Class: PacketGen::Plugin::IKE::Transform

Inherits:

Types::Fields

• Object
• Types::Fields
• PacketGen::Plugin::IKE::Transform

Defined in:

lib/packetgen/plugin/ike/sa.rb

Overview

SA Tranform substructure, as defined in RFC 7296 §3.3.2

                     1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Last Substruc |   RESERVED    |        Transform Length       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Transform Type |   RESERVED    |          Transform ID         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                                                               |
~                      Transform Attributes                     ~
|                                                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Create a Transform

# using type and id names
trans = PacketGen::Plugin::IKE::Transform.new(type: 'ENCR', id: 'AES_CBC')
# using integer values
trans = PacketGen::Plugin::IKE::Transform.new(type: 1, id: 12)

Add attributes to a transform

# using an Attribute object
attr = PacketGen::Plugin::IKE::Attribute.new(type: 14, value: 128)
trans.attributes << attr
# using a hash
trans.attributes << { type: 14, value: 128 }

Author:

• Sylvain Daubert

Constant Summary

TYPES =

Transform types

{
  'ENCR' => 1,
  'PRF' => 2,
  'INTG' => 3,
  'DH' => 4,
  'ESN' => 5
}.freeze

ENCR_DES_IV64 =

DES encryption with 64-bit IV

1

ENCR_DES =

DES encryption

2

ENCR_3DES =

3DES encryption

3

ENCR_RC5 =

RC5 integrity

4

ENCR_IDEA =

IDEA encryption

5

ENCR_CAST =

Cast encryption

6

ENCR_BLOWFISH =

Blowfish encryption

7

ENCR_3IDEA =

3IDEA encryption

8

ENCR_DES_IV32 =

DES encryption with 32-bit IV

9

ENCR_AES_CBC =

AES with CBC mode encryption

12

ENCR_AES_CTR =

AES with CTR mode encryption

13

ENCR_AES_CCM8 =

AES with CCM mode encryption/authentication, 8-bytes ICV

14

ENCR_AES_CCM12 =

AES with CCM mode encryption/authentication, 12-bytes ICV

15

ENCR_AES_CCM16 =

AES with CCM mode encryption/authentication, 16-bytes ICV

16

ENCR_AES_GCM8 =

AES with GCM mode encryption/authentication, 8-bytes ICV

18

ENCR_AES_GCM12 =

AES with GCM mode encryption/authentication, 12-bytes ICV

19

ENCR_AES_GCM16 =

AES with GCM mode encryption/authentication, 16-bytes ICV

20

ENCR_CAMELLIA_CBC =

CAMELLIA with CBC mode encryption

23

ENCR_CAMELLIA_CTR =

CAMELLIA with CTR mode encryption

24

ENCR_CAMELLIA_CCM8 =

CAMELLIA with CCM mode encryption/authentication, 8-bytes ICV

25

ENCR_CAMELLIA_CCM12 =

CAMELLIA with CCM mode encryption/authentication, 12-bytes ICV

26

ENCR_CAMELLIA_CCM16 =

CAMELLIA with CCM mode encryption/authentication, 16-bytes ICV

27

ENCR_CHACHA20_POLY1305 =

CHACHA20 encryption with POLY1035 authentication

28

PRF_HMAC_MD5 =

PRF with HMAC on MD5

1

PRF_HMAC_SHA1 =

PRF with HMAC on SHA-1

2

PRF_AES128_XCBC =

PRF with AES-128 with XCBC mode

4

PRF_HMAC_SHA2_256 =

PRF with HMAC on SHA-256

5

PRF_HMAC_SHA2_384 =

PRF with HMAC on SHA-384

6

PRF_HMAC_SHA2_512 =

PRF with HMAC on SHA-512

7

PRF_AES128_CMAC =

PRF with AES-128 withg CMAC mode

8

INTG_NONE =

No integrity

0

INTG_HMAC_MD5_96 =

Integrity with HMAC on MD5, 96-bit ICV

1

INTG_HMAC_SHA1_96 =

Integrity with HMAC on SHA-1, 96-bit ICV

2

INTG_AES_XCBC_96 =

Integrity with AES with XCBC mode, 96-bit ICV

5

INTG_HMAC_MD5_128 =

Integrity with HMAC on MD5, 128-bit ICV

6

INTG_HMAC_SHA1_160 =

Integrity with HMAC on SHA-1, 128-bit ICV

7

INTG_AES_CMAC_96 =

Integrity with AES with CMAC mode, 96-bit ICV

8

INTG_AES128_GMAC =

Integrity with AES-128 with GMAC mode, 128-bit ICV

9

INTG_AES192_GMAC =

Integrity with AES-192 with GMAC mode, 128-bit ICV

10

INTG_AES256_GMAC =

Integrity with AES-256 with GMAC mode, 128-bit ICV

11

INTG_HMAC_SHA2_256_128 =

Integrity with HMAC on SHA-256, 128-bit ICV

12

INTG_HMAC_SHA2_384_192 =

Integrity with HMAC on SHA-384, 192-bit ICV

13

INTG_HMAC_SHA2_512_256 =

Integrity with HMAC on SHA-512, 256-bit ICV

14

DH_NONE =

No key-exchange

0

DH_MODP768 =

Key exchange with Diffie-Hellman on modp-768 group

1

DH_MODP1024 =

Key exchange with Diffie-Hellman on modp-1024 group

2

DH_MODP1536 =

Key exchange with Diffie-Hellman on modp-1536 group

5

DH_MODP2048 =

Key exchange with Diffie-Hellman on modp-2048 group

14

DH_MODP3072 =

Key exchange with Diffie-Hellman on modp-3072 group

15

DH_MODP4096 =

Key exchange with Diffie-Hellman on modp-4096 group

16

DH_MODP6144 =

Key exchange with Diffie-Hellman on modp-6144 group

17

DH_MODP8192 =

Key exchange with Diffie-Hellman on modp-8192 group

18

DH_ECP256 =

Key exchange with Diffie-Hellman on NIST p256 Elliptic curve

19

DH_ECP384 =

Key exchange with Diffie-Hellman on NIST p384 Elliptic curve

20

DH_ECP521 =

Key exchange with Diffie-Hellman on NIST p521 Elliptic curve

21

DH_BRAINPOOLP224 =

Key exchange with Diffie-Hellman on Brainpool P224 Elliptic curve

27

DH_BRAINPOOLP256 =

Key exchange with Diffie-Hellman on Brainpool P256 Elliptic curve

28

DH_BRAINPOOLP384 =

Key exchange with Diffie-Hellman on Brainpool P384 Elliptic curve

29

DH_BRAINPOOLP512 =

Key exchange with Diffie-Hellman on Brainpool P512 Elliptic curve

30

DH_CURVE25519 =

Key exchange with Diffie-Hellman on curve25519 Elliptic curve

31

DH_CURVE448 =

Key exchange with Diffie-Hellman on curve448 Elliptic curve

32

ESN_NO_ESN =

No Extended Sequence Number

0

ESN_ESN =

Use Extended Sequence Number

1

Instance Attribute Summary

• #attributes ⇒ Attributes

  Set of attributes for this transform.

• #id ⇒ Integer

  16-bit transform ID.

• #last ⇒ Integer

  8-bit last substructure.

• #length ⇒ Integer

  16-bit transform length.

• #rsv1 ⇒ Integer

  8-bit reserved field.

• #rsv2 ⇒ Integer

  8-bit reserved field.

• #type ⇒ Integer readonly

  8-bit transform type.

Instance Method Summary

• #calc_length ⇒ Integer

  Compute length and set #length field.

• #human_id ⇒ String

  Get human-readable ID.

• #human_type ⇒ String

  Get human-readable type.

• #initialize(options = {}) ⇒ Transform constructor

  A new instance of Transform.

• #last? ⇒ Boolean^?

  Say if this transform is the last one (from #last field).

• #to_human ⇒ String

  Get a human readable string.

Constructor Details

#initialize(options = {}) ⇒ Transform

Returns a new instance of Transform.

# File 'lib/packetgen/plugin/ike/sa.rb', line 284

def initialize(options={})
  super
  self.type = options[:type] if options[:type]
  self.id = options[:id] if options[:id]
  self[:length].value = sz unless options[:length]
end

Instance Attribute Details

#attributes ⇒ Attributes

Set of attributes for this transform

Returns:

• (Attributes)

# File 'lib/packetgen/plugin/ike/sa.rb', line 282

define_field :attributes, Attributes, builder: ->(h, t) { t.new(length_from: -> { h.length - h.offset_of(:attributes) }) }

#id ⇒ Integer

16-bit transform ID. The Transform ID is the specific instance of the proposed transform type.

Returns:

• (Integer)

# File 'lib/packetgen/plugin/ike/sa.rb', line 278

define_field :id, PacketGen::Types::Int16

#last ⇒ Integer

8-bit last substructure. Specifies whether or not this is the last Transform Substructure in the Proposal. This field has a value of 0 if this was the last Transform Substructure, and a value of 3 if there are more Transform Substructures.

Returns:

• (Integer)

# File 'lib/packetgen/plugin/ike/sa.rb', line 256

define_field :last, PacketGen::Types::Int8

#length ⇒ Integer

16-bit transform length

Returns:

• (Integer)

# File 'lib/packetgen/plugin/ike/sa.rb', line 264

define_field :length, PacketGen::Types::Int16

#rsv1 ⇒ Integer

8-bit reserved field

Returns:

• (Integer)

# File 'lib/packetgen/plugin/ike/sa.rb', line 260

define_field :rsv1, PacketGen::Types::Int8

#rsv2 ⇒ Integer

8-bit reserved field

Returns:

• (Integer)

# File 'lib/packetgen/plugin/ike/sa.rb', line 273

define_field :rsv2, PacketGen::Types::Int8

#type ⇒ Integer (readonly)

8-bit transform type. The Transform Type is the cryptographic algorithm type (i.e. encryption, PRF, integrity, etc.)

Returns:

• (Integer)

# File 'lib/packetgen/plugin/ike/sa.rb', line 269

define_field :type, PacketGen::Types::Int8Enum, enum: TYPES

Instance Method Details

#calc_length ⇒ Integer

Compute length and set #length field

Returns:

• (Integer) —

  new length

# File 'lib/packetgen/plugin/ike/sa.rb', line 311

def calc_length
  PacketGen::Header::Base.calculate_and_set_length self
end

#human_id ⇒ String

Get human-readable ID

Returns:

• (String)

# File 'lib/packetgen/plugin/ike/sa.rb', line 336

def human_id
  name = self.class.constants.grep(/#{human_type}_/)
             .detect { |c| self.class.const_get(c) == id } || "ID=#{id}"
  name.to_s.sub(/#{human_type}_/, '')
end

#human_type ⇒ String

Get human-readable type

Returns:

• (String)

# File 'lib/packetgen/plugin/ike/sa.rb', line 326

def human_type
  if self[:type].enum.value? self.type
    self[:type].to_human
  else
    "type[#{self.type}]"
  end
end

#last? ⇒ Boolean^?

Say if this transform is the last one (from #last field)

Returns:

• (Boolean, nil) —

  returns a Boolean when #last has defined value (0 => true, 3 => false), else nil is returned.

# File 'lib/packetgen/plugin/ike/sa.rb', line 344

def last?
  case last
  when 0
    true
  when 3
    false
  end
end

#to_human ⇒ String

Get a human readable string

Returns:

• (String)

# File 'lib/packetgen/plugin/ike/sa.rb', line 317

def to_human
  h = +"#{human_type}(#{human_id}"
  h << ",#{attributes.to_human}" unless attributes.empty?

  h << ')'
end