* The authenticator field is now a XStrFixedLenField (this improves its readability when displayed using show() or show2()).

* RADIUS module update.

* The description of the compute_message_authenticator() method (RadiusAttr_Message_Authenticator class) has been edited.

* The "Response Authenticator computation" test requires the Cryptography library.

* Fix attribute names in compute_message_authenticator().

* Applied guedou's comments.

Specify field length in the Message-Authenticator attribute.

Signed-off-by: Neale Ranns <nranns@cisco.com>

to reduce the randomness of coverage

* Code cleaning, unit tests
* Fix manuf DB path
* Specify seed in volatile objects using RandomEnumeration
* pypy fixes

Currently, only internal encryption and decryption were tested but the
implementation might not be the on it is supposed to be.

Add reference packets generated using Ubuntu-16.04, iproute2 and ping:
 # ip -V
 ip utility, iproute2-ss151103
 # uname -a
 Linux router-vm 4.4.0-62-generic #83-Ubuntu SMP Wed Jan 18 14:10:15 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
 # ping -V
 ping utility, iputils-s20160308

Signed-off-by: Thomas Faivre <thomas.faivre@6wind.com>

In TLS, the AES-CCM test is commented out because CCM is not supported
by cryptography. But the combined_modes_ccm keyword is made to skip
these tests.

In IPsec, some IPv4 tests are located in the IPv6 section. Also add the
same combination of test for the AES-CCM as the other modes.

Also, there is some errors in the key material as the *MUST*
implementation uses a 16 bytes key and a 3 bytes nonce. Fix those
lengths.

Signed-off-by: Thomas Faivre <thomas.faivre@6wind.com>

The default values of the "value_size" field is None. This can trigger
an issue
when computing the "len" field.

Test: str(EAP_MD5())

In order to fix this issue, the default value of the "value_size" field
has been set to 0.

Tests have been added in "regression.uts".

Added regression tests for EAP_TLS and EAP_FAST.

Use XStrLenField in EAP_MD5, EAP_TLS and EAP_FAST packets instead of StrLenField.

Delete blank lines before the class description (EAPOL, EAP, EAP_MD5, EAP_TLS and EAP_FAST packet classes).

"registered_options" dictionary was renamed "registered_methods"
(EAP-MD5, EAP-TLS etc are not options, but authentication methods).

EAP getlayer() and haslayer() methods have been overloaded in order to
allow access to a given "EAP layer" (such as EAP_TLS, for instance) by
providing the parent class name ("EAP"). For example, this is now
possible:

>>> eap_tls = EAP_TLS()
>>> EAP_TLS in eap_tls
True
>>> EAP in eap_tls
True
>>> eap_tls[EAP_TLS]
<EAP_TLS  |>
>>> eap_tls[EAP]
<EAP_TLS  |>

Regression tests have been added.

The ICV size is defined by the authentication algorithm in the SA.
it can be deduced from the payloadlen field but the padding len is
unknown aswell so there is no way to find both without the SA.

Assume everything in payloadlen is the ICV until the verification called
from the SA. Fill padding when possible.

Signed-off-by: Thomas Faivre <thomas.faivre@6wind.com>