Test IKEv2.EN.I.1.1.6.7: Receipt of INVALID_KE_PAYLOAD
Part A: (ADVANCED)
To verify an IKEv2 device properly handles IKE_SA_INIT response with a Notify payload
of type INVALID_KE_PAYLOAD.
* [RFC 4306] - Sections 2.7, 3.4 and 3.10.1
* [RFC 4718] - Sections 2.1 and 2.2
* Network Topology
Connect the devices according to the Common Topology.
* Configuration
In each part, configure the devices according to the Common Configuration.
* Pre-Sequence and Cleanup Sequence
IKEv2 on the NUT is disabled after each part.
NUT TN1
(End-Node) (End-Node)
| |
|------------------->| IKE_SA_INIT request (HDR, SAi1, KEi, Ni)
| | (Judgement #1)
|<-------------------| IKE_SA_INIT Response (HDR, SAr1, KEr, Nr)
| | (Packet #1)
| |
|------------------->| IKE_AUTH request (HDR, SK {IDi, AUTH, N+, SAi2, TSi, TSr})
| | (Judgement #2)
|<-------------------| IKE_AUTH response (HDR, SK {IDr, AUTH, N+, SAr2, TSi, TSr})
| | (Packet #2)
| |
--- ---
| | ---
|<-------------------| IPSec {Echo Request} |
| | (Packet #3) |
|------------------->| IPSec {Echo Reply} | repeat Echo exchange until lifetime of SA is expired
| | (Judgement #3) |
| | ---
--- ---
| |
|------------------->| CREATE_CHILD_SA request (HDR, SK {N, N+, SA(DH#2, DH#14), Ni, KEi(DH#14), TSi, TSr})
| | (Judgement #4)
|<-------------------| CREATE_CHILD_SA response (HDR, SK {N(INVALID_KE_PAYLOAD(DH#2))})
| | (Packet #4)
| |
|------------------->| CREATE_CHILD_SA request (HDR, SK {N, N+, SA(DH#2, DH#14), Ni, KEi'(DH#2), TSi, TSr})
| | (Judgement #5)
| |
V V
N: REKEY_SA
N+: USE_TRANSPORT_MODE
| Packet #1 |
See Common Packet #2 |
| Packet #2 |
See Common Packet #4 |
| Packet #3 |
See Common Packet #19 |
| Packet #4 |
See below |
Packet #4: CREATE_CHILD_SA response
| IPv6 Header |
Same as Common Packet #14 |
| UDP Header |
Same as Common Packet #14 |
| IKEv2 Header |
Same as Common Packet #14 |
| E Payload |
Same as Common Packet #14 |
| N Payload |
Next Payload |
0 |
| Critical |
0 |
| Reserved |
0 |
| Payload Length |
10 |
| Protocol ID |
0 |
| SPI Size |
0 |
| Notify Message Type |
INVALID_KE_PAYLOAD (17) |
| Notification Data |
The accepted D-H Group # (2) |
Part A: (BASIC)
1. NUT starts to negotiate with TN1 by sending IKE_SA_INIT request.
2. Observe the messages transmitted on Link A.
3. TN1 responds with an IKE_SA_INIT response to the NUT.
4. Observe the messages transmitted on Link A.
5. After reception of IKE_AUTH request from the NUT, TN1 responds with an IKE_AUTH
response to the NUT
6. TN1 transmits an Echo Request with IPsec ESP using the first negotiated algorithms to NUT.
7. Observe the messages transmitted on Link A.
8. Repeat Steps 6 and 7 until lifetime of SA is expired.
9. Observe the messages transmitted on Link A.
10. After reception of CREATE_CHILD_SA request for rekeying from the NUT, TN1 responds
with a CREATE_CHILD_SA response with a Notify payload of type
INVALID_KE_PAYLOAD containing 2 (1024 Bit MODP) as Notification Data to the NUT.
11. Observe the messages transmitted on Link A.
Part A
Step 2: Judgment #1
The NUT transmits an IKE_SA_INIT request including "ENCR_3DES",
"PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
algorithms.
Step 4: Judgment #2
The NUT transmits an IKE_SA_INIT request including "ENCR_3DES",
"PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
algorithms and a Key Exchange payload which contains a recalculated Key Exchange Data.
Step 7: Judgment #3
The NUT transmits an Echo Reply with IPsec ESP using corresponding algorithms.
Step 9: Judgment #4
The NUT transmits a CREATE_CHILD_SA request including "ENCR_3DES",
"AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers", "D-H group 2" and "D-H group
14" as proposed algorithms. KEi payload must carry "D-H group 14" public key value.
And the CREATE_CHILD_SA request includes a Notify payload of type REKEY_SA
containing rekeyed CHILD_SA's SPI value in the SPI field.
Step 11: Judgment #5
The NUT transmits a CREATE_CHILD_SA request including "ENCR_3DES",
"PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
algorithms and a Key Exchange payload which contains a recalculated Key Exchange Data.
* None.