IPv6 Conformance Test For IKE

Tool Version :REL_3_0_8
Test Program Version :V6PC_IKE_1_0_3
Start:2006/03/16 13:41:18
End :2006/03/16 17:52:48
No.Title ResultLogScriptPacketDump
(bin)

Initialize




1InitializationPASSXXXLink0

Initiator Test





1 Phase I





1.1 main mode





1.1.1 pre-shared key





1.1.1.1 Sending the first message





1.1.1.1.1 ISAKMP Header




2ISAKMP Header Format ***PASSXXXLink0

1.1.1.1.2 Security Association Payload




3SA Payload Format ***PASSXXXLink0

1.1.1.1.3 Proposal Payload




4Proposal Payload Format ***PASSXXXLink0

1.1.1.1.4 Transform Payload





1.1.1.1.4.1 Transform Payload Format check




5Transform Payload Format ***PASSXXXLink0
6Transform Payload Format(Multiple Transform Payload) ***Not yet supportedXXXLink0

1.1.1.1.4.2 Transform Payload SA Attributes check




7Attributes include MD5 ***Not yet supportedXXXLink0
8Attributes include SHA ***PASSXXXLink0
9Attributes include DES ***Not yet supportedXXXLink0
10Attributes include 3DES **PASSXXXLink0
11Attributes include AES **Not yet supportedXXXLink0
12Attributes include PSK ***PASSXXXLink0
13Attributes include RSA sign **Not yet supportedXXXLink0
14Attributes include DH1 ***Not yet supportedXXXLink0
15Attributes include DH2 **PASSXXXLink0
16Attributes include DH5Not yet supportedXXXLink0
17Attributes include DH14Not yet supportedXXXLink0

1.1.1.2 Sending the third message





1.1.1.2.1 Key Exchange Payload




18Key Exchange Payload Format + DH1 ***Not yet supportedXXXLink0
19Key Exchange Payload Format + DH2 **PASSXXXLink0
20Key Exchange Payload Format + DH5Not yet supportedXXXLink0
21Key Exchange Payload Format + DH14Not yet supportedXXXLink0

1.1.1.2.2 Nonce Payload




22Nonce Payload Format ***PASSXXXLink0

1.1.1.3 Sending the fifth message





1.1.1.3.1 Encryption of Payload




23Encryption of ISAKMP payload ***PASSXXXLink0

1.1.1.3.2 Identification Payload




24Identification Payload Format ***PASSXXXLink0

1.1.1.3.3 HASH Payload




25HASH Payload Format ***PASSXXXLink0

1.1.1.4 Implementation of Main Mode with pre-shared key




26Implementation of Main Mode with pre-shared key***PASSXXXLink0

1.1.2 RSA signature





1.1.2.1 Sending the fifth message





1.1.2.1.1 Signature Payload




27Signature Payload Format ***Not yet supportedXXXLink0

1.1.2.1.2 Certificate Payload




28Certificate Payload Format ***Not yet supportedXXXLink0

1.1.2.1.2 Certificate Request Payload




29Certificate Request Payload Format ***Not yet supportedXXXLink0

1.1.2.2 Implementation of Main Mode with RSA signatures




30Implementation of Main Mode with RSA signatures **Not yet supportedXXXLink0

1.2 Payload Processing





1.2.1 General Message Processing




31Processing invalid ISAKMP Payload Length *PASSXXXLink0

1.2.2 ISKAMP Header Processing




32Processing invalid Responder Cookie field *FAILXXXLink0
33Processing invalid Next Payload field *PASSXXXLink0
34Processing invalid Major Version field(major 15, minor 0) *FAILXXXLink0
35Processing invalid Minor Version field(major 1, minor 15) *FAILXXXLink0
36Processing invalid Exchange Type field *PASSXXXLink0
37Processing invalid Flags field *PASSXXXLink0
38Processing invalid Message ID field *PASSXXXLink0

1.2.3 Generic Payload Header Processing




39Processing invalid RESERVED field *FAILXXXLink0

1.2.4 Security Association Payload Processing




40Processing invalid Next Payload field *FAILXXXLink0
41Processing invalid DOI field *PASSXXXLink0
42Processing invalid Situation field *PASSXXXLink0
43Processing invalid proposal(Encryption Algorithm) *PASSXXXLink0
44Processing invalid proposal(Hash Algorithm) *PASSXXXLink0
45Processing invalid proposal(Authentication method) *PASSXXXLink0
46Processing invalid proposal(Diffie-Hellman Group) *PASSXXXLink0
47Processing invalid proposal(Life Type) *PASSXXXLink0

1.2.5 Proposal Payload Processing




48Processing invalid Protocol-ID field *PASSXXXLink0
49Processing invalid SPI field *FAILXXXLink0
50Processing invalid proposal *FAILXXXLink0

1.2.6 Transform Payload Processing




51Processing invalid Transform-ID field *PASSXXXLink0
52Processing invalid Transform Payload *PASSXXXLink0
53Multiple Transform Payloads check(modify proposal) *PASSXXXLink0

1.2.7 Key Exchange Payload Processing




54Processing invalid Key Exchange Data field *FAILXXXLink0

1.2.8 Identification Payload Processing




55Processing invalid ID type field *PASSXXXLink0
56Not include Identification Payload *PASSXXXLink0
57Invalid Identification Payload recieve *PASSXXXLink0

1.2.9 Hash Payload Processing




58Processing invalid Hash Payload *PASSXXXLink0
59Processing invalid Hash Data field *PASSXXXLink0

1.2.10 Signature Payload Processing




60Processing invalid Signature Payload *Not yet supportedXXXLink0
61Processing invalid Signature Data field *Not yet supportedXXXLink0

1.2.11 Certificate Request Payload Processing




62Processing invalid Certificate Encoding field *Not yet supportedXXXLink0
63Processing invalid Certificate Authority field *Not yet supportedXXXLink0
64Processing invalid Certificate Type with Certificate Authority *Not yet supportedXXXLink0

1.2.12 Certificate Payload Processing




65Processing invalid Certificate Encoding field *Not yet supportedXXXLink0
66Processing invalid Certificate Data field *Not yet supportedXXXLink0

2 Phase II





2.1 quick mode





2.1.1 Sending the first message





2.1.1.1 Encryption of payload




67Encryption of ISAKMP payload ***PASSXXXLink0

2.1.1.2 Position of payload




68Position of payload ***PASSXXXLink0

2.1.1.3 ISAKMP Header




69ISAKMP Header Format ***PASSXXXLink0

2.1.1.4 HASH(1) Payload




70HASH Payload Format ***PASSXXXLink0

2.1.1.5 Security Association Payload




71SA Payload Format ***PASSXXXLink0

2.1.1.6 Proposal Payload




72Proposal Payload Format ***PASSXXXLink0

2.1.1.7 Transform Payload





2.1.1.7.1 Transform Payload Format check




73Transform Payload Format ***PASSXXXLink0
74Transform Payload Format(Multiple Transform) ***Not yet supportedXXXLink0

2.1.1.7.2 Transform Payload SA Attributes check




75ESP_DES,HMAC-MD5 ***Not yet supportedXXXLink0
76ESP_3DES,HMAC-MD5 **Not yet supportedXXXLink0
77ESP_3DES,HMAC-SHAPASSXXXLink0
78ESP_3DES,AES-XCBC-MACNot yet supportedXXXLink0
79ESP_AES,HMAC-SHANot yet supportedXXXLink0
80ESP_NULL,HMAC-MD5 ***Not yet supportedXXXLink0
81ESP_NULL,HMAC-SHA ***Not yet supportedXXXLink0
82ESP_NULL,AES-XCBC-MACNot yet supportedXXXLink0
83ESP without Authentication Algorithm(ESP_DES) ***Not yet supportedXXXLink0
84ESP without Authentication Algorithm(ESP_3DES) ***Not yet supportedXXXLink0
85ESP without Authentication Algorithm(ESP_AES)Not yet supportedXXXLink0

2.1.1.8 Transform Payload w/ PFS





2.1.1.8.1 PFS with DH




86enable PFS with DH1 ***Not yet supportedXXXLink0
87enable PFS with DH2 **Not yet supportedXXXLink0
88enable PFS with DH5Not yet supportedXXXLink0
89enable PFS with DH14Not yet supportedXXXLink0

2.1.1.8.2 consistent of multiple proposal




90consistent of proposal(Diffie-Hellman Group(Transform Payload)) ***Not yet supportedXXXLink0

2.1.1.9 Key Exchange Payload w/ PFS




91Key Exchange Payload Format +DH1 ***Not yet supportedXXXLink0
92Key Exchange Payload Format +DH2 **Not yet supportedXXXLink0
93Key Exchange Payload Format +DH5Not yet supportedXXXLink0
94Key Exchange Payload Format +DH14Not yet supportedXXXLink0

2.1.1.10 Nonce Payload




95Nonce Payload Format ***PASSXXXLink0

2.1.1.11 Key Exchange Payload w/o PFS




96Key Exchange Payload w/o PFSPASSXXXLink0

2.1.1.12 Identification Payload




97Identification Payload Format(Transport mode) ***PASSXXXLink0
98Identification Payload Format(Tunnel mode vs SGW) ***Not yet supportedXXXLink0
99Identification Payload Format(Tunnel mode vs HOST) ***Not yet supportedXXXLink0

2.1.2 Sending the third message





2.1.2.1 HASH(3) Payload




100HASH Payload Format ***PASSXXXLink0

2.1.3 Receiving the fourth message(Informational Exchange)




101set Commit Bit(CONNECTED Notify Message) ***Not yet supportedXXXLink0

2.1.4 Implementation of Quick Mode




102ESP_3DES(Transport mode)Not yet supportedXXXLink0
103ESP_3DES and HMAC-SHA(Transport mode) ***PASSXXXLink0
104ESP_3DES and HMAC-SHA with PFS ***Not yet supportedXXXLink0
105ESP_3DES(Tunnel mode vs SGW)Not yet supportedXXXLink0
106ESP_3DES and HMAC-SHA(Tunnel mode vs SGW) ***Not yet supportedXXXLink0
107ESP_3DES(Tunnel mode vs HOST)Not yet supportedXXXLink0
108ESP_3DES and HMAC-SHA(Tunnel mode vs HOST) ***Not yet supportedXXXLink0

2.1.5 Modification of IPsec SA




109Re-keying of IPsec SAPASSXXXLink0
110Using new SA for outbound traffic **FAILXXXLink0
111Accept both old and new SA for incoming traffic **FAILXXXLink0

2.1.6 Anti-replay




112Increasing Sequence NumberPASSXXXLink0
113Sequence Number VerificationNot yet supportedXXXLink0

2.2 Payload Processing





2.2.1 General Message Processing




114Processing invalid ISAKMP Payload Length *PASSXXXLink0

2.2.2 ISKAMP Header Processing




115Processing invalid Responder Cookie field *PASSXXXLink0
116Processing invalid Next Payload field *PASSXXXLink0
117Processing invalid Major Version field(major 15, minor 0)*FAILXXXLink0
118Processing invalid Minor Version field(major 1, minor 15) *FAILXXXLink0
119Processing invalid Exchange Type field *PASSXXXLink0
120Processing invalid Flags field *PASSXXXLink0
121Processing invalid Message ID field *PASSXXXLink0

2.2.3 Generic Payload Header Processing




122Processing invalid Next Payload field *PASSXXXLink0
123Processing invalid RESERVED field *FAILXXXLink0

2.2.4 Hash Payload Processing




124Processing invalid Hash Payload *PASSXXXLink0
125Processing invalid Hash Data field *PASSXXXLink0

2.2.5 Security Association Payload Processing




126Processing invalid Next Payload field *PASSXXXLink0
127Processing invalid DOI field *PASSXXXLink0
128Processing invalid Situation field *PASSXXXLink0
129Processing invalid proposal(ESP Authentication) *PASSXXXLink0
130Processing invalid proposal(Diffie-Hellman Group) *PASSXXXLink0
131Processing invalid proposal(Life Type) *PASSXXXLink0
132Processing invalid proposal(Encapsulation Mode) *PASSXXXLink0

2.2.6 Proposal Payload Processing




133Processing invalid Protocol-ID field *PASSXXXLink0
134Processing invalid SPI field *FAILXXXLink0
135Processing invalid proposal *FAILXXXLink0

2.2.7 Transform Payload Processing




136Processing invalid Transform-ID field *PASSXXXLink0
137Processing invalid Transform Payload *PASSXXXLink0
138Multiple Transform Payloads check(modify proposal) *PASSXXXLink0

2.2.8 Key Exchange Payload Processing




139Processing invalid Key Exchange Data field *FAILXXXLink0

2.2.9 Identification Payload Processing




140Processing invalid ID type field *FAILXXXLink0
141Invalid Identification Payload *PASSXXXLink0

Responder Test





1 Phase I





1.1 main mode





1.1.1 pre-shared key





1.1.1.1 Sending the second message





1.1.1.1.1 ISAKMP Header




142ISAKMP Header Format ***PASSXXXLink0

1.1.1.1.2 Security Association Payload




143SA Payload Format ***PASSXXXLink0

1.1.1.1.3 Proposal Payload




144Proposal Payload Format ***PASSXXXLink0

1.1.1.1.4 Transform Payload





1.1.1.1.4.1 Transform Payload Format check




145Transform Payload Format ***PASSXXXLink0

1.1.1.1.4.2 Transform Payload SA Attributes check




146DES,MD5,PSK,DH1 ***Not yet supportedXXXLink0
147DES,SHA,PSK,DH2 **Not yet supportedXXXLink0
148AES,SHA,PSK,DH2Not yet supportedXXXLink0
1493DES,MD5,PSK,DH2 **Not yet supportedXXXLink0
1503DES,SHA,PSK,DH2PASSXXXLink0
1513DES,SHA,RSA sign,DH2 **Not yet supportedXXXLink0
1523DES,SHA,PSK,DH1 **Not yet supportedXXXLink0
1533DES,SHA,PSK,DH5Not yet supportedXXXLink0
1543DES,SHA,PSK,DH14Not yet supportedXXXLink0

1.1.1.1.4.3 Select proposal




155Multiple Transform Payloads(Select proposal) ***PASSXXXLink0

1.1.1.2 Sending the forth message





1.1.1.2.1 Key Exchange Payload




156Key Exchange Payload Format + DH1 ***Not yet supportedXXXLink0
157Key Exchange Payload Format + DH2 **PASSXXXLink0
158Key Exchange Payload Format + DH5Not yet supportedXXXLink0
159Key Exchange Payload Format + DH14Not yet supportedXXXLink0

1.1.1.2.2 Nonce Payload




160Nonce Payload Format ***PASSXXXLink0

1.1.1.3 Sending the sixth message





1.1.1.3.1 Encryption of Payload




161Encryption of ISAKMP payload ***PASSXXXLink0

1.1.1.3.2 Identification Payload




162Identification Payload Format ***PASSXXXLink0

1.1.1.3.3 HASH Payload




163HASH Payload Format ***PASSXXXLink0

1.1.1.4 Implementation of Main Mode with pre-shared key




164Implementation of Main Mode with pre-shared key ***PASSXXXLink0

1.1.1.5 Modification of ISAKMP SA




165cookie field **PASSXXXLink0

1.1.2 RSA signature





1.1.2.1 Sending the fourth message





1.1.2.1.1 Certificate Request Payload




166Certificate Request Payload Format ***Not yet supportedXXXLink0

1.1.2.2 Sending the sixth message





1.1.2.2.1 Signature Payload




167Signature Payload Format ***Not yet supportedXXXLink0

1.1.2.2.2 Certificate Payload




168Certificate Payload Format ***Not yet supportedXXXLink0

1.1.2.3 Implementation of Main Mode with RSA signatures




169Implementation of Main Mode with RSA signatures **Not yet supportedXXXLink0

1.2 Payload Processing





1.2.1 General Message Processing




170Processing invalid ISAKMP Payload Length *PASSXXXLink0

1.2.2 ISKAMP Header Processing




171Processing invalid Initiator Cookie field *PASSXXXLink0
172Processing invalid Next Payload field *PASSXXXLink0
173Processing invalid Major Version field(major 15, minor 0) *PASSXXXLink0
174Processing invalid Minor Version field(major 1, minor 15) *PASSXXXLink0
175Processing invalid Exchange Type field *PASSXXXLink0
176Processing invalid Flags field field *PASSXXXLink0
177Processing invalid Message ID field *PASSXXXLink0

1.2.3 Generic Payload Header Processing




178Processing invalid RESERVED field *FAILXXXLink0

1.2.4 Security Association Payload Processing




179Processing invalid Next Payload field *FAILXXXLink0
180Processing invalid DOI field *PASSXXXLink0
181Processing invalid Situation field *PASSXXXLink0
182Processing invalid proposal(Encryption Algorithm) *PASSXXXLink0
183Processing invalid proposal(Hash Algorithm) *PASSXXXLink0
184Processing invalid proposal(Authentication method) *PASSXXXLink0
185Processing invalid proposal(Diffie-Hellman Group) *PASSXXXLink0
186Processing invalid proposal(Life Type) *PASSXXXLink0
187IPSEC Situation Definition(SIT_SECRECY) *PASSXXXLink0
188IPSEC Situation Definition(SIT_INTEGRITY) *PASSXXXLink0

1.2.5 Proposal Payload Processing




189Processing invalid Protocol-ID field *PASSXXXLink0
190Processing invalid SPI field *PASSXXXLink0
191Processing invalid proposal *FAILXXXLink0

1.2.6 Transform Payload Processing




192Processing invalid Transform-ID field *PASSXXXLink0
193Processing invalid Transform Payload *PASSXXXLink0
194Multiple Transform Payloads check(reject proposal) *PASSXXXLink0

1.2.7 Key Exchange Payload Processing




195Processing invalid Key Exchange Data field *FAILXXXLink0

1.2.8 Identification Payload Processing




196Processing invalid ID type field *PASSXXXLink0
197Not include Identification Payload *PASSXXXLink0
198invalid Identification Payload recieve *PASSXXXLink0

1.2.9 Hash Payload Processing




199Processing invalid Hash Payload *PASSXXXLink0
200Processing invalid Hash Data field *PASSXXXLink0

1.2.10 Signature Payload Processing




201Processing invalid Signature Payload *Not yet supportedXXXLink0
202Processing invalid Signature Data field *Not yet supportedXXXLink0

1.2.11 Certificate Request Payload Processing




203Processing invalid Certificate Encoding field *Not yet supportedXXXLink0
204Processing invalid Certificate Authority field *Not yet supportedXXXLink0
205Processing invalid Certificate Type with Certificate Authority *Not yet supportedXXXLink0

1.2.12 Certificate Payload Processing




206Processing invalid Certificate Encoding field *Not yet supportedXXXLink0
207Processing invalid Certificate Data field *Not yet supportedXXXLink0

2 Phase II





2.1 quick mode





2.1.1 Sendign the second message





2.1.1.1 Encryption of payload




208Encryption of ISAKMP payload ***PASSXXXLink0

2.1.1.2 Position of payload




209Position of payload ***PASSXXXLink0

2.1.1.3 ISAKMP Header




210ISAKMP Header Format ***PASSXXXLink0

2.1.1.4 HASH(2) Payload




211HASH Payload Format ***PASSXXXLink0

2.1.1.5 Security Association Payload




212SA Payload Format ***PASSXXXLink0

2.1.1.6 Proposal Payload




213Proposal Payload Format ***PASSXXXLink0

2.1.1.7 Transform Payload





2.1.1.7.1 Transform Payload Format check




214Transform Payload Format ***PASSXXXLink0

2.1.1.7.2 Transform Payload SA Attributes check




215ESP_DES,HMAC-MD5 ***Not yet supportedXXXLink0
216ESP_3DES,HMAC-MD5 **Not yet supportedXXXLink0
217ESP_3DES,HMAC-SHAPASSXXXLink0
218ESP_3DES,AES-XCBC-MACNot yet supportedXXXLink0
219ESP_AES,HMAC-SHANot yet supportedXXXLink0
220ESP_NULL,HMAC-MD5 ***Not yet supportedXXXLink0
221ESP_NULL,HMAC-SHA ***Not yet supportedXXXLink0
222ESP_NULL,AES-XCBC-MACNot yet supportedXXXLink0
223ESP without Authentication Algorithm(ESP_DES) ***Not yet supportedXXXLink0
224ESP without Authentication Algorithm(ESP_3DES) ***Not yet supportedXXXLink0
225ESP without Authentication Algorithm(ESP_AES)Not yet supportedXXXLink0

2.1.1.7.3 Select proposal




226Multiple Proposal and Transform Payloads (select proposal) ***PASSXXXLink0

2.1.1.8 Transform Payload w/ PFS




227enable PFS with DH1 ***Not yet supportedXXXLink0
228enable PFS with DH2 **Not yet supportedXXXLink0
229enable PFS with DH5Not yet supportedXXXLink0
230enable PFS with DH14Not yet supportedXXXLink0

2.1.1.9 Key Exchange Payload w/ PFS




231Key Exchange Payload Format + DH1 ***Not yet supportedXXXLink0
232Key Exchange Payload Format +DH2 **Not yet supportedXXXLink0
233Key Exchange Payload Format +DH5Not yet supportedXXXLink0
234Key Exchange Payload Format +DH14Not yet supportedXXXLink0

2.1.1.10 Nonce Payload




235Nonce Payload Format ***PASSXXXLink0

2.1.1.11 Key Exchange Payload w/o PFS




236Key Exchange Payload w/o PFSPASSXXXLink0

2.1.1.12 Identification Payload




237Identification Payload Format(Transport mode) ***PASSXXXLink0
238Identification Payload Format(Tunnel mode vs SGW) ***Not yet supportedXXXLink0
239Identification Payload Format(Tunnel mode vs HOST) ***Not yet supportedXXXLink0

2.1.2 Receiving the fourth message(Informational Exchange)




240set Commit Bit(CONNECTED Notify Message) ***Not yet supportedXXXLink0

2.1.3 Implementation of Quick Mode




241ESP_3DES(Transport mode)Not yet supportedXXXLink0
242ESP_3DES and HMAC-SHA(Transport mode) ***PASSXXXLink0
243ESP_3DES and HMAC-SHA with PFS ***Not yet supportedXXXLink0
244ESP_3DES(Tunnel mode vs SGW)Not yet supportedXXXLink0
245ESP_3DES and HMAC-SHA(Tunnel mode vs SGW) ***Not yet supportedXXXLink0
246ESP_3DES(Tunnel mode vs HOST)Not yet supportedXXXLink0
247ESP_3DES and HMAC-SHA(Tunnel mode vs HOST) ***Not yet supportedXXXLink0

2.1.4 Modification of IPsec SA




248Using new SA for outbound traffic **FAILXXXLink0
249Accept both old and new SA for incoming traffic **FAILXXXLink0

2.1.5 Anti-replay




250Increasing Sequence NumberPASSXXXLink0
251Sequence Number VerificationNot yet supportedXXXLink0

2.2 Payload Processing





2.2.1 General Message Processing




252Processing invalid ISAKMP Payload Length *PASSXXXLink0

2.2.2 ISKAMP Header Processing




253Processing invalid Initiator Cookie field *PASSXXXLink0
254Processing invalid Next Payload field *PASSXXXLink0
255Processing invalid Major Version field(major 15, minor 0) *FAILXXXLink0
256Processing invalid Minor Version field(major 1, minor 15) *FAILXXXLink0
257Processing invalid Exchange Type field *PASSXXXLink0
258Processing invalid Flags field *PASSXXXLink0
259Processing invalid Message ID field *PASSXXXLink0

2.2.3 Generic Payload Header Processing




260Processing invalid Next Payload field *PASSXXXLink0
261Processing invalid RESERVED field *FAILXXXLink0

2.2.4 Hash Payload Processing




262Processing invalid Hash Payload *PASSXXXLink0
263Processing invalid Hash Data field *PASSXXXLink0

2.2.5 Security Association Payload Processing




264Processing invalid Next Payload field *PASSXXXLink0
265Processing invalid DOI field *PASSXXXLink0
266Processing invalid Situation field *PASSXXXLink0
267Processing invalid proposal(ESP Authentication) *PASSXXXLink0
268Processing invalid proposal(Di