Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[action] [PR:9812] Macsec type7 support for CAK keys #10775

Merged
merged 1 commit into from
Nov 18, 2023
Merged

[action] [PR:9812] Macsec type7 support for CAK keys #10775

merged 1 commit into from
Nov 18, 2023

Conversation

mssonicbld
Copy link
Collaborator

Approach

What is the motivation for this PR?

Following this PR : sonic-net/sonic-swss#2892.
MSFT ADO : 25046448

How did you do it?

Updated the profile.json files and macsec config helper eos macsec key configuration to start using type 7 keys

How did you verify/test it?

Ran the sonic-mgmt testsuite using azure pipeline : https://dev.azure.com/mssonic/internal/_build/results?buildId=355362&view=results


256 cipher suite
---------------------

2023-09-05T21:28:49.8247891Z macsec/test_controlplane.py::TestControlPlane::test_wpa_supplicant_processes[256_XPN_SCI] PASSED [ 25%]
2023-09-05T21:29:40.7325077Z macsec/test_controlplane.py::TestControlPlane::test_appl_db[256_XPN_SCI] PASSED [ 50%]
2023-09-05T21:30:42.5996584Z macsec/test_controlplane.py::TestControlPlane::test_mka_session[256_XPN_SCI] PASSED [ 75%]
2023-09-05T21:40:10.1442889Z macsec/test_dataplane.py::TestDataPlane::test_server_to_neighbor[256_XPN_SCI] SKIPPED [ 25%]
2023-09-05T21:46:07.3679940Z macsec/test_dataplane.py::TestDataPlane::test_neighbor_to_neighbor[256_XPN_SCI] PASSED [ 75%]
2023-09-05T21:46:40.9046519Z macsec/test_dataplane.py::TestDataPlane::test_counters[256_XPN_SCI] SKIPPED [100%]
2023-09-05T21:56:02.9546015Z macsec/test_deployment.py::TestDeployment::test_config_reload[256_XPN_SCI] PASSED [100%]
2023-09-05T22:02:37.7583207Z macsec/test_fault_handling.py::TestFaultHandling::test_link_flap[256_XPN_SCI] PASSED [ 50%]
2023-09-05T22:05:49.2488586Z macsec/test_fault_handling.py::TestFaultHandling::test_mismatch_macsec_configuration[256_XPN_SCI] PASSED [100%]
2023-09-05T22:10:11.2433992Z macsec/test_interop_protocol.py::TestInteropProtocol::test_port_channel[256_XPN_SCI] PASSED [ 25%]
2023-09-05T22:12:23.9622315Z macsec/test_interop_protocol.py::TestInteropProtocol::test_lldp[256_XPN_SCI] PASSED [ 50%]
2023-09-05T22:12:23.9652391Z macsec/test_interop_protocol.py::TestInteropProtocol::test_bgp[256_XPN_SCI] SKIPPED [ 75%]

macsec/test_controlplane.py::TestControlPlane::test_rekey_by_period[256_XPN_SCI] and
macsec/test_dataplane.py::TestDataPlane::test_dut_to_neighbor[256_XPN_SCI] PASSED when ran separately.


128 cipher suite
---------------------


2023-09-06T14:46:57.3394106Z macsec/test_controlplane.py::TestControlPlane::test_wpa_supplicant_processes[128_SCI] PASSED [ 25%]
2023-09-06T14:47:47.4097240Z macsec/test_controlplane.py::TestControlPlane::test_appl_db[128_SCI] PASSED [ 50%]
2023-09-06T14:48:47.9331774Z macsec/test_controlplane.py::TestControlPlane::test_mka_session[128_SCI] PASSED [ 75%]
2023-09-06T14:49:20.4008634Z macsec/test_controlplane.py::TestControlPlane::test_rekey_by_period[128_SCI] SKIPPED [100%]
2023-09-06T14:49:23.8751921Z macsec/test_dataplane.py::TestDataPlane::test_server_to_neighbor[128_SCI] SKIPPED [ 25%]
2023-09-06T14:54:18.9892866Z macsec/test_dataplane.py::TestDataPlane::test_dut_to_neighbor[128_SCI] PASSED [ 50%]
2023-09-06T14:55:16.6903328Z macsec/test_dataplane.py::TestDataPlane::test_neighbor_to_neighbor[128_SCI] PASSED [ 75%]
2023-09-06T14:56:26.1174068Z macsec/test_dataplane.py::TestDataPlane::test_counters[128_SCI] PASSED [100%]
2023-09-06T15:05:52.8857911Z macsec/test_deployment.py::TestDeployment::test_config_reload[128_SCI] PASSED [100%]
2023-09-06T15:12:34.1145445Z macsec/test_fault_handling.py::TestFaultHandling::test_link_flap[128_SCI] PASSED [ 50%]
2023-09-06T15:15:47.0048553Z macsec/test_fault_handling.py::TestFaultHandling::test_mismatch_macsec_configuration[128_SCI] PASSED [100%]
2023-09-06T15:20:08.2761009Z macsec/test_interop_protocol.py::TestInteropProtocol::test_port_channel[128_SCI] PASSED [ 25%]
2023-09-06T15:22:21.9127964Z macsec/test_interop_protocol.py::TestInteropProtocol::test_lldp[128_SCI] PASSED [ 50%]
2023-09-06T15:22:21.9154379Z macsec/test_interop_protocol.py::TestInteropProtocol::test_bgp[128_SCI] SKIPPED [ 75%]
2023-09-06T15:23:00.6891816Z macsec/test_interop_protocol.py::TestInteropProtocol::test_snmp[128_SCI] SKIPPED [100%]

Any platform specific information?

Supported testbed topology if it's a new test case?

Documentation

@judyjoseph @mssonicbld
Macsec type7 support for CAK keys (sonic-net#9812)
a4f3fd8 
* Macsec profiles to accept type 7 encoded keys
* Add type 7 even to eos configs as macsec profilejson now has type 7 keys
@mssonicbld mssonicbld mentioned this pull request Nov 18, 2023
Merged
@mssonicbld
Copy link
Collaborator Author

Original PR: #9812

@mssonicbld mssonicbld merged commit 62906af into sonic-net:202305 Nov 18, 2023
@mssonicbld mssonicbld deleted the cherry/202305/9812 branch February 4, 2024 09:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
automerge
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mssonicbld @judyjoseph