Skip to content

Instantly share code, notes, and snippets.

@martok
Last active August 29, 2015 14:16
Show Gist options
  • Save martok/6f855c8887fd4f33454d to your computer and use it in GitHub Desktop.
Save martok/6f855c8887fd4f33454d to your computer and use it in GitHub Desktop.
IKEv1 Parser
<?php
define('IND','&nbsp;&nbsp;');
function hex2bin( $str ) {
$sbin = "";
$len = strlen( $str );
for ( $i = 0; $i < $len; $i += 2 ) {
$sbin .= pack( "H*", substr( $str, $i, 2 ) );
}
return $sbin;
}
function take(&$str, $num) {
$s = substr($str, 0, $num);
$str = substr($str, $num);
return $s;
}
function to_int8($bin) {
$r = unpack('C', $bin);
return $r[1];
}
function to_int16($bin) {
$r = unpack('n', $bin);
return $r[1];
}
function read_attributes($str) {
$res = array();
while (strlen($str) > 0) {
$attrtype = to_int16(take($str, 2));
if ($attrtype & 0x8000) {
$attrval = to_int16(take($str, 2));
$attrtype &= ~0x8000;
} else {
$attrlen = to_int16(take($str, 2));
$attrval = take($str, $attrlen);
}
$res[] = array($attrtype,$attrval);
}
return $res;
}
function def($a,$d) {
return (!$a)?$d:$a;
}
function attr2str($attr) {
return join("\n", array_map(function($a) {
list($k,$v) = $a;
$ks = def(array_search($k, array(
'SA Life Type' => 1,
'SA Life Duration' => 2,
'Group Description' => 3,
'Encapsulation Mode' => 4,
'Authentication Algorithm' => 5,
'Key Length' => 6,
'Key Rounds' => 7,
'Compress Dictionary Size' => 8,
'Compress Private Algorithm' => 9,
'ECN Tunnel' => 10,
'Extended (64-bit) Sequence Number' => 11,
'Authentication Key Length' => 12,
'Signature Encoding Algorithm' => 13,
'Address Preservation' => 14,
'SA Direction' => 15
)), $k);
if (is_string($v)) {
return $ks.':'.bin2hex($v);
} else switch($k) {
case 5:
$v = def(array_search($v, array(
'Reserved' => 0,
'HMAC-MD5' => 1,
'HMAC-SHA' => 2,
'DES-MAC' => 3,
'KPDK' => 4,
'HMAC-SHA2-256' => 5,
'HMAC-SHA2-384' => 6,
'HMAC-SHA2-512' => 7,
'HMAC-RIPEMD' => 8,
'AES-XCBC-MAC' => 9,
'SIG-RSA' => 10,
'AES-128-GMAC' => 11,
'AES-192-GMAC' => 12,
'AES-256-GMAC' => 13
)), $v);
break;
}
return $ks.':'.$v;
}, $attr));
}
function read_transform(&$str) {
$last = to_int8(take($str, 1));
$res = to_int8(take($str, 1));
$size = to_int16(take($str, 2));
$tnr = to_int8(take($str, 1));
$tid = to_int8(take($str, 1));
$res2 = to_int16(take($str, 2));
$saattrib = take($str, $size - 8);
$attribs = read_attributes($saattrib);
$transform = def(array_search($tid,array(
'RESERVED' => 0,
'ESP_DES_IV64' => 1,
'ESP_DES' => 2,
'ESP_3DES' => 3,
'ESP_RC5' => 4,
'ESP_IDEA' => 5,
'ESP_CAST' => 6,
'ESP_BLOWFISH' => 7,
'ESP_3IDEA' => 8,
'ESP_DES_IV32' => 9,
'ESP_RC4' => 10,
'ESP_NULL' => 11,
'ESP_AES-CBC' => 12,
'ESP_AES-CTR' => 13,
'ESP_AES-CCM_8' => 14,
'ESP_AES-CCM_12' => 15,
'ESP_AES-CCM_16' => 16,
'Unassigned' => 17,
'ESP_AES-GCM_8' => 18,
'ESP_AES-GCM_12' => 19,
'ESP_AES-GCM_16' => 20,
'ESP_SEED_CBC' => 21,
'ESP_CAMELLIA' => 22,
'ESP_NULL_AUTH_AES-GMAC' => 23
)),'###');
echo IND."Transform #$tnr: $transform($tid)<br>";
echo IND.IND.str_replace("\n",'<br>'.IND.IND, attr2str($attribs)).'<br>';
return !$last;
}
function read_proposal(&$str) {
$last = to_int8(take($str, 1));
$flag = to_int8(take($str, 1));
$size = to_int16(take($str, 2));
$pnr = to_int8(take($str, 1));
$protoid = to_int8(take($str, 1));
$spisize = to_int8(take($str, 1));
$transforms = to_int8(take($str, 1));
$spi = take($str, $spisize);
$protocol = '###';
switch($protoid) {
case 0: $protocol='RESERVED'; break;
case 1: $protocol='IKE'; break;
case 2: $protocol='AH'; break;
case 3: $protocol='ESP'; break;
default: {
if ($protoid >= 4 && $protoid<=200) $protocol='IANA';
if ($protoid >= 201 && $protoid<=255) $protocol='PRIVATE';
}
}
echo "Proposal #$pnr ($size) $protocol($protoid) with $transforms transforms <br>";
for ($t=0; $t<=$transforms; $t++) {
if (read_transform(&$str))
break;
}
}
function run($hexstr) {
$hexstr = str_replace(array("\r","\n",' '),'', $hexstr);
$bin = hex2bin($hexstr);
while ($bin != '') {
read_proposal($bin);
}
}
$hex = <<<END
00000624 0103042d 22f5f130 03000024 010c0000 80040001 80060100 80050001
80030001 80010001 00020004 00000e10 03000024 020c0000 80040001 80060100
80050002 80030001 80010001 00020004 00000e10 03000024 030c0000 80040001
80060100 80050005 80030001 80010001 00020004 00000e10 03000024 040c0000
80040001 80060100 80050006 80030001 80010001 00020004 00000e10 03000024
050c0000 80040001 80060100 80050007 80030001 80010001 00020004 00000e10
03000024 060c0000 80040001 800600c0 80050001 80030001 80010001 00020004
00000e10 03000024 070c0000 80040001 800600c0 80050002 80030001 80010001
00020004 00000e10 03000024 080c0000 80040001 800600c0 80050005 80030001
80010001 00020004 00000e10 03000024 090c0000 80040001 800600c0 80050006
80030001 80010001 00020004 00000e10 03000024 0a0c0000 80040001 800600c0
80050007 80030001 80010001 00020004 00000e10 03000024 0b0c0000 80040001
80060080 80050001 80030001 80010001 00020004 00000e10 03000024 0c0c0000
80040001 80060080 80050002 80030001 80010001 00020004 00000e10 03000024
0d0c0000 80040001 80060080 80050005 80030001 80010001 00020004 00000e10
03000024 0e0c0000 80040001 80060080 80050006 80030001 80010001 00020004
00000e10 03000024 0f0c0000 80040001 80060080 80050007 80030001 80010001
00020004 00000e10 03000024 10070000 80040001 80060100 80050001 80030001
80010001 00020004 00000e10 03000024 11070000 80040001 80060100 80050002
80030001 80010001 00020004 00000e10 03000024 12070000 80040001 80060100
80050005 80030001 80010001 00020004 00000e10 03000024 13070000 80040001
80060100 80050006 80030001 80010001 00020004 00000e10 03000024 14070000
80040001 80060100 80050007 80030001 80010001 00020004 00000e10 03000024
15070000 80040001 800600c0 80050001 80030001 80010001 00020004 00000e10
03000024 16070000 80040001 800600c0 80050002 80030001 80010001 00020004
00000e10 03000024 17070000 80040001 800600c0 80050005 80030001 80010001
00020004 00000e10 03000024 18070000 80040001 800600c0 80050006 80030001
80010001 00020004 00000e10 03000024 19070000 80040001 800600c0 80050007
80030001 80010001 00020004 00000e10 03000024 1a070000 80040001 80060080
80050001 80030001 80010001 00020004 00000e10 03000024 1b070000 80040001
80060080 80050002 80030001 80010001 00020004 00000e10 03000024 1c070000
80040001 80060080 80050005 80030001 80010001 00020004 00000e10 03000024
1d070000 80040001 80060080 80050006 80030001 80010001 00020004 00000e10
03000024 1e070000 80040001 80060080 80050007 80030001 80010001 00020004
00000e10 03000020 1f030000 80040001 80050001 80030001 80010001 00020004
00000e10 03000020 20030000 80040001 80050002 80030001 80010001 00020004
00000e10 03000020 21030000 80040001 80050005 80030001 80010001 00020004
00000e10 03000020 22030000 80040001 80050006 80030001 80010001 00020004
00000e10 03000020 23030000 80040001 80050007 80030001 80010001 00020004
00000e10 03000020 24060000 80040001 80050001 80030001 80010001 00020004
00000e10 03000020 25060000 80040001 80050002 80030001 80010001 00020004
00000e10 03000020 26060000 80040001 80050005 80030001 80010001 00020004
00000e10 03000020 27060000 80040001 80050006 80030001 80010001 00020004
00000e10 03000020 28060000 80040001 80050007 80030001 80010001 00020004
00000e10 03000020 29020000 80040001 80050001 80030001 80010001 00020004
00000e10 03000020 2a020000 80040001 80050002 80030001 80010001 00020004
00000e10 03000020 2b020000 80040001 80050005 80030001 80010001 00020004
00000e10 03000020 2c020000 80040001 80050006 80030001 80010001 00020004
00000e10 00000020 2d020000 80040001 80050007 80030001 80010001 00020004
00000e10 04000018 d317a53b fdb1d7f0 2f1e5dfd 4429cb9f 83628212 05000064
6859a101 8ad6cc9f f3ea74de 4d89fcd3 98683b82 10ae1878 8727f456 e6043a92
2bafc513 e3c45836 c36dfc17 a4d3ad6e 9b3237bd 098c918c d3f05a5b df68ffce
972829d5 47a23f23 4fb605ad e22ed5ab bfd4f556 77390149 efe69dd4 1741b43c
0500000c 01000000 8d2ce13b 00000010 04000000 00000000 00000000
END;
echo '<code>';
run($hex);
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment