Documentation
¶
Overview ¶
Package ike provides shared IKE (Internet Key Exchange) protocol parsing and packet-building utilities used by both the discover and enumerate modules.
Index ¶
- func AppendUnique(slice []string, item string) []string
- func BuildIKEv2SAInitRequest() []byte
- func BuildNATTIKEv1AMRequest(ikev1AM []byte) []byte
- func BuildNATTIKEv2SAInitRequest() []byte
- func GetDHGroupName(id uint16) string
- func GetEncryptionAlgorithmName(id uint16) string
- func GetExchangeTypeName(t byte) string
- func GetIKEv1AuthMethodName(id uint16) string
- func GetIKEv1EncryptionName(id uint16) string
- func GetIKEv1HashName(id uint16) string
- func GetIntegrityAlgorithmName(id uint16) string
- func GetPRFName(id uint16) string
- func MergeFernAuthenticationMethods(existing []commonprotocolfern.IkeAuthenticationMethod, names []string) []commonprotocolfern.IkeAuthenticationMethod
- func MergeFernDHGroups(existing []commonprotocolfern.IkeDhGroup, names []string) []commonprotocolfern.IkeDhGroup
- func MergeFernEncryptionAlgorithms(existing []commonprotocolfern.IkeEncryptionAlgorithm, names []string) []commonprotocolfern.IkeEncryptionAlgorithm
- func MergeFernHashAlgorithms(existing []commonprotocolfern.IkeHashAlgorithm, names []string) []commonprotocolfern.IkeHashAlgorithm
- func ParseIKEv1NotificationType(data []byte) uint16
- func ParseSAPayload(data []byte, proposals *SecurityProposals)
- func ToFernAuthenticationMethod(name string) (commonprotocolfern.IkeAuthenticationMethod, bool)
- func ToFernDHGroup(name string) (commonprotocolfern.IkeDhGroup, bool)
- func ToFernEncryptionAlgorithm(name string) (commonprotocolfern.IkeEncryptionAlgorithm, bool)
- func ToFernHashAlgorithm(name string) (commonprotocolfern.IkeHashAlgorithm, bool)
- type IKEHeader
- type SecurityProposals
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AppendUnique ¶
AppendUnique appends item to slice only if it is not already present.
func BuildIKEv2SAInitRequest ¶
func BuildIKEv2SAInitRequest() []byte
BuildIKEv2SAInitRequest creates a well-formed IKEv2 IKE_SA_INIT request with SA, KE, and Nonce payloads. The SA proposes 3DES-CBC + HMAC-SHA1 + HMAC-SHA1-96 + MODP-1024 — a widely supported set that does not require key-length attributes. The KE carries 128 zero bytes (valid MODP-1024 size) and the Nonce carries 32 bytes. Together these satisfy the RFC 7296 §1.2 minimum and will elicit an IKE_SA_INIT response (or a NOTIFY error) from any conformant responder.
Use this for the standard IKE port (UDP 500).
func BuildNATTIKEv1AMRequest ¶ added in v0.0.144
BuildNATTIKEv1AMRequest wraps an IKEv1 Aggressive Mode packet with the 4-byte Non-ESP marker required by RFC 3948 §2.3 for UDP port 4500. The caller supplies the raw IKEv1 AM probe bytes.
func BuildNATTIKEv2SAInitRequest ¶
func BuildNATTIKEv2SAInitRequest() []byte
BuildNATTIKEv2SAInitRequest creates an IKEv2 IKE_SA_INIT request framed for UDP port 4500 per RFC 3948 §2.3: a 4-byte Non-ESP marker (0x00000000) is prepended so the receiver can distinguish IKE traffic from ESP packets.
func GetDHGroupName ¶
GetDHGroupName returns the IANA name for an IKEv2 Diffie-Hellman group ID (RFC 7296 / IANA "IKEv2 Transform Type 4" registry).
func GetEncryptionAlgorithmName ¶
GetEncryptionAlgorithmName returns the IANA name for an IKEv2 encryption transform ID (RFC 7296 / IANA "IKEv2 Transform Type 1" registry).
func GetExchangeTypeName ¶
GetExchangeTypeName returns the human-readable name for an IKE exchange type.
func GetIKEv1AuthMethodName ¶ added in v0.0.144
GetIKEv1AuthMethodName returns the name for an IKEv1 authentication method ID (RFC 2409 / IANA "ISAKMP Authentication Method" registry).
func GetIKEv1EncryptionName ¶ added in v0.0.144
GetIKEv1EncryptionName returns the name for an IKEv1 encryption algorithm ID (RFC 2409 / IANA "ISAKMP Encryption Algorithm" registry).
func GetIKEv1HashName ¶ added in v0.0.144
GetIKEv1HashName returns the name for an IKEv1 hash algorithm ID (RFC 2409 / IANA "ISAKMP Hash Algorithm" registry).
func GetIntegrityAlgorithmName ¶
GetIntegrityAlgorithmName returns the IANA name for an IKEv2 integrity transform ID (RFC 7296 / IANA "IKEv2 Transform Type 3" registry).
func GetPRFName ¶
GetPRFName returns the IANA name for an IKEv2 PRF transform ID (RFC 7296 / IANA "IKEv2 Transform Type 2" registry).
func MergeFernAuthenticationMethods ¶ added in v0.0.144
func MergeFernAuthenticationMethods(existing []commonprotocolfern.IkeAuthenticationMethod, names []string) []commonprotocolfern.IkeAuthenticationMethod
func MergeFernDHGroups ¶ added in v0.0.144
func MergeFernDHGroups(existing []commonprotocolfern.IkeDhGroup, names []string) []commonprotocolfern.IkeDhGroup
func MergeFernEncryptionAlgorithms ¶ added in v0.0.144
func MergeFernEncryptionAlgorithms(existing []commonprotocolfern.IkeEncryptionAlgorithm, names []string) []commonprotocolfern.IkeEncryptionAlgorithm
func MergeFernHashAlgorithms ¶ added in v0.0.144
func MergeFernHashAlgorithms(existing []commonprotocolfern.IkeHashAlgorithm, names []string) []commonprotocolfern.IkeHashAlgorithm
func ParseIKEv1NotificationType ¶ added in v0.0.144
ParseIKEv1NotificationType returns the Notify Message Type from the first Notification payload (type 11) in an IKEv1 Informational message, or 0 if no notification payload is found or the packet is too short to parse.
IKEv1 Notification payload layout (RFC 2408 §3.14):
generic header (4): next, reserved, length DOI (4) Protocol-ID (1) SPI-size (1) Notify type (2)
func ParseSAPayload ¶
func ParseSAPayload(data []byte, proposals *SecurityProposals)
ParseSAPayload extracts transform attributes from an IKEv2 SA payload, correctly skipping any per-proposal SPI bytes before the transform list.
func ToFernAuthenticationMethod ¶ added in v0.0.144
func ToFernAuthenticationMethod(name string) (commonprotocolfern.IkeAuthenticationMethod, bool)
func ToFernDHGroup ¶ added in v0.0.144
func ToFernDHGroup(name string) (commonprotocolfern.IkeDhGroup, bool)
func ToFernEncryptionAlgorithm ¶ added in v0.0.144
func ToFernEncryptionAlgorithm(name string) (commonprotocolfern.IkeEncryptionAlgorithm, bool)
func ToFernHashAlgorithm ¶ added in v0.0.144
func ToFernHashAlgorithm(name string) (commonprotocolfern.IkeHashAlgorithm, bool)
Types ¶
type IKEHeader ¶
type IKEHeader struct {
InitiatorSPI [8]byte
ResponderSPI [8]byte
NextPayload byte
MajorVersion byte
MinorVersion byte
ExchangeType byte
Flags byte
MessageID uint32
Length uint32
}
IKEHeader represents the parsed 28-byte IKE message header.
func ParseIKEHeader ¶
ParseIKEHeader parses the 28-byte IKE message header.
type SecurityProposals ¶
type SecurityProposals struct {
EncryptionAlgs []string
HashAlgs []string
AuthMethods []string
DHGroups []string
}
SecurityProposals holds parsed IKE security association proposals.
func ParseIKEPayloads ¶
func ParseIKEPayloads(data []byte, nextPayload byte) ([]string, *SecurityProposals)
ParseIKEPayloads extracts vendor IDs (hex-encoded) and SA proposals from the payload section of an IKE message. nextPayload is taken from the IKE header.
func ParseIKEv1SAResponse ¶ added in v0.0.144
func ParseIKEv1SAResponse(data []byte) *SecurityProposals
ParseIKEv1SAResponse walks the payload chain of an IKEv1 response packet and extracts the encryption algorithm, hash algorithm, and DH group from the SA payload. It is tolerant of missing or malformed payloads and returns whatever it can parse. On a successful IKEv1 AM exchange (type 4) the server includes the selected proposal; on INFORMATIONAL (type 5) there is no SA, so the result will be empty — that is handled gracefully.
Source Files