| ############################## |
| % IPsec layer regression tests |
| ############################## |
| |
| ~ crypto |
| |
| ############################################################################### |
| + IPv4 / ESP - Transport - Encryption Algorithms |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - NULL |
| ~ -crypto |
| |
| import socket |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - DES - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='DES', crypt_key=b'8bytekey', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an ESP layer |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| # Generated with Linux 4.4.0-62-generic #83-Ubuntu |
| # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ |
| # mode tunnel enc 'cbc(des)' '0x38627974656b6579' auth digest_null '' flag align4 |
| ref = IP() \ |
| / ESP(spi=0x222, |
| data=b'\x0f\x6d\x2f\x3d\x1e\xc1\x0b\xc2\xb6\x8f\xfd\x67\x39\xc0\x96\x2c' |
| b'\x17\x79\x88\xf6\xbc\x4d\xf7\x45\xd8\x36\x63\x86\xcd\x08\x7c\x08' |
| b'\x2b\xf8\xa2\x91\x18\x21\x88\xd9\x26\x00\xc5\x21\x24\xbf\x8f\xf5' |
| b'\x6c\x47\xb0\x3a\x8e\xdb\x75\x21\xd9\x33\x85\x5a\x15\xc6\x31\x00' |
| b'\x1c\xef\x3e\x12\xce\x70\xec\x8f\x48\xc7\x81\x9b\x66\xcb\xf5\x39' |
| b'\x91\xb3\x8e\x72\xfb\x7f\x64\x65\x6c\xf4\xa9\xf2\x5e\x63\x2f\x60', |
| seq=1) |
| |
| d_ref = sa.decrypt(ref) |
| d_ref |
| |
| * Check for ICMP layer in decrypted reference |
| assert(d_ref.haslayer(ICMP)) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - 3DES - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='3DES', crypt_key=b'threedifferent8byteskeys', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an ESP layer |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| # Generated with Linux 4.4.0-62-generic #83-Ubuntu |
| # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ |
| # mode tunnel enc 'cbc(des3_ede)' '0x7468726565646966666572656e743862797465736b657973' auth digest_null '' flag align4 |
| ref = IP() \ |
| / ESP(spi=0x222, |
| data=b'\x36\x5c\x9b\x41\x37\xc8\x59\x1e\x39\x63\xe8\x6b\xf7\x0d\x97\x54' |
| b'\x13\x84\xf6\x81\x66\x19\xe7\xcb\x75\x94\xf1\x0b\x8e\xa3\xf1\xa0' |
| b'\x3e\x88\x51\xc4\x50\xd0\xa9\x1f\x16\x25\xc6\xbd\xe9\x0b\xdc\xae' |
| b'\xf8\x13\x00\xa3\x8c\x53\xee\x1c\x96\xc0\xfe\x99\x70\xab\x94\x77' |
| b'\xd7\xc4\xe8\xfd\x9f\x96\x28\xb8\x95\x20\x86\x7b\x19\xbc\x8f\xf5' |
| b'\x96\xb0\x7e\xcc\x04\x83\xae\x4d\xa3\xba\x1d\x44\xf0\xba\x2e\xcd', |
| seq=1) |
| |
| d_ref = sa.decrypt(ref) |
| d_ref |
| |
| * Check for ICMP layer in decrypted reference |
| assert(d_ref.haslayer(ICMP)) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - AES-CBC - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| # Generated with Linux 4.4.0-62-generic #83-Ubuntu |
| # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ |
| # mode tunnel enc 'cbc(aes)' '0x7369787465656e6279746573206b6579' auth digest_null '' flag align4 |
| ref = IP() \ |
| / ESP(spi=0x222, |
| data=b'\x08\x2f\x94\xe6\x53\xd8\x8e\x13\x70\xe8\xff\x61\x52\x90\x27\x3c' |
| b'\xf2\xb4\x1f\x75\xd2\xa0\xac\xae\x1c\xa8\x5e\x1c\x78\x21\x4c\x7f' |
| b'\xc3\x30\x17\x6a\x8d\xf3\xb1\xa7\xd1\xa8\x42\x01\xd6\x8d\x2d\x7e' |
| b'\x5d\x06\xdf\xaa\x05\x27\x42\xb1\x00\x12\xcf\xff\x64\x02\x5a\x40' |
| b'\xcd\xca\x1b\x91\xba\xf8\xc8\x59\xe7\xbd\x4d\x19\xb4\x8d\x39\x25' |
| b'\x6c\x73\xf1\x2d\xaa\xee\xe1\x0b\x71\xcd\xfc\x11\x1d\x56\xce\x60' |
| b'\xed\xd2\x32\x87\xd4\x90\xc3\xf5\x31\x47\x97\x69\x83\x82\x6d\x38', |
| seq=1) |
| |
| d_ref = sa.decrypt(ref) |
| d_ref |
| |
| * Check for ICMP layer in decrypted reference |
| assert(d_ref.haslayer(ICMP)) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - AES-CTR - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CTR', crypt_key=b'16bytekey+4bytenonce', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| # Generated with Linux 4.4.0-62-generic #83-Ubuntu |
| # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ |
| # mode tunnel enc 'rfc3686(ctr(aes))' '0x3136627974656b65792b34627974656e6f6e6365' auth digest_null '' flag align4 |
| ref = IP() \ |
| / ESP(spi=0x222, |
| data=b'\xc4\xca\x09\x0f\x8b\xd3\x05\x3d\xac\x5a\x2f\x87\xca\x71\x10\x01' |
| b'\xa7\x95\xc9\x07\xcc\xd4\x05\x58\x65\x23\x22\x4b\x63\x9b\x1f\xef' |
| b'\x55\xb9\x1a\x91\x52\x76\x00\xf7\x94\x7b\x1d\xe1\x8e\x03\x2e\x85' |
| b'\xad\xdd\x83\x22\x8a\xc3\x88\x6e\x85\xf5\x9b\xed\xa9\x6e\xb1\xc3' |
| b'\x78\x00\x2f\xcd\x77\xe8\x3e\xec\x0e\x77\x94\xb2\x9b\x0f\x64\x5e' |
| b'\x09\x83\x03\x7d\x83\x22\x39\xbb\x94\x66\xae\x9f\xbf\x01\xda\xfb', |
| seq=1) |
| |
| d_ref = sa.decrypt(ref) |
| d_ref |
| |
| * Check for ICMP layer in decrypted reference |
| assert(d_ref.haslayer(ICMP)) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - Blowfish - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='Blowfish', crypt_key=b'sixteenbytes key', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| # Generated with Linux 4.4.0-62-generic #83-Ubuntu |
| # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ |
| # mode tunnel enc 'cbc(blowfish)' '0x7369787465656e6279746573206b6579' auth digest_null '' flag align4 |
| ref = IP() \ |
| / ESP(spi=0x222, |
| data=b'\x93\x9f\x5a\x10\x55\x57\x30\xa0\xb4\x00\x72\x1e\x46\x42\x46\x20' |
| b'\xbc\x01\xef\xc3\x79\xcc\x3e\x55\x64\xba\x09\xc2\x6a\x5a\x5c\xb3' |
| b'\xcc\xb5\xd5\x87\x82\xb0\x0a\x94\x58\xfc\x50\x37\x40\xe1\x03\xd3' |
| b'\x4a\x09\xb2\x23\x53\x56\xa4\x45\x4c\xbb\x81\x1c\xdb\x31\xa7\x67' |
| b'\xbd\x38\x8e\xba\x55\xd9\x1f\xf1\x3c\xeb\x07\x4c\x02\xb0\x3e\xc5' |
| b'\xf6\x60\xdd\x68\xe1\xd4\xec\xee\x27\xc0\x6d\x1a\x80\xe2\xcc\x7d', |
| seq=1) |
| |
| d_ref = sa.decrypt(ref) |
| d_ref |
| |
| * Check for ICMP layer in decrypted reference |
| assert(d_ref.haslayer(ICMP)) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - CAST - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='CAST', crypt_key=b'sixteenbytes key', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| # Generated with Linux 4.4.0-62-generic #83-Ubuntu |
| # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ |
| # mode tunnel enc 'cbc(cast5)' '0x7369787465656e6279746573206b6579' auth digest_null '' flag align4 |
| ref = IP() \ |
| / ESP(spi=0x222, |
| data=b'\xcd\x4a\x46\x05\x51\x54\x73\x35\x1d\xad\x4b\x10\xc1\x15\xe2\x70' |
| b'\xbc\x9c\x53\x8f\x4d\x1c\x87\x1a\xc1\xb0\xdf\x80\xd1\x0c\xa4\x59' |
| b'\xe6\x50\xde\x46\xdb\x3f\x28\xc2\xda\x6c\x2b\x81\x5e\x7c\x7b\x4f' |
| b'\xbc\x8d\xc1\x6d\x4a\x2b\x04\x91\x9e\xc4\x0b\xba\x05\xba\x3b\x71' |
| b'\xac\xe3\x16\xcf\x7f\x00\xc5\x87\x7d\x72\x48\xe6\x5b\x43\x19\x24' |
| b'\xae\xa6\x2c\xcc\xad\xbf\x37\x6c\x6e\xea\x71\x67\x73\xd6\x11\x9f', |
| seq=1) |
| |
| d_ref = sa.decrypt(ref) |
| d_ref |
| |
| * Check for ICMP layer in decrypted reference |
| assert(d_ref.haslayer(ICMP)) |
| |
| ############################################################################### |
| + IPv4 / ESP - Tunnel - Encryption Algorithms |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - NULL |
| ~ -crypto |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - DES - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='DES', crypt_key=b'8bytekey', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an ESP layer |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - 3DES - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='3DES', crypt_key=b'threedifferent8byteskeys', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an ESP layer |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - AES-CBC - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - AES-CTR - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CTR', crypt_key=b'16bytekey+4bytenonce', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - Blowfish - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='Blowfish', crypt_key=b'sixteenbytes key', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - CAST - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='CAST', crypt_key=b'sixteenbytes key', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| ############################################################################### |
| + IPv4 / ESP - Transport - Authentication Algorithms |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - HMAC-SHA1-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - HMAC-SHA1-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - SHA2-256-128 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-256-128', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet should be preserved |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - SHA2-256-128 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-256-128', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - SHA2-384-192 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-384-192', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet should be preserved |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - SHA2-384-192 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-384-192', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - SHA2-512-256 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-512-256', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet should be preserved |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - SHA2-512-256 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-512-256', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - HMAC-MD5-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-MD5-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet should be preserved |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - HMAC-MD5-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-MD5-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - AES-CMAC-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet should be preserved |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - NULL - AES-CMAC-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ############################################################################### |
| + IPv4 / ESP - Tunnel - Authentication Algorithms |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - HMAC-SHA1-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - HMAC-SHA1-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - SHA2-256-128 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-256-128', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet should be preserved |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - SHA2-256-128 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-256-128', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - SHA2-384-192 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-384-192', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet should be preserved |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - SHA2-384-192 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-384-192', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - SHA2-512-256 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-512-256', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet should be preserved |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - SHA2-512-256 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='SHA2-512-256', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - HMAC-MD5-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-MD5-96', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet should be preserved |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - HMAC-MD5-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-MD5-96', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - AES-CMAC-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet should be preserved |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - NULL - AES-CMAC-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should be readable |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ############################################################################### |
| + IPv4 / ESP - Encryption + Authentication |
| |
| ####################################### |
| = IPv4 / ESP - Transport - AES-CBC - HMAC-SHA1-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - AES-CBC - HMAC-SHA1-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Transport - AES-GCM - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| # Generated with Linux 4.4.0-62-generic #83-Ubuntu |
| # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ |
| # mode tunnel aead 'rfc4106(gcm(aes))' '0x3136627974656b65792b34627974656e6f6e6365' 128 flag align4 |
| ref = IP() \ |
| / ESP(spi=0x222, |
| data=b'\x66\x00\x28\x86\xe9\xdf\xc5\x24\xb0\xbd\xfd\x62\x61\x7e\xd3\x76' |
| b'\x7b\x48\x28\x8e\x76\xaa\xea\x48\xb8\x40\x30\x8a\xce\x50\x71\xbb' |
| b'\xc0\xb2\x47\x71\xd7\xa4\xa0\xcb\x03\x68\xd3\x16\x5a\x7c\x37\x84' |
| b'\x87\xc7\x19\x59\xb4\x7c\x76\xe3\x48\xc0\x90\x4b\xd2\x36\x95\xc1' |
| b'\xb7\xa4\xb6\x7b\x89\xe6\x4f\x10\xae\xdb\x84\x47\x46\x00\xb4\x44' |
| b'\xe6\x6d\x16\x55\x5f\x82\x36\xa5\x49\xf7\x52\x81\x65\x90\x4d\x28' |
| b'\x92\xb2\xe3\xf1\xa4\x02\xd2\x37\xac\x0b\x7a\x10\xcf\x64\x46\xb9', |
| seq=1) |
| |
| d_ref = sa.decrypt(ref) |
| d_ref |
| |
| * Check for ICMP layer in decrypted reference |
| assert(d_ref.haslayer(ICMP)) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - AES-GCM - NULL - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Transport - AES-CCM - NULL |
| ~ crypto_advanced |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d == p) |
| |
| # Generated with Linux 4.4.0-62-generic #83-Ubuntu |
| # ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 546 reqid 1 \ |
| # mode tunnel aead 'rfc4309(ccm(aes))' '0x3136627974656b657933627974656e6f6e6365' 64 |
| ref = IP() \ |
| / ESP(spi=0x222, |
| data=b'\x2e\x02\x9f\x1f\xad\x76\x80\x58\x8f\xeb\x45\xf1\x66\xe3\xad\xa6' |
| b'\x90\x1b\x2b\x7d\xd3\x3d\xa4\x53\x35\xc8\xfa\x92\xfd\xd7\x42\x2f' |
| b'\x87\x60\x9b\x46\xb0\x21\x5e\x82\xfb\x2f\x59\xba\xf0\x6c\xe5\x51' |
| b'\xb8\x36\x20\x88\xfe\x49\x86\x60\xe8\x0a\x3d\x36\xb5\x8a\x08\xa9' |
| b'\x5e\xe3\x87\xfa\x93\x3f\xe8\xc2\xc5\xbf\xb1\x2e\x6f\x7d\xc5\xa5' |
| b'\xd8\xe5\xf3\x25\x21\x81\x43\x16\x48\x10\x7c\x04\x31\x20\x07\x7c' |
| b'\x7b\xda\x5d\x1a\x72\x45\xc4\x79', |
| seq=1) |
| |
| d_ref = sa.decrypt(ref) |
| d_ref |
| |
| * Check for ICMP layer in decrypted reference |
| assert(d_ref.haslayer(ICMP)) |
| |
| ####################################### |
| = IPv4 / ESP - Transport - AES-CCM - NULL - altered packet |
| ~ crypto_advanced |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - AES-CBC - HMAC-SHA1-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - AES-CBC - HMAC-SHA1-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - AES-GCM - NULL |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - AES-GCM - NULL - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - AES-CCM - NULL |
| ~ crypto_advanced |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / ESP - Tunnel - AES-CCM - NULL |
| ~ crypto_advanced |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ############################################################################### |
| + IPv4 / AH - Transport |
| |
| ####################################### |
| = IPv4 / AH - Transport - HMAC-SHA1-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-SHA1-96', auth_key=b'sixteenbytes key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / AH - Transport - HMAC-SHA1-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-SHA1-96', auth_key=b'sixteenbytes key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before decryption |
| e[TCP].sport = 5 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / AH - Transport - SHA2-256-128 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-256-128', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / AH - Transport - SHA2-256-128 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-256-128', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e[TCP].dport = 46 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / AH - Transport - SHA2-384-192 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-384-192', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / AH - Transport - SHA2-384-192 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-384-192', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e[TCP].dport = 46 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / AH - Transport - SHA2-512-256 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-512-256', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / AH - Transport - SHA2-512-256 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-512-256', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e[TCP].dport = 46 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / AH - Transport - HMAC-MD5-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-MD5-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / AH - Transport - HMAC-MD5-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-MD5-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e[TCP].dport = 46 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / AH - Transport - AES-CMAC-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / AH - Transport - AES-CMAC-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '1.1.1.1' and e.dst == '2.2.2.2') |
| assert(e.chksum != p.chksum) |
| * the encrypted packet should have an AH layer |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e[TCP].dport = 46 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ############################################################################### |
| + IPv4 / AH - Tunnel |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - HMAC-SHA1-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - HMAC-SHA1-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e.dst = '4.4.4.4' |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - SHA2-256-128 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-256-128', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet should be unaltered |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - SHA2-256-128 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-256-128', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e.dst = '4.4.4.4' |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - SHA2-384-192 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-384-192', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet should be unaltered |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - SHA2-384-192 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-384-192', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e.dst = '4.4.4.4' |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - SHA2-512-256 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-512-256', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet should be unaltered |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - SHA2-512-256 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-512-256', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e.dst = '4.4.4.4' |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - HMAC-MD5-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-MD5-96', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet should be unaltered |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - HMAC-MD5-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-MD5-96', auth_key=b'secret key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e.dst = '4.4.4.4' |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - AES-CMAC-96 |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.ttl = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet should be unaltered |
| assert(d == p) |
| |
| ####################################### |
| = IPv4 / AH - Tunnel - AES-CMAC-96 - altered packet |
| |
| p = IP(src='1.1.1.1', dst='2.2.2.2') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IP(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='AES-CMAC-96', auth_key=b'sixteenbytes key', |
| tunnel_header=IP(src='11.11.11.11', dst='22.22.22.22')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IP)) |
| assert(e.src == '11.11.11.11' and e.dst == '22.22.22.22') |
| assert(e.chksum != p.chksum) |
| assert(e.proto == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e.dst = '4.4.4.4' |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ############################################################################### |
| + IPv6 / ESP |
| |
| ####################################### |
| = IPv6 / ESP - Transport - NULL - NULL |
| ~ -crypto |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Transport - AES-CBC - NULL |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Transport - NULL - HMAC-SHA1-96 |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Transport - NULL - HMAC-SHA1-96 - altered packet |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv6 / ESP - Transport - AES-CBC - HMAC-SHA1-96 |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Transport - AES-CBC - HMAC-SHA1-96 - altered packet |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv6 / ESP - Transport - AES-GCM - NULL |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Transport - AES-GCM - NULL - altered packet |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv6 / ESP - Transport - AES-CCM - NULL |
| ~ crypto_advanced |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Transport - AES-CCM - NULL - altered packet |
| ~ crypto_advanced |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', |
| auth_algo='NULL', auth_key=None) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv6 / ESP - Tunnel - NULL - NULL |
| ~ -crypto |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Tunnel - AES-CBC - NULL |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Tunnel - NULL - HMAC-SHA1-96 |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Tunnel - NULL - HMAC-SHA1-96 - altered packet |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='NULL', crypt_key=None, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| assert(b'testdata' in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].data = e[ESP].data.replace(b'\x01', b'\x21') |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv6 / ESP - Tunnel - AES-CBC - HMAC-SHA1-96 |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Tunnel - AES-CBC - HMAC-SHA1-96 - altered packet |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CBC', crypt_key=b'sixteenbytes key', |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv6 / ESP - Tunnel - AES-GCM - NULL |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Tunnel - AES-GCM - NULL - altered packet |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-GCM', crypt_key=b'16bytekey+4bytenonce', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv6 / ESP - Tunnel - AES-CCM - NULL |
| ~ crypto_advanced |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption original packet should be preserved |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / ESP - Tunnel - AES-CCM - NULL - altered packet |
| ~ crypto_advanced |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(ESP, spi=0x222, |
| crypt_algo='AES-CCM', crypt_key=b'16bytekey3bytenonce', |
| auth_algo='NULL', auth_key=None, |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| assert(e.nh == socket.IPPROTO_ESP) |
| assert(e.haslayer(ESP)) |
| assert(not e.haslayer(TCP)) |
| assert(e[ESP].spi == sa.spi) |
| * after encryption the original packet payload should NOT be readable |
| assert(b'testdata' not in e[ESP].data) |
| |
| * simulate the alteration of the packet before decryption |
| e[ESP].seq += 1 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| ############################################################################### |
| + IPv6 / AH |
| |
| ####################################### |
| = IPv6 / AH - Transport - HMAC-SHA1-96 |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| * the encrypted packet should have an AH layer |
| assert(e.nh == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.hlim = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / AH - Transport - HMAC-SHA1-96 - altered packet |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| * the encrypted packet should have an AH layer |
| assert(e.nh == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e[TCP].dport = 46 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv6 / AH - Transport - SHA2-256-128 |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-256-128', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| * the encrypted packet should have an AH layer |
| assert(e.nh == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.hlim = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d[TCP] == p[TCP]) |
| |
| ####################################### |
| = IPv6 / AH - Transport - SHA2-256-128 - altered packet |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-256-128', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| assert(e.src == '11::22' and e.dst == '22::11') |
| * the encrypted packet should have an AH layer |
| assert(e.nh == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e[TCP].dport = 46 |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv6 / AH - Tunnel - HMAC-SHA1-96 |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.hlim = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d == p) |
| |
| ####################################### |
| = IPv6 / AH - Tunnel - HMAC-SHA1-96 - altered packet |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key', |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e.src = 'cc::ee' |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ####################################### |
| = IPv6 / AH - Tunnel - SHA2-256-128 |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-256-128', auth_key=b'secret key', |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * alter mutable fields in the packet |
| e.hlim = 2 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |
| * after decryption the original packet payload should be unaltered |
| assert(d == p) |
| |
| ####################################### |
| = IPv6 / AH - Tunnel - SHA2-256-128 - altered packet |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='SHA2-256-128', auth_key=b'secret key', |
| tunnel_header=IPv6(src='aa::bb', dst='bb::aa')) |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(isinstance(e, IPv6)) |
| * after encryption packet should be encapsulated with the given ip tunnel header |
| assert(e.src == 'aa::bb' and e.dst == 'bb::aa') |
| assert(e.nh == socket.IPPROTO_AH) |
| assert(e.haslayer(AH)) |
| assert(e.haslayer(TCP)) |
| assert(e[AH].spi == sa.spi) |
| |
| * simulate the alteration of the packet before verification |
| e.src = 'cc::ee' |
| |
| * integrity verification should fail |
| try: |
| d = sa.decrypt(e) |
| assert(False) |
| except IPSecIntegrityError as err: |
| err |
| |
| ############################################################################### |
| + IPv6 + Extensions / AH |
| |
| ####################################### |
| = IPv6 + Extensions / AH - Transport |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= IPv6ExtHdrHopByHop() |
| p /= IPv6ExtHdrDestOpt() |
| p /= IPv6ExtHdrRouting() |
| p /= IPv6ExtHdrDestOpt() |
| p /= IPv6ExtHdrFragment() |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(e.src == '11::22' and e.dst == '22::11') |
| * AH header should be inserted between the routing header and the dest options header |
| assert(isinstance(e[AH].underlayer, IPv6ExtHdrRouting)) |
| assert(isinstance(e[AH].payload, IPv6ExtHdrDestOpt)) |
| |
| ####################################### |
| = IPv6 + Routing Header / AH - Transport |
| |
| p = IPv6(src='11::22', dst='22::11') |
| p /= IPv6ExtHdrHopByHop() |
| p /= IPv6ExtHdrRouting(addresses=['aa::bb', 'cc::dd', 'ee::ff']) |
| p /= TCP(sport=45012, dport=80) |
| p /= Raw('testdata') |
| p = IPv6(raw(p)) |
| p |
| |
| sa = SecurityAssociation(AH, spi=0x222, |
| auth_algo='HMAC-SHA1-96', auth_key=b'secret key') |
| |
| e = sa.encrypt(p) |
| e |
| |
| assert(e.src == '11::22' and e.dst == '22::11') |
| * AH header should be inserted between the routing header and TCP |
| assert(isinstance(e[AH].underlayer, IPv6ExtHdrRouting)) |
| assert(isinstance(e[AH].payload, TCP)) |
| |
| * reorder the routing header as the receiver will get it |
| final = e[IPv6ExtHdrRouting].addresses.pop() |
| e[IPv6ExtHdrRouting].addresses.insert(0, e.dst) |
| e.dst = final |
| e[IPv6ExtHdrRouting].segleft = 0 |
| |
| * integrity verification should pass |
| d = sa.decrypt(e) |
| d |
| |