packetgen-plugin-ipsec
Warning: this repository is a work-in-progress. It will be available with packetgen3.
This is a plugin for PacketGen gem. It adds two protocols:
-
PacketGen::Plugin::ESP: IP Encapsulating Security Payload (RFC 4303), -
PacketGen::Plugin::IKE: Internet Key Exchange v2 (RFC 7296).
Installation
Add this line to your application's Gemfile:
gem 'packetgen-plugin-ipsec'And then execute:
$ bundle
Or install it yourself as:
$ gem install packetgen-plugin-ipsec
Usage
First, you have to require packetgen-plugin-ipsec:
require 'packetgen-plugin-ipsec'Parse an ESP or IKE packet
pkt = PacketGen.parse(str)Read a PcapNG file containing ESP and/or IKE packets
pkts = PacketGen.read('ipsec.pcapng')Access to ESP and IKE headers
pkt.esp #=> PacketGen::Plugin::ESP
pkt.ike #=> PacketGen::Plugin::IKEForge packets
ESP (transport mode)
pkt = PacketGen.gen('IP', src: '1.1.1.1', dst: '2.2.2.2').
add('ESP', spi: 0xff456e01, sn: 12345678).
add('UDP', dport: 4567, sport: 45362, body 'abcdef')
cipher = OpenSSL::Cipher.new('aes-128-cbc')
cipher.encrypt
cipher.key = 16bytes_key
iv = 16bytes_iv
pkt.esp.esp.encrypt! cipher, iv
pkt.to_wIKE (IKE_SA_INIT)
pkt = PacketGen.gen('IP', src: '1.1.1.1', dst: '2.2.2.2').
add('UDP').
add('IKE', init_spi: spi, flags: 8).
add('IKE::SA').
add('IKE::KE', group: 'ECP256', content: key_ex_data).
add('IKE::Nonce', content: nonce_data)
pkt.ike_sa.proposals << { num: 1, protocol: 'IKE' }
pkt.ike_sa.proposals.first.transforms << { type: 'ENCR', id: 'AES_CTR' }
pkt.ike_sa.proposals[0].transforms[0].attributes << { type: 0x800e, value: 128 }
pkt.to_wSee also
API documentation: http://www.rubydoc.info/gems/packetgen-plugin-ipsec
License
MIT License (see LICENSE)
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/sdaubert/packetgen-plugin-ipsec.