Ticket #26: scapysec.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Document sans nom</title>
<style type="text/css">
<!--
.Style1 {color: #FF0000}
.Style2 {font-family: Arial, Helvetica, sans-serif}
.Style3 {
        color: #000000;
        font-weight: bold;
}
.Style4 {font-family: Arial, Helvetica, sans-serif; font-style: italic; }
.Style5 {font-family: "Courier New", Courier, monospace}
.Style6 {color: #0080FF}
.Style7 {font-family: Arial, Helvetica, sans-serif; color: #0080FF; }
.Style8 {font-family: Arial, Helvetica, sans-serif; color: #0080FF; font-weight: bold; }
-->
</style>
</head>

<body>
<p></p>
<p class="Style2"><span class="Style3">README : Scapysec v1.0 (IPsec
for Scapy)</span><br />
  <br />
</p>
<p class="Style4"> Author: Frederic ROUDAUT <br />
  (frederic.roudaut@free.fr)</p>
<p class="Style4"> Date : 2006</p>
<p class="Style2">&nbsp;</p>
<p class="Style8"><a href="#chap1">1 - INTRODUCTION : Scapy & Scapysec</a><br />
  <a href="#chap2">2 - OVERVIEW</a><br />
  <a href="#chap3">3 - NEEDS AND INSTALLATION</a><br />
  <a href="#chap4">4 - THE ESP CLASS</a><br />
  <a href="#chap5">5 - SECURITY ASSOCIATIONS DATABASE (SAD)</a><br />
  <a href="#chap5_1">5.1 - PACKET MATCHING WITH SA</a><br />
  <a href="#chap5_2">5.2 - ENCRYPTION ALGORITHMS</a><br />
  <a href="#chap5_3">5.3 - AUTHENTICATION ALGORITHM</a><br />
  <a href="#chap5_4">5.4 - SETTING THE SAD</a><br />
  <a href="#chap5_4_1">5.4.1 - ADDING A SA</a><br />
  <a href="#chap5_4_2">5.4.2 - DELETING A SA</a><br />
  <a href="#chap5_4_3">5.4.3 - CLEARING THE DATABASE</a><br />
  <a href="#chap6">6 - ENCRYPTION ON THE FLIGHT : IPsec Class</a><br />
  <a href="#chap7">7 - WHAT'S MORE</a><br />
  <a href="#chap8">8 - UPDATE</a><br />
  <a href="#chap9">9 - POSSIBLE EXTENSIONS</a><br />
  <a href="#chap10">10 - CREDITS AND LICENCE</a><br />
  <a href="#chap11">11 - BUGS</a></p>
<p class="Style8"><a href="#chapA">ANNEX A - IPSEC ALGORITHMS AND KEYS</a><br />
  <a href="#chapA.1">A.1 - ESP ALGORITHMS</a><br />
  <a href="#chapA.1.1">A.1.1 - REQUIREMENTS</a><br />
  <a href="#chapA.1.2">A.1.2 : TripleDES-CBC [RFC2451]</a><br />
  <a href="#chapA.1.3">A.1.3 : AES-CBC with 128-bit keys [RFC3602]</a><br />
  <a href="#chapA.1.4">A.1.4 : AES-CTR [RFC3686]</a><br />
  <a href="#chapA.1.5">A.1.5 : DES-CBC [RFC2405]</a><br />
  <a href="#chapA.1.6">A.1.6 : BLOWFISH-CBC [RFC2451]</a><br />
  <a href="#chapA.1.7">A.1.7 : HMAC-MD5-96 [RFC2403]</a><br />
  <a href="#chapA.1.8">A.1.8 : HMAC-SHA1-96 [RFC2404]</a><br />
  <a href="#chapA.1.9">A.1.9 : HMAC-SHA256</a></p>
<p class="Style7">&nbsp;</p>
<p class="Style2">&nbsp;</p>
<h2 class="Style2"><span class="Style6">1 - INTRODUCTION : Scapy &amp; Scapysec</span><a name="chap1" id="chap1"></a><br />
</h2>
<p class="Style2">&quot;Scapy (<a href="http://www.secdev.org/projects/scapy/">http://www.secdev.org/projects/scapy/</a>) is a powerful<br />
  interactive packet manipulation program. It is able to forge or decode<br />
  packets of a wide number of protocols, send them on the wire, capture<br />
  them, match requests and replies, and much more. It can easily handle<br />
  most classical tasks like scanning, tracerouting, probing, unit tests,<br />
  attacks or network discovery (it can replace hping, 85% of nmap,<br />
  arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also<br />
  performs very well at a lot of other specific tasks that most other<br />
  tools can't handle, like sending invalid frames, injecting your own<br />
  802.11 frames, combining technics (VLAN hopping+ARP cache poisoning,<br />
VOIP decoding on WEP encrypted channel, ...), etc&quot;</p>

<p> Scapy6 (<a
href="http://namabiiru.hongo.wide.ad.jp/scapy6/">http://namabiiru.hongo.wide.ad.jp/scapy6/</a>)
is an extension to handle IPv6 Packets.    
</p>
<p class="Style2">Scapysec aims is to extend Scapy to handle IPsec packets with IPv4 or IPv6.<br />
  Ie to encode/decode IPsec packets, generate any valid/invalid IPsec<br />
  Packet using different encryption and authentication algorithms. <br />
  On this basis, some more complex applications could be build up. </p>
<p class="Style2">Currently, Scapysec supports ESP with :</p>
<p class="Style2"><strong>Encryption Algorithm</strong> (Key Lengths in bits) &lt;block lenght in bytes&gt;<br />
  --------------------<br />
  <strong>NULL</strong> : (Any)<br />
  <strong>TripleDES-CBC</strong> [RFC2451] : (192) &lt;8&gt;<br />
  <strong>AES-CBC</strong> [RFC3602] : (128/192/256) &lt;16&gt;<br />
  <strong>AES-CTR </strong>[RFC3686] : (160/224/288) The remaining 32 bits will be used as nonce. &lt;16&gt;<br />
  <strong>DES-CBC</strong> [RFC2405] : (64) &lt;8&gt;<br />
  <strong>BLOWFISH-CBC</strong> : (128) &lt;8&gt;<br />
  <strong>CAST-CBC</strong> : (Any) &lt;8&gt;</p>
<p class="Style2"><strong>Authentication Algorithm</strong> (Key Lengths in bits)<br />
  ------------------------<br />
  <strong>NULL</strong><br />
  <strong>HMAC-SHA1-96</strong> [RFC2404] : (Any)<br />
  <strong>HMAC-MD5-96</strong> [RFC2403] : (Any)<br />
  <strong>HMAC-SHA256</strong> : (Any)</p>
<p>&nbsp;</p>
<h2 class="Style2"><span class="Style6">2 - OVERVIEW</span><a name="chap2" id="chap2"></a><br />
</h2>
<p class="Style2">The example will be explained later but shows how it is simple to<br />
  generate encrypted IPsec packets. </p>
<p><span class="Style1">&gt;&gt;&gt;</span> q = IP(dst=&quot;192.168.0.6&quot;)/ESP(spi=5)/TCP()<br />
  <span class="Style1">&gt;&gt;&gt;</span> q.show2()</p>
<p>== IPv4 IPsec SA Used for: &lt;Src: 192.168.0.2&gt; &lt;Dst: 192.168.0.6&gt; &lt;Spi: 5&gt; ==<br />
  &lt;Src: *&gt; &lt;Dst: 192.168.0.6&gt; &lt;Spi: *&gt;<br />
  Crypt Algo: AES-CTR<br />
  Crypt Key: 00001234abc12ffffbc1<br />
  Auth Algo: HMAC-MD5<br />
  Auth Key: 5632abc1azefvc</p>
<p><span class="Style1">###[ IP ]###</span><br />
  version= 4L<br />
  ihl= 5L<br />
  tos= 0x0<br />
  len= 80<br />
  id= 1<br />
  flags=<br />
  frag= 0L<br />
  ttl= 64<br />
  proto= IPv6-Crypt<br />
  chksum= 0xf922<br />
  src= 192.168.0.2<br />
  dst= 192.168.0.6<br />
  options= ''<br />
  <span class="Style1">###[ ESP ]###</span><br />
  spi= 0x5L<br />
  seq= 0L<br />
  data= 0<br />
  iv= '\xc7\xaem\xba&lt;\x08i\x93'<br />
  pad= 'XyYkQx8RDl'<br />
  padlen= 10<br />
  nh= TCP<br />
  authentication= '\n\xf8[\x1a\xe0\xaf\xc1\xab4f\x0f\xda'<br />
  <span class="Style1">###[ TCP ]###</span><br />
  sport= ftp-data<br />
  dport= http<br />
  seq= 0L<br />
  ack= 0L<br />
  dataofs= 5L<br />
  reserved= 0L<br />
  flags= S<br />
  window= 8192<br />
  chksum= 0xe26<br />
  urgptr= 0<br />
  options= {}<br />
  <span class="Style1">&gt;&gt;&gt;</span> q.show2()</p>
<p><span class="Style2">In this example we have several things. Indeed the packet matchs what<br />
  we will call a Security Association:</span><br />
  &lt;Src: *&gt; &lt;Dst: 192.168.0.6&gt; &lt;Spi: *&gt;<br />
  <span class="Style2">Then the packet is created. All the fields are filled, the packet is<br />
  encrypted and the authentication is computed and appended according to<br />
  the Algorithm specified in the Security Association</span></p>
<p class="Style2">When q.show2() is called, the reverse is done. The security<br />
  Association matching the packet is found and the packet is decrypted<br />
  before the printing as it has been sent by another host on the<br />
  network.</p>
<p>&nbsp;</p>
<h2 class="Style2"><span class="Style6">3 - NEEDS AND INSTALLATION</span><a name="chap3" id="chap3"></a><br />
</h2>
<p class="Style2">Scapysec uses the Python language 2.3 or upcomming versions. There is<br />
  no paticular need. You just need to have scapy.py and scapy6.py if you<br />
  want to be able to generate IPsec packets with IPv6.<br />
  You also need pycrypto since all the encryption/decryption is done<br />
  using this library.</p>
<p><span class="Style2">just do : </span>python ./scapysec.py</p>
<p class="Style2">Oups, you also need a few adaptions to Scapy. <br />
  Normaly it should be included with this file. If not you may
  download it to  <a href="http://roudaut.frederic.free.fr/data/scapysec/scapy.py"> http://roudaut.frederic.free.fr/data/scapysec/scapy.py</a>.
 </p>
<p class="Style2">
  Scapy6 may be downloaded to <a href="http://namabiiru.hongo.wide.ad.jp/scapy6/"> http://namabiiru.hongo.wide.ad.jp/scapy6/  </a>.
 </p>

 </p>
  
<p>&nbsp;</p>
<h2 class="Style2"><span class="Style6">4 - The ESP CLASS</span><a name="chap4" id="chap4"></a><br />
</h2>
<p class="Style2">The different fields of the ESP layer may be seen using ls()<br />
  If you do not know about Scapy, this command gives the field name,<br />
  the type, the value and the default value for this field</p>
<p><span class="Style1">&gt;&gt;&gt;</span> ls(ESP())<br />
  spi        : XIntField            = 0               (0)<br />
  seq        : IntField             = 0               (0)<br />
  data       : StrField             = None            (None)<br />
  iv         : StrField             = None            (None)<br />
  pad        : StrField             = None            (None)<br />
  padlen     : ByteField            = None            (None)<br />
  nh         : ByteEnumField        = None            (None)<br />
  authentication : StrField             = None            (None)<br />
</p>
<p>The fields are the following : <br />
  - spi : Security Parameters Index<br />
  - seq : Sequence Number<br />
  - data : data field is used to give directly encrypted data for iv + pad + padlen + nh<br />
  - iv : Initialization Vector. Computed if not set. The size is<br />
  precised by the Encryption Algorithm<br />
  - pad : Filled if not set and depending from the Encryption Algorithm<br />
  - padlen : Pad length. Computed if not set<br />
  - nh : Next Header. Set if not set<br />
  - authentication : Computed if available<br />
</p>
<p class="Style2">pad, padlen and iv lengths are depending from the Encryption<br />
  Algorithms. As you may create packets that will fail with Encryption,<br />
  they will be corrected if inadequate.</p>
<p class="Style2">The data field will be used to directly give encrypted data<br />
  for iv + pad + padlen + nh</p>
<p class="Style2">As you may see, you now have to find a way to indicate:<br />
  - the Encryption Algorithm<br />
  - the Encryption Key<br />
  - the Authentication Algorithm<br />
  - the Authentication Key</p>
<p class="Style2">These elements will be indicated in the Security Associations Database</p>
<p class="Style2">&nbsp;</p>
<h2 class="Style2"><span class="Style6">5 - SECURITY ASSOCIATIONS DATABASE (SAD)</span><a name="chap5" id="chap5"></a><br />
</h2>
<p class="Style2">Here is an example of the SAD<br />
</p>
<p>ipsec_sad_example = {'IPV4' : [['192.168.0.2','192.168.0.1','5','ESP','BLOWFISH-CBC','azdregrnytnytftg','HMAC-SHA1','ecuheznbevnbevabgj'],\<br />
  ['192.168.*.2','192.168.0.5','5','ESP','DES-CBC','5632abc1','HMAC-SHA1','5632abc1azefvc'],\<br />
  ['192.168.0.2','192.168.0.3','0x0**0**05','ESP','AES-CBC','1234abc12ffffbc1','HMAC-SHA1','5632abc1azefvc'],\<br />
  ['192.168.0.2','192.168.0.7','*','ESP','AES-CBC','1234abc12ffffbc1','HMAC-SHA256','5llll632abc1azefvc'],\<br />
  ['*','192.168.0.6','*','ESP','AES-CTR','1234abc12ffffbc1','HMAC-MD5','5632abc1azefvc'],\<br />
  ['192.168.*.2','192.168.0.8','*','ESP','DES-CBC','5632abcuyfyuf1','HMAC-SHA1','5632abc1azefvc'],\<br />
  ['192.168.*.2','192.168.0.12','*','ESP','DES-CBC','5632abcuyfyuf1','HMAC-MD5','5632abc1azefvc'],\<br />
  ['192.168.0.2','192.*.0.4','*','ESP','NULL','','NULL','']],\<br />
  'IPV6' : [['*','fe80::240:96ff:fea7:c5d1','5','ESP','DES-CBC','5632abc1','HMAC-SHA1','5632abc1azefvc'],\<br />
  ['*','3ffe::3','0x0**0**05','ESP','AES-CBC','1234abc12ffffbc1','HMAC-SHA1','5632abc1azefvc'],\<br />
  ['','3f*e::4','*','ESP','AES-CBC','1234abc12ffffbc1','HMAC-SHA256','5llll632abc1azefvc']]}<br />
</p>
<p class="Style2">The SAD is a dictionnary {'IPV4':[],'IPV6':[]}<br />
  One entry is for IPv4, the other one is for IPv6. <br />
  Each one contains a list of Security Associations (SAs).<br />
  The SA described hereafter gives:<br />
  - the source address filter: '192.168.0.2'<br />
  - the destination address filter: '192.168.0.1'<br />
  - the SPI filter: '5'<br />
  - the protocol: 'AH' or 'ESP' : <br />
  - the Encryption Algorithm : 'BLOWFISH-CBC'<br />
  - the Encryption Key : 'azdregrnytnytftg'<br />
  - the Authentication Algorithm : 'HMAC-SHA1'<br />
  - the Authentication Key : 'ecuheznbevnbevabgj'</p>
<p>['192.168.0.2','192.168.0.1','5','ESP','BLOWFISH-CBC','azdregrnytnytftg','HMAC-SHA1','ecuheznbevnbevabgj']<br />
</p>
<p class="Style2">When an IPsec Packet is sent or received, the corresponding SAD entry<br />
  (IPv4 or IPv6) is checked. If the packet is catched by one security<br />
  association, it will be encrypted or decrypted using the associated<br />
  algorithms and keys. </p>
<p>&nbsp;</p>
<h2 class="Style2"><span class="Style6">5.1 - PACKET MATCHING WITH SA</span><a name="chap5_1" id="chap5_1"></a><br />
</h2>
<p class="Style2">An IPsec packet is catched by a security association if its source,<br />
  destination address and SPI match a corresponding entry in the SAD.<br />
  The matching uses the wildcard '*'.</p>
<p><span class="Style2">Address are string. It may be IPv4 (</span>'192.168.0.2'<span class="Style2">) or any IPv6 address</span><br />
  ('3FFE::1'<span class="Style2"> or </span>'fe80::240:96ff:fea7:c5d0'<span class="Style2">)</span><br />
  <span class="Style2">You may use</span> '*'<span class="Style2"> to indicate any address or</span> '*' <span class="Style2">in the address string.<br />
  For IPv4, we then may have </span>'192.168.*.2'<span class="Style2">. Each</span> '*' <span class="Style2">means 1 byte. <br />
  For IPv6, each</span> '*' <span class="Style2">means 4 bits. (</span>'3FF*::1', 'fe80::240:96ff:fea7:c5d0'<span class="Style2">)</span></p>
<p><span class="Style2">The SPI is a string but it may represent an integer value (</span>'8') <span class="Style2">or an<br />
  hexadecimal value (</span>'0x23'<span class="Style2">).</span> <br />
  <span class="Style2">You also may use</span> '*'<span class="Style2"> to indicate any SPI or even</span> '*' <span class="Style2">in the<br />
  hexadecimal SPI string as</span> '0x34*6'.<span class="Style2"> In this case we do not mind about<br />
  the hexadecimal value between the</span> '4' <span class="Style2">and the </span>'6' </p>
<p>&nbsp;</p>
<h2 class="Style2"><span class="Style6">5.2 - ENCRYPTION ALGORITHMS</span><a name="chap5_2" id="chap5_2"></a><br />
</h2>
<p class="Style2">The Encryption Algorithms available are the following:<br />
  Between () we give the key length available in bits.<br />
  Between &lt;&gt; we indicate the block size in bytes</p>
<p>NULL               : (Any)<br />
  3DES-CBC [RFC2451] : (192) &lt;8&gt;<br />
  AES-CBC            : (128/192/256) &lt;16&gt;<br />
  AES-CTR            : (160/224/288) The remaining 32 bits will be used as nonce. &lt;16&gt;<br />
  DES-CBC [RFC2405]  : (64) &lt;8&gt;<br />
  BLOWFISH-CBC       : (128) &lt;8&gt;<br />
  CAST-CBC           : (Any) &lt;8&gt;<br />
</p>
<p class="Style2">A key with an incorrect length will not be used. Instead it may be<br />
  truncated or enhanced.</p>
<p class="Style2">&nbsp;</p>
<h2 class="Style2"><span class="Style6">5.3 - AUTHENTICATION ALGORITHM</span><a name="chap5_3" id="chap5_3"></a><br />
</h2>
<p class="Style2">The Authentication Algorithms available are the following:<br />
  Between () we give the key lenght available.</p>
<p>NULL                   : (Any)<br />
  HMAC-SHA1-96 [RFC2404] : (Any)<br />
  HMAC-MD5-96 [RFC2403]  : (Any)<br />
  HMAC-SHA256            : (Any)<br />
</p>
<p class="Style2">A key with an incorrect length will not be used. Instead it may be<br />
  truncated or enhanced.</p>
<p>&nbsp;</p>
<h2 class="Style2"><span class="Style6">5.4 - SETTING THE SAD</span><a name="chap5_4" id="chap5_4"></a><br />
</h2>
<p><span class="Style2">The conf Instance has been enhanced with a setkey variable that uses<br />
  the</span> _IPSEC_SAD <span class="Style2">Python Class.</span></p>
<p class="Style2">Then if you do conf.setkey you get the current SAD</p>
<p><span class="Style1">&gt;&gt;&gt;</span> conf.setkey<br />
  == IPv4 Security Associations ==<br />
  &lt;Src : 192.168.0.2&gt;   &lt;Dst : 192.168.0.1&gt;   &lt;SPI : 5&gt;<br />
  Mode ESP<br />
  Crypt Algo : BLOWFISH-CBC   Crypt Key : azdregrnytnytftg<br />
  Auth Algo  : HMAC-SHA1   Auth Key : ecuheznbevnbevabgj</p>
<p>&lt;Src : 192.168.*.2&gt;   &lt;Dst : 192.168.0.5&gt;   &lt;SPI : 5&gt;<br />
  Mode ESP<br />
  Crypt Algo : DES-CBC   Crypt Key : 5632abc1<br />
  Auth Algo  : HMAC-SHA1   Auth Key : 5632abc1azefvc</p>
<p>&lt;Src : 192.168.0.2&gt;   &lt;Dst : 192.168.0.3&gt;   &lt;SPI : 0x0**0**05&gt;<br />
  Mode ESP<br />
  Crypt Algo : AES-CBC   Crypt Key : 1234abc12ffffbc1<br />
  Auth Algo  : HMAC-SHA1   Auth Key : 5632abc1azefvc</p>
<p>&lt;Src : 192.168.0.2&gt;   &lt;Dst : 192.168.0.7&gt;   &lt;SPI : *&gt;<br />
  Mode ESP<br />
  Crypt Algo : AES-CBC   Crypt Key : 1234abc12ffffbc1<br />
  Auth Algo  : HMAC-SHA256   Auth Key : 5llll632abc1azefvc</p>
<p>&lt;Src : *&gt;   &lt;Dst : 192.168.0.6&gt;   &lt;SPI : *&gt;<br />
  Mode ESP<br />
  Crypt Algo : AES-CTR   Crypt Key : 1234abc12ffffbc1<br />
  Auth Algo  : HMAC-MD5   Auth Key : 5632abc1azefvc</p>
<p>&lt;Src : 192.168.*.2&gt;   &lt;Dst : 192.168.0.8&gt;   &lt;SPI : *&gt;<br />
  Mode ESP<br />
  Crypt Algo : DES-CBC   Crypt Key : 5632abcuyfyuf1<br />
  Auth Algo  : HMAC-SHA1   Auth Key : 5632abc1azefvc</p>
<p>&lt;Src : 192.168.*.2&gt;   &lt;Dst : 192.168.0.12&gt;   &lt;SPI : *&gt;<br />
  Mode ESP<br />
  Crypt Algo : DES-CBC   Crypt Key : 5632abcuyfyuf1<br />
  Auth Algo  : HMAC-MD5   Auth Key : 5632abc1azefvc<br />
</p>
<p><span class="Style2">Then you may create a static configuration by doing : </span><br />
  conf.setkey = _IPSEC_SAD(ipsec_sad_example) # Security Association Database for IPsec</p>
<p>&nbsp;</p>
<h2 class="Style2"><span class="Style6">5.4.1 - ADDING A SA</span><a name="chap5_4_1" id="chap5_4_1"></a><br />
</h2>
<p class="Style2">The simplest way to do this is to use the add command.</p>
<p>def add(self,proto,src,dst,spi,mode,algo_crypt,algo_key_crypt,algo_auth,algo_key_auth)</p>
<p class="Style2">All Parameters types are strings:</p>
<p>proto : <span class="Style2">either </span>'IPV4' <span class="Style2">or</span> 'IPV6'<br />
  src : <span class="Style2">source address filter </span><br />
  dst : <span class="Style2">destination address filter</span><br />
  spi :<span class="Style2"> spi filter</span><br />
  mode : <span class="Style2">either</span> 'ESP' <span class="Style2">or</span> 'AH'<br />
  algo_crypt : <span class="Style2">Ecncryption Algorithm</span><br />
  algo_key_crypt :  <span class="Style2">Encryption Key</span><br />
  algo_auth :  <span class="Style2">Authentication Algorithm</span><br />
  algo_key_auth : <span class="Style2">Authentication</span><br />
</p>
<p><span class="Style1">&gt;&gt;&gt;</span> conf.setkey.add('IPV4','*','192.168.*.42','6','ESP','AES-CBC', '1234abc12ffffbc1', 'HMAC-SHA256' ,'5llll632abc1azefvc')</p>
<p>&nbsp;</p>
<h2 class="Style2"><span class="Style6">5.4.2 - DELETING A SA</span><a name="chap5_4_2" id="chap5_4_2"></a><br />
</h2>
<p class="Style2">The simplest way to do this is to use the delete command.</p>
<p>def delete(self,proto,src,dst,spi)</p>
<p class="Style2">All Parameters types are strings:</p>
<p>proto : <span class="Style2">either </span>'IPV4' <span class="Style2">or</span> 'IPV6'<br />
src : <span class="Style2">source address filter </span><br />
dst : <span class="Style2">destination address filter</span><br />
spi :<span class="Style2"> spi filter</span></p>
<p><span class="Style2">if proto, src, dst and spi are </span>'*'<span class="Style2">, the SAD is clear. </span><br />
  <span class="Style2">If proto is not</span> '*' <span class="Style2">only the corresponding one is clear. <br />
  Otherwise all the entries that exactly match the parameters are<br />
  removed. The character</span> '*' <span class="Style2">used as parameter in the function means<br />
  that we do not care about this field. </span></p>
<p><span class="Style2">Thus the following example remove all entries in the IPv4 SAD that<br />
  have</span> '192.168.*.42' <span class="Style2">as destination.</span></p>
<p><span class="Style1">&gt;&gt;&gt;</span> conf.setkey.delete('IPV4','*','192.168.*.42','*')</p>
<p>&nbsp;</p>
<h2 class="Style2"><span class="Style6">5.4.3 - CLEARING THE DATABASE</span><a name="chap5_4_3" id="chap5_4_3"></a><br />
</h2>
<p class="Style2">The following command will clear the database associated to IPv4 or<br />
  IPv6</p>
<p class="Style2">def erase(self,proto)</p>
<p><span class="Style2">where proto is either</span> 'IPV4' <span class="Style2">or</span> 'IPV6'<br />
</p>
<p>&nbsp;</p>
<h2 class="Style2"><span class="Style6">6 - ENCRYPTION ON THE FLIGHT : IPsec Class</span><a name="chap6" id="chap6"></a><br />
</h2>
<p class="Style2">Sometimes it is not convenient to set the database prior to send<br />
  packets. In this case you may use the IPsec class</p>
<p><span class="Style1">&gt;&gt;&gt;</span> ls(IPsec())<br />
  crypt      : StrField             = 'NULL'          ('NULL')<br />
  crypt_key  : StrField             = ''              ('')<br />
  auth       : StrField             = 'NULL'          ('NULL')<br />
  auth_key   : StrField             = ''              ('')<br />
</p>
<p><span class="Style1">&gt;&gt;&gt;</span> q = IP(dst=&quot;192.168.0.6&quot;)/IPsec(crypt='AES-CTR', crypt_key='00001234abc12ffffbc1', auth='HMAC-MD5', auth_key ='5632abc1azefvc')/<br />
  ESP(spi=5)/TCP()<br />
  <span class="Style1">&gt;&gt;&gt;</span> q.show()</p>
<p><span class="Style1">###[ IP ]###</span><br />
  version= 4<br />
  ihl= 0<br />
  tos= 0x0<br />
  len= 0<br />
  id= 1<br />
  flags=<br />
  frag= 0<br />
  ttl= 64<br />
  proto= IPv6-Crypt<br />
  chksum= 0x0<br />
  src= 192.168.0.2<br />
  dst= 192.168.0.6<br />
  options= ''<br />
  <span class="Style1">###[ IPsec ]###</span><br />
  crypt= 'AES-CTR'<br />
  crypt_key= '00001234abc12ffffbc1'<br />
  auth= 'HMAC-MD5'<br />
  auth_key= '5632abc1azefvc'<br />
  <span class="Style1">###[ ESP ]###</span><br />
  spi= 0x5<br />
  seq= 0<br />
  data= 0<br />
  iv= 0<br />
  pad= 0<br />
  padlen= 0<br />
  nh= TCP<br />
  authentication= 0<br />
  <span class="Style1">###[ TCP ]###</span><br />
  sport= ftp-data<br />
  dport= http<br />
  seq= 0<br />
  ack= 0<br />
  dataofs= 0<br />
  reserved= 0<br />
  flags= S<br />
  window= 8192<br />
  chksum= 0x0<br />
  urgptr= 0<br />
  options= {}<br />
</p>
<p><span class="Style2">In this case we have no SAD for the packet then we cannot decrypt it. <br />
  Thus we have to print it using</span> show()<span class="Style2">. If we use</span> show2()<span class="Style2">, the<br />
  decryption will be tried and will certainly be uncorrect. <br />
  </span></p>
<h2 class="Style2"><span class="Style6">7 - WHAT'S MORE </span><a name="chap7" id="chap7"></a><br />
</h2>
<p class="Style2">All the previous examples were using transport mode and you have<br />
  certainly notice that there is no such indication in the SAD. <br />
  In fact you have to do it by yourself ;-) :</p>
<p>q = IP(dst=&quot;192.168.0.6&quot;)/IPsec(crypt='AES-CTR', crypt_key='00001234abc11', auth='HMAC-MD5', auth_key ='5632abc1azefvc')/ESP(spi=5)/IP(dst=&quot;10.0.0.1&quot;)/TCP()<br />
<span class="Style1">&gt;&gt;&gt;</span> q.show() </p>
<p><span class="Style1">###[ IP ]###</span><br />
  version= 4<br />
  ihl= 0<br />
  tos= 0x0<br />
  len= 0<br />
  id= 1<br />
  flags=<br />
  frag= 0<br />
  ttl= 64<br />
  proto= IPv6-Crypt<br />
  chksum= 0x0<br />
  src= 192.168.0.2<br />
  dst= 192.168.0.6<br />
  options= ''<br />
  <span class="Style1">###[ IPsec ]###</span><br />
  crypt= 'AES-CTR'<br />
  crypt_key= '00001234abc11'<br />
  auth= 'HMAC-MD5'<br />
  auth_key= '5632abc1azefvc'<br />
  <span class="Style1">###[ ESP ]###</span><br />
  spi= 0x5<br />
  seq= 0<br />
  data= 0<br />
  iv= 0<br />
  pad= 0<br />
  padlen= 0<br />
  nh= IP-ENCAP<br />
  authentication= 0<br />
  <span class="Style1">###[ IP ]###</span><br />
  version= 4<br />
  ihl= 0<br />
  tos= 0x0<br />
  len= 0<br />
  id= 1<br />
  flags=<br />
  frag= 0<br />
  ttl= 64<br />
  proto= TCP<br />
  chksum= 0x0<br />
  src= 192.168.0.2<br />
  dst= 10.0.0.1<br />
  options= ''<br />
  <span class="Style1">###[ TCP ]###</span><br />
  sport= ftp-data<br />
  dport= http<br />
  seq= 0<br />
  ack= 0<br />
  dataofs= 0<br />
  reserved= 0<br />
  flags= S<br />
  window= 8192<br />
  chksum= 0x0<br />
  urgptr= 0<br />
  options= {}<br />
</p>
<p class="Style2">And using the same principles you may have a lot of different IPv4,<br />
  IPv6, ESP encapsulations with some different algorithms.</p>
<p class="Style2">Some checks may be done using Wireshark (<a href="http://www.wireshark.org">www.wireshark.org</a>). Have a look to <a href="http://wiki.wireshark.org/ESP_Preferences"> the Wireshark wiki </a> for more information. <br  />
I currently found a bug in AES-CTR I will try to solve later since  I am the author of this plugin ;-(.</p>
<p class="Style2">The algorithms handled with Wireshark are the following:</p>
<p class="Style4">Encryption Algorithms : <br />
  <br />
  - NULL<br />
  - TripleDES-CBC [RFC2451] : keylen 192 bits.<br />
  - AES-CBC with 128-bit keys [RFC3602] : keylen 128 and 192/256 bits.<br />
  - AES-CTR [RFC3686] : keylen 160/224/288 bits. The remaining 32 bits will be used as nonce.<br />
  - DES-CBC [RFC2405] : keylen 64 bits<br />
  - BLOWFISH-CBC : keylen 128 bits.<br />
  - TWOFISH-CBC : keylen 128/256 bits.</p>
<p class="Style4">Authentication Algorithms:<br />
  <br />
  - NULL<br />
  - HMAC-SHA1-96 [RFC2404] : any keylen<br />
  - HMAC-MD5-96 [RFC2403] : any keylen<br />
  - HMAC-SHA256 : any keylen</p>
<p>&nbsp;</p>
<h2 class="Style2"><span class="Style6">8 - UPDATE</span><a name="chap8" id="chap8"></a><br />
</h2>
<p class="Style2">&nbsp;</p>
<h2 class="Style2"><span class="Style6">9 - POSSIBLE EXTENSIONS</span><a name="chap9" id="chap9"></a><br />
</h2>
<p class="Style2">For sure, you may use some others ESP Encryption algorithms. I only<br />
  have done the work for Algorithms specified in RFC4305. <br />
  Nevertheless, it should not be very difficult to add some other ones. <br />
  Have a look to the code ;-(</p>
<p class="Style2">Moreover, you may also add some other Authentication Algorithms. <br />
  AES-XCBC-MAC-96 has not been added because i had trouble to get a<br />
  working implementation.</p>
<p class="Style2">For the moment it works only for ESP but why not adding AH.<br />
  On this basis it could be possible to have a better look to IKE. </p>
<p class="Style2">An interesting point with this tool is that if your kernel does not<br />
  handle IPsec or a particular algorithm it could be quite easy as<br />
  Wifitap (http://sid.rstack.org/index.php/Wifitap) does to have an<br />
  interface to generate such encrypted packets