Gitiles
Code Review Sign In
gerrit.nordix.org / fdio / vpp / 31392ac15027d9190e1bb16545bdede5be449bdd / . / src / vnet / ipsec / ikev2_crypto.c
blob: ffe15891b7535647c57fef71d27037144cc624c9 [file] [log] [blame]
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1/*
2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16#include <vlib/vlib.h>
17#include <vnet/vnet.h>
18#include <vnet/pg/pg.h>
19#include <vppinfra/error.h>
Dave Barach68b0fb02017-02-28 15:15:56 -0500[diff] [blame]20#include <vnet/udp/udp.h>
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]21#include <vnet/ipsec/ikev2.h>
22#include <vnet/ipsec/ikev2_priv.h>
23#include <openssl/obj_mac.h>
24#include <openssl/ec.h>
25#include <openssl/x509.h>
26#include <openssl/pem.h>
27#include <openssl/bn.h>
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]28#include <openssl/dh.h>
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]29
30/* from RFC7296 */
31static const char modp_dh_768_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]32 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
33 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
34 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
35 "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]36static const char modp_dh_768_generator[] = "02";
37
38static const char modp_dh_1024_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]39 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
40 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
41 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
42 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
43 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" "FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]44static const char modp_dh_1024_generator[] = "02";
45
46/* from RFC3526 */
47static const char modp_dh_1536_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]48 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
49 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
50 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
51 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
52 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
53 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
54 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
55 "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]56static const char modp_dh_1536_generator[] = "02";
57
58static const char modp_dh_2048_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]59 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
60 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
61 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
62 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
63 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
64 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
65 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
66 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
67 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
68 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
69 "15728E5A8AACAA68FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]70static const char modp_dh_2048_generator[] = "02";
71
72static const char modp_dh_3072_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]73 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
74 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
75 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
76 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
77 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
78 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
79 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
80 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
81 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
82 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
83 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
84 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
85 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
86 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
87 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
88 "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]89static const char modp_dh_3072_generator[] = "02";
90
91static const char modp_dh_4096_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]92 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
93 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
94 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
95 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
96 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
97 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
98 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
99 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
100 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
101 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
102 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
103 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
104 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
105 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
106 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
107 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
108 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
109 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
110 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
111 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
112 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" "FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]113static const char modp_dh_4096_generator[] = "02";
114
115static const char modp_dh_6144_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]116 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
117 "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
118 "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
119 "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
120 "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
121 "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
122 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
123 "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
124 "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
125 "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
126 "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
127 "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
128 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
129 "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
130 "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
131 "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
132 "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
133 "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
134 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
135 "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
136 "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
137 "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
138 "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
139 "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
140 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
141 "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
142 "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E"
143 "6DCC4024FFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]144static const char modp_dh_6144_generator[] = "02";
145
146static const char modp_dh_8192_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]147 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
148 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
149 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
150 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
151 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
152 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
153 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
154 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
155 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
156 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
157 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
158 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
159 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
160 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
161 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
162 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
163 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
164 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
165 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
166 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
167 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
168 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD"
169 "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831"
170 "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B"
171 "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF"
172 "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6"
173 "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3"
174 "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
175 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328"
176 "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C"
177 "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE"
178 "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4"
179 "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300"
180 "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568"
181 "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9"
182 "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B"
183 "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A"
184 "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36"
185 "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1"
186 "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92"
187 "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47"
188 "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71"
189 "60C980DD98EDD3DFFFFFFFFFFFFFFFFF";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]190static const char modp_dh_8192_generator[] = "02";
191
192/* from RFC5114 */
193static const char modp_dh_1024_160_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]194 "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
195 "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0"
196 "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
197 "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0"
198 "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" "DF1FB2BC2E4A4371";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]199static const char modp_dh_1024_160_generator[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]200 "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
201 "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213"
202 "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
203 "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A"
204 "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" "855E6EEB22B3B2E5";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]205
206static const char modp_dh_2048_224_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]207 "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"
208 "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15"
209 "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"
210 "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207"
211 "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"
212 "B3BF8A317091883681286130BC8985DB1602E714415D9330"
213 "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"
214 "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8"
215 "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"
216 "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71"
217 "CF9DE5384E71B81C0AC4DFFE0C10E64F";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]218static const char modp_dh_2048_224_generator[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]219 "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"
220 "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"
221 "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"
222 "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"
223 "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"
224 "F180EB34118E98D119529A45D6F834566E3025E316A330EF"
225 "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"
226 "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"
227 "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"
228 "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"
229 "81BC087F2A7065B384B890D3191F2BFA";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]230
231static const char modp_dh_2048_256_prime[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]232 "87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F2"
233 "5D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA30"
234 "16C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD"
235 "5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B"
236 "6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C"
237 "4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0E"
238 "F13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D9"
239 "67E144E5140564251CCACB83E6B486F6B3CA3F7971506026"
240 "C0B857F689962856DED4010ABD0BE621C3A3960A54E710C3"
241 "75F26375D7014103A4B54330C198AF126116D2276E11715F"
242 "693877FAD7EF09CADB094AE91E1A1597";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]243static const char modp_dh_2048_256_generator[] =
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]244 "3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF2054"
245 "07F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555"
246 "BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18"
247 "A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B"
248 "777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC83"
249 "1D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55"
250 "A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14"
251 "C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915"
252 "B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6"
253 "184B523D1DB246C32F63078490F00EF8D647D148D4795451"
254 "5E2327CFEF98C582664B4C0F6CC41659";
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]255
256v8 *
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]257ikev2_calc_prf (ikev2_sa_transform_t * tr, v8 * key, v8 * data)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]258{
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]259#if OPENSSL_VERSION_NUMBER >= 0x10100000L
260 HMAC_CTX *ctx;
261#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]262 HMAC_CTX ctx;
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]263#endif
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]264 v8 *prf;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]265 unsigned int len = 0;
266
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]267 prf = vec_new (u8, tr->key_trunc);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]268#if OPENSSL_VERSION_NUMBER >= 0x10100000L
269 ctx = HMAC_CTX_new ();
270 HMAC_Init_ex (ctx, key, vec_len (key), tr->md, NULL);
271 HMAC_Update (ctx, data, vec_len (data));
272 HMAC_Final (ctx, prf, &len);
273#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]274 HMAC_CTX_init (&ctx);
275 HMAC_Init_ex (&ctx, key, vec_len (key), tr->md, NULL);
276 HMAC_Update (&ctx, data, vec_len (data));
277 HMAC_Final (&ctx, prf, &len);
278 HMAC_CTX_cleanup (&ctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]279#endif
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]280 ASSERT (len == tr->key_trunc);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]281
282 return prf;
283}
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]284
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]285u8 *
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]286ikev2_calc_prfplus (ikev2_sa_transform_t * tr, u8 * key, u8 * seed, int len)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]287{
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]288 v8 *t = 0, *s = 0, *tmp = 0, *ret = 0;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]289 u8 x = 0;
290
291 /* prf+ (K,S) = T1 | T2 | T3 | T4 | ...
292
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]293 where:
294 T1 = prf (K, S | 0x01)
295 T2 = prf (K, T1 | S | 0x02)
296 T3 = prf (K, T2 | S | 0x03)
297 T4 = prf (K, T3 | S | 0x04)
298 */
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]299
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]300 while (vec_len (ret) < len && x < 255)
301 {
302 if (t)
303 {
304 vec_append (s, t);
305 vec_free (t);
306 }
307
308 vec_append (s, seed);
309 vec_add2 (s, tmp, 1);
310 *tmp = x + 1;
311 t = ikev2_calc_prf (tr, key, s);
312 vec_append (ret, t);
313 vec_free (s);
314 x++;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]315 }
316
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]317 vec_free (t);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]318
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]319 if (x == 255)
320 {
321 vec_free (ret);
322 }
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]323
324 return ret;
325}
326
327v8 *
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]328ikev2_calc_integr (ikev2_sa_transform_t * tr, v8 * key, u8 * data, int len)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]329{
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]330 v8 *r;
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]331#if OPENSSL_VERSION_NUMBER >= 0x10100000L
332 HMAC_CTX *hctx;
333#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]334 HMAC_CTX hctx;
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]335#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]336 unsigned int l;
337
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]338 ASSERT (tr->type == IKEV2_TRANSFORM_TYPE_INTEG);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]339
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]340 r = vec_new (u8, tr->key_len);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]341
Berenger Foucher2ce8bd92018-08-30 16:33:53 +0200[diff] [blame]342 if (tr->md == EVP_sha1 ())
343 {
344 clib_warning ("integrity checking with sha1");
345 }
346 else if (tr->md == EVP_sha256 ())
347 {
348 clib_warning ("integrity checking with sha256");
349 }
350
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]351 /* verify integrity of data */
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]352#if OPENSSL_VERSION_NUMBER >= 0x10100000L
353 hctx = HMAC_CTX_new ();
354 HMAC_Init_ex (hctx, key, vec_len (key), tr->md, NULL);
355 HMAC_Update (hctx, (const u8 *) data, len);
356 HMAC_Final (hctx, r, &l);
357#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]358 HMAC_CTX_init (&hctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]359 HMAC_Init_ex (&hctx, key, vec_len (key), tr->md, NULL);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]360 HMAC_Update (&hctx, (const u8 *) data, len);
361 HMAC_Final (&hctx, r, &l);
362 HMAC_CTX_cleanup (&hctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]363#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]364
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]365 ASSERT (l == tr->key_len);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]366
367 return r;
368}
369
370v8 *
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]371ikev2_decrypt_data (ikev2_sa_t * sa, u8 * data, int len)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]372{
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]373#if OPENSSL_VERSION_NUMBER >= 0x10100000L
374 EVP_CIPHER_CTX *ctx;
375#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]376 EVP_CIPHER_CTX ctx;
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]377#endif
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]378 v8 *r;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]379 int out_len = 0, block_size;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]380 ikev2_sa_transform_t *tr_encr;
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]381 u8 *key = sa->is_initiator ? sa->sk_er : sa->sk_ei;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]382
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]383 tr_encr =
384 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]385 block_size = tr_encr->block_size;
386
387 /* check if data is multiplier of cipher block size */
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]388 if (len % block_size)
389 {
390 clib_warning ("wrong data length");
391 return 0;
392 }
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]393
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]394#if OPENSSL_VERSION_NUMBER >= 0x10100000L
395 ctx = EVP_CIPHER_CTX_new ();
396#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]397 EVP_CIPHER_CTX_init (&ctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]398#endif
399
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]400 r = vec_new (u8, len - block_size);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]401
402#if OPENSSL_VERSION_NUMBER >= 0x10100000L
403 EVP_DecryptInit_ex (ctx, tr_encr->cipher, NULL, key, data);
404 EVP_DecryptUpdate (ctx, r, &out_len, data + block_size, len - block_size);
405 EVP_DecryptFinal_ex (ctx, r + out_len, &out_len);
406#else
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]407 EVP_DecryptInit_ex (&ctx, tr_encr->cipher, NULL, key, data);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]408 EVP_DecryptUpdate (&ctx, r, &out_len, data + block_size, len - block_size);
409 EVP_DecryptFinal_ex (&ctx, r + out_len, &out_len);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]410#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]411 /* remove padding */
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]412 _vec_len (r) -= r[vec_len (r) - 1] + 1;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]413
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]414#if OPENSSL_VERSION_NUMBER < 0x10100000L
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]415 EVP_CIPHER_CTX_cleanup (&ctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]416#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]417 return r;
418}
419
420int
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]421ikev2_encrypt_data (ikev2_sa_t * sa, v8 * src, u8 * dst)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]422{
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]423#if OPENSSL_VERSION_NUMBER >= 0x10100000L
424 EVP_CIPHER_CTX *ctx;
425#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]426 EVP_CIPHER_CTX ctx;
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]427#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]428 int out_len;
429 int bs;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]430 ikev2_sa_transform_t *tr_encr;
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]431 u8 *key = sa->is_initiator ? sa->sk_ei : sa->sk_er;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]432
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]433 tr_encr =
434 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]435 bs = tr_encr->block_size;
436
437 /* generate IV */
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]438 RAND_bytes (dst, bs);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]439
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]440#if OPENSSL_VERSION_NUMBER >= 0x10100000L
441 ctx = EVP_CIPHER_CTX_new ();
442 EVP_EncryptInit_ex (ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
443 EVP_EncryptUpdate (ctx, dst + bs, &out_len, src, vec_len (src));
444#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]445 EVP_CIPHER_CTX_init (&ctx);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]446 EVP_EncryptInit_ex (&ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]447 EVP_EncryptUpdate (&ctx, dst + bs, &out_len, src, vec_len (src));
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]448 EVP_CIPHER_CTX_cleanup (&ctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]449#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]450
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]451 ASSERT (vec_len (src) == out_len);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]452
453 return out_len + bs;
454}
455
456void
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]457ikev2_generate_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]458{
459 int r;
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]460#if OPENSSL_VERSION_NUMBER >= 0x10100000L
461 BIGNUM *p = BN_new ();
462 BIGNUM *q = BN_new ();
463 BIGNUM *g = BN_new ();
464 BIGNUM *pub_key = BN_new ();
465 BIGNUM *priv_key = BN_new ();
466#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]467
468 if (t->dh_group == IKEV2_DH_GROUP_MODP)
469 {
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]470 DH *dh = DH_new ();
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]471#if OPENSSL_VERSION_NUMBER >= 0x10100000L
472 BN_hex2bn (&p, t->dh_p);
473 BN_hex2bn (&g, t->dh_g);
474 DH_set0_pqg (dh, p, q, g);
475#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]476 BN_hex2bn (&dh->p, t->dh_p);
477 BN_hex2bn (&dh->g, t->dh_g);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]478#endif
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]479 DH_generate_key (dh);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]480
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]481 if (sa->is_initiator)
482 {
483 sa->i_dh_data = vec_new (u8, t->key_len);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]484 sa->dh_private_key = vec_new (u8, t->key_len);
485#if OPENSSL_VERSION_NUMBER >= 0x10100000L
486 r = BN_bn2bin (pub_key, sa->i_dh_data);
487 ASSERT (r == t->key_len);
488 r = BN_bn2bin (priv_key, sa->dh_private_key);
489 DH_set0_key (dh, pub_key, priv_key);
490#else
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]491 r = BN_bn2bin (dh->pub_key, sa->i_dh_data);
492 ASSERT (r == t->key_len);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]493 r = BN_bn2bin (dh->priv_key, sa->dh_private_key);
494 ASSERT (r == t->key_len);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]495#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]496 }
497 else
498 {
499 sa->r_dh_data = vec_new (u8, t->key_len);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]500#if OPENSSL_VERSION_NUMBER >= 0x10100000L
501 r = BN_bn2bin (pub_key, sa->i_dh_data);
502 ASSERT (r == t->key_len);
503 DH_set0_key (dh, pub_key, NULL);
504#else
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]505 r = BN_bn2bin (dh->pub_key, sa->r_dh_data);
506 ASSERT (r == t->key_len);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]507#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]508 BIGNUM *ex;
509 sa->dh_shared_key = vec_new (u8, t->key_len);
510 ex = BN_bin2bn (sa->i_dh_data, vec_len (sa->i_dh_data), NULL);
511 r = DH_compute_key (sa->dh_shared_key, ex, dh);
512 ASSERT (r == t->key_len);
513 BN_clear_free (ex);
514 }
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]515 DH_free (dh);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]516 }
517 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
518 {
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]519 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
520 ASSERT (ec);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]521
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]522 EC_KEY_generate_key (ec);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]523
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]524 const EC_POINT *r_point = EC_KEY_get0_public_key (ec);
525 const EC_GROUP *group = EC_KEY_get0_group (ec);
526 BIGNUM *x = NULL, *y = NULL;
527 BN_CTX *bn_ctx = BN_CTX_new ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]528 u16 x_off, y_off, len;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]529 EC_POINT *i_point = EC_POINT_new (group);
530 EC_POINT *shared_point = EC_POINT_new (group);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]531
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]532 x = BN_new ();
533 y = BN_new ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]534 len = t->key_len / 2;
535
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]536#if OPENSSL_VERSION_NUMBER >= 0x30000000L
537 EC_POINT_get_affine_coordinates (group, r_point, x, y, bn_ctx);
538#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]539 EC_POINT_get_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]540#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]541
542 if (sa->is_initiator)
543 {
544 sa->i_dh_data = vec_new (u8, t->key_len);
545 x_off = len - BN_num_bytes (x);
Dave Barachb7b92992018-10-17 10:38:51 -0400[diff] [blame]546 clib_memset (sa->i_dh_data, 0, x_off);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]547 BN_bn2bin (x, sa->i_dh_data + x_off);
548 y_off = t->key_len - BN_num_bytes (y);
Dave Barachb7b92992018-10-17 10:38:51 -0400[diff] [blame]549 clib_memset (sa->i_dh_data + len, 0, y_off - len);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]550 BN_bn2bin (y, sa->i_dh_data + y_off);
551
552 const BIGNUM *prv = EC_KEY_get0_private_key (ec);
553 sa->dh_private_key = vec_new (u8, BN_num_bytes (prv));
554 r = BN_bn2bin (prv, sa->dh_private_key);
555 ASSERT (r == BN_num_bytes (prv));
556 }
557 else
558 {
559 sa->r_dh_data = vec_new (u8, t->key_len);
560 x_off = len - BN_num_bytes (x);
Dave Barachb7b92992018-10-17 10:38:51 -0400[diff] [blame]561 clib_memset (sa->r_dh_data, 0, x_off);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]562 BN_bn2bin (x, sa->r_dh_data + x_off);
563 y_off = t->key_len - BN_num_bytes (y);
Dave Barachb7b92992018-10-17 10:38:51 -0400[diff] [blame]564 clib_memset (sa->r_dh_data + len, 0, y_off - len);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]565 BN_bn2bin (y, sa->r_dh_data + y_off);
566
567 x = BN_bin2bn (sa->i_dh_data, len, x);
568 y = BN_bin2bn (sa->i_dh_data + len, len, y);
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]569#if OPENSSL_VERSION_NUMBER >= 0x30000000L
570 EC_POINT_set_affine_coordinates (group, i_point, x, y, bn_ctx);
571#else
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]572 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]573#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]574 sa->dh_shared_key = vec_new (u8, t->key_len);
575 EC_POINT_mul (group, shared_point, NULL, i_point,
576 EC_KEY_get0_private_key (ec), NULL);
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]577#if OPENSSL_VERSION_NUMBER >= 0x30000000L
578 EC_POINT_get_affine_coordinates (group, shared_point, x, y, bn_ctx);
579#else
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]580 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y,
581 bn_ctx);
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]582#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]583 x_off = len - BN_num_bytes (x);
Dave Barachb7b92992018-10-17 10:38:51 -0400[diff] [blame]584 clib_memset (sa->dh_shared_key, 0, x_off);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]585 BN_bn2bin (x, sa->dh_shared_key + x_off);
586 y_off = t->key_len - BN_num_bytes (y);
Dave Barachb7b92992018-10-17 10:38:51 -0400[diff] [blame]587 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]588 BN_bn2bin (y, sa->dh_shared_key + y_off);
589 }
590
591 EC_KEY_free (ec);
592 BN_free (x);
593 BN_free (y);
594 BN_CTX_free (bn_ctx);
595 EC_POINT_free (i_point);
596 EC_POINT_free (shared_point);
597 }
598}
599
600void
601ikev2_complete_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
602{
603 int r;
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]604#if OPENSSL_VERSION_NUMBER >= 0x10100000L
605 BIGNUM *p = BN_new ();
606 BIGNUM *q = BN_new ();
607 BIGNUM *g = BN_new ();
608 BIGNUM *priv_key = BN_new ();
609#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]610
611 if (t->dh_group == IKEV2_DH_GROUP_MODP)
612 {
613 DH *dh = DH_new ();
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]614#if OPENSSL_VERSION_NUMBER >= 0x10100000L
615 BN_hex2bn (&p, t->dh_p);
616 BN_hex2bn (&g, t->dh_g);
617 DH_set0_pqg (dh, p, q, g);
618
619 priv_key =
620 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
621 DH_set0_key (dh, NULL, priv_key);
622#else
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]623 BN_hex2bn (&dh->p, t->dh_p);
624 BN_hex2bn (&dh->g, t->dh_g);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]625
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]626 dh->priv_key =
627 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]628#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]629 BIGNUM *ex;
630 sa->dh_shared_key = vec_new (u8, t->key_len);
631 ex = BN_bin2bn (sa->r_dh_data, vec_len (sa->r_dh_data), NULL);
632 r = DH_compute_key (sa->dh_shared_key, ex, dh);
633 ASSERT (r == t->key_len);
634 BN_clear_free (ex);
635 DH_free (dh);
636 }
637 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
638 {
639 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
640 ASSERT (ec);
641
642 const EC_GROUP *group = EC_KEY_get0_group (ec);
643 BIGNUM *x = NULL, *y = NULL;
644 BN_CTX *bn_ctx = BN_CTX_new ();
645 u16 x_off, y_off, len;
646 BIGNUM *prv;
647
648 prv =
649 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
650 EC_KEY_set_private_key (ec, prv);
651
652 x = BN_new ();
653 y = BN_new ();
654 len = t->key_len / 2;
655
656 x = BN_bin2bn (sa->r_dh_data, len, x);
657 y = BN_bin2bn (sa->r_dh_data + len, len, y);
658 EC_POINT *r_point = EC_POINT_new (group);
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]659#if OPENSSL_VERSION_NUMBER >= 0x30000000L
660 EC_POINT_set_affine_coordinates (group, r_point, x, y, bn_ctx);
661#else
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]662 EC_POINT_set_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]663#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]664 EC_KEY_set_public_key (ec, r_point);
665
666 EC_POINT *i_point = EC_POINT_new (group);
667 EC_POINT *shared_point = EC_POINT_new (group);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]668
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]669 x = BN_bin2bn (sa->i_dh_data, len, x);
670 y = BN_bin2bn (sa->i_dh_data + len, len, y);
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]671#if OPENSSL_VERSION_NUMBER >= 0x30000000L
672 EC_POINT_set_affine_coordinates (group, i_point, x, y, bn_ctx);
673#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]674 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]675#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]676 EC_POINT_mul (group, shared_point, NULL, r_point,
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]677 EC_KEY_get0_private_key (ec), NULL);
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]678#if OPENSSL_VERSION_NUMBER >= 0x30000000L
679 EC_POINT_get_affine_coordinates (group, shared_point, x, y, bn_ctx);
680#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]681 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y, bn_ctx);
Ping Yu31dd6092019-01-28 03:27:51 -0500[diff] [blame]682#endif
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]683 sa->dh_shared_key = vec_new (u8, t->key_len);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]684 x_off = len - BN_num_bytes (x);
Dave Barachb7b92992018-10-17 10:38:51 -0400[diff] [blame]685 clib_memset (sa->dh_shared_key, 0, x_off);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]686 BN_bn2bin (x, sa->dh_shared_key + x_off);
687 y_off = t->key_len - BN_num_bytes (y);
Dave Barachb7b92992018-10-17 10:38:51 -0400[diff] [blame]688 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]689 BN_bn2bin (y, sa->dh_shared_key + y_off);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]690
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]691 EC_KEY_free (ec);
692 BN_free (x);
693 BN_free (y);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]694 BN_free (prv);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]695 BN_CTX_free (bn_ctx);
696 EC_POINT_free (i_point);
Radu Nicolaucb33dc22017-02-16 16:49:46 +0000[diff] [blame]697 EC_POINT_free (r_point);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]698 EC_POINT_free (shared_point);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]699 }
700}
701
702int
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]703ikev2_verify_sign (EVP_PKEY * pkey, u8 * sigbuf, u8 * data)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]704{
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]705#if OPENSSL_VERSION_NUMBER >= 0x10100000L
706 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
707#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]708 EVP_MD_CTX md_ctx;
Radu Nicolauf706b8d2018-05-29 11:42:33 +0100[diff] [blame]709 EVP_MD_CTX_init (&md_ctx);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]710#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]711
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]712#if OPENSSL_VERSION_NUMBER >= 0x10100000L
713 EVP_VerifyInit (md_ctx, EVP_sha1 ());
714 EVP_VerifyUpdate (md_ctx, data, vec_len (data));
715#else
716 EVP_VerifyInit_ex (&md_ctx, EVP_sha1 (), NULL);
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]717 EVP_VerifyUpdate (&md_ctx, data, vec_len (data));
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]718#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]719
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]720#if OPENSSL_VERSION_NUMBER >= 0x10100000L
721 return EVP_VerifyFinal (md_ctx, sigbuf, vec_len (sigbuf), pkey);
722#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]723 return EVP_VerifyFinal (&md_ctx, sigbuf, vec_len (sigbuf), pkey);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]724#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]725}
726
727u8 *
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]728ikev2_calc_sign (EVP_PKEY * pkey, u8 * data)
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]729{
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]730#if OPENSSL_VERSION_NUMBER >= 0x10100000L
731 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
732#else
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]733 EVP_MD_CTX md_ctx;
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]734#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]735 unsigned int sig_len = 0;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]736 u8 *sign;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]737
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]738#if OPENSSL_VERSION_NUMBER >= 0x10100000L
739 EVP_SignInit (md_ctx, EVP_sha1 ());
740 EVP_SignUpdate (md_ctx, data, vec_len (data));
741 /* get sign len */
742 EVP_SignFinal (md_ctx, NULL, &sig_len, pkey);
743 sign = vec_new (u8, sig_len);
744 /* calc sign */
745 EVP_SignFinal (md_ctx, sign, &sig_len, pkey);
746#else
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]747 EVP_SignInit (&md_ctx, EVP_sha1 ());
748 EVP_SignUpdate (&md_ctx, data, vec_len (data));
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]749 /* get sign len */
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]750 EVP_SignFinal (&md_ctx, NULL, &sig_len, pkey);
751 sign = vec_new (u8, sig_len);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]752 /* calc sign */
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]753 EVP_SignFinal (&md_ctx, sign, &sig_len, pkey);
Marco Varlesef616d102017-11-09 15:16:20 +0100[diff] [blame]754#endif
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]755 return sign;
756}
757
758EVP_PKEY *
759ikev2_load_cert_file (u8 * file)
760{
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]761 FILE *fp;
762 X509 *x509;
763 EVP_PKEY *pkey = NULL;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]764
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]765 fp = fopen ((char *) file, "r");
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]766 if (!fp)
767 {
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]768 clib_warning ("open %s failed", file);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]769 goto end;
770 }
771
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]772 x509 = PEM_read_X509 (fp, NULL, NULL, NULL);
773 fclose (fp);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]774 if (x509 == NULL)
775 {
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]776 clib_warning ("read cert %s failed", file);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]777 goto end;
778 }
779
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]780 pkey = X509_get_pubkey (x509);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]781 if (pkey == NULL)
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]782 clib_warning ("get pubkey %s failed", file);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]783
784end:
785 return pkey;
786}
787
788EVP_PKEY *
789ikev2_load_key_file (u8 * file)
790{
791 FILE *fp;
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]792 EVP_PKEY *pkey = NULL;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]793
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]794 fp = fopen ((char *) file, "r");
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]795 if (!fp)
796 {
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]797 clib_warning ("open %s failed", file);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]798 goto end;
799 }
800
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]801 pkey = PEM_read_PrivateKey (fp, NULL, NULL, NULL);
802 fclose (fp);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]803 if (pkey == NULL)
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]804 clib_warning ("read %s failed", file);
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]805
806end:
807 return pkey;
808}
809
810void
811ikev2_crypto_init (ikev2_main_t * km)
812{
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]813 ikev2_sa_transform_t *tr;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]814
815 /* vector of supported transforms - in order of preference */
Berenger Foucher2ce8bd92018-08-30 16:33:53 +0200[diff] [blame]816
817 //Encryption
818
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]819 vec_add2 (km->supported_transforms, tr, 1);
820 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
821 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
822 tr->key_len = 256 / 8;
823 tr->block_size = 128 / 8;
824 tr->cipher = EVP_aes_256_cbc ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]825
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]826 vec_add2 (km->supported_transforms, tr, 1);
827 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
828 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
829 tr->key_len = 192 / 8;
830 tr->block_size = 128 / 8;
831 tr->cipher = EVP_aes_192_cbc ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]832
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]833 vec_add2 (km->supported_transforms, tr, 1);
834 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
835 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
836 tr->key_len = 128 / 8;
837 tr->block_size = 128 / 8;
838 tr->cipher = EVP_aes_128_cbc ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]839
Berenger Foucher2ce8bd92018-08-30 16:33:53 +0200[diff] [blame]840 //PRF
841 vec_add2 (km->supported_transforms, tr, 1);
842 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
843 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_256;
844 tr->key_len = 256 / 8;
845 tr->key_trunc = 256 / 8;
846 tr->md = EVP_sha256 ();
847
848 vec_add2 (km->supported_transforms, tr, 1);
849 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
850 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_384;
851 tr->key_len = 384 / 8;
852 tr->key_trunc = 384 / 8;
853 tr->md = EVP_sha384 ();
854
855 vec_add2 (km->supported_transforms, tr, 1);
856 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
857 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_512;
858 tr->key_len = 512 / 8;
859 tr->key_trunc = 512 / 8;
860 tr->md = EVP_sha512 ();
861
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]862 vec_add2 (km->supported_transforms, tr, 1);
863 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
864 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA1;
865 tr->key_len = 160 / 8;
866 tr->key_trunc = 160 / 8;
867 tr->md = EVP_sha1 ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]868
Berenger Foucher2ce8bd92018-08-30 16:33:53 +0200[diff] [blame]869 //Integrity
870 vec_add2 (km->supported_transforms, tr, 1);
871 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
872 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_256_128;
873 tr->key_len = 256 / 8;
874 tr->key_trunc = 128 / 8;
875 tr->md = EVP_sha256 ();
876
877 vec_add2 (km->supported_transforms, tr, 1);
878 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
879 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_384_192;
880 tr->key_len = 384 / 8;
881 tr->key_trunc = 192 / 8;
882 tr->md = EVP_sha384 ();
883
884 vec_add2 (km->supported_transforms, tr, 1);
885 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
886 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_512_256;
887 tr->key_len = 512 / 8;
888 tr->key_trunc = 256 / 8;
889 tr->md = EVP_sha512 ();
890
891 vec_add2 (km->supported_transforms, tr, 1);
892 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
893 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_160;
894 tr->key_len = 160 / 8;
895 tr->key_trunc = 160 / 8;
896 tr->md = EVP_sha1 ();
897
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]898 vec_add2 (km->supported_transforms, tr, 1);
899 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
900 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96;
901 tr->key_len = 160 / 8;
902 tr->key_trunc = 96 / 8;
903 tr->md = EVP_sha1 ();
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]904
Berenger Foucher2ce8bd92018-08-30 16:33:53 +0200[diff] [blame]905
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]906#if defined(OPENSSL_NO_CISCO_FECDH)
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]907 vec_add2 (km->supported_transforms, tr, 1);
908 tr->type = IKEV2_TRANSFORM_TYPE_DH;
909 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_512;
910 tr->key_len = (512 * 2) / 8;
911 tr->nid = NID_brainpoolP512r1;
912 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]913
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]914 vec_add2 (km->supported_transforms, tr, 1);
915 tr->type = IKEV2_TRANSFORM_TYPE_DH;
916 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_384;
917 tr->key_len = (384 * 2) / 8;
918 tr->nid = NID_brainpoolP384r1;
919 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]920
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]921 vec_add2 (km->supported_transforms, tr, 1);
922 tr->type = IKEV2_TRANSFORM_TYPE_DH;
923 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_256;
924 tr->key_len = (256 * 2) / 8;
925 tr->nid = NID_brainpoolP256r1;
926 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]927
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]928 vec_add2 (km->supported_transforms, tr, 1);
929 tr->type = IKEV2_TRANSFORM_TYPE_DH;
930 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_224;
931 tr->key_len = (224 * 2) / 8;
932 tr->nid = NID_brainpoolP224r1;
933 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]934
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]935 vec_add2 (km->supported_transforms, tr, 1);
936 tr->type = IKEV2_TRANSFORM_TYPE_DH;
937 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_224;
938 tr->key_len = (224 * 2) / 8;
939 tr->nid = NID_secp224r1;
940 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]941#endif
942
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]943 vec_add2 (km->supported_transforms, tr, 1);
944 tr->type = IKEV2_TRANSFORM_TYPE_DH;
945 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_521;
946 tr->key_len = (528 * 2) / 8;
947 tr->nid = NID_secp521r1;
948 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]949
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]950 vec_add2 (km->supported_transforms, tr, 1);
951 tr->type = IKEV2_TRANSFORM_TYPE_DH;
952 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_384;
953 tr->key_len = (384 * 2) / 8;
954 tr->nid = NID_secp384r1;
955 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]956
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]957 vec_add2 (km->supported_transforms, tr, 1);
958 tr->type = IKEV2_TRANSFORM_TYPE_DH;
959 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_256;
960 tr->key_len = (256 * 2) / 8;
961 tr->nid = NID_X9_62_prime256v1;
962 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]963
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]964 vec_add2 (km->supported_transforms, tr, 1);
965 tr->type = IKEV2_TRANSFORM_TYPE_DH;
966 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_192;
967 tr->key_len = (192 * 2) / 8;
968 tr->nid = NID_X9_62_prime192v1;
969 tr->dh_group = IKEV2_DH_GROUP_ECP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]970
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]971 vec_add2 (km->supported_transforms, tr, 1);
972 tr->type = IKEV2_TRANSFORM_TYPE_DH;
973 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_256;
974 tr->key_len = 2048 / 8;
975 tr->dh_p = (const char *) &modp_dh_2048_256_prime;
976 tr->dh_g = (const char *) &modp_dh_2048_256_generator;
977 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]978
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]979 vec_add2 (km->supported_transforms, tr, 1);
980 tr->type = IKEV2_TRANSFORM_TYPE_DH;
981 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_224;
982 tr->key_len = 2048 / 8;
983 tr->dh_p = (const char *) &modp_dh_2048_224_prime;
984 tr->dh_g = (const char *) &modp_dh_2048_224_generator;
985 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]986
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]987 vec_add2 (km->supported_transforms, tr, 1);
988 tr->type = IKEV2_TRANSFORM_TYPE_DH;
989 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024_160;
990 tr->key_len = 1024 / 8;
991 tr->dh_p = (const char *) &modp_dh_1024_160_prime;
992 tr->dh_g = (const char *) &modp_dh_1024_160_generator;
993 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]994
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]995 vec_add2 (km->supported_transforms, tr, 1);
996 tr->type = IKEV2_TRANSFORM_TYPE_DH;
997 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_8192;
998 tr->key_len = 8192 / 8;
999 tr->dh_p = (const char *) &modp_dh_8192_prime;
1000 tr->dh_g = (const char *) &modp_dh_8192_generator;
1001 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1002
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]1003 vec_add2 (km->supported_transforms, tr, 1);
1004 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1005 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_6144;
1006 tr->key_len = 6144 / 8;
1007 tr->dh_p = (const char *) &modp_dh_6144_prime;
1008 tr->dh_g = (const char *) &modp_dh_6144_generator;
1009 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1010
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]1011 vec_add2 (km->supported_transforms, tr, 1);
1012 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1013 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_4096;
1014 tr->key_len = 4096 / 8;
1015 tr->dh_p = (const char *) &modp_dh_4096_prime;
1016 tr->dh_g = (const char *) &modp_dh_4096_generator;
1017 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1018
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]1019 vec_add2 (km->supported_transforms, tr, 1);
1020 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1021 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_3072;
1022 tr->key_len = 3072 / 8;
1023 tr->dh_p = (const char *) &modp_dh_3072_prime;
1024 tr->dh_g = (const char *) &modp_dh_3072_generator;
1025 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1026
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]1027 vec_add2 (km->supported_transforms, tr, 1);
1028 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1029 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048;
1030 tr->key_len = 2048 / 8;
1031 tr->dh_p = (const char *) &modp_dh_2048_prime;
1032 tr->dh_g = (const char *) &modp_dh_2048_generator;
1033 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1034
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]1035 vec_add2 (km->supported_transforms, tr, 1);
1036 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1037 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1536;
1038 tr->key_len = 1536 / 8;
1039 tr->dh_p = (const char *) &modp_dh_1536_prime;
1040 tr->dh_g = (const char *) &modp_dh_1536_generator;
1041 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1042
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]1043 vec_add2 (km->supported_transforms, tr, 1);
1044 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1045 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024;
1046 tr->key_len = 1024 / 8;
1047 tr->dh_p = (const char *) &modp_dh_1024_prime;
1048 tr->dh_g = (const char *) &modp_dh_1024_generator;
1049 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1050
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]1051 vec_add2 (km->supported_transforms, tr, 1);
1052 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1053 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_768;
1054 tr->key_len = 768 / 8;
1055 tr->dh_p = (const char *) &modp_dh_768_prime;
1056 tr->dh_g = (const char *) &modp_dh_768_generator;
1057 tr->dh_group = IKEV2_DH_GROUP_MODP;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1058
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]1059 vec_add2 (km->supported_transforms, tr, 1);
1060 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1061 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_ESN;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1062
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]1063 vec_add2 (km->supported_transforms, tr, 1);
1064 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1065 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_NO_ESN;
Ed Warnickecb9cada2015-12-08 15:45:58 -0700[diff] [blame]1066}
1067
1068
Keith Burns (alagalah)166a9d42016-08-06 11:00:56 -0700[diff] [blame]1069
1070/*
1071 * fd.io coding-style-patch-verification: ON
1072 *
1073 * Local Variables:
1074 * eval: (c-set-style "gnu")
1075 * End:
1076 */