Title

  Test IKEv2.EN.R.1.3.1.1: Sending INFORMATIONAL response
  Part A: IKE Header Format (BASIC)
  Part B: Encrypted Payload Format (BASIC)


Purpose

  To verify an IKEv2 device properly handles the Initial Exchanges using Pre-shared key


References

  * [RFC 4306] - Sections 1.1.2, 1.4, 3.1 and 3.14


Test Setup

  * Network Topology
      Connect the devices according to the Common Topology.
  * Configuration
      In each part, configure the devices according to the Common Configuration.
  * Pre-Sequence and Cleanup Sequence
      IKEv2 on the NUT is disabled after each part.


Procedure

   NUT                  TN1
(End-Node)           (End-Node)
    |                    |
    |<-------------------| IKE_SA_INIT request (HDR, SAi1, KEi, Ni)
    |                    | (Packet #1)
    |------------------->| IKE_SA_INIT response (HDR, SAr1, KEr, Nr)
    |                    | (Judgement #1)
    |                    |
    |<-------------------| IKE_AUTH request (HDR, SK {IDi, AUTH, N, SAi2, TSi, TSr})
    |                    | (Packet #2)
    |------------------->| IKE_AUTH response (HDR, SK {IDr, AUTH, N, SAr2, TSi, TSr})
    |                    | (Judgement #2)
    |                    |
    |<-------------------| INFORMATIONAL request (HDR, SK {})
    |                    | (Packet #3)
    |------------------->| INFORMATIONAL response (HDR, SK {})
    |                    | (Judgement #3)
    |                    |
    V                    V

N: USE_TRANSPORT_MODE
Packet #1 See Common Packet #1
Packet #2 See Common Packet #3
Packet #3 See Common Packet #17

  Part A: IKE Header Format (BASIC)
     1. TN1 starts to negotiate with NUT by sending IKE_SA_INIT request.
     2. Observe the messages transmitted on Link A.
     3. After reception of IKE_SA_INIT_SA Response from the NUT, TN1 transmits an
        IKE_AUTH request to the NUT.
     4. Observe the messages transmitted on Link A.
     5. After reception of IKE_AUTH response from the NUT, TN1 transmits an
        INFORMATIONAL request with no payloads to the NUT.
     6. Observe the messages transmitted on Link A.
  Part B: Encrypted Payload Format (BASIC)
     7. TN1 starts to negotiate with NUT by sending IKE_SA_INIT request.
     8. Observe the messages transmitted on Link A.
     9. After reception of IKE_SA_INIT_SA Response from the NUT, TN1 transmits an
         IKE_AUTH request to the NUT.
     10. Observe the messages transmitted on Link A.
     11. After reception of IKE_AUTH response from the NUT, TN1 transmits an
         INFORMATIONAL request with no payloads to the NUT.
     12. Observe the messages transmitted on Link A.


Observable Result

  Part A
       Step 2: Judgment #1
       The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
       "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
       algorithms.
       Step 4: Judgment #2
       The NUT transmits an IKE_AUTH response including "ENCR_3DES",
       "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as proposed algorithms.
       Step 7: Judgment #3
       The NUT transmits an INFORMATIONAL response including properly formatted IKE
       Header containing following values:

1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! IKE_SA Initiator's SPI ! ! ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! IKE_SA Responder's SPI ! ! ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! Next Payload ! MjVer ! MnVer ! Exchange Type ! Flags ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! Message ID ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! Length ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 85 Header format
    * An IKE_SA Initiator's SPI field is set to same as the IKE_SA_INIT request's IKE_SA
      Initiator's SPI field value.
    * An IKE_SA Responder's SPI field is set to same as the IKE_SA_INIT response's
      IKE_SA Responder's SPI field value.
    * A Next Payload field is set to Encrypted Payload (46).
    * A Major Version field is set to 2.
    * A Minor Version field is set to zero.
    * An Exchange Type field is set to INFORMATIONAL (37).
    * A Flags field is set to (00000100)2 = (4)10.
    * A Message ID field is set to the same value as corresponding IKEv2 request message's
      Message ID.
    * A Length field is set to the length of the message (header + payloads) in octets.
  
  
  Part B
       Step 9: Judgment #1
       The NUT transmits an IKE_SA_INIT response including "ENCR_3DES",
       "PRF_HMAC_SHA1", "AUTH_HMAC_SHA1_96" and "D-H group 2" as proposed
       algorithms.
       Step 11: Judgment #2
       The NUT transmits an IKE_AUTH response including "ENCR_3DES",
       "AUTH_HMAC_SHA1_96" and "No Extended Sequence Numbers" as proposed algorithms.
       Step 14: Judgment #3
       The NUT transmits an INFORMATIONAL response including properly formatted
       Encrypted Payload containing following values:

1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! Next Payload !C! RESERVED ! Payload Length ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! Initialization Vector ! ! (length is block size for encryption algorithm) ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ Encrypted IKE Payloads ~ + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! ! Padding (0-255 octets) ! +-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+ ! ! Pad Length ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ Integrity Checksum Data ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 86 Encrypted payload
    * A Next Payload field is set to zero.
    * A Critical field is set to zero.
    * A RESERVED field is set to zero.
    * A Payload Length field is set to length in octets of the header, IV, Encrypted
      IKE Payloads, Padding, Pad Length, and Integrity Check sum Data.
    * An Initialization Vector field is set to a randomly chosen value whose length is
      equal to the block length of the underlying encryption algorithm. It is 64 bits
      length in ENCR_3DES case.
    * An Encrypted IKE Payloads field is set to subsequent payloads encrypted by
      ENCR_3DES.
    * A Padding field is set to any value which to be a multiple of the encryption
      block size. It is 64 bits length in ENCR_3DES case.
    * A Pad Length field is set to the length of the Padding field.
    * An Integrity Checksum Data set to the cryptographic checksum of the entire
      message. It is 96 bits length in AUTH_HMAC_SHA1_96 case. The checksum
      must be valid by calculation according to the manner described in RFC.


Possible Problems

  * None.