Title

  Test IKEv2.EN.R.1.1.6.2: Cryptographic Algorithm Negotiation for CHILD_SA
  Part A: Encryption Algorithm ENCR_AES_CBC (ADVANCED)


Purpose

  To verify an IKEv2 device properly handles various algorithms for CHILD_SA.


References

  * [RFC 4306] - Sections 2.7 and 3.3


Test Setup

  * Network Topology
      Connect the devices according to the Common Topology.
  * Configuration
      In each part, configure the devices according to the Common Configuration.
  * Pre-Sequence and Cleanup Sequence
      IKEv2 on the NUT is disabled after each part.
From part A to part F, TN1 transmits an IKE_AUTH request including a SA payload which contains the transforms as follows:
IKE_AUTH exchanges Algorithms
Encryption Integrity Extended Sequence Numbers
Part A ENCR_AES_CBC AUTH_HMAC_SHA1_96 No Extended Sequence Numbers


Procedure

   NUT                  TN1
(End-Node)           (End-Node)
    |                    |
    |<-------------------| IKE_SA_INIT request (HDR, SAi1, KEi, Ni)
    |                    | (Packet #1)
    |------------------->| IKE_SA_INIT response (HDR, SAr1, KEr, Nr)
    |                    | (Judgement #1)
    |                    |
    |<-------------------| IKE_AUTH request (HDR, SK {IDi, AUTH, N, SAi2, TSi, TSr})
    |                    | (Packet #2)
    |------------------->| IKE_AUTH response (HDR, SK {IDr, AUTH, N, SAr2, TSi, TSr})
    |                    | (Judgement #2)
    |                    |
    |<-------------------| IPsec {Echo Request} 
    |                    | (Packet #3)
    |------------------->| IPsec {Echo Reply}  
    |                    | (Judgement #3)
    |                    |
    V                    V

N: USE_TRANSPORT_MODE
Packet #1 See Common Packet #1
Packet #2 See below
Packet #3 See Common Packet #19

  Packet #3: IKE_SA_INIT requet
        Packet #3 is same as Common Packet #3 except SA Transform proposed in each test.
Part A: SA Transform of Tranform Type ENCR is replaced by the following SA Transfrom.

SA Transform Next Payload 3 (more)
Reserved 0
Transform Length 8
Transform Type 1 (ENCR)
Reserved 0
Transform ID 12 (AES_CBC)
SA Attribute Attribute Type 14 (Key Length)
Attribute Value 128

  Part A: Encryption Algorithm ENCR_AES_CBC (ADVANCED)
       1. TN1 starts to negotiate with NUT by sending IKE_SA_INIT request.
       2. Observe the messages transmitted on Link A.
       3. After reception of IKE_SA_INIT response from the NUT, TN transmits an IKE_AUTH
          request as described above to the NUT.
       4. Observe the messages transmitted on Link A.
       5. After reception of IKE_AUTH response from the NUT, TN transmits an Echo Request with
          IPsec ESP with the accepted cryptographic suite to the NUT.
       6. Observe the messages transmitted on Link A.


Observable Result

  Part A
    Step 2: Judgment #1
      The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
      "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as accepted
      algorithms.
  
    Step 4: Judgment #2
      The NUT transmits an IKE_AUTH response including "ENCR_AES_CBC",
      "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as accepted algorithms.
  
    Step 6: Judgment #3
      The NUT transmits an Echo Reply with IPsec ESP using corresponding algorithms.


Possible Problems

  * None.