Skip to content

IPsec is return encrypted packet with wrong ICV when ICV_size is 8/12 #4903

New issue
New issue
Open
Open
IPsec is return encrypted packet with wrong ICV when ICV_size is 8/12#4903
@ImanAfaneh293

Description

@ImanAfaneh293
ImanAfaneh293
opened on Jan 28, 2026

Brief description

When we specify the crypto_icv_size to be 8 or 12, we expected ICV to be 8/12 bytes, but the encrypted packet is returned with ICV 16 bytes

Proposal fix:
#4902

Scapy version

2.6.1

Python version

3.10

Operating system

Ubuntu 24.04

Additional environment information

No response

How to reproduce

plain pkt:
packet = Ether(dst='00:16:3e:18:a3:d8', src='00:16:3e:1f:a3:21', type=2048)/IP(version=4, ihl=5, tos=138, id=0, flags=0, frag=0, ttl=64, proto=17, src='208.187.180.224', dst='13.44.133.133')/UDP(sport=21462, dport=6745)/Raw(load=b'vwOTOgfUCksFGipvuBJiKyvjjVsiSiAdWxIbkVJTWNsRateFXLMRkLGpQvltFUCgYOELFCh')

sa = SecurityAssociation(ESP, 37, 0, crypt_key= b'n\x01\x9b\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00',crypt_icv_size=12,tunnel_header=IP(src="2.2.2.2",dst="195.108.74.160",id=3, ttl=0),crypt_algo="AES-GCM")

iv = b'\x00\x00\x00\x00\x00\x00\x00\x00'

encrypted_pkt = sa.encrypt(packet[IP], iv=iv)

Actual result

IP(version=4, ihl=5, tos=0, len=156, id=3, flags=0, frag=0, ttl=0, proto=50, chksum=43037, src='2.2.2.2', dst='195.108.74.160')/ESP(spi=37, seq=0, data=b'\x00\x00\x00\x00\x00\x00\x00\x00t\x90\xd1\xe0"\xe4\x8a\x80?v\x7f\x9f\xa6\xb8\xf2e\xd8\x01\x84\xe6\xf3\x8a\xf9\xa5\x85\xeb\r^\x12\xa7\x81\xc7A\xaa\xb2%\x88c\x05\x05\xdb\x90\x94{A.\xa4\xc1\x87sh g\xf0\x0fL\x0b\xff\xe4\xef'\x0fA\xb7\xa3\x04\xc9\xe7m\x15\xc0\xb8y\x1ao\xa4\x88tl\x86\x92\x89\xdbD\xe3~HBv;xlb\xccD:\x06 \x03\x99\xed\x95\xf76.a\x07\xa6*=\xc8\x80V\xf5\x0c\xf1\xdb\xc2\xa9/')

Expected result

IP(version=4, ihl=5, tos=0, len=152, id=3, flags=0, frag=0, ttl=0, proto=50, chksum=43041, src='2.2.2.2', dst='195.108.74.160')/ESP(spi=37, seq=0, data=b'\x00\x00\x00\x00\x00\x00\x00\x00t\x90\xd1\xe0"\xe4\x8a\x80?v\x7f\x9f\xa6\xb8\xf2e\xd8\x01\x84\xe6\xf3\x8a\xf9\xa5\x85\xeb\r^\x12\xa7\x81\xc7A\xaa\xb2%\x88c\x05\x05\xdb\x90\x94{A.\xa4\xc1\x87sh g\xf0\x0fL\x0b\xff\xe4\xef'\x0fA\xb7\xa3\x04\xc9\xe7m\x15\xc0\xb8y\x1ao\xa4\x88tl\x86\x92\x89\xdbD\xe3~HBv;xlb\xccD:\x06 \x03\x99\xed\x95\xf76.a\x07\xa6*=\xc8\x80V\xf5\x0c\xf1')

Related resources

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions