T8136: IPSEC PPK Support

[giga1699]

Change summary

Adds support for IKEv2 post-quantum preshared keys

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Code style update (formatting, renaming)
• Refactoring (no functional changes)
• Migration from an old Vyatta component to vyos-1x, please link to related PR inside obsoleted component
• Other (please describe):

Related Task(s)

https://vyos.dev/T8136

Related PR(s)

vyos/vyos-documentation#1733

How to test / Smoketest result

test_site_to_site_nist_800_77_cnsa_1_with_ppk (__main__.TestVPNIPsec.test_site_to_site_nist_800_77_cnsa_1_with_ppk) ... ok

----------------------------------------------------------------------
Ran 1 test in 3.671s

OK

Checklist:

• I have read the CONTRIBUTING document
• I have linked this PR to one or more Phabricator Task(s)
• I have run the components SMOKETESTS if applicable
• My commit headlines contain a valid Task id
• My change requires a change to the documentation
• I have updated the documentation accordingly

[github-actions]

👍
No issues in PR Title / Commit Title

[sarthurdev]

This is looking good, can you extend ipsec smoketests for the new use cases?

[giga1699]

I was going to make an attempt to write a smoke test. It’ll be my first run at writing a smoketest.

I have already tested against known working strongSwan configs. I’ll take those tests to put into smoketest and update.

I’m also planning to put together the documentation PR. Just haven’t gotten to that yet.

I’ll update the initial PR comment to reflect these updates when complete, and take this out of draft.

[giga1699]

Added relevant smoketest, and completed documentation update. I think this should be ready to go.

[sarthurdev]

Thanks for the smoketest.

Just needs couple extra steps for config validation and XML deduplication.

[giga1699]

Much appreciated for catching those items. It got me thinking about some additional error checking.

I added in that PPK IDs need to be unique, so it now checks that all IDs are unique. Since I had to gather all the IDs for that check, the verify() also confirms that a PPK ID used in a connection is actually defined in the authentication config.

It might be useful to replicate that check for PSKs. I'm happy to open a new task and take care of that if it would be helpful.

Branch was also rebased to current.

[giga1699]

In my testing if you use the same ID for multiple PPKs, it seems like strongSwan will only use the last loaded PPK for that ID. That is why I put in a check. The ID needs not be an IP address, it is a string that is passed in the IKE phase 1 to let the other side know I'm using key XX. If the receiving side has a key with that same key ID, then it will use that secret to try and establish the SA.

[giga1699]

Removed the check in the connection configurations to confirm that a PPK ID was defined in the authentication configuration. This allows an operator to define a wildcard match for the PPK ID, as referenced in the strongSwan example PPK configuration.

[sever-sever]

Add the ability to use PPK ID and secrets for IPsec connections

[alexandr-san4ez]

Please also fix linter errors for your changes.

[alexandr-san4ez]

Post-quantum preshared key support well implemented and ready to merge.

vyos@vyos:~$ /usr/libexec/vyos/tests/smoke/cli/test_vpn_ipsec.py
...
test_site_to_site_nist_800_77_cnsa_1_with_ppk (__main__.TestVPNIPsec.test_site_to_site_nist_800_77_cnsa_1_with_ppk) ... ok
...
----------------------------------------------------------------------
Ran 20 tests in 101.409s
OK

[github-actions]

CI integration 👍 passed!

Details

CI logs

• CLI Smoketests 👍 passed
• CLI Smoketests (interfaces only) 👍 passed
• Config tests 👍 passed
• RAID1 tests 👍 passed
• CLI Smoketests VPP 👍 passed
• Config tests VPP 👍 passed
• TPM tests 👍 passed

[sarthurdev]

Requested changes addressed, code looks good, adds smoketest coverage. Locally verified CLI and resulting strongswan config/instance.

[dmbaturin]

The implementation seems sensible but I left a few suggestions.

[dmbaturin]

Suggested change

	<help>Enable support for childless IKE_SA initiation</help>
	<help>Enable support for childless IKE SA initiation</help>

[dmbaturin]

I don't think there should be an underscore here, just a space.

[dmbaturin]

Suggested change

	<description>Responder will allow childless IKE_SA, but initiator will not create childless connection</description>
	<description>Responder will allow childless IKE SA, but initiator will not create childless connections</description>

[dmbaturin]

Suggested change

	<description>Responder will allow childless IKE_SA, and initiator will make childless connection if supported by responder</description>
	<description>Responder will allow childless IKE SA, and initiator will make childless connections if supported by responder</description>

[dmbaturin]

Suggested change

	<description>Require the use of childless IKE_SA</description>
	<description>Require the use of childless IKE SA</description>

[dmbaturin]

Suggested change

	<description>Disable support for childless IKE_SAs as responder</description>
	<description>Disable support for childless IKE SAs as responder</description>

[dmbaturin]

Suggested change

	f'Post-quantum preshared keys must be used with IKEv2! IKEv2 key-exchange not set in ike-group "{ike}".'
	f'Incorrect configuration in IKE group "{ike}": post-quantum pre-shared keys are not supported for IKEv1.'

[dmbaturin]

Suggested change

	f'Childless IKE SAs be used with IKEv2! IKEv2 key-exchange not set in ike-group "{ike}".'
	f'Incorrect configuration in IKE group "{ike}": childless IKE SAs can only be used with IKEv2.'

[dmbaturin]

Do we actually need this error at all? IKEv2 is enabled by default, so it will be fine for initiating connections. Not setting key exchange to IKEv2 explicitly will enable the peer to respond to IKEv1 connections, but will that not fail automatically if the local side demands post-quantum key exchange?