[strongSwan] non-zero reserved fields in IKE_AUTH response.
martin at strongswan.org
Tue Jun 29 09:53:08 CEST 2010
> Could someone point me to where the calculation would start and end in the
> message below?
Start with the IKE_SA SPIs of the IKE_SA_INIT (_not_ the IKE_AUTH seen
> | | | IKE_SA Initiator's SPI = c3dfaad709d6bd4b
> | | | IKE_SA Responder's SPI = fd546d59933dbe69
> | | | Next Payload = 46 (E)
> | | | Major Version = 2
> | | | Minor Version = 0
> | | | Exchange Type = 35 (IKE_AUTH)
> | | | Flags = 73 (0b01001001)
> | | | | Reserved (XX000000) = 64
> | | | | Response (00R00000) = 0
> | | | | Version (000V0000) = 0
> | | | | Initiator (0000I000) = 1
> | | | | Reserved (00000XXX) = 1
And include all further bytes of the message. Append the nonce of the
other IKE_SA_INIT packet, and prf(Sk_px, IDx').
> 09[IKE] authentication of '2001:db8:1:1::1234' (myself) with pre-shared key
> 09[IKE] octets = message + nonce + prf(Sk_px, IDx') => 342 bytes @ 0x100636b0
> 09[IKE] 0: CF B9 0A AB 05 DB A9 95 C7 FE 12 99 E1 E9 AD B7 ................
> 09[IKE] 16: 21 20 22 20
0x22 is IKE_SA_INIT, starting with a SECURITY_ASSOCIATION payload
Flags is 0x20, meaning the responder flag is set only. Did you set other
reserved flags in the IKE_SA_INIT message?
More information about the Users