1 ############################## 2 % IPsec layer regression tests 3 ############################## 4 5 ~ crypto 6 7 ############################################################################### 8 + IPv4 / ESP - Transport - Encryption Algorithms 9 10 ####################################### 11 = IPv4 / ESP - Transport - NULL - NULL 12 ~ -crypto 13 14 import socket 15 16 p = IP(src='1.1.1.1', dst='2.2.2.2') 17 p /= TCP(sport=45012, dport=80) 18 p /= Raw('testdata') 19 p = IP(raw(p)) 20 p 21 22 sa = SecurityAssociation(ESP, spi=0x222, 23 crypt_algo='NULL', crypt_key=None, 24 auth_algo='NULL', auth_key=None) 25 26 e = sa.encrypt(p) 27 e 28 29 assert(isinstance(e, IP)) 30 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 31 assert(e.chksum != p.chksum) 32 assert(e.proto == socket.IPPROTO_ESP) 33 assert(e.haslayer(ESP)) 34 assert(not e.haslayer(TCP)) 35 assert(e[ESP].spi == sa.spi) 36 assert(b'testdata' in e[ESP].data) 37 38 d = sa.decrypt(e) 39 d 40 41 * after decryption the original packet payload should be unaltered 42 assert(d[TCP] == p[TCP]) 43 44 ####################################### 45 = IPv4 / ESP - Transport - DES - NULL 46 47 p = IP(src='1.1.1.1', dst='2.2.2.2') 48 p /= TCP(sport=45012, dport=80) 49 p /= Raw('testdata') 50 p = IP(raw(p)) 51 p 52 53 sa = SecurityAssociation(ESP, spi=0x222, 54 crypt_algo='DES', crypt_key=b'8bytekey', 55 auth_algo='NULL', auth_key=None) 56 57 e = sa.encrypt(p) 58 e 59 60 assert(isinstance(e, IP)) 61 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 62 assert(e.chksum != p.chksum) 63 * the encrypted packet should have an ESP layer 64 assert(e.proto == socket.IPPROTO_ESP) 65 assert(e.haslayer(ESP)) 66 assert(not e.haslayer(TCP)) 67 assert(e[ESP].spi == sa.spi) 68 * after encryption the original packet payload should NOT be readable 69 assert(b'testdata' not in e[ESP].data) 70 71 d = sa.decrypt(e) 72 d 73 74 * after decryption the original packet payload should be unaltered 75 assert(d[TCP] == p[TCP]) 76 77 # Generated with Linux 4.4.0-62-generic #83-Ubuntu 78 # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ 79 # mode tunnel enc 'cbc(des)' '0x38627974656b6579' auth digest_null '' flag align4 80 ref = IP() \ 81 / ESP(spi=0x222, 82 data=b'\x0f\x6d\x2f\x3d\x1e\xc1\x0b\xc2\xb6\x8f\xfd\x67\x39\xc0\x96\x2c' 83 b'\x17\x79\x88\xf6\xbc\x4d\xf7\x45\xd8\x36\x63\x86\xcd\x08\x7c\x08' 84 b'\x2b\xf8\xa2\x91\x18\x21\x88\xd9\x26\x00\xc5\x21\x24\xbf\x8f\xf5' 85 b'\x6c\x47\xb0\x3a\x8e\xdb\x75\x21\xd9\x33\x85\x5a\x15\xc6\x31\x00' 86 b'\x1c\xef\x3e\x12\xce\x70\xec\x8f\x48\xc7\x81\x9b\x66\xcb\xf5\x39' 87 b'\x91\xb3\x8e\x72\xfb\x7f\x64\x65\x6c\xf4\xa9\xf2\x5e\x63\x2f\x60', 88 seq=1) 89 90 d_ref = sa.decrypt(ref) 91 d_ref 92 93 * Check for ICMP layer in decrypted reference 94 assert(d_ref.haslayer(ICMP)) 95 96 ####################################### 97 = IPv4 / ESP - Transport - 3DES - NULL 98 99 p = IP(src='1.1.1.1', dst='2.2.2.2') 100 p /= TCP(sport=45012, dport=80) 101 p /= Raw('testdata') 102 p = IP(raw(p)) 103 p 104 105 sa = SecurityAssociation(ESP, spi=0x222, 106 crypt_algo='3DES', crypt_key=b'threedifferent8byteskeys', 107 auth_algo='NULL', auth_key=None) 108 109 e = sa.encrypt(p) 110 e 111 112 assert(isinstance(e, IP)) 113 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 114 assert(e.chksum != p.chksum) 115 * the encrypted packet should have an ESP layer 116 assert(e.proto == socket.IPPROTO_ESP) 117 assert(e.haslayer(ESP)) 118 assert(not e.haslayer(TCP)) 119 assert(e[ESP].spi == sa.spi) 120 * after encryption the original packet payload should NOT be readable 121 assert(b'testdata' not in e[ESP].data) 122 123 d = sa.decrypt(e) 124 d 125 126 * after decryption the original packet payload should be unaltered 127 assert(d[TCP] == p[TCP]) 128 129 # Generated with Linux 4.4.0-62-generic #83-Ubuntu 130 # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ 131 # mode tunnel enc 'cbc(des3_ede)' '0x7468726565646966666572656e743862797465736b657973' auth digest_null '' flag align4 132 ref = IP() \ 133 / ESP(spi=0x222, 134 data=b'\x36\x5c\x9b\x41\x37\xc8\x59\x1e\x39\x63\xe8\x6b\xf7\x0d\x97\x54' 135 b'\x13\x84\xf6\x81\x66\x19\xe7\xcb\x75\x94\xf1\x0b\x8e\xa3\xf1\xa0' 136 b'\x3e\x88\x51\xc4\x50\xd0\xa9\x1f\x16\x25\xc6\xbd\xe9\x0b\xdc\xae' 137 b'\xf8\x13\x00\xa3\x8c\x53\xee\x1c\x96\xc0\xfe\x99\x70\xab\x94\x77' 138 b'\xd7\xc4\xe8\xfd\x9f\x96\x28\xb8\x95\x20\x86\x7b\x19\xbc\x8f\xf5' 139 b'\x96\xb0\x7e\xcc\x04\x83\xae\x4d\xa3\xba\x1d\x44\xf0\xba\x2e\xcd', 140 seq=1) 141 142 d_ref = sa.decrypt(ref) 143 d_ref 144 145 * Check for ICMP layer in decrypted reference 146 assert(d_ref.haslayer(ICMP)) 147 148 ####################################### 149 = IPv4 / ESP - Transport - AES-CBC - NULL 150 151 p = IP(src='1.1.1.1', dst='2.2.2.2') 152 p /= TCP(sport=45012, dport=80) 153 p /= Raw('testdata') 154 p = IP(raw(p)) 155 p 156 157 sa = SecurityAssociation(ESP, spi=0x222, 158 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 159 auth_algo='NULL', auth_key=None) 160 161 e = sa.encrypt(p) 162 e 163 164 assert(isinstance(e, IP)) 165 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 166 assert(e.chksum != p.chksum) 167 assert(e.proto == socket.IPPROTO_ESP) 168 assert(e.haslayer(ESP)) 169 assert(not e.haslayer(TCP)) 170 assert(e[ESP].spi == sa.spi) 171 * after encryption the original packet payload should NOT be readable 172 assert(b'testdata' not in e[ESP].data) 173 174 d = sa.decrypt(e) 175 d 176 177 * after decryption the original packet payload should be unaltered 178 assert(d[TCP] == p[TCP]) 179 180 # Generated with Linux 4.4.0-62-generic #83-Ubuntu 181 # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ 182 # mode tunnel enc 'cbc(aes)' '0x7369787465656e6279746573206b6579' auth digest_null '' flag align4 183 ref = IP() \ 184 / ESP(spi=0x222, 185 data=b'\x08\x2f\x94\xe6\x53\xd8\x8e\x13\x70\xe8\xff\x61\x52\x90\x27\x3c' 186 b'\xf2\xb4\x1f\x75\xd2\xa0\xac\xae\x1c\xa8\x5e\x1c\x78\x21\x4c\x7f' 187 b'\xc3\x30\x17\x6a\x8d\xf3\xb1\xa7\xd1\xa8\x42\x01\xd6\x8d\x2d\x7e' 188 b'\x5d\x06\xdf\xaa\x05\x27\x42\xb1\x00\x12\xcf\xff\x64\x02\x5a\x40' 189 b'\xcd\xca\x1b\x91\xba\xf8\xc8\x59\xe7\xbd\x4d\x19\xb4\x8d\x39\x25' 190 b'\x6c\x73\xf1\x2d\xaa\xee\xe1\x0b\x71\xcd\xfc\x11\x1d\x56\xce\x60' 191 b'\xed\xd2\x32\x87\xd4\x90\xc3\xf5\x31\x47\x97\x69\x83\x82\x6d\x38', 192 seq=1) 193 194 d_ref = sa.decrypt(ref) 195 d_ref 196 197 * Check for ICMP layer in decrypted reference 198 assert(d_ref.haslayer(ICMP)) 199 200 ####################################### 201 = IPv4 / ESP - Transport - AES-CTR - NULL 202 203 p = IP(src='1.1.1.1', dst='2.2.2.2') 204 p /= TCP(sport=45012, dport=80) 205 p /= Raw('testdata') 206 p = IP(raw(p)) 207 p 208 209 sa = SecurityAssociation(ESP, spi=0x222, 210 crypt_algo='AES-CTR', crypt_key=b'16bytekey+4bytenonce', 211 auth_algo='NULL', auth_key=None) 212 213 e = sa.encrypt(p) 214 e 215 216 assert(isinstance(e, IP)) 217 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 218 assert(e.chksum != p.chksum) 219 assert(e.proto == socket.IPPROTO_ESP) 220 assert(e.haslayer(ESP)) 221 assert(not e.haslayer(TCP)) 222 assert(e[ESP].spi == sa.spi) 223 * after encryption the original packet payload should NOT be readable 224 assert(b'testdata' not in e[ESP].data) 225 226 d = sa.decrypt(e) 227 d 228 229 * after decryption original packet should be preserved 230 assert(d[TCP] == p[TCP]) 231 232 # Generated with Linux 4.4.0-62-generic #83-Ubuntu 233 # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ 234 # mode tunnel enc 'rfc3686(ctr(aes))' '0x3136627974656b65792b34627974656e6f6e6365' auth digest_null '' flag align4 235 ref = IP() \ 236 / ESP(spi=0x222, 237 data=b'\xc4\xca\x09\x0f\x8b\xd3\x05\x3d\xac\x5a\x2f\x87\xca\x71\x10\x01' 238 b'\xa7\x95\xc9\x07\xcc\xd4\x05\x58\x65\x23\x22\x4b\x63\x9b\x1f\xef' 239 b'\x55\xb9\x1a\x91\x52\x76\x00\xf7\x94\x7b\x1d\xe1\x8e\x03\x2e\x85' 240 b'\xad\xdd\x83\x22\x8a\xc3\x88\x6e\x85\xf5\x9b\xed\xa9\x6e\xb1\xc3' 241 b'\x78\x00\x2f\xcd\x77\xe8\x3e\xec\x0e\x77\x94\xb2\x9b\x0f\x64\x5e' 242 b'\x09\x83\x03\x7d\x83\x22\x39\xbb\x94\x66\xae\x9f\xbf\x01\xda\xfb', 243 seq=1) 244 245 d_ref = sa.decrypt(ref) 246 d_ref 247 248 * Check for ICMP layer in decrypted reference 249 assert(d_ref.haslayer(ICMP)) 250 251 ####################################### 252 = IPv4 / ESP - Transport - Blowfish - NULL 253 254 p = IP(src='1.1.1.1', dst='2.2.2.2') 255 p /= TCP(sport=45012, dport=80) 256 p /= Raw('testdata') 257 p = IP(raw(p)) 258 p 259 260 sa = SecurityAssociation(ESP, spi=0x222, 261 crypt_algo='Blowfish', crypt_key=b'sixteenbytes key', 262 auth_algo='NULL', auth_key=None) 263 264 e = sa.encrypt(p) 265 e 266 267 assert(isinstance(e, IP)) 268 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 269 assert(e.chksum != p.chksum) 270 assert(e.proto == socket.IPPROTO_ESP) 271 assert(e.haslayer(ESP)) 272 assert(not e.haslayer(TCP)) 273 assert(e[ESP].spi == sa.spi) 274 * after encryption the original packet payload should NOT be readable 275 assert(b'testdata' not in e[ESP].data) 276 277 d = sa.decrypt(e) 278 d 279 280 * after decryption original packet should be preserved 281 assert(d[TCP] == p[TCP]) 282 283 # Generated with Linux 4.4.0-62-generic #83-Ubuntu 284 # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ 285 # mode tunnel enc 'cbc(blowfish)' '0x7369787465656e6279746573206b6579' auth digest_null '' flag align4 286 ref = IP() \ 287 / ESP(spi=0x222, 288 data=b'\x93\x9f\x5a\x10\x55\x57\x30\xa0\xb4\x00\x72\x1e\x46\x42\x46\x20' 289 b'\xbc\x01\xef\xc3\x79\xcc\x3e\x55\x64\xba\x09\xc2\x6a\x5a\x5c\xb3' 290 b'\xcc\xb5\xd5\x87\x82\xb0\x0a\x94\x58\xfc\x50\x37\x40\xe1\x03\xd3' 291 b'\x4a\x09\xb2\x23\x53\x56\xa4\x45\x4c\xbb\x81\x1c\xdb\x31\xa7\x67' 292 b'\xbd\x38\x8e\xba\x55\xd9\x1f\xf1\x3c\xeb\x07\x4c\x02\xb0\x3e\xc5' 293 b'\xf6\x60\xdd\x68\xe1\xd4\xec\xee\x27\xc0\x6d\x1a\x80\xe2\xcc\x7d', 294 seq=1) 295 296 d_ref = sa.decrypt(ref) 297 d_ref 298 299 * Check for ICMP layer in decrypted reference 300 assert(d_ref.haslayer(ICMP)) 301 302 ####################################### 303 = IPv4 / ESP - Transport - CAST - NULL 304 305 p = IP(src='1.1.1.1', dst='2.2.2.2') 306 p /= TCP(sport=45012, dport=80) 307 p /= Raw('testdata') 308 p = IP(raw(p)) 309 p 310 311 sa = SecurityAssociation(ESP, spi=0x222, 312 crypt_algo='CAST', crypt_key=b'sixteenbytes key', 313 auth_algo='NULL', auth_key=None) 314 315 e = sa.encrypt(p) 316 e 317 318 assert(isinstance(e, IP)) 319 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 320 assert(e.chksum != p.chksum) 321 assert(e.proto == socket.IPPROTO_ESP) 322 assert(e.haslayer(ESP)) 323 assert(not e.haslayer(TCP)) 324 assert(e[ESP].spi == sa.spi) 325 * after encryption the original packet payload should NOT be readable 326 assert(b'testdata' not in e[ESP].data) 327 328 d = sa.decrypt(e) 329 d 330 331 * after decryption original packet should be preserved 332 assert(d[TCP] == p[TCP]) 333 334 # Generated with Linux 4.4.0-62-generic #83-Ubuntu 335 # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ 336 # mode tunnel enc 'cbc(cast5)' '0x7369787465656e6279746573206b6579' auth digest_null '' flag align4 337 ref = IP() \ 338 / ESP(spi=0x222, 339 data=b'\xcd\x4a\x46\x05\x51\x54\x73\x35\x1d\xad\x4b\x10\xc1\x15\xe2\x70' 340 b'\xbc\x9c\x53\x8f\x4d\x1c\x87\x1a\xc1\xb0\xdf\x80\xd1\x0c\xa4\x59' 341 b'\xe6\x50\xde\x46\xdb\x3f\x28\xc2\xda\x6c\x2b\x81\x5e\x7c\x7b\x4f' 342 b'\xbc\x8d\xc1\x6d\x4a\x2b\x04\x91\x9e\xc4\x0b\xba\x05\xba\x3b\x71' 343 b'\xac\xe3\x16\xcf\x7f\x00\xc5\x87\x7d\x72\x48\xe6\x5b\x43\x19\x24' 344 b'\xae\xa6\x2c\xcc\xad\xbf\x37\x6c\x6e\xea\x71\x67\x73\xd6\x11\x9f', 345 seq=1) 346 347 d_ref = sa.decrypt(ref) 348 d_ref 349 350 * Check for ICMP layer in decrypted reference 351 assert(d_ref.haslayer(ICMP)) 352 353 ############################################################################### 354 + IPv4 / ESP - Tunnel - Encryption Algorithms 355 356 ####################################### 357 = IPv4 / ESP - Tunnel - NULL - NULL 358 ~ -crypto 359 360 p = IP(src='1.1.1.1', dst='2.2.2.2') 361 p /= TCP(sport=45012, dport=80) 362 p /= Raw('testdata') 363 p = IP(raw(p)) 364 p 365 366 sa = SecurityAssociation(ESP, spi=0x222, 367 crypt_algo='NULL', crypt_key=None, 368 auth_algo='NULL', auth_key=None, 369 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 370 371 e = sa.encrypt(p) 372 e 373 374 assert(isinstance(e, IP)) 375 * after encryption packet should be encapsulated with the given ip tunnel header 376 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 377 assert(e.chksum != p.chksum) 378 assert(e.proto == socket.IPPROTO_ESP) 379 assert(e.haslayer(ESP)) 380 assert(not e.haslayer(TCP)) 381 assert(e[ESP].spi == sa.spi) 382 assert(b'testdata' in e[ESP].data) 383 384 d = sa.decrypt(e) 385 d 386 387 * after decryption the original packet payload should be unaltered 388 assert(d[TCP] == p[TCP]) 389 390 ####################################### 391 = IPv4 / ESP - Tunnel - DES - NULL 392 393 p = IP(src='1.1.1.1', dst='2.2.2.2') 394 p /= TCP(sport=45012, dport=80) 395 p /= Raw('testdata') 396 p = IP(raw(p)) 397 p 398 399 sa = SecurityAssociation(ESP, spi=0x222, 400 crypt_algo='DES', crypt_key=b'8bytekey', 401 auth_algo='NULL', auth_key=None, 402 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 403 404 e = sa.encrypt(p) 405 e 406 407 assert(isinstance(e, IP)) 408 * after encryption packet should be encapsulated with the given ip tunnel header 409 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 410 assert(e.chksum != p.chksum) 411 * the encrypted packet should have an ESP layer 412 assert(e.proto == socket.IPPROTO_ESP) 413 assert(e.haslayer(ESP)) 414 assert(not e.haslayer(TCP)) 415 assert(e[ESP].spi == sa.spi) 416 * after encryption the original packet payload should NOT be readable 417 assert(b'testdata' not in e[ESP].data) 418 419 d = sa.decrypt(e) 420 d 421 422 * after decryption the original packet payload should be unaltered 423 assert(d[TCP] == p[TCP]) 424 425 ####################################### 426 = IPv4 / ESP - Tunnel - 3DES - NULL 427 428 p = IP(src='1.1.1.1', dst='2.2.2.2') 429 p /= TCP(sport=45012, dport=80) 430 p /= Raw('testdata') 431 p = IP(raw(p)) 432 p 433 434 sa = SecurityAssociation(ESP, spi=0x222, 435 crypt_algo='3DES', crypt_key=b'threedifferent8byteskeys', 436 auth_algo='NULL', auth_key=None, 437 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 438 439 e = sa.encrypt(p) 440 e 441 442 assert(isinstance(e, IP)) 443 * after encryption packet should be encapsulated with the given ip tunnel header 444 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 445 assert(e.chksum != p.chksum) 446 * the encrypted packet should have an ESP layer 447 assert(e.proto == socket.IPPROTO_ESP) 448 assert(e.haslayer(ESP)) 449 assert(not e.haslayer(TCP)) 450 assert(e[ESP].spi == sa.spi) 451 * after encryption the original packet payload should NOT be readable 452 assert(b'testdata' not in e[ESP].data) 453 454 d = sa.decrypt(e) 455 d 456 457 * after decryption the original packet payload should be unaltered 458 assert(d[TCP] == p[TCP]) 459 460 ####################################### 461 = IPv4 / ESP - Tunnel - AES-CBC - NULL 462 463 p = IP(src='1.1.1.1', dst='2.2.2.2') 464 p /= TCP(sport=45012, dport=80) 465 p /= Raw('testdata') 466 p = IP(raw(p)) 467 p 468 469 sa = SecurityAssociation(ESP, spi=0x222, 470 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 471 auth_algo='NULL', auth_key=None, 472 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 473 474 e = sa.encrypt(p) 475 e 476 477 assert(isinstance(e, IP)) 478 * after encryption packet should be encapsulated with the given ip tunnel header 479 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 480 assert(e.chksum != p.chksum) 481 assert(e.proto == socket.IPPROTO_ESP) 482 assert(e.haslayer(ESP)) 483 assert(not e.haslayer(TCP)) 484 assert(e[ESP].spi == sa.spi) 485 * after encryption the original packet payload should NOT be readable 486 assert(b'testdata' not in e[ESP].data) 487 488 d = sa.decrypt(e) 489 d 490 491 * after decryption the original packet payload should be unaltered 492 assert(d[TCP] == p[TCP]) 493 494 ####################################### 495 = IPv4 / ESP - Tunnel - AES-CTR - NULL 496 497 p = IP(src='1.1.1.1', dst='2.2.2.2') 498 p /= TCP(sport=45012, dport=80) 499 p /= Raw('testdata') 500 p = IP(raw(p)) 501 p 502 503 sa = SecurityAssociation(ESP, spi=0x222, 504 crypt_algo='AES-CTR', crypt_key=b'16bytekey+4bytenonce', 505 auth_algo='NULL', auth_key=None, 506 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 507 508 e = sa.encrypt(p) 509 e 510 511 assert(isinstance(e, IP)) 512 * after encryption packet should be encapsulated with the given ip tunnel header 513 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 514 assert(e.chksum != p.chksum) 515 assert(e.proto == socket.IPPROTO_ESP) 516 assert(e.haslayer(ESP)) 517 assert(not e.haslayer(TCP)) 518 assert(e[ESP].spi == sa.spi) 519 * after encryption the original packet payload should NOT be readable 520 assert(b'testdata' not in e[ESP].data) 521 522 d = sa.decrypt(e) 523 d 524 525 * after decryption original packet should be preserved 526 assert(d[TCP] == p[TCP]) 527 528 ####################################### 529 = IPv4 / ESP - Tunnel - Blowfish - NULL 530 531 p = IP(src='1.1.1.1', dst='2.2.2.2') 532 p /= TCP(sport=45012, dport=80) 533 p /= Raw('testdata') 534 p = IP(raw(p)) 535 p 536 537 sa = SecurityAssociation(ESP, spi=0x222, 538 crypt_algo='Blowfish', crypt_key=b'sixteenbytes key', 539 auth_algo='NULL', auth_key=None, 540 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 541 542 e = sa.encrypt(p) 543 e 544 545 assert(isinstance(e, IP)) 546 * after encryption packet should be encapsulated with the given ip tunnel header 547 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 548 assert(e.chksum != p.chksum) 549 assert(e.proto == socket.IPPROTO_ESP) 550 assert(e.haslayer(ESP)) 551 assert(not e.haslayer(TCP)) 552 assert(e[ESP].spi == sa.spi) 553 * after encryption the original packet payload should NOT be readable 554 assert(b'testdata' not in e[ESP].data) 555 556 d = sa.decrypt(e) 557 d 558 559 * after decryption original packet should be preserved 560 assert(d[TCP] == p[TCP]) 561 562 ####################################### 563 = IPv4 / ESP - Tunnel - CAST - NULL 564 565 p = IP(src='1.1.1.1', dst='2.2.2.2') 566 p /= TCP(sport=45012, dport=80) 567 p /= Raw('testdata') 568 p = IP(raw(p)) 569 p 570 571 sa = SecurityAssociation(ESP, spi=0x222, 572 crypt_algo='CAST', crypt_key=b'sixteenbytes key', 573 auth_algo='NULL', auth_key=None, 574 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 575 576 e = sa.encrypt(p) 577 e 578 579 assert(isinstance(e, IP)) 580 * after encryption packet should be encapsulated with the given ip tunnel header 581 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 582 assert(e.chksum != p.chksum) 583 assert(e.proto == socket.IPPROTO_ESP) 584 assert(e.haslayer(ESP)) 585 assert(not e.haslayer(TCP)) 586 assert(e[ESP].spi == sa.spi) 587 * after encryption the original packet payload should NOT be readable 588 assert(b'testdata' not in e[ESP].data) 589 590 d = sa.decrypt(e) 591 d 592 593 * after decryption original packet should be preserved 594 assert(d[TCP] == p[TCP]) 595 596 ############################################################################### 597 + IPv4 / ESP - Transport - Authentication Algorithms 598 599 ####################################### 600 = IPv4 / ESP - Transport - NULL - HMAC-SHA1-96 601 602 p = IP(src='1.1.1.1', dst='2.2.2.2') 603 p /= TCP(sport=45012, dport=80) 604 p /= Raw('testdata') 605 p = IP(raw(p)) 606 p 607 608 sa = SecurityAssociation(ESP, spi=0x222, 609 crypt_algo='NULL', crypt_key=None, 610 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 611 612 e = sa.encrypt(p) 613 e 614 615 assert(isinstance(e, IP)) 616 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 617 assert(e.chksum != p.chksum) 618 assert(e.proto == socket.IPPROTO_ESP) 619 assert(e.haslayer(ESP)) 620 assert(not e.haslayer(TCP)) 621 assert(e[ESP].spi == sa.spi) 622 assert(b'testdata' in e[ESP].data) 623 624 * integrity verification should pass 625 d = sa.decrypt(e) 626 627 * after decryption the original packet payload should be unaltered 628 assert(d[TCP] == p[TCP]) 629 630 ####################################### 631 = IPv4 / ESP - Transport - NULL - HMAC-SHA1-96 - altered packet 632 633 p = IP(src='1.1.1.1', dst='2.2.2.2') 634 p /= TCP(sport=45012, dport=80) 635 p /= Raw('testdata') 636 p = IP(raw(p)) 637 p 638 639 sa = SecurityAssociation(ESP, spi=0x222, 640 crypt_algo='NULL', crypt_key=None, 641 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 642 643 e = sa.encrypt(p) 644 e 645 646 assert(isinstance(e, IP)) 647 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 648 assert(e.chksum != p.chksum) 649 assert(e.proto == socket.IPPROTO_ESP) 650 assert(e.haslayer(ESP)) 651 assert(not e.haslayer(TCP)) 652 assert(e[ESP].spi == sa.spi) 653 assert(b'testdata' in e[ESP].data) 654 655 * simulate the alteration of the packet before decryption 656 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 657 658 * integrity verification should fail 659 try: 660 d = sa.decrypt(e) 661 assert(False) 662 except IPSecIntegrityError as err: 663 err 664 665 ####################################### 666 = IPv4 / ESP - Transport - NULL - SHA2-256-128 667 668 p = IP(src='1.1.1.1', dst='2.2.2.2') 669 p /= TCP(sport=45012, dport=80) 670 p /= Raw('testdata') 671 p = IP(raw(p)) 672 p 673 674 sa = SecurityAssociation(ESP, spi=0x222, 675 crypt_algo='NULL', crypt_key=None, 676 auth_algo='SHA2-256-128', auth_key=b'secret key') 677 678 e = sa.encrypt(p) 679 e 680 681 assert(isinstance(e, IP)) 682 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 683 assert(e.chksum != p.chksum) 684 assert(e.proto == socket.IPPROTO_ESP) 685 assert(e.haslayer(ESP)) 686 assert(not e.haslayer(TCP)) 687 assert(e[ESP].spi == sa.spi) 688 * after encryption the original packet payload should be readable 689 assert(b'testdata' in e[ESP].data) 690 691 * integrity verification should pass 692 d = sa.decrypt(e) 693 694 * after decryption the original packet should be preserved 695 assert(d == p) 696 697 ####################################### 698 = IPv4 / ESP - Transport - NULL - SHA2-256-128 - altered packet 699 700 p = IP(src='1.1.1.1', dst='2.2.2.2') 701 p /= TCP(sport=45012, dport=80) 702 p /= Raw('testdata') 703 p = IP(raw(p)) 704 p 705 706 sa = SecurityAssociation(ESP, spi=0x222, 707 crypt_algo='NULL', crypt_key=None, 708 auth_algo='SHA2-256-128', auth_key=b'secret key') 709 710 e = sa.encrypt(p) 711 e 712 713 assert(isinstance(e, IP)) 714 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 715 assert(e.chksum != p.chksum) 716 assert(e.proto == socket.IPPROTO_ESP) 717 assert(e.haslayer(ESP)) 718 assert(not e.haslayer(TCP)) 719 assert(e[ESP].spi == sa.spi) 720 * after encryption the original packet payload should be readable 721 assert(b'testdata' in e[ESP].data) 722 723 * simulate the alteration of the packet before decryption 724 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 725 726 * integrity verification should fail 727 try: 728 d = sa.decrypt(e) 729 assert(False) 730 except IPSecIntegrityError as err: 731 err 732 733 ####################################### 734 = IPv4 / ESP - Transport - NULL - SHA2-384-192 735 736 p = IP(src='1.1.1.1', dst='2.2.2.2') 737 p /= TCP(sport=45012, dport=80) 738 p /= Raw('testdata') 739 p = IP(raw(p)) 740 p 741 742 sa = SecurityAssociation(ESP, spi=0x222, 743 crypt_algo='NULL', crypt_key=None, 744 auth_algo='SHA2-384-192', auth_key=b'secret key') 745 746 e = sa.encrypt(p) 747 e 748 749 assert(isinstance(e, IP)) 750 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 751 assert(e.chksum != p.chksum) 752 assert(e.proto == socket.IPPROTO_ESP) 753 assert(e.haslayer(ESP)) 754 assert(not e.haslayer(TCP)) 755 assert(e[ESP].spi == sa.spi) 756 * after encryption the original packet payload should be readable 757 assert(b'testdata' in e[ESP].data) 758 759 * integrity verification should pass 760 d = sa.decrypt(e) 761 762 * after decryption the original packet should be preserved 763 assert(d == p) 764 765 ####################################### 766 = IPv4 / ESP - Transport - NULL - SHA2-384-192 - altered packet 767 768 p = IP(src='1.1.1.1', dst='2.2.2.2') 769 p /= TCP(sport=45012, dport=80) 770 p /= Raw('testdata') 771 p = IP(raw(p)) 772 p 773 774 sa = SecurityAssociation(ESP, spi=0x222, 775 crypt_algo='NULL', crypt_key=None, 776 auth_algo='SHA2-384-192', auth_key=b'secret key') 777 778 e = sa.encrypt(p) 779 e 780 781 assert(isinstance(e, IP)) 782 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 783 assert(e.chksum != p.chksum) 784 assert(e.proto == socket.IPPROTO_ESP) 785 assert(e.haslayer(ESP)) 786 assert(not e.haslayer(TCP)) 787 assert(e[ESP].spi == sa.spi) 788 * after encryption the original packet payload should be readable 789 assert(b'testdata' in e[ESP].data) 790 791 * simulate the alteration of the packet before decryption 792 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 793 794 * integrity verification should fail 795 try: 796 d = sa.decrypt(e) 797 assert(False) 798 except IPSecIntegrityError as err: 799 err 800 801 ####################################### 802 = IPv4 / ESP - Transport - NULL - SHA2-512-256 803 804 p = IP(src='1.1.1.1', dst='2.2.2.2') 805 p /= TCP(sport=45012, dport=80) 806 p /= Raw('testdata') 807 p = IP(raw(p)) 808 p 809 810 sa = SecurityAssociation(ESP, spi=0x222, 811 crypt_algo='NULL', crypt_key=None, 812 auth_algo='SHA2-512-256', auth_key=b'secret key') 813 814 e = sa.encrypt(p) 815 e 816 817 assert(isinstance(e, IP)) 818 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 819 assert(e.chksum != p.chksum) 820 assert(e.proto == socket.IPPROTO_ESP) 821 assert(e.haslayer(ESP)) 822 assert(not e.haslayer(TCP)) 823 assert(e[ESP].spi == sa.spi) 824 * after encryption the original packet payload should be readable 825 assert(b'testdata' in e[ESP].data) 826 827 * integrity verification should pass 828 d = sa.decrypt(e) 829 830 * after decryption the original packet should be preserved 831 assert(d == p) 832 833 ####################################### 834 = IPv4 / ESP - Transport - NULL - SHA2-512-256 - altered packet 835 836 p = IP(src='1.1.1.1', dst='2.2.2.2') 837 p /= TCP(sport=45012, dport=80) 838 p /= Raw('testdata') 839 p = IP(raw(p)) 840 p 841 842 sa = SecurityAssociation(ESP, spi=0x222, 843 crypt_algo='NULL', crypt_key=None, 844 auth_algo='SHA2-512-256', auth_key=b'secret key') 845 846 e = sa.encrypt(p) 847 e 848 849 assert(isinstance(e, IP)) 850 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 851 assert(e.chksum != p.chksum) 852 assert(e.proto == socket.IPPROTO_ESP) 853 assert(e.haslayer(ESP)) 854 assert(not e.haslayer(TCP)) 855 assert(e[ESP].spi == sa.spi) 856 * after encryption the original packet payload should be readable 857 assert(b'testdata' in e[ESP].data) 858 859 * simulate the alteration of the packet before decryption 860 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 861 862 * integrity verification should fail 863 try: 864 d = sa.decrypt(e) 865 assert(False) 866 except IPSecIntegrityError as err: 867 err 868 869 ####################################### 870 = IPv4 / ESP - Transport - NULL - HMAC-MD5-96 871 872 p = IP(src='1.1.1.1', dst='2.2.2.2') 873 p /= TCP(sport=45012, dport=80) 874 p /= Raw('testdata') 875 p = IP(raw(p)) 876 p 877 878 sa = SecurityAssociation(ESP, spi=0x222, 879 crypt_algo='NULL', crypt_key=None, 880 auth_algo='HMAC-MD5-96', auth_key=b'secret key') 881 882 e = sa.encrypt(p) 883 e 884 885 assert(isinstance(e, IP)) 886 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 887 assert(e.chksum != p.chksum) 888 assert(e.proto == socket.IPPROTO_ESP) 889 assert(e.haslayer(ESP)) 890 assert(not e.haslayer(TCP)) 891 assert(e[ESP].spi == sa.spi) 892 * after encryption the original packet payload should be readable 893 assert(b'testdata' in e[ESP].data) 894 895 * integrity verification should pass 896 d = sa.decrypt(e) 897 898 * after decryption the original packet should be preserved 899 assert(d == p) 900 901 ####################################### 902 = IPv4 / ESP - Transport - NULL - HMAC-MD5-96 - altered packet 903 904 p = IP(src='1.1.1.1', dst='2.2.2.2') 905 p /= TCP(sport=45012, dport=80) 906 p /= Raw('testdata') 907 p = IP(raw(p)) 908 p 909 910 sa = SecurityAssociation(ESP, spi=0x222, 911 crypt_algo='NULL', crypt_key=None, 912 auth_algo='HMAC-MD5-96', auth_key=b'secret key') 913 914 e = sa.encrypt(p) 915 e 916 917 assert(isinstance(e, IP)) 918 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 919 assert(e.chksum != p.chksum) 920 assert(e.proto == socket.IPPROTO_ESP) 921 assert(e.haslayer(ESP)) 922 assert(not e.haslayer(TCP)) 923 assert(e[ESP].spi == sa.spi) 924 * after encryption the original packet payload should be readable 925 assert(b'testdata' in e[ESP].data) 926 927 * simulate the alteration of the packet before decryption 928 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 929 930 * integrity verification should fail 931 try: 932 d = sa.decrypt(e) 933 assert(False) 934 except IPSecIntegrityError as err: 935 err 936 937 ####################################### 938 = IPv4 / ESP - Transport - NULL - AES-CMAC-96 939 940 p = IP(src='1.1.1.1', dst='2.2.2.2') 941 p /= TCP(sport=45012, dport=80) 942 p /= Raw('testdata') 943 p = IP(raw(p)) 944 p 945 946 sa = SecurityAssociation(ESP, spi=0x222, 947 crypt_algo='NULL', crypt_key=None, 948 auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key') 949 950 e = sa.encrypt(p) 951 e 952 953 assert(isinstance(e, IP)) 954 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 955 assert(e.chksum != p.chksum) 956 assert(e.proto == socket.IPPROTO_ESP) 957 assert(e.haslayer(ESP)) 958 assert(not e.haslayer(TCP)) 959 assert(e[ESP].spi == sa.spi) 960 * after encryption the original packet payload should be readable 961 assert(b'testdata' in e[ESP].data) 962 963 * integrity verification should pass 964 d = sa.decrypt(e) 965 966 * after decryption the original packet should be preserved 967 assert(d == p) 968 969 ####################################### 970 = IPv4 / ESP - Transport - NULL - AES-CMAC-96 - altered packet 971 972 p = IP(src='1.1.1.1', dst='2.2.2.2') 973 p /= TCP(sport=45012, dport=80) 974 p /= Raw('testdata') 975 p = IP(raw(p)) 976 p 977 978 sa = SecurityAssociation(ESP, spi=0x222, 979 crypt_algo='NULL', crypt_key=None, 980 auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key') 981 982 e = sa.encrypt(p) 983 e 984 985 assert(isinstance(e, IP)) 986 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 987 assert(e.chksum != p.chksum) 988 assert(e.proto == socket.IPPROTO_ESP) 989 assert(e.haslayer(ESP)) 990 assert(not e.haslayer(TCP)) 991 assert(e[ESP].spi == sa.spi) 992 * after encryption the original packet payload should be readable 993 assert(b'testdata' in e[ESP].data) 994 995 * simulate the alteration of the packet before decryption 996 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 997 998 * integrity verification should fail 999 try: 1000 d = sa.decrypt(e) 1001 assert(False) 1002 except IPSecIntegrityError as err: 1003 err 1004 1005 ############################################################################### 1006 + IPv4 / ESP - Tunnel - Authentication Algorithms 1007 1008 ####################################### 1009 = IPv4 / ESP - Tunnel - NULL - HMAC-SHA1-96 1010 1011 p = IP(src='1.1.1.1', dst='2.2.2.2') 1012 p /= TCP(sport=45012, dport=80) 1013 p /= Raw('testdata') 1014 p = IP(raw(p)) 1015 p 1016 1017 sa = SecurityAssociation(ESP, spi=0x222, 1018 crypt_algo='NULL', crypt_key=None, 1019 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 1020 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1021 1022 e = sa.encrypt(p) 1023 e 1024 1025 assert(isinstance(e, IP)) 1026 * after encryption packet should be encapsulated with the given ip tunnel header 1027 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1028 assert(e.chksum != p.chksum) 1029 assert(e.proto == socket.IPPROTO_ESP) 1030 assert(e.haslayer(ESP)) 1031 assert(not e.haslayer(TCP)) 1032 assert(e[ESP].spi == sa.spi) 1033 assert(b'testdata' in e[ESP].data) 1034 1035 * integrity verification should pass 1036 d = sa.decrypt(e) 1037 1038 * after decryption the original packet payload should be unaltered 1039 assert(d[TCP] == p[TCP]) 1040 1041 ####################################### 1042 = IPv4 / ESP - Tunnel - NULL - HMAC-SHA1-96 - altered packet 1043 1044 p = IP(src='1.1.1.1', dst='2.2.2.2') 1045 p /= TCP(sport=45012, dport=80) 1046 p /= Raw('testdata') 1047 p = IP(raw(p)) 1048 p 1049 1050 sa = SecurityAssociation(ESP, spi=0x222, 1051 crypt_algo='NULL', crypt_key=None, 1052 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 1053 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1054 1055 e = sa.encrypt(p) 1056 e 1057 1058 assert(isinstance(e, IP)) 1059 * after encryption packet should be encapsulated with the given ip tunnel header 1060 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1061 assert(e.chksum != p.chksum) 1062 assert(e.proto == socket.IPPROTO_ESP) 1063 assert(e.haslayer(ESP)) 1064 assert(not e.haslayer(TCP)) 1065 assert(e[ESP].spi == sa.spi) 1066 assert(b'testdata' in e[ESP].data) 1067 1068 * simulate the alteration of the packet before decryption 1069 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 1070 1071 * integrity verification should fail 1072 try: 1073 d = sa.decrypt(e) 1074 assert(False) 1075 except IPSecIntegrityError as err: 1076 err 1077 1078 ####################################### 1079 = IPv4 / ESP - Tunnel - NULL - SHA2-256-128 1080 1081 p = IP(src='1.1.1.1', dst='2.2.2.2') 1082 p /= TCP(sport=45012, dport=80) 1083 p /= Raw('testdata') 1084 p = IP(raw(p)) 1085 p 1086 1087 sa = SecurityAssociation(ESP, spi=0x222, 1088 crypt_algo='NULL', crypt_key=None, 1089 auth_algo='SHA2-256-128', auth_key=b'secret key', 1090 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1091 1092 e = sa.encrypt(p) 1093 e 1094 1095 assert(isinstance(e, IP)) 1096 * after encryption packet should be encapsulated with the given ip tunnel header 1097 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1098 assert(e.chksum != p.chksum) 1099 assert(e.proto == socket.IPPROTO_ESP) 1100 assert(e.haslayer(ESP)) 1101 assert(not e.haslayer(TCP)) 1102 assert(e[ESP].spi == sa.spi) 1103 * after encryption the original packet payload should be readable 1104 assert(b'testdata' in e[ESP].data) 1105 1106 * integrity verification should pass 1107 d = sa.decrypt(e) 1108 1109 * after decryption the original packet should be preserved 1110 assert(d == p) 1111 1112 ####################################### 1113 = IPv4 / ESP - Tunnel - NULL - SHA2-256-128 - altered packet 1114 1115 p = IP(src='1.1.1.1', dst='2.2.2.2') 1116 p /= TCP(sport=45012, dport=80) 1117 p /= Raw('testdata') 1118 p = IP(raw(p)) 1119 p 1120 1121 sa = SecurityAssociation(ESP, spi=0x222, 1122 crypt_algo='NULL', crypt_key=None, 1123 auth_algo='SHA2-256-128', auth_key=b'secret key', 1124 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1125 1126 e = sa.encrypt(p) 1127 e 1128 1129 assert(isinstance(e, IP)) 1130 * after encryption packet should be encapsulated with the given ip tunnel header 1131 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1132 assert(e.chksum != p.chksum) 1133 assert(e.proto == socket.IPPROTO_ESP) 1134 assert(e.haslayer(ESP)) 1135 assert(not e.haslayer(TCP)) 1136 assert(e[ESP].spi == sa.spi) 1137 * after encryption the original packet payload should be readable 1138 assert(b'testdata' in e[ESP].data) 1139 1140 * simulate the alteration of the packet before decryption 1141 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 1142 1143 * integrity verification should fail 1144 try: 1145 d = sa.decrypt(e) 1146 assert(False) 1147 except IPSecIntegrityError as err: 1148 err 1149 1150 ####################################### 1151 = IPv4 / ESP - Tunnel - NULL - SHA2-384-192 1152 1153 p = IP(src='1.1.1.1', dst='2.2.2.2') 1154 p /= TCP(sport=45012, dport=80) 1155 p /= Raw('testdata') 1156 p = IP(raw(p)) 1157 p 1158 1159 sa = SecurityAssociation(ESP, spi=0x222, 1160 crypt_algo='NULL', crypt_key=None, 1161 auth_algo='SHA2-384-192', auth_key=b'secret key', 1162 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1163 1164 e = sa.encrypt(p) 1165 e 1166 1167 assert(isinstance(e, IP)) 1168 * after encryption packet should be encapsulated with the given ip tunnel header 1169 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1170 assert(e.chksum != p.chksum) 1171 assert(e.proto == socket.IPPROTO_ESP) 1172 assert(e.haslayer(ESP)) 1173 assert(not e.haslayer(TCP)) 1174 assert(e[ESP].spi == sa.spi) 1175 * after encryption the original packet payload should be readable 1176 assert(b'testdata' in e[ESP].data) 1177 1178 * integrity verification should pass 1179 d = sa.decrypt(e) 1180 1181 * after decryption the original packet should be preserved 1182 assert(d == p) 1183 1184 ####################################### 1185 = IPv4 / ESP - Tunnel - NULL - SHA2-384-192 - altered packet 1186 1187 p = IP(src='1.1.1.1', dst='2.2.2.2') 1188 p /= TCP(sport=45012, dport=80) 1189 p /= Raw('testdata') 1190 p = IP(raw(p)) 1191 p 1192 1193 sa = SecurityAssociation(ESP, spi=0x222, 1194 crypt_algo='NULL', crypt_key=None, 1195 auth_algo='SHA2-384-192', auth_key=b'secret key', 1196 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1197 1198 e = sa.encrypt(p) 1199 e 1200 1201 assert(isinstance(e, IP)) 1202 * after encryption packet should be encapsulated with the given ip tunnel header 1203 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1204 assert(e.chksum != p.chksum) 1205 assert(e.proto == socket.IPPROTO_ESP) 1206 assert(e.haslayer(ESP)) 1207 assert(not e.haslayer(TCP)) 1208 assert(e[ESP].spi == sa.spi) 1209 * after encryption the original packet payload should be readable 1210 assert(b'testdata' in e[ESP].data) 1211 1212 * simulate the alteration of the packet before decryption 1213 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 1214 1215 * integrity verification should fail 1216 try: 1217 d = sa.decrypt(e) 1218 assert(False) 1219 except IPSecIntegrityError as err: 1220 err 1221 1222 ####################################### 1223 = IPv4 / ESP - Tunnel - NULL - SHA2-512-256 1224 1225 p = IP(src='1.1.1.1', dst='2.2.2.2') 1226 p /= TCP(sport=45012, dport=80) 1227 p /= Raw('testdata') 1228 p = IP(raw(p)) 1229 p 1230 1231 sa = SecurityAssociation(ESP, spi=0x222, 1232 crypt_algo='NULL', crypt_key=None, 1233 auth_algo='SHA2-512-256', auth_key=b'secret key', 1234 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1235 1236 e = sa.encrypt(p) 1237 e 1238 1239 assert(isinstance(e, IP)) 1240 * after encryption packet should be encapsulated with the given ip tunnel header 1241 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1242 assert(e.chksum != p.chksum) 1243 assert(e.proto == socket.IPPROTO_ESP) 1244 assert(e.haslayer(ESP)) 1245 assert(not e.haslayer(TCP)) 1246 assert(e[ESP].spi == sa.spi) 1247 * after encryption the original packet payload should be readable 1248 assert(b'testdata' in e[ESP].data) 1249 1250 * integrity verification should pass 1251 d = sa.decrypt(e) 1252 1253 * after decryption the original packet should be preserved 1254 assert(d == p) 1255 1256 ####################################### 1257 = IPv4 / ESP - Tunnel - NULL - SHA2-512-256 - altered packet 1258 1259 p = IP(src='1.1.1.1', dst='2.2.2.2') 1260 p /= TCP(sport=45012, dport=80) 1261 p /= Raw('testdata') 1262 p = IP(raw(p)) 1263 p 1264 1265 sa = SecurityAssociation(ESP, spi=0x222, 1266 crypt_algo='NULL', crypt_key=None, 1267 auth_algo='SHA2-512-256', auth_key=b'secret key', 1268 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1269 1270 e = sa.encrypt(p) 1271 e 1272 1273 assert(isinstance(e, IP)) 1274 * after encryption packet should be encapsulated with the given ip tunnel header 1275 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1276 assert(e.chksum != p.chksum) 1277 assert(e.proto == socket.IPPROTO_ESP) 1278 assert(e.haslayer(ESP)) 1279 assert(not e.haslayer(TCP)) 1280 assert(e[ESP].spi == sa.spi) 1281 * after encryption the original packet payload should be readable 1282 assert(b'testdata' in e[ESP].data) 1283 1284 * simulate the alteration of the packet before decryption 1285 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 1286 1287 * integrity verification should fail 1288 try: 1289 d = sa.decrypt(e) 1290 assert(False) 1291 except IPSecIntegrityError as err: 1292 err 1293 1294 ####################################### 1295 = IPv4 / ESP - Tunnel - NULL - HMAC-MD5-96 1296 1297 p = IP(src='1.1.1.1', dst='2.2.2.2') 1298 p /= TCP(sport=45012, dport=80) 1299 p /= Raw('testdata') 1300 p = IP(raw(p)) 1301 p 1302 1303 sa = SecurityAssociation(ESP, spi=0x222, 1304 crypt_algo='NULL', crypt_key=None, 1305 auth_algo='HMAC-MD5-96', auth_key=b'secret key', 1306 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1307 1308 e = sa.encrypt(p) 1309 e 1310 1311 assert(isinstance(e, IP)) 1312 * after encryption packet should be encapsulated with the given ip tunnel header 1313 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1314 assert(e.chksum != p.chksum) 1315 assert(e.proto == socket.IPPROTO_ESP) 1316 assert(e.haslayer(ESP)) 1317 assert(not e.haslayer(TCP)) 1318 assert(e[ESP].spi == sa.spi) 1319 * after encryption the original packet payload should be readable 1320 assert(b'testdata' in e[ESP].data) 1321 1322 * integrity verification should pass 1323 d = sa.decrypt(e) 1324 1325 * after decryption the original packet should be preserved 1326 assert(d == p) 1327 1328 ####################################### 1329 = IPv4 / ESP - Tunnel - NULL - HMAC-MD5-96 - altered packet 1330 1331 p = IP(src='1.1.1.1', dst='2.2.2.2') 1332 p /= TCP(sport=45012, dport=80) 1333 p /= Raw('testdata') 1334 p = IP(raw(p)) 1335 p 1336 1337 sa = SecurityAssociation(ESP, spi=0x222, 1338 crypt_algo='NULL', crypt_key=None, 1339 auth_algo='HMAC-MD5-96', auth_key=b'secret key', 1340 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1341 1342 e = sa.encrypt(p) 1343 e 1344 1345 assert(isinstance(e, IP)) 1346 * after encryption packet should be encapsulated with the given ip tunnel header 1347 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1348 assert(e.chksum != p.chksum) 1349 assert(e.proto == socket.IPPROTO_ESP) 1350 assert(e.haslayer(ESP)) 1351 assert(not e.haslayer(TCP)) 1352 assert(e[ESP].spi == sa.spi) 1353 * after encryption the original packet payload should be readable 1354 assert(b'testdata' in e[ESP].data) 1355 1356 * simulate the alteration of the packet before decryption 1357 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 1358 1359 * integrity verification should fail 1360 try: 1361 d = sa.decrypt(e) 1362 assert(False) 1363 except IPSecIntegrityError as err: 1364 err 1365 1366 ####################################### 1367 = IPv4 / ESP - Tunnel - NULL - AES-CMAC-96 1368 1369 p = IP(src='1.1.1.1', dst='2.2.2.2') 1370 p /= TCP(sport=45012, dport=80) 1371 p /= Raw('testdata') 1372 p = IP(raw(p)) 1373 p 1374 1375 sa = SecurityAssociation(ESP, spi=0x222, 1376 crypt_algo='NULL', crypt_key=None, 1377 auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key', 1378 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1379 1380 e = sa.encrypt(p) 1381 e 1382 1383 assert(isinstance(e, IP)) 1384 * after encryption packet should be encapsulated with the given ip tunnel header 1385 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1386 assert(e.chksum != p.chksum) 1387 assert(e.proto == socket.IPPROTO_ESP) 1388 assert(e.haslayer(ESP)) 1389 assert(not e.haslayer(TCP)) 1390 assert(e[ESP].spi == sa.spi) 1391 * after encryption the original packet payload should be readable 1392 assert(b'testdata' in e[ESP].data) 1393 1394 * integrity verification should pass 1395 d = sa.decrypt(e) 1396 1397 * after decryption the original packet should be preserved 1398 assert(d == p) 1399 1400 ####################################### 1401 = IPv4 / ESP - Tunnel - NULL - AES-CMAC-96 - altered packet 1402 1403 p = IP(src='1.1.1.1', dst='2.2.2.2') 1404 p /= TCP(sport=45012, dport=80) 1405 p /= Raw('testdata') 1406 p = IP(raw(p)) 1407 p 1408 1409 sa = SecurityAssociation(ESP, spi=0x222, 1410 crypt_algo='NULL', crypt_key=None, 1411 auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key', 1412 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1413 1414 e = sa.encrypt(p) 1415 e 1416 1417 assert(isinstance(e, IP)) 1418 * after encryption packet should be encapsulated with the given ip tunnel header 1419 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1420 assert(e.chksum != p.chksum) 1421 assert(e.proto == socket.IPPROTO_ESP) 1422 assert(e.haslayer(ESP)) 1423 assert(not e.haslayer(TCP)) 1424 assert(e[ESP].spi == sa.spi) 1425 * after encryption the original packet payload should be readable 1426 assert(b'testdata' in e[ESP].data) 1427 1428 * simulate the alteration of the packet before decryption 1429 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 1430 1431 * integrity verification should fail 1432 try: 1433 d = sa.decrypt(e) 1434 assert(False) 1435 except IPSecIntegrityError as err: 1436 err 1437 1438 ############################################################################### 1439 + IPv4 / ESP - Encryption + Authentication 1440 1441 ####################################### 1442 = IPv4 / ESP - Transport - AES-CBC - HMAC-SHA1-96 1443 1444 p = IP(src='1.1.1.1', dst='2.2.2.2') 1445 p /= TCP(sport=45012, dport=80) 1446 p /= Raw('testdata') 1447 p = IP(raw(p)) 1448 p 1449 1450 sa = SecurityAssociation(ESP, spi=0x222, 1451 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 1452 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 1453 1454 e = sa.encrypt(p) 1455 e 1456 1457 assert(isinstance(e, IP)) 1458 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 1459 assert(e.chksum != p.chksum) 1460 assert(e.proto == socket.IPPROTO_ESP) 1461 assert(e.haslayer(ESP)) 1462 assert(not e.haslayer(TCP)) 1463 assert(e[ESP].spi == sa.spi) 1464 * after encryption the original packet payload should NOT be readable 1465 assert(b'testdata' not in e[ESP].data) 1466 1467 d = sa.decrypt(e) 1468 d 1469 1470 * after decryption the original packet payload should be unaltered 1471 assert(d[TCP] == p[TCP]) 1472 1473 ####################################### 1474 = IPv4 / ESP - Transport - AES-CBC - HMAC-SHA1-96 - altered packet 1475 1476 p = IP(src='1.1.1.1', dst='2.2.2.2') 1477 p /= TCP(sport=45012, dport=80) 1478 p /= Raw('testdata') 1479 p = IP(raw(p)) 1480 p 1481 1482 sa = SecurityAssociation(ESP, spi=0x222, 1483 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 1484 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 1485 1486 e = sa.encrypt(p) 1487 e 1488 1489 assert(isinstance(e, IP)) 1490 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 1491 assert(e.chksum != p.chksum) 1492 assert(e.proto == socket.IPPROTO_ESP) 1493 assert(e.haslayer(ESP)) 1494 assert(not e.haslayer(TCP)) 1495 assert(e[ESP].spi == sa.spi) 1496 * after encryption the original packet payload should NOT be readable 1497 assert(b'testdata' not in e[ESP].data) 1498 1499 * simulate the alteration of the packet before decryption 1500 e[ESP].seq += 1 1501 1502 * integrity verification should fail 1503 try: 1504 d = sa.decrypt(e) 1505 assert(False) 1506 except IPSecIntegrityError as err: 1507 err 1508 1509 ####################################### 1510 = IPv4 / ESP - Transport - AES-GCM - NULL 1511 1512 p = IP(src='1.1.1.1', dst='2.2.2.2') 1513 p /= TCP(sport=45012, dport=80) 1514 p /= Raw('testdata') 1515 p = IP(raw(p)) 1516 p 1517 1518 sa = SecurityAssociation(ESP, spi=0x222, 1519 crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', 1520 auth_algo='NULL', auth_key=None) 1521 1522 e = sa.encrypt(p) 1523 e 1524 1525 assert(isinstance(e, IP)) 1526 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 1527 assert(e.chksum != p.chksum) 1528 assert(e.proto == socket.IPPROTO_ESP) 1529 assert(e.haslayer(ESP)) 1530 assert(not e.haslayer(TCP)) 1531 assert(e[ESP].spi == sa.spi) 1532 * after encryption the original packet payload should NOT be readable 1533 assert(b'testdata' not in e[ESP].data) 1534 1535 d = sa.decrypt(e) 1536 d 1537 1538 * after decryption original packet should be preserved 1539 assert(d[TCP] == p[TCP]) 1540 1541 # Generated with Linux 4.4.0-62-generic #83-Ubuntu 1542 # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ 1543 # mode tunnel aead 'rfc4106(gcm(aes))' '0x3136627974656b65792b34627974656e6f6e6365' 128 flag align4 1544 ref = IP() \ 1545 / ESP(spi=0x222, 1546 data=b'\x66\x00\x28\x86\xe9\xdf\xc5\x24\xb0\xbd\xfd\x62\x61\x7e\xd3\x76' 1547 b'\x7b\x48\x28\x8e\x76\xaa\xea\x48\xb8\x40\x30\x8a\xce\x50\x71\xbb' 1548 b'\xc0\xb2\x47\x71\xd7\xa4\xa0\xcb\x03\x68\xd3\x16\x5a\x7c\x37\x84' 1549 b'\x87\xc7\x19\x59\xb4\x7c\x76\xe3\x48\xc0\x90\x4b\xd2\x36\x95\xc1' 1550 b'\xb7\xa4\xb6\x7b\x89\xe6\x4f\x10\xae\xdb\x84\x47\x46\x00\xb4\x44' 1551 b'\xe6\x6d\x16\x55\x5f\x82\x36\xa5\x49\xf7\x52\x81\x65\x90\x4d\x28' 1552 b'\x92\xb2\xe3\xf1\xa4\x02\xd2\x37\xac\x0b\x7a\x10\xcf\x64\x46\xb9', 1553 seq=1) 1554 1555 d_ref = sa.decrypt(ref) 1556 d_ref 1557 1558 * Check for ICMP layer in decrypted reference 1559 assert(d_ref.haslayer(ICMP)) 1560 1561 ####################################### 1562 = IPv4 / ESP - Transport - AES-GCM - NULL - altered packet 1563 1564 p = IP(src='1.1.1.1', dst='2.2.2.2') 1565 p /= TCP(sport=45012, dport=80) 1566 p /= Raw('testdata') 1567 p = IP(raw(p)) 1568 p 1569 1570 sa = SecurityAssociation(ESP, spi=0x222, 1571 crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', 1572 auth_algo='NULL', auth_key=None) 1573 1574 e = sa.encrypt(p) 1575 e 1576 1577 assert(isinstance(e, IP)) 1578 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 1579 assert(e.chksum != p.chksum) 1580 assert(e.proto == socket.IPPROTO_ESP) 1581 assert(e.haslayer(ESP)) 1582 assert(not e.haslayer(TCP)) 1583 assert(e[ESP].spi == sa.spi) 1584 * after encryption the original packet payload should NOT be readable 1585 assert(b'testdata' not in e[ESP].data) 1586 1587 * simulate the alteration of the packet before decryption 1588 e[ESP].seq += 1 1589 1590 * integrity verification should fail 1591 try: 1592 d = sa.decrypt(e) 1593 assert(False) 1594 except IPSecIntegrityError as err: 1595 err 1596 1597 ####################################### 1598 = IPv4 / ESP - Transport - AES-CCM - NULL 1599 ~ crypto_advanced 1600 1601 p = IP(src='1.1.1.1', dst='2.2.2.2') 1602 p /= TCP(sport=45012, dport=80) 1603 p /= Raw('testdata') 1604 p = IP(raw(p)) 1605 p 1606 1607 sa = SecurityAssociation(ESP, spi=0x222, 1608 crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', 1609 auth_algo='NULL', auth_key=None) 1610 1611 e = sa.encrypt(p) 1612 e 1613 1614 assert(isinstance(e, IP)) 1615 * after encryption packet should be encapsulated with the given ip tunnel header 1616 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1617 assert(e.chksum != p.chksum) 1618 assert(e.proto == socket.IPPROTO_ESP) 1619 assert(e.haslayer(ESP)) 1620 assert(not e.haslayer(TCP)) 1621 assert(e[ESP].spi == sa.spi) 1622 * after encryption the original packet payload should NOT be readable 1623 assert(b'testdata' not in e[ESP].data) 1624 1625 d = sa.decrypt(e) 1626 d 1627 1628 * after decryption original packet should be preserved 1629 assert(d == p) 1630 1631 # Generated with Linux 4.4.0-62-generic #83-Ubuntu 1632 # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ 1633 # mode tunnel aead 'rfc4309(ccm(aes))' '0x3136627974656b657933627974656e6f6e6365' 64 1634 ref = IP() \ 1635 / ESP(spi=0x222, 1636 data=b'\x2e\x02\x9f\x1f\xad\x76\x80\x58\x8f\xeb\x45\xf1\x66\xe3\xad\xa6' 1637 b'\x90\x1b\x2b\x7d\xd3\x3d\xa4\x53\x35\xc8\xfa\x92\xfd\xd7\x42\x2f' 1638 b'\x87\x60\x9b\x46\xb0\x21\x5e\x82\xfb\x2f\x59\xba\xf0\x6c\xe5\x51' 1639 b'\xb8\x36\x20\x88\xfe\x49\x86\x60\xe8\x0a\x3d\x36\xb5\x8a\x08\xa9' 1640 b'\x5e\xe3\x87\xfa\x93\x3f\xe8\xc2\xc5\xbf\xb1\x2e\x6f\x7d\xc5\xa5' 1641 b'\xd8\xe5\xf3\x25\x21\x81\x43\x16\x48\x10\x7c\x04\x31\x20\x07\x7c' 1642 b'\x7b\xda\x5d\x1a\x72\x45\xc4\x79', 1643 seq=1) 1644 1645 d_ref = sa.decrypt(ref) 1646 d_ref 1647 1648 * Check for ICMP layer in decrypted reference 1649 assert(d_ref.haslayer(ICMP)) 1650 1651 ####################################### 1652 = IPv4 / ESP - Transport - AES-CCM - NULL - altered packet 1653 ~ crypto_advanced 1654 1655 p = IP(src='1.1.1.1', dst='2.2.2.2') 1656 p /= TCP(sport=45012, dport=80) 1657 p /= Raw('testdata') 1658 p = IP(raw(p)) 1659 p 1660 1661 sa = SecurityAssociation(ESP, spi=0x222, 1662 crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', 1663 auth_algo='NULL', auth_key=None) 1664 1665 e = sa.encrypt(p) 1666 e 1667 1668 assert(isinstance(e, IP)) 1669 * after encryption packet should be encapsulated with the given ip tunnel header 1670 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1671 assert(e.chksum != p.chksum) 1672 assert(e.proto == socket.IPPROTO_ESP) 1673 assert(e.haslayer(ESP)) 1674 assert(not e.haslayer(TCP)) 1675 assert(e[ESP].spi == sa.spi) 1676 * after encryption the original packet payload should NOT be readable 1677 assert(b'testdata' not in e[ESP].data) 1678 1679 * simulate the alteration of the packet before decryption 1680 e[ESP].seq += 1 1681 1682 * integrity verification should fail 1683 try: 1684 d = sa.decrypt(e) 1685 assert(False) 1686 except IPSecIntegrityError as err: 1687 err 1688 1689 ####################################### 1690 = IPv4 / ESP - Tunnel - AES-CBC - HMAC-SHA1-96 1691 1692 p = IP(src='1.1.1.1', dst='2.2.2.2') 1693 p /= TCP(sport=45012, dport=80) 1694 p /= Raw('testdata') 1695 p = IP(raw(p)) 1696 p 1697 1698 sa = SecurityAssociation(ESP, spi=0x222, 1699 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 1700 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 1701 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1702 1703 e = sa.encrypt(p) 1704 e 1705 1706 assert(isinstance(e, IP)) 1707 * after encryption packet should be encapsulated with the given ip tunnel header 1708 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1709 assert(e.chksum != p.chksum) 1710 assert(e.proto == socket.IPPROTO_ESP) 1711 assert(e.haslayer(ESP)) 1712 assert(not e.haslayer(TCP)) 1713 assert(e[ESP].spi == sa.spi) 1714 * after encryption the original packet payload should NOT be readable 1715 assert(b'testdata' not in e[ESP].data) 1716 1717 d = sa.decrypt(e) 1718 d 1719 1720 * after decryption the original packet payload should be unaltered 1721 assert(d[TCP] == p[TCP]) 1722 1723 ####################################### 1724 = IPv4 / ESP - Tunnel - AES-CBC - HMAC-SHA1-96 - altered packet 1725 1726 p = IP(src='1.1.1.1', dst='2.2.2.2') 1727 p /= TCP(sport=45012, dport=80) 1728 p /= Raw('testdata') 1729 p = IP(raw(p)) 1730 p 1731 1732 sa = SecurityAssociation(ESP, spi=0x222, 1733 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 1734 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 1735 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1736 1737 e = sa.encrypt(p) 1738 e 1739 1740 assert(isinstance(e, IP)) 1741 * after encryption packet should be encapsulated with the given ip tunnel header 1742 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1743 assert(e.chksum != p.chksum) 1744 assert(e.proto == socket.IPPROTO_ESP) 1745 assert(e.haslayer(ESP)) 1746 assert(not e.haslayer(TCP)) 1747 assert(e[ESP].spi == sa.spi) 1748 * after encryption the original packet payload should NOT be readable 1749 assert(b'testdata' not in e[ESP].data) 1750 1751 * simulate the alteration of the packet before decryption 1752 e[ESP].seq += 1 1753 1754 * integrity verification should fail 1755 try: 1756 d = sa.decrypt(e) 1757 assert(False) 1758 except IPSecIntegrityError as err: 1759 err 1760 1761 ####################################### 1762 = IPv4 / ESP - Tunnel - AES-GCM - NULL 1763 1764 p = IP(src='1.1.1.1', dst='2.2.2.2') 1765 p /= TCP(sport=45012, dport=80) 1766 p /= Raw('testdata') 1767 p = IP(raw(p)) 1768 p 1769 1770 sa = SecurityAssociation(ESP, spi=0x222, 1771 crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', 1772 auth_algo='NULL', auth_key=None, 1773 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1774 1775 e = sa.encrypt(p) 1776 e 1777 1778 assert(isinstance(e, IP)) 1779 * after encryption packet should be encapsulated with the given ip tunnel header 1780 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1781 assert(e.chksum != p.chksum) 1782 assert(e.proto == socket.IPPROTO_ESP) 1783 assert(e.haslayer(ESP)) 1784 assert(not e.haslayer(TCP)) 1785 assert(e[ESP].spi == sa.spi) 1786 * after encryption the original packet payload should NOT be readable 1787 assert(b'testdata' not in e[ESP].data) 1788 1789 d = sa.decrypt(e) 1790 d 1791 1792 * after decryption original packet should be preserved 1793 assert(d[TCP] == p[TCP]) 1794 1795 ####################################### 1796 = IPv4 / ESP - Tunnel - AES-GCM - NULL - altered packet 1797 1798 p = IP(src='1.1.1.1', dst='2.2.2.2') 1799 p /= TCP(sport=45012, dport=80) 1800 p /= Raw('testdata') 1801 p = IP(raw(p)) 1802 p 1803 1804 sa = SecurityAssociation(ESP, spi=0x222, 1805 crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', 1806 auth_algo='NULL', auth_key=None, 1807 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1808 1809 e = sa.encrypt(p) 1810 e 1811 1812 assert(isinstance(e, IP)) 1813 * after encryption packet should be encapsulated with the given ip tunnel header 1814 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1815 assert(e.chksum != p.chksum) 1816 assert(e.proto == socket.IPPROTO_ESP) 1817 assert(e.haslayer(ESP)) 1818 assert(not e.haslayer(TCP)) 1819 assert(e[ESP].spi == sa.spi) 1820 * after encryption the original packet payload should NOT be readable 1821 assert(b'testdata' not in e[ESP].data) 1822 1823 * simulate the alteration of the packet before decryption 1824 e[ESP].seq += 1 1825 1826 * integrity verification should fail 1827 try: 1828 d = sa.decrypt(e) 1829 assert(False) 1830 except IPSecIntegrityError as err: 1831 err 1832 1833 ####################################### 1834 = IPv4 / ESP - Tunnel - AES-CCM - NULL 1835 ~ crypto_advanced 1836 1837 p = IP(src='1.1.1.1', dst='2.2.2.2') 1838 p /= TCP(sport=45012, dport=80) 1839 p /= Raw('testdata') 1840 p = IP(raw(p)) 1841 p 1842 1843 sa = SecurityAssociation(ESP, spi=0x222, 1844 crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', 1845 auth_algo='NULL', auth_key=None, 1846 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1847 1848 e = sa.encrypt(p) 1849 e 1850 1851 assert(isinstance(e, IP)) 1852 * after encryption packet should be encapsulated with the given ip tunnel header 1853 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1854 assert(e.chksum != p.chksum) 1855 assert(e.proto == socket.IPPROTO_ESP) 1856 assert(e.haslayer(ESP)) 1857 assert(not e.haslayer(TCP)) 1858 assert(e[ESP].spi == sa.spi) 1859 * after encryption the original packet payload should NOT be readable 1860 assert(b'testdata' not in e[ESP].data) 1861 1862 d = sa.decrypt(e) 1863 d 1864 1865 * after decryption original packet should be preserved 1866 assert(d == p) 1867 1868 ####################################### 1869 = IPv4 / ESP - Tunnel - AES-CCM - NULL 1870 ~ crypto_advanced 1871 1872 p = IP(src='1.1.1.1', dst='2.2.2.2') 1873 p /= TCP(sport=45012, dport=80) 1874 p /= Raw('testdata') 1875 p = IP(raw(p)) 1876 p 1877 1878 sa = SecurityAssociation(ESP, spi=0x222, 1879 crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', 1880 auth_algo='NULL', auth_key=None, 1881 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 1882 1883 e = sa.encrypt(p) 1884 e 1885 1886 assert(isinstance(e, IP)) 1887 * after encryption packet should be encapsulated with the given ip tunnel header 1888 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 1889 assert(e.chksum != p.chksum) 1890 assert(e.proto == socket.IPPROTO_ESP) 1891 assert(e.haslayer(ESP)) 1892 assert(not e.haslayer(TCP)) 1893 assert(e[ESP].spi == sa.spi) 1894 * after encryption the original packet payload should NOT be readable 1895 assert(b'testdata' not in e[ESP].data) 1896 1897 * simulate the alteration of the packet before decryption 1898 e[ESP].seq += 1 1899 1900 * integrity verification should fail 1901 try: 1902 d = sa.decrypt(e) 1903 assert(False) 1904 except IPSecIntegrityError as err: 1905 err 1906 1907 ############################################################################### 1908 + IPv4 / AH - Transport 1909 1910 ####################################### 1911 = IPv4 / AH - Transport - HMAC-SHA1-96 1912 1913 p = IP(src='1.1.1.1', dst='2.2.2.2') 1914 p /= TCP(sport=45012, dport=80) 1915 p /= Raw('testdata') 1916 p = IP(raw(p)) 1917 p 1918 1919 sa = SecurityAssociation(AH, spi=0x222, 1920 auth_algo='HMAC-SHA1-96', auth_key=b'sixteenbytes key') 1921 1922 e = sa.encrypt(p) 1923 e 1924 1925 assert(isinstance(e, IP)) 1926 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 1927 assert(e.chksum != p.chksum) 1928 * the encrypted packet should have an AH layer 1929 assert(e.proto == socket.IPPROTO_AH) 1930 assert(e.haslayer(AH)) 1931 assert(e.haslayer(TCP)) 1932 assert(e[AH].spi == sa.spi) 1933 1934 * alter mutable fields in the packet 1935 e.ttl = 2 1936 1937 * integrity verification should pass 1938 d = sa.decrypt(e) 1939 d 1940 1941 * after decryption the original packet payload should be unaltered 1942 assert(d[TCP] == p[TCP]) 1943 1944 ####################################### 1945 = IPv4 / AH - Transport - HMAC-SHA1-96 - altered packet 1946 1947 p = IP(src='1.1.1.1', dst='2.2.2.2') 1948 p /= TCP(sport=45012, dport=80) 1949 p /= Raw('testdata') 1950 p = IP(raw(p)) 1951 p 1952 1953 sa = SecurityAssociation(AH, spi=0x222, 1954 auth_algo='HMAC-SHA1-96', auth_key=b'sixteenbytes key') 1955 1956 e = sa.encrypt(p) 1957 e 1958 1959 assert(isinstance(e, IP)) 1960 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 1961 assert(e.chksum != p.chksum) 1962 * the encrypted packet should have an AH layer 1963 assert(e.proto == socket.IPPROTO_AH) 1964 assert(e.haslayer(AH)) 1965 assert(e.haslayer(TCP)) 1966 assert(e[AH].spi == sa.spi) 1967 1968 * simulate the alteration of the packet before decryption 1969 e[TCP].sport = 5 1970 1971 * integrity verification should fail 1972 try: 1973 d = sa.decrypt(e) 1974 assert(False) 1975 except IPSecIntegrityError as err: 1976 err 1977 1978 ####################################### 1979 = IPv4 / AH - Transport - SHA2-256-128 1980 1981 p = IP(src='1.1.1.1', dst='2.2.2.2') 1982 p /= TCP(sport=45012, dport=80) 1983 p /= Raw('testdata') 1984 p = IP(raw(p)) 1985 p 1986 1987 sa = SecurityAssociation(AH, spi=0x222, 1988 auth_algo='SHA2-256-128', auth_key=b'secret key') 1989 1990 e = sa.encrypt(p) 1991 e 1992 1993 assert(isinstance(e, IP)) 1994 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 1995 assert(e.chksum != p.chksum) 1996 * the encrypted packet should have an AH layer 1997 assert(e.proto == socket.IPPROTO_AH) 1998 assert(e.haslayer(AH)) 1999 assert(e.haslayer(TCP)) 2000 assert(e[AH].spi == sa.spi) 2001 2002 * alter mutable fields in the packet 2003 e.ttl = 2 2004 2005 * integrity verification should pass 2006 d = sa.decrypt(e) 2007 d 2008 2009 * after decryption the original packet should be unaltered 2010 assert(d[TCP] == p[TCP]) 2011 2012 ####################################### 2013 = IPv4 / AH - Transport - SHA2-256-128 - altered packet 2014 2015 p = IP(src='1.1.1.1', dst='2.2.2.2') 2016 p /= TCP(sport=45012, dport=80) 2017 p /= Raw('testdata') 2018 p = IP(raw(p)) 2019 p 2020 2021 sa = SecurityAssociation(AH, spi=0x222, 2022 auth_algo='SHA2-256-128', auth_key=b'secret key') 2023 2024 e = sa.encrypt(p) 2025 e 2026 2027 assert(isinstance(e, IP)) 2028 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 2029 assert(e.chksum != p.chksum) 2030 * the encrypted packet should have an AH layer 2031 assert(e.proto == socket.IPPROTO_AH) 2032 assert(e.haslayer(AH)) 2033 assert(e.haslayer(TCP)) 2034 assert(e[AH].spi == sa.spi) 2035 2036 * simulate the alteration of the packet before verification 2037 e[TCP].dport = 46 2038 2039 * integrity verification should fail 2040 try: 2041 d = sa.decrypt(e) 2042 assert(False) 2043 except IPSecIntegrityError as err: 2044 err 2045 2046 ####################################### 2047 = IPv4 / AH - Transport - SHA2-384-192 2048 2049 p = IP(src='1.1.1.1', dst='2.2.2.2') 2050 p /= TCP(sport=45012, dport=80) 2051 p /= Raw('testdata') 2052 p = IP(raw(p)) 2053 p 2054 2055 sa = SecurityAssociation(AH, spi=0x222, 2056 auth_algo='SHA2-384-192', auth_key=b'secret key') 2057 2058 e = sa.encrypt(p) 2059 e 2060 2061 assert(isinstance(e, IP)) 2062 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 2063 assert(e.chksum != p.chksum) 2064 * the encrypted packet should have an AH layer 2065 assert(e.proto == socket.IPPROTO_AH) 2066 assert(e.haslayer(AH)) 2067 assert(e.haslayer(TCP)) 2068 assert(e[AH].spi == sa.spi) 2069 2070 * alter mutable fields in the packet 2071 e.ttl = 2 2072 2073 * integrity verification should pass 2074 d = sa.decrypt(e) 2075 d 2076 2077 * after decryption the original packet should be unaltered 2078 assert(d[TCP] == p[TCP]) 2079 2080 ####################################### 2081 = IPv4 / AH - Transport - SHA2-384-192 - altered packet 2082 2083 p = IP(src='1.1.1.1', dst='2.2.2.2') 2084 p /= TCP(sport=45012, dport=80) 2085 p /= Raw('testdata') 2086 p = IP(raw(p)) 2087 p 2088 2089 sa = SecurityAssociation(AH, spi=0x222, 2090 auth_algo='SHA2-384-192', auth_key=b'secret key') 2091 2092 e = sa.encrypt(p) 2093 e 2094 2095 assert(isinstance(e, IP)) 2096 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 2097 assert(e.chksum != p.chksum) 2098 * the encrypted packet should have an AH layer 2099 assert(e.proto == socket.IPPROTO_AH) 2100 assert(e.haslayer(AH)) 2101 assert(e.haslayer(TCP)) 2102 assert(e[AH].spi == sa.spi) 2103 2104 * simulate the alteration of the packet before verification 2105 e[TCP].dport = 46 2106 2107 * integrity verification should fail 2108 try: 2109 d = sa.decrypt(e) 2110 assert(False) 2111 except IPSecIntegrityError as err: 2112 err 2113 2114 ####################################### 2115 = IPv4 / AH - Transport - SHA2-512-256 2116 2117 p = IP(src='1.1.1.1', dst='2.2.2.2') 2118 p /= TCP(sport=45012, dport=80) 2119 p /= Raw('testdata') 2120 p = IP(raw(p)) 2121 p 2122 2123 sa = SecurityAssociation(AH, spi=0x222, 2124 auth_algo='SHA2-512-256', auth_key=b'secret key') 2125 2126 e = sa.encrypt(p) 2127 e 2128 2129 assert(isinstance(e, IP)) 2130 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 2131 assert(e.chksum != p.chksum) 2132 * the encrypted packet should have an AH layer 2133 assert(e.proto == socket.IPPROTO_AH) 2134 assert(e.haslayer(AH)) 2135 assert(e.haslayer(TCP)) 2136 assert(e[AH].spi == sa.spi) 2137 2138 * alter mutable fields in the packet 2139 e.ttl = 2 2140 2141 * integrity verification should pass 2142 d = sa.decrypt(e) 2143 d 2144 2145 * after decryption the original packet should be unaltered 2146 assert(d[TCP] == p[TCP]) 2147 2148 ####################################### 2149 = IPv4 / AH - Transport - SHA2-512-256 - altered packet 2150 2151 p = IP(src='1.1.1.1', dst='2.2.2.2') 2152 p /= TCP(sport=45012, dport=80) 2153 p /= Raw('testdata') 2154 p = IP(raw(p)) 2155 p 2156 2157 sa = SecurityAssociation(AH, spi=0x222, 2158 auth_algo='SHA2-512-256', auth_key=b'secret key') 2159 2160 e = sa.encrypt(p) 2161 e 2162 2163 assert(isinstance(e, IP)) 2164 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 2165 assert(e.chksum != p.chksum) 2166 * the encrypted packet should have an AH layer 2167 assert(e.proto == socket.IPPROTO_AH) 2168 assert(e.haslayer(AH)) 2169 assert(e.haslayer(TCP)) 2170 assert(e[AH].spi == sa.spi) 2171 2172 * simulate the alteration of the packet before verification 2173 e[TCP].dport = 46 2174 2175 * integrity verification should fail 2176 try: 2177 d = sa.decrypt(e) 2178 assert(False) 2179 except IPSecIntegrityError as err: 2180 err 2181 2182 ####################################### 2183 = IPv4 / AH - Transport - HMAC-MD5-96 2184 2185 p = IP(src='1.1.1.1', dst='2.2.2.2') 2186 p /= TCP(sport=45012, dport=80) 2187 p /= Raw('testdata') 2188 p = IP(raw(p)) 2189 p 2190 2191 sa = SecurityAssociation(AH, spi=0x222, 2192 auth_algo='HMAC-MD5-96', auth_key=b'secret key') 2193 2194 e = sa.encrypt(p) 2195 e 2196 2197 assert(isinstance(e, IP)) 2198 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 2199 assert(e.chksum != p.chksum) 2200 * the encrypted packet should have an AH layer 2201 assert(e.proto == socket.IPPROTO_AH) 2202 assert(e.haslayer(AH)) 2203 assert(e.haslayer(TCP)) 2204 assert(e[AH].spi == sa.spi) 2205 2206 * alter mutable fields in the packet 2207 e.ttl = 2 2208 2209 * integrity verification should pass 2210 d = sa.decrypt(e) 2211 d 2212 2213 * after decryption the original packet should be unaltered 2214 assert(d[TCP] == p[TCP]) 2215 2216 ####################################### 2217 = IPv4 / AH - Transport - HMAC-MD5-96 - altered packet 2218 2219 p = IP(src='1.1.1.1', dst='2.2.2.2') 2220 p /= TCP(sport=45012, dport=80) 2221 p /= Raw('testdata') 2222 p = IP(raw(p)) 2223 p 2224 2225 sa = SecurityAssociation(AH, spi=0x222, 2226 auth_algo='HMAC-MD5-96', auth_key=b'secret key') 2227 2228 e = sa.encrypt(p) 2229 e 2230 2231 assert(isinstance(e, IP)) 2232 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 2233 assert(e.chksum != p.chksum) 2234 * the encrypted packet should have an AH layer 2235 assert(e.proto == socket.IPPROTO_AH) 2236 assert(e.haslayer(AH)) 2237 assert(e.haslayer(TCP)) 2238 assert(e[AH].spi == sa.spi) 2239 2240 * simulate the alteration of the packet before verification 2241 e[TCP].dport = 46 2242 2243 * integrity verification should fail 2244 try: 2245 d = sa.decrypt(e) 2246 assert(False) 2247 except IPSecIntegrityError as err: 2248 err 2249 2250 ####################################### 2251 = IPv4 / AH - Transport - AES-CMAC-96 2252 2253 p = IP(src='1.1.1.1', dst='2.2.2.2') 2254 p /= TCP(sport=45012, dport=80) 2255 p /= Raw('testdata') 2256 p = IP(raw(p)) 2257 p 2258 2259 sa = SecurityAssociation(AH, spi=0x222, 2260 auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key') 2261 2262 e = sa.encrypt(p) 2263 e 2264 2265 assert(isinstance(e, IP)) 2266 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 2267 assert(e.chksum != p.chksum) 2268 * the encrypted packet should have an AH layer 2269 assert(e.proto == socket.IPPROTO_AH) 2270 assert(e.haslayer(AH)) 2271 assert(e.haslayer(TCP)) 2272 assert(e[AH].spi == sa.spi) 2273 2274 * alter mutable fields in the packet 2275 e.ttl = 2 2276 2277 * integrity verification should pass 2278 d = sa.decrypt(e) 2279 d 2280 2281 * after decryption the original packet should be unaltered 2282 assert(d[TCP] == p[TCP]) 2283 2284 ####################################### 2285 = IPv4 / AH - Transport - AES-CMAC-96 - altered packet 2286 2287 p = IP(src='1.1.1.1', dst='2.2.2.2') 2288 p /= TCP(sport=45012, dport=80) 2289 p /= Raw('testdata') 2290 p = IP(raw(p)) 2291 p 2292 2293 sa = SecurityAssociation(AH, spi=0x222, 2294 auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key') 2295 2296 e = sa.encrypt(p) 2297 e 2298 2299 assert(isinstance(e, IP)) 2300 assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') 2301 assert(e.chksum != p.chksum) 2302 * the encrypted packet should have an AH layer 2303 assert(e.proto == socket.IPPROTO_AH) 2304 assert(e.haslayer(AH)) 2305 assert(e.haslayer(TCP)) 2306 assert(e[AH].spi == sa.spi) 2307 2308 * simulate the alteration of the packet before verification 2309 e[TCP].dport = 46 2310 2311 * integrity verification should fail 2312 try: 2313 d = sa.decrypt(e) 2314 assert(False) 2315 except IPSecIntegrityError as err: 2316 err 2317 2318 ############################################################################### 2319 + IPv4 / AH - Tunnel 2320 2321 ####################################### 2322 = IPv4 / AH - Tunnel - HMAC-SHA1-96 2323 2324 p = IP(src='1.1.1.1', dst='2.2.2.2') 2325 p /= TCP(sport=45012, dport=80) 2326 p /= Raw('testdata') 2327 p = IP(raw(p)) 2328 p 2329 2330 sa = SecurityAssociation(AH, spi=0x222, 2331 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 2332 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2333 2334 e = sa.encrypt(p) 2335 e 2336 2337 assert(isinstance(e, IP)) 2338 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2339 assert(e.chksum != p.chksum) 2340 assert(e.proto == socket.IPPROTO_AH) 2341 assert(e.haslayer(AH)) 2342 assert(e.haslayer(TCP)) 2343 assert(e[AH].spi == sa.spi) 2344 2345 * alter mutable fields in the packet 2346 e.ttl = 2 2347 2348 * integrity verification should pass 2349 d = sa.decrypt(e) 2350 d 2351 2352 * after decryption the original packet payload should be unaltered 2353 assert(d[TCP] == p[TCP]) 2354 2355 ####################################### 2356 = IPv4 / AH - Tunnel - HMAC-SHA1-96 - altered packet 2357 2358 p = IP(src='1.1.1.1', dst='2.2.2.2') 2359 p /= TCP(sport=45012, dport=80) 2360 p /= Raw('testdata') 2361 p = IP(raw(p)) 2362 p 2363 2364 sa = SecurityAssociation(AH, spi=0x222, 2365 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 2366 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2367 2368 e = sa.encrypt(p) 2369 e 2370 2371 assert(isinstance(e, IP)) 2372 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2373 assert(e.chksum != p.chksum) 2374 assert(e.proto == socket.IPPROTO_AH) 2375 assert(e.haslayer(AH)) 2376 assert(e.haslayer(TCP)) 2377 assert(e[AH].spi == sa.spi) 2378 2379 * simulate the alteration of the packet before verification 2380 e.dst = '4.4.4.4' 2381 2382 * integrity verification should fail 2383 try: 2384 d = sa.decrypt(e) 2385 assert(False) 2386 except IPSecIntegrityError as err: 2387 err 2388 2389 ####################################### 2390 = IPv4 / AH - Tunnel - SHA2-256-128 2391 2392 p = IP(src='1.1.1.1', dst='2.2.2.2') 2393 p /= TCP(sport=45012, dport=80) 2394 p /= Raw('testdata') 2395 p = IP(raw(p)) 2396 p 2397 2398 sa = SecurityAssociation(AH, spi=0x222, 2399 auth_algo='SHA2-256-128', auth_key=b'secret key', 2400 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2401 2402 e = sa.encrypt(p) 2403 e 2404 2405 assert(isinstance(e, IP)) 2406 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2407 assert(e.chksum != p.chksum) 2408 assert(e.proto == socket.IPPROTO_AH) 2409 assert(e.haslayer(AH)) 2410 assert(e.haslayer(TCP)) 2411 assert(e[AH].spi == sa.spi) 2412 2413 * alter mutable fields in the packet 2414 e.ttl = 2 2415 2416 * integrity verification should pass 2417 d = sa.decrypt(e) 2418 d 2419 2420 * after decryption the original packet should be unaltered 2421 assert(d == p) 2422 2423 ####################################### 2424 = IPv4 / AH - Tunnel - SHA2-256-128 - altered packet 2425 2426 p = IP(src='1.1.1.1', dst='2.2.2.2') 2427 p /= TCP(sport=45012, dport=80) 2428 p /= Raw('testdata') 2429 p = IP(raw(p)) 2430 p 2431 2432 sa = SecurityAssociation(AH, spi=0x222, 2433 auth_algo='SHA2-256-128', auth_key=b'secret key', 2434 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2435 2436 e = sa.encrypt(p) 2437 e 2438 2439 assert(isinstance(e, IP)) 2440 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2441 assert(e.chksum != p.chksum) 2442 assert(e.proto == socket.IPPROTO_AH) 2443 assert(e.haslayer(AH)) 2444 assert(e.haslayer(TCP)) 2445 assert(e[AH].spi == sa.spi) 2446 2447 * simulate the alteration of the packet before verification 2448 e.dst = '4.4.4.4' 2449 2450 * integrity verification should fail 2451 try: 2452 d = sa.decrypt(e) 2453 assert(False) 2454 except IPSecIntegrityError as err: 2455 err 2456 2457 ####################################### 2458 = IPv4 / AH - Tunnel - SHA2-384-192 2459 2460 p = IP(src='1.1.1.1', dst='2.2.2.2') 2461 p /= TCP(sport=45012, dport=80) 2462 p /= Raw('testdata') 2463 p = IP(raw(p)) 2464 p 2465 2466 sa = SecurityAssociation(AH, spi=0x222, 2467 auth_algo='SHA2-384-192', auth_key=b'secret key', 2468 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2469 2470 e = sa.encrypt(p) 2471 e 2472 2473 assert(isinstance(e, IP)) 2474 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2475 assert(e.chksum != p.chksum) 2476 assert(e.proto == socket.IPPROTO_AH) 2477 assert(e.haslayer(AH)) 2478 assert(e.haslayer(TCP)) 2479 assert(e[AH].spi == sa.spi) 2480 2481 * alter mutable fields in the packet 2482 e.ttl = 2 2483 2484 * integrity verification should pass 2485 d = sa.decrypt(e) 2486 d 2487 2488 * after decryption the original packet should be unaltered 2489 assert(d == p) 2490 2491 ####################################### 2492 = IPv4 / AH - Tunnel - SHA2-384-192 - altered packet 2493 2494 p = IP(src='1.1.1.1', dst='2.2.2.2') 2495 p /= TCP(sport=45012, dport=80) 2496 p /= Raw('testdata') 2497 p = IP(raw(p)) 2498 p 2499 2500 sa = SecurityAssociation(AH, spi=0x222, 2501 auth_algo='SHA2-384-192', auth_key=b'secret key', 2502 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2503 2504 e = sa.encrypt(p) 2505 e 2506 2507 assert(isinstance(e, IP)) 2508 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2509 assert(e.chksum != p.chksum) 2510 assert(e.proto == socket.IPPROTO_AH) 2511 assert(e.haslayer(AH)) 2512 assert(e.haslayer(TCP)) 2513 assert(e[AH].spi == sa.spi) 2514 2515 * simulate the alteration of the packet before verification 2516 e.dst = '4.4.4.4' 2517 2518 * integrity verification should fail 2519 try: 2520 d = sa.decrypt(e) 2521 assert(False) 2522 except IPSecIntegrityError as err: 2523 err 2524 2525 ####################################### 2526 = IPv4 / AH - Tunnel - SHA2-512-256 2527 2528 p = IP(src='1.1.1.1', dst='2.2.2.2') 2529 p /= TCP(sport=45012, dport=80) 2530 p /= Raw('testdata') 2531 p = IP(raw(p)) 2532 p 2533 2534 sa = SecurityAssociation(AH, spi=0x222, 2535 auth_algo='SHA2-512-256', auth_key=b'secret key', 2536 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2537 2538 e = sa.encrypt(p) 2539 e 2540 2541 assert(isinstance(e, IP)) 2542 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2543 assert(e.chksum != p.chksum) 2544 assert(e.proto == socket.IPPROTO_AH) 2545 assert(e.haslayer(AH)) 2546 assert(e.haslayer(TCP)) 2547 assert(e[AH].spi == sa.spi) 2548 2549 * alter mutable fields in the packet 2550 e.ttl = 2 2551 2552 * integrity verification should pass 2553 d = sa.decrypt(e) 2554 d 2555 2556 * after decryption the original packet should be unaltered 2557 assert(d == p) 2558 2559 ####################################### 2560 = IPv4 / AH - Tunnel - SHA2-512-256 - altered packet 2561 2562 p = IP(src='1.1.1.1', dst='2.2.2.2') 2563 p /= TCP(sport=45012, dport=80) 2564 p /= Raw('testdata') 2565 p = IP(raw(p)) 2566 p 2567 2568 sa = SecurityAssociation(AH, spi=0x222, 2569 auth_algo='SHA2-512-256', auth_key=b'secret key', 2570 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2571 2572 e = sa.encrypt(p) 2573 e 2574 2575 assert(isinstance(e, IP)) 2576 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2577 assert(e.chksum != p.chksum) 2578 assert(e.proto == socket.IPPROTO_AH) 2579 assert(e.haslayer(AH)) 2580 assert(e.haslayer(TCP)) 2581 assert(e[AH].spi == sa.spi) 2582 2583 * simulate the alteration of the packet before verification 2584 e.dst = '4.4.4.4' 2585 2586 * integrity verification should fail 2587 try: 2588 d = sa.decrypt(e) 2589 assert(False) 2590 except IPSecIntegrityError as err: 2591 err 2592 2593 ####################################### 2594 = IPv4 / AH - Tunnel - HMAC-MD5-96 2595 2596 p = IP(src='1.1.1.1', dst='2.2.2.2') 2597 p /= TCP(sport=45012, dport=80) 2598 p /= Raw('testdata') 2599 p = IP(raw(p)) 2600 p 2601 2602 sa = SecurityAssociation(AH, spi=0x222, 2603 auth_algo='HMAC-MD5-96', auth_key=b'secret key', 2604 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2605 2606 e = sa.encrypt(p) 2607 e 2608 2609 assert(isinstance(e, IP)) 2610 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2611 assert(e.chksum != p.chksum) 2612 assert(e.proto == socket.IPPROTO_AH) 2613 assert(e.haslayer(AH)) 2614 assert(e.haslayer(TCP)) 2615 assert(e[AH].spi == sa.spi) 2616 2617 * alter mutable fields in the packet 2618 e.ttl = 2 2619 2620 * integrity verification should pass 2621 d = sa.decrypt(e) 2622 d 2623 2624 * after decryption the original packet should be unaltered 2625 assert(d == p) 2626 2627 ####################################### 2628 = IPv4 / AH - Tunnel - HMAC-MD5-96 - altered packet 2629 2630 p = IP(src='1.1.1.1', dst='2.2.2.2') 2631 p /= TCP(sport=45012, dport=80) 2632 p /= Raw('testdata') 2633 p = IP(raw(p)) 2634 p 2635 2636 sa = SecurityAssociation(AH, spi=0x222, 2637 auth_algo='HMAC-MD5-96', auth_key=b'secret key', 2638 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2639 2640 e = sa.encrypt(p) 2641 e 2642 2643 assert(isinstance(e, IP)) 2644 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2645 assert(e.chksum != p.chksum) 2646 assert(e.proto == socket.IPPROTO_AH) 2647 assert(e.haslayer(AH)) 2648 assert(e.haslayer(TCP)) 2649 assert(e[AH].spi == sa.spi) 2650 2651 * simulate the alteration of the packet before verification 2652 e.dst = '4.4.4.4' 2653 2654 * integrity verification should fail 2655 try: 2656 d = sa.decrypt(e) 2657 assert(False) 2658 except IPSecIntegrityError as err: 2659 err 2660 2661 ####################################### 2662 = IPv4 / AH - Tunnel - AES-CMAC-96 2663 2664 p = IP(src='1.1.1.1', dst='2.2.2.2') 2665 p /= TCP(sport=45012, dport=80) 2666 p /= Raw('testdata') 2667 p = IP(raw(p)) 2668 p 2669 2670 sa = SecurityAssociation(AH, spi=0x222, 2671 auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key', 2672 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2673 2674 e = sa.encrypt(p) 2675 e 2676 2677 assert(isinstance(e, IP)) 2678 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2679 assert(e.chksum != p.chksum) 2680 assert(e.proto == socket.IPPROTO_AH) 2681 assert(e.haslayer(AH)) 2682 assert(e.haslayer(TCP)) 2683 assert(e[AH].spi == sa.spi) 2684 2685 * alter mutable fields in the packet 2686 e.ttl = 2 2687 2688 * integrity verification should pass 2689 d = sa.decrypt(e) 2690 d 2691 2692 * after decryption the original packet should be unaltered 2693 assert(d == p) 2694 2695 ####################################### 2696 = IPv4 / AH - Tunnel - AES-CMAC-96 - altered packet 2697 2698 p = IP(src='1.1.1.1', dst='2.2.2.2') 2699 p /= TCP(sport=45012, dport=80) 2700 p /= Raw('testdata') 2701 p = IP(raw(p)) 2702 p 2703 2704 sa = SecurityAssociation(AH, spi=0x222, 2705 auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key', 2706 tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) 2707 2708 e = sa.encrypt(p) 2709 e 2710 2711 assert(isinstance(e, IP)) 2712 assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') 2713 assert(e.chksum != p.chksum) 2714 assert(e.proto == socket.IPPROTO_AH) 2715 assert(e.haslayer(AH)) 2716 assert(e.haslayer(TCP)) 2717 assert(e[AH].spi == sa.spi) 2718 2719 * simulate the alteration of the packet before verification 2720 e.dst = '4.4.4.4' 2721 2722 * integrity verification should fail 2723 try: 2724 d = sa.decrypt(e) 2725 assert(False) 2726 except IPSecIntegrityError as err: 2727 err 2728 2729 ############################################################################### 2730 + IPv6 / ESP 2731 2732 ####################################### 2733 = IPv6 / ESP - Transport - NULL - NULL 2734 ~ -crypto 2735 2736 p = IPv6(src='11::22', dst='22::11') 2737 p /= TCP(sport=45012, dport=80) 2738 p /= Raw('testdata') 2739 p = IPv6(raw(p)) 2740 p 2741 2742 sa = SecurityAssociation(ESP, spi=0x222, 2743 crypt_algo='NULL', crypt_key=None, 2744 auth_algo='NULL', auth_key=None) 2745 2746 e = sa.encrypt(p) 2747 e 2748 2749 assert(isinstance(e, IPv6)) 2750 assert(e.src == '11::22' and e.dst == '22::11') 2751 assert(e.nh == socket.IPPROTO_ESP) 2752 assert(e.haslayer(ESP)) 2753 assert(not e.haslayer(TCP)) 2754 assert(e[ESP].spi == sa.spi) 2755 assert(b'testdata' in e[ESP].data) 2756 2757 d = sa.decrypt(e) 2758 d 2759 2760 * after decryption the original packet payload should be unaltered 2761 assert(d[TCP] == p[TCP]) 2762 2763 ####################################### 2764 = IPv6 / ESP - Transport - AES-CBC - NULL 2765 2766 p = IPv6(src='11::22', dst='22::11') 2767 p /= TCP(sport=45012, dport=80) 2768 p /= Raw('testdata') 2769 p = IPv6(raw(p)) 2770 p 2771 2772 sa = SecurityAssociation(ESP, spi=0x222, 2773 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 2774 auth_algo='NULL', auth_key=None) 2775 2776 e = sa.encrypt(p) 2777 e 2778 2779 assert(isinstance(e, IPv6)) 2780 assert(e.src == '11::22' and e.dst == '22::11') 2781 assert(e.nh == socket.IPPROTO_ESP) 2782 assert(e.haslayer(ESP)) 2783 assert(not e.haslayer(TCP)) 2784 assert(e[ESP].spi == sa.spi) 2785 * after encryption the original packet payload should NOT be readable 2786 assert(b'testdata' not in e[ESP].data) 2787 2788 d = sa.decrypt(e) 2789 d 2790 2791 * after decryption the original packet payload should be unaltered 2792 assert(d[TCP] == p[TCP]) 2793 2794 ####################################### 2795 = IPv6 / ESP - Transport - NULL - HMAC-SHA1-96 2796 2797 p = IPv6(src='11::22', dst='22::11') 2798 p /= TCP(sport=45012, dport=80) 2799 p /= Raw('testdata') 2800 p = IPv6(raw(p)) 2801 p 2802 2803 sa = SecurityAssociation(ESP, spi=0x222, 2804 crypt_algo='NULL', crypt_key=None, 2805 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 2806 2807 e = sa.encrypt(p) 2808 e 2809 2810 assert(isinstance(e, IPv6)) 2811 assert(e.src == '11::22' and e.dst == '22::11') 2812 assert(e.nh == socket.IPPROTO_ESP) 2813 assert(e.haslayer(ESP)) 2814 assert(not e.haslayer(TCP)) 2815 assert(e[ESP].spi == sa.spi) 2816 assert(b'testdata' in e[ESP].data) 2817 2818 * integrity verification should pass 2819 d = sa.decrypt(e) 2820 2821 * after decryption the original packet payload should be unaltered 2822 assert(d[TCP] == p[TCP]) 2823 2824 ####################################### 2825 = IPv6 / ESP - Transport - NULL - HMAC-SHA1-96 - altered packet 2826 2827 p = IPv6(src='11::22', dst='22::11') 2828 p /= TCP(sport=45012, dport=80) 2829 p /= Raw('testdata') 2830 p = IPv6(raw(p)) 2831 p 2832 2833 sa = SecurityAssociation(ESP, spi=0x222, 2834 crypt_algo='NULL', crypt_key=None, 2835 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 2836 2837 e = sa.encrypt(p) 2838 e 2839 2840 assert(isinstance(e, IPv6)) 2841 assert(e.src == '11::22' and e.dst == '22::11') 2842 assert(e.nh == socket.IPPROTO_ESP) 2843 assert(e.haslayer(ESP)) 2844 assert(not e.haslayer(TCP)) 2845 assert(e[ESP].spi == sa.spi) 2846 assert(b'testdata' in e[ESP].data) 2847 2848 * simulate the alteration of the packet before decryption 2849 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 2850 2851 * integrity verification should fail 2852 try: 2853 d = sa.decrypt(e) 2854 assert(False) 2855 except IPSecIntegrityError as err: 2856 err 2857 2858 ####################################### 2859 = IPv6 / ESP - Transport - AES-CBC - HMAC-SHA1-96 2860 2861 p = IPv6(src='11::22', dst='22::11') 2862 p /= TCP(sport=45012, dport=80) 2863 p /= Raw('testdata') 2864 p = IPv6(raw(p)) 2865 p 2866 2867 sa = SecurityAssociation(ESP, spi=0x222, 2868 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 2869 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 2870 2871 e = sa.encrypt(p) 2872 e 2873 2874 assert(isinstance(e, IPv6)) 2875 assert(e.src == '11::22' and e.dst == '22::11') 2876 assert(e.nh == socket.IPPROTO_ESP) 2877 assert(e.haslayer(ESP)) 2878 assert(not e.haslayer(TCP)) 2879 assert(e[ESP].spi == sa.spi) 2880 * after encryption the original packet payload should NOT be readable 2881 assert(b'testdata' not in e[ESP].data) 2882 2883 d = sa.decrypt(e) 2884 d 2885 2886 * after decryption the original packet payload should be unaltered 2887 assert(d[TCP] == p[TCP]) 2888 2889 ####################################### 2890 = IPv6 / ESP - Transport - AES-CBC - HMAC-SHA1-96 - altered packet 2891 2892 p = IPv6(src='11::22', dst='22::11') 2893 p /= TCP(sport=45012, dport=80) 2894 p /= Raw('testdata') 2895 p = IPv6(raw(p)) 2896 p 2897 2898 sa = SecurityAssociation(ESP, spi=0x222, 2899 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 2900 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 2901 2902 e = sa.encrypt(p) 2903 e 2904 2905 assert(isinstance(e, IPv6)) 2906 assert(e.src == '11::22' and e.dst == '22::11') 2907 assert(e.nh == socket.IPPROTO_ESP) 2908 assert(e.haslayer(ESP)) 2909 assert(not e.haslayer(TCP)) 2910 assert(e[ESP].spi == sa.spi) 2911 * after encryption the original packet payload should NOT be readable 2912 assert(b'testdata' not in e[ESP].data) 2913 2914 * simulate the alteration of the packet before decryption 2915 e[ESP].seq += 1 2916 2917 * integrity verification should fail 2918 try: 2919 d = sa.decrypt(e) 2920 assert(False) 2921 except IPSecIntegrityError as err: 2922 err 2923 2924 ####################################### 2925 = IPv6 / ESP - Transport - AES-GCM - NULL 2926 2927 p = IPv6(src='11::22', dst='22::11') 2928 p /= TCP(sport=45012, dport=80) 2929 p /= Raw('testdata') 2930 p = IPv6(raw(p)) 2931 p 2932 2933 sa = SecurityAssociation(ESP, spi=0x222, 2934 crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', 2935 auth_algo='NULL', auth_key=None) 2936 2937 e = sa.encrypt(p) 2938 e 2939 2940 assert(isinstance(e, IPv6)) 2941 assert(e.src == '11::22' and e.dst == '22::11') 2942 assert(e.nh == socket.IPPROTO_ESP) 2943 assert(e.haslayer(ESP)) 2944 assert(not e.haslayer(TCP)) 2945 assert(e[ESP].spi == sa.spi) 2946 * after encryption the original packet payload should NOT be readable 2947 assert(b'testdata' not in e[ESP].data) 2948 2949 d = sa.decrypt(e) 2950 d 2951 2952 * after decryption original packet should be preserved 2953 assert(d[TCP] == p[TCP]) 2954 2955 ####################################### 2956 = IPv6 / ESP - Transport - AES-GCM - NULL - altered packet 2957 2958 p = IPv6(src='11::22', dst='22::11') 2959 p /= TCP(sport=45012, dport=80) 2960 p /= Raw('testdata') 2961 p = IPv6(raw(p)) 2962 p 2963 2964 sa = SecurityAssociation(ESP, spi=0x222, 2965 crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', 2966 auth_algo='NULL', auth_key=None) 2967 2968 e = sa.encrypt(p) 2969 e 2970 2971 assert(isinstance(e, IPv6)) 2972 assert(e.src == '11::22' and e.dst == '22::11') 2973 assert(e.nh == socket.IPPROTO_ESP) 2974 assert(e.haslayer(ESP)) 2975 assert(not e.haslayer(TCP)) 2976 assert(e[ESP].spi == sa.spi) 2977 * after encryption the original packet payload should NOT be readable 2978 assert(b'testdata' not in e[ESP].data) 2979 2980 * simulate the alteration of the packet before decryption 2981 e[ESP].seq += 1 2982 2983 * integrity verification should fail 2984 try: 2985 d = sa.decrypt(e) 2986 assert(False) 2987 except IPSecIntegrityError as err: 2988 err 2989 2990 ####################################### 2991 = IPv6 / ESP - Transport - AES-CCM - NULL 2992 ~ crypto_advanced 2993 2994 p = IPv6(src='11::22', dst='22::11') 2995 p /= TCP(sport=45012, dport=80) 2996 p /= Raw('testdata') 2997 p = IPv6(raw(p)) 2998 p 2999 3000 sa = SecurityAssociation(ESP, spi=0x222, 3001 crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', 3002 auth_algo='NULL', auth_key=None) 3003 3004 e = sa.encrypt(p) 3005 e 3006 3007 assert(isinstance(e, IPv6)) 3008 assert(e.src == '11::22' and e.dst == '22::11') 3009 assert(e.nh == socket.IPPROTO_ESP) 3010 assert(e.haslayer(ESP)) 3011 assert(not e.haslayer(TCP)) 3012 assert(e[ESP].spi == sa.spi) 3013 * after encryption the original packet payload should NOT be readable 3014 assert(b'testdata' not in e[ESP].data) 3015 3016 d = sa.decrypt(e) 3017 d 3018 3019 * after decryption original packet should be preserved 3020 assert(d[TCP] == p[TCP]) 3021 3022 ####################################### 3023 = IPv6 / ESP - Transport - AES-CCM - NULL - altered packet 3024 ~ crypto_advanced 3025 3026 p = IPv6(src='11::22', dst='22::11') 3027 p /= TCP(sport=45012, dport=80) 3028 p /= Raw('testdata') 3029 p = IPv6(raw(p)) 3030 p 3031 3032 sa = SecurityAssociation(ESP, spi=0x222, 3033 crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', 3034 auth_algo='NULL', auth_key=None) 3035 3036 e = sa.encrypt(p) 3037 e 3038 3039 assert(isinstance(e, IPv6)) 3040 assert(e.src == '11::22' and e.dst == '22::11') 3041 assert(e.nh == socket.IPPROTO_ESP) 3042 assert(e.haslayer(ESP)) 3043 assert(not e.haslayer(TCP)) 3044 assert(e[ESP].spi == sa.spi) 3045 * after encryption the original packet payload should NOT be readable 3046 assert(b'testdata' not in e[ESP].data) 3047 3048 * simulate the alteration of the packet before decryption 3049 e[ESP].seq += 1 3050 3051 * integrity verification should fail 3052 try: 3053 d = sa.decrypt(e) 3054 assert(False) 3055 except IPSecIntegrityError as err: 3056 err 3057 3058 ####################################### 3059 = IPv6 / ESP - Tunnel - NULL - NULL 3060 ~ -crypto 3061 3062 p = IPv6(src='11::22', dst='22::11') 3063 p /= TCP(sport=45012, dport=80) 3064 p /= Raw('testdata') 3065 p = IPv6(raw(p)) 3066 p 3067 3068 sa = SecurityAssociation(ESP, spi=0x222, 3069 crypt_algo='NULL', crypt_key=None, 3070 auth_algo='NULL', auth_key=None, 3071 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3072 3073 e = sa.encrypt(p) 3074 e 3075 3076 assert(isinstance(e, IPv6)) 3077 * after encryption packet should be encapsulated with the given ip tunnel header 3078 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3079 assert(e.nh == socket.IPPROTO_ESP) 3080 assert(e.haslayer(ESP)) 3081 assert(not e.haslayer(TCP)) 3082 assert(e[ESP].spi == sa.spi) 3083 assert(b'testdata' in e[ESP].data) 3084 3085 d = sa.decrypt(e) 3086 d 3087 3088 * after decryption the original packet payload should be unaltered 3089 assert(d[TCP] == p[TCP]) 3090 3091 ####################################### 3092 = IPv6 / ESP - Tunnel - AES-CBC - NULL 3093 3094 p = IPv6(src='11::22', dst='22::11') 3095 p /= TCP(sport=45012, dport=80) 3096 p /= Raw('testdata') 3097 p = IPv6(raw(p)) 3098 p 3099 3100 sa = SecurityAssociation(ESP, spi=0x222, 3101 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 3102 auth_algo='NULL', auth_key=None, 3103 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3104 3105 e = sa.encrypt(p) 3106 e 3107 3108 assert(isinstance(e, IPv6)) 3109 * after encryption packet should be encapsulated with the given ip tunnel header 3110 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3111 assert(e.nh == socket.IPPROTO_ESP) 3112 assert(e.haslayer(ESP)) 3113 assert(not e.haslayer(TCP)) 3114 assert(e[ESP].spi == sa.spi) 3115 * after encryption the original packet payload should NOT be readable 3116 assert(b'testdata' not in e[ESP].data) 3117 3118 d = sa.decrypt(e) 3119 d 3120 3121 * after decryption the original packet payload should be unaltered 3122 assert(d[TCP] == p[TCP]) 3123 3124 ####################################### 3125 = IPv6 / ESP - Tunnel - NULL - HMAC-SHA1-96 3126 3127 p = IPv6(src='11::22', dst='22::11') 3128 p /= TCP(sport=45012, dport=80) 3129 p /= Raw('testdata') 3130 p = IPv6(raw(p)) 3131 p 3132 3133 sa = SecurityAssociation(ESP, spi=0x222, 3134 crypt_algo='NULL', crypt_key=None, 3135 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 3136 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3137 3138 e = sa.encrypt(p) 3139 e 3140 3141 assert(isinstance(e, IPv6)) 3142 * after encryption packet should be encapsulated with the given ip tunnel header 3143 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3144 assert(e.nh == socket.IPPROTO_ESP) 3145 assert(e.haslayer(ESP)) 3146 assert(not e.haslayer(TCP)) 3147 assert(e[ESP].spi == sa.spi) 3148 assert(b'testdata' in e[ESP].data) 3149 3150 * integrity verification should pass 3151 d = sa.decrypt(e) 3152 3153 * after decryption the original packet payload should be unaltered 3154 assert(d[TCP] == p[TCP]) 3155 3156 ####################################### 3157 = IPv6 / ESP - Tunnel - NULL - HMAC-SHA1-96 - altered packet 3158 3159 p = IPv6(src='11::22', dst='22::11') 3160 p /= TCP(sport=45012, dport=80) 3161 p /= Raw('testdata') 3162 p = IPv6(raw(p)) 3163 p 3164 3165 sa = SecurityAssociation(ESP, spi=0x222, 3166 crypt_algo='NULL', crypt_key=None, 3167 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 3168 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3169 3170 e = sa.encrypt(p) 3171 e 3172 3173 assert(isinstance(e, IPv6)) 3174 * after encryption packet should be encapsulated with the given ip tunnel header 3175 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3176 assert(e.nh == socket.IPPROTO_ESP) 3177 assert(e.haslayer(ESP)) 3178 assert(not e.haslayer(TCP)) 3179 assert(e[ESP].spi == sa.spi) 3180 assert(b'testdata' in e[ESP].data) 3181 3182 * simulate the alteration of the packet before decryption 3183 e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') 3184 3185 * integrity verification should fail 3186 try: 3187 d = sa.decrypt(e) 3188 assert(False) 3189 except IPSecIntegrityError as err: 3190 err 3191 3192 ####################################### 3193 = IPv6 / ESP - Tunnel - AES-CBC - HMAC-SHA1-96 3194 3195 p = IPv6(src='11::22', dst='22::11') 3196 p /= TCP(sport=45012, dport=80) 3197 p /= Raw('testdata') 3198 p = IPv6(raw(p)) 3199 p 3200 3201 sa = SecurityAssociation(ESP, spi=0x222, 3202 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 3203 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 3204 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3205 3206 e = sa.encrypt(p) 3207 e 3208 3209 assert(isinstance(e, IPv6)) 3210 * after encryption packet should be encapsulated with the given ip tunnel header 3211 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3212 assert(e.nh == socket.IPPROTO_ESP) 3213 assert(e.haslayer(ESP)) 3214 assert(not e.haslayer(TCP)) 3215 assert(e[ESP].spi == sa.spi) 3216 * after encryption the original packet payload should NOT be readable 3217 assert(b'testdata' not in e[ESP].data) 3218 3219 d = sa.decrypt(e) 3220 d 3221 3222 * after decryption the original packet payload should be unaltered 3223 assert(d[TCP] == p[TCP]) 3224 3225 ####################################### 3226 = IPv6 / ESP - Tunnel - AES-CBC - HMAC-SHA1-96 - altered packet 3227 3228 p = IPv6(src='11::22', dst='22::11') 3229 p /= TCP(sport=45012, dport=80) 3230 p /= Raw('testdata') 3231 p = IPv6(raw(p)) 3232 p 3233 3234 sa = SecurityAssociation(ESP, spi=0x222, 3235 crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', 3236 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 3237 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3238 3239 e = sa.encrypt(p) 3240 e 3241 3242 assert(isinstance(e, IPv6)) 3243 * after encryption packet should be encapsulated with the given ip tunnel header 3244 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3245 assert(e.nh == socket.IPPROTO_ESP) 3246 assert(e.haslayer(ESP)) 3247 assert(not e.haslayer(TCP)) 3248 assert(e[ESP].spi == sa.spi) 3249 * after encryption the original packet payload should NOT be readable 3250 assert(b'testdata' not in e[ESP].data) 3251 3252 * simulate the alteration of the packet before decryption 3253 e[ESP].seq += 1 3254 3255 * integrity verification should fail 3256 try: 3257 d = sa.decrypt(e) 3258 assert(False) 3259 except IPSecIntegrityError as err: 3260 err 3261 3262 ####################################### 3263 = IPv6 / ESP - Tunnel - AES-GCM - NULL 3264 3265 p = IPv6(src='11::22', dst='22::11') 3266 p /= TCP(sport=45012, dport=80) 3267 p /= Raw('testdata') 3268 p = IPv6(raw(p)) 3269 p 3270 3271 sa = SecurityAssociation(ESP, spi=0x222, 3272 crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', 3273 auth_algo='NULL', auth_key=None, 3274 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3275 3276 e = sa.encrypt(p) 3277 e 3278 3279 assert(isinstance(e, IPv6)) 3280 * after encryption packet should be encapsulated with the given ip tunnel header 3281 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3282 assert(e.nh == socket.IPPROTO_ESP) 3283 assert(e.haslayer(ESP)) 3284 assert(not e.haslayer(TCP)) 3285 assert(e[ESP].spi == sa.spi) 3286 * after encryption the original packet payload should NOT be readable 3287 assert(b'testdata' not in e[ESP].data) 3288 3289 d = sa.decrypt(e) 3290 d 3291 3292 * after decryption original packet should be preserved 3293 assert(d[TCP] == p[TCP]) 3294 3295 ####################################### 3296 = IPv6 / ESP - Tunnel - AES-GCM - NULL - altered packet 3297 3298 p = IPv6(src='11::22', dst='22::11') 3299 p /= TCP(sport=45012, dport=80) 3300 p /= Raw('testdata') 3301 p = IPv6(raw(p)) 3302 p 3303 3304 sa = SecurityAssociation(ESP, spi=0x222, 3305 crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', 3306 auth_algo='NULL', auth_key=None, 3307 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3308 3309 e = sa.encrypt(p) 3310 e 3311 3312 assert(isinstance(e, IPv6)) 3313 * after encryption packet should be encapsulated with the given ip tunnel header 3314 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3315 assert(e.nh == socket.IPPROTO_ESP) 3316 assert(e.haslayer(ESP)) 3317 assert(not e.haslayer(TCP)) 3318 assert(e[ESP].spi == sa.spi) 3319 * after encryption the original packet payload should NOT be readable 3320 assert(b'testdata' not in e[ESP].data) 3321 3322 * simulate the alteration of the packet before decryption 3323 e[ESP].seq += 1 3324 3325 * integrity verification should fail 3326 try: 3327 d = sa.decrypt(e) 3328 assert(False) 3329 except IPSecIntegrityError as err: 3330 err 3331 3332 ####################################### 3333 = IPv6 / ESP - Tunnel - AES-CCM - NULL 3334 ~ crypto_advanced 3335 3336 p = IPv6(src='11::22', dst='22::11') 3337 p /= TCP(sport=45012, dport=80) 3338 p /= Raw('testdata') 3339 p = IPv6(raw(p)) 3340 p 3341 3342 sa = SecurityAssociation(ESP, spi=0x222, 3343 crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', 3344 auth_algo='NULL', auth_key=None, 3345 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3346 3347 e = sa.encrypt(p) 3348 e 3349 3350 assert(isinstance(e, IPv6)) 3351 assert(e.src == '11::22' and e.dst == '22::11') 3352 assert(e.nh == socket.IPPROTO_ESP) 3353 assert(e.haslayer(ESP)) 3354 assert(not e.haslayer(TCP)) 3355 assert(e[ESP].spi == sa.spi) 3356 * after encryption the original packet payload should NOT be readable 3357 assert(b'testdata' not in e[ESP].data) 3358 3359 d = sa.decrypt(e) 3360 d 3361 3362 * after decryption original packet should be preserved 3363 assert(d[TCP] == p[TCP]) 3364 3365 ####################################### 3366 = IPv6 / ESP - Tunnel - AES-CCM - NULL - altered packet 3367 ~ crypto_advanced 3368 3369 p = IPv6(src='11::22', dst='22::11') 3370 p /= TCP(sport=45012, dport=80) 3371 p /= Raw('testdata') 3372 p = IPv6(raw(p)) 3373 p 3374 3375 sa = SecurityAssociation(ESP, spi=0x222, 3376 crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', 3377 auth_algo='NULL', auth_key=None, 3378 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3379 3380 e = sa.encrypt(p) 3381 e 3382 3383 assert(isinstance(e, IPv6)) 3384 assert(e.src == '11::22' and e.dst == '22::11') 3385 assert(e.nh == socket.IPPROTO_ESP) 3386 assert(e.haslayer(ESP)) 3387 assert(not e.haslayer(TCP)) 3388 assert(e[ESP].spi == sa.spi) 3389 * after encryption the original packet payload should NOT be readable 3390 assert(b'testdata' not in e[ESP].data) 3391 3392 * simulate the alteration of the packet before decryption 3393 e[ESP].seq += 1 3394 3395 * integrity verification should fail 3396 try: 3397 d = sa.decrypt(e) 3398 assert(False) 3399 except IPSecIntegrityError as err: 3400 err 3401 3402 ####################################### 3403 ############################################################################### 3404 + IPv6 / AH 3405 3406 ####################################### 3407 = IPv6 / AH - Transport - HMAC-SHA1-96 3408 3409 p = IPv6(src='11::22', dst='22::11') 3410 p /= TCP(sport=45012, dport=80) 3411 p /= Raw('testdata') 3412 p = IPv6(raw(p)) 3413 p 3414 3415 sa = SecurityAssociation(AH, spi=0x222, 3416 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 3417 3418 e = sa.encrypt(p) 3419 e 3420 3421 assert(isinstance(e, IPv6)) 3422 assert(e.src == '11::22' and e.dst == '22::11') 3423 * the encrypted packet should have an AH layer 3424 assert(e.nh == socket.IPPROTO_AH) 3425 assert(e.haslayer(AH)) 3426 assert(e.haslayer(TCP)) 3427 assert(e[AH].spi == sa.spi) 3428 3429 * alter mutable fields in the packet 3430 e.hlim = 2 3431 3432 * integrity verification should pass 3433 d = sa.decrypt(e) 3434 d 3435 3436 * after decryption the original packet payload should be unaltered 3437 assert(d[TCP] == p[TCP]) 3438 3439 ####################################### 3440 = IPv6 / AH - Transport - HMAC-SHA1-96 - altered packet 3441 3442 p = IPv6(src='11::22', dst='22::11') 3443 p /= TCP(sport=45012, dport=80) 3444 p /= Raw('testdata') 3445 p = IPv6(raw(p)) 3446 p 3447 3448 sa = SecurityAssociation(AH, spi=0x222, 3449 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 3450 3451 e = sa.encrypt(p) 3452 e 3453 3454 assert(isinstance(e, IPv6)) 3455 assert(e.src == '11::22' and e.dst == '22::11') 3456 * the encrypted packet should have an AH layer 3457 assert(e.nh == socket.IPPROTO_AH) 3458 assert(e.haslayer(AH)) 3459 assert(e.haslayer(TCP)) 3460 assert(e[AH].spi == sa.spi) 3461 3462 * simulate the alteration of the packet before verification 3463 e[TCP].dport = 46 3464 3465 * integrity verification should fail 3466 try: 3467 d = sa.decrypt(e) 3468 assert(False) 3469 except IPSecIntegrityError as err: 3470 err 3471 3472 ####################################### 3473 = IPv6 / AH - Transport - SHA2-256-128 3474 3475 p = IPv6(src='11::22', dst='22::11') 3476 p /= TCP(sport=45012, dport=80) 3477 p /= Raw('testdata') 3478 p = IPv6(raw(p)) 3479 p 3480 3481 sa = SecurityAssociation(AH, spi=0x222, 3482 auth_algo='SHA2-256-128', auth_key=b'secret key') 3483 3484 e = sa.encrypt(p) 3485 e 3486 3487 assert(isinstance(e, IPv6)) 3488 assert(e.src == '11::22' and e.dst == '22::11') 3489 * the encrypted packet should have an AH layer 3490 assert(e.nh == socket.IPPROTO_AH) 3491 assert(e.haslayer(AH)) 3492 assert(e.haslayer(TCP)) 3493 assert(e[AH].spi == sa.spi) 3494 3495 * alter mutable fields in the packet 3496 e.hlim = 2 3497 3498 * integrity verification should pass 3499 d = sa.decrypt(e) 3500 d 3501 3502 * after decryption the original packet payload should be unaltered 3503 assert(d[TCP] == p[TCP]) 3504 3505 ####################################### 3506 = IPv6 / AH - Transport - SHA2-256-128 - altered packet 3507 3508 p = IPv6(src='11::22', dst='22::11') 3509 p /= TCP(sport=45012, dport=80) 3510 p /= Raw('testdata') 3511 p = IPv6(raw(p)) 3512 p 3513 3514 sa = SecurityAssociation(AH, spi=0x222, 3515 auth_algo='SHA2-256-128', auth_key=b'secret key') 3516 3517 e = sa.encrypt(p) 3518 e 3519 3520 assert(isinstance(e, IPv6)) 3521 assert(e.src == '11::22' and e.dst == '22::11') 3522 * the encrypted packet should have an AH layer 3523 assert(e.nh == socket.IPPROTO_AH) 3524 assert(e.haslayer(AH)) 3525 assert(e.haslayer(TCP)) 3526 assert(e[AH].spi == sa.spi) 3527 3528 * simulate the alteration of the packet before verification 3529 e[TCP].dport = 46 3530 3531 * integrity verification should fail 3532 try: 3533 d = sa.decrypt(e) 3534 assert(False) 3535 except IPSecIntegrityError as err: 3536 err 3537 3538 ####################################### 3539 = IPv6 / AH - Tunnel - HMAC-SHA1-96 3540 3541 p = IPv6(src='11::22', dst='22::11') 3542 p /= TCP(sport=45012, dport=80) 3543 p /= Raw('testdata') 3544 p = IPv6(raw(p)) 3545 p 3546 3547 sa = SecurityAssociation(AH, spi=0x222, 3548 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 3549 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3550 3551 e = sa.encrypt(p) 3552 e 3553 3554 assert(isinstance(e, IPv6)) 3555 * after encryption packet should be encapsulated with the given ip tunnel header 3556 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3557 assert(e.nh == socket.IPPROTO_AH) 3558 assert(e.haslayer(AH)) 3559 assert(e.haslayer(TCP)) 3560 assert(e[AH].spi == sa.spi) 3561 3562 * alter mutable fields in the packet 3563 e.hlim = 2 3564 3565 * integrity verification should pass 3566 d = sa.decrypt(e) 3567 d 3568 3569 * after decryption the original packet payload should be unaltered 3570 assert(d == p) 3571 3572 ####################################### 3573 = IPv6 / AH - Tunnel - HMAC-SHA1-96 - altered packet 3574 3575 p = IPv6(src='11::22', dst='22::11') 3576 p /= TCP(sport=45012, dport=80) 3577 p /= Raw('testdata') 3578 p = IPv6(raw(p)) 3579 p 3580 3581 sa = SecurityAssociation(AH, spi=0x222, 3582 auth_algo='HMAC-SHA1-96', auth_key=b'secret key', 3583 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3584 3585 e = sa.encrypt(p) 3586 e 3587 3588 assert(isinstance(e, IPv6)) 3589 * after encryption packet should be encapsulated with the given ip tunnel header 3590 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3591 assert(e.nh == socket.IPPROTO_AH) 3592 assert(e.haslayer(AH)) 3593 assert(e.haslayer(TCP)) 3594 assert(e[AH].spi == sa.spi) 3595 3596 * simulate the alteration of the packet before verification 3597 e.src = 'cc::ee' 3598 3599 * integrity verification should fail 3600 try: 3601 d = sa.decrypt(e) 3602 assert(False) 3603 except IPSecIntegrityError as err: 3604 err 3605 3606 ####################################### 3607 = IPv6 / AH - Tunnel - SHA2-256-128 3608 3609 p = IPv6(src='11::22', dst='22::11') 3610 p /= TCP(sport=45012, dport=80) 3611 p /= Raw('testdata') 3612 p = IPv6(raw(p)) 3613 p 3614 3615 sa = SecurityAssociation(AH, spi=0x222, 3616 auth_algo='SHA2-256-128', auth_key=b'secret key', 3617 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3618 3619 e = sa.encrypt(p) 3620 e 3621 3622 assert(isinstance(e, IPv6)) 3623 * after encryption packet should be encapsulated with the given ip tunnel header 3624 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3625 assert(e.nh == socket.IPPROTO_AH) 3626 assert(e.haslayer(AH)) 3627 assert(e.haslayer(TCP)) 3628 assert(e[AH].spi == sa.spi) 3629 3630 * alter mutable fields in the packet 3631 e.hlim = 2 3632 3633 * integrity verification should pass 3634 d = sa.decrypt(e) 3635 d 3636 3637 * after decryption the original packet payload should be unaltered 3638 assert(d == p) 3639 3640 ####################################### 3641 = IPv6 / AH - Tunnel - SHA2-256-128 - altered packet 3642 3643 p = IPv6(src='11::22', dst='22::11') 3644 p /= TCP(sport=45012, dport=80) 3645 p /= Raw('testdata') 3646 p = IPv6(raw(p)) 3647 p 3648 3649 sa = SecurityAssociation(AH, spi=0x222, 3650 auth_algo='SHA2-256-128', auth_key=b'secret key', 3651 tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) 3652 3653 e = sa.encrypt(p) 3654 e 3655 3656 assert(isinstance(e, IPv6)) 3657 * after encryption packet should be encapsulated with the given ip tunnel header 3658 assert(e.src == 'aa::bb' and e.dst == 'bb::aa') 3659 assert(e.nh == socket.IPPROTO_AH) 3660 assert(e.haslayer(AH)) 3661 assert(e.haslayer(TCP)) 3662 assert(e[AH].spi == sa.spi) 3663 3664 * simulate the alteration of the packet before verification 3665 e.src = 'cc::ee' 3666 3667 * integrity verification should fail 3668 try: 3669 d = sa.decrypt(e) 3670 assert(False) 3671 except IPSecIntegrityError as err: 3672 err 3673 3674 ############################################################################### 3675 + IPv6 + Extensions / AH 3676 3677 ####################################### 3678 = IPv6 + Extensions / AH - Transport 3679 3680 p = IPv6(src='11::22', dst='22::11') 3681 p /= IPv6ExtHdrHopByHop() 3682 p /= IPv6ExtHdrDestOpt() 3683 p /= IPv6ExtHdrRouting() 3684 p /= IPv6ExtHdrDestOpt() 3685 p /= IPv6ExtHdrFragment() 3686 p /= TCP(sport=45012, dport=80) 3687 p /= Raw('testdata') 3688 p = IPv6(raw(p)) 3689 p 3690 3691 sa = SecurityAssociation(AH, spi=0x222, 3692 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 3693 3694 e = sa.encrypt(p) 3695 e 3696 3697 assert(e.src == '11::22' and e.dst == '22::11') 3698 * AH header should be inserted between the routing header and the dest options header 3699 assert(isinstance(e[AH].underlayer, IPv6ExtHdrRouting)) 3700 assert(isinstance(e[AH].payload, IPv6ExtHdrDestOpt)) 3701 3702 ####################################### 3703 = IPv6 + Routing Header / AH - Transport 3704 3705 p = IPv6(src='11::22', dst='22::11') 3706 p /= IPv6ExtHdrHopByHop() 3707 p /= IPv6ExtHdrRouting(addresses=['aa::bb', 'cc::dd', 'ee::ff']) 3708 p /= TCP(sport=45012, dport=80) 3709 p /= Raw('testdata') 3710 p = IPv6(raw(p)) 3711 p 3712 3713 sa = SecurityAssociation(AH, spi=0x222, 3714 auth_algo='HMAC-SHA1-96', auth_key=b'secret key') 3715 3716 e = sa.encrypt(p) 3717 e 3718 3719 assert(e.src == '11::22' and e.dst == '22::11') 3720 * AH header should be inserted between the routing header and TCP 3721 assert(isinstance(e[AH].underlayer, IPv6ExtHdrRouting)) 3722 assert(isinstance(e[AH].payload, TCP)) 3723 3724 * reorder the routing header as the receiver will get it 3725 final = e[IPv6ExtHdrRouting].addresses.pop() 3726 e[IPv6ExtHdrRouting].addresses.insert(0, e.dst) 3727 e.dst = final 3728 e[IPv6ExtHdrRouting].segleft = 0 3729 3730 * integrity verification should pass 3731 d = sa.decrypt(e) 3732 d 3733 3734