github.com/gopacket/gopacket@v1.1.0/layers/ipsec.go

github.com/gopacket/gopacket@v1.1.0/layers/ipsec.go (about)

     1  // Copyright 2012 Google, Inc. All rights reserved.
     2  //
     3  // Use of this source code is governed by a BSD-style license
     4  // that can be found in the LICENSE file in the root of the source
     5  // tree.
     6  
     7  package layers
     8  
     9  import (
    10  	"encoding/binary"
    11  	"errors"
    12  
    13  	"github.com/gopacket/gopacket"
    14  )
    15  
    16  // IPSecAH is the authentication header for IPv4/6 defined in
    17  // http://tools.ietf.org/html/rfc2402
    18  type IPSecAH struct {
    19  	// While the auth header can be used for both IPv4 and v6, its format is that of
    20  	// an IPv6 extension (NextHeader, PayloadLength, etc...), so we use ipv6ExtensionBase
    21  	// to build it.
    22  	ipv6ExtensionBase
    23  	Reserved           uint16
    24  	SPI, Seq           uint32
    25  	AuthenticationData []byte
    26  }
    27  
    28  // LayerType returns LayerTypeIPSecAH.
    29  func (i *IPSecAH) LayerType() gopacket.LayerType { return LayerTypeIPSecAH }
    30  
    31  func decodeIPSecAH(data []byte, p gopacket.PacketBuilder) error {
    32  	if len(data) < 12 {
    33  		p.SetTruncated()
    34  		return errors.New("IPSec AH packet less than 12 bytes")
    35  	}
    36  	i := &IPSecAH{
    37  		ipv6ExtensionBase: ipv6ExtensionBase{
    38  			NextHeader:   IPProtocol(data[0]),
    39  			HeaderLength: data[1],
    40  		},
    41  		Reserved: binary.BigEndian.Uint16(data[2:4]),
    42  		SPI:      binary.BigEndian.Uint32(data[4:8]),
    43  		Seq:      binary.BigEndian.Uint32(data[8:12]),
    44  	}
    45  	i.ActualLength = (int(i.HeaderLength) + 2) * 4
    46  	if len(data) < i.ActualLength {
    47  		p.SetTruncated()
    48  		return errors.New("Truncated AH packet < ActualLength")
    49  	}
    50  	i.AuthenticationData = data[12:i.ActualLength]
    51  	i.Contents = data[:i.ActualLength]
    52  	i.Payload = data[i.ActualLength:]
    53  	p.AddLayer(i)
    54  	return p.NextDecoder(i.NextHeader)
    55  }
    56  
    57  // IPSecESP is the encapsulating security payload defined in
    58  // http://tools.ietf.org/html/rfc2406
    59  type IPSecESP struct {
    60  	BaseLayer
    61  	SPI, Seq uint32
    62  	// Encrypted contains the encrypted set of bytes sent in an ESP
    63  	Encrypted []byte
    64  }
    65  
    66  // LayerType returns LayerTypeIPSecESP.
    67  func (i *IPSecESP) LayerType() gopacket.LayerType { return LayerTypeIPSecESP }
    68  
    69  func decodeIPSecESP(data []byte, p gopacket.PacketBuilder) error {
    70  	i := &IPSecESP{
    71  		BaseLayer: BaseLayer{data, nil},
    72  		SPI:       binary.BigEndian.Uint32(data[:4]),
    73  		Seq:       binary.BigEndian.Uint32(data[4:8]),
    74  		Encrypted: data[8:],
    75  	}
    76  	p.AddLayer(i)
    77  	return nil
    78  }