1 # MACsec unit tests 2 # run with: 3 # test/run_tests -P "load_contrib('macsec')" -t scapy/contrib/macsec.uts -F 4 5 + MACsec 6 ~ crypto not_pypy 7 # Note: these tests are disabled with pypy, as the cryptography module does 8 # not currently work with the pypy version used by Travis CI. 9 10 = MACsec - basic encap - encrypted 11 sa = MACsecSA(sci=b'\x52\x54\x00\x13\x01\x56\x00\x01', an=0, pn=100, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=1, send_sci=1) 12 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/IP(src='192.168.0.1', dst='192.168.0.2')/ICMP(type='echo-request')/"1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890" 13 m = sa.encap(p) 14 assert(m.type == ETH_P_MACSEC) 15 assert(m[MACsec].type == ETH_P_IP) 16 assert(len(m) == len(p) + 16) 17 assert(m[MACsec].an == 0) 18 assert(m[MACsec].pn == 100) 19 assert(m[MACsec].shortlen == 0) 20 assert(m[MACsec].SC) 21 assert(m[MACsec].E) 22 assert(m[MACsec].C) 23 assert(m[MACsec].sci == b'\x52\x54\x00\x13\x01\x56\x00\x01') 24 25 = MACsec - basic encryption - encrypted 26 sa = MACsecSA(sci=b'\x52\x54\x00\x13\x01\x56\x00\x01', an=0, pn=100, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=1, send_sci=1) 27 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/IP(src='192.168.0.1', dst='192.168.0.2')/ICMP(type='echo-request')/"1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890" 28 m = sa.encap(p) 29 e = sa.encrypt(m) 30 assert(e.type == ETH_P_MACSEC) 31 assert(e[MACsec].type == None) 32 assert(len(e) == len(p) + 16 + 16) 33 assert(e[MACsec].an == 0) 34 assert(e[MACsec].pn == 100) 35 assert(e[MACsec].shortlen == 0) 36 assert(e[MACsec].SC) 37 assert(e[MACsec].E) 38 assert(e[MACsec].C) 39 assert(e[MACsec].sci == b'\x52\x54\x00\x13\x01\x56\x00\x01') 40 41 = MACsec - basic decryption - encrypted 42 sa = MACsecSA(sci=b'\x52\x54\x00\x13\x01\x56\x00\x01', an=0, pn=100, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=1, send_sci=1) 43 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/IP(src='192.168.0.1', dst='192.168.0.2')/ICMP(type='echo-request')/"1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890" 44 m = sa.encap(p) 45 e = sa.encrypt(m) 46 d = sa.decrypt(e) 47 assert(d.type == ETH_P_MACSEC) 48 assert(d[MACsec].type == ETH_P_IP) 49 assert(len(d) == len(m)) 50 assert(d[MACsec].an == 0) 51 assert(d[MACsec].pn == 100) 52 assert(d[MACsec].shortlen == 0) 53 assert(d[MACsec].SC) 54 assert(d[MACsec].E) 55 assert(d[MACsec].C) 56 assert(d[MACsec].sci == b'\x52\x54\x00\x13\x01\x56\x00\x01') 57 assert(raw(d) == raw(m)) 58 59 = MACsec - basic decap - decrypted 60 sa = MACsecSA(sci=b'\x52\x54\x00\x13\x01\x56\x00\x01', an=0, pn=100, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=1, send_sci=1) 61 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/IP(src='192.168.0.1', dst='192.168.0.2')/ICMP(type='echo-request')/"1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890" 62 m = sa.encap(p) 63 e = sa.encrypt(m) 64 d = sa.decrypt(e) 65 r = sa.decap(d) 66 assert(raw(r) == raw(p)) 67 68 69 70 = MACsec - basic encap - integrity only 71 sa = MACsecSA(sci=b'\x52\x54\x00\x13\x01\x56\x00\x01', an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 72 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/IP(src='192.168.0.1', dst='192.168.0.2')/ICMP(type='echo-request')/"1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890" 73 m = sa.encap(p) 74 assert(m.type == ETH_P_MACSEC) 75 assert(m[MACsec].type == ETH_P_IP) 76 assert(len(m) == len(p) + 16) 77 assert(m[MACsec].an == 0) 78 assert(m[MACsec].pn == 200) 79 assert(m[MACsec].shortlen == 0) 80 assert(m[MACsec].SC) 81 assert(not m[MACsec].E) 82 assert(not m[MACsec].C) 83 assert(m[MACsec].sci == b'\x52\x54\x00\x13\x01\x56\x00\x01') 84 85 = MACsec - basic encryption - integrity only 86 sa = MACsecSA(sci=b'\x52\x54\x00\x13\x01\x56\x00\x01', an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 87 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/IP(src='192.168.0.1', dst='192.168.0.2')/ICMP(type='echo-request')/"1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890" 88 m = sa.encap(p) 89 e = sa.encrypt(m) 90 assert(m.type == ETH_P_MACSEC) 91 assert(e[MACsec].type == None) 92 assert(len(e) == len(p) + 16 + 16) 93 assert(e[MACsec].an == 0) 94 assert(e[MACsec].pn == 200) 95 assert(e[MACsec].shortlen == 0) 96 assert(e[MACsec].SC) 97 assert(not e[MACsec].E) 98 assert(not e[MACsec].C) 99 assert(e[MACsec].sci == b'\x52\x54\x00\x13\x01\x56\x00\x01') 100 assert(raw(e)[:-16] == raw(m)) 101 102 = MACsec - basic decryption - integrity only 103 sa = MACsecSA(sci=b'\x52\x54\x00\x13\x01\x56\x00\x01', an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 104 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/IP(src='192.168.0.1', dst='192.168.0.2')/ICMP(type='echo-request')/"1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890" 105 m = sa.encap(p) 106 e = sa.encrypt(m) 107 d = sa.decrypt(e) 108 assert(d.type == ETH_P_MACSEC) 109 assert(d[MACsec].type == ETH_P_IP) 110 assert(len(d) == len(m)) 111 assert(d[MACsec].an == 0) 112 assert(d[MACsec].pn == 200) 113 assert(d[MACsec].shortlen == 0) 114 assert(d[MACsec].SC) 115 assert(not d[MACsec].E) 116 assert(not d[MACsec].C) 117 assert(d[MACsec].sci == b'\x52\x54\x00\x13\x01\x56\x00\x01') 118 assert(raw(d) == raw(m)) 119 120 = MACsec - basic decap - integrity only 121 sa = MACsecSA(sci=b'\x52\x54\x00\x13\x01\x56\x00\x01', an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 122 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/IP(src='192.168.0.1', dst='192.168.0.2')/ICMP(type='echo-request')/"1234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890" 123 m = sa.encap(p) 124 e = sa.encrypt(m) 125 d = sa.decrypt(e) 126 r = sa.decap(d) 127 assert(raw(r) == raw(p)) 128 129 = MACsec - encap - shortlen 2 130 sa = MACsecSA(sci=0x5254001301560001, an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 131 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd') 132 m = sa.encap(p) 133 assert(m[MACsec].shortlen == 2) 134 assert(len(m) == m[MACsec].shortlen + 20 + (8 if sa.send_sci else 0)) 135 136 = MACsec - encap - shortlen 10 137 sa = MACsecSA(sci=0x5254001301560001, an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 138 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/Raw("x" * 8) 139 m = sa.encap(p) 140 assert(m[MACsec].shortlen == 10) 141 assert(len(m) == m[MACsec].shortlen + 20 + (8 if sa.send_sci else 0)) 142 143 = MACsec - encap - shortlen 18 144 sa = MACsecSA(sci=0x5254001301560001, an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 145 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/Raw("x" * 16) 146 m = sa.encap(p) 147 assert(m[MACsec].shortlen == 18) 148 assert(len(m) == m[MACsec].shortlen + 20 + (8 if sa.send_sci else 0)) 149 150 = MACsec - encap - shortlen 32 151 sa = MACsecSA(sci=0x5254001301560001, an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 152 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/Raw("x" * 30) 153 m = sa.encap(p) 154 assert(m[MACsec].shortlen == 32) 155 assert(len(m) == m[MACsec].shortlen + 20 + (8 if sa.send_sci else 0)) 156 157 = MACsec - encap - shortlen 40 158 sa = MACsecSA(sci=0x5254001301560001, an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 159 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/Raw("x" * 38) 160 m = sa.encap(p) 161 assert(m[MACsec].shortlen == 40) 162 assert(len(m) == m[MACsec].shortlen + 20 + (8 if sa.send_sci else 0)) 163 164 = MACsec - encap - shortlen 47 165 sa = MACsecSA(sci=0x5254001301560001, an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 166 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/Raw("x" * 45) 167 m = sa.encap(p) 168 assert(m[MACsec].shortlen == 47) 169 assert(len(m) == m[MACsec].shortlen + 20 + (8 if sa.send_sci else 0)) 170 171 = MACsec - encap - shortlen 0 (48) 172 sa = MACsecSA(sci=0x5254001301560001, an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 173 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/Raw("x" * 45 + "y") 174 m = sa.encap(p) 175 assert(m[MACsec].shortlen == 0) 176 177 178 = MACsec - encap - shortlen 2/nosci 179 sa = MACsecSA(sci=0x5254001301560001, an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=0) 180 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd') 181 m = sa.encap(p) 182 assert(m[MACsec].shortlen == 2) 183 assert(len(m) == m[MACsec].shortlen + 20 + (8 if sa.send_sci else 0)) 184 185 = MACsec - encap - shortlen 32/nosci 186 sa = MACsecSA(sci=0x5254001301560001, an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=0) 187 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/Raw("x" * 30) 188 m = sa.encap(p) 189 assert(m[MACsec].shortlen == 32) 190 assert(len(m) == m[MACsec].shortlen + 20 + (8 if sa.send_sci else 0)) 191 192 = MACsec - encap - shortlen 47/nosci 193 sa = MACsecSA(sci=0x5254001301560001, an=0, pn=200, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=0) 194 p = Ether(src='aa:aa:aa:bb:bb:bb', dst='cc:cc:cc:dd:dd:dd')/Raw("x" * 45) 195 m = sa.encap(p) 196 assert(m[MACsec].shortlen == 47) 197 assert(len(m) == m[MACsec].shortlen + 20 + (8 if sa.send_sci else 0)) 198 199 200 = MACsec - authenticate 201 tx = Ether(b"RT\x00\x12\x01V.\xbc\x84\xd5\xca\x13\x88\xe5 \x00\x00\x00\x00\rRT\x00\x13\x01V\x00\x01\x08\x00E\x00\x00T\x11:@\x00@\x01\xa6\x1b\xc0\xa8\x01\x01\xc0\xa8\x01\x02\x08\x00a\xeaG+\x00\x01\xc0~RY\x00\x00\x00\x00w>\x06\x00\x00\x00\x00\x00\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\xf1\xb8\xe4,b\xb00\x98L\x85m1Q9\t:") 202 rx = Ether(b".\xbc\x84\xd5\xca\x13RT\x00\x12\x01V\x88\xe5 \x00\x00\x00\x00#RT\x00\x12\x01V\x00\x01\x08\x00E\x00\x00T\xd4\x1a\x00\x00@\x01#;\xc0\xa8\x01\x02\xc0\xa8\x01\x01\x00\x00i\xeaG+\x00\x01\xc0~RY\x00\x00\x00\x00w>\x06\x00\x00\x00\x00\x00\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37z\x11\xf8S\xe5u\x81\xe8\x19\\nxX\x02\x13\x01") 203 rxsa = MACsecSA(sci=0x5254001201560001, an=0, pn=31, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=0, send_sci=1) 204 txsa = MACsecSA(sci=0x5254001301560001, an=0, pn=31, key=b'\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61', icvlen=16, encrypt=0, send_sci=1) 205 txdec = txsa.decap(txsa.decrypt(tx)) 206 rxdec = rxsa.decap(rxsa.decrypt(rx)) 207 txref = b"RT\x00\x12\x01V.\xbc\x84\xd5\xca\x13\x08\x00E\x00\x00T\x11:@\x00@\x01\xa6\x1b\xc0\xa8\x01\x01\xc0\xa8\x01\x02\x08\x00a\xeaG+\x00\x01\xc0~RY\x00\x00\x00\x00w>\x06\x00\x00\x00\x00\x00\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37" 208 rxref = b".\xbc\x84\xd5\xca\x13RT\x00\x12\x01V\x08\x00E\x00\x00T\xd4\x1a\x00\x00@\x01#;\xc0\xa8\x01\x02\xc0\xa8\x01\x01\x00\x00i\xeaG+\x00\x01\xc0~RY\x00\x00\x00\x00w>\x06\x00\x00\x00\x00\x00\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37" 209 assert(raw(txdec) == raw(txref)) 210 assert(raw(rxdec) == raw(rxref)) 211 212 213 214 = MACsec - authenticate - invalid packet 215 rx = Ether(b".\xbc\x84\xd5\xca\x13RT\x00\x12\x01V\x88\xe5 \x00\x00\x00\x00#RT\x00\x12\x01V\x00\x01\x08\x00E\x00\x00T\xd4\x1a\x00\x00@\x01#;\xc0\xa8\x01\x02\xc0\xa8\x01\x01\x00\x00i\xeaG+\x00\x01\xc0~RY\x00\x00\x00\x00w>\x06\x00\x00\x00\x00\x00\xba\xdb\xba\xdb\xad\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37z\x11\xf8S\xe5u\x81\xe8\x19\\nxX\x02\x13\x01") 216 txsa = MACsecSA(sci=0x5254001301560001, an=0, pn=31, key=b'\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61', icvlen=16, encrypt=0, send_sci=1) 217 try: 218 rxdec = rxsa.decap(rxsa.decrypt(rx)) 219 assert(not "This packet shouldn't have been authenticated as correct") 220 except InvalidTag: 221 pass 222 223 224 225 = MACsec - decrypt 226 tx = Ether(b"RT\x00\x12\x01V.\xbc\x84\xd5\xca\x13\x88\xe5,\x00\x00\x00\x00\x1fRT\x00\x13\x01V\x00\x01\xf1\xd6\xf7\x03\xf0%\x19\x8e\x88\xb0\xac\xa1\x82\x98\x94]\x85&\xc4U*\x84kX#O\xb6\x8f\xf1\x9d\xc5\xdc\xe0\x80,\x98\x8e_\xd53e\x16b0\xaf\xd9\x9e;A\x8aM\xfe\x16\xf6j\xe6\xea\xb7\x9c\xf3\x9bCc#,\x93\xf7\xc0\xdb\x9a\xd0\x0c\xfd?\xcbd\xe5D\xb7\xc9\xbb\xf5\x93M\xc5\x1d'LR\xed\xf3\xbc\xa0\xdf\x86\xf7\xc2JN\xcd\x19\xc1?\xf7\xd2\xbe\x00\x0f`\xe0\x04\xcfX5\xdc\xe7\xb6\xe6\x82\xc4\xac\xd7\x06\xe31\xbe|\x98l\xc8\xc1#*n+x|\xad\x0b<\xfd\xb8\xceoR\x1e") 227 rx = Ether(b".\xbc\x84\xd5\xca\x13RT\x00\x12\x01V\x88\xe5,\x00\x00\x00\x005RT\x00\x12\x01V\x00\x01\x04\xbaV\xe6\xcf\xcfbhy\x7f\xce\x12.\x80WI\xe5\xd5\x98)6\xe1vjVO@\x84\xde\x9b\x83\xbaw\xef\x13\xc3\xfd\xad\x81\xd4S?\x01\x01\xab\xa8 PzSq2\x905\xf6\x8cT\xd7\xb0P\xe2\xd04\xc7F\x88\x85\x10\xc3\x99\x80\xe3(\t\x10\x87\xa9{z\x22\xce>;Mr\xbe\xc1\xa0\x07%\x01\x96\xe5\xa3\x18]\xec\xbb\x7f\xde0\xa1\x99\xb2\xad\x93j\x97\xef\xf4\xee\xf0\xe4s\xb7h\x95\xc3\x8b[~hX\xbf|\xee\x99\x97\xe0;Q\x9aa\xb9\x13$\xd6\xe4\xb4\xce\njt\xc0\xa1.") 228 rxsa = MACsecSA(sci=0x5254001201560001, an=0, pn=31, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=1, send_sci=1) 229 txsa = MACsecSA(sci=0x5254001301560001, an=0, pn=31, key=b'\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61\x61', icvlen=16, encrypt=1, send_sci=1) 230 txdec = txsa.decap(txsa.decrypt(tx)) 231 rxdec = rxsa.decap(rxsa.decrypt(rx)) 232 txref = b"RT\x00\x12\x01V.\xbc\x84\xd5\xca\x13\x08\x00E\x00\x00\x80#D@\x00@\x01\x93\xe5\xc0\xa8\x01\x01\xc0\xa8\x01\x02\x08\x00E\xd5\x0f\xb3\x00\x01SrSY\x00\x00\x00\x00\x8b\x1d\r\x00\x00\x00\x00\x00\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abc" 233 rxref = b".\xbc\x84\xd5\xca\x13RT\x00\x12\x01V\x08\x00E\x00\x00\x80\x05\xab\x00\x00@\x01\xf1~\xc0\xa8\x01\x02\xc0\xa8\x01\x01\x00\x00M\xd5\x0f\xb3\x00\x01SrSY\x00\x00\x00\x00\x8b\x1d\r\x00\x00\x00\x00\x00\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abc" 234 assert(raw(txdec) == raw(txref)) 235 assert(raw(rxdec) == raw(rxref)) 236 237 238 239 = MACsec - decrypt - invalid packet 240 rx = Ether(b".\xbc\x84\xd5\xca\x13RT\x00\x12\x01V\x88\xe5,\x00\x00\x00\x005RT\x00\x12\x01V\x00\x01\x04\xbaV\xe6\xcf\xcfbhy\x7f\xce\x12.\x80WI\xe5\xd5\x98)6\xe1vjVO@\x84\xde\x9b\x83\xbaw\xef\x13\xc3\xfd\xad\x81\xd4S?\x01\x01\xab\xa8 PzSq2\x905\xf6\x8cT\xd7\xb0P\xe2\xd04\xc7F\x88\x85\x10\xc3\x99\x80\xe3(\t\x10\x87\xa9{z\x22\xce>;Mr\xbe\xc1\xa0\x07%\x01\x96\xe5\xa3\x18]\xec\xbb\x7f\xde0\xa1\x99\xb2\xad\x93j\x97\xba\xdb\xad\xf0\xe4s\xb7h\x95\xc3\x8b[~hX\xbf|\xee\x99\x97\xe0;Q\x9aa\xb9\x13$\xd6\xe4\xb4\xce\njt\xc0\xa1.") 241 rxsa = MACsecSA(sci=0x5254001201560001, an=0, pn=31, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=1, send_sci=1) 242 try: 243 rxdec = rxsa.decap(rxsa.decrypt(rx)) 244 assert(not "This packet shouldn't have been decrypted correctly") 245 except InvalidTag: 246 pass 247 248 249 250 = MACsec - decap - non-Ethernet 251 rxsa = MACsecSA(sci=0x5254001201560001, an=0, pn=31, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=1, send_sci=1) 252 try: 253 rxsa.decap(IP()) 254 except TypeError as e: 255 assert(str(e) == "cannot decapsulate MACsec packet, must be Ethernet/MACsec") 256 257 = MACsec - decap - non-MACsec 258 rxsa = MACsecSA(sci=0x5254001201560001, an=0, pn=31, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=1, send_sci=1) 259 try: 260 rxsa.decap(Ether()/IP()) 261 except TypeError as e: 262 assert(str(e) == "cannot decapsulate MACsec packet, must be Ethernet/MACsec") 263 264 = MACsec - encap - non-Ethernet 265 txsa = MACsecSA(sci=0x5254001201560001, an=0, pn=31, key=b'aaaaaaaaaaaaaaaa', icvlen=16, encrypt=1, send_sci=1) 266 try: 267 txsa.encap(IP()) 268 except TypeError as e: 269 assert(str(e) == "cannot encapsulate packet in MACsec, must be Ethernet") 270