blob: 037a3f5777e647416b0c1c9388c17c2cbf9e9569 [file] [log] [blame]
Ed Warnickecb9cada2015-12-08 15:45:58 -07001/*
2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16#include <vlib/vlib.h>
17#include <vnet/vnet.h>
18#include <vnet/pg/pg.h>
19#include <vppinfra/error.h>
Dave Barach68b0fb02017-02-28 15:15:56 -050020#include <vnet/udp/udp.h>
Ed Warnickecb9cada2015-12-08 15:45:58 -070021#include <vnet/ipsec/ikev2.h>
22#include <vnet/ipsec/ikev2_priv.h>
23#include <openssl/obj_mac.h>
24#include <openssl/ec.h>
25#include <openssl/x509.h>
26#include <openssl/pem.h>
27#include <openssl/bn.h>
Marco Varlesef616d102017-11-09 15:16:20 +010028#include <openssl/dh.h>
Ed Warnickecb9cada2015-12-08 15:45:58 -070029
30/* from RFC7296 */
31static const char modp_dh_768_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -070032 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
33 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
34 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
35 "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -070036static const char modp_dh_768_generator[] = "02";
37
38static const char modp_dh_1024_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -070039 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
40 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
41 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
42 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
43 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" "FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -070044static const char modp_dh_1024_generator[] = "02";
45
46/* from RFC3526 */
47static const char modp_dh_1536_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -070048 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
49 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
50 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
51 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
52 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
53 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
54 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
55 "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -070056static const char modp_dh_1536_generator[] = "02";
57
58static const char modp_dh_2048_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -070059 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
60 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
61 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
62 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
63 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
64 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
65 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
66 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
67 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
68 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
69 "15728E5A8AACAA68FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -070070static const char modp_dh_2048_generator[] = "02";
71
72static const char modp_dh_3072_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -070073 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
74 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
75 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
76 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
77 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
78 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
79 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
80 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
81 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
82 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
83 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
84 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
85 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
86 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
87 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
88 "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -070089static const char modp_dh_3072_generator[] = "02";
90
91static const char modp_dh_4096_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -070092 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
93 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
94 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
95 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
96 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
97 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
98 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
99 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
100 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
101 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
102 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
103 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
104 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
105 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
106 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
107 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
108 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
109 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
110 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
111 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
112 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" "FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700113static const char modp_dh_4096_generator[] = "02";
114
115static const char modp_dh_6144_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700116 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
117 "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
118 "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
119 "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
120 "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
121 "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
122 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
123 "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
124 "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
125 "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
126 "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
127 "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
128 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
129 "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
130 "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
131 "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
132 "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
133 "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
134 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
135 "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
136 "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
137 "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
138 "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
139 "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
140 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
141 "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
142 "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E"
143 "6DCC4024FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700144static const char modp_dh_6144_generator[] = "02";
145
146static const char modp_dh_8192_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700147 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
148 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
149 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
150 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
151 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
152 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
153 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
154 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
155 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
156 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
157 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
158 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
159 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
160 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
161 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
162 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
163 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
164 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
165 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
166 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
167 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
168 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD"
169 "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831"
170 "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B"
171 "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF"
172 "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6"
173 "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3"
174 "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
175 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328"
176 "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C"
177 "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE"
178 "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4"
179 "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300"
180 "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568"
181 "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9"
182 "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B"
183 "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A"
184 "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36"
185 "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1"
186 "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92"
187 "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47"
188 "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71"
189 "60C980DD98EDD3DFFFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700190static const char modp_dh_8192_generator[] = "02";
191
192/* from RFC5114 */
193static const char modp_dh_1024_160_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700194 "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
195 "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0"
196 "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
197 "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0"
198 "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" "DF1FB2BC2E4A4371";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700199static const char modp_dh_1024_160_generator[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700200 "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
201 "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213"
202 "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
203 "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A"
204 "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" "855E6EEB22B3B2E5";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700205
206static const char modp_dh_2048_224_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700207 "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"
208 "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15"
209 "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"
210 "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207"
211 "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"
212 "B3BF8A317091883681286130BC8985DB1602E714415D9330"
213 "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"
214 "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8"
215 "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"
216 "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71"
217 "CF9DE5384E71B81C0AC4DFFE0C10E64F";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700218static const char modp_dh_2048_224_generator[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700219 "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"
220 "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"
221 "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"
222 "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"
223 "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"
224 "F180EB34118E98D119529A45D6F834566E3025E316A330EF"
225 "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"
226 "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"
227 "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"
228 "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"
229 "81BC087F2A7065B384B890D3191F2BFA";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700230
231static const char modp_dh_2048_256_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700232 "87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F2"
233 "5D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA30"
234 "16C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD"
235 "5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B"
236 "6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C"
237 "4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0E"
238 "F13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D9"
239 "67E144E5140564251CCACB83E6B486F6B3CA3F7971506026"
240 "C0B857F689962856DED4010ABD0BE621C3A3960A54E710C3"
241 "75F26375D7014103A4B54330C198AF126116D2276E11715F"
242 "693877FAD7EF09CADB094AE91E1A1597";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700243static const char modp_dh_2048_256_generator[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700244 "3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF2054"
245 "07F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555"
246 "BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18"
247 "A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B"
248 "777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC83"
249 "1D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55"
250 "A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14"
251 "C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915"
252 "B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6"
253 "184B523D1DB246C32F63078490F00EF8D647D148D4795451"
254 "5E2327CFEF98C582664B4C0F6CC41659";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700255
256v8 *
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700257ikev2_calc_prf (ikev2_sa_transform_t * tr, v8 * key, v8 * data)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700258{
Marco Varlesef616d102017-11-09 15:16:20 +0100259#if OPENSSL_VERSION_NUMBER >= 0x10100000L
260 HMAC_CTX *ctx;
261#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700262 HMAC_CTX ctx;
Marco Varlesef616d102017-11-09 15:16:20 +0100263#endif
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700264 v8 *prf;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700265 unsigned int len = 0;
266
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700267 prf = vec_new (u8, tr->key_trunc);
Marco Varlesef616d102017-11-09 15:16:20 +0100268#if OPENSSL_VERSION_NUMBER >= 0x10100000L
269 ctx = HMAC_CTX_new ();
270 HMAC_Init_ex (ctx, key, vec_len (key), tr->md, NULL);
271 HMAC_Update (ctx, data, vec_len (data));
272 HMAC_Final (ctx, prf, &len);
273#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700274 HMAC_CTX_init (&ctx);
275 HMAC_Init_ex (&ctx, key, vec_len (key), tr->md, NULL);
276 HMAC_Update (&ctx, data, vec_len (data));
277 HMAC_Final (&ctx, prf, &len);
278 HMAC_CTX_cleanup (&ctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100279#endif
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700280 ASSERT (len == tr->key_trunc);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700281
282 return prf;
283}
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700284
Ed Warnickecb9cada2015-12-08 15:45:58 -0700285u8 *
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700286ikev2_calc_prfplus (ikev2_sa_transform_t * tr, u8 * key, u8 * seed, int len)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700287{
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700288 v8 *t = 0, *s = 0, *tmp = 0, *ret = 0;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700289 u8 x = 0;
290
291 /* prf+ (K,S) = T1 | T2 | T3 | T4 | ...
292
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700293 where:
294 T1 = prf (K, S | 0x01)
295 T2 = prf (K, T1 | S | 0x02)
296 T3 = prf (K, T2 | S | 0x03)
297 T4 = prf (K, T3 | S | 0x04)
298 */
Ed Warnickecb9cada2015-12-08 15:45:58 -0700299
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700300 while (vec_len (ret) < len && x < 255)
301 {
302 if (t)
303 {
304 vec_append (s, t);
305 vec_free (t);
306 }
307
308 vec_append (s, seed);
309 vec_add2 (s, tmp, 1);
310 *tmp = x + 1;
311 t = ikev2_calc_prf (tr, key, s);
312 vec_append (ret, t);
313 vec_free (s);
314 x++;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700315 }
316
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700317 vec_free (t);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700318
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700319 if (x == 255)
320 {
321 vec_free (ret);
322 }
Ed Warnickecb9cada2015-12-08 15:45:58 -0700323
324 return ret;
325}
326
327v8 *
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700328ikev2_calc_integr (ikev2_sa_transform_t * tr, v8 * key, u8 * data, int len)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700329{
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700330 v8 *r;
Marco Varlesef616d102017-11-09 15:16:20 +0100331#if OPENSSL_VERSION_NUMBER >= 0x10100000L
332 HMAC_CTX *hctx;
333#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700334 HMAC_CTX hctx;
Marco Varlesef616d102017-11-09 15:16:20 +0100335#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700336 unsigned int l;
337
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700338 ASSERT (tr->type == IKEV2_TRANSFORM_TYPE_INTEG);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700339
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700340 r = vec_new (u8, tr->key_len);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700341
Berenger Foucher2ce8bd92018-08-30 16:33:53 +0200342 if (tr->md == EVP_sha1 ())
343 {
344 clib_warning ("integrity checking with sha1");
345 }
346 else if (tr->md == EVP_sha256 ())
347 {
348 clib_warning ("integrity checking with sha256");
349 }
350
Ed Warnickecb9cada2015-12-08 15:45:58 -0700351 /* verify integrity of data */
Marco Varlesef616d102017-11-09 15:16:20 +0100352#if OPENSSL_VERSION_NUMBER >= 0x10100000L
353 hctx = HMAC_CTX_new ();
354 HMAC_Init_ex (hctx, key, vec_len (key), tr->md, NULL);
355 HMAC_Update (hctx, (const u8 *) data, len);
356 HMAC_Final (hctx, r, &l);
357#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700358 HMAC_CTX_init (&hctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100359 HMAC_Init_ex (&hctx, key, vec_len (key), tr->md, NULL);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700360 HMAC_Update (&hctx, (const u8 *) data, len);
361 HMAC_Final (&hctx, r, &l);
362 HMAC_CTX_cleanup (&hctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100363#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700364
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700365 ASSERT (l == tr->key_len);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700366
367 return r;
368}
369
370v8 *
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700371ikev2_decrypt_data (ikev2_sa_t * sa, u8 * data, int len)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700372{
Marco Varlesef616d102017-11-09 15:16:20 +0100373#if OPENSSL_VERSION_NUMBER >= 0x10100000L
374 EVP_CIPHER_CTX *ctx;
375#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700376 EVP_CIPHER_CTX ctx;
Marco Varlesef616d102017-11-09 15:16:20 +0100377#endif
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700378 v8 *r;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700379 int out_len = 0, block_size;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700380 ikev2_sa_transform_t *tr_encr;
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000381 u8 *key = sa->is_initiator ? sa->sk_er : sa->sk_ei;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700382
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700383 tr_encr =
384 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700385 block_size = tr_encr->block_size;
386
387 /* check if data is multiplier of cipher block size */
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700388 if (len % block_size)
389 {
390 clib_warning ("wrong data length");
391 return 0;
392 }
Ed Warnickecb9cada2015-12-08 15:45:58 -0700393
Marco Varlesef616d102017-11-09 15:16:20 +0100394#if OPENSSL_VERSION_NUMBER >= 0x10100000L
395 ctx = EVP_CIPHER_CTX_new ();
396#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700397 EVP_CIPHER_CTX_init (&ctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100398#endif
399
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700400 r = vec_new (u8, len - block_size);
Marco Varlesef616d102017-11-09 15:16:20 +0100401
402#if OPENSSL_VERSION_NUMBER >= 0x10100000L
403 EVP_DecryptInit_ex (ctx, tr_encr->cipher, NULL, key, data);
404 EVP_DecryptUpdate (ctx, r, &out_len, data + block_size, len - block_size);
405 EVP_DecryptFinal_ex (ctx, r + out_len, &out_len);
406#else
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000407 EVP_DecryptInit_ex (&ctx, tr_encr->cipher, NULL, key, data);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700408 EVP_DecryptUpdate (&ctx, r, &out_len, data + block_size, len - block_size);
409 EVP_DecryptFinal_ex (&ctx, r + out_len, &out_len);
Marco Varlesef616d102017-11-09 15:16:20 +0100410#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700411 /* remove padding */
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700412 _vec_len (r) -= r[vec_len (r) - 1] + 1;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700413
Marco Varlesef616d102017-11-09 15:16:20 +0100414#if OPENSSL_VERSION_NUMBER < 0x10100000L
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700415 EVP_CIPHER_CTX_cleanup (&ctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100416#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700417 return r;
418}
419
420int
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700421ikev2_encrypt_data (ikev2_sa_t * sa, v8 * src, u8 * dst)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700422{
Marco Varlesef616d102017-11-09 15:16:20 +0100423#if OPENSSL_VERSION_NUMBER >= 0x10100000L
424 EVP_CIPHER_CTX *ctx;
425#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700426 EVP_CIPHER_CTX ctx;
Marco Varlesef616d102017-11-09 15:16:20 +0100427#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700428 int out_len;
429 int bs;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700430 ikev2_sa_transform_t *tr_encr;
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000431 u8 *key = sa->is_initiator ? sa->sk_ei : sa->sk_er;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700432
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700433 tr_encr =
434 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700435 bs = tr_encr->block_size;
436
437 /* generate IV */
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700438 RAND_bytes (dst, bs);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700439
Marco Varlesef616d102017-11-09 15:16:20 +0100440#if OPENSSL_VERSION_NUMBER >= 0x10100000L
441 ctx = EVP_CIPHER_CTX_new ();
442 EVP_EncryptInit_ex (ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
443 EVP_EncryptUpdate (ctx, dst + bs, &out_len, src, vec_len (src));
444#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700445 EVP_CIPHER_CTX_init (&ctx);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000446 EVP_EncryptInit_ex (&ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700447 EVP_EncryptUpdate (&ctx, dst + bs, &out_len, src, vec_len (src));
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700448 EVP_CIPHER_CTX_cleanup (&ctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100449#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700450
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700451 ASSERT (vec_len (src) == out_len);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700452
453 return out_len + bs;
454}
455
456void
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700457ikev2_generate_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700458{
459 int r;
Marco Varlesef616d102017-11-09 15:16:20 +0100460#if OPENSSL_VERSION_NUMBER >= 0x10100000L
461 BIGNUM *p = BN_new ();
462 BIGNUM *q = BN_new ();
463 BIGNUM *g = BN_new ();
464 BIGNUM *pub_key = BN_new ();
465 BIGNUM *priv_key = BN_new ();
466#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700467
468 if (t->dh_group == IKEV2_DH_GROUP_MODP)
469 {
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700470 DH *dh = DH_new ();
Marco Varlesef616d102017-11-09 15:16:20 +0100471#if OPENSSL_VERSION_NUMBER >= 0x10100000L
472 BN_hex2bn (&p, t->dh_p);
473 BN_hex2bn (&g, t->dh_g);
474 DH_set0_pqg (dh, p, q, g);
475#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700476 BN_hex2bn (&dh->p, t->dh_p);
477 BN_hex2bn (&dh->g, t->dh_g);
Marco Varlesef616d102017-11-09 15:16:20 +0100478#endif
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700479 DH_generate_key (dh);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700480
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000481 if (sa->is_initiator)
482 {
483 sa->i_dh_data = vec_new (u8, t->key_len);
Marco Varlesef616d102017-11-09 15:16:20 +0100484 sa->dh_private_key = vec_new (u8, t->key_len);
485#if OPENSSL_VERSION_NUMBER >= 0x10100000L
486 r = BN_bn2bin (pub_key, sa->i_dh_data);
487 ASSERT (r == t->key_len);
488 r = BN_bn2bin (priv_key, sa->dh_private_key);
489 DH_set0_key (dh, pub_key, priv_key);
490#else
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000491 r = BN_bn2bin (dh->pub_key, sa->i_dh_data);
492 ASSERT (r == t->key_len);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000493 r = BN_bn2bin (dh->priv_key, sa->dh_private_key);
494 ASSERT (r == t->key_len);
Marco Varlesef616d102017-11-09 15:16:20 +0100495#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000496 }
497 else
498 {
499 sa->r_dh_data = vec_new (u8, t->key_len);
Marco Varlesef616d102017-11-09 15:16:20 +0100500#if OPENSSL_VERSION_NUMBER >= 0x10100000L
501 r = BN_bn2bin (pub_key, sa->i_dh_data);
502 ASSERT (r == t->key_len);
503 DH_set0_key (dh, pub_key, NULL);
504#else
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000505 r = BN_bn2bin (dh->pub_key, sa->r_dh_data);
506 ASSERT (r == t->key_len);
Marco Varlesef616d102017-11-09 15:16:20 +0100507#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000508 BIGNUM *ex;
509 sa->dh_shared_key = vec_new (u8, t->key_len);
510 ex = BN_bin2bn (sa->i_dh_data, vec_len (sa->i_dh_data), NULL);
511 r = DH_compute_key (sa->dh_shared_key, ex, dh);
512 ASSERT (r == t->key_len);
513 BN_clear_free (ex);
514 }
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700515 DH_free (dh);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700516 }
517 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
518 {
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700519 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
520 ASSERT (ec);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700521
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700522 EC_KEY_generate_key (ec);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700523
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700524 const EC_POINT *r_point = EC_KEY_get0_public_key (ec);
525 const EC_GROUP *group = EC_KEY_get0_group (ec);
526 BIGNUM *x = NULL, *y = NULL;
527 BN_CTX *bn_ctx = BN_CTX_new ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700528 u16 x_off, y_off, len;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700529 EC_POINT *i_point = EC_POINT_new (group);
530 EC_POINT *shared_point = EC_POINT_new (group);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700531
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700532 x = BN_new ();
533 y = BN_new ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700534 len = t->key_len / 2;
535
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700536 EC_POINT_get_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000537
538 if (sa->is_initiator)
539 {
540 sa->i_dh_data = vec_new (u8, t->key_len);
541 x_off = len - BN_num_bytes (x);
Dave Barachb7b92992018-10-17 10:38:51 -0400542 clib_memset (sa->i_dh_data, 0, x_off);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000543 BN_bn2bin (x, sa->i_dh_data + x_off);
544 y_off = t->key_len - BN_num_bytes (y);
Dave Barachb7b92992018-10-17 10:38:51 -0400545 clib_memset (sa->i_dh_data + len, 0, y_off - len);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000546 BN_bn2bin (y, sa->i_dh_data + y_off);
547
548 const BIGNUM *prv = EC_KEY_get0_private_key (ec);
549 sa->dh_private_key = vec_new (u8, BN_num_bytes (prv));
550 r = BN_bn2bin (prv, sa->dh_private_key);
551 ASSERT (r == BN_num_bytes (prv));
552 }
553 else
554 {
555 sa->r_dh_data = vec_new (u8, t->key_len);
556 x_off = len - BN_num_bytes (x);
Dave Barachb7b92992018-10-17 10:38:51 -0400557 clib_memset (sa->r_dh_data, 0, x_off);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000558 BN_bn2bin (x, sa->r_dh_data + x_off);
559 y_off = t->key_len - BN_num_bytes (y);
Dave Barachb7b92992018-10-17 10:38:51 -0400560 clib_memset (sa->r_dh_data + len, 0, y_off - len);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000561 BN_bn2bin (y, sa->r_dh_data + y_off);
562
563 x = BN_bin2bn (sa->i_dh_data, len, x);
564 y = BN_bin2bn (sa->i_dh_data + len, len, y);
565 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
566 sa->dh_shared_key = vec_new (u8, t->key_len);
567 EC_POINT_mul (group, shared_point, NULL, i_point,
568 EC_KEY_get0_private_key (ec), NULL);
569 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y,
570 bn_ctx);
571 x_off = len - BN_num_bytes (x);
Dave Barachb7b92992018-10-17 10:38:51 -0400572 clib_memset (sa->dh_shared_key, 0, x_off);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000573 BN_bn2bin (x, sa->dh_shared_key + x_off);
574 y_off = t->key_len - BN_num_bytes (y);
Dave Barachb7b92992018-10-17 10:38:51 -0400575 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000576 BN_bn2bin (y, sa->dh_shared_key + y_off);
577 }
578
579 EC_KEY_free (ec);
580 BN_free (x);
581 BN_free (y);
582 BN_CTX_free (bn_ctx);
583 EC_POINT_free (i_point);
584 EC_POINT_free (shared_point);
585 }
586}
587
588void
589ikev2_complete_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
590{
591 int r;
Marco Varlesef616d102017-11-09 15:16:20 +0100592#if OPENSSL_VERSION_NUMBER >= 0x10100000L
593 BIGNUM *p = BN_new ();
594 BIGNUM *q = BN_new ();
595 BIGNUM *g = BN_new ();
596 BIGNUM *priv_key = BN_new ();
597#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000598
599 if (t->dh_group == IKEV2_DH_GROUP_MODP)
600 {
601 DH *dh = DH_new ();
Marco Varlesef616d102017-11-09 15:16:20 +0100602#if OPENSSL_VERSION_NUMBER >= 0x10100000L
603 BN_hex2bn (&p, t->dh_p);
604 BN_hex2bn (&g, t->dh_g);
605 DH_set0_pqg (dh, p, q, g);
606
607 priv_key =
608 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
609 DH_set0_key (dh, NULL, priv_key);
610#else
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000611 BN_hex2bn (&dh->p, t->dh_p);
612 BN_hex2bn (&dh->g, t->dh_g);
Marco Varlesef616d102017-11-09 15:16:20 +0100613
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000614 dh->priv_key =
615 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
Marco Varlesef616d102017-11-09 15:16:20 +0100616#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000617 BIGNUM *ex;
618 sa->dh_shared_key = vec_new (u8, t->key_len);
619 ex = BN_bin2bn (sa->r_dh_data, vec_len (sa->r_dh_data), NULL);
620 r = DH_compute_key (sa->dh_shared_key, ex, dh);
621 ASSERT (r == t->key_len);
622 BN_clear_free (ex);
623 DH_free (dh);
624 }
625 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
626 {
627 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
628 ASSERT (ec);
629
630 const EC_GROUP *group = EC_KEY_get0_group (ec);
631 BIGNUM *x = NULL, *y = NULL;
632 BN_CTX *bn_ctx = BN_CTX_new ();
633 u16 x_off, y_off, len;
634 BIGNUM *prv;
635
636 prv =
637 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
638 EC_KEY_set_private_key (ec, prv);
639
640 x = BN_new ();
641 y = BN_new ();
642 len = t->key_len / 2;
643
644 x = BN_bin2bn (sa->r_dh_data, len, x);
645 y = BN_bin2bn (sa->r_dh_data + len, len, y);
646 EC_POINT *r_point = EC_POINT_new (group);
647 EC_POINT_set_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
648 EC_KEY_set_public_key (ec, r_point);
649
650 EC_POINT *i_point = EC_POINT_new (group);
651 EC_POINT *shared_point = EC_POINT_new (group);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700652
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700653 x = BN_bin2bn (sa->i_dh_data, len, x);
654 y = BN_bin2bn (sa->i_dh_data + len, len, y);
655 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000656 EC_POINT_mul (group, shared_point, NULL, r_point,
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700657 EC_KEY_get0_private_key (ec), NULL);
658 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y, bn_ctx);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000659 sa->dh_shared_key = vec_new (u8, t->key_len);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700660 x_off = len - BN_num_bytes (x);
Dave Barachb7b92992018-10-17 10:38:51 -0400661 clib_memset (sa->dh_shared_key, 0, x_off);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700662 BN_bn2bin (x, sa->dh_shared_key + x_off);
663 y_off = t->key_len - BN_num_bytes (y);
Dave Barachb7b92992018-10-17 10:38:51 -0400664 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700665 BN_bn2bin (y, sa->dh_shared_key + y_off);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700666
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700667 EC_KEY_free (ec);
668 BN_free (x);
669 BN_free (y);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000670 BN_free (prv);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700671 BN_CTX_free (bn_ctx);
672 EC_POINT_free (i_point);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000673 EC_POINT_free (r_point);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700674 EC_POINT_free (shared_point);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700675 }
676}
677
678int
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700679ikev2_verify_sign (EVP_PKEY * pkey, u8 * sigbuf, u8 * data)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700680{
Marco Varlesef616d102017-11-09 15:16:20 +0100681#if OPENSSL_VERSION_NUMBER >= 0x10100000L
682 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
683#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700684 EVP_MD_CTX md_ctx;
Radu Nicolauf706b8d2018-05-29 11:42:33 +0100685 EVP_MD_CTX_init (&md_ctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100686#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700687
Marco Varlesef616d102017-11-09 15:16:20 +0100688#if OPENSSL_VERSION_NUMBER >= 0x10100000L
689 EVP_VerifyInit (md_ctx, EVP_sha1 ());
690 EVP_VerifyUpdate (md_ctx, data, vec_len (data));
691#else
692 EVP_VerifyInit_ex (&md_ctx, EVP_sha1 (), NULL);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700693 EVP_VerifyUpdate (&md_ctx, data, vec_len (data));
Marco Varlesef616d102017-11-09 15:16:20 +0100694#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700695
Marco Varlesef616d102017-11-09 15:16:20 +0100696#if OPENSSL_VERSION_NUMBER >= 0x10100000L
697 return EVP_VerifyFinal (md_ctx, sigbuf, vec_len (sigbuf), pkey);
698#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700699 return EVP_VerifyFinal (&md_ctx, sigbuf, vec_len (sigbuf), pkey);
Marco Varlesef616d102017-11-09 15:16:20 +0100700#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700701}
702
703u8 *
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700704ikev2_calc_sign (EVP_PKEY * pkey, u8 * data)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700705{
Marco Varlesef616d102017-11-09 15:16:20 +0100706#if OPENSSL_VERSION_NUMBER >= 0x10100000L
707 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
708#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700709 EVP_MD_CTX md_ctx;
Marco Varlesef616d102017-11-09 15:16:20 +0100710#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700711 unsigned int sig_len = 0;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700712 u8 *sign;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700713
Marco Varlesef616d102017-11-09 15:16:20 +0100714#if OPENSSL_VERSION_NUMBER >= 0x10100000L
715 EVP_SignInit (md_ctx, EVP_sha1 ());
716 EVP_SignUpdate (md_ctx, data, vec_len (data));
717 /* get sign len */
718 EVP_SignFinal (md_ctx, NULL, &sig_len, pkey);
719 sign = vec_new (u8, sig_len);
720 /* calc sign */
721 EVP_SignFinal (md_ctx, sign, &sig_len, pkey);
722#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700723 EVP_SignInit (&md_ctx, EVP_sha1 ());
724 EVP_SignUpdate (&md_ctx, data, vec_len (data));
Ed Warnickecb9cada2015-12-08 15:45:58 -0700725 /* get sign len */
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700726 EVP_SignFinal (&md_ctx, NULL, &sig_len, pkey);
727 sign = vec_new (u8, sig_len);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700728 /* calc sign */
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700729 EVP_SignFinal (&md_ctx, sign, &sig_len, pkey);
Marco Varlesef616d102017-11-09 15:16:20 +0100730#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700731 return sign;
732}
733
734EVP_PKEY *
735ikev2_load_cert_file (u8 * file)
736{
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700737 FILE *fp;
738 X509 *x509;
739 EVP_PKEY *pkey = NULL;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700740
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700741 fp = fopen ((char *) file, "r");
Ed Warnickecb9cada2015-12-08 15:45:58 -0700742 if (!fp)
743 {
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700744 clib_warning ("open %s failed", file);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700745 goto end;
746 }
747
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700748 x509 = PEM_read_X509 (fp, NULL, NULL, NULL);
749 fclose (fp);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700750 if (x509 == NULL)
751 {
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700752 clib_warning ("read cert %s failed", file);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700753 goto end;
754 }
755
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700756 pkey = X509_get_pubkey (x509);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700757 if (pkey == NULL)
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700758 clib_warning ("get pubkey %s failed", file);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700759
760end:
761 return pkey;
762}
763
764EVP_PKEY *
765ikev2_load_key_file (u8 * file)
766{
767 FILE *fp;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700768 EVP_PKEY *pkey = NULL;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700769
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700770 fp = fopen ((char *) file, "r");
Ed Warnickecb9cada2015-12-08 15:45:58 -0700771 if (!fp)
772 {
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700773 clib_warning ("open %s failed", file);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700774 goto end;
775 }
776
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700777 pkey = PEM_read_PrivateKey (fp, NULL, NULL, NULL);
778 fclose (fp);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700779 if (pkey == NULL)
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700780 clib_warning ("read %s failed", file);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700781
782end:
783 return pkey;
784}
785
786void
787ikev2_crypto_init (ikev2_main_t * km)
788{
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700789 ikev2_sa_transform_t *tr;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700790
791 /* vector of supported transforms - in order of preference */
Berenger Foucher2ce8bd92018-08-30 16:33:53 +0200792
793 //Encryption
794
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700795 vec_add2 (km->supported_transforms, tr, 1);
796 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
797 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
798 tr->key_len = 256 / 8;
799 tr->block_size = 128 / 8;
800 tr->cipher = EVP_aes_256_cbc ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700801
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700802 vec_add2 (km->supported_transforms, tr, 1);
803 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
804 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
805 tr->key_len = 192 / 8;
806 tr->block_size = 128 / 8;
807 tr->cipher = EVP_aes_192_cbc ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700808
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700809 vec_add2 (km->supported_transforms, tr, 1);
810 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
811 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
812 tr->key_len = 128 / 8;
813 tr->block_size = 128 / 8;
814 tr->cipher = EVP_aes_128_cbc ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700815
Berenger Foucher2ce8bd92018-08-30 16:33:53 +0200816 //PRF
817 vec_add2 (km->supported_transforms, tr, 1);
818 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
819 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_256;
820 tr->key_len = 256 / 8;
821 tr->key_trunc = 256 / 8;
822 tr->md = EVP_sha256 ();
823
824 vec_add2 (km->supported_transforms, tr, 1);
825 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
826 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_384;
827 tr->key_len = 384 / 8;
828 tr->key_trunc = 384 / 8;
829 tr->md = EVP_sha384 ();
830
831 vec_add2 (km->supported_transforms, tr, 1);
832 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
833 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_512;
834 tr->key_len = 512 / 8;
835 tr->key_trunc = 512 / 8;
836 tr->md = EVP_sha512 ();
837
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700838 vec_add2 (km->supported_transforms, tr, 1);
839 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
840 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA1;
841 tr->key_len = 160 / 8;
842 tr->key_trunc = 160 / 8;
843 tr->md = EVP_sha1 ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700844
Berenger Foucher2ce8bd92018-08-30 16:33:53 +0200845 //Integrity
846 vec_add2 (km->supported_transforms, tr, 1);
847 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
848 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_256_128;
849 tr->key_len = 256 / 8;
850 tr->key_trunc = 128 / 8;
851 tr->md = EVP_sha256 ();
852
853 vec_add2 (km->supported_transforms, tr, 1);
854 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
855 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_384_192;
856 tr->key_len = 384 / 8;
857 tr->key_trunc = 192 / 8;
858 tr->md = EVP_sha384 ();
859
860 vec_add2 (km->supported_transforms, tr, 1);
861 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
862 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_512_256;
863 tr->key_len = 512 / 8;
864 tr->key_trunc = 256 / 8;
865 tr->md = EVP_sha512 ();
866
867 vec_add2 (km->supported_transforms, tr, 1);
868 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
869 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_160;
870 tr->key_len = 160 / 8;
871 tr->key_trunc = 160 / 8;
872 tr->md = EVP_sha1 ();
873
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700874 vec_add2 (km->supported_transforms, tr, 1);
875 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
876 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96;
877 tr->key_len = 160 / 8;
878 tr->key_trunc = 96 / 8;
879 tr->md = EVP_sha1 ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700880
Berenger Foucher2ce8bd92018-08-30 16:33:53 +0200881
Ed Warnickecb9cada2015-12-08 15:45:58 -0700882#if defined(OPENSSL_NO_CISCO_FECDH)
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700883 vec_add2 (km->supported_transforms, tr, 1);
884 tr->type = IKEV2_TRANSFORM_TYPE_DH;
885 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_512;
886 tr->key_len = (512 * 2) / 8;
887 tr->nid = NID_brainpoolP512r1;
888 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700889
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700890 vec_add2 (km->supported_transforms, tr, 1);
891 tr->type = IKEV2_TRANSFORM_TYPE_DH;
892 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_384;
893 tr->key_len = (384 * 2) / 8;
894 tr->nid = NID_brainpoolP384r1;
895 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700896
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700897 vec_add2 (km->supported_transforms, tr, 1);
898 tr->type = IKEV2_TRANSFORM_TYPE_DH;
899 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_256;
900 tr->key_len = (256 * 2) / 8;
901 tr->nid = NID_brainpoolP256r1;
902 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700903
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700904 vec_add2 (km->supported_transforms, tr, 1);
905 tr->type = IKEV2_TRANSFORM_TYPE_DH;
906 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_224;
907 tr->key_len = (224 * 2) / 8;
908 tr->nid = NID_brainpoolP224r1;
909 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700910
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700911 vec_add2 (km->supported_transforms, tr, 1);
912 tr->type = IKEV2_TRANSFORM_TYPE_DH;
913 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_224;
914 tr->key_len = (224 * 2) / 8;
915 tr->nid = NID_secp224r1;
916 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700917#endif
918
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700919 vec_add2 (km->supported_transforms, tr, 1);
920 tr->type = IKEV2_TRANSFORM_TYPE_DH;
921 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_521;
922 tr->key_len = (528 * 2) / 8;
923 tr->nid = NID_secp521r1;
924 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700925
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700926 vec_add2 (km->supported_transforms, tr, 1);
927 tr->type = IKEV2_TRANSFORM_TYPE_DH;
928 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_384;
929 tr->key_len = (384 * 2) / 8;
930 tr->nid = NID_secp384r1;
931 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700932
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700933 vec_add2 (km->supported_transforms, tr, 1);
934 tr->type = IKEV2_TRANSFORM_TYPE_DH;
935 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_256;
936 tr->key_len = (256 * 2) / 8;
937 tr->nid = NID_X9_62_prime256v1;
938 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700939
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700940 vec_add2 (km->supported_transforms, tr, 1);
941 tr->type = IKEV2_TRANSFORM_TYPE_DH;
942 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_192;
943 tr->key_len = (192 * 2) / 8;
944 tr->nid = NID_X9_62_prime192v1;
945 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700946
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700947 vec_add2 (km->supported_transforms, tr, 1);
948 tr->type = IKEV2_TRANSFORM_TYPE_DH;
949 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_256;
950 tr->key_len = 2048 / 8;
951 tr->dh_p = (const char *) &modp_dh_2048_256_prime;
952 tr->dh_g = (const char *) &modp_dh_2048_256_generator;
953 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700954
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700955 vec_add2 (km->supported_transforms, tr, 1);
956 tr->type = IKEV2_TRANSFORM_TYPE_DH;
957 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_224;
958 tr->key_len = 2048 / 8;
959 tr->dh_p = (const char *) &modp_dh_2048_224_prime;
960 tr->dh_g = (const char *) &modp_dh_2048_224_generator;
961 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700962
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700963 vec_add2 (km->supported_transforms, tr, 1);
964 tr->type = IKEV2_TRANSFORM_TYPE_DH;
965 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024_160;
966 tr->key_len = 1024 / 8;
967 tr->dh_p = (const char *) &modp_dh_1024_160_prime;
968 tr->dh_g = (const char *) &modp_dh_1024_160_generator;
969 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700970
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700971 vec_add2 (km->supported_transforms, tr, 1);
972 tr->type = IKEV2_TRANSFORM_TYPE_DH;
973 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_8192;
974 tr->key_len = 8192 / 8;
975 tr->dh_p = (const char *) &modp_dh_8192_prime;
976 tr->dh_g = (const char *) &modp_dh_8192_generator;
977 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700978
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700979 vec_add2 (km->supported_transforms, tr, 1);
980 tr->type = IKEV2_TRANSFORM_TYPE_DH;
981 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_6144;
982 tr->key_len = 6144 / 8;
983 tr->dh_p = (const char *) &modp_dh_6144_prime;
984 tr->dh_g = (const char *) &modp_dh_6144_generator;
985 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700986
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700987 vec_add2 (km->supported_transforms, tr, 1);
988 tr->type = IKEV2_TRANSFORM_TYPE_DH;
989 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_4096;
990 tr->key_len = 4096 / 8;
991 tr->dh_p = (const char *) &modp_dh_4096_prime;
992 tr->dh_g = (const char *) &modp_dh_4096_generator;
993 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700994
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700995 vec_add2 (km->supported_transforms, tr, 1);
996 tr->type = IKEV2_TRANSFORM_TYPE_DH;
997 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_3072;
998 tr->key_len = 3072 / 8;
999 tr->dh_p = (const char *) &modp_dh_3072_prime;
1000 tr->dh_g = (const char *) &modp_dh_3072_generator;
1001 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -07001002
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -07001003 vec_add2 (km->supported_transforms, tr, 1);
1004 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1005 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048;
1006 tr->key_len = 2048 / 8;
1007 tr->dh_p = (const char *) &modp_dh_2048_prime;
1008 tr->dh_g = (const char *) &modp_dh_2048_generator;
1009 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -07001010
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -07001011 vec_add2 (km->supported_transforms, tr, 1);
1012 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1013 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1536;
1014 tr->key_len = 1536 / 8;
1015 tr->dh_p = (const char *) &modp_dh_1536_prime;
1016 tr->dh_g = (const char *) &modp_dh_1536_generator;
1017 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -07001018
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -07001019 vec_add2 (km->supported_transforms, tr, 1);
1020 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1021 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024;
1022 tr->key_len = 1024 / 8;
1023 tr->dh_p = (const char *) &modp_dh_1024_prime;
1024 tr->dh_g = (const char *) &modp_dh_1024_generator;
1025 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -07001026
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -07001027 vec_add2 (km->supported_transforms, tr, 1);
1028 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1029 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_768;
1030 tr->key_len = 768 / 8;
1031 tr->dh_p = (const char *) &modp_dh_768_prime;
1032 tr->dh_g = (const char *) &modp_dh_768_generator;
1033 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -07001034
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -07001035 vec_add2 (km->supported_transforms, tr, 1);
1036 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1037 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_ESN;
Ed Warnickecb9cada2015-12-08 15:45:58 -07001038
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -07001039 vec_add2 (km->supported_transforms, tr, 1);
1040 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1041 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_NO_ESN;
Ed Warnickecb9cada2015-12-08 15:45:58 -07001042}
1043
1044
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -07001045
1046/*
1047 * fd.io coding-style-patch-verification: ON
1048 *
1049 * Local Variables:
1050 * eval: (c-set-style "gnu")
1051 * End:
1052 */