forked from ligato/vpp-agent
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathkeys.go
137 lines (120 loc) · 4.21 KB
/
keys.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
// Copyright (c) 2018 Cisco and/or its affiliates.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at:
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package vpp_ipsec
import (
"strconv"
"strings"
"github.com/ligato/vpp-agent/pkg/models"
)
// ModuleName is the module name used for models.
const ModuleName = "vpp.ipsec"
var (
ModelSecurityPolicyDatabase = models.Register(&SecurityPolicyDatabase{}, models.Spec{
Module: ModuleName,
Version: "v2",
Type: "spd",
}, models.WithNameTemplate("{{.Index}}"))
ModelSecurityAssociation = models.Register(&SecurityAssociation{}, models.Spec{
Module: ModuleName,
Version: "v2",
Type: "sa",
}, models.WithNameTemplate("{{.Index}}"))
)
// SPDKey returns the key used in NB DB to store the configuration of the
// given security policy database configuration.
func SPDKey(index string) string {
return models.Key(&SecurityPolicyDatabase{
Index: index,
})
}
// SAKey returns the key used in NB DB to store the configuration of the
// given security association configuration.
func SAKey(index string) string {
return models.Key(&SecurityAssociation{
Index: index,
})
}
/* SPD <-> interface binding (derived) */
const (
// spdInterfaceKeyTemplate is a template for (derived) key representing binding
// between interface and a security policy database.
spdInterfaceKeyTemplate = "vpp/spd/{spd}/interface/{iface}"
)
/* SPD <-> policy binding (derived) */
const (
// spdPolicyKeyTemplate is a template for (derived) key representing binding
// between policy (security association) and a security policy database.
spdPolicyKeyTemplate = "vpp/spd/{spd}/sa/{sa}"
)
const (
// InvalidKeyPart is used in key for parts which are invalid
InvalidKeyPart = "<invalid>"
)
/* SPD <-> interface binding (derived) */
// SPDInterfaceKey returns the key used to represent binding between the given interface
// and the security policy database.
func SPDInterfaceKey(spdIndex string, ifName string) string {
if spdIndex == "" {
spdIndex = InvalidKeyPart
}
if _, err := strconv.Atoi(spdIndex); err != nil {
spdIndex = InvalidKeyPart
}
if ifName == "" {
ifName = InvalidKeyPart
}
key := strings.Replace(spdInterfaceKeyTemplate, "{spd}", spdIndex, 1)
key = strings.Replace(key, "{iface}", ifName, 1)
return key
}
// ParseSPDInterfaceKey parses key representing binding between interface and a security
// policy database
func ParseSPDInterfaceKey(key string) (spdIndex string, iface string, isSPDIfaceKey bool) {
keyComps := strings.Split(key, "/")
if len(keyComps) >= 5 && keyComps[0] == "vpp" && keyComps[1] == "spd" && keyComps[3] == "interface" {
iface = strings.Join(keyComps[4:], "/")
return keyComps[2], iface, true
}
return "", "", false
}
/* SPD <-> policy binding (derived) */
// SPDPolicyKey returns the key used to represent binding between the given policy
// (security association) and the security policy database.
func SPDPolicyKey(spdIndex string, saIndex string) string {
if spdIndex == "" {
spdIndex = InvalidKeyPart
}
if _, err := strconv.Atoi(spdIndex); err != nil {
spdIndex = InvalidKeyPart
}
if saIndex == "" {
saIndex = InvalidKeyPart
}
if _, err := strconv.Atoi(saIndex); err != nil {
saIndex = InvalidKeyPart
}
key := strings.Replace(spdPolicyKeyTemplate, "{spd}", spdIndex, 1)
key = strings.Replace(key, "{sa}", saIndex, 1)
return key
}
// ParseSPDPolicyKey parses key representing binding between policy (security
// association) and a security policy database
func ParseSPDPolicyKey(key string) (spdIndex string, saIndex string, isSPDIfaceKey bool) {
keyComps := strings.Split(key, "/")
if len(keyComps) >= 5 && keyComps[0] == "vpp" && keyComps[1] == "spd" && keyComps[3] == "sa" {
saIndex = strings.Join(keyComps[4:], "/")
return keyComps[2], saIndex, true
}
return "", "", false
}