You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
when decrypt ipv6 packet using decrypt_esp for NAT-Traversal, the packet is returned with nat_header
if you check _decrypt_esp in ipsec.py:
When having nat_header, encrypted.underlayer will return UDP/ESP, so when decrypting IPv6 packet, the decrypt packet
will be returned with nat_header (UDP), which will return a corrupted packet.
Example:
original packet:
IPv6/TCP/Raw
encrypted packet:
IPv6/UDP/ESP
Decrypted packet:
IPv6/UDP/TCP/Raw
Brief description
when decrypt ipv6 packet using decrypt_esp for NAT-Traversal, the packet is returned with nat_header
if you check _decrypt_esp in ipsec.py:
When having nat_header, encrypted.underlayer will return UDP/ESP, so when decrypting IPv6 packet, the decrypt packet
will be returned with nat_header (UDP), which will return a corrupted packet.
Example:
original packet:
IPv6/TCP/Raw
encrypted packet:
IPv6/UDP/ESP
Decrypted packet:
IPv6/UDP/TCP/Raw
proposal fix:
#4370
Scapy version
2.5
Python version
3.8.2
Operating system
Ubuntu 20.04
Additional environment information
No response
How to reproduce
packet = IPv6(version=6, tc=157, fl=646335, plen=752, nh=17, hlim=157, src='1122:3344:5566:7788:99aa:bbcc:ddee:ff00', dst='1122:3344:5566:7788:99aa:bbcc:ddee:ff00')/UDP(sport=3333, dport=55, len=752, chksum=59013)/Raw(load=b'nh9auzfzjgajh8hmdasm4mml0w626i3cwvcawd68rzvo1erd01foqpbky7awczfmlmal86giy7bi5inzpvyzy14t1cdwjwwucdldkqy2wgpm0faqheqr1r4ika0yrah355poeqx6t0s709v7ivvapckxb9fs8pwpv1nrfqfxanhe4fp8lut56vp6zdw9xnu7qmla5fml4219dkq7d9da3q0mhnrsdmikofohv9onpd3yosayzvteci0385yfn83sgjwhmx88dea7eujffppb53nx32z2ylp2wp8oml59vyhxsykx12oscr8fn0oau46w038pxphh507l8yvpan10hgvbby46jpwod1d77na6f9pk3yk1yv79iamikgeuyquxui3wvi4y6gzgg3zdr0d7m3qfbb0p15vrfjv0pdd2h81wti8da7ruhbl3s1bwekzqp8me15rp09t82aefyf4m8zobfhlvk73o9cbz6mdmpg9kqg2nq32gn0o2ci6blg8mzb3retqo4vfniza81e6y5c78alkdxg9rsuuqxgmwvgnyqm3fdvuueeq07930tynxjf2qgh651ci0mmvufizp6gg61iw2fgucj9ndmfd4nbnfq2hdpgbmdy5wc8fawdnnapsn9vmf76f85oo3akxjuvw4yrcib7q83ptxqebsvkhtlzvoq4dyswu2969wdlrjnvstabk5x2ypd13whxckf8pz085d1jpd208m4vzy')
sa = SecurityAssociation(ESP, spi=6,seq_num=0, esn_en=False, esn=0, crypt_algo='AES-GCM',crypt_key=b'\x11"3D\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06', nat_header=UDP(sport=12345, dport=4500))
encrypt_packet = sa.encrypt(packet, iv=b'\x00\x00\x00\x00\x00\x00\x00\x00')
decrypt_packet = sa.decrypt(encrypt_packet)
Actual result
Ether(dst='ff:ff:ff:ff:ff:ff', src='00:16:3e:62:91:68', type=34525)/IPv6(version=6, tc=157, fl=646335, plen=760, nh=17, hlim=157, src='1122:3344:5566:7788:99aa:bbcc:ddee:ff00', dst='1122:3344:5566:7788:99aa:bbcc:ddee:ff00')/UDP(sport=12345, dport=4500, len=796, chksum=61064)/UDP(sport=3333, dport=55, len=752, chksum=59013)/Raw(load=b'nh9auzfzjgajh8hmdasm4mml0w626i3cwvcawd68rzvo1erd01foqpbky7awczfmlmal86giy7bi5inzpvyzy14t1cdwjwwucdldkqy2wgpm0faqheqr1r4ika0yrah355poeqx6t0s709v7ivvapckxb9fs8pwpv1nrfqfxanhe4fp8lut56vp6zdw9xnu7qmla5fml4219dkq7d9da3q0mhnrsdmikofohv9onpd3yosayzvteci0385yfn83sgjwhmx88dea7eujffppb53nx32z2ylp2wp8oml59vyhxsykx12oscr8fn0oau46w038pxphh507l8yvpan10hgvbby46jpwod1d77na6f9pk3yk1yv79iamikgeuyquxui3wvi4y6gzgg3zdr0d7m3qfbb0p15vrfjv0pdd2h81wti8da7ruhbl3s1bwekzqp8me15rp09t82aefyf4m8zobfhlvk73o9cbz6mdmpg9kqg2nq32gn0o2ci6blg8mzb3retqo4vfniza81e6y5c78alkdxg9rsuuqxgmwvgnyqm3fdvuueeq07930tynxjf2qgh651ci0mmvufizp6gg61iw2fgucj9ndmfd4nbnfq2hdpgbmdy5wc8fawdnnapsn9vmf76f85oo3akxjuvw4yrcib7q83ptxqebsvkhtlzvoq4dyswu2969wdlrjnvstabk5x2ypd13whxckf8pz085d1jpd208m4vzy')
Expected result
packet = Ether(dst='ff:ff:ff:ff:ff:ff', src='00:16:3e:62:91:68', type=34525)/IPv6(version=6, tc=157, fl=646335, plen=752, nh=17, hlim=157, src='1122:3344:5566:7788:99aa:bbcc:ddee:ff00', dst='1122:3344:5566:7788:99aa:bbcc:ddee:ff00')/UDP(sport=3333, dport=55, len=752, chksum=59013)/Raw(load=b'nh9auzfzjgajh8hmdasm4mml0w626i3cwvcawd68rzvo1erd01foqpbky7awczfmlmal86giy7bi5inzpvyzy14t1cdwjwwucdldkqy2wgpm0faqheqr1r4ika0yrah355poeqx6t0s709v7ivvapckxb9fs8pwpv1nrfqfxanhe4fp8lut56vp6zdw9xnu7qmla5fml4219dkq7d9da3q0mhnrsdmikofohv9onpd3yosayzvteci0385yfn83sgjwhmx88dea7eujffppb53nx32z2ylp2wp8oml59vyhxsykx12oscr8fn0oau46w038pxphh507l8yvpan10hgvbby46jpwod1d77na6f9pk3yk1yv79iamikgeuyquxui3wvi4y6gzgg3zdr0d7m3qfbb0p15vrfjv0pdd2h81wti8da7ruhbl3s1bwekzqp8me15rp09t82aefyf4m8zobfhlvk73o9cbz6mdmpg9kqg2nq32gn0o2ci6blg8mzb3retqo4vfniza81e6y5c78alkdxg9rsuuqxgmwvgnyqm3fdvuueeq07930tynxjf2qgh651ci0mmvufizp6gg61iw2fgucj9ndmfd4nbnfq2hdpgbmdy5wc8fawdnnapsn9vmf76f85oo3akxjuvw4yrcib7q83ptxqebsvkhtlzvoq4dyswu2969wdlrjnvstabk5x2ypd13whxckf8pz085d1jpd208m4vzy')
Related resources
No response
The text was updated successfully, but these errors were encountered: