packetgen-plugin-ipsec 1.0.2 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (26) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/specs.yml +32 -0
  3. data/.rubocop.yml +28 -3
  4. data/Gemfile +18 -0
  5. data/README.md +12 -6
  6. data/Rakefile +10 -4
  7. data/lib/packetgen/plugin/crypto.rb +38 -4
  8. data/lib/packetgen/plugin/esp.rb +410 -378
  9. data/lib/packetgen/plugin/ike/auth.rb +153 -140
  10. data/lib/packetgen/plugin/ike/cert.rb +61 -62
  11. data/lib/packetgen/plugin/ike/certreq.rb +51 -52
  12. data/lib/packetgen/plugin/ike/id.rb +80 -81
  13. data/lib/packetgen/plugin/ike/ke.rb +64 -65
  14. data/lib/packetgen/plugin/ike/nonce.rb +29 -31
  15. data/lib/packetgen/plugin/ike/notify.rb +134 -139
  16. data/lib/packetgen/plugin/ike/payload.rb +75 -76
  17. data/lib/packetgen/plugin/ike/sa.rb +515 -452
  18. data/lib/packetgen/plugin/ike/sk.rb +221 -221
  19. data/lib/packetgen/plugin/ike/ts.rb +226 -223
  20. data/lib/packetgen/plugin/ike/vendor_id.rb +28 -30
  21. data/lib/packetgen/plugin/ike.rb +213 -217
  22. data/lib/packetgen/plugin/ipsec_version.rb +8 -1
  23. data/lib/packetgen-plugin-ipsec.rb +2 -0
  24. data/packetgen-plugin-ipsec.gemspec +6 -11
  25. metadata +11 -88
  26. data/.travis.yml +0 -14
data/lib/packetgen/plugin/ike/id.rb CHANGED
@@ -6,94 +6,93 @@
6
6
 
7
7
  # frozen_string_literal: true
8
8
 
9
- module PacketGen
10
- module Plugin
11
- class IKE
12
- # This class handles Identification - Initiator payloads, denoted IDi
13
- # (see RFC 7296, §3.5).
14
- #
15
- # A ID payload consists of the IKE generic payload Plugin (see {Payload})
16
- # and some specific fields:
17
- # 1 2 3
18
- # 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
19
- # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
20
- # | Next Payload |C| RESERVED | Payload Length |
21
- # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
22
- # | ID Type | RESERVED |
23
- # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
24
- # | |
25
- # ~ Identification Data ~
26
- # | |
27
- # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
28
- # These specific fields are:
29
- # * {#type} (ID type),
30
- # * {#reserved},
31
- # * and {#content} (Identification Data).
32
- #
33
- # == Create a IDi payload
34
- # # Create a IKE packet with a IDi payload
35
- # pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDi', type: 'FQDN')
36
- # pkt.ike_idi.content.read 'fqdn.example.org'
37
- # pkt.calc_length
38
- # @author Sylvain Daubert
39
- class IDi < Payload
40
- # Payload type number
41
- PAYLOAD_TYPE = 35
9
+ module PacketGen::Plugin
10
+ class IKE
11
+ # This class handles Identification - Initiator payloads, denoted IDi
12
+ # (see RFC 7296, §3.5).
13
+ #
14
+ # A ID payload consists of the IKE generic payload Plugin (see {Payload})
15
+ # and some specific fields:
16
+ # 1 2 3
17
+ # 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
18
+ # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
19
+ # | Next Payload |C| RESERVED | Payload Length |
20
+ # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
21
+ # | ID Type | RESERVED |
22
+ # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
23
+ # | |
24
+ # ~ Identification Data ~
25
+ # | |
26
+ # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
27
+ # These specific fields are:
28
+ # * {#type} (ID type),
29
+ # * {#reserved},
30
+ # * and {#content} (Identification Data).
31
+ #
32
+ # == Create a IDi payload
33
+ # # Create a IKE packet with a IDi payload
34
+ # pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDi', type: 'FQDN')
35
+ # pkt.ike_idi.content.read 'fqdn.example.org'
36
+ # pkt.calc_length
37
+ # @author Sylvain Daubert
38
+ class IDi < Payload
39
+ # Payload type number
40
+ PAYLOAD_TYPE = 35
42
41
 
43
- TYPES = {
44
- 'IPV4_ADDR' => 1,
45
- 'FQDN' => 2,
46
- 'RFC822_ADDR' => 3,
47
- 'IPV6_ADDR' => 5,
48
- 'DER_ASN1_DN' => 9,
49
- 'DER_ASN1_GN' => 10,
50
- 'KEY_ID' => 11
51
- }.freeze
42
+ # ID types
43
+ TYPES = {
44
+ 'IPV4_ADDR' => 1,
45
+ 'FQDN' => 2,
46
+ 'RFC822_ADDR' => 3,
47
+ 'IPV6_ADDR' => 5,
48
+ 'DER_ASN1_DN' => 9,
49
+ 'DER_ASN1_GN' => 10,
50
+ 'KEY_ID' => 11
51
+ }.freeze
52
52
 
53
- # @attribute [r] type
54
- # 8-bit ID type
55
- # @return [Integer]
56
- define_field_before :content, :type, PacketGen::Types::Int8Enum, enum: TYPES
57
- # @attribute reserved
58
- # 24-bit reserved field
59
- # @return [Integer]
60
- define_field_before :content, :reserved, PacketGen::Types::Int24
53
+ # @attribute [r] type
54
+ # 8-bit ID type
55
+ # @return [Integer]
56
+ define_attr_before :content, :type, BinStruct::Int8Enum, enum: TYPES
57
+ # @attribute reserved
58
+ # 24-bit reserved field
59
+ # @return [Integer]
60
+ define_attr_before :content, :reserved, BinStruct::Int24
61
61
 
62
- # Get ID type name
63
- # @return [String]
64
- def human_type
65
- self[:type].to_human
66
- end
67
-
68
- # Get human readable content, from {#type}
69
- # @return [String]
70
- def human_content
71
- case type
72
- when TYPES['IPV4_ADDR'], TYPES['IPV4_ADDR']
73
- IPAddr.ntop(content)
74
- when TYPES['DER_ASN1_DN'], TYPES['DER_ASN1_GN']
75
- OpenSSL::X509::Name.new(content).to_s
76
- else
77
- content.inspect
78
- end
79
- end
62
+ # Get ID type name
63
+ # @return [String]
64
+ def human_type
65
+ self[:type].to_human
80
66
  end
81
67
 
82
- # This class handles Identification - Responder payloads, denoted IDr.
83
- # See {IDi}.
84
- #
85
- # == Create a IDr payload
86
- # # Create a IKE packet with a IDr payload
87
- # pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDr', type: 'FQDN')
88
- # pkt.ike_idr.content.read 'fqdn.example.org'
89
- # @author Sylvain Daubert
90
- class IDr < IDi
91
- # Payload type number
92
- PAYLOAD_TYPE = 36
68
+ # Get human readable content, from {#type}
69
+ # @return [String]
70
+ def human_content
71
+ case type
72
+ when TYPES['IPV4_ADDR'], TYPES['IPV6_ADDR']
73
+ IPAddr.ntop(content)
74
+ when TYPES['DER_ASN1_DN'], TYPES['DER_ASN1_GN']
75
+ OpenSSL::X509::Name.new(content).to_s
76
+ else
77
+ content.inspect
78
+ end
93
79
  end
94
80
  end
95
81
 
96
- Header.add_class IKE::IDi
97
- Header.add_class IKE::IDr
82
+ # This class handles Identification - Responder payloads, denoted IDr.
83
+ # See {IDi}.
84
+ #
85
+ # == Create a IDr payload
86
+ # # Create a IKE packet with a IDr payload
87
+ # pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDr', type: 'FQDN')
88
+ # pkt.ike_idr.content.read 'fqdn.example.org'
89
+ # @author Sylvain Daubert
90
+ class IDr < IDi
91
+ # Payload type number
92
+ PAYLOAD_TYPE = 36
93
+ end
98
94
  end
95
+
96
+ PacketGen::Header.add_class IKE::IDi
97
+ PacketGen::Header.add_class IKE::IDr
99
98
  end
data/lib/packetgen/plugin/ike/ke.rb CHANGED
@@ -1,79 +1,78 @@
1
1
  # coding: utf-8
2
+ # frozen_string_literal: true
3
+
2
4
  # This file is part of IPsec packetgen plugin.
3
5
  # See https://github.com/sdaubert/packetgen-plugin-ipsec for more informations
4
6
  # Copyright (c) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
5
7
  # This program is published under MIT license.
6
8
 
7
- # frozen_string_literal: true
9
+ module PacketGen::Plugin
10
+ class IKE
11
+ # This class handles Key Exchange payloads, as defined in RFC 7296 §3.4
12
+ #
13
+ # A KE payload contains a generic payload Plugin (see {Payload}) and some
14
+ # specific fields:
15
+ # 1 2 3
16
+ # 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
17
+ # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
18
+ # | Next Payload |C| RESERVED | Payload Length |
19
+ # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
20
+ # | Diffie-Hellman Group Num | RESERVED |
21
+ # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
22
+ # | |
23
+ # ~ Key Exchange Data ~
24
+ # | |
25
+ # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
26
+ # These specific fields are:
27
+ # * {#group_num} (type {BinStruct::Int16}),
28
+ # * {#reserved} (type {BinStruct::Int16}),
29
+ # * and {#content} (type {BinStruct::String}).
30
+ #
31
+ # == Create a KE payload
32
+ # # Create a IKE packet with a KE payload
33
+ # pkt = PacketGen.gen('IP').add('UDP').add('IKE')
34
+ # # group name is taken from Transform::DH_* constants
35
+ # pkt.add('IKE::KE', group: 'MODP4096')
36
+ # # group number may also be used
37
+ # pkt.ike_ke.group = 1
38
+ # pkt.calc_length
39
+ # @author Sylvain Daubert
40
+ class KE < Payload
41
+ # Payload type number
42
+ PAYLOAD_TYPE = 34
8
43
 
9
- module PacketGen
10
- module Plugin
11
- class IKE
12
- # This class handles Key Exchange payloads, as defined in RFC 7296 §3.4
13
- #
14
- # A KE payload contains a generic payload Plugin (see {Payload}) and some
15
- # specific fields:
16
- # 1 2 3
17
- # 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
18
- # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
19
- # | Next Payload |C| RESERVED | Payload Length |
20
- # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
21
- # | Diffie-Hellman Group Num | RESERVED |
22
- # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
23
- # | |
24
- # ~ Key Exchange Data ~
25
- # | |
26
- # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
27
- # These specific fields are:
28
- # * {#group_num} (type {PacketGen::Types::Int16}),
29
- # * {#reserved} (type {PacketGen::Types::Int16}),
30
- # * and {#content} (type {PacketGen::Types::String}).
31
- #
32
- # == Create a KE payload
33
- # # Create a IKE packet with a KE payload
34
- # pkt = PacketGen.gen('IP').add('UDP').add('IKE')
35
- # # group name is taken from Transform::DH_* constants
36
- # pkt.add('IKE::KE', group: 'MODP4096')
37
- # # group number may also be used
38
- # pkt.ike_ke.group = 1
39
- # pkt.calc_length
40
- # @author Sylvain Daubert
41
- class KE < Payload
42
- # Payload type number
43
- PAYLOAD_TYPE = 34
44
+ # @!attribute group_num
45
+ # 16-bit DH group number
46
+ # @return [Integer]
47
+ define_attr_before :content, :group_num, BinStruct::Int16
48
+ # @!attribute reserved
49
+ # 16-bit reserved field
50
+ # @return [Integer]
51
+ define_attr_before :content, :reserved, BinStruct::Int16, default: 0
44
52
 
45
- # @!attribute group_num
46
- # 16-bit DH group number
47
- # @return [Integer]
48
- define_field_before :content, :group_num, PacketGen::Types::Int16
49
- # @!attribute reserved
50
- # 16-bit reserved field
51
- # @return [Integer]
52
- define_field_before :content, :reserved, PacketGen::Types::Int16, default: 0
53
+ def initialize(options={})
54
+ super
55
+ self.group = options[:group] if options[:group]
56
+ end
53
57
 
54
- def initialize(options={})
55
- super
56
- self.group = options[:group] if options[:group]
57
- end
58
+ # Set group
59
+ # @param [Integer,String] value may be a String taken from
60
+ # {Transform}+::DH_*+ constant names.
61
+ # @return [Integer]
62
+ def group=(value)
63
+ group = case value
64
+ when Integer
65
+ value
66
+ else
67
+ cname = "DH_#{value}"
68
+ Transform.const_defined?(cname) ? Transform.const_get(cname) : nil
69
+ end
70
+ raise ArgumentError, "unknown group #{value.inspect}" unless group
58
71
 
59
- # Set group
60
- # @param [Integer,String] value may be a String taken from
61
- # {Transform}+::DH_*+ constant names.
62
- # @return [Integer]
63
- def group=(value)
64
- group = case value
65
- when Integer
66
- value
67
- else
68
- cname = "DH_#{value}"
69
- Transform.const_defined?(cname) ? Transform.const_get(cname) : nil
70
- end
71
- raise ArgumentError, "unknown group #{value.inspect}" unless group
72
- self[:group_num].value = group
73
- end
72
+ self[:group_num].value = group
74
73
  end
75
74
  end
76
-
77
- Header.add_class IKE::KE
78
75
  end
76
+
77
+ PacketGen::Header.add_class IKE::KE
79
78
  end
data/lib/packetgen/plugin/ike/nonce.rb CHANGED
@@ -1,40 +1,38 @@
1
1
  # coding: utf-8
2
+ # frozen_string_literal: true
3
+
2
4
  # This file is part of IPsec packetgen plugin.
3
5
  # See https://github.com/sdaubert/packetgen-plugin-ipsec for more informations
4
6
  # Copyright (c) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
5
7
  # This program is published under MIT license.
6
8
 
7
- # frozen_string_literal: true
8
-
9
- module PacketGen
10
- module Plugin
11
- class IKE
12
- # This class handles Nonce payloads, as defined in RFC 7296 §3.9.
13
- #
14
- # A Nonce payload contains a generic payload Plugin (see {Payload}) and
15
- # data field (type {PacketGen::Types::String}):
16
- # 1 2 3
17
- # 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
18
- # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
19
- # | Next Payload |C| RESERVED | Payload Length |
20
- # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
21
- # | |
22
- # ~ Nonce Data ~
23
- # | |
24
- # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
25
- #
26
- # == Create a Nonce payload
27
- # # Create a IKE packet with a Nonce payload
28
- # pkt = PacketGen.gen('IP').add('UDP').add('IKE')
29
- # pkt.add('IKE::Nonce', data: "abcdefgh")
30
- # pkt.calc_length
31
- # @author Sylvain Daubert
32
- class Nonce < Payload
33
- # Payload type number
34
- PAYLOAD_TYPE = 40
35
- end
9
+ module PacketGen::Plugin
10
+ class IKE
11
+ # This class handles Nonce payloads, as defined in RFC 7296 §3.9.
12
+ #
13
+ # A Nonce payload contains a generic payload Plugin (see {Payload}) and
14
+ # data field (type {BinStruct::String}):
15
+ # 1 2 3
16
+ # 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
17
+ # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
18
+ # | Next Payload |C| RESERVED | Payload Length |
19
+ # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
20
+ # | |
21
+ # ~ Nonce Data ~
22
+ # | |
23
+ # +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
24
+ #
25
+ # == Create a Nonce payload
26
+ # # Create a IKE packet with a Nonce payload
27
+ # pkt = PacketGen.gen('IP').add('UDP').add('IKE')
28
+ # pkt.add('IKE::Nonce', data: "abcdefgh")
29
+ # pkt.calc_length
30
+ # @author Sylvain Daubert
31
+ class Nonce < Payload
32
+ # Payload type number
33
+ PAYLOAD_TYPE = 40
36
34
  end
37
-
38
- Header.add_class IKE::Nonce
39
35
  end
36
+
37
+ PacketGen::Header.add_class IKE::Nonce
40
38
  end