[psp] Add support for the PSP Security Protocol

[eyalitki]

Checklist:

• [V] If you are new to Scapy: I have checked CONTRIBUTING.md (esp. section submitting-pull-requests)
• [V] I squashed commits belonging together
• [V] I added unit tests or explained why they are not relevant
• [V] I executed the regression tests (using cd test && ./run_tests or tox)

Description:

PSP stands for PSP Security Protocol, and is a lightweight IPSec-Like implementation that was released by Google and is getting traction within data centers.

This commit adds support for versions 0 & 1 of the protocol which use AES-GCM in 128 and 265 bits. Support was tested against the testing tool of the RFC which is quite cumbersome. Example test vector is found in the usage instructions in the code itself.

The field names are taken from the LUA dissector for Wireshark as was provided by the RFC's GitHub repository.

[gpotter2]

Hi & thanks for the PR !

Could you:

• move this layer to contrib/ ? The general rule is to put layers that you'd find on any network in layers/, and more specialised ones in contrib
• add some unit tests? You'll find many examples in test/, it can be as easy as building and dissecting a few packets, and testing some fields.

Thanks !

[eyalitki]

Ack, made the changes as suggested. The unit tests include:

• Basic field checks
• The scenario from the usage example
• 3 main scenarios from the RFC testing tool itself - the .pcap files are auto-generated as "test vectors" by the RFC tool

This way, the unit tests ensure that Scapy complies with the RFC as part of its regression

[eyalitki]

Hi, is there anything else that requires attention/modification in this PR? Please let me know if I can assist in any way in the review process for this change.

[eyalitki]

@gpotter2 is there anything I can assist with for this review? I already contributed code in the past to two other projects you help maintain (xrdp and FreeRDP) and would be happy to assist in this one if possible.

[gpotter2]

Hi ! I'm really sorry for the delay.

I'm currently under really heavy load and have little time available. Sorry about that.

The PR looks honestly very good. Could you just gzip the pcaps ? Scapy can read .pcap.gz without any trouble.

Thanks again for the PR

[eyalitki]

Ack, done and ready for review.

@gpotter2 Thanks again for your time reviewing this.

[codecov]

Codecov Report

Attention: Patch coverage is 93.44262% with 4 lines in your changes missing coverage. Please review.

Project coverage is 82.16%. Comparing base (267f99a) to head (b7874ef).
Report is 4 commits behind head on master.

Files with missing lines	Patch %	Lines
scapy/contrib/psp.py	93.44%	4 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4678      +/-   ##
==========================================
+ Coverage   82.15%   82.16%   +0.01%     
==========================================
  Files         361      362       +1     
  Lines       87283    87344      +61     
==========================================
+ Hits        71703    71763      +60     
- Misses      15580    15581       +1     

Files with missing lines	Coverage Δ
scapy/contrib/psp.py	93.44% <93.44%> (ø)

... and 4 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[eyalitki]

Original commit failed on DNS dissector for the naïve example as DNS is the default port for UDP() and the raw payload that we used was not a valid DNS request. While the tests passed locally for some reason they failed in the C/I.

Fix was to update the example (and unit test) to use symbolic port numbers of 1234 and 5678 so to avoid this issue.