#!/usr/bin/perl
#
#Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006 Yokogawa Electric Corporation.
#All rights reserved.
#
#Redistribution and use of this software in source and binary
#forms, with or without modification, are permitted provided that
#the following conditions and disclaimer are agreed and accepted
#by the user:
#
#1. Redistributions of source code must retain the above copyright
#   notice, this list of conditions and the following disclaimer.
#
#2. Redistributions in binary form must reproduce the above copyright
#   notice, this list of conditions and the following disclaimer in
#   the documentation and/or other materials provided with
#   the distribution.
#
#3. Neither the names of the copyrighters, the name of the project
#   which is related to this software (hereinafter referred to as
#   "project") nor the names of the contributors may be used to
#   endorse or promote products derived from this software without
#   specific prior written permission.
#
#4. No merchantable use may be permitted without prior written
#   notification to the copyrighters.
#
#5. The copyrighters, the project and the contributors may prohibit
#   the use of this software at any time.
#
#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHTERS, THE PROJECT AND
#CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING
#BUT NOT LIMITED THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
#FOR A PARTICULAR PURPOSE, ARE DISCLAIMED.  IN NO EVENT SHALL THE
#COPYRIGHTERS, THE PROJECT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
#INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
#(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
#SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
#HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
#STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
#IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
#POSSIBILITY OF SUCH DAMAGE.
#
#$Id: C_RFC3315_21.4.4.5_RecvReplyInvalid.seq,v 1.4 2006/03/14 01:16:32 mnaoki Exp $
###############################################################################
BEGIN { $V6evalTool::TestVersion = '$Name: DHCPv6_1_0 $';
	push(@INC, '..');
}

use strict;
use V6evalTool;
use DHCPv6_common;
use Client_pktdesc;
dhcpExitNS  if ChkFuncSupport('AUTHENTICATION');

#--------------------------------------------------------------#
# Initialization variables
#--------------------------------------------------------------#
vLogHTML('<B>==== NUT Initialization ====</B><BR>');

# Configure authentication parametor
vLogHTML("<B>Authentication Information</B><BR>");
my $auth_realm = "DHCPv6.TEST.EXAMPLE.COM";
my $hex_auth_realm = Ascii2Hex($auth_realm);
my $auth_key_id = "1";
my $auth_sharedsecretkey = "TAHITEST_VALID12";
vLogHTML("&nbsp;&nbsp;REALM: $auth_realm<BR>");
vLogHTML("&nbsp;&nbsp;Key ID: $auth_key_id<BR>");
vLogHTML("&nbsp;&nbsp;Shared Secret Key: $auth_sharedsecretkey");
my $SHARED_SECRET_KEY_TYPE = ChkConfig('SHARED_SECRET_KEY_TYPE');
my $enc_auth_sharedsecretkey = SharedSecretKeyCheck($SHARED_SECRET_KEY_TYPE, $auth_sharedsecretkey);
vLogHTML("&nbsp;&nbsp;Device's Key Type: $SHARED_SECRET_KEY_TYPE, Encoded value: $enc_auth_sharedsecretkey<BR>");

my $IF0_NUT = $V6evalTool::NutDef{"Link0_device"};
my $IF0 = "Link0";

#-------------------------------------------------------------------
vLogHTML('<B>Receiving Reply Messages and validation test<BR>');
#-------------------------------------------------------------------

#--------------------------------------------------------------#
# Initialize DHCPv6 Client
#--------------------------------------------------------------#
my $ret = vRemote("dhcp6c.rmt", "start", "authentication=delayed", "auth_realm=$auth_realm", "auth_keyid=$auth_key_id", "auth_sharedsecretkey=$enc_auth_sharedsecretkey", "link0=$IF0_NUT");
if($ret != 0){
	vLogHTML('<FONT COLOR="#FF0000">Cannot Initialize DHCPv6 Client program.</FONT><BR>');
	dhcpExitFail;
};
vCapture($IF0);

my $cpp = undef;

#--------------------------------------------------------------#
#1.  Wait until Solicit arrives 
#--------------------------------------------------------------#
# This is requried when Authentication option is used, otherwise not required.
$AUTH_OPTION_REQUIRED = $TRUE;
my ($retsol,%sol) = wait_for_solicit($IF0,30) ;
if($retsol != 0){
	dhcpExitFail("<B>Can't receive correct DHCPv6 Solicit message</B>"); 
}
vClear($IF0);

# check options in Solicit Message
if (0 != options_exist(\%sol, ($CMP_CID|$CMP_AUTH))){
 	dhcpExitError("<B>Do not include necessary options!</B>");
}

if ($sol{'Recv_ReplayDetection'} ne '0000000000000000') {
 	dhcpExitError("<B>Must include 0 in Replay Detection field</B>");
}

#--------------------------------------------------------------#
# 2. send Advertise message 
#--------------------------------------------------------------#
# Increment replay detection field (64bit)
my $auth_counter = undef;
$auth_counter = '0000000000000001';
#$CID_OPTION = "opt_CID_LLT_nut";
$SID_OPTION = "opt_SID_LLT_server1";
$IA_NA_OPTION = "opt_IA_NA_Addr_woStatus";
$Authentication_OPTION = "opt_Auth";
$cpp = "-DAUTH_COUNTER=hexstr\\\(\\\"$auth_counter\\\",8\\\) "; 
$cpp .= "-DAUTH_REALM=hexstr\\\(\\\"$hex_auth_realm\\\"\\\) ";
$cpp .=	"-DAUTH_KEY_ID=$auth_key_id ";
$cpp .=	"-DAUTH_KEY_VALUE=\\\"$auth_sharedsecretkey\\\" ";
my ($retadv, %adv) = send_advertise($IF0, "advertise_server1_to_nut", \%sol, $cpp);
if($retadv != 0){
	dhcpExitFail;
}

#--------------------------------------------------------------#
#3.  Wait until Request arrives 
#--------------------------------------------------------------#

my ($retreq,%req) = wait_for_request($IF0,30);
if($retreq != 0){
	dhcpExitFail("<B>Can't receive correct DHCPv6 Request message</B>"); 
}
vClear($IF0);

# check options in Request Message
#if (0 != options_exist(\%req, ($CMP_IA_NA|$CMP_CID|$CMP_SID|$CMP_AUTH))){
if (0 != options_exist(\%req, ($CMP_CID|$CMP_SID|$CMP_AUTH))){
 	dhcpExitError("<B>Do not include necessary options!</B>");
}

if (0 != compare_options(\%adv, \%req, ( $CMP_SID|$CMP_CID))){
	dhcpExitError("<B>The server ID option in Request Msg is error!</B>");
}

#--------------------------------------------------------------#
#4. send Invalid Reply message
#--------------------------------------------------------------#
my $invalid_auth_key_id = "2";
$auth_counter = '0000000000000002';
$StatusCode_OPTION = "opt_StatusCode";
$Authentication_OPTION = "opt_Auth";
$cpp = "-DAUTH_COUNTER=hexstr\\\(\\\"$auth_counter\\\",8\\\) "; 
$cpp .= "-DAUTH_REALM=hexstr\\\(\\\"$hex_auth_realm\\\"\\\) ";
$cpp .=	"-DAUTH_KEY_ID=$invalid_auth_key_id ";
$cpp .=	"-DAUTH_KEY_VALUE=\\\"$auth_sharedsecretkey\\\" ";
my ($retrep, %rep) = send_reply($IF0, "reply_server1_to_nut", \%req, $cpp);
if($retrep !=0){
	dhcpExitFail;
}

#--------------------------------------------------------------#
#5.  Wait until Solicit arrives 
#--------------------------------------------------------------#
my ($retsol,%sol) = wait_for_solicit($IF0,30) ;
if($retsol != 0){
	dhcpExitFail("<B>Can't receive correct DHCPv6 Solicit message</B>"); 
}
vClear($IF0);

# check options in Solicit Message
if (0 != options_exist(\%sol, ($CMP_CID|$CMP_AUTH))){
	dhcpExitError("<B>Do not include necessary options!</B>");
}

if ($sol{'Recv_ReplayDetection'} ne '0000000000000000') {
	dhcpExitError("<B>Must include 0 in Replay Detection field</B>");
}

#-------------------------------------------------------------------
vLogHTML('<B><FONT COLOR=#006666></FONT>Receiving Reply Messages and validation test is correct</B><BR>');
#-------------------------------------------------------------------
dhcpExitPass;

###############################################################################
__END__

=head1 NAME 

  C_RFC3315_21.4.4.5_RecvReplyInvalid.seq - Receiving Reply Messages and validation test is failed

=head1 TARGET

  Client

=head1 SYNOPSIS

=begin html
<PRE>
  <A HREF="./C_RFC3315_21.4.4.5_RecvReplyInvalid.seq"> C_RFC3315_21.4.4.5_RecvReplyInvalid.seq</A> [-tooloption...]
  -pkt  <A HREF="./C_RFC3315_21.4.4.5_RecvReplyInvalid.def"> C_RFC3315_21.4.4.5_RecvReplyInvalid.def</A>
  -tooloption : v6eval tool option
<BR>
  See Also <A HREF="./DHCPv6.def"> DHCPv6.def </A> 
</PRE>

=end html

=head1 INITIALIZATION

=begin html
  <UL>
  <LI><STRONG>Network Topology</STRONG></LI> 
  <PRE>
         NUT(Client)
          |           
          |                        
Link0   --+--------+------------------------ 3ffe:501:ffff:100::/64
                   |
                   |          
                  TN(Server) 
  </PRE>
  </UL>
  <UL>
  <LI><STRONG>Verification Points</STRONG></LI>
  <PRE>
  If the client authenticated the Advertise it accepted, the client
  MUST validate the associated Reply message from the server.  The
  client MUST discard the Reply if the message fails to pass the
  validation test and MAY log the validation failure.  If the Reply
  fails to pass the validation test, the client MUST restart the DHCP
  configuration process by sending a Solicit message.
  </PRE>
  </UL>
  <UL>
  <LI><STRONG>Configurations</STRONG></LI><BR>
	<BR>
	Enable Delayed Authenticaion Protocol Service<BR>
	Authenticaion parameter
		<UL>
		<LI>DHCP realm: DHCPv6.TEST.EXAMPLE.COM
		<LI>Client DUID: ANY
		<LI>Key id: 1
		<LI>Shared secret key: TAHITEST_VALID12
		</UL>
	<BR>
  <TABLE BORDER="1">
    <TR>
    <TD><TT>Device Name</TT></TD>
    <TD><TT>Device Type</TT></TD>
    <TD><TT>Interface</TT></TD>
    <TD><TT>Address</TT></TD>
    <TD><TT>Link Local Addr</TT></TD>
    <TD><TT>MAC Addr</TT></TD>
    </TR>
    <TR>
    <TD><TT>Client</TT></TD>
    <TD><TT>NUT</TT></TD>
    <TD><TT>Link0</TT></TD>
    <TD><TT>&nbsp;</TT></TD>
    <TD><TT>NUT's Linklocal address</TT></TD>
    <TD><TT>NUT's MAC address</TT></TD>
    </TR>
    <TR>
    <TD><TT>Server</TT></TD>
    <TD><TT>TN</TT></TD>
    <TD><TT>Link0</TT></TD>
    <TD><TT>3ffe:501:ffff:100:200:ff:fe00:a1a1</TT></TD>
    <TD><TT>fe80::200:ff:fe00:a1a1</TT></TD>
    <TD><TT>00:00:00:00:a1:a1</TT></TD>
    </TR>
  </TABLE>
  </UL>

=end html

=head1 TEST PROCEDURE

=begin html
<PRE>
       NUT      TN
        |       |
        |       |Initialize NUT (as a DHCPv6 client)
        |       |
        | ----> |Solicit w/ Authentication Option
        | <---- |Advertise w/ Authentication Option
        | ----> |Request w/ Authentication Option
        | <---- |Reply w/ invalid Authentication Option (Key id =2) 
        |       |
        | ----> |<B>Solicit w/ Authentication Option</B> (5*)
        |       |
        |       |
</PRE>

=end html

=head1 JUDGEMENT

=begin html
<PRE>
  (5*)PASS: TN receives Solicit w/ Authentication Option from NUT.
</PRE>

=end html

=head1 TERMINATION

=begin html
<PRE>
  N/A
</PRE>

=end html

=head1 REFERENCE

=begin html
<PRE>
   see also RFC3315
   21.4.4 Client Considerations for Delayed Authentication protocol
   21.4.4.5. Receiving Reply Messages
   22.11 Authentication Option
</PRE>

=end html

=head1 SEE ALSO

=begin html
<PRE>
<BR>
  perldoc  V6evalTool
<BR>
</PRE>

=end html
`Device Name`	`Device Type`	`Interface`	`Address`	`Link Local Addr`	`MAC Addr`
`Client`	`NUT`	`Link0`		`NUT's Linklocal address`	`NUT's MAC address`
`Server`	`TN`	`Link0`	`3ffe:501:ffff:100:200:ff:fe00:a1a1`	`fe80::200:ff:fe00:a1a1`	`00:00:00:00:a1:a1`