packetgen-plugin-ipsec 1.0.0

data/lib/packetgen/plugin/ike/sk.rb

@@ -0,0 +1,261 @@
+# coding: utf-8
+# This file is part of IPsec packetgen plugin.
+# See https://github.com/sdaubert/packetgen-plugin-ipsec for more informations
+# Copyright (c) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
+# This program is published under MIT license.
+
+# frozen_string_literal: true
+
+module PacketGen
+  module Plugin
+    class IKE
+      # This class handles encrypted payloads, denoted SK.
+      #
+      # The encrypted payload contains other payloads in encrypted form.
+      # The Encrypted payload consists of the IKE generic payload Plugin followed
+      # by individual fields as follows:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                     Initialization Vector                     |
+      #   |         (length is block size for encryption algorithm)       |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   ~                    Encrypted IKE Payloads                     ~
+      #   +               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |               |             Padding (0-255 octets)            |
+      #   +-+-+-+-+-+-+-+-+                               +-+-+-+-+-+-+-+-+
+      #   |                                               |  Pad Length   |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   ~                    Integrity Checksum Data                    ~
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # Encrypted payloads are set in {#content} field, as a {PacketGen::Types::String}.
+      # All others fields are only set when decrypting a previously read SK
+      # payload. They also may be set manually to encrypt IKE payloads.
+      #
+      # == Read and decrypt a SK payload
+      #   # Read a IKE packet
+      #   pkt = PacketGen.read(str)
+      #   # decrypt SK payload
+      #   cipher = OpenSSL::Cipher.new('aes-128-ctr')
+      #   cipher.decrypt
+      #   cipher_key = aes_key
+      #   hmac = OpenSSL::HMAC.new(hmac_key, OpenSSL::Digest::SHA256.new)
+      #   pkt.ike_sk.decrypt! cipher, intmode: hmac, icv_length: 16   # => true if authentication is verified
+      #   pkt.ike_sk.body       # => kind of PacketGen::Plugin::IKE::Payload
+      #
+      # == Set and encrypt a SK payload
+      #   # Create a IKE packet
+      #   pkt = PacketGen.gen('IP').add('IP').add('UDP').add('IKE', init_spi: 0x123456789, resp_spi: 0x987654321, type: 'IKE_AUTH', message_id: 1)
+      #   # Add SK payload
+      #   pkt.add('IKE::SK', icv_length: 16)
+      #   # Add others unencrypted payloads
+      #   pkt.add('IKE::IDi').add('IKE::Auth').add('IKE::SA').add('IKE::TSi').add('IKE::TSr')
+      #   # encrypt SK payload
+      #   cipher = OpenSSL::Cipher.new('aes-128-ctr')
+      #   cipher.encrypt
+      #   cipher_key = aes_key
+      #   hmac = OpenSSL::HMAC.new(hmac_key, OpenSSL::Digest::SHA256.new)
+      #   pkt.ike_sk.encrypt! cipher, iv, salt: salt, intmode: hmac
+      #   pkt.ike_sk.body       # => String
+      #   pkt.calc_length
+      #
+      # @author Sylvain Daubert
+      class SK < Payload
+        include Crypto
+
+        # Payload type number
+        PAYLOAD_TYPE = 46
+
+        # ICV (Integrity Check Value) length
+        # @return [Integer]
+        attr_accessor :icv_length
+
+        # @param [Hash] options
+        # @option options [Integer] :icv_length ICV length
+        def initialize(options={})
+          @icv_length = options[:icv_length] || 0
+          super
+        end
+
+        # Decrypt in-place SK payload.
+        # @param [OpenSSL::Cipher] cipher keyed cipher
+        #   This cipher is confidentiality-only one, or AEAD one. To use a second
+        #   cipher to add integrity, use +:intmode+ option.
+        # @param [Hash] options
+        # @option options [Boolean] :parse parse deciphered payload to retrieve
+        #   Plugins (default: +true+)
+        # @option options [Fixnum] :icv_length ICV length for captured packets,
+        #   or read from PCapNG files
+        # @option options [String] :salt salt value for CTR and GCM modes
+        # @option options [OpenSSL::HMAC] :intmode integrity mode to use with a
+        #   confidentiality-only cipher. Only HMAC are supported.
+        # @return [Boolean] +true+ if SK payload is authenticated
+        def decrypt!(cipher, options={})
+          opt = { salt: '', parse: true }.merge!(options)
+
+          set_crypto cipher, opt[:intmode]
+
+          case confidentiality_mode
+          when 'gcm'
+            iv = self[:content].slice!(0, 8)
+            real_iv = force_binary(opt[:salt]) + iv
+          when 'cbc'
+            cipher.padding = 0
+            real_iv = iv = self[:content].slice!(0, 16)
+          when 'ctr'
+            iv = self[:content].slice!(0, 8)
+            real_iv = force_binary(opt[:salt]) + iv + [1].pack('N')
+          else
+            real_iv = iv = self[:content].slice!(0, 16)
+          end
+          cipher.iv = real_iv
+
+          if authenticated?
+            if @icv_length.zero?
+              @icv_length = opt[:icv_length].to_i if opt[:icv_length]
+              raise ParseError, 'unknown ICV size' if @icv_length.zero?
+            end
+            icv = self[:content].slice!(-@icv_length, @icv_length)
+          end
+
+          authenticate_if_needed iv, icv
+          private_decrypt opt
+        end
+
+        # Encrypt in-place SK payload.
+        # @param [OpenSSL::Cipher] cipher keyed cipher
+        #   This cipher is confidentiality-only one, or AEAD one. To use a second
+        #   cipher to add integrity, use +:intmode+ option.
+        # @param [String] iv IV to encipher SK payload content
+        #   * CTR and GCM modes: +iv+ is 8-bytes long.
+        # @param [Hash] options
+        # @option options [Fixnum] :icv_length ICV length for captured packets,
+        #   or read from PCapNG files
+        # @option options [String] :salt salt value for CTR and GCM modes
+        # @option options [Fixnum] :pad_length set a padding length
+        # @option options [String] :padding set a padding. No check with
+        #   +:pad_length+ is made. If +:pad_length+ is not set, +:padding+
+        #   length is shortened to correct padding length
+        # @option options [OpenSSL::HMAC] :intmode integrity mode to use with a
+        #   confidentiality-only cipher. Only HMAC are supported.
+        # @return [self]
+        def encrypt!(cipher, iv, options={})
+          opt = { salt: '' }.merge!(options)
+
+          set_crypto cipher, opt[:intmode]
+
+          real_iv = force_binary(opt[:salt]) + force_binary(iv)
+          real_iv += [1].pack('N') if confidentiality_mode == 'ctr'
+          cipher.iv = real_iv
+
+          authenticate_if_needed iv
+
+          if opt[:pad_length]
+            pad_length = opt[:pad_length]
+            padding = force_binary(opt[:padding] || ([0] * pad_length).pack('C*'))
+          else
+            pad_length = cipher.block_size
+            pad_length = 16 if cipher.block_size == 1 # Some AES mode returns 1...
+            pad_length -= (self[:body].sz + iv.size + 1) % cipher.block_size
+            pad_length = 0 if pad_length == 16
+            padding = force_binary(opt[:padding] || ([0] * pad_length).pack('C*'))
+            padding = padding[0, pad_length]
+          end
+          msg = self[:body].to_s + padding + PacketGen::Types::Int8.new(pad_length).to_s
+          encrypted_msg = encipher(msg)
+          cipher.final # message is already padded. No need for mode padding
+
+          if authenticated?
+            @icv_length = opt[:icv_length] if opt[:icv_length]
+            encrypted_msg << if @conf.authenticated?
+                               @conf.auth_tag[0, @icv_length]
+                             else
+                               @intg.digest[0, @icv_length]
+                             end
+          end
+          self[:content].read(iv + encrypted_msg)
+
+          # Remove plain payloads
+          self[:body] = PacketGen::Types::String.new
+
+          # Remove enciphered payloads from packet
+          id = header_id(self)
+          if id < packet.headers.size - 1
+            (packet.headers.size - 1).downto(id + 1) do |index|
+              packet.headers.delete_at index
+            end
+          end
+
+          self.calc_length
+          self
+        end
+
+        private
+
+        def authenticate_if_needed(iv, icv=nil)
+          if @conf.authenticated?
+            @conf.auth_tag = icv if icv
+            @conf.auth_data = get_ad
+          elsif @intg
+            @intg.reset
+            @intg.update get_ad
+            @intg.update iv
+            @icv = icv
+          else
+            @icv = nil
+          end
+        end
+
+        # From RFC 7206, §5.1: The associated data MUST consist of the partial
+        # contents of the IKEv2 message, starting from the first octet of the
+        # Fixed IKE Plugin through the last octet of the Payload Plugin of the
+        # Encrypted Payload (i.e., the fourth octet of the Encrypted Payload).
+        def get_ad
+          str = packet.ike.to_s[0, IKE.new.sz]
+          current_payload = packet.ike[:body]
+          until current_payload.is_a? SK
+            str << current_payload.to_s[0, current_payload.to_s.length]
+            current_payload = current_payload[:body]
+          end
+          str << self.to_s[0, SK.new.sz]
+        end
+
+        def private_decrypt(options)
+          # decrypt
+          plain_msg = decipher(content.to_s)
+          # Remove cipher text
+          self[:content].read ''
+
+          # check authentication tag
+          if authenticated?
+            return false unless authenticate!
+          end
+
+          # remove padding
+          pad_len = PacketGen::Types::Int8.new.read(plain_msg[-1]).to_i
+          payloads = plain_msg[0, plain_msg.size - 1 - pad_len]
+
+          # parse IKE payloads
+          if options[:parse]
+            klass = IKE.constants.select do |c|
+              cst = IKE.const_get(c)
+              cst.is_a?(Class) && (cst < Payload) && (cst::PAYLOAD_TYPE == self.next)
+            end
+            klass = klass.nil? ? Payload : IKE.const_get(klass.first)
+            firsth = klass.protocol_name
+            pkt = Packet.parse(payloads, first_header: firsth)
+            packet.encapsulate(pkt, parsing: true) unless pkt.nil?
+          else
+            self[:body].read payloads
+          end
+
+          true
+        end
+      end
+    end
+
+    Header.add_class IKE::SK
+  end
+end

data/lib/packetgen/plugin/ike/ts.rb

@@ -0,0 +1,260 @@
+# coding: utf-8
+# This file is part of IPsec packetgen plugin.
+# See https://github.com/sdaubert/packetgen-plugin-ipsec for more informations
+# Copyright (c) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
+# This program is published under MIT license.
+
+# frozen_string_literal: true
+
+module PacketGen
+  module Plugin
+    class IKE
+      # TrafficSelector substructure, as defined in RFC 7296, §3.13.1:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |   TS Type     |IP Protocol ID*|       Selector Length         |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |           Start Port*         |           End Port*           |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                         Starting Address*                     ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                         Ending Address*                       ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # @author Sylvain Daubert
+      class TrafficSelector < PacketGen::Types::Fields
+        # IPv4 traffic selector type
+        TS_IPV4_ADDR_RANGE = 7
+        # IPv6 traffic selector type
+        TS_IPV6_ADDR_RANGE = 8
+
+        # @!attribute [r] type
+        #  8-bit TS type
+        #  @return [Integer]
+        define_field :type, PacketGen::Types::Int8, default: 7
+        # @!attribute [r] protocol
+        #  8-bit protocol ID
+        #  @return [Integer]
+        define_field :protocol, PacketGen::Types::Int8, default: 0
+        # @!attribute length
+        #  16-bit Selector Length
+        #  @return [Integer]
+        define_field :length, PacketGen::Types::Int16
+        # @!attribute start_port
+        #  16-bit Start port
+        #  @return [Integer]
+        define_field :start_port, PacketGen::Types::Int16, default: 0
+        # @!attribute end_port
+        #  16-bit End port
+        #  @return [Integer]
+        define_field :end_port, PacketGen::Types::Int16, default: 65_535
+        # @!attribute start_addr
+        #  starting address
+        #  @return [IP::Addr, IPv6::Addr]
+        define_field :start_addr, PacketGen::Header::IP::Addr
+        # @!attribute end_addr
+        #  starting address
+        #  @return [IP::Addr, IPv6::Addr]
+        define_field :end_addr, PacketGen::Header::IP::Addr
+
+        # @param [Hash] options
+        # @option [Range] :ports port range
+        # @option [Integer] :start_port start port
+        # @option [Integer] :end_port end port
+        def initialize(options={})
+          super
+          select_addr options
+          self[:start_addr].from_human(options[:start_addr]) if options[:start_addr]
+          self[:end_addr].from_human(options[:end_addr]) if options[:end_addr]
+          self.type = options[:type] if options[:type]
+          self.protocol = options[:protocol] if options[:protocol]
+          self[:length].value = sz unless options[:length]
+
+          return unless options[:ports]
+          self.start_port = options[:ports].begin
+          self.end_port = options[:ports].end
+        end
+
+        # Populate object from a string
+        # @param [String] str
+        # @return [self]
+        def read(str)
+          super
+          select_addr_from_type type
+          super
+        end
+
+        undef type=, protocol=
+
+        # Set type
+        # @param [Integer,String] value
+        # @return [Integer]
+        def type=(value)
+          type = case value
+                 when Integer
+                   value
+                 else
+                   c = self.class.constants.grep(/TS_#{value.upcase}/).first
+                   c ? self.class.const_get(c) : nil
+                 end
+          raise ArgumentError, "unknown type #{value.inspect}" unless type
+          select_addr_from_type type
+          self[:type].value = type
+        end
+
+        # Set protocol
+        # @param [Integer,String] value
+        # @return [Integer]
+        def protocol=(value)
+          protocol = case value
+                     when Integer
+                       value
+                     else
+                       Proto.getprotobyname(value)
+                     end
+          raise ArgumentError, "unknown protocol #{value.inspect}" unless protocol
+          self[:protocol].value = protocol
+        end
+
+        # Get a human readable string
+        # @return [String]
+        def to_human
+          h = start_addr << '-' << end_addr
+          unless human_protocol.empty?
+            h << "/#{human_protocol}"
+            h << "[#{start_port}-#{end_port}]" if (start_port..end_port) != (0..65_535)
+          end
+          h
+        end
+
+        # Get human readable protocol name. If protocol ID is 0, an empty string
+        # is returned.
+        # @return [String]
+        def human_protocol
+          if protocol.zero?
+            ''
+          else
+            Proto.getprotobynumber(protocol) || protocol.to_s
+          end
+        end
+
+        # Get human readable TS type
+        # @return [String]
+        def human_type
+          case type
+          when TS_IPV4_ADDR_RANGE
+            'IPv4'
+          when TS_IPV6_ADDR_RANGE
+            'IPv6'
+          else
+            "type #{type}"
+          end
+        end
+
+        private
+
+        def select_addr_from_type(type)
+          case type
+          when TS_IPV4_ADDR_RANGE, 'IPV4', 'IPv4', 'ipv4', nil
+            self[:start_addr] = PacketGen::Header::IP::Addr.new unless self[:start_addr].is_a?(PacketGen::Header::IP::Addr)
+            self[:end_addr] = PacketGen::Header::IP::Addr.new unless self[:end_addr].is_a?(PacketGen::Header::IP::Addr)
+          when TS_IPV6_ADDR_RANGE, 'IPV6', 'IPv6', 'ipv6'
+            self[:start_addr] = PacketGen::Header::IPv6::Addr.new unless self[:start_addr].is_a?(PacketGen::Header::IPv6::Addr)
+            self[:end_addr] = PacketGen::Header::IPv6::Addr.new unless self[:end_addr].is_a?(PacketGen::Header::IPv6::Addr)
+          else
+            raise ArgumentError, "unknown type #{type}"
+          end
+        end
+
+        def select_addr(options)
+          if options[:type]
+            select_addr_from_type options[:type]
+          elsif options[:start_addr]
+            ipv4 = IPAddr.new(options[:start_addr]).ipv4?
+            self.type = ipv4 ? TS_IPV4_ADDR_RANGE : TS_IPV6_ADDR_RANGE
+          elsif options[:end_addr]
+            ipv4 = IPAddr.new(options[:end_addr]).ipv4?
+            self.type = ipv4 ? TS_IPV4_ADDR_RANGE : TS_IPV6_ADDR_RANGE
+          end
+        end
+      end
+
+      # Set of {TrafficSelector}, used by {TSi} and {TSr}.
+      # @author Sylvain Daubert
+      class TrafficSelectors < PacketGen::Types::Array
+        set_of TrafficSelector
+      end
+
+      # This class handles Traffic Selector - Initiator payloads, denoted TSi.
+      #
+      # A TSi payload consists of the IKE generic payload Plugin (see {Payload})
+      # and some specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Number of TSs |                 RESERVED                      |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                       <Traffic Selectors>                     ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#num_ts},
+      # * {#rsv1},
+      # * {#rsv2},
+      # * and {#traffic_selectors}.
+      #
+      # == Create a TSi payload
+      #  # Create a IKE packet with a TSi payload
+      #  pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::TSi')
+      #  # add a traffic selector to this payload
+      #  pkt.ike_tsi.traffic_selectors << { protocol: 'tcp', ports: 1..1024, start_addr: '20.0.0.1', end_addr: '21.255.255.254' }
+      #  # add another traffic selector (IPv6, all protocols)
+      #  pkt.ike_tsi.traffic_selectors << { start_addr: '2001::1', end_addr: '200a:ffff:ffff:ffff:ffff:ffff:ffff:ffff' }
+      # @author Sylvain Daubert
+      class TSi < Payload
+        # Payload type number
+        PAYLOAD_TYPE = 44
+
+        remove_field :content
+
+        # @!attribute num_ts
+        #   8-bit Number of TSs
+        #   @return [Integer]
+        define_field_before :body, :num_ts, PacketGen::Types::Int8
+        # @!attribute rsv
+        #   24-bit RESERVED field
+        #   @return [Integer]
+        define_field_before :body, :rsv, PacketGen::Types::Int24
+
+        # @!attribute traffic_selectors
+        #  Set of {TrafficSelector}
+        #  @return {TrafficSelectors}
+        define_field_before :body, :traffic_selectors, TrafficSelectors,
+                            builder: ->(h, t) { t.new(counter: h[:num_ts]) }
+        alias selectors traffic_selectors
+
+        # Compute length and set {#length} field
+        # @return [Integer] new length
+        def calc_length
+          selectors.each(&:calc_length)
+          super
+        end
+      end
+
+      class TSr < TSi
+        # Payload type number
+        PAYLOAD_TYPE = 45
+      end
+    end
+
+    Header.add_class IKE::TSi
+    Header.add_class IKE::TSr
+  end
+end