Title

  Test IKEv2.EN.R.1.2.1.1: Receipt of CREATE_CHILD_SA request
  Part A: IKE Header Format (BASIC)
  Part B: Encrypted Payload Format (BASIC)
  Part C: Notify Payload (USE_TRANSPORT_MODE) Format (BASIC)
  Part D: SA Payload Format (BASIC)
  Part E: Nonce Payload Format (BASIC)
  Part F: Nonce Payload Format (BASIC)
  Part G: TSr Payload Format (BASIC)


Purpose

  To verify an IKEv2 device properly handles the CREATE_CHILD_SA exchanges using Pre-
  shared key


References

  * [RFC 4306] - Sections 1.3 and 2.8


Test Setup

  * Network Topology
      Connect the devices according to the Common Topology.
  * Configuration
      In each part, configure the devices according to the Common Configuration.
  * Pre-Sequence and Cleanup Sequence
      IKEv2 on the NUT is disabled after each part.


Procedure

   NUT                  TN1
(End-Node)           (End-Node)
    |                    |
    |<-------------------| IKE_SA_INIT request (HDR, SAi1, KEi, Ni)
    |                    | (Packet #1)
    |------------------->| IKE_SA_INIT Response (HDR, SAr1, KEr, Nr)
    |                    | (Judgement #1)
    |                    |
    |<-------------------| IKE_AUTH request (HDR, SK {IDi, AUTH, N+, SAi2, TSi, TSr})
    |                    | (Packet #2)
    |------------------->| IKE_AUTH Response (HDR, SK {IDr, AUTH, N+, SAr2, TSi, TSr})
    |                    | (Judgement #2)
    |                    |
    |<-------------------| CREATE_CHILD_SA request (HDR, SK {N, N+, SA, Ni, TSi, TSr})
    |                    | (Packet #3)
    |------------------->| CREATE_CHILD_SA response (HDR, SK { N+, SA, Nr, TSi, TSr})
    |                    | (Judgement #3)
    |                    |
    V                    V

N: REKEY_SA N+: USE_TRANSPORT_MODE
Packet #1 See Common Packet #1
Packet #2 See Common Packet #3
Packet #3 See Common Packet #13

  Part A: IKE Header Format (BASIC)
       1. TN1 starts to negotiate with NUT by sending IKE_SA_INIT request.
       2. Observe the messages transmitted on Link A.
       3. After a reception of IKE_SA_INIT response from the NUT, TN1 transmits IKE_AUTH
          request to the NUT.
       4. Observe the messages transmitted on Link A.
       5. After reception of IKE_AUTH response from the NUT, TN1 transmits
          CREATE_CHILD_SA request to the NUT to rekey CHILD_SAs.
       6. Observe the messages transmitted on Link A.
  Part B: Encrypted Payload Format (BASIC)
       7. TN1 starts to negotiate with NUT by sending IKE_SA_INIT request.
       8. Observe the messages transmitted on Link A.
       9. After a reception of IKE_SA_INIT response from the NUT, TN1 transmits IKE_AUTH
          request to the NUT.
      10. Observe the messages transmitted on Link A.
      11. After reception of IKE_AUTH response from the NUT, TN1 transmits
          CREATE_CHILD_SA request to the NUT to rekey CHILD_SAs.
      12. Observe the messages transmitted on Link A.
  Part C: Notify Payload (USE_TRANSPORT_MODE) Format (BASIC)
      13. TN1 starts to negotiate with NUT by sending IKE_SA_INIT request.
      14. Observe the messages transmitted on Link A.
      15. After a reception of IKE_SA_INIT response from the NUT, TN1 transmits IKE_AUTH
          request to the NUT.
      16. Observe the messages transmitted on Link A.
      17. After reception of IKE_AUTH response from the NUT, TN1 transmits
          CREATE_CHILD_SA request to the NUT to rekey CHILD_SAs.
      18. Observe the messages transmitted on Link A.
  Part D: Notify Payload (USE_TRANSPORT_MODE) Format (BASIC)
      13. TN1 starts to negotiate with NUT by sending IKE_SA_INIT request.
      14. Observe the messages transmitted on Link A.
      15. After a reception of IKE_SA_INIT response from the NUT, TN1 transmits IKE_AUTH
          request to the NUT.
      16. Observe the messages transmitted on Link A.
      17. After reception of IKE_AUTH response from the NUT, TN1 transmits
          CREATE_CHILD_SA request to the NUT to rekey CHILD_SAs.
      18. Observe the messages transmitted on Link A.
  Part E: Nonce Payload Format (BASIC)
      25. TN1 starts to negotiate with NUT by sending IKE_SA_INIT request.
      26. Observe the messages transmitted on Link A.
      27. After a reception of IKE_SA_INIT response from the NUT, TN1 transmits IKE_AUTH
          request to the NUT.
      28. Observe the messages transmitted on Link A.
      29. After reception of IKE_AUTH response from the NUT, TN1 transmits
          CREATE_CHILD_SA request to the NUT to rekey CHILD_SAs.
      30. Observe the messages transmitted on Link A.
  Part F: Nonce Payload Format (BASIC)
      25. TN1 starts to negotiate with NUT by sending IKE_SA_INIT request.
      26. Observe the messages transmitted on Link A.
      27. After a reception of IKE_SA_INIT response from the NUT, TN1 transmits IKE_AUTH
          request to the NUT.
      28. Observe the messages transmitted on Link A.
      29. After reception of IKE_AUTH response from the NUT, TN1 transmits
          CREATE_CHILD_SA request to the NUT to rekey CHILD_SAs.
      30. Observe the messages transmitted on Link A.
  Part G: TSr Payload Format (BASIC)
      37. TN1 starts to negotiate with NUT by sending IKE_SA_INIT request.
      38. Observe the messages transmitted on Link A.
      39. After a reception of IKE_SA_INIT response from the NUT, TN1 transmits IKE_AUTH
          request to the NUT.
      40. Observe the messages transmitted on Link A.
      41. After reception of IKE_AUTH response from the NUT, TN1 transmits
          CREATE_CHILD_SA request to the NUT to rekey CHILD_SAs.
      42. Observe the messages transmitted on Link A.


Observable Results

  Part A
    Step 2: Judgment #1
      The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
      "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as accepted
      algorithms.
  
    Step 4: Judgment #2
      The NUT transmits an IKE_AUTH response including "ENCR_3DES",
      "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as accepted algorithms.
  
    Step 6: Judgment #3
      The NUT transmits a CREATE_CHILD_SA response including properly formatted IKE
      Header containing following values:
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                       IKE_SA Initiator's SPI                  !
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                       IKE_SA Responder's SPI                  !
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !  Next Payload ! MjVer ! MnVer ! Exchange Type !     Flags     !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                          Message ID                           !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                            Length                             !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 73 Header format

* An IKE_SA Initiator's SPI field is set to same as the IKE_SA_INIT request's IKE_SA Initiator's SPI field value. * An IKE_SA Responder's SPI field is set to same as the IKE_SA_INIT response's IKE_SA Responder's SPI field value. * A Next Payload field is set to Encrypted Payload (46). * A Major Version field is set to 2. * A Minor Version field is set to zero. * An Exchange Type field is set to CREATE_CHILD_SA (36). * A Flags field is set to (00000100)2 = (4)10. * A Message ID field is set to the same value as corresponding IKEv2 request message's Message ID. * A Length field is set to the length of the message (header + payloads) in octets.
  
  
  Part B
    Step 8: Judgment #1
      The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
      "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as accepted
      algorithms.
  
    Step 10: Judgment #2
      The NUT transmits an IKE_AUTH response including "ENCR_3DES",
      "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as accepted algorithms.
  
    Step 12: Judgment #3
      The NUT transmits a CREATE_CHILD_SA response including properly formatted
      Encrypted Payload containing following values:
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Next Payload  !C!  RESERVED   !         Payload Length        !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                     Initialization Vector                     !
      !         (length is block size for encryption algorithm)       !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ~                    Encrypted IKE Payloads                     ~
      +               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !               !             Padding (0-255 octets)            !
      +-+-+-+-+-+-+-+-+                               +-+-+-+-+-+-+-+-+
      !                                               !  Pad Length   !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ~                    Integrity Checksum Data                    ~
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 74 Encrypted payload

* A Next Payload field is set to N Payload (41). * A Critical field is set to zero. * A RESERVED field is set to zero. * A Payload Length field is set to length in octets of the header, IV, Encrypted IKE Payloads, Padding, Pad Length, and Integrity Check sum Data. * An Initialization Vector field is set to a randomly chosen value whose length is equal to the block length of the underlying encryption algorithm. It is 64 bits length in ENCR_3DES case. * An Encrypted IKE Payloads field is set to subsequent payloads encrypted by ENCR_3DES. * A Padding field is set to any value which to be a multiple of the encryption block size. It is 64 bits length in ENCR_3DES case. * A Pad Length field is set to the length of the Padding field. * An Integrity Checksum Data set to the cryptographic checksum of the entire message. It is 96 bits length in AUTH_HMAC_SHA1_96 case. The checksum must be valid by calculation according to the manner described in RFC.
  
  
  Part C
    Step 14: Judgment #1
      The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
      "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as accepted
      algorithms.
  
    Step 16: Judgment #2
      The NUT transmits an IKE_AUTH response including "ENCR_3DES",
      "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as accepted algorithms.
  
    Step 18: Judgment #3
      The NUT transmits a CREATE_CHILD_SA response including properly formatted Notify
      Payload containing following values:
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Next Payload  !C!  RESERVED   !         Payload Length        !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !  Protocol ID  !   SPI Size    !      Notify Message Type      !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                Security Parameter Index (SPI)                 ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                       Notification Data                       ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 75 Notify Payload format

* A Next Payload field is set to SA Payload (33). * A Critical field is set to zero. * A RESERVED field is set to zero. * A Payload Length field is set to length of the current payload. It is 8 bytes for USE_TRANSPORT_MODE. * A Protocol ID field is set to undefined (0). * A SPI Size field is set to zero. * A Notify Message Type field is set to USE_TRANSPORT_MODE (16391)
  
  
  Part D
    Step 20: Judgment #1
      The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
      "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as accepted
      algorithms.
    Step 22: Judgment #2
      The NUT transmits an IKE_AUTH response including "ENCR_3DES",
      "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as accepted algorithms.
    Step 24: Judgment #3
                                   1                   2                   3
               0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
              +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--------------
              ! Next    44    !0!      0      ! Length          40            !             |
              +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+---          |
              !       0       !       0       ! Length          36            !  |          |
              +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
              ! Number    1   ! Prot ID   3   ! SPI Size  4   ! Trans Cnt  3  !  |          |
              +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
              ! SPI value                                                     !  |          |
          --- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
           |  !       3       !       0       ! Length           8            !  |          |
 Transform |  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |SA Payload
           |  ! Type  1  (EN) !       0       ! Transform ID     3     (3DES) !  | Proposal |
          --- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
           |  !       3       !       0       ! Length           8            !  |          |
 Transform |  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
           |  ! Type  3  (IN) !       0       ! Transform ID     2     (SHA1) !  |          |
          --- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
           |  !       0       !       0       ! Length           8            !  |          |
 Transform |  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
           |  ! Type  5  (ESN)!       0       ! Transform ID     0       (No) !  |          |
          --- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  |          |
Figure 76 SA Payload contents

The NUT transmits a CREATE_CHILD_SA response including properly formatted SA Payload containing following values (refer following figures):

1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! Next Payload !C! RESERVED ! Payload Length ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! ! ~ <Proposals> ~ ! ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 77 SA Payload format

* A Next Payload field is set to Nr Payload (40). * A Critical field is set to zero. * A RESERVED field is set to zero. * A Payload Length field is set to length of the current payload.
The following proposal must be included in Proposals field.
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! 0 (last) or 2 !   RESERVED    !         Proposal Length       !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Proposal #    !  Protocol ID  !    SPI Size   !# of Transforms!
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ~                        SPI (variable)                         ~
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                        <Transforms>                           ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 78 Proposal sub-structure format

Proposal #1 * A 0 or 2 field is set to zero if this structure is the last proposal, otherwise set to 2. * A RESREVD field is set to zero. * A Proposal Length field is set to length of this proposal, including all transforms and attributes. It is 36 bytes according to Common Configuration. * A Proposal # field is set to 1. * A Protocol ID field is set to ESP (3). * A SPI Size field is set to 4. * A # of Transforms field is set to 3. * A SPI field is set to the sending entity's SPI (4 octets value)
Transform field is set to following (There are 3 Transform Structures).
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! 0 (last) or 3 !   RESERVED    !        Transform Length       !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !Transform Type !   RESERVED    !          Transform ID         !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                      Transform Attributes                     ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 79 Transform sub-structure format

Transform #1 * A 0 or 3 field is set to zero if this structure is the last transform, otherwise set to 3. * A RESERVED field is set to zero. * A Transform Length set to length of the Transform Substructure including Header and Attribute. It is 8 bytes for ENCR_3DES. * A Transform Type field is set to ENCR (1). * A RESERVED field is set to zero. * A Transform ID set to ENCR_3DES (3). Transform #2 * A 0 or 3 field is set to zero if this structure is the last transform, otherwise set to 3. * A RESERVED field is set to zero. * A Transform Length set to length of the Transform Substructure including Header and Attribute. It is 8 bytes for AUTH_HMAC_SHA1. * A Transform Type field is set to INTEG (3). * A RESERVED field is set to zero. * A Transform ID set to AUTH_HMAC_SHA1 (2). Transform #3 * A 0 or 3 field is set to zero if this structure is the last transform, otherwise set to 3. * A RESERVED field is set to zero. * A Transform Length set to length of the Transform Substructure including Header and Attribute. It is 8 bytes for ESN. * A Transform Type field is set to ESN (5). * A RESERVED field is set to zero. * A Transform ID set to No Extended Sequence Numbers (0).
  
  
  Part E
    Step 26: Judgment #1
      The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
      "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as accepted
      algorithms.
    Step 28: Judgment #2
      The NUT transmits an IKE_AUTH response including "ENCR_3DES",
      "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as accepted algorithms.
    Step 30: Judgment #3
      The NUT transmits a CREATE_CHILD_SA response including properly formatted Nonce
      Payload containing following values:
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Next Payload  !C!  RESERVED   !         Payload Length        !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                            Nonce Data                         ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 80 Nonce Payload format

* A Next Payload field is set to TSi Payload (44). * A Critical field is set to zero. * A RESERVED field is set to zero. * A Payload Length field is set to length of the current payload. * A Nonce Data field is set to random data generated by the transmitting entity. * The size of the Nonce must between 16 and 256 octets.
  
  
  Part F
    Step 32: Judgment #1
      The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
      "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as accepted
      algorithms.
  
    Step 34: Judgment #2
      The NUT transmits an IKE_AUTH response including "ENCR_3DES",
      "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as accepted algorithms.
  
    Step 36: Judgment #3
      The NUT transmits a CREATE_CHILD_SA response including properly formatted TSi
      Payload containing following values:
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Next Payload  !C!  RESERVED   !         Payload Length        !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Number of TSs !                 RESERVED                      !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                       <Traffic Selectors>                     ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 81 TSi Payload format

* A Next Payload field is set to TSr Payload (45). * A Critical field is set to zero. * A RESERVED field is set to zero. * A Payload Length field is set to length of the current payload. * A Number of TSs field is set to 1. * A RESERVED field is set to zero.
The following traffic selector must be included in Traffic Selectors field.
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !   TS Type     !IP Protocol ID*|       Selector Length         |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |           Start Port*         |           End Port*           |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                         Starting Address*                     ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                         Ending Address*                       ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 82 Traffic Selector

* A TS Type set to TS_IPV6_ADDR_RANGE (8). * An IP Protocol ID field is set to zero. * A Selector Length field is set to length of this Traffic Selector Substructure including the header. * A Start Port field is set to zero. * An End Port field is set to 65535. * A Starting Address field is set to TN1 address. * A Ending Address field is set to TN1 address.
  
  
  Part G
    Step 38: Judgment #1
      The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
      "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as accepted
      lgorithms.
  
    Step 40: Judgment #2
      The NUT transmits an IKE_AUTH response including "ENCR_3DES",
      "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as accepted algorithms.
  
    Step 42: Judgment #3
      The NUT transmits a CREATE_CHILD_SA response including properly formatted TSr
      Payload containing following values:
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Next Payload  !C!  RESERVED   !         Payload Length        !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      ! Number of TSs !                 RESERVED                      !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                       <Traffic Selectors>                     ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 83 TSr Payload format

* A Next Payload field is set to zero. * A Critical field is set to zero. * A RESERVED field is set to zero. * A Payload Length field is set to length of the current payload. * A Number of TSs field is set to 1. * A RESERVED field is set to zero.
The following traffic selector must be included in Traffic Selectors field.
                           1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !   TS Type     !IP Protocol ID*|       Selector Length         |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |           Start Port*         |           End Port*           |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                         Starting Address*                     ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      !                                                               !
      ~                         Ending Address*                       ~
      !                                                               !
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 84 Traffic Selector

* A TS Type set to TS_IPV6_ADDR_RANGE (8). * An IP Protocol ID field is set to zero. * A Selector Length field is set to length of this Traffic Selector Substructure including the header. * A Start Port field is set to zero. * An End Port field is set to 65535. * A Starting Address field is set to NUT address. * A Starting Address field is set to NUT address.


Possible Problems

  * CREATE_CHILD_SA response has following packet format.It may have additional
    payloads described below. Additional payloads can be ignored by this test. The order of
    payload may be different from this sample.
      [N(IPCOMP_SUPPORTED)+],
      [N(USE_TRANSPORT_MODE)],
      [N(ESP_TFC_PADDING_NOT_SUPPORTED)],
      [N(NON_FIRST_FRAGMENTS_ALSO)],
      SA, Nr, [KEr], TSi, TSr,
      [N(ADDITIONAL_TS_POSSIBLE)]

  * Each of transforms can be located in the any order.