packetgen 1.4.3 → 2.0.0

data/lib/packetgen/header/dns.rb

@@ -248,13 +248,13 @@ module PacketGen
             flags = [:qr, :aa, :tc, :rd, :ra].select! { |attr| send "#{attr}?" }.
                     map(&:to_s).join(',')
             str << Inspect.shift_level(2)
-            str << Inspect::INSPECT_FMT_ATTR % ['Flags', 'flags', flags]
+            str << Inspect::FMT_ATTR % ['Flags', 'flags', flags]
             opcode = '%-10s (%u)' % [OPCODES.key(self.opcode), self.opcode]
             str << Inspect.shift_level(2)
-            str << Inspect::INSPECT_FMT_ATTR % ['Integer', 'opcode', opcode]
+            str << Inspect::FMT_ATTR % ['Integer', 'opcode', opcode]
             rcode = '%-10s (%u)' % [RCODES.key(self.rcode), self.rcode]
             str << Inspect.shift_level(2)
-            str << Inspect::INSPECT_FMT_ATTR % ['Integer', 'rcode', rcode]
+            str << Inspect::FMT_ATTR % ['Integer', 'rcode', rcode]
           else
             str << Inspect.inspect_attribute(attr, value, 2)
           end

data/lib/packetgen/header/dot11.rb

@@ -133,6 +133,11 @@ module PacketGen
     # * a {#ht_ctrl} ({Types::Int32}),
     # * a {#body} (a {Types::String} or another {Base} class),
     # * a Frame check sequence ({#fcs}, of type {Types::Int32le})
+    #
+    # == header accessors
+    # As Dot11 header types are defined under Dot11 namespace, Dot11 header accessors
+    # have a specific name. By example, to access to a {Dot11::Beacon} header,
+    # accessor is +#dot11_beacon+.
     # @author Sylvain Daubert
     class Dot11 < Base
 

data/lib/packetgen/header/esp.rb

@@ -1,9 +1,6 @@
 module PacketGen
   module Header
 
-    # Error about enciphering/deciphering was encountered
-    class CipherError < Error;end
-
     # A ESP header consists of:
     # * a Security Parameters Index (#{spi}, {Types::Int32} type),
     # * a Sequence Number ({#sn}, +Int32+ type),
@@ -48,14 +45,14 @@ module PacketGen
     #  
     #  # encrypt ESP payload
     #  cipher = OpenSSL::Cipher.new('aes-128-gcm')
-    #  cipher.encrypt!
+    #  cipher.encrypt
     #  cipher.key = 16bytes_key
     #  iv = 8bytes_iv
     #  esp.esp.encrypt! cipher, iv, salt: 4bytes_gcm_salt
     #
     # === Decrypt a ESP packet using CBC mode and HMAC-SHA-256
     #  cipher = OpenSSL::Cipher.new('aes-128-cbc')
-    #  cipher.decrypt!
+    #  cipher.decrypt
     #  cipher.key = 16bytes_key
     #  
     #  hmac = OpenSSL::HMAC.new(hmac_key, OpenSSL::Digest::SHA256.new)
@@ -63,6 +60,7 @@ module PacketGen
     #  pkt.esp.decrypt! cipher, intmode: hmac    # => true if ICV check OK
     # @author Sylvain Daubert
     class ESP < Base
+      include Crypto
 
       # IP protocol number for ESP
       IP_PROTOCOL = 50
@@ -292,43 +290,6 @@ module PacketGen
 
       private
 
-      def set_crypto(conf, intg)
-        @conf, @intg = conf, intg
-      end
-
-      def confidentiality_mode
-        mode = @conf.name.match(/-([^-]*)$/)[1]
-        raise CipherError, 'unknown cipher mode' if mode.nil?
-        mode.downcase
-      end
-
-      def authenticated?
-        @conf.authenticated? or !!@intg
-      end
-
-      def authenticate!
-        @conf.final
-        if @intg
-          @intg.update @esn.to_s if @esn
-          @intg.digest[0, @icv_length] == @icv
-        else
-          true
-        end
-      rescue OpenSSL::Cipher::CipherError
-        false
-      end
-
-      def encipher(data)
-        enciphered_data = @conf.update(data)
-        @intg.update(enciphered_data) if @intg
-        enciphered_data
-      end
-
-      def decipher(data)
-        @intg.update(data) if @intg
-        @conf.update(data)
-      end
-
       def get_auth_data(opt)
         ad = self[:spi].to_s
         if opt[:esn]
@@ -431,7 +392,10 @@ module PacketGen
 
     IP.bind_header ESP, protocol: ESP::IP_PROTOCOL
     IPv6.bind_header ESP, next: ESP::IP_PROTOCOL
-    UDP.bind_header ESP, dport: ESP::UDP_PORT, sport: ESP::UDP_PORT
+    UDP.bind_header ESP, procs: [ ->(f) { f.dport = f.sport = ESP::UDP_PORT },
+                                  ->(f) { (f.dport == ESP::UDP_PORT ||
+                                           f.sport == ESP::UDP_PORT) &&
+                                          Types::Int32.new.read(f.body[0..3]).to_i > 0 }]
     ESP.bind_header IP, next: 4
     ESP.bind_header IPv6, next: 41
     ESP.bind_header TCP, next: TCP::IP_PROTOCOL

data/lib/packetgen/header/ike.rb

@@ -0,0 +1,235 @@
+module PacketGen
+  module Header
+
+    # This class handles a pseudo-header used to differentiate ESP from IKE headers
+    # in a UDP datagram with port 4500.
+    # @author Sylvain Daubert
+    # @since 2.0.0
+    class NonESPMarker < Base
+      # @!attribute non_esp_marker
+      #  32-bit zero marker to differentiate IKE packet over UDP port 4500 from ESP ones
+      #  @return [Integer]
+      define_field :non_esp_marker, Types::Int32, default: 0
+      # @!attribute body
+      #  @return [Types::String,Header::Base]
+      define_field :body, Types::String
+
+      # Check non_esp_marker field
+      # @see [Base#parse?]
+      def parse?
+        non_esp_marker == 0
+      end
+    end
+
+    # IKE is the Internet Key Exchange protocol (RFC 7296). Ony IKEv2 is supported.
+    #
+    # A IKE header consists of a header, and a set of payloads. This class
+    # handles IKE header. For payloads, see {IKE::Payload}.
+    #
+    # == IKE header
+    # The format of a IKE header is shown below:
+    #                       1                   2                   3
+    #   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    #  |                       IKE SA Initiator's SPI                  |
+    #  |                                                               |
+    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    #  |                       IKE SA Responder's SPI                  |
+    #  |                                                               |
+    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    #  |  Next Payload | MjVer | MnVer | Exchange Type |     Flags     |
+    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    #  |                          Message ID                           |
+    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    #  |                            Length                             |
+    #  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+    # A IKE header consists of:
+    # * a IKE SA initiator SPI ({#init_spi}, {Types::Int64} type),
+    # * a IKE SA responder SPI ({#resp_spi}, {Types::Int64} type),
+    # * a Next Payload field ({#next}, {Types::Int8} type),
+    # * a Version field ({#version}, {Types::Int8} type, with first 4-bit field
+    #   as major number, and last 4-bit field as minor number),
+    # * a Exchange type ({#exchange_type}, {Types::Int8} type),
+    # * a {#flags} field ({Types::Int8} type),
+    # * a Message ID ({#message_id}, {Types::Int32} type),
+    # * and a {#length} ({Types::Int32} type).
+    #
+    # == Create a IKE header
+    # === Standalone
+    #   ike = PacketGen::Header::IKE.new
+    # === Classical IKE packet
+    #   pkt = PacketGen.gen('IP').add('UDP').add('IKE')
+    #   # access to IKE header
+    #   pkt.ike    # => PacketGen::Header::IKE
+    # === NAT-T IKE packet
+    #   # NonESPMarker is used to insert a 32-bit null field between UDP header
+    #   # and IKE one to differentiate it from ESP-in-UDP (see RFC 3948)
+    #   pkt = PacketGen.gen('IP').add('UDP').add('NonESPMarker').add('IKE)
+    # @author Sylvain Daubert
+    # @since 2.0.0
+    class IKE < Base
+
+      # Classical well-known UDP port for IKE
+      UDP_PORT1 = 500
+      # Well-known UDP port for IKE when NAT is detected
+      UDP_PORT2 = 4500
+
+      PROTO_IKE = 1
+      PROTO_AH  = 2
+      PROTO_ESP = 3
+
+      TYPE_IKE_SA_INIT     = 34
+      TYPE_IKE_AUTH        = 35
+      TYPE_CREATE_CHILD_SA = 36
+      TYPE_INFORMATIONAL   = 37
+
+      # @!attribute init_spi
+      #  64-bit initiator SPI
+      #  @return [Integer]
+      define_field :init_spi, Types::Int64 
+      # @!attribute resp_spi
+      #  64-bit responder SPI
+      #  @return [Integer]
+      define_field :resp_spi, Types::Int64 
+      # @!attribute next
+      #  8-bit next payload type
+      #  @return [Integer]
+      define_field :next, Types::Int8
+      # @!attribute version
+      #  8-bit IKE version
+      #  @return [Integer]
+      define_field :version, Types::Int8, default: 0x20
+      # @!attribute [r] exchange_type
+      #  8-bit exchange type
+      #  @return [Integer]
+      define_field :exchange_type, Types::Int8
+      # @!attribute flags
+      #  8-bit flags
+      #  @return [Integer]
+      define_field :flags, Types::Int8
+      # @!attribute message_id
+      #  32-bit message ID
+      #  @return [Integer]
+      define_field :message_id, Types::Int32
+      # @!attribute length
+      #  32-bit length of total message (header + payloads)
+      #  @return [Integer]
+      define_field :length, Types::Int32
+
+      # Defining a body permits using Packet#parse to parse IKE payloads.
+      # But this method is hidden as prefered way to access payloads is via #payloads
+      define_field :body, Types::String
+
+      # @!attribute mjver
+      #  4-bit major version value
+      #  @return [Integer]
+      # @!attribute mnver
+      #  4-bit minor version value
+      #  @return [Integer]
+      define_bit_fields_on :version, :mjver, 4, :mnver, 4
+
+      # @!attribute rsv1
+      #  @return [Integer]
+      # @!attribute rsv2
+      #  @return [Integer]
+      # @!attribute flag_i
+      #  bit set in message sent by the original initiator
+      #  @return [Boolean]
+      # @!attribute flag_r
+      #  indicate this message is a response to a message containing the same Message ID
+      #  @return [Boolean]
+      # @!attribute flag_v
+      #  version flag. Ignored by IKEv2 peers, and should be set to 0
+      #  @return [Boolean]
+      define_bit_fields_on :flags, :rsv1, 2, :flag_r, :flag_v, :flag_i, :rsv2, 3
+
+      # @param [Hash] options
+      # @see Base#initialize
+      def initialize(options={})
+        super
+        calc_length unless options[:length]
+        self.type = options[:type] if options[:type]
+        self.type = options[:exchange_type] if options[:exchange_type]
+      end
+
+        # Set exchange type
+        # @param [Integer,String] value
+        # @return [Integer]
+      def exchange_type=(value)
+        type = case value
+               when Integer
+                 value
+               else
+                 c = self.class.constants.grep(/TYPE_#{value}/).first
+                 c ? self.class.const_get(c) : nil
+               end
+        raise ArgumentError, "unknown exchange type #{value.inspect}" unless type
+        self[:exchange_type].value = type
+      end
+      alias type exchange_type
+      alias type= exchange_type=
+
+      # Get exchange type name
+      # @return [String
+      def human_exchange_type
+          name = self.class.constants.grep(/TYPE_/).
+                 select { |c| self.class.const_get(c) == type }.
+                 first || "type #{type}"
+          name.to_s.sub(/TYPE_/, '')
+      end
+      alias human_type human_exchange_type
+
+      # Calculate length field
+      # @return [Integer]
+      def calc_length
+        self[:length].value = self.sz
+      end
+
+      # IKE payloads
+      # @return [Array<Payload>]
+      def payloads
+        payloads = []
+        body = self.body
+        while body.is_a?(Payload) do
+          payloads << body
+          body = body.body
+        end
+        payloads
+      end
+
+      # @return [String]
+      def inspect
+        str = Inspect.dashed_line(self.class, 2)
+        to_h.each do |attr, value|
+          next if attr == :body
+          case attr
+          when :flags
+            str_flags = ''
+            %w(r v i).each do |flag|
+              str_flags << (send("flag_#{flag}?") ? flag.upcase : '.')
+            end
+            str << Inspect.shift_level(2)
+            str << Inspect::FMT_ATTR % [value.class.to_s.sub(/.*::/, ''), attr,
+                                        str_flags]
+          when :exchange_type
+            str << Inspect.shift_level(2)
+            str << Inspect::FMT_ATTR % [value.class.to_s.sub(/.*::/, ''), attr,
+                                        human_exchange_type]
+          else
+            str << Inspect.inspect_attribute(attr, value, 2)
+          end
+        end
+        str
+      end
+    end
+
+    self.add_class IKE
+    self.add_class NonESPMarker
+
+    UDP.bind_header IKE, dport: IKE::UDP_PORT1, sport: IKE::UDP_PORT1
+    UDP.bind_header NonESPMarker, dport: IKE::UDP_PORT2, sport: IKE::UDP_PORT2
+    NonESPMarker.bind_header IKE
+  end
+end
+
+require_relative 'ike/payload'

data/lib/packetgen/header/ike/auth.rb

@@ -0,0 +1,197 @@
+# coding: utf-8
+module PacketGen
+  module Header
+    class IKE
+
+      # This class handles Authentication payloads.
+      #
+      # A AUTH payload consists of the IKE generic payload header (see {Payload})
+      # and some specific fields:
+      #                        1                   2                   3
+      #    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Next Payload  |C|  RESERVED   |         Payload Length        |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   | Auth Method   |                RESERVED                       |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      #   |                                                               |
+      #   ~                      Authentication Data                      ~
+      #   |                                                               |
+      #   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      # These specific fields are:
+      # * {#type} (ID type),
+      # * {#reserved},
+      # * and {#content} (Identification Data).
+      #
+      # == Create a KE payload
+      #   # create a IKE packet with a Auth payload
+      #   pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Auth', method: 'SHARED_KEY')
+      #   pkt.calc_length
+      # @author Sylvain Daubert
+      class Auth < Payload
+
+        # Payload type number
+        PAYLOAD_TYPE = 39
+
+        METHOD_RSA_SIGNATURE     = 1
+        METHOD_SHARED_KEY        = 2
+        METHOD_DSA_SIGNATURE     = 3
+        METHOD_ECDSA256          = 9
+        METHOD_ECDSA384          = 10
+        METHOD_ECDSA512          = 11
+        METHOD_PASSWORD          = 12
+        METHOD_NULL              = 13
+        METHOD_DIGITAL_SIGNATURE = 14
+
+        # @attribute :u32
+        #   32-bit word including ID Type and RESERVED fields
+        #   @return [Integer]
+        define_field_before :content, :u32, Types::Int32
+        # @attribute [r] method
+        #   8-bit Auth Method
+        #   @return [Integer]
+        # @attribute reserved
+        #   24-bit reserved field
+        #   @return [Integer]
+        define_bit_fields_on :u32, :method, 8, :reserved, 24
+
+        # Check authentication (see RFC 7296 §2.15)
+        # @param [Packet] init_msg first IKE message sent by peer
+        # @param [String] nonce my nonce, sent in first message
+        # @param [String] sk_p secret key used to compute prf(SK_px, IDx')
+        # @param [Integer] prf PRF type to use (see {Transform}+::PRF_*+ constants)
+        # @param [String] shared_secret shared secret to use as PSK (shared secret
+        #    method only)
+        # @param [OpenSSL::X509::Certificate] cert certificate to check AUTH signature,
+        #   if not embedded in IKE message
+        # @return [Boolean]
+        # @note For now, only NULL, SHARED_KEY and RSA, DSA and ECDSA signatures are
+        #   supported.
+        # @note For certificates, only check AUTH authenticity with given (or guessed
+        #   from packet) certificate, but certificate chain is not verified.
+        def check?(init_msg: nil, nonce: '', sk_p: '', prf: 1, shared_secret: '',
+                   cert: nil)
+          raise TypeError, 'init_msg should be a Packet' unless init_msg.is_a?(Packet)
+          signed_octets = init_msg.ike.to_s
+          signed_octets << nonce
+          id = packet.ike.flag_i? ? packet.ike_idi : packet.ike_idr
+          signed_octets << prf(prf, sk_p, id.to_s[4, id.length - 4])
+
+          case method
+          when METHOD_SHARED_KEY
+            auth  = prf(prf(shared_secret, 'Key Pad for IKEv2'), signed_octets)
+            auth == content
+          when METHOD_RSA_SIGNATURE, METHOD_ECDSA256, METHOD_ECDSA384, METHOD_ECDSA512
+            if packet.ike_cert
+              # FIXME: Expect a ENCODING_X509_CERT_SIG
+              #        Others types not supported for now...
+              cert = OpenSSL::X509::Certificate.new(packet.ike_cert.content)
+            elsif cert.nil?
+              raise CryptoError, 'a certificate should be provided'
+            end
+
+            text = cert.to_text
+            m = text.match(/Public Key Algorithm: ([a-zA-Z0-9-]+)/)
+            digest = case m[1]
+                     when 'id-ecPublicKey'
+                       m2 = text.match(/Public-Key: \((\d+) bit\)/)
+                       case m2[1]
+                       when '256'
+                         OpenSSL::Digest::SHA256.new
+                       when '384'
+                         OpenSSL::Digest::SHA384.new
+                       when '521'
+                         OpenSSL::Digest::SHA512.new
+                       end
+                     when /sha([235]\d+)/
+                       OpenSSL::Digest.const_get("SHA#{$1}").new
+                     when /sha1/, 'rsaEncryption'
+                       OpenSSL::Digest::SHA1.new
+                     end
+            signature = format_signature(cert.public_key, content.to_s)
+            cert.public_key.verify(digest, signature, signed_octets)
+          when METHOD_NULL
+            true
+          else
+            raise NotImplementedError, "unsupported method #{human_method}"
+          end
+        end
+
+        # Set Auth method
+        # @param [Integer,String] value
+        # @return [Integer]
+        def method=(value)
+          method = case value
+               when Integer
+                 value
+               else
+                 c = self.class.constants.grep(/METHOD_#{value}/).first
+                 c ? self.class.const_get(c) : nil
+               end
+          raise ArgumentError, "unknown auth method #{value.inspect}" unless method
+          self[:u32].value = (self[:u32].to_i & 0xffffff) | (method << 24)
+        end
+
+        # Get authentication method name
+        # @return [String]
+        def human_method
+          name = self.class.constants.grep(/METHOD_/).
+                 select { |c| self.class.const_get(c) == method }.
+                 first || "method #{method}"
+          name.to_s.sub(/METHOD_/, '')
+        end
+
+        # @return [String]
+        def inspect
+          str = Inspect.dashed_line(self.class, 2)
+          fields.each do |attr|
+            case attr
+            when :body
+              next
+            when :u32
+              str << Inspect.shift_level(2)
+              str << Inspect::FMT_ATTR % ['Int8', :method, human_method]
+              str << Inspect.inspect_attribute(:reserved, self.reserved, 2)
+            else
+              str << Inspect.inspect_attribute(attr, self[attr], 2)
+            end
+          end
+          str
+        end
+
+        private
+
+        def prf(type, key, msg)
+          case type
+          when Transform::PRF_HMAC_MD5, Transform::PRF_HMAC_SHA1,
+               Transform::PRF_HMAC_SHA2_256, Transform::PRF_HMAC_SHA2_384,
+               Transform::PRF_HMAC_SHA2_512
+            digestname = Transform.constants.grep(/PRF_/).
+                         select { |c| Transform.const_get(c) == type }.first.
+                         to_s.sub(/^PRF_HMAC_/, '').sub(/2_/, '')
+            digest = OpenSSL::Digest.const_get(digestname).new
+          else
+            raise NotImplementedError, 'for now, only HMAC-based PRF are supported'
+          end
+          hmac = OpenSSL::HMAC.new(key, digest)
+          hmac << msg
+          hmac.digest
+        end
+
+        def format_signature(pkey, sig)
+          if pkey.is_a?(OpenSSL::PKey::EC)
+            # PKey::EC need a signature as a DER string representing a sequence of
+            # 2 integers: r and s
+            r = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sig[0, sig.size / 2], 2).to_i)
+            s = OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(sig[sig.size / 2,
+                                                               sig.size / 2], 2).to_i)
+            OpenSSL::ASN1::Sequence.new([r, s]).to_der
+          else
+            sig
+          end
+        end
+      end
+    end
+  end
+end
+