packetgen 2.8.7 → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +0 -1
- data/README.md +5 -4
- data/lib/packetgen.rb +6 -12
- data/lib/packetgen/capture.rb +43 -39
- data/lib/packetgen/config.rb +0 -1
- data/lib/packetgen/deprecation.rb +1 -1
- data/lib/packetgen/header.rb +9 -9
- data/lib/packetgen/header/asn1_base.rb +10 -10
- data/lib/packetgen/header/base.rb +42 -101
- data/lib/packetgen/header/dhcp/option.rb +5 -11
- data/lib/packetgen/header/dhcpv6/duid.rb +2 -0
- data/lib/packetgen/header/dhcpv6/option.rb +2 -19
- data/lib/packetgen/header/dhcpv6/options.rb +7 -0
- data/lib/packetgen/header/dns.rb +5 -23
- data/lib/packetgen/header/dns/name.rb +1 -0
- data/lib/packetgen/header/dns/qdsection.rb +1 -0
- data/lib/packetgen/header/dns/question.rb +3 -7
- data/lib/packetgen/header/dns/rr.rb +3 -0
- data/lib/packetgen/header/dns/rrsection.rb +1 -0
- data/lib/packetgen/header/dot11.rb +1 -17
- data/lib/packetgen/header/dot1x.rb +1 -0
- data/lib/packetgen/header/eap.rb +4 -7
- data/lib/packetgen/header/eth.rb +2 -0
- data/lib/packetgen/header/http/headers.rb +3 -0
- data/lib/packetgen/header/http/request.rb +5 -4
- data/lib/packetgen/header/http/response.rb +5 -4
- data/lib/packetgen/header/icmp.rb +6 -0
- data/lib/packetgen/header/icmpv6.rb +6 -0
- data/lib/packetgen/header/igmpv3/mq.rb +2 -0
- data/lib/packetgen/header/ip.rb +32 -30
- data/lib/packetgen/header/ip/addr.rb +1 -0
- data/lib/packetgen/header/ip/option.rb +23 -20
- data/lib/packetgen/header/ip/options.rb +11 -24
- data/lib/packetgen/header/ipv6.rb +45 -34
- data/lib/packetgen/header/ipv6/addr.rb +2 -0
- data/lib/packetgen/header/ipv6/hop_by_hop.rb +7 -31
- data/lib/packetgen/header/mdns.rb +1 -0
- data/lib/packetgen/header/mldv2/mlq.rb +2 -0
- data/lib/packetgen/header/ospfv2/lsa.rb +15 -25
- data/lib/packetgen/header/ospfv3/ipv6_prefix.rb +1 -1
- data/lib/packetgen/header/ospfv3/lsa.rb +8 -25
- data/lib/packetgen/header/snmp.rb +2 -0
- data/lib/packetgen/header/tcp.rb +23 -2
- data/lib/packetgen/header/tcp/option.rb +51 -52
- data/lib/packetgen/header/tcp/options.rb +17 -52
- data/lib/packetgen/header/tftp.rb +3 -0
- data/lib/packetgen/header/udp.rb +8 -0
- data/lib/packetgen/packet.rb +119 -102
- data/lib/packetgen/pcapng/block.rb +4 -10
- data/lib/packetgen/pcapng/epb.rb +4 -4
- data/lib/packetgen/pcapng/file.rb +7 -3
- data/lib/packetgen/pcapng/idb.rb +2 -2
- data/lib/packetgen/pcapng/shb.rb +3 -3
- data/lib/packetgen/pcapng/spb.rb +1 -8
- data/lib/packetgen/pcapng/unknown_block.rb +0 -7
- data/lib/packetgen/types.rb +1 -0
- data/lib/packetgen/types/array.rb +73 -71
- data/lib/packetgen/types/cstring.rb +1 -1
- data/lib/packetgen/types/enum.rb +3 -3
- data/lib/packetgen/types/fields.rb +66 -106
- data/lib/packetgen/types/int.rb +9 -5
- data/lib/packetgen/types/length_from.rb +45 -0
- data/lib/packetgen/types/oui.rb +2 -0
- data/lib/packetgen/types/string.rb +10 -16
- data/lib/packetgen/types/tlv.rb +7 -15
- data/lib/packetgen/utils.rb +8 -8
- data/lib/packetgen/utils/arp_spoofer.rb +1 -2
- data/lib/packetgen/version.rb +1 -1
- metadata +3 -21
- data/lib/packetgen/header/crypto.rb +0 -62
- data/lib/packetgen/header/esp.rb +0 -413
- data/lib/packetgen/header/ike.rb +0 -243
- data/lib/packetgen/header/ike/auth.rb +0 -165
- data/lib/packetgen/header/ike/cert.rb +0 -76
- data/lib/packetgen/header/ike/certreq.rb +0 -66
- data/lib/packetgen/header/ike/id.rb +0 -99
- data/lib/packetgen/header/ike/ke.rb +0 -79
- data/lib/packetgen/header/ike/nonce.rb +0 -40
- data/lib/packetgen/header/ike/notify.rb +0 -176
- data/lib/packetgen/header/ike/payload.rb +0 -315
- data/lib/packetgen/header/ike/sa.rb +0 -561
- data/lib/packetgen/header/ike/sk.rb +0 -261
- data/lib/packetgen/header/ike/ts.rb +0 -270
- data/lib/packetgen/header/ike/vendor_id.rb +0 -39
- data/lib/packetgen/header/netbios.rb +0 -20
- data/lib/packetgen/header/netbios/datagram.rb +0 -105
- data/lib/packetgen/header/netbios/name.rb +0 -67
- data/lib/packetgen/header/netbios/session.rb +0 -64
@@ -1,315 +0,0 @@
|
|
1
|
-
# This file is part of PacketGen
|
2
|
-
# See https://github.com/sdaubert/packetgen for more informations
|
3
|
-
# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
|
4
|
-
# This program is published under MIT license.
|
5
|
-
|
6
|
-
# frozen_string_literal: true
|
7
|
-
|
8
|
-
module PacketGen
|
9
|
-
module Header
|
10
|
-
class IKE
|
11
|
-
# Base class for IKE payloads. This class may also be used for unknown payloads.
|
12
|
-
#
|
13
|
-
# This class handles generic IKE payload header:
|
14
|
-
# 1 2 3
|
15
|
-
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
16
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
17
|
-
# | Next Payload |C| RESERVED | Payload Length |
|
18
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
19
|
-
# to which a {#content} field is added to handle content of unknown payload types.
|
20
|
-
# @author Sylvain Daubert
|
21
|
-
class Payload < Base
|
22
|
-
# @!attribute next
|
23
|
-
# 8-bit next payload
|
24
|
-
# @return [Integer]
|
25
|
-
define_field :next, Types::Int8
|
26
|
-
# @!attribute flags
|
27
|
-
# 8-bit flags
|
28
|
-
# @return [Integer]
|
29
|
-
define_field :flags, Types::Int8
|
30
|
-
# @!attribute length
|
31
|
-
# 16-bit payload total length, including generic payload header
|
32
|
-
# @return [Integer]
|
33
|
-
define_field :length, Types::Int16
|
34
|
-
# @!attribute content
|
35
|
-
# Payload content. Depends on payload. Variable length.
|
36
|
-
# @return [String]
|
37
|
-
define_field :content, Types::String
|
38
|
-
|
39
|
-
# Defining a body permits using Packet#parse to parse next IKE payloads.
|
40
|
-
define_field :body, Types::String
|
41
|
-
|
42
|
-
# @!attribute critical
|
43
|
-
# critical flag
|
44
|
-
# @return [Boolean]
|
45
|
-
# @!attribute hreserved
|
46
|
-
# reserved part of {#flags} field
|
47
|
-
# @return [Integer]
|
48
|
-
define_bit_fields_on :flags, :critical, :hreserved, 7
|
49
|
-
|
50
|
-
def initialize(options={})
|
51
|
-
super
|
52
|
-
self[:length].value = sz unless options[:length]
|
53
|
-
end
|
54
|
-
|
55
|
-
# @private
|
56
|
-
alias base_read read
|
57
|
-
|
58
|
-
# Populate object from a string
|
59
|
-
# @param [String] str
|
60
|
-
# @return [self]
|
61
|
-
def read(str)
|
62
|
-
base_read str
|
63
|
-
unless self[:content].nil?
|
64
|
-
content_length = length - self.class.new.sz
|
65
|
-
if content_length >= 0
|
66
|
-
self[:body] = self[:content][content_length..-1]
|
67
|
-
self[:content] = self[:content][0, content_length]
|
68
|
-
end
|
69
|
-
end
|
70
|
-
self
|
71
|
-
end
|
72
|
-
|
73
|
-
# Compute length and set {#length} field
|
74
|
-
# @return [Integer] new length
|
75
|
-
def calc_length
|
76
|
-
# Here, #body is next payload, so body size should not be taken in
|
77
|
-
# account (payload's real body is #content).
|
78
|
-
self[:length].value = sz - body.sz
|
79
|
-
end
|
80
|
-
end
|
81
|
-
end
|
82
|
-
|
83
|
-
self.add_class IKE::Payload
|
84
|
-
end
|
85
|
-
end
|
86
|
-
|
87
|
-
# here, future payloads to be required
|
88
|
-
require_relative 'sa'
|
89
|
-
require_relative 'ke'
|
90
|
-
require_relative 'nonce'
|
91
|
-
require_relative 'notify'
|
92
|
-
require_relative 'sk'
|
93
|
-
require_relative 'id'
|
94
|
-
require_relative 'cert'
|
95
|
-
require_relative 'certreq'
|
96
|
-
require_relative 'auth'
|
97
|
-
require_relative 'ts'
|
98
|
-
require_relative 'vendor_id'
|
99
|
-
|
100
|
-
module PacketGen
|
101
|
-
module Header
|
102
|
-
IKE.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
103
|
-
IKE::Payload.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
104
|
-
IKE::KE.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
105
|
-
IKE::Nonce.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
106
|
-
IKE::Notify.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
107
|
-
IKE::SK.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
108
|
-
IKE::IDi.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
109
|
-
IKE::IDr.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
110
|
-
IKE::Cert.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
111
|
-
IKE::CertReq.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
112
|
-
IKE::Auth.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
113
|
-
IKE::TSi.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
114
|
-
IKE::TSr.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
115
|
-
IKE::VendorID.bind IKE::SA, next: IKE::SA::PAYLOAD_TYPE
|
116
|
-
|
117
|
-
IKE.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
118
|
-
IKE::Payload.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
119
|
-
IKE::SA.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
120
|
-
IKE::Nonce.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
121
|
-
IKE::Notify.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
122
|
-
IKE::SK.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
123
|
-
IKE::IDi.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
124
|
-
IKE::IDr.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
125
|
-
IKE::Cert.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
126
|
-
IKE::CertReq.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
127
|
-
IKE::Auth.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
128
|
-
IKE::TSi.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
129
|
-
IKE::TSr.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
130
|
-
IKE::VendorID.bind IKE::KE, next: IKE::KE::PAYLOAD_TYPE
|
131
|
-
|
132
|
-
IKE.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
133
|
-
IKE::Payload.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
134
|
-
IKE::SA.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
135
|
-
IKE::KE.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
136
|
-
IKE::Notify.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
137
|
-
IKE::SK.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
138
|
-
IKE::IDi.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
139
|
-
IKE::IDr.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
140
|
-
IKE::Cert.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
141
|
-
IKE::CertReq.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
142
|
-
IKE::Auth.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
143
|
-
IKE::TSi.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
144
|
-
IKE::TSr.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
145
|
-
IKE::VendorID.bind IKE::Nonce, next: IKE::Nonce::PAYLOAD_TYPE
|
146
|
-
|
147
|
-
IKE.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
148
|
-
IKE::Payload.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
149
|
-
IKE::SA.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
150
|
-
IKE::KE.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
151
|
-
IKE::Nonce.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
152
|
-
IKE::Notify.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
153
|
-
IKE::SK.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
154
|
-
IKE::IDi.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
155
|
-
IKE::IDr.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
156
|
-
IKE::Cert.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
157
|
-
IKE::CertReq.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
158
|
-
IKE::Auth.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
159
|
-
IKE::TSi.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
160
|
-
IKE::TSr.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
161
|
-
IKE::VendorID.bind IKE::Notify, next: IKE::Notify::PAYLOAD_TYPE
|
162
|
-
|
163
|
-
IKE.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
164
|
-
IKE::Payload.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
165
|
-
IKE::SA.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
166
|
-
IKE::KE.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
167
|
-
IKE::Nonce.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
168
|
-
IKE::Notify.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
169
|
-
IKE::IDi.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
170
|
-
IKE::IDr.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
171
|
-
IKE::Cert.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
172
|
-
IKE::CertReq.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
173
|
-
IKE::Auth.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
174
|
-
IKE::TSi.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
175
|
-
IKE::TSr.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
176
|
-
IKE::VendorID.bind IKE::SK, next: IKE::SK::PAYLOAD_TYPE
|
177
|
-
|
178
|
-
IKE.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
179
|
-
IKE::Payload.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
180
|
-
IKE::SA.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
181
|
-
IKE::KE.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
182
|
-
IKE::Nonce.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
183
|
-
IKE::Notify.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
184
|
-
IKE::SK.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
185
|
-
IKE::IDr.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
186
|
-
IKE::Cert.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
187
|
-
IKE::CertReq.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
188
|
-
IKE::Auth.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
189
|
-
IKE::TSi.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
190
|
-
IKE::TSr.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
191
|
-
IKE::VendorID.bind IKE::IDi, next: IKE::IDi::PAYLOAD_TYPE
|
192
|
-
|
193
|
-
IKE.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
194
|
-
IKE::Payload.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
195
|
-
IKE::SA.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
196
|
-
IKE::KE.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
197
|
-
IKE::Nonce.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
198
|
-
IKE::Notify.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
199
|
-
IKE::SK.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
200
|
-
IKE::IDi.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
201
|
-
IKE::Cert.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
202
|
-
IKE::CertReq.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
203
|
-
IKE::Auth.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
204
|
-
IKE::TSi.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
205
|
-
IKE::TSr.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
206
|
-
IKE::VendorID.bind IKE::IDr, next: IKE::IDr::PAYLOAD_TYPE
|
207
|
-
|
208
|
-
IKE.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
209
|
-
IKE::Payload.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
210
|
-
IKE::SA.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
211
|
-
IKE::KE.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
212
|
-
IKE::Nonce.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
213
|
-
IKE::Notify.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
214
|
-
IKE::SK.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
215
|
-
IKE::IDi.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
216
|
-
IKE::IDr.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
217
|
-
IKE::CertReq.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
218
|
-
IKE::Auth.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
219
|
-
IKE::TSi.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
220
|
-
IKE::TSr.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
221
|
-
IKE::VendorID.bind IKE::Cert, next: IKE::Cert::PAYLOAD_TYPE
|
222
|
-
|
223
|
-
IKE.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
224
|
-
IKE::Payload.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
225
|
-
IKE::SA.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
226
|
-
IKE::KE.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
227
|
-
IKE::Nonce.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
228
|
-
IKE::Notify.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
229
|
-
IKE::SK.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
230
|
-
IKE::IDi.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
231
|
-
IKE::IDr.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
232
|
-
IKE::Cert.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
233
|
-
IKE::Auth.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
234
|
-
IKE::TSi.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
235
|
-
IKE::TSr.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
236
|
-
IKE::VendorID.bind IKE::CertReq, next: IKE::CertReq::PAYLOAD_TYPE
|
237
|
-
|
238
|
-
IKE.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
239
|
-
IKE::Payload.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
240
|
-
IKE::SA.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
241
|
-
IKE::KE.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
242
|
-
IKE::Nonce.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
243
|
-
IKE::Notify.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
244
|
-
IKE::SK.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
245
|
-
IKE::IDi.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
246
|
-
IKE::IDr.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
247
|
-
IKE::Cert.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
248
|
-
IKE::CertReq.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
249
|
-
IKE::TSi.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
250
|
-
IKE::TSr.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
251
|
-
IKE::VendorID.bind IKE::Auth, next: IKE::Auth::PAYLOAD_TYPE
|
252
|
-
|
253
|
-
IKE.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
254
|
-
IKE::Payload.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
255
|
-
IKE::SA.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
256
|
-
IKE::KE.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
257
|
-
IKE::Nonce.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
258
|
-
IKE::Notify.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
259
|
-
IKE::SK.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
260
|
-
IKE::IDi.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
261
|
-
IKE::IDr.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
262
|
-
IKE::Cert.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
263
|
-
IKE::CertReq.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
264
|
-
IKE::Auth.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
265
|
-
IKE::TSr.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
266
|
-
IKE::VendorID.bind IKE::TSi, next: IKE::TSi::PAYLOAD_TYPE
|
267
|
-
|
268
|
-
IKE.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
269
|
-
IKE::Payload.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
270
|
-
IKE::SA.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
271
|
-
IKE::KE.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
272
|
-
IKE::Nonce.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
273
|
-
IKE::Notify.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
274
|
-
IKE::SK.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
275
|
-
IKE::IDi.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
276
|
-
IKE::IDr.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
277
|
-
IKE::Cert.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
278
|
-
IKE::CertReq.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
279
|
-
IKE::Auth.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
280
|
-
IKE::TSi.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
281
|
-
IKE::VendorID.bind IKE::TSr, next: IKE::TSr::PAYLOAD_TYPE
|
282
|
-
|
283
|
-
IKE.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
284
|
-
IKE::Payload.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
285
|
-
IKE::SA.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
286
|
-
IKE::KE.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
287
|
-
IKE::Nonce.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
288
|
-
IKE::Notify.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
289
|
-
IKE::SK.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
290
|
-
IKE::IDi.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
291
|
-
IKE::IDr.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
292
|
-
IKE::Cert.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
293
|
-
IKE::CertReq.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
294
|
-
IKE::Auth.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
295
|
-
IKE::TSi.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
296
|
-
IKE::TSr.bind IKE::VendorID, next: IKE::VendorID::PAYLOAD_TYPE
|
297
|
-
|
298
|
-
# Last defined. To be used as default if no other may be parsed.
|
299
|
-
IKE::SA.bind IKE::Payload, next: ->(v) { v > 0 }
|
300
|
-
IKE::KE.bind IKE::Payload, next: ->(v) { v > 0 }
|
301
|
-
IKE::Nonce.bind IKE::Payload, next: ->(v) { v > 0 }
|
302
|
-
IKE::Notify.bind IKE::Payload, next: ->(v) { v > 0 }
|
303
|
-
IKE::SK.bind IKE::Payload, next: ->(v) { v > 0 }
|
304
|
-
IKE::IDi.bind IKE::Payload, next: ->(v) { v > 0 }
|
305
|
-
IKE::IDr.bind IKE::Payload, next: ->(v) { v > 0 }
|
306
|
-
IKE::Cert.bind IKE::Payload, next: ->(v) { v > 0 }
|
307
|
-
IKE::CertReq.bind IKE::Payload, next: ->(v) { v > 0 }
|
308
|
-
IKE::Auth.bind IKE::Payload, next: ->(v) { v > 0 }
|
309
|
-
IKE::TSi.bind IKE::Payload, next: ->(v) { v > 0 }
|
310
|
-
IKE::TSr.bind IKE::Payload, next: ->(v) { v > 0 }
|
311
|
-
IKE::VendorID.bind IKE::Payload, next: ->(v) { v > 0 }
|
312
|
-
IKE.bind IKE::Payload, next: ->(v) { v > 0 }
|
313
|
-
IKE::Payload.bind IKE::Payload, next: ->(v) { v > 0 }
|
314
|
-
end
|
315
|
-
end
|
@@ -1,561 +0,0 @@
|
|
1
|
-
# coding: utf-8
|
2
|
-
# This file is part of PacketGen
|
3
|
-
# See https://github.com/sdaubert/packetgen for more informations
|
4
|
-
# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
|
5
|
-
# This program is published under MIT license.
|
6
|
-
|
7
|
-
# frozen_string_literal: true
|
8
|
-
|
9
|
-
module PacketGen
|
10
|
-
module Header
|
11
|
-
class IKE
|
12
|
-
# Transform attribute.
|
13
|
-
# 1 2 3
|
14
|
-
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
15
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
16
|
-
# |A| Attribute Type | AF=0 Attribute Length |
|
17
|
-
# |F| | AF=1 Attribute Value |
|
18
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
19
|
-
# | AF=0 Attribute Value |
|
20
|
-
# | AF=1 Not Transmitted |
|
21
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
22
|
-
# Such an attribute may have a TLV (Type/length/value) format if AF=0,
|
23
|
-
# or a TV format (AF=1).
|
24
|
-
# @author Sylvain Daubert
|
25
|
-
class Attribute < Types::Fields
|
26
|
-
TYPE_KEY_LENGTH = 14
|
27
|
-
|
28
|
-
# @!attribute type
|
29
|
-
# attribute type
|
30
|
-
# @return [Integer]
|
31
|
-
define_field :type, Types::Int16
|
32
|
-
# @!attribute length
|
33
|
-
# attribute length
|
34
|
-
# @return [Integer]
|
35
|
-
define_field :length, Types::Int16
|
36
|
-
# @!attribute value
|
37
|
-
# attribute value
|
38
|
-
# @return [Integer]
|
39
|
-
define_field :value, Types::Int32
|
40
|
-
|
41
|
-
def initialize(options={})
|
42
|
-
super
|
43
|
-
if tv_format?
|
44
|
-
self[:length].value = (options[:value] & 0xffff)
|
45
|
-
else
|
46
|
-
self[:length].value = 8 unless options[:length]
|
47
|
-
end
|
48
|
-
end
|
49
|
-
|
50
|
-
# @return [Integer]
|
51
|
-
def length
|
52
|
-
tv_format? ? 4 : self[:length].to_i
|
53
|
-
end
|
54
|
-
|
55
|
-
# @return [Integer]
|
56
|
-
def value
|
57
|
-
tv_format? ? self[:length].to_i : self[:value].to_i
|
58
|
-
end
|
59
|
-
|
60
|
-
# Populate object from a string
|
61
|
-
# @param [String] str
|
62
|
-
# @return [self]
|
63
|
-
def read(str)
|
64
|
-
return self if str.nil?
|
65
|
-
force_binary str
|
66
|
-
self[:type].read str[0, 2]
|
67
|
-
self[:length].read str[2, 2]
|
68
|
-
self[:value].read str[4, 4] unless tv_format?
|
69
|
-
self
|
70
|
-
end
|
71
|
-
|
72
|
-
# Get binary string
|
73
|
-
# @return [String]
|
74
|
-
def to_s
|
75
|
-
str = self[:type].to_s + self[:length].to_s
|
76
|
-
str << self[:value].to_s unless tv_format?
|
77
|
-
str
|
78
|
-
end
|
79
|
-
|
80
|
-
# Get a human readable string
|
81
|
-
# @return [String]
|
82
|
-
def to_human
|
83
|
-
name = self.class.constants.grep(/TYPE_/)
|
84
|
-
.detect { |c| self.class.const_get(c) == (type & 0x7fff) } || "attr[#{type & 0x7fff}]"
|
85
|
-
name = name.to_s.sub(/TYPE_/, '')
|
86
|
-
"#{name}=#{value}"
|
87
|
-
end
|
88
|
-
|
89
|
-
# Say if attribute use TV format (+true+) or TLV one (+false+)
|
90
|
-
# @return [Boolean]
|
91
|
-
def tv_format?
|
92
|
-
type & 0x8000 == 0x8000
|
93
|
-
end
|
94
|
-
end
|
95
|
-
|
96
|
-
# Set of {Attribute} in a {Transform}
|
97
|
-
# @author Sylvain Daubert
|
98
|
-
class Attributes < Types::Array
|
99
|
-
set_of Attribute
|
100
|
-
end
|
101
|
-
|
102
|
-
# SA Tranform substructure, as defined in RFC 7296 §3.3.2
|
103
|
-
# 1 2 3
|
104
|
-
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
105
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
106
|
-
# | Last Substruc | RESERVED | Transform Length |
|
107
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
108
|
-
# |Transform Type | RESERVED | Transform ID |
|
109
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
110
|
-
# | |
|
111
|
-
# ~ Transform Attributes ~
|
112
|
-
# | |
|
113
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
114
|
-
#
|
115
|
-
# == Create a Transform
|
116
|
-
# # using type and id names
|
117
|
-
# trans = PacketGen::Header::IKE::Transform.new(type: 'ENCR', id: 'AES_CBC')
|
118
|
-
# # using integer values
|
119
|
-
# trans = PacketGen::Header::IKE::Transform.new(type: 1, id: 12)
|
120
|
-
# == Add attributes to a transform
|
121
|
-
# # using an Attribute object
|
122
|
-
# attr = PacketGen::Header::IKE::Attribute.new(type: 14, value: 128)
|
123
|
-
# trans.attributes << attr
|
124
|
-
# # using a hash
|
125
|
-
# trans.attributes << { type: 14, value: 128 }
|
126
|
-
# @author Sylvain Daubert
|
127
|
-
class Transform < Types::Fields
|
128
|
-
TYPES = {
|
129
|
-
'ENCR' => 1,
|
130
|
-
'PRF' => 2,
|
131
|
-
'INTG' => 3,
|
132
|
-
'DH' => 4,
|
133
|
-
'ESN' => 5
|
134
|
-
}.freeze
|
135
|
-
|
136
|
-
ENCR_DES_IV64 = 1
|
137
|
-
ENCR_DES = 2
|
138
|
-
ENCR_3DES = 3
|
139
|
-
ENCR_RC5 = 4
|
140
|
-
ENCR_IDEA = 5
|
141
|
-
ENCR_CAST = 6
|
142
|
-
ENCR_BLOWFISH = 7
|
143
|
-
ENCR_3IDEA = 8
|
144
|
-
ENCR_DES_IV32 = 9
|
145
|
-
ENCR_AES_CBC = 12
|
146
|
-
ENCR_AES_CTR = 13
|
147
|
-
ENCR_AES_CCM8 = 14
|
148
|
-
ENCR_AES_CCM12 = 15
|
149
|
-
ENCR_AES_CCM16 = 16
|
150
|
-
ENCR_AES_GCM8 = 18
|
151
|
-
ENCR_AES_GCM12 = 19
|
152
|
-
ENCR_AES_GCM16 = 20
|
153
|
-
ENCR_CAMELLIA_CBC = 23
|
154
|
-
ENCR_CAMELLIA_CTR = 24
|
155
|
-
ENCR_CAMELLIA_CCM8 = 25
|
156
|
-
ENCR_CAMELLIA_CCM12 = 26
|
157
|
-
ENCR_CAMELLIA_CCM16 = 27
|
158
|
-
ENCR_CHACHA20_POLY1305 = 28
|
159
|
-
|
160
|
-
PRF_HMAC_MD5 = 1
|
161
|
-
PRF_HMAC_SHA1 = 2
|
162
|
-
PRF_AES128_XCBC = 4
|
163
|
-
PRF_HMAC_SHA2_256 = 5
|
164
|
-
PRF_HMAC_SHA2_384 = 6
|
165
|
-
PRF_HMAC_SHA2_512 = 7
|
166
|
-
PRF_AES128_CMAC = 8
|
167
|
-
|
168
|
-
INTG_NONE = 0
|
169
|
-
INTG_HMAC_MD5_96 = 1
|
170
|
-
INTG_HMAC_SHA1_96 = 2
|
171
|
-
INTG_AES_XCBC_96 = 5
|
172
|
-
INTG_HMAC_MD5_128 = 6
|
173
|
-
INTG_HMAC_SHA1_160 = 7
|
174
|
-
INTG_AES_CMAC_96 = 8
|
175
|
-
INTG_AES128_GMAC = 9
|
176
|
-
INTG_AES192_GMAC = 10
|
177
|
-
INTG_AES256_GMAC = 11
|
178
|
-
INTG_HMAC_SHA2_256_128 = 12
|
179
|
-
INTG_HMAC_SHA2_384_192 = 13
|
180
|
-
INTG_HMAC_SHA2_512_256 = 14
|
181
|
-
|
182
|
-
DH_NONE = 0
|
183
|
-
DH_MODP768 = 1
|
184
|
-
DH_MODP1024 = 2
|
185
|
-
DH_MODP1536 = 5
|
186
|
-
DH_MODP2048 = 14
|
187
|
-
DH_MODP3072 = 15
|
188
|
-
DH_MODP4096 = 16
|
189
|
-
DH_MODP6144 = 17
|
190
|
-
DH_MODP8192 = 18
|
191
|
-
DH_ECP256 = 19
|
192
|
-
DH_ECP384 = 20
|
193
|
-
DH_ECP521 = 21
|
194
|
-
DH_BRAINPOOLP224 = 27
|
195
|
-
DH_BRAINPOOLP256 = 28
|
196
|
-
DH_BRAINPOOLP384 = 29
|
197
|
-
DH_BRAINPOOLP512 = 30
|
198
|
-
DH_CURVE25519 = 31
|
199
|
-
DH_CURVE448 = 32
|
200
|
-
|
201
|
-
ESN_NO_ESN = 0
|
202
|
-
ESN_ESN = 1
|
203
|
-
|
204
|
-
# @!attribute last
|
205
|
-
# 8-bit last substructure. Specifies whether or not this is the
|
206
|
-
# last Transform Substructure in the Proposal. This field has a value of 0
|
207
|
-
# if this was the last Transform Substructure, and a value of 3 if
|
208
|
-
# there are more Transform Substructures.
|
209
|
-
# @return [Integer]
|
210
|
-
define_field :last, Types::Int8
|
211
|
-
# @!attribute rsv1
|
212
|
-
# 8-bit reserved field
|
213
|
-
# @return [Integer]
|
214
|
-
define_field :rsv1, Types::Int8
|
215
|
-
# @!attribute length
|
216
|
-
# 16-bit proposal length
|
217
|
-
# @return [Integer]
|
218
|
-
define_field :length, Types::Int16
|
219
|
-
# @!attribute [r] type
|
220
|
-
# 8-bit transform type. The Transform Type is the cryptographic
|
221
|
-
# algorithm type (i.e. encryption, PRF, integrity, etc.)
|
222
|
-
# @return [Integer]
|
223
|
-
define_field :type, Types::Int8Enum, enum: TYPES
|
224
|
-
# @!attribute rsv2
|
225
|
-
# 8-bit reserved field
|
226
|
-
# @return [Integer]
|
227
|
-
define_field :rsv2, Types::Int8
|
228
|
-
# @!attribute [r] id
|
229
|
-
# 16-bit transform ID. The Transform ID is the specific instance of
|
230
|
-
# the proposed transform type.
|
231
|
-
# @return [Integer]
|
232
|
-
define_field :id, Types::Int16
|
233
|
-
# @!attribute attributes
|
234
|
-
# Set of attributes for this transform
|
235
|
-
# @return [Attributes]
|
236
|
-
define_field :attributes, Attributes
|
237
|
-
|
238
|
-
def initialize(options={})
|
239
|
-
super
|
240
|
-
self[:length].value = sz unless options[:length]
|
241
|
-
self.type = options[:type] if options[:type]
|
242
|
-
self.id = options[:id] if options[:id]
|
243
|
-
end
|
244
|
-
|
245
|
-
# Set transform ID
|
246
|
-
# @param [Integer,String] value
|
247
|
-
# @return [Integer]
|
248
|
-
def id=(value)
|
249
|
-
id = case value
|
250
|
-
when Integer
|
251
|
-
value
|
252
|
-
else
|
253
|
-
c = self.class.constants.grep(/#{human_type}_#{value}/).first
|
254
|
-
c ? self.class.const_get(c) : nil
|
255
|
-
end
|
256
|
-
raise ArgumentError, "unknown ID #{value.inspect}" unless id
|
257
|
-
self[:id].value = id
|
258
|
-
end
|
259
|
-
|
260
|
-
# Populate object from a string
|
261
|
-
# @param [String] str
|
262
|
-
# @return [self]
|
263
|
-
def read(str)
|
264
|
-
super
|
265
|
-
hlen = self.class.new.sz
|
266
|
-
attr_len = length - hlen
|
267
|
-
attributes.read(str[hlen, attr_len])
|
268
|
-
self
|
269
|
-
end
|
270
|
-
|
271
|
-
# Compute length and set {#length} field
|
272
|
-
# @return [Integer] new length
|
273
|
-
def calc_length
|
274
|
-
Base.calculate_and_set_length self
|
275
|
-
end
|
276
|
-
|
277
|
-
# Get a human readable string
|
278
|
-
# @return [String]
|
279
|
-
def to_human
|
280
|
-
h = "#{human_type}(#{human_id}".dup
|
281
|
-
h << ",#{attributes.to_human}" unless attributes.empty?
|
282
|
-
h << ')'
|
283
|
-
end
|
284
|
-
|
285
|
-
# Get human-readable type
|
286
|
-
# @return [String]
|
287
|
-
def human_type
|
288
|
-
if self[:type].enum.value? self.type
|
289
|
-
self[:type].to_human
|
290
|
-
else
|
291
|
-
"type[#{self.type}]"
|
292
|
-
end
|
293
|
-
end
|
294
|
-
|
295
|
-
# Get human-readable ID
|
296
|
-
# @return [String]
|
297
|
-
def human_id
|
298
|
-
name = self.class.constants.grep(/#{human_type}_/)
|
299
|
-
.detect { |c| self.class.const_get(c) == id } || "ID=#{id}"
|
300
|
-
name.to_s.sub(/#{human_type}_/, '')
|
301
|
-
end
|
302
|
-
|
303
|
-
# Say if this transform is the last one (from {#last} field)
|
304
|
-
# @return [Boolean,nil] returns a Boolean when {#last} has defined value (+0+ => +true+, +3+ => +false+), else +nil+ is returned.
|
305
|
-
def last?
|
306
|
-
case last
|
307
|
-
when 0
|
308
|
-
true
|
309
|
-
when 3
|
310
|
-
false
|
311
|
-
end
|
312
|
-
end
|
313
|
-
end
|
314
|
-
|
315
|
-
# Set of {Transform} in a {SAProposal}
|
316
|
-
# @author Sylvain Daubert
|
317
|
-
class Transforms < Types::Array
|
318
|
-
set_of Transform
|
319
|
-
|
320
|
-
# Same as {Types::Array#push} but update previous {Transform#last} attribute
|
321
|
-
# @see Types::Array#push
|
322
|
-
def push(trans)
|
323
|
-
super
|
324
|
-
self[-2].last = 3 if size > 1
|
325
|
-
self[-1].last = 0
|
326
|
-
self
|
327
|
-
end
|
328
|
-
end
|
329
|
-
|
330
|
-
# SA Proposal, as defined in RFC 7296 §3.3.1
|
331
|
-
# 1 2 3
|
332
|
-
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
333
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
334
|
-
# | Last Substruc | RESERVED | Proposal Length |
|
335
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
336
|
-
# | Proposal Num | Protocol ID | SPI Size |Num Transforms|
|
337
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
338
|
-
# ~ SPI (variable) ~
|
339
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
340
|
-
# | |
|
341
|
-
# ~ <Transforms> ~
|
342
|
-
# | |
|
343
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
344
|
-
#
|
345
|
-
# == Create a proposal
|
346
|
-
# # using protocol name
|
347
|
-
# proposal = PacketGen::Header::IKE::Proposal.new(num: 1, protocol: 'IKE')
|
348
|
-
# # using integer values
|
349
|
-
# proposal = PacketGen::Header::IKE::Proposal.new(num: 1, protocol: 1)
|
350
|
-
# == Add transforms to a proposal
|
351
|
-
# # using a Transform object
|
352
|
-
# trans = PacketGen::Header::IKE::Transform.new(type: 'ENCR', id: '3DES')
|
353
|
-
# proposal.transforms << trans
|
354
|
-
# # using a hash
|
355
|
-
# proposal.transforms << { type: 'ENCR', id: '3DES' }
|
356
|
-
# @author Sylvain Daubert
|
357
|
-
class SAProposal < Types::Fields
|
358
|
-
# @!attribute last
|
359
|
-
# 8-bit last substructure. Specifies whether or not this is the
|
360
|
-
# last Proposal Substructure in the SA. This field has a value of 0
|
361
|
-
# if this was the last Proposal Substructure, and a value of 2 if
|
362
|
-
# there are more Proposal Substructures.
|
363
|
-
# @return [Integer]
|
364
|
-
define_field :last, Types::Int8
|
365
|
-
# @!attribute reserved
|
366
|
-
# 8-bit reserved field
|
367
|
-
# @return [Integer]
|
368
|
-
define_field :reserved, Types::Int8
|
369
|
-
# @!attribute length
|
370
|
-
# 16-bit proposal length
|
371
|
-
# @return [Integer]
|
372
|
-
define_field :length, Types::Int16
|
373
|
-
# @!attribute num
|
374
|
-
# 8-bit proposal number. When a proposal is made, the first
|
375
|
-
# proposal in an SA payload MUST be 1, and subsequent proposals MUST
|
376
|
-
# be one more than the previous proposal (indicating an OR of the
|
377
|
-
# two proposals). When a proposal is accepted, the proposal number
|
378
|
-
# in the SA payload MUST match the number on the proposal sent that
|
379
|
-
# was accepted.
|
380
|
-
# @return [Integer]
|
381
|
-
define_field :num, Types::Int8, default: 1
|
382
|
-
# @!attribute [r] protocol
|
383
|
-
# 8-bit protocol ID. Specify IPsec protocol currently negociated.
|
384
|
-
# May 1 (IKE), 2 (AH) or 3 (ESP).
|
385
|
-
# @return [Integer]
|
386
|
-
define_field :protocol, Types::Int8
|
387
|
-
# @!attribute spi_size
|
388
|
-
# 8-bit SPI size. Give size of SPI field. Set to 0 for an initial IKE SA
|
389
|
-
# negotiation, as SPI is obtained from outer header.
|
390
|
-
# @return [Integer]
|
391
|
-
define_field :spi_size, Types::Int8, default: 0
|
392
|
-
# @!attribute num_trans
|
393
|
-
# 8-bit number of transformations
|
394
|
-
# @return [Integer]
|
395
|
-
define_field :num_trans, Types::Int8, default: 0
|
396
|
-
# @!attribute spi
|
397
|
-
# the sending entity's SPI. When the {#spi_size} field is zero,
|
398
|
-
# this field is not present in the proposal.
|
399
|
-
# @return [String]
|
400
|
-
define_field :spi, Types::String, builder: ->(h, t) { t.new(length_from: h[:spi_size]) }
|
401
|
-
# @!attribute transforms
|
402
|
-
# 8-bit set of tranforms for this proposal
|
403
|
-
# @return [Transforms]
|
404
|
-
define_field :transforms, Transforms, builder: ->(h, t) { t.new(counter: h[:num_trans]) }
|
405
|
-
|
406
|
-
def initialize(options={})
|
407
|
-
if options[:spi] && options[:spi_size].nil?
|
408
|
-
options[:spi_size] = options[:spi].size
|
409
|
-
end
|
410
|
-
super
|
411
|
-
self[:length].value = sz unless options[:length]
|
412
|
-
self.protocol = options[:protocol] if options[:protocol]
|
413
|
-
end
|
414
|
-
|
415
|
-
# Set protocol
|
416
|
-
# @param [Integer,String] value
|
417
|
-
# @return [Integer]
|
418
|
-
def protocol=(value)
|
419
|
-
proto = case value
|
420
|
-
when Integer
|
421
|
-
value
|
422
|
-
else
|
423
|
-
c = IKE.constants.grep(/PROTO_#{value}/).first
|
424
|
-
c ? IKE.const_get(c) : nil
|
425
|
-
end
|
426
|
-
raise ArgumentError, "unknown protocol #{value.inspect}" unless proto
|
427
|
-
self[:protocol].value = proto
|
428
|
-
end
|
429
|
-
|
430
|
-
# Populate object from a string
|
431
|
-
# @param [String] str
|
432
|
-
# @return [self]
|
433
|
-
def read(str)
|
434
|
-
super
|
435
|
-
hlen = self.class.new.sz + spi_size
|
436
|
-
tlen = length - hlen
|
437
|
-
transforms.read(str[hlen, tlen])
|
438
|
-
self
|
439
|
-
end
|
440
|
-
|
441
|
-
# Compute length and set {#length} field
|
442
|
-
# @return [Integer] new length
|
443
|
-
def calc_length
|
444
|
-
transforms.each(&:calc_length)
|
445
|
-
Base.calculate_and_set_length self
|
446
|
-
end
|
447
|
-
|
448
|
-
# Get a human readable string
|
449
|
-
# @return [String]
|
450
|
-
def to_human
|
451
|
-
str = "##{num} #{human_protocol}".dup
|
452
|
-
case spi_size
|
453
|
-
when 4
|
454
|
-
str << '(spi:0x%08x)' % Types::Int32.new.read(spi).to_i
|
455
|
-
when 8
|
456
|
-
str << '(spi:0x%016x)' % Types::Int64.new.read(spi).to_i
|
457
|
-
end
|
458
|
-
str << ":#{transforms.to_human}"
|
459
|
-
end
|
460
|
-
|
461
|
-
# Get protocol name
|
462
|
-
# @return [String]
|
463
|
-
def human_protocol
|
464
|
-
name = IKE.constants.grep(/PROTO/)
|
465
|
-
.detect { |c| IKE.const_get(c) == protocol } || "proto #{protocol}"
|
466
|
-
name.to_s.sub(/PROTO_/, '')
|
467
|
-
end
|
468
|
-
|
469
|
-
# Say if this proposal is the last one (from {#last} field)
|
470
|
-
# @return [Boolean,nil] returns a Boolean when {#last} has defined value
|
471
|
-
# (+0+ => +true+, +2+ => +false+), else +nil+ is returned.
|
472
|
-
def last?
|
473
|
-
case last
|
474
|
-
when 0
|
475
|
-
true
|
476
|
-
when 2
|
477
|
-
false
|
478
|
-
end
|
479
|
-
end
|
480
|
-
end
|
481
|
-
|
482
|
-
# Set of {SAProposal}
|
483
|
-
# @author Sylvain Daubert
|
484
|
-
class SAProposals < Types::Array
|
485
|
-
set_of SAProposal
|
486
|
-
|
487
|
-
# Separator used between proposals in {#to_human}
|
488
|
-
HUMAN_SEPARATOR = '; '
|
489
|
-
|
490
|
-
# Same as {Types::Array#push} but update previous {SAProposal#last} attribute
|
491
|
-
# @see Types::Array#push
|
492
|
-
def push(prop)
|
493
|
-
super
|
494
|
-
self[-2].last = 2 if size > 1
|
495
|
-
self[-1].last = 0
|
496
|
-
self
|
497
|
-
end
|
498
|
-
end
|
499
|
-
|
500
|
-
# This class handles Security Assocation payloads, as defined in RFC 7296 §3.3.
|
501
|
-
#
|
502
|
-
# A SA payload contains a generic payload header (see {Payload}) and a set of
|
503
|
-
# {SAProposal} ({#proposals} field, which is a {SAProposals} object):
|
504
|
-
# 1 2 3
|
505
|
-
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
506
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
507
|
-
# | Next Payload |C| RESERVED | Payload Length |
|
508
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
509
|
-
# | |
|
510
|
-
# ~ <Proposals> ~
|
511
|
-
# | |
|
512
|
-
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
513
|
-
#
|
514
|
-
# == Create a SA payload
|
515
|
-
# # Create a IKE packet with a SA payload
|
516
|
-
# pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::SA')
|
517
|
-
# # add a proposal. Protocol name is taken from SAProposal::PROTO_* constants
|
518
|
-
# pkt.ike_sa.proposals << { num: 1, protocol: 'ESP' }
|
519
|
-
# # add a transform to this proposal.
|
520
|
-
# # type name is taken from Transform::TYPE_* constants.
|
521
|
-
# # ID is taken from Transform::<TYPE>_* constants.
|
522
|
-
# pkt.ike_sa.proposals.first.transforms << { type: 'ENCR', id: 'AES_CTR' }
|
523
|
-
# # and finally, add an attribute to this transform (here, KEY_SIZE = 128 bits)
|
524
|
-
# pkt.ike_sa.proposals[0].transforms[0].attributes << { type: 0x800e, value: 128 }
|
525
|
-
# pkt.calc_length
|
526
|
-
# @author Sylvain Daubert
|
527
|
-
class SA < Payload
|
528
|
-
# Payload type number
|
529
|
-
PAYLOAD_TYPE = 33
|
530
|
-
|
531
|
-
remove_field :content
|
532
|
-
|
533
|
-
# @!attribute proposals
|
534
|
-
# Set of SA proposals
|
535
|
-
# @return [SAProposals]
|
536
|
-
define_field_before :body, :proposals, SAProposals
|
537
|
-
|
538
|
-
# Populate object from a string
|
539
|
-
# @param [String] str
|
540
|
-
# @return [self]
|
541
|
-
def read(str)
|
542
|
-
super
|
543
|
-
hlen = self.class.new.sz
|
544
|
-
plen = length - hlen
|
545
|
-
proposals.read str[hlen, plen]
|
546
|
-
body.read str[hlen + plen..-1]
|
547
|
-
self
|
548
|
-
end
|
549
|
-
|
550
|
-
# Compute length and set {#length} field
|
551
|
-
# @return [Integer] new length
|
552
|
-
def calc_length
|
553
|
-
proposals.each(&:calc_length)
|
554
|
-
super
|
555
|
-
end
|
556
|
-
end
|
557
|
-
end
|
558
|
-
|
559
|
-
self.add_class IKE::SA
|
560
|
-
end
|
561
|
-
end
|