Class: PacketGen::Plugin::IKE

Inherits:
Header::Base
  • Object
show all
Defined in:
lib/packetgen/plugin/ike.rb,
lib/packetgen/plugin/ike/vendor_id.rb,
lib/packetgen/plugin/ike/payload.rb,
lib/packetgen/plugin/ike/certreq.rb,
lib/packetgen/plugin/ike/notify.rb,
lib/packetgen/plugin/ike/nonce.rb,
lib/packetgen/plugin/ike/cert.rb,
lib/packetgen/plugin/ike/auth.rb,
lib/packetgen/plugin/ike/ts.rb,
lib/packetgen/plugin/ike/sk.rb,
lib/packetgen/plugin/ike/sa.rb,
lib/packetgen/plugin/ike/ke.rb,
lib/packetgen/plugin/ike/id.rb

Overview

IKE is the Internet Key Exchange protocol (RFC 7296). Ony IKEv2 is supported.

A IKE Plugin consists of a Plugin, and a set of payloads. This class handles IKE Plugin. For payloads, see Payload.

IKE Plugin

The format of a IKE Plugin is shown below:

                     1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                       IKE SA Initiator's SPI                  |
|                                                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                       IKE SA Responder's SPI                  |
|                                                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Next Payload | MjVer | MnVer | Exchange Type |     Flags     |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                          Message ID                           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                            Length                             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

A IKE Plugin consists of:

  • a IKE SA initiator SPI (#init_spi, Types::Int64 type),

  • a IKE SA responder SPI (#resp_spi, Types::Int64 type),

  • a Next Payload field (#next, Types::Int8 type),

  • a Version field (#version, Types::Int8 type, with first 4-bit field as major number, and last 4-bit field as minor number),

  • a Exchange type (#exchange_type, Types::Int8 type),

  • a #flags field (Types::Int8 type),

  • a Message ID (#message_id, Types::Int32 type),

  • and a #length (Types::Int32 type).

Create a IKE Plugin

Standalone

ike = PacketGen::Plugin::IKE.new

Classical IKE packet

pkt = PacketGen.gen('IP').add('UDP').add('IKE')
# access to IKE Plugin
pkt.ike    # => PacketGen::Plugin::IKE

NAT-T IKE packet

# NonESPMarker is used to insert a 32-bit null field between UDP Plugin
# and IKE one to differentiate it from ESP-in-UDP (see RFC 3948)
pkt = PacketGen.gen('IP').add('UDP').add('NonESPMarker').add('IKE)

Author:

  • Sylvain Daubert

Defined Under Namespace

Classes: Attribute, Attributes, Auth, Cert, CertReq, IDi, IDr, KE, Nonce, Notify, Payload, SA, SAProposal, SAProposals, SK, TSi, TSr, TrafficSelector, TrafficSelectors, Transform, Transforms, VendorID

Constant Summary collapse

UDP_PORT1 =

Classical well-known UDP port for IKE

500
UDP_PORT2 =

Well-known UDP port for IKE when NAT is detected

4500
PROTOCOLS =

Protocols supported by IKE

{
  'IKE' => 1,
  'AH' => 2,
  'ESP' => 3
}.freeze
EXCHANGE_TYPES =

Known echange types

{
  'IKE_SA_INIT' => 34,
  'IKE_AUTH' => 35,
  'CREATE_CHILD_SA' => 36,
  'INFORMATIONAL' => 37
}.freeze

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(options = {}) ⇒ IKE

Returns a new instance of IKE.

See Also:

  • Header::Base#initialize


156
157
158
159
160
161
 
# File 'lib/packetgen/plugin/ike.rb', line 156

def initialize(options={})
  super
  calc_length unless options[:length]
  self.type = options[:type] if options[:type]
  self.type = options[:exchange_type] if options[:exchange_type]
end

Instance Attribute Details

#exchange_typeInteger (readonly) Also known as: type

8-bit exchange type



113
 
# File 'lib/packetgen/plugin/ike.rb', line 113

define_field :exchange_type, PacketGen::Types::Int8Enum, enum: EXCHANGE_TYPES

#flag_iBoolean

bit set in message sent by the original initiator



152
 
# File 'lib/packetgen/plugin/ike.rb', line 152

define_bit_fields_on :flags, :rsv1, 2, :flag_r, :flag_v, :flag_i, :rsv2, 3

#flag_rBoolean

indicate this message is a response to a message containing the same Message ID



152
 
# File 'lib/packetgen/plugin/ike.rb', line 152

define_bit_fields_on :flags, :rsv1, 2, :flag_r, :flag_v, :flag_i, :rsv2, 3

#flag_vBoolean

version flag. Ignored by IKEv2 peers, and should be set to 0



152
 
# File 'lib/packetgen/plugin/ike.rb', line 152

define_bit_fields_on :flags, :rsv1, 2, :flag_r, :flag_v, :flag_i, :rsv2, 3

#flagsInteger

8-bit flags



117
 
# File 'lib/packetgen/plugin/ike.rb', line 117

define_field :flags, PacketGen::Types::Int8

#init_spiInteger

64-bit initiator SPI



97
 
# File 'lib/packetgen/plugin/ike.rb', line 97

define_field :init_spi, PacketGen::Types::Int64

#lengthInteger

32-bit length of total message (Plugin + payloads)



125
 
# File 'lib/packetgen/plugin/ike.rb', line 125

define_field :length, PacketGen::Types::Int32

#message_idInteger

32-bit message ID



121
 
# File 'lib/packetgen/plugin/ike.rb', line 121

define_field :message_id, PacketGen::Types::Int32

#mjverInteger

4-bit major version value



137
 
# File 'lib/packetgen/plugin/ike.rb', line 137

define_bit_fields_on :version, :mjver, 4, :mnver, 4

#mnverInteger

4-bit minor version value



137
 
# File 'lib/packetgen/plugin/ike.rb', line 137

define_bit_fields_on :version, :mjver, 4, :mnver, 4

#nextInteger

8-bit next payload type



105
 
# File 'lib/packetgen/plugin/ike.rb', line 105

define_field :next, PacketGen::Types::Int8

#resp_spiInteger

64-bit responder SPI



101
 
# File 'lib/packetgen/plugin/ike.rb', line 101

define_field :resp_spi, PacketGen::Types::Int64

#rsv1Integer 



152
 
# File 'lib/packetgen/plugin/ike.rb', line 152

define_bit_fields_on :flags, :rsv1, 2, :flag_r, :flag_v, :flag_i, :rsv2, 3

#rsv2Integer 



152
 
# File 'lib/packetgen/plugin/ike.rb', line 152

define_bit_fields_on :flags, :rsv1, 2, :flag_r, :flag_v, :flag_i, :rsv2, 3

#versionInteger

8-bit IKE version



109
 
# File 'lib/packetgen/plugin/ike.rb', line 109

define_field :version, PacketGen::Types::Int8, default: 0x20

Instance Method Details

#added_to_packet(packet) ⇒ void

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Note:

This method is used internally by PacketGen and should not be directly called

This method returns an undefined value.



220
221
222
223
224
225
226
227
228
229
 
# File 'lib/packetgen/plugin/ike.rb', line 220

def added_to_packet(packet)
  return unless packet.is? 'UDP'
  return unless packet.udp.sport.zero?

  packet.udp.sport = if packet.is?('NonESPMarker')
                       UDP_PORT2
                     else
                       UDP_PORT1
                     end
end

#calc_lengthInteger

Calculate length field



175
176
177
 
# File 'lib/packetgen/plugin/ike.rb', line 175

def calc_length
  PacketGen::Header::Base.calculate_and_set_length self
end

#human_exchange_typeString Also known as: human_type

Get exchange type name



168
169
170
 
# File 'lib/packetgen/plugin/ike.rb', line 168

def human_exchange_type
  self[:exchange_type].to_human
end

#inspectString 



192
193
194
195
196
197
198
199
200
201
202
203
204
205
 
# File 'lib/packetgen/plugin/ike.rb', line 192

def inspect
  super do |attr|
    case attr
    when :flags
      str_flags = +''
      %w[r v i].each do |flag|
        str_flags << (send("flag_#{flag}?") ? flag.upcase : '.')
      end
      str = PacketGen::Inspect.shift_level
      str << PacketGen::Inspect::FMT_ATTR % [self[attr].class.to_s.sub(/.*::/, ''), attr,
                                  str_flags]
    end
  end
end

#payloadsArray<Payload>

IKE payloads



181
182
183
184
185
186
187
188
189
 
# File 'lib/packetgen/plugin/ike.rb', line 181

def payloads
  payloads = []
  body = self.body
  while body.is_a?(Payload)
    payloads << body
    body = body.body
  end
  payloads
end

#reply!self

Toggle I and R flags.



209
210
211
212
213
 
# File 'lib/packetgen/plugin/ike.rb', line 209

def reply!
  self.flag_r = !self.flag_r?
  self.flag_i = !self.flag_i?
  self
end