@ -109,7 +109,7 @@ class TestConfigMACsec(object):
|
|||||||
runner = CliRunner()
|
runner = CliRunner()
|
||||||
|
|
||||||
result = runner.invoke(macsec.macsec, ["profile", "add", "test",
|
result = runner.invoke(macsec.macsec, ["profile", "add", "test",
|
||||||
"--primary_cak=01234567890123456789012345678912","--primary_ckn=01234567890123456789012345678912"],
|
"--primary_cak=2363647040534355560e000802065d574d400e000e030307075f0e5050000e5541","--primary_ckn=01234567890123456789012345678912"],
|
||||||
obj=cfgdb)
|
obj=cfgdb)
|
||||||
assert result.exit_code == 0, "exit code: {}, Exception: {}, Traceback: {}".format(result.exit_code, result.exception, result.exc_info)
|
assert result.exit_code == 0, "exit code: {}, Exception: {}, Traceback: {}".format(result.exit_code, result.exception, result.exc_info)
|
||||||
result = runner.invoke(macsec.macsec, ["port", "add", "Ethernet0", "test"], obj=cfgdb)
|
result = runner.invoke(macsec.macsec, ["port", "add", "Ethernet0", "test"], obj=cfgdb)
|
||||||
@ -141,8 +141,8 @@ class TestConfigMACsec(object):
|
|||||||
result = runner.invoke(macsec.macsec, ["profile", "del", "test"], obj=cfgdb)
|
result = runner.invoke(macsec.macsec, ["profile", "del", "test"], obj=cfgdb)
|
||||||
assert result.exit_code != 0
|
assert result.exit_code != 0
|
||||||
|
|
||||||
result = runner.invoke(macsec.macsec, ["profile", "add", "test", "--primary_cak=01234567890123456789012345678912","--primary_ckn=01234567890123456789012345678912"], obj=cfgdb)
|
result = runner.invoke(macsec.macsec, ["profile", "add", "test", "--primary_cak=2363647040534355560e000802065d574d400e000e030307075f0e5050000e5541","--primary_ckn=01234567890123456789012345678912"], obj=cfgdb)
|
||||||
assert result.exit_code == 0, "exit code: {}, Exception: {}, Traceback: {}".format(result.exit_code, result.exception, result.exc_info)
|
assert result.exit_code == 0, "exit code: {}, Exception: {}, Traceback: {}".format(result.exit_code, result.exception, result.exc_info)
|
||||||
# Repeat add profile
|
# Repeat add profile
|
||||||
result = runner.invoke(macsec.macsec, ["profile", "add", "test", "--primary_cak=01234567890123456789012345678912","--primary_ckn=01234567890123456789012345678912"], obj=cfgdb)
|
result = runner.invoke(macsec.macsec, ["profile", "add", "test", "--primary_cak=2363647040534355560e000802065d574d400e000e030307075f0e5050000e5541","--primary_ckn=01234567890123456789012345678912"], obj=cfgdb)
|
||||||
assert result.exit_code != 0
|
assert result.exit_code != 0
|
||||||
|
@ -137,11 +137,11 @@ def add_profile(profile, priority, cipher_suite, primary_cak, primary_ckn, polic
|
|||||||
profile_table["cipher_suite"] = cipher_suite
|
profile_table["cipher_suite"] = cipher_suite
|
||||||
|
|
||||||
if "128" in cipher_suite:
|
if "128" in cipher_suite:
|
||||||
if len(primary_cak) != 32:
|
if len(primary_cak) != 66:
|
||||||
ctx.fail("Expect the length of CAK is 32, but got {}".format(len(primary_cak)))
|
ctx.fail("Expect the length of CAK is 66, but got {}".format(len(primary_cak)))
|
||||||
elif "256" in cipher_suite:
|
elif "256" in cipher_suite:
|
||||||
if len(primary_cak) != 64:
|
if len(primary_cak) != 130:
|
||||||
ctx.fail("Expect the length of CAK is 64, but got {}".format(len(primary_cak)))
|
ctx.fail("Expect the length of CAK is 130, but got {}".format(len(primary_cak)))
|
||||||
if not is_hexstring(primary_cak):
|
if not is_hexstring(primary_cak):
|
||||||
ctx.fail("Expect the primary_cak is valid hex string")
|
ctx.fail("Expect the primary_cak is valid hex string")
|
||||||
if not is_hexstring(primary_ckn):
|
if not is_hexstring(primary_ckn):
|
||||||
|
@ -2,18 +2,18 @@
|
|||||||
"MACSEC_PROFILE":{
|
"MACSEC_PROFILE":{
|
||||||
"macsec-profile": {
|
"macsec-profile": {
|
||||||
"cipher_suite": "GCM-AES-XPN-256",
|
"cipher_suite": "GCM-AES-XPN-256",
|
||||||
"primary_cak": "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF",
|
"primary_cak": "5207554155500e5d5157786d6c2a3d2031425a5e577e7e727f6b6c03312432262706080a00005b554f4e007975707670725b0a54540c0252445e5d7a29252b046a",
|
||||||
"primary_ckn": "6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435",
|
"primary_ckn": "6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435",
|
||||||
"fallback_cak": "0000000000000000000000000000000000000000000000000000000000000000",
|
"fallback_cak": "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"fallback_ckn": "1111111111111111111111111111111111111111111111111111111111111111",
|
"fallback_ckn": "1111111111111111111111111111111111111111111111111111111111111111",
|
||||||
"priority": "0",
|
"priority": "0",
|
||||||
"rekey_period": "60"
|
"rekey_period": "60"
|
||||||
},
|
},
|
||||||
"macsec-profile2": {
|
"macsec-profile2": {
|
||||||
"cipher_suite": "GCM-AES-XPN-256",
|
"cipher_suite": "GCM-AES-XPN-256",
|
||||||
"primary_cak": "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF",
|
"primary_cak": "5207554155500e5d5157786d6c2a3d2031425a5e577e7e727f6b6c03312432262706080a00005b554f4e007975707670725b0a54540c0252445e5d7a29252b046a",
|
||||||
"primary_ckn": "6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435",
|
"primary_ckn": "6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435",
|
||||||
"fallback_cak": "0000000000000000000000000000000000000000000000000000000000000000",
|
"fallback_cak": "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"fallback_ckn": "1111111111111111111111111111111111111111111111111111111111111111",
|
"fallback_ckn": "1111111111111111111111111111111111111111111111111111111111111111",
|
||||||
"priority": "0",
|
"priority": "0",
|
||||||
"rekey_period": "60"
|
"rekey_period": "60"
|
||||||
|
@ -2030,9 +2030,9 @@
|
|||||||
"test": {
|
"test": {
|
||||||
"priority": "64",
|
"priority": "64",
|
||||||
"cipher_suite": "GCM-AES-128",
|
"cipher_suite": "GCM-AES-128",
|
||||||
"primary_cak": "0123456789ABCDEF0123456789ABCDEF",
|
"primary_cak": "1159485744465e5a537272050a1011073557475152020c0e040c57223a357d7d71",
|
||||||
"primary_ckn": "6162636465666768696A6B6C6D6E6F70",
|
"primary_ckn": "6162636465666768696A6B6C6D6E6F70",
|
||||||
"fallback_cak": "00000000000000000000000000000000",
|
"fallback_cak": "000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"fallback_ckn": "11111111111111111111111111111111",
|
"fallback_ckn": "11111111111111111111111111111111",
|
||||||
"policy": "security",
|
"policy": "security",
|
||||||
"enable_replay_protect": "true",
|
"enable_replay_protect": "true",
|
||||||
|
@ -7,9 +7,9 @@
|
|||||||
"name": "test32",
|
"name": "test32",
|
||||||
"priority": 64,
|
"priority": 64,
|
||||||
"cipher_suite": "GCM-AES-128",
|
"cipher_suite": "GCM-AES-128",
|
||||||
"primary_cak": "0123456789ABCDEF0123456789ABCDEF",
|
"primary_cak": "1159485744465e5a537272050a1011073557475152020c0e040c57223a357d7d71",
|
||||||
"primary_ckn": "6162636465666768696A6B6C6D6E6F70",
|
"primary_ckn": "6162636465666768696A6B6C6D6E6F70",
|
||||||
"fallback_cak": "00000000000000000000000000000000",
|
"fallback_cak": "000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"fallback_ckn": "11111111111111111111111111111111",
|
"fallback_ckn": "11111111111111111111111111111111",
|
||||||
"policy": "security",
|
"policy": "security",
|
||||||
"enable_replay_protect": "true",
|
"enable_replay_protect": "true",
|
||||||
@ -21,9 +21,9 @@
|
|||||||
"name": "test64",
|
"name": "test64",
|
||||||
"priority": 64,
|
"priority": 64,
|
||||||
"cipher_suite": "GCM-AES-XPN-256",
|
"cipher_suite": "GCM-AES-XPN-256",
|
||||||
"primary_cak": "0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF",
|
"primary_cak": "5207554155500e5d5157786d6c2a3d2031425a5e577e7e727f6b6c03312432262706080a00005b554f4e007975707670725b0a54540c0252445e5d7a29252b046a",
|
||||||
"primary_ckn": "6162636465666768696A6B6C6D6E6F706162636465666768696A6B6C6D6E6F70",
|
"primary_ckn": "6162636465666768696A6B6C6D6E6F706162636465666768696A6B6C6D6E6F70",
|
||||||
"fallback_cak": "0000000000000000000000000000000000000000000000000000000000000000",
|
"fallback_cak": "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"fallback_ckn": "1111111111111111111111111111111111111111111111111111111111111111",
|
"fallback_ckn": "1111111111111111111111111111111111111111111111111111111111111111",
|
||||||
"policy": "security",
|
"policy": "security",
|
||||||
"enable_replay_protect": "true",
|
"enable_replay_protect": "true",
|
||||||
@ -61,7 +61,7 @@
|
|||||||
{
|
{
|
||||||
"name": "test",
|
"name": "test",
|
||||||
"cipher_suite": "gcm-aes-128",
|
"cipher_suite": "gcm-aes-128",
|
||||||
"primary_cak": "0123456789ABCDEF0123456789ABCDEF",
|
"primary_cak": "1159485744465e5a537272050a1011073557475152020c0e040c57223a357d7d71",
|
||||||
"primary_ckn": "6162636465666768696A6B6C6D6E6F70"
|
"primary_ckn": "6162636465666768696A6B6C6D6E6F70"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@ -74,9 +74,9 @@
|
|||||||
"MACSEC_PROFILE_LIST": [
|
"MACSEC_PROFILE_LIST": [
|
||||||
{
|
{
|
||||||
"name": "test",
|
"name": "test",
|
||||||
"primary_cak": "0123456789ABCDEF0123456789ABCDEF",
|
"primary_cak": "1159485744465e5a537272050a1011073557475152020c0e040c57223a357d7d71",
|
||||||
"primary_ckn": "6162636465666768696A6B6C6D6E6F70",
|
"primary_ckn": "6162636465666768696A6B6C6D6E6F70",
|
||||||
"fallback_cak": "0123456789ABCDEF0123456789ABCDEF",
|
"fallback_cak": "1159485744465e5a537272050a1011073557475152020c0e040c57223a357d7d71",
|
||||||
"fallback_ckn": "6162636465666768696A6B6C6D6E6F70"
|
"fallback_ckn": "6162636465666768696A6B6C6D6E6F70"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@ -89,7 +89,7 @@
|
|||||||
"MACSEC_PROFILE_LIST": [
|
"MACSEC_PROFILE_LIST": [
|
||||||
{
|
{
|
||||||
"name": "test",
|
"name": "test",
|
||||||
"primary_cak": "0123456789ABCDEF0123456789ABCDEFA",
|
"primary_cak": "1159485744465e5a537272050a1011073557475152020c0e040c57223a357d7d7",
|
||||||
"primary_ckn": "6162636465666768696A6B6C6D6E6F70A"
|
"primary_ckn": "6162636465666768696A6B6C6D6E6F70A"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@ -115,9 +115,9 @@
|
|||||||
"MACSEC_PROFILE_LIST": [
|
"MACSEC_PROFILE_LIST": [
|
||||||
{
|
{
|
||||||
"name": "test",
|
"name": "test",
|
||||||
"primary_cak": "0123456789ABCDEF0123456789ABCDEF",
|
"primary_cak": "1159485744465e5a537272050a1011073557475152020c0e040c57223a357d7d71",
|
||||||
"primary_ckn": "6162636465666768696A6B6C6D6E6F70",
|
"primary_ckn": "6162636465666768696A6B6C6D6E6F70",
|
||||||
"fallback_cak": "0000000000000000000000000000000000000000000000000000000000000000",
|
"fallback_cak": "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
|
||||||
"fallback_ckn": "1111111111111111111111111111111111111111111111111111111111111111"
|
"fallback_ckn": "1111111111111111111111111111111111111111111111111111111111111111"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@ -130,7 +130,7 @@
|
|||||||
"MACSEC_PROFILE_LIST": [
|
"MACSEC_PROFILE_LIST": [
|
||||||
{
|
{
|
||||||
"name": "test",
|
"name": "test",
|
||||||
"primary_cak": "0123456789ABCDEF0123456789ABCDEF",
|
"primary_cak": "1159485744465e5a537272050a1011073557475152020c0e040c57223a357d7d71",
|
||||||
"primary_ckn": "6162636465666768696A6B6C6D6E6F70",
|
"primary_ckn": "6162636465666768696A6B6C6D6E6F70",
|
||||||
"replay_window": 64
|
"replay_window": 64
|
||||||
}
|
}
|
||||||
|
@ -46,7 +46,7 @@ module sonic-macsec {
|
|||||||
|
|
||||||
leaf primary_cak {
|
leaf primary_cak {
|
||||||
type string {
|
type string {
|
||||||
pattern "[0-9a-fA-F]{32}|[0-9a-fA-F]{64}";
|
pattern "[0-9a-fA-F]{66}|[0-9a-fA-F]{130}";
|
||||||
}
|
}
|
||||||
mandatory true;
|
mandatory true;
|
||||||
}
|
}
|
||||||
@ -60,7 +60,7 @@ module sonic-macsec {
|
|||||||
|
|
||||||
leaf fallback_cak {
|
leaf fallback_cak {
|
||||||
type string {
|
type string {
|
||||||
pattern "[0-9a-fA-F]{32}|[0-9a-fA-F]{64}";
|
pattern "[0-9a-fA-F]{66}|[0-9a-fA-F]{130}";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -70,10 +70,6 @@ module sonic-macsec {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
must "string-length(primary_cak) = string-length(primary_ckn)";
|
|
||||||
|
|
||||||
must "string-length(fallback_cak) = string-length(fallback_ckn)";
|
|
||||||
|
|
||||||
must "string-length(fallback_cak) = string-length(primary_cak)";
|
must "string-length(fallback_cak) = string-length(primary_cak)";
|
||||||
|
|
||||||
must "primary_ckn != fallback_ckn";
|
must "primary_ckn != fallback_ckn";
|
||||||
|
Loading…
Reference in New Issue
Block a user