Buffalo WZR-HP-G300NHをOpenWrt化しStrongswan IKEv2 IPsec VPNサーバをIPv6経由で利用出来るよう設置した。VPN接続時のMTUを確認するためWiresharkでパケットキャプチャ解析した。IKEv2 IPsecパケットは、暗号化されているため、復号処理し解析する必要がある。Wiresharkで復号処理する方法は、沢山解説されている。要は、復号用の鍵を設定するのだが、接続毎に鍵が変わるので手間がかかる。
WiresharkのISAKMPとESP用復号鍵は、「ikev1_decryption_table」「ikev2_decryption_table」「esp_sa」に設定されている。CSV設定されているので、Strongswanのログから必要な鍵を抽出してCSVレコードとして書き出すLUAスクリプトを用意してみた。
(1)Strongswanの設定
StrongswanのログデータにISAKMPとESP鍵を記録させるために「/etc/ipsec.conf」の「cofig setup」に「charondebug="cfg 2,ike 4,chd 4"」を追加する。ISAKMP鍵は、「IKE」のログレベルを「4」。ESP鍵は、「CHD」のログレベルを「4」。接続時の暗号方式と認証確認方式を記録させるため「CFG」ログレベルを「2」とした。
(2)iPhone(iOS 12.1.4)でIKEv2/IPsec VPN接続時のログ
復号処理に必要な鍵情報を赤文字とした
-------- [ CFG 2 ] --------
Tue Mar 12 14:11:09 2019 daemon.info : 14[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Tue Mar 12 14:11:12 2019 daemon.info : 15[CFG] looking for peer configs matching *****
Tue Mar 12 14:11:12 2019 daemon.info : 06[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Tue Mar 12 14:11:12 2019 daemon.info : 06[CFG] selecting traffic selectors for us:
-------- [ IKE 4 ] --------
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] Sk_ai secret => 32 bytes @ 0x005a2e70
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: B8 1C 6B A0 32 89 BB 67 0F CC B5 A4 A4 88 12 C9 ..k.2..g........
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: B6 2B AC C4 CA 46 19 6C 1E 5A 75 E6 9B 3D 27 2F .+...F.l.Zu..='/
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] Sk_ar secret => 32 bytes @ 0x005a2ea0
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: 62 72 A6 FC 36 C2 74 85 32 B4 E2 02 75 78 E3 82 br..6.t.2...ux..
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: 47 D4 EB BA 71 56 CD B0 74 4A 0A 2A A7 71 E1 9C G...qV..tJ.*.q..
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] Sk_ei secret => 32 bytes @ 0x005a2ed0
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: 7E 57 77 E4 DB 65 07 7B 96 25 42 E1 CB E6 06 C5 ~Ww..e.{.%B.....
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: 77 F2 E1 C6 DF 3F FD B3 CA 94 FD E1 2B 0F 78 CE w....?......+.x.
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] Sk_er secret => 32 bytes @ 0x005a3d40
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: 4C 10 59 FE B8 4F E0 55 36 62 9D A3 A1 B8 23 9A L.Y..O.U6b....#.
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: 08 33 18 88 01 60 82 C4 FE 22 66 39 C9 60 31 DC .3...`..."f9.`1.
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] Sk_pr secret => 32 bytes @ 0x005a2e70
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: 97 CC D2 94 F6 96 0A 80 0F 8C AC 94 EF DE 9A B5 ................
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: 1A 3E 5D 30 2C 8B 05 79 EB E4 DE 08 90 AC DB A3 .>]0,..y........
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] natd_chunk => 34 bytes @ 0x005a1610
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: CF 08 AB 72 6A EC 61 CF 9F 29 96 8F AE E8 06 C1 ...rj.a..)......
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: 24 09 00 10 XX XX YY 20 00 00 00 00 00 12 00 01 $....@. ........
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 32: 01 F4 ..
-------- [ CHD 4 ] --------
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] CHILD_SA eap-id-passwd{1} state change: CREATED => INSTALLING
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] using AES_CBC for encryption
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] using HMAC_SHA2_256_128 for integrity
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] seed => 48 bytes @ 0x76f07970
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 0: 77 42 E3 E8 58 F4 0F 6E 52 F1 B6 EB 48 B8 B7 62 wB..X..nR...H..b
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 16: 2E A9 D1 6B 2F 03 92 0C 83 B3 F5 52 84 8F 92 8A ...k/......R....
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 32: BA 72 D7 01 3C B1 4A 05 B3 27 B8 84 91 54 03 33 .r..<.J..'...T.3
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] encryption initiator key => 32 bytes @ 0x0059edf0
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 0: C5 B6 26 B7 E9 AB E8 58 05 C5 44 51 63 C3 55 08 ..&....X..DQc.U.
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 16: EC 1D 7F 49 65 51 E1 2A 28 31 A4 CC 7F 3A 7F EB ...IeQ.*(1...:..
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] encryption responder key => 32 bytes @ 0x0059ee50
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 0: BB C3 BB 8D 32 B6 3B A2 25 D9 E7 C3 E3 91 61 B0 ....2.;.%.....a.
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 16: 63 55 73 39 23 EC 3D 2B 76 96 FC 56 51 B5 8C 80 cUs9#.=+v..VQ...
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] integrity initiator key => 32 bytes @ 0x0059ee20
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 0: C5 9B CC 73 5D BC C9 54 1A 5B 5F C7 65 D2 EB 06 ...s]..T.[_.e...
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 16: CA 30 21 2D 1E 7A F1 F6 B1 93 D1 E2 FE 04 F0 CF .0!-.z..........
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] integrity responder key => 32 bytes @ 0x005a10b0
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 0: 36 C0 25 E9 23 88 07 C5 70 11 B2 D2 66 1F 56 1D 6.%.#...p...f.V.
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 16: 7A CF D4 80 C4 E5 DF BF FC AB 40 35 97 0C F3 E5 z.........@5....
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] adding inbound ESP SA
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] SPI 0xc1e902e4, src 2001:240:2407:23f2:8c4a:9b67:bcfd:9f04 dst 2409:10:XXXX:YY20::12:1
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] adding outbound ESP SA
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] SPI 0x0361a0b3, src 2409:10:XXXX:YY20::12:1 dst 2001:240:2407:23f2:8c4a:9b67:bcfd:9f04
-
---------------
(3)Wireshark用鍵データ
鍵データは、iPhone(iOS)、macOS、Windows10用として生成する(暗号化方式と認証確認方式を限定)
Windowsでは、「%APPDATA%¥Wireshark」ディレクトリ
macOSでは、「/Users/<username>/.wireshark」ディレクトリ
に配置される「ikev2_decryption_table」及び「esp_sa」ファイルにマージした後、wiresharkを起動するか「設定プロファイル」を設定し直す事で取り込まれる。
ikev2_encryption_table
CF08AB726AEC61CF,9F29968FAEE806C1,7E5777E4DB65077B962542E1CBE606C577F2E1C6DF3FFDB3CA94FDE12B0F78CE,4C1059FEB84FE05536629DA3A1B8239A08331888016082C4FE226639C96031DC,"AES-CBC-256 [RFC3602]",B81C6BA03289BB670FCCB5A4A48812C9B62BACC4CA46196C1E5A75E69B3D272F,6272A6FC36C2748532B4E2027578E38247D4EBBA7156CDB0744A0A2AA771E19C,"HMAC_SHA2_256_128 [RFC4868]"
esp_sa
"IPv6","2001:240:2407:23f2:8c4a:9b67:bcfd:9f04","2409:10:XXXX:YY20::12:1","0xc1e902e4","AES-CBC [RFC3602]","0xC5B626B7E9ABE85805C5445163C35508EC1D7F496551E12A2831A4CC7F3A7FEB","HMAC-SHA-256-128 [RFC4868]","0xC59BCC735DBCC9541A5B5FC765D2EB06CA30212D1E7AF1F6B193D1E2FE04F0CF"
"IPv6","2409:10:XXXX:YY20::12:1","2001:240:2407:23f2:8c4a:9b67:bcfd:9f04","0x0361a0b3","AES-CBC [RFC3602]","0xBBC3BB8D32B63BA225D9E7C3E39161B06355733923EC3D2B7696FC5651B58C80","HMAC-SHA-256-128 [RFC4868]","0x36C025E9238807C57011B2D2661F561D7ACFD480C4E5DFBFFCAB4035970CF3E5"
(4)LUAスクリプト
Strongswanが動作するOpenWrtのコマンドラインで実行する(コードの整理整頓はしていない)。キャプチャ日時は、IKEv2/IPsec VPN接続で暗号化方式と認証確認方式が選択された時点とした。「string.gmatch()」のパターンで日時を先にすると時間が掛かるため、暗号化方式や認証確認方式が選択された行の次行日時をキャプチャした。抽出する鍵は、ログデータの最後に記録された情報とした。
-------- 実行結果 --------
root@OpenWrt:~# lua GetISAKMPKeys.lua
Captured date: Mar 12 14:11:11 2019
Encryption: AES_CBC_256
Authentication: HMAC_SHA2_256_128
SPi=CF08AB726AEC61CF
SPr=9F29968FAEE806C1
ei=7E5777E4DB65077B962542E1CBE606C577F2E1C6DF3FFDB3CA94FDE12B0F78CE
er=4C1059FEB84FE05536629DA3A1B8239A08331888016082C4FE226639C96031DC
ai=B81C6BA03289BB670FCCB5A4A48812C9B62BACC4CA46196C1E5A75E69B3D272F
ar=6272A6FC36C2748532B4E2027578E38247D4EBBA7156CDB0744A0A2AA771E19C
CF08AB726AEC61CF,9F29968FAEE806C1,7E5777E4DB65077B962542E1CBE606C577F2E1C6DF3FFDB3CA94FDE12B0F78CE,4C1059FEB84FE05536629DA3A1B8239A08331888016082C4FE226639C96031DC,"AES-CBC-256 [RFC3602]",B81C6BA03289BB670FCCB5A4A48812C9B62BACC4CA46196C1E5A75E69B3D272F,6272A6FC36C2748532B4E2027578E38247D4EBBA7156CDB0744A0A2AA771E19C,"HMAC_SHA2_256_128 [RFC4868]"
root@OpenWrt:~# lua GetESPKeys.lua
Captured date: Mar 12 14:11:12 2019
Encryption: AES_CBC_256
Authentication: HMAC_SHA2_256_128
encryption=AES-CBC [RFC3602]
integrity=HMAC-SHA-256-128 [RFC4868]
SPi=0xc1e902e4
sri=2001:240:2407:23f2:8c4a:9b67:bcfd:9f04
dsi=2409:10:XXXX:YY20::12:1
SPo=0x0361a0b3
sro=2409:10:XXXX:YY20::12:1
dso=2001:240:2407:23f2:8c4a:9b67:bcfd:9f04
eni=0xC5B626B7E9ABE85805C5445163C35508EC1D7F496551E12A2831A4CC7F3A7FEB
enr=0xBBC3BB8D32B63BA225D9E7C3E39161B06355733923EC3D2B7696FC5651B58C80
ini=0xC59BCC735DBCC9541A5B5FC765D2EB06CA30212D1E7AF1F6B193D1E2FE04F0CF
inr=0x36C025E9238807C57011B2D2661F561D7ACFD480C4E5DFBFFCAB4035970CF3E5
"IPv6","2001:240:2407:23f2:8c4a:9b67:bcfd:9f04","2409:10:XXXX:YY20::12:1","0xc1e902e4","AES-CBC [RFC3602]","0xC5B626B7E9ABE85805C5445163C35508EC1D7F496551E12A2831A4CC7F3A7FEB","HMAC-SHA-256-128 [RFC4868]","0xC59BCC735DBCC9541A5B5FC765D2EB06CA30212D1E7AF1F6B193D1E2FE04F0CF"
"IPv6","2409:10:XXXX:YY20::12:1","2001:240:2407:23f2:8c4a:9b67:bcfd:9f04","0x0361a0b3","AES-CBC [RFC3602]","0xBBC3BB8D32B63BA225D9E7C3E39161B06355733923EC3D2B7696FC5651B58C80","HMAC-SHA-256-128 [RFC4868]","0x36C025E9238807C57011B2D2661F561D7ACFD480C4E5DFBFFCAB4035970CF3E5"
WiresharkのISAKMPとESP用復号鍵は、「ikev1_decryption_table」「ikev2_decryption_table」「esp_sa」に設定されている。CSV設定されているので、Strongswanのログから必要な鍵を抽出してCSVレコードとして書き出すLUAスクリプトを用意してみた。
(1)Strongswanの設定
StrongswanのログデータにISAKMPとESP鍵を記録させるために「/etc/ipsec.conf」の「cofig setup」に「charondebug="cfg 2,ike 4,chd 4"」を追加する。ISAKMP鍵は、「IKE」のログレベルを「4」。ESP鍵は、「CHD」のログレベルを「4」。接続時の暗号方式と認証確認方式を記録させるため「CFG」ログレベルを「2」とした。
(2)iPhone(iOS 12.1.4)でIKEv2/IPsec VPN接続時のログ
復号処理に必要な鍵情報を赤文字とした
-------- [ CFG 2 ] --------
Tue Mar 12 14:11:09 2019 daemon.info : 14[CFG] selected proposal: IKE:AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
Tue Mar 12 14:11:12 2019 daemon.info : 15[CFG] looking for peer configs matching *****
Tue Mar 12 14:11:12 2019 daemon.info : 06[CFG] selected proposal: ESP:AES_CBC_256/HMAC_SHA2_256_128/NO_EXT_SEQ
Tue Mar 12 14:11:12 2019 daemon.info : 06[CFG] selecting traffic selectors for us:
-------- [ IKE 4 ] --------
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] Sk_ai secret => 32 bytes @ 0x005a2e70
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: B8 1C 6B A0 32 89 BB 67 0F CC B5 A4 A4 88 12 C9 ..k.2..g........
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: B6 2B AC C4 CA 46 19 6C 1E 5A 75 E6 9B 3D 27 2F .+...F.l.Zu..='/
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] Sk_ar secret => 32 bytes @ 0x005a2ea0
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: 62 72 A6 FC 36 C2 74 85 32 B4 E2 02 75 78 E3 82 br..6.t.2...ux..
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: 47 D4 EB BA 71 56 CD B0 74 4A 0A 2A A7 71 E1 9C G...qV..tJ.*.q..
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] Sk_ei secret => 32 bytes @ 0x005a2ed0
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: 7E 57 77 E4 DB 65 07 7B 96 25 42 E1 CB E6 06 C5 ~Ww..e.{.%B.....
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: 77 F2 E1 C6 DF 3F FD B3 CA 94 FD E1 2B 0F 78 CE w....?......+.x.
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] Sk_er secret => 32 bytes @ 0x005a3d40
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: 4C 10 59 FE B8 4F E0 55 36 62 9D A3 A1 B8 23 9A L.Y..O.U6b....#.
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: 08 33 18 88 01 60 82 C4 FE 22 66 39 C9 60 31 DC .3...`..."f9.`1.
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] Sk_pr secret => 32 bytes @ 0x005a2e70
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: 97 CC D2 94 F6 96 0A 80 0F 8C AC 94 EF DE 9A B5 ................
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: 1A 3E 5D 30 2C 8B 05 79 EB E4 DE 08 90 AC DB A3 .>]0,..y........
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] natd_chunk => 34 bytes @ 0x005a1610
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 0: CF 08 AB 72 6A EC 61 CF 9F 29 96 8F AE E8 06 C1 ...rj.a..)......
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 16: 24 09 00 10 XX XX YY 20 00 00 00 00 00 12 00 01 $....@. ........
Tue Mar 12 14:11:11 2019 daemon.info : 14[IKE] 32: 01 F4 ..
-------- [ CHD 4 ] --------
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] CHILD_SA eap-id-passwd{1} state change: CREATED => INSTALLING
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] using AES_CBC for encryption
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] using HMAC_SHA2_256_128 for integrity
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] seed => 48 bytes @ 0x76f07970
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 0: 77 42 E3 E8 58 F4 0F 6E 52 F1 B6 EB 48 B8 B7 62 wB..X..nR...H..b
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 16: 2E A9 D1 6B 2F 03 92 0C 83 B3 F5 52 84 8F 92 8A ...k/......R....
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 32: BA 72 D7 01 3C B1 4A 05 B3 27 B8 84 91 54 03 33 .r..<.J..'...T.3
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] encryption initiator key => 32 bytes @ 0x0059edf0
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 0: C5 B6 26 B7 E9 AB E8 58 05 C5 44 51 63 C3 55 08 ..&....X..DQc.U.
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 16: EC 1D 7F 49 65 51 E1 2A 28 31 A4 CC 7F 3A 7F EB ...IeQ.*(1...:..
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] encryption responder key => 32 bytes @ 0x0059ee50
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 0: BB C3 BB 8D 32 B6 3B A2 25 D9 E7 C3 E3 91 61 B0 ....2.;.%.....a.
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 16: 63 55 73 39 23 EC 3D 2B 76 96 FC 56 51 B5 8C 80 cUs9#.=+v..VQ...
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] integrity initiator key => 32 bytes @ 0x0059ee20
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 0: C5 9B CC 73 5D BC C9 54 1A 5B 5F C7 65 D2 EB 06 ...s]..T.[_.e...
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 16: CA 30 21 2D 1E 7A F1 F6 B1 93 D1 E2 FE 04 F0 CF .0!-.z..........
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] integrity responder key => 32 bytes @ 0x005a10b0
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 0: 36 C0 25 E9 23 88 07 C5 70 11 B2 D2 66 1F 56 1D 6.%.#...p...f.V.
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] 16: 7A CF D4 80 C4 E5 DF BF FC AB 40 35 97 0C F3 E5 z.........@5....
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] adding inbound ESP SA
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] SPI 0xc1e902e4, src 2001:240:2407:23f2:8c4a:9b67:bcfd:9f04 dst 2409:10:XXXX:YY20::12:1
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] adding outbound ESP SA
Tue Mar 12 14:11:12 2019 daemon.info : 06[CHD] SPI 0x0361a0b3, src 2409:10:XXXX:YY20::12:1 dst 2001:240:2407:23f2:8c4a:9b67:bcfd:9f04
-
---------------
(3)Wireshark用鍵データ
鍵データは、iPhone(iOS)、macOS、Windows10用として生成する(暗号化方式と認証確認方式を限定)
Windowsでは、「%APPDATA%¥Wireshark」ディレクトリ
macOSでは、「/Users/<username>/.wireshark」ディレクトリ
に配置される「ikev2_decryption_table」及び「esp_sa」ファイルにマージした後、wiresharkを起動するか「設定プロファイル」を設定し直す事で取り込まれる。
ikev2_encryption_table
CF08AB726AEC61CF,9F29968FAEE806C1,7E5777E4DB65077B962542E1CBE606C577F2E1C6DF3FFDB3CA94FDE12B0F78CE,4C1059FEB84FE05536629DA3A1B8239A08331888016082C4FE226639C96031DC,"AES-CBC-256 [RFC3602]",B81C6BA03289BB670FCCB5A4A48812C9B62BACC4CA46196C1E5A75E69B3D272F,6272A6FC36C2748532B4E2027578E38247D4EBBA7156CDB0744A0A2AA771E19C,"HMAC_SHA2_256_128 [RFC4868]"
esp_sa
"IPv6","2001:240:2407:23f2:8c4a:9b67:bcfd:9f04","2409:10:XXXX:YY20::12:1","0xc1e902e4","AES-CBC [RFC3602]","0xC5B626B7E9ABE85805C5445163C35508EC1D7F496551E12A2831A4CC7F3A7FEB","HMAC-SHA-256-128 [RFC4868]","0xC59BCC735DBCC9541A5B5FC765D2EB06CA30212D1E7AF1F6B193D1E2FE04F0CF"
"IPv6","2409:10:XXXX:YY20::12:1","2001:240:2407:23f2:8c4a:9b67:bcfd:9f04","0x0361a0b3","AES-CBC [RFC3602]","0xBBC3BB8D32B63BA225D9E7C3E39161B06355733923EC3D2B7696FC5651B58C80","HMAC-SHA-256-128 [RFC4868]","0x36C025E9238807C57011B2D2661F561D7ACFD480C4E5DFBFFCAB4035970CF3E5"
(4)LUAスクリプト
Strongswanが動作するOpenWrtのコマンドラインで実行する(コードの整理整頓はしていない)。キャプチャ日時は、IKEv2/IPsec VPN接続で暗号化方式と認証確認方式が選択された時点とした。「string.gmatch()」のパターンで日時を先にすると時間が掛かるため、暗号化方式や認証確認方式が選択された行の次行日時をキャプチャした。抽出する鍵は、ログデータの最後に記録された情報とした。
-------- 実行結果 --------
root@OpenWrt:~# lua GetISAKMPKeys.lua
Captured date: Mar 12 14:11:11 2019
Encryption: AES_CBC_256
Authentication: HMAC_SHA2_256_128
SPi=CF08AB726AEC61CF
SPr=9F29968FAEE806C1
ei=7E5777E4DB65077B962542E1CBE606C577F2E1C6DF3FFDB3CA94FDE12B0F78CE
er=4C1059FEB84FE05536629DA3A1B8239A08331888016082C4FE226639C96031DC
ai=B81C6BA03289BB670FCCB5A4A48812C9B62BACC4CA46196C1E5A75E69B3D272F
ar=6272A6FC36C2748532B4E2027578E38247D4EBBA7156CDB0744A0A2AA771E19C
CF08AB726AEC61CF,9F29968FAEE806C1,7E5777E4DB65077B962542E1CBE606C577F2E1C6DF3FFDB3CA94FDE12B0F78CE,4C1059FEB84FE05536629DA3A1B8239A08331888016082C4FE226639C96031DC,"AES-CBC-256 [RFC3602]",B81C6BA03289BB670FCCB5A4A48812C9B62BACC4CA46196C1E5A75E69B3D272F,6272A6FC36C2748532B4E2027578E38247D4EBBA7156CDB0744A0A2AA771E19C,"HMAC_SHA2_256_128 [RFC4868]"
root@OpenWrt:~# lua GetESPKeys.lua
Captured date: Mar 12 14:11:12 2019
Encryption: AES_CBC_256
Authentication: HMAC_SHA2_256_128
encryption=AES-CBC [RFC3602]
integrity=HMAC-SHA-256-128 [RFC4868]
SPi=0xc1e902e4
sri=2001:240:2407:23f2:8c4a:9b67:bcfd:9f04
dsi=2409:10:XXXX:YY20::12:1
SPo=0x0361a0b3
sro=2409:10:XXXX:YY20::12:1
dso=2001:240:2407:23f2:8c4a:9b67:bcfd:9f04
eni=0xC5B626B7E9ABE85805C5445163C35508EC1D7F496551E12A2831A4CC7F3A7FEB
enr=0xBBC3BB8D32B63BA225D9E7C3E39161B06355733923EC3D2B7696FC5651B58C80
ini=0xC59BCC735DBCC9541A5B5FC765D2EB06CA30212D1E7AF1F6B193D1E2FE04F0CF
inr=0x36C025E9238807C57011B2D2661F561D7ACFD480C4E5DFBFFCAB4035970CF3E5
"IPv6","2001:240:2407:23f2:8c4a:9b67:bcfd:9f04","2409:10:XXXX:YY20::12:1","0xc1e902e4","AES-CBC [RFC3602]","0xC5B626B7E9ABE85805C5445163C35508EC1D7F496551E12A2831A4CC7F3A7FEB","HMAC-SHA-256-128 [RFC4868]","0xC59BCC735DBCC9541A5B5FC765D2EB06CA30212D1E7AF1F6B193D1E2FE04F0CF"
"IPv6","2409:10:XXXX:YY20::12:1","2001:240:2407:23f2:8c4a:9b67:bcfd:9f04","0x0361a0b3","AES-CBC [RFC3602]","0xBBC3BB8D32B63BA225D9E7C3E39161B06355733923EC3D2B7696FC5651B58C80","HMAC-SHA-256-128 [RFC4868]","0x36C025E9238807C57011B2D2661F561D7ACFD480C4E5DFBFFCAB4035970CF3E5"
-------- GetISAKMPKeys.lua --------
function execCommand(command)
local handle = io.popen(command,"r")
local content=handle:read("*all")
handle:close()
return content
end
-- get the last matched keys
function getKey(str,pattern)
local xl,yl,zl,x,y,z
for x,y,z in string.gmatch(str,pattern) do
xl = x
yl = y
zl = z
end
return xl, yl, zl
end
-- strongswan log charondebug="CFG 2,IKE 4,CHD 4"
if arg[1] ~= nil then
local fh=io.open(arg[1],"r")
logResult = fh:read("*a")
fh:close()
else
-- Get system log of strongswan
local logcmd = 'logread -e "\\[[IC][KF][EG]\\]"'
logResult=execCommand(logcmd)
end
-- captured date and encryption, authentication
local m = {Jan="01";Feb="02";Mar="03";Apr="04";May="05";Jun="06";Jul="07";Aug="08";Sep="09";Oct="10";Nov="11";Dec="12" }
local enc,auth,dtx = getKey(logResult,"selected %a+: IKE:([%w_]+)/([%w_]+)/.-%w ([%w: ]+) daemon")
local mon,dd,hh,mm,ss,yy = string.match(dtx,"(%w+) (%d+) (%d+):(%d+):(%d+) (%d+)")
local dt=yy..m[mon]..dd..hh..mm..ss
print("Captured date: "..dtx)
print("Encryption: "..enc.."\nAuthentication: "..auth.."\n")
local x,y = getKey(logResult,"Sk_ai.-0: ([%x ]+) .- 16: ([%x ]+) ")
local ai=string.gsub(x..y," ","")
x,y = getKey(logResult,"Sk_ar.-0: ([%x ]+) .- 16: ([%x ]+) ")
local ar=string.gsub(x..y," ","")
x,y = getKey(logResult,"Sk_ei.-0: ([%x ]+) .- 16: ([%x ]+) ")
local ei=string.gsub(x..y," ","")
x,y = getKey(logResult,"Sk_er.-0: ([%x ]+) .- 16: ([%x ]+) ")
local er=string.gsub(x..y," ","")
x = getKey(logResult,"Sk_pr.-natd_chunk.-0: ([%x ]+) ")
x = string.gsub(x," ","")
local spr = string.sub(x,17,32)
local spi = string.sub(x,1,16)
-- write out the key data for wireshark
local fh,estr,ecode = io.open(dt.."ikev2_decryption_table","w")
if fh == nil then
fh:close()
return nil, estr, ecode
else
fh:write(string.format("%s,%s,%s,%s,%q,%s,%s,%q\n",spi,spr,ei,er,"AES-CBC-256 [RFC3602]",ai,ar,"HMAC_SHA2_256_128 [RFC4868]"))
fh:close()
end
print(string.format(" SPi=%s\nSPr=%s\nei=%s\ner=%s\nai=%s\nar=%s\n",spi,spr,ei,er,ai,ar))
print(string.format("%s,%s,%s,%s,%q,%s,%s,%q\n",spi,spr,ei,er,"AES-CBC-256 [RFC3602]",ai,ar,"HMAC_SHA2_256_128 [RFC4868]"))
------------------------ GetESPKeys.lua --------
function execCommand(command)
local handle = io.popen(command,"r")
local content=handle:read("*all")
handle:close()
return content
end
-- get the last matched keys
function getKey(str,pattern)
local xl,yl,zl,x,y,z
for x,y,z in string.gmatch(str,pattern) do
xl = x
yl = y
zl = z
end
return xl, yl, zl
end
if arg[1] ~= nil then
local fh=io.open(arg[1],"r")
logResult = fh:read("*a")
fh:close()
else
-- Get system log of strongswan charondebug="CFG 2,IKE 4,CHD 4"
local logcmd = 'logread -e "\\[C[HF][DG]\\]"'
logResult=execCommand(logcmd)
end
-- captured date and encryption, authentication
local m = {Jan="01";Feb="02";Mar="03";Apr="04";May="05";Jun="06";Jul="07";Aug="08";Sep="09";Oct="10";Nov="11";Dec="12" }
local enc,auth,dtx = getKey(logResult,"selected %a+: ESP:([%w_]+)/([%w_]+).-%w+ ([%w: ]+) daemon")
local mon,dd,hh,mm,ss,yy = string.match(dtx,"(%w+) (%d+) (%d+):(%d+):(%d+) (%d+)")
local dt=yy..m[mon]..dd..hh..mm..ss
print("Captured date: "..dtx)
print("Encryption: "..enc.."\nAuthentication: "..auth)
-- picking up keys
local x,y = getKey(logResult,"encryption initiator.-0: ([%x ]+) .- 16: ([%x ]+) ")
local eni=string.gsub(x..y," ","")
x,y = getKey(logResult,"encryption responder.-0: ([%x ]+) .- 16: ([%x ]+) ")
local enr=string.gsub(x..y," ","")
x,y = getKey(logResult,"integrity initiator.-0: ([%x ]+) .- 16: ([%x ]+) ")
local ini=string.gsub(x..y," ","")
x,y = getKey(logResult,"integrity responder.-0: ([%x ]+) .- 16: ([%x ]+) ")
local inr=string.gsub(x..y," ","")
local z
x,y,z = getKey(logResult,"inbound ESP SA.-SPI (0x[%x]+), src ([%x:]+) dst ([%x:]+)")
local SPi = x
local sri = y
local dsi = z
x,y,z = getKey(logResult,"outbound ESP SA.-SPI (0x[%x]+), src ([%x:]+) dst ([%x:]+)")
local SPo = x
local sro = y
local dso = z
x,y = getKey(logResult,"CHILD_SA.-using ([%w_]+) for.-using ([%w_]+) for")
local encryption=x
local integrity=y
if x == "AES_CBC" then
encryption = "AES-CBC [RFC3602]"
else
encryption = "NULL"
end
local xx,yy = string.match(y,"HMAC_SHA2_(%d+)_(%d+)")
if y == "HMAC_SHA1_96" then
integrity = "HMAC-SHA-1-96 [RFC2404]"
elseif string.match(y,"HMAC_SHA2_") ~= nill then
integrity = "HMAC-SHA-"..xx.."-"..yy.." [RFC4868]"
else
integrity = "NULL"
end
-- write out the key data for wireshark
local fh,estr,ecode = io.open(dt.."esp_sa","w")
if fh == nil then
fh:close()
return nil, estr, ecode
else
fh:write(string.format("%q,%q,%q,%q,%q,%q,%q,%q\n","IPv6",sri,dsi,SPi,encryption,"0x"..eni,integrity,"0x"..ini))
fh:write(string.format("%q,%q,%q,%q,%q,%q,%q,%q\n","IPv6",sro,dso,SPo,encryption,"0x"..enr,integrity,"0x"..inr))
fh:close()
end
print(string.format(" encryption=%s\nintegrity=%s\n",encryption,integrity))
print(string.format(" SPi=%s\nsri=%s\ndsi=%s\n",SPi,sri,dsi))
print(string.format(" SPo=%s\nsro=%s\ndso=%s\n",SPo,sro,dso))
print(string.format(" eni=0x%s\nenr=0x%s\nini=0x%s\ninr=0x%s\n",eni,enr,ini,inr))
print(string.format("%q,%q,%q,%q,%q,%q,%q,%q\n","IPv6",sri,dsi,SPi,encryption,"0x"..eni,integrity,"0x"..ini))
print(string.format("%q,%q,%q,%q,%q,%q,%q,%q\n","IPv6",sro,dso,SPo,encryption,"0x"..enr,integrity,"0x"..inr))
----------------
アクセス
トータル
