projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
added proposal parsing of uncommon DH groups 3072/6144
[strongswan.git] / src / charon / config / proposal.c
1 /*
2 * Copyright (C) 2008 Tobias Brunner
3 * Copyright (C) 2006 Martin Willi
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 *
16 * $Id$
17 */
18
19 #include <string.h>
20
21 #include "proposal.h"
22
23 #include <daemon.h>
24 #include <utils/linked_list.h>
25 #include <utils/identification.h>
26 #include <utils/lexparser.h>
27 #include <crypto/prfs/prf.h>
28 #include <crypto/crypters/crypter.h>
29 #include <crypto/signers/signer.h>
30
31
32 ENUM(protocol_id_names, PROTO_NONE, PROTO_ESP,
33 "PROTO_NONE",
34 "IKE",
35 "AH",
36 "ESP",
37 );
38
39 ENUM_BEGIN(transform_type_names, UNDEFINED_TRANSFORM_TYPE, UNDEFINED_TRANSFORM_TYPE,
40 "UNDEFINED_TRANSFORM_TYPE");
41 ENUM_NEXT(transform_type_names, ENCRYPTION_ALGORITHM, EXTENDED_SEQUENCE_NUMBERS, UNDEFINED_TRANSFORM_TYPE,
42 "ENCRYPTION_ALGORITHM",
43 "PSEUDO_RANDOM_FUNCTION",
44 "INTEGRITY_ALGORITHM",
45 "DIFFIE_HELLMAN_GROUP",
46 "EXTENDED_SEQUENCE_NUMBERS");
47 ENUM_END(transform_type_names, EXTENDED_SEQUENCE_NUMBERS);
48
49 ENUM(extended_sequence_numbers_names, NO_EXT_SEQ_NUMBERS, EXT_SEQ_NUMBERS,
50 "NO_EXT_SEQ",
51 "EXT_SEQ",
52 );
53
54 typedef struct private_proposal_t private_proposal_t;
55 typedef struct algorithm_t algorithm_t;
56
57 /**
58 * Private data of an proposal_t object
59 */
60 struct private_proposal_t {
61
62 /**
63 * Public part
64 */
65 proposal_t public;
66
67 /**
68 * protocol (ESP or AH)
69 */
70 protocol_id_t protocol;
71
72 /**
73 * priority ordered list of encryption algorithms
74 */
75 linked_list_t *encryption_algos;
76
77 /**
78 * priority ordered list of integrity algorithms
79 */
80 linked_list_t *integrity_algos;
81
82 /**
83 * priority ordered list of pseudo random functions
84 */
85 linked_list_t *prf_algos;
86
87 /**
88 * priority ordered list of dh groups
89 */
90 linked_list_t *dh_groups;
91
92 /**
93 * priority ordered list of extended sequence number flags
94 */
95 linked_list_t *esns;
96
97 /**
98 * senders SPI
99 */
100 u_int64_t spi;
101 };
102
103 /**
104 * Struct used to store different kinds of algorithms.
105 */
106 struct algorithm_t {
107 /**
108 * Value from an encryption_algorithm_t/integrity_algorithm_t/...
109 */
110 u_int16_t algorithm;
111
112 /**
113 * the associated key size in bits, or zero if not needed
114 */
115 u_int16_t key_size;
116 };
117
118 /**
119 * Add algorithm/keysize to a algorithm list
120 */
121 static void add_algo(linked_list_t *list, u_int16_t algo, u_int16_t key_size)
122 {
123 algorithm_t *algo_key;
124
125 algo_key = malloc_thing(algorithm_t);
126 algo_key->algorithm = algo;
127 algo_key->key_size = key_size;
128 list->insert_last(list, (void*)algo_key);
129 }
130
131 /**
132 * Implements proposal_t.add_algorithm
133 */
134 static void add_algorithm(private_proposal_t *this, transform_type_t type,
135 u_int16_t algo, u_int16_t key_size)
136 {
137 switch (type)
138 {
139 case ENCRYPTION_ALGORITHM:
140 add_algo(this->encryption_algos, algo, key_size);
141 break;
142 case INTEGRITY_ALGORITHM:
143 add_algo(this->integrity_algos, algo, key_size);
144 break;
145 case PSEUDO_RANDOM_FUNCTION:
146 add_algo(this->prf_algos, algo, key_size);
147 break;
148 case DIFFIE_HELLMAN_GROUP:
149 add_algo(this->dh_groups, algo, 0);
150 break;
151 case EXTENDED_SEQUENCE_NUMBERS:
152 add_algo(this->esns, algo, 0);
153 break;
154 default:
155 break;
156 }
157 }
158
159 /**
160 * filter function for peer configs
161 */
162 static bool alg_filter(void *null, algorithm_t **in, u_int16_t *alg,
163 void **unused, u_int16_t *key_size)
164 {
165 algorithm_t *algo = *in;
166 *alg = algo->algorithm;
167 if (key_size)
168 {
169 *key_size = algo->key_size;
170 }
171 return TRUE;
172 }
173
174 /**
175 * Implements proposal_t.create_enumerator.
176 */
177 static enumerator_t *create_enumerator(private_proposal_t *this,
178 transform_type_t type)
179 {
180 linked_list_t *list;
181
182 switch (type)
183 {
184 case ENCRYPTION_ALGORITHM:
185 list = this->encryption_algos;
186 break;
187 case INTEGRITY_ALGORITHM:
188 list = this->integrity_algos;
189 break;
190 case PSEUDO_RANDOM_FUNCTION:
191 list = this->prf_algos;
192 break;
193 case DIFFIE_HELLMAN_GROUP:
194 list = this->dh_groups;
195 break;
196 case EXTENDED_SEQUENCE_NUMBERS:
197 list = this->esns;
198 break;
199 default:
200 return NULL;
201 }
202 return enumerator_create_filter(list->create_enumerator(list),
203 (void*)alg_filter, NULL, NULL);
204 }
205
206 /**
207 * Implements proposal_t.get_algorithm.
208 */
209 static bool get_algorithm(private_proposal_t *this, transform_type_t type,
210 u_int16_t *alg, u_int16_t *key_size)
211 {
212 enumerator_t *enumerator;
213 bool found = FALSE;
214
215 enumerator = create_enumerator(this, type);
216 if (enumerator->enumerate(enumerator, alg, key_size))
217 {
218 found = TRUE;
219 }
220 enumerator->destroy(enumerator);
221 return found;
222 }
223
224 /**
225 * Implements proposal_t.has_dh_group
226 */
227 static bool has_dh_group(private_proposal_t *this, diffie_hellman_group_t group)
228 {
229 bool result = FALSE;
230
231 if (this->dh_groups->get_count(this->dh_groups))
232 {
233 algorithm_t *current;
234 enumerator_t *enumerator;
235
236 enumerator = this->dh_groups->create_enumerator(this->dh_groups);
237 while (enumerator->enumerate(enumerator, (void**)&current))
238 {
239 if (current->algorithm == group)
240 {
241 result = TRUE;
242 break;
243 }
244 }
245 enumerator->destroy(enumerator);
246 }
247 else if (group == MODP_NONE)
248 {
249 result = TRUE;
250 }
251 return result;
252 }
253
254 /**
255 * Implementation of proposal_t.strip_dh.
256 */
257 static void strip_dh(private_proposal_t *this)
258 {
259 algorithm_t *alg;
260
261 while (this->dh_groups->remove_last(this->dh_groups, (void**)&alg) == SUCCESS)
262 {
263 free(alg);
264 }
265 }
266
267 /**
268 * Returns true if the given alg is an authenticated encryption algorithm
269 */
270 static bool is_authenticated_encryption(u_int16_t alg)
271 {
272 switch(alg)
273 {
274 case ENCR_AES_CCM_ICV8:
275 case ENCR_AES_CCM_ICV12:
276 case ENCR_AES_CCM_ICV16:
277 case ENCR_AES_GCM_ICV8:
278 case ENCR_AES_GCM_ICV12:
279 case ENCR_AES_GCM_ICV16:
280 return TRUE;
281 }
282 return FALSE;
283 }
284
285 /**
286 * Find a matching alg/keysize in two linked lists
287 */
288 static bool select_algo(linked_list_t *first, linked_list_t *second, bool *add,
289 u_int16_t *alg, size_t *key_size)
290 {
291 enumerator_t *e1, *e2;
292 algorithm_t *alg1, *alg2;
293
294 /* if in both are zero algorithms specified, we HAVE a match */
295 if (first->get_count(first) == 0 && second->get_count(second) == 0)
296 {
297 *add = FALSE;
298 return TRUE;
299 }
300
301 e1 = first->create_enumerator(first);
302 e2 = second->create_enumerator(second);
303 /* compare algs, order of algs in "first" is preferred */
304 while (e1->enumerate(e1, &alg1))
305 {
306 e2->destroy(e2);
307 e2 = second->create_enumerator(second);
308 while (e2->enumerate(e2, &alg2))
309 {
310 if (alg1->algorithm == alg2->algorithm &&
311 alg1->key_size == alg2->key_size)
312 {
313 /* ok, we have an algorithm */
314 *alg = alg1->algorithm;
315 *key_size = alg1->key_size;
316 *add = TRUE;
317 e1->destroy(e1);
318 e2->destroy(e2);
319 return TRUE;
320 }
321 }
322 }
323 /* no match in all comparisons */
324 e1->destroy(e1);
325 e2->destroy(e2);
326 return FALSE;
327 }
328
329 /**
330 * Implements proposal_t.select.
331 */
332 static proposal_t *select_proposal(private_proposal_t *this, private_proposal_t *other)
333 {
334 proposal_t *selected;
335 u_int16_t algo;
336 size_t key_size;
337 bool add;
338
339 DBG2(DBG_CFG, "selecting proposal:");
340
341 /* check protocol */
342 if (this->protocol != other->protocol)
343 {
344 DBG2(DBG_CFG, " protocol mismatch, skipping");
345 return NULL;
346 }
347
348 selected = proposal_create(this->protocol);
349
350 /* select encryption algorithm */
351 if (select_algo(this->encryption_algos, other->encryption_algos,
352 &add, &algo, &key_size))
353 {
354 if (add)
355 {
356 selected->add_algorithm(selected, ENCRYPTION_ALGORITHM,
357 algo, key_size);
358 }
359 }
360 else
361 {
362 selected->destroy(selected);
363 DBG2(DBG_CFG, " no acceptable %N found",
364 transform_type_names, ENCRYPTION_ALGORITHM);
365 return NULL;
366 }
367 /* select integrity algorithm */
368 if (!is_authenticated_encryption(algo))
369 {
370 if (select_algo(this->integrity_algos, other->integrity_algos,
371 &add, &algo, &key_size))
372 {
373 if (add)
374 {
375 selected->add_algorithm(selected, INTEGRITY_ALGORITHM,
376 algo, key_size);
377 }
378 }
379 else
380 {
381 selected->destroy(selected);
382 DBG2(DBG_CFG, " no acceptable %N found",
383 transform_type_names, INTEGRITY_ALGORITHM);
384 return NULL;
385 }
386 }
387 /* select prf algorithm */
388 if (select_algo(this->prf_algos, other->prf_algos,
389 &add, &algo, &key_size))
390 {
391 if (add)
392 {
393 selected->add_algorithm(selected, PSEUDO_RANDOM_FUNCTION,
394 algo, key_size);
395 }
396 }
397 else
398 {
399 selected->destroy(selected);
400 DBG2(DBG_CFG, " no acceptable %N found",
401 transform_type_names, PSEUDO_RANDOM_FUNCTION);
402 return NULL;
403 }
404 /* select a DH-group */
405 if (select_algo(this->dh_groups, other->dh_groups, &add, &algo, &key_size))
406 {
407 if (add)
408 {
409 selected->add_algorithm(selected, DIFFIE_HELLMAN_GROUP, algo, 0);
410 }
411 }
412 else
413 {
414 selected->destroy(selected);
415 DBG2(DBG_CFG, " no acceptable %N found",
416 transform_type_names, DIFFIE_HELLMAN_GROUP);
417 return NULL;
418 }
419 /* select if we use ESNs */
420 if (select_algo(this->esns, other->esns, &add, &algo, &key_size))
421 {
422 if (add)
423 {
424 selected->add_algorithm(selected, EXTENDED_SEQUENCE_NUMBERS, algo, 0);
425 }
426 }
427 else
428 {
429 selected->destroy(selected);
430 DBG2(DBG_CFG, " no acceptable %N found",
431 transform_type_names, EXTENDED_SEQUENCE_NUMBERS);
432 return NULL;
433 }
434 DBG2(DBG_CFG, " proposal matches");
435
436 /* apply SPI from "other" */
437 selected->set_spi(selected, other->spi);
438
439 /* everything matched, return new proposal */
440 return selected;
441 }
442
443 /**
444 * Implements proposal_t.get_protocols.
445 */
446 static protocol_id_t get_protocol(private_proposal_t *this)
447 {
448 return this->protocol;
449 }
450
451 /**
452 * Implements proposal_t.set_spi.
453 */
454 static void set_spi(private_proposal_t *this, u_int64_t spi)
455 {
456 this->spi = spi;
457 }
458
459 /**
460 * Implements proposal_t.get_spi.
461 */
462 static u_int64_t get_spi(private_proposal_t *this)
463 {
464 return this->spi;
465 }
466
467 /**
468 * Clone a algorithm list
469 */
470 static void clone_algo_list(linked_list_t *list, linked_list_t *clone_list)
471 {
472 algorithm_t *algo, *clone_algo;
473 enumerator_t *enumerator;
474
475 enumerator = list->create_enumerator(list);
476 while (enumerator->enumerate(enumerator, &algo))
477 {
478 clone_algo = malloc_thing(algorithm_t);
479 memcpy(clone_algo, algo, sizeof(algorithm_t));
480 clone_list->insert_last(clone_list, (void*)clone_algo);
481 }
482 enumerator->destroy(enumerator);
483 }
484
485 /**
486 * check if an algorithm list equals
487 */
488 static bool algo_list_equals(linked_list_t *l1, linked_list_t *l2)
489 {
490 enumerator_t *e1, *e2;
491 algorithm_t *alg1, *alg2;
492 bool equals = TRUE;
493
494 if (l1->get_count(l1) != l2->get_count(l2))
495 {
496 return FALSE;
497 }
498
499 e1 = l1->create_enumerator(l1);
500 e2 = l2->create_enumerator(l2);
501 while (e1->enumerate(e1, &alg1) && e2->enumerate(e2, &alg2))
502 {
503 if (alg1->algorithm != alg2->algorithm ||
504 alg1->key_size != alg2->key_size)
505 {
506 equals = FALSE;
507 break;
508 }
509 }
510 e1->destroy(e1);
511 e2->destroy(e2);
512 return equals;
513 }
514
515 /**
516 * Implementation of proposal_t.equals.
517 */
518 static bool equals(private_proposal_t *this, private_proposal_t *other)
519 {
520 if (this == other)
521 {
522 return TRUE;
523 }
524 if (this->public.equals != other->public.equals)
525 {
526 return FALSE;
527 }
528 return (
529 algo_list_equals(this->encryption_algos, other->encryption_algos) &&
530 algo_list_equals(this->integrity_algos, other->integrity_algos) &&
531 algo_list_equals(this->prf_algos, other->prf_algos) &&
532 algo_list_equals(this->dh_groups, other->dh_groups) &&
533 algo_list_equals(this->esns, other->esns));
534 }
535
536 /**
537 * Implements proposal_t.clone
538 */
539 static proposal_t *clone_(private_proposal_t *this)
540 {
541 private_proposal_t *clone = (private_proposal_t*)proposal_create(this->protocol);
542
543 clone_algo_list(this->encryption_algos, clone->encryption_algos);
544 clone_algo_list(this->integrity_algos, clone->integrity_algos);
545 clone_algo_list(this->prf_algos, clone->prf_algos);
546 clone_algo_list(this->dh_groups, clone->dh_groups);
547 clone_algo_list(this->esns, clone->esns);
548
549 clone->spi = this->spi;
550
551 return &clone->public;
552 }
553
554 /**
555 * Checks the proposal read from a string.
556 */
557 static void check_proposal(private_proposal_t *this)
558 {
559 enumerator_t *e;
560 algorithm_t *alg;
561 bool all_aead = TRUE;
562
563 e = this->encryption_algos->create_enumerator(this->encryption_algos);
564 while (e->enumerate(e, &alg))
565 {
566 if (!is_authenticated_encryption(alg->algorithm))
567 {
568 all_aead = FALSE;
569 break;
570 }
571 }
572 e->destroy(e);
573
574 if (all_aead)
575 {
576 /* if all encryption algorithms in the proposal are authenticated encryption
577 * algorithms we MUST NOT propose any integrity algorithms */
578 while (this->integrity_algos->remove_last(this->integrity_algos,
579 (void**)&alg) == SUCCESS)
580 {
581 free(alg);
582 }
583 }
584 }
585
586 /**
587 * add a algorithm identified by a string to the proposal.
588 * TODO: we could use gperf here.
589 */
590 static status_t add_string_algo(private_proposal_t *this, chunk_t alg)
591 {
592 if (strncmp(alg.ptr, "null", alg.len) == 0)
593 {
594 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_NULL, 0);
595 }
596 else if (strncmp(alg.ptr, "aes128", alg.len) == 0)
597 {
598 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128);
599 }
600 else if (strncmp(alg.ptr, "aes192", alg.len) == 0)
601 {
602 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192);
603 }
604 else if (strncmp(alg.ptr, "aes256", alg.len) == 0)
605 {
606 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256);
607 }
608 else if (strstr(alg.ptr, "ccm"))
609 {
610 u_int16_t key_size, icv_size;
611
612 if (sscanf(alg.ptr, "aes%huccm%hu", &key_size, &icv_size) == 2)
613 {
614 if (key_size == 128 || key_size == 192 || key_size == 256)
615 {
616 switch (icv_size)
617 {
618 case 8: /* octets */
619 case 64: /* bits */
620 add_algorithm(this, ENCRYPTION_ALGORITHM,
621 ENCR_AES_CCM_ICV8, key_size);
622 break;
623 case 12: /* octets */
624 case 96: /* bits */
625 add_algorithm(this, ENCRYPTION_ALGORITHM,
626 ENCR_AES_CCM_ICV12, key_size);
627 break;
628 case 16: /* octets */
629 case 128: /* bits */
630 add_algorithm(this, ENCRYPTION_ALGORITHM,
631 ENCR_AES_CCM_ICV16, key_size);
632 break;
633 default:
634 /* invalid ICV size */
635 break;
636 }
637 }
638 }
639 }
640 else if (strstr(alg.ptr, "gcm"))
641 {
642 u_int16_t key_size, icv_size;
643
644 if (sscanf(alg.ptr, "aes%hugcm%hu", &key_size, &icv_size) == 2)
645 {
646 if (key_size == 128 || key_size == 192 || key_size == 256)
647 {
648 switch (icv_size)
649 {
650 case 8: /* octets */
651 case 64: /* bits */
652 add_algorithm(this, ENCRYPTION_ALGORITHM,
653 ENCR_AES_GCM_ICV8, key_size);
654 break;
655 case 12: /* octets */
656 case 96: /* bits */
657 add_algorithm(this, ENCRYPTION_ALGORITHM,
658 ENCR_AES_GCM_ICV12, key_size);
659 break;
660 case 16: /* octets */
661 case 128: /* bits */
662 add_algorithm(this, ENCRYPTION_ALGORITHM,
663 ENCR_AES_GCM_ICV16, key_size);
664 break;
665 default:
666 /* invalid ICV size */
667 break;
668 }
669 }
670 }
671 }
672 else if (strncmp(alg.ptr, "3des", alg.len) == 0)
673 {
674 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_3DES, 0);
675 }
676 /* blowfish only uses some predefined key sizes yet */
677 else if (strncmp(alg.ptr, "blowfish128", alg.len) == 0)
678 {
679 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128);
680 }
681 else if (strncmp(alg.ptr, "blowfish192", alg.len) == 0)
682 {
683 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192);
684 }
685 else if (strncmp(alg.ptr, "blowfish256", alg.len) == 0)
686 {
687 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256);
688 }
689 else if (strncmp(alg.ptr, "sha", alg.len) == 0 ||
690 strncmp(alg.ptr, "sha1", alg.len) == 0)
691 {
692 /* sha means we use SHA for both, PRF and AUTH */
693 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
694 if (this->protocol == PROTO_IKE)
695 {
696 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0);
697 }
698 }
699 else if (strncmp(alg.ptr, "sha256", alg.len) == 0 ||
700 strncmp(alg.ptr, "sha2_256", alg.len) == 0)
701 {
702 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0);
703 if (this->protocol == PROTO_IKE)
704 {
705 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0);
706 }
707 }
708 else if (strncmp(alg.ptr, "sha384", alg.len) == 0 ||
709 strncmp(alg.ptr, "sha2_384", alg.len) == 0)
710 {
711 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0);
712 if (this->protocol == PROTO_IKE)
713 {
714 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0);
715 }
716 }
717 else if (strncmp(alg.ptr, "sha512", alg.len) == 0 ||
718 strncmp(alg.ptr, "sha2_512", alg.len) == 0)
719 {
720 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0);
721 if (this->protocol == PROTO_IKE)
722 {
723 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0);
724 }
725 }
726 else if (strncmp(alg.ptr, "md5", alg.len) == 0)
727 {
728 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0);
729 if (this->protocol == PROTO_IKE)
730 {
731 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0);
732 }
733 }
734 else if (strncmp(alg.ptr, "aesxcbc", alg.len) == 0)
735 {
736 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0);
737 if (this->protocol == PROTO_IKE)
738 {
739 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0);
740 }
741 }
742 else if (strncmp(alg.ptr, "modp768", alg.len) == 0)
743 {
744 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0);
745 }
746 else if (strncmp(alg.ptr, "modp1024", alg.len) == 0)
747 {
748 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0);
749 }
750 else if (strncmp(alg.ptr, "modp1536", alg.len) == 0)
751 {
752 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0);
753 }
754 else if (strncmp(alg.ptr, "modp2048", alg.len) == 0)
755 {
756 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0);
757 }
758 else if (strncmp(alg.ptr, "modp3072", alg.len) == 0)
759 {
760 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0);
761 }
762 else if (strncmp(alg.ptr, "modp4096", alg.len) == 0)
763 {
764 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0);
765 }
766 else if (strncmp(alg.ptr, "modp6144", alg.len) == 0)
767 {
768 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0);
769 }
770 else if (strncmp(alg.ptr, "modp8192", alg.len) == 0)
771 {
772 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0);
773 }
774 else if (strncmp(alg.ptr, "ecp192", alg.len) == 0)
775 {
776 add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0);
777 }
778 else if (strncmp(alg.ptr, "ecp224", alg.len) == 0)
779 {
780 add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0);
781 }
782 else if (strncmp(alg.ptr, "ecp256", alg.len) == 0)
783 {
784 add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0);
785 }
786 else if (strncmp(alg.ptr, "ecp384", alg.len) == 0)
787 {
788 add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0);
789 }
790 else if (strncmp(alg.ptr, "ecp521", alg.len) == 0)
791 {
792 add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0);
793 }
794 else
795 {
796 return FAILED;
797 }
798 return SUCCESS;
799 }
800
801 /**
802 * print all algorithms of a kind to stream
803 */
804 static int print_alg(private_proposal_t *this, FILE *stream, u_int kind,
805 void *names, bool *first)
806 {
807 enumerator_t *enumerator;
808 size_t written = 0;
809 u_int16_t alg, size;
810
811 enumerator = create_enumerator(this, kind);
812 while (enumerator->enumerate(enumerator, &alg, &size))
813 {
814 if (*first)
815 {
816 written += fprintf(stream, "%N", names, alg);
817 *first = FALSE;
818 }
819 else
820 {
821 written += fprintf(stream, "/%N", names, alg);
822 }
823 if (size)
824 {
825 written += fprintf(stream, "-%d", size);
826 }
827 }
828 enumerator->destroy(enumerator);
829 return written;
830 }
831
832 /**
833 * output handler in printf()
834 */
835 static int print(FILE *stream, const struct printf_info *info,
836 const void *const *args)
837 {
838 private_proposal_t *this = *((private_proposal_t**)(args[0]));
839 linked_list_t *list = *((linked_list_t**)(args[0]));
840 enumerator_t *enumerator;
841 size_t written = 0;
842 bool first = TRUE;
843
844 if (this == NULL)
845 {
846 return fprintf(stream, "(null)");
847 }
848
849 if (info->alt)
850 {
851 enumerator = list->create_enumerator(list);
852 while (enumerator->enumerate(enumerator, &this))
853 { /* call recursivly */
854 if (first)
855 {
856 written += fprintf(stream, "%P", this);
857 first = FALSE;
858 }
859 else
860 {
861 written += fprintf(stream, ", %P", this);
862 }
863 }
864 enumerator->destroy(enumerator);
865 return written;
866 }
867
868 written = fprintf(stream, "%N:", protocol_id_names, this->protocol);
869 written += print_alg(this, stream, ENCRYPTION_ALGORITHM,
870 encryption_algorithm_names, &first);
871 written += print_alg(this, stream, INTEGRITY_ALGORITHM,
872 integrity_algorithm_names, &first);
873 written += print_alg(this, stream, PSEUDO_RANDOM_FUNCTION,
874 pseudo_random_function_names, &first);
875 written += print_alg(this, stream, DIFFIE_HELLMAN_GROUP,
876 diffie_hellman_group_names, &first);
877 written += print_alg(this, stream, EXTENDED_SEQUENCE_NUMBERS,
878 extended_sequence_numbers_names, &first);
879 return written;
880 }
881
882 /**
883 * arginfo handler for printf() proposal
884 */
885 static int arginfo(const struct printf_info *info, size_t n, int *argtypes)
886 {
887 if (n > 0)
888 {
889 argtypes[0] = PA_POINTER;
890 }
891 return 1;
892 }
893
894 /**
895 * return printf hook functions for a proposal
896 */
897 printf_hook_functions_t proposal_get_printf_hooks()
898 {
899 printf_hook_functions_t hooks = {print, arginfo};
900
901 return hooks;
902 }
903
904 /**
905 * Implements proposal_t.destroy.
906 */
907 static void destroy(private_proposal_t *this)
908 {
909 this->encryption_algos->destroy_function(this->encryption_algos, free);
910 this->integrity_algos->destroy_function(this->integrity_algos, free);
911 this->prf_algos->destroy_function(this->prf_algos, free);
912 this->dh_groups->destroy_function(this->dh_groups, free);
913 this->esns->destroy_function(this->esns, free);
914 free(this);
915 }
916
917 /*
918 * Describtion in header-file
919 */
920 proposal_t *proposal_create(protocol_id_t protocol)
921 {
922 private_proposal_t *this = malloc_thing(private_proposal_t);
923
924 this->public.add_algorithm = (void (*)(proposal_t*,transform_type_t,u_int16_t,u_int16_t))add_algorithm;
925 this->public.create_enumerator = (enumerator_t* (*)(proposal_t*,transform_type_t))create_enumerator;
926 this->public.get_algorithm = (bool (*)(proposal_t*,transform_type_t,u_int16_t*,u_int16_t*))get_algorithm;
927 this->public.has_dh_group = (bool (*)(proposal_t*,diffie_hellman_group_t))has_dh_group;
928 this->public.strip_dh = (void(*)(proposal_t*))strip_dh;
929 this->public.select = (proposal_t* (*)(proposal_t*,proposal_t*))select_proposal;
930 this->public.get_protocol = (protocol_id_t(*)(proposal_t*))get_protocol;
931 this->public.set_spi = (void(*)(proposal_t*,u_int64_t))set_spi;
932 this->public.get_spi = (u_int64_t(*)(proposal_t*))get_spi;
933 this->public.equals = (bool(*)(proposal_t*, proposal_t *other))equals;
934 this->public.clone = (proposal_t*(*)(proposal_t*))clone_;
935 this->public.destroy = (void(*)(proposal_t*))destroy;
936
937 this->spi = 0;
938 this->protocol = protocol;
939
940 this->encryption_algos = linked_list_create();
941 this->integrity_algos = linked_list_create();
942 this->prf_algos = linked_list_create();
943 this->dh_groups = linked_list_create();
944 this->esns = linked_list_create();
945
946 return &this->public;
947 }
948
949 /**
950 * Add supported IKE algorithms to proposal
951 */
952 static void proposal_add_supported_ike(private_proposal_t *this)
953 {
954 enumerator_t *enumerator;
955 encryption_algorithm_t encryption;
956 integrity_algorithm_t integrity;
957 pseudo_random_function_t prf;
958 diffie_hellman_group_t group;
959
960 enumerator = lib->crypto->create_crypter_enumerator(lib->crypto);
961 while (enumerator->enumerate(enumerator, &encryption))
962 {
963 switch (encryption)
964 {
965 case ENCR_AES_CBC:
966 /* we assume that we support all AES sizes */
967 add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 128);
968 add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 192);
969 add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 256);
970 break;
971 case ENCR_3DES:
972 case ENCR_AES_CTR:
973 case ENCR_AES_CCM_ICV8:
974 case ENCR_AES_CCM_ICV12:
975 case ENCR_AES_CCM_ICV16:
976 case ENCR_AES_GCM_ICV8:
977 case ENCR_AES_GCM_ICV12:
978 case ENCR_AES_GCM_ICV16:
979 add_algorithm(this, ENCRYPTION_ALGORITHM, encryption, 0);
980 break;
981 case ENCR_DES:
982 /* no, thanks */
983 break;
984 default:
985 break;
986 }
987 }
988 enumerator->destroy(enumerator);
989
990 enumerator = lib->crypto->create_signer_enumerator(lib->crypto);
991 while (enumerator->enumerate(enumerator, &integrity))
992 {
993 switch (integrity)
994 {
995 case AUTH_HMAC_SHA1_96:
996 case AUTH_HMAC_SHA2_256_128:
997 case AUTH_HMAC_SHA2_384_192:
998 case AUTH_HMAC_SHA2_512_256:
999 case AUTH_HMAC_MD5_96:
1000 case AUTH_AES_XCBC_96:
1001 add_algorithm(this, INTEGRITY_ALGORITHM, integrity, 0);
1002 break;
1003 default:
1004 break;
1005 }
1006 }
1007 enumerator->destroy(enumerator);
1008
1009 enumerator = lib->crypto->create_prf_enumerator(lib->crypto);
1010 while (enumerator->enumerate(enumerator, &prf))
1011 {
1012 switch (prf)
1013 {
1014 case PRF_HMAC_SHA1:
1015 case PRF_HMAC_SHA2_256:
1016 case PRF_HMAC_SHA2_384:
1017 case PRF_HMAC_SHA2_512:
1018 case PRF_HMAC_MD5:
1019 case PRF_AES128_XCBC:
1020 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, prf, 0);
1021 break;
1022 default:
1023 break;
1024 }
1025 }
1026 enumerator->destroy(enumerator);
1027
1028 enumerator = lib->crypto->create_dh_enumerator(lib->crypto);
1029 while (enumerator->enumerate(enumerator, &group))
1030 {
1031 switch (group)
1032 {
1033 case MODP_768_BIT:
1034 /* weak */
1035 break;
1036 case MODP_1024_BIT:
1037 case MODP_1536_BIT:
1038 case MODP_2048_BIT:
1039 case MODP_4096_BIT:
1040 case MODP_8192_BIT:
1041 case ECP_256_BIT:
1042 case ECP_384_BIT:
1043 case ECP_521_BIT:
1044 case ECP_192_BIT:
1045 case ECP_224_BIT:
1046 add_algorithm(this, DIFFIE_HELLMAN_GROUP, group, 0);
1047 break;
1048 default:
1049 break;
1050 }
1051 }
1052 enumerator->destroy(enumerator);
1053 }
1054
1055 /*
1056 * Describtion in header-file
1057 */
1058 proposal_t *proposal_create_default(protocol_id_t protocol)
1059 {
1060 private_proposal_t *this = (private_proposal_t*)proposal_create(protocol);
1061
1062 switch (protocol)
1063 {
1064 case PROTO_IKE:
1065 proposal_add_supported_ike(this);
1066 break;
1067 case PROTO_ESP:
1068 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128);
1069 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192);
1070 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256);
1071 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_3DES, 0);
1072 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256);
1073 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
1074 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0);
1075 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0);
1076 add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
1077 break;
1078 case PROTO_AH:
1079 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
1080 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0);
1081 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0);
1082 add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
1083 break;
1084 default:
1085 break;
1086 }
1087 return &this->public;
1088 }
1089
1090 /*
1091 * Describtion in header-file
1092 */
1093 proposal_t *proposal_create_from_string(protocol_id_t protocol, const char *algs)
1094 {
1095 private_proposal_t *this = (private_proposal_t*)proposal_create(protocol);
1096 chunk_t string = {(void*)algs, strlen(algs)};
1097 chunk_t alg;
1098 status_t status = SUCCESS;
1099
1100 eat_whitespace(&string);
1101 if (string.len < 1)
1102 {
1103 destroy(this);
1104 return NULL;
1105 }
1106
1107 /* get all tokens, separated by '-' */
1108 while (extract_token(&alg, '-', &string))
1109 {
1110 status |= add_string_algo(this, alg);
1111 }
1112 if (string.len)
1113 {
1114 status |= add_string_algo(this, string);
1115 }
1116 if (status != SUCCESS)
1117 {
1118 destroy(this);
1119 return NULL;
1120 }
1121
1122 check_proposal(this);
1123
1124 if (protocol == PROTO_AH || protocol == PROTO_ESP)
1125 {
1126 add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
1127 }
1128 return &this->public;
1129 }
strongSwan - IPsec VPN