log received DH groups and PRFs if no common proposal is found
[strongswan.git] / src / charon / config / proposal.c
1 /*
2 * Copyright (C) 2008 Tobias Brunner
3 * Copyright (C) 2006 Martin Willi
4 * Hochschule fuer Technik Rapperswil
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 *
16 * $Id$
17 */
18
19 #include <string.h>
20
21 #include "proposal.h"
22
23 #include <daemon.h>
24 #include <utils/linked_list.h>
25 #include <utils/identification.h>
26 #include <utils/lexparser.h>
27 #include <crypto/prfs/prf.h>
28 #include <crypto/crypters/crypter.h>
29 #include <crypto/signers/signer.h>
30
31
32 ENUM(protocol_id_names, PROTO_NONE, PROTO_ESP,
33 "PROTO_NONE",
34 "IKE",
35 "AH",
36 "ESP",
37 );
38
39 ENUM_BEGIN(transform_type_names, UNDEFINED_TRANSFORM_TYPE, UNDEFINED_TRANSFORM_TYPE,
40 "UNDEFINED_TRANSFORM_TYPE");
41 ENUM_NEXT(transform_type_names, ENCRYPTION_ALGORITHM, EXTENDED_SEQUENCE_NUMBERS, UNDEFINED_TRANSFORM_TYPE,
42 "ENCRYPTION_ALGORITHM",
43 "PSEUDO_RANDOM_FUNCTION",
44 "INTEGRITY_ALGORITHM",
45 "DIFFIE_HELLMAN_GROUP",
46 "EXTENDED_SEQUENCE_NUMBERS");
47 ENUM_END(transform_type_names, EXTENDED_SEQUENCE_NUMBERS);
48
49 ENUM(extended_sequence_numbers_names, NO_EXT_SEQ_NUMBERS, EXT_SEQ_NUMBERS,
50 "NO_EXT_SEQ_NUMBERS",
51 "EXT_SEQ_NUMBERS",
52 );
53
54 typedef struct private_proposal_t private_proposal_t;
55 typedef struct algorithm_t algorithm_t;
56
57 /**
58 * Private data of an proposal_t object
59 */
60 struct private_proposal_t {
61
62 /**
63 * Public part
64 */
65 proposal_t public;
66
67 /**
68 * protocol (ESP or AH)
69 */
70 protocol_id_t protocol;
71
72 /**
73 * priority ordered list of encryption algorithms
74 */
75 linked_list_t *encryption_algos;
76
77 /**
78 * priority ordered list of integrity algorithms
79 */
80 linked_list_t *integrity_algos;
81
82 /**
83 * priority ordered list of pseudo random functions
84 */
85 linked_list_t *prf_algos;
86
87 /**
88 * priority ordered list of dh groups
89 */
90 linked_list_t *dh_groups;
91
92 /**
93 * priority ordered list of extended sequence number flags
94 */
95 linked_list_t *esns;
96
97 /**
98 * senders SPI
99 */
100 u_int64_t spi;
101 };
102
103 /**
104 * Struct used to store different kinds of algorithms.
105 */
106 struct algorithm_t {
107 /**
108 * Value from an encryption_algorithm_t/integrity_algorithm_t/...
109 */
110 u_int16_t algorithm;
111
112 /**
113 * the associated key size in bits, or zero if not needed
114 */
115 u_int16_t key_size;
116 };
117
118 /**
119 * Add algorithm/keysize to a algorithm list
120 */
121 static void add_algo(linked_list_t *list, u_int16_t algo, u_int16_t key_size)
122 {
123 algorithm_t *algo_key;
124
125 algo_key = malloc_thing(algorithm_t);
126 algo_key->algorithm = algo;
127 algo_key->key_size = key_size;
128 list->insert_last(list, (void*)algo_key);
129 }
130
131 /**
132 * Implements proposal_t.add_algorithm
133 */
134 static void add_algorithm(private_proposal_t *this, transform_type_t type,
135 u_int16_t algo, u_int16_t key_size)
136 {
137 switch (type)
138 {
139 case ENCRYPTION_ALGORITHM:
140 add_algo(this->encryption_algos, algo, key_size);
141 break;
142 case INTEGRITY_ALGORITHM:
143 add_algo(this->integrity_algos, algo, key_size);
144 break;
145 case PSEUDO_RANDOM_FUNCTION:
146 add_algo(this->prf_algos, algo, key_size);
147 break;
148 case DIFFIE_HELLMAN_GROUP:
149 add_algo(this->dh_groups, algo, 0);
150 break;
151 case EXTENDED_SEQUENCE_NUMBERS:
152 add_algo(this->esns, algo, 0);
153 break;
154 default:
155 break;
156 }
157 }
158
159 /**
160 * filter function for peer configs
161 */
162 static bool alg_filter(void *null, algorithm_t **in, u_int16_t *alg,
163 void **unused, u_int16_t *key_size)
164 {
165 algorithm_t *algo = *in;
166 *alg = algo->algorithm;
167 if (key_size)
168 {
169 *key_size = algo->key_size;
170 }
171 return TRUE;
172 }
173
174 /**
175 * Implements proposal_t.create_enumerator.
176 */
177 static enumerator_t *create_enumerator(private_proposal_t *this,
178 transform_type_t type)
179 {
180 linked_list_t *list;
181
182 switch (type)
183 {
184 case ENCRYPTION_ALGORITHM:
185 list = this->encryption_algos;
186 break;
187 case INTEGRITY_ALGORITHM:
188 list = this->integrity_algos;
189 break;
190 case PSEUDO_RANDOM_FUNCTION:
191 list = this->prf_algos;
192 break;
193 case DIFFIE_HELLMAN_GROUP:
194 list = this->dh_groups;
195 break;
196 case EXTENDED_SEQUENCE_NUMBERS:
197 list = this->esns;
198 break;
199 default:
200 return NULL;
201 }
202 return enumerator_create_filter(list->create_enumerator(list),
203 (void*)alg_filter, NULL, NULL);
204 }
205
206 /**
207 * Implements proposal_t.get_algorithm.
208 */
209 static bool get_algorithm(private_proposal_t *this, transform_type_t type,
210 u_int16_t *alg, u_int16_t *key_size)
211 {
212 enumerator_t *enumerator;
213 bool found = FALSE;
214
215 enumerator = create_enumerator(this, type);
216 if (enumerator->enumerate(enumerator, alg, key_size))
217 {
218 found = TRUE;
219 }
220 enumerator->destroy(enumerator);
221 return found;
222 }
223
224 /**
225 * Implements proposal_t.has_dh_group
226 */
227 static bool has_dh_group(private_proposal_t *this, diffie_hellman_group_t group)
228 {
229 bool result = FALSE;
230
231 if (this->dh_groups->get_count(this->dh_groups))
232 {
233 algorithm_t *current;
234 enumerator_t *enumerator;
235
236 enumerator = this->dh_groups->create_enumerator(this->dh_groups);
237 while (enumerator->enumerate(enumerator, (void**)&current))
238 {
239 if (current->algorithm == group)
240 {
241 result = TRUE;
242 break;
243 }
244 }
245 enumerator->destroy(enumerator);
246 }
247 else if (group == MODP_NONE)
248 {
249 result = TRUE;
250 }
251 return result;
252 }
253
254 /**
255 * Implementation of proposal_t.strip_dh.
256 */
257 static void strip_dh(private_proposal_t *this)
258 {
259 algorithm_t *alg;
260
261 while (this->dh_groups->remove_last(this->dh_groups, (void**)&alg) == SUCCESS)
262 {
263 free(alg);
264 }
265 }
266
267 /**
268 * Returns true if the given alg is an authenticated encryption algorithm
269 */
270 static bool is_authenticated_encryption(u_int16_t alg)
271 {
272 switch(alg)
273 {
274 case ENCR_AES_CCM_ICV8:
275 case ENCR_AES_CCM_ICV12:
276 case ENCR_AES_CCM_ICV16:
277 case ENCR_AES_GCM_ICV8:
278 case ENCR_AES_GCM_ICV12:
279 case ENCR_AES_GCM_ICV16:
280 return TRUE;
281 }
282 return FALSE;
283 }
284
285 /**
286 * Find a matching alg/keysize in two linked lists
287 */
288 static bool select_algo(linked_list_t *first, linked_list_t *second, bool *add,
289 u_int16_t *alg, size_t *key_size)
290 {
291 enumerator_t *e1, *e2;
292 algorithm_t *alg1, *alg2;
293
294 /* if in both are zero algorithms specified, we HAVE a match */
295 if (first->get_count(first) == 0 && second->get_count(second) == 0)
296 {
297 *add = FALSE;
298 return TRUE;
299 }
300
301 e1 = first->create_enumerator(first);
302 e2 = second->create_enumerator(second);
303 /* compare algs, order of algs in "first" is preferred */
304 while (e1->enumerate(e1, &alg1))
305 {
306 e2->destroy(e2);
307 e2 = second->create_enumerator(second);
308 while (e2->enumerate(e2, &alg2))
309 {
310 if (alg1->algorithm == alg2->algorithm &&
311 alg1->key_size == alg2->key_size)
312 {
313 /* ok, we have an algorithm */
314 *alg = alg1->algorithm;
315 *key_size = alg1->key_size;
316 *add = TRUE;
317 e1->destroy(e1);
318 e2->destroy(e2);
319 return TRUE;
320 }
321 }
322 }
323 /* no match in all comparisons */
324 e1->destroy(e1);
325 e2->destroy(e2);
326 return FALSE;
327 }
328
329 /**
330 * Implements proposal_t.select.
331 */
332 static proposal_t *select_proposal(private_proposal_t *this, private_proposal_t *other)
333 {
334 proposal_t *selected;
335 u_int16_t algo;
336 size_t key_size;
337 bool add;
338
339 DBG2(DBG_CFG, "selecting proposal:");
340
341 /* check protocol */
342 if (this->protocol != other->protocol)
343 {
344 DBG2(DBG_CFG, " protocol mismatch, skipping");
345 return NULL;
346 }
347
348 selected = proposal_create(this->protocol);
349
350 /* select encryption algorithm */
351 if (select_algo(this->encryption_algos, other->encryption_algos, &add, &algo, &key_size))
352 {
353 if (add)
354 {
355 selected->add_algorithm(selected, ENCRYPTION_ALGORITHM, algo, key_size);
356 }
357 }
358 else
359 {
360 enumerator_t *e;
361 algorithm_t *alg;
362
363 selected->destroy(selected);
364 DBG2(DBG_CFG, " no acceptable ENCRYPTION_ALGORITHM found");
365 DBG2(DBG_CFG, " list of received ENCRYPTION_ALGORITHM proposals:");
366 e = other->encryption_algos->create_enumerator(other->encryption_algos);
367 while (e->enumerate(e, &alg))
368 {
369 DBG2(DBG_CFG, " %N-%d", encryption_algorithm_names,
370 alg->algorithm, alg->key_size);
371 }
372 e->destroy(e);
373 return NULL;
374 }
375 /* select integrity algorithm */
376 if (!is_authenticated_encryption(algo))
377 {
378 if (select_algo(this->integrity_algos, other->integrity_algos, &add, &algo, &key_size))
379 {
380 if (add)
381 {
382 selected->add_algorithm(selected, INTEGRITY_ALGORITHM, algo, key_size);
383 }
384 }
385 else
386 {
387 enumerator_t *e;
388 algorithm_t *alg;
389
390 selected->destroy(selected);
391 DBG2(DBG_CFG, " no acceptable INTEGRITY_ALGORITHM found");
392 DBG2(DBG_CFG, " list of received INTEGRITY_ALGORITHM proposals:");
393 e = other->integrity_algos->create_enumerator(other->integrity_algos);
394 while (e->enumerate(e, &alg))
395 {
396 DBG2(DBG_CFG, " %N", integrity_algorithm_names, alg->algorithm);
397 }
398 e->destroy(e);
399 return NULL;
400 }
401 }
402 /* select prf algorithm */
403 if (select_algo(this->prf_algos, other->prf_algos, &add, &algo, &key_size))
404 {
405 if (add)
406 {
407 selected->add_algorithm(selected, PSEUDO_RANDOM_FUNCTION, algo, key_size);
408 }
409 }
410 else
411 {
412 enumerator_t *e;
413 algorithm_t *alg;
414
415 selected->destroy(selected);
416 DBG2(DBG_CFG, " no acceptable PSEUDO_RANDOM_FUNCTION found");
417 DBG2(DBG_CFG, " list of received PSEUDO_RANDOM_FUNCTION proposals:");
418 e = other->prf_algos->create_enumerator(other->prf_algos);
419 while (e->enumerate(e, &alg))
420 {
421 DBG2(DBG_CFG, " %N", pseudo_random_function_names, alg->algorithm);
422 }
423 e->destroy(e);
424 return NULL;
425 }
426 /* select a DH-group */
427 if (select_algo(this->dh_groups, other->dh_groups, &add, &algo, &key_size))
428 {
429 if (add)
430 {
431 selected->add_algorithm(selected, DIFFIE_HELLMAN_GROUP, algo, 0);
432 }
433 }
434 else
435 {
436 enumerator_t *e;
437 algorithm_t *alg;
438
439 selected->destroy(selected);
440 DBG2(DBG_CFG, " no acceptable DIFFIE_HELLMAN_GROUP found");
441 DBG2(DBG_CFG, " list of received DIFFIE_HELLMAN_GROUP proposals:");
442 e = other->dh_groups->create_enumerator(other->dh_groups);
443 while (e->enumerate(e, &alg))
444 {
445 DBG2(DBG_CFG, " %N", diffie_hellman_group_names, alg->algorithm);
446 }
447 e->destroy(e);
448 return NULL;
449 }
450 /* select if we use ESNs */
451 if (select_algo(this->esns, other->esns, &add, &algo, &key_size))
452 {
453 if (add)
454 {
455 selected->add_algorithm(selected, EXTENDED_SEQUENCE_NUMBERS, algo, 0);
456 }
457 }
458 else
459 {
460 selected->destroy(selected);
461 DBG2(DBG_CFG, " no acceptable EXTENDED_SEQUENCE_NUMBERS found");
462 return NULL;
463 }
464 DBG2(DBG_CFG, " proposal matches");
465
466 /* apply SPI from "other" */
467 selected->set_spi(selected, other->spi);
468
469 /* everything matched, return new proposal */
470 return selected;
471 }
472
473 /**
474 * Implements proposal_t.get_protocols.
475 */
476 static protocol_id_t get_protocol(private_proposal_t *this)
477 {
478 return this->protocol;
479 }
480
481 /**
482 * Implements proposal_t.set_spi.
483 */
484 static void set_spi(private_proposal_t *this, u_int64_t spi)
485 {
486 this->spi = spi;
487 }
488
489 /**
490 * Implements proposal_t.get_spi.
491 */
492 static u_int64_t get_spi(private_proposal_t *this)
493 {
494 return this->spi;
495 }
496
497 /**
498 * Clone a algorithm list
499 */
500 static void clone_algo_list(linked_list_t *list, linked_list_t *clone_list)
501 {
502 algorithm_t *algo, *clone_algo;
503 enumerator_t *enumerator;
504
505 enumerator = list->create_enumerator(list);
506 while (enumerator->enumerate(enumerator, &algo))
507 {
508 clone_algo = malloc_thing(algorithm_t);
509 memcpy(clone_algo, algo, sizeof(algorithm_t));
510 clone_list->insert_last(clone_list, (void*)clone_algo);
511 }
512 enumerator->destroy(enumerator);
513 }
514
515 /**
516 * check if an algorithm list equals
517 */
518 static bool algo_list_equals(linked_list_t *l1, linked_list_t *l2)
519 {
520 enumerator_t *e1, *e2;
521 algorithm_t *alg1, *alg2;
522 bool equals = TRUE;
523
524 if (l1->get_count(l1) != l2->get_count(l2))
525 {
526 return FALSE;
527 }
528
529 e1 = l1->create_enumerator(l1);
530 e2 = l2->create_enumerator(l2);
531 while (e1->enumerate(e1, &alg1) && e2->enumerate(e2, &alg2))
532 {
533 if (alg1->algorithm != alg2->algorithm ||
534 alg1->key_size != alg2->key_size)
535 {
536 equals = FALSE;
537 break;
538 }
539 }
540 e1->destroy(e1);
541 e2->destroy(e2);
542 return equals;
543 }
544
545 /**
546 * Implementation of proposal_t.equals.
547 */
548 static bool equals(private_proposal_t *this, private_proposal_t *other)
549 {
550 if (this == other)
551 {
552 return TRUE;
553 }
554 if (this->public.equals != other->public.equals)
555 {
556 return FALSE;
557 }
558 return (
559 algo_list_equals(this->encryption_algos, other->encryption_algos) &&
560 algo_list_equals(this->integrity_algos, other->integrity_algos) &&
561 algo_list_equals(this->prf_algos, other->prf_algos) &&
562 algo_list_equals(this->dh_groups, other->dh_groups) &&
563 algo_list_equals(this->esns, other->esns));
564 }
565
566 /**
567 * Implements proposal_t.clone
568 */
569 static proposal_t *clone_(private_proposal_t *this)
570 {
571 private_proposal_t *clone = (private_proposal_t*)proposal_create(this->protocol);
572
573 clone_algo_list(this->encryption_algos, clone->encryption_algos);
574 clone_algo_list(this->integrity_algos, clone->integrity_algos);
575 clone_algo_list(this->prf_algos, clone->prf_algos);
576 clone_algo_list(this->dh_groups, clone->dh_groups);
577 clone_algo_list(this->esns, clone->esns);
578
579 clone->spi = this->spi;
580
581 return &clone->public;
582 }
583
584 /**
585 * Checks the proposal read from a string.
586 */
587 static void check_proposal(private_proposal_t *this)
588 {
589 enumerator_t *e;
590 algorithm_t *alg;
591 bool all_aead = TRUE;
592
593 e = this->encryption_algos->create_enumerator(this->encryption_algos);
594 while (e->enumerate(e, &alg))
595 {
596 if (!is_authenticated_encryption(alg->algorithm))
597 {
598 all_aead = FALSE;
599 break;
600 }
601 }
602 e->destroy(e);
603
604 if (all_aead)
605 {
606 /* if all encryption algorithms in the proposal are authenticated encryption
607 * algorithms we MUST NOT propose any integrity algorithms */
608 while (this->integrity_algos->remove_last(this->integrity_algos, (void**)&alg) == SUCCESS)
609 {
610 free(alg);
611 }
612 }
613 }
614
615 /**
616 * add a algorithm identified by a string to the proposal.
617 * TODO: we could use gperf here.
618 */
619 static status_t add_string_algo(private_proposal_t *this, chunk_t alg)
620 {
621 if (strncmp(alg.ptr, "null", alg.len) == 0)
622 {
623 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_NULL, 0);
624 }
625 else if (strncmp(alg.ptr, "aes128", alg.len) == 0)
626 {
627 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128);
628 }
629 else if (strncmp(alg.ptr, "aes192", alg.len) == 0)
630 {
631 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192);
632 }
633 else if (strncmp(alg.ptr, "aes256", alg.len) == 0)
634 {
635 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256);
636 }
637 else if (strstr(alg.ptr, "ccm"))
638 {
639 u_int16_t key_size, icv_size;
640
641 if (sscanf(alg.ptr, "aes%huccm%hu", &key_size, &icv_size) == 2)
642 {
643 if (key_size == 128 || key_size == 192 || key_size == 256)
644 {
645 switch (icv_size)
646 {
647 case 8: /* octets */
648 case 64: /* bits */
649 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, key_size);
650 break;
651 case 12: /* octets */
652 case 96: /* bits */
653 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, key_size);
654 break;
655 case 16: /* octets */
656 case 128: /* bits */
657 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, key_size);
658 break;
659 default:
660 /* invalid ICV size */
661 break;
662 }
663 }
664 }
665 }
666 else if (strstr(alg.ptr, "gcm"))
667 {
668 u_int16_t key_size, icv_size;
669
670 if (sscanf(alg.ptr, "aes%hugcm%hu", &key_size, &icv_size) == 2)
671 {
672 if (key_size == 128 || key_size == 192 || key_size == 256)
673 {
674 switch (icv_size)
675 {
676 case 8: /* octets */
677 case 64: /* bits */
678 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, key_size);
679 break;
680 case 12: /* octets */
681 case 96: /* bits */
682 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, key_size);
683 break;
684 case 16: /* octets */
685 case 128: /* bits */
686 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, key_size);
687 break;
688 default:
689 /* invalid ICV size */
690 break;
691 }
692 }
693 }
694 }
695 else if (strncmp(alg.ptr, "3des", alg.len) == 0)
696 {
697 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_3DES, 0);
698 }
699 /* blowfish only uses some predefined key sizes yet */
700 else if (strncmp(alg.ptr, "blowfish128", alg.len) == 0)
701 {
702 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128);
703 }
704 else if (strncmp(alg.ptr, "blowfish192", alg.len) == 0)
705 {
706 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192);
707 }
708 else if (strncmp(alg.ptr, "blowfish256", alg.len) == 0)
709 {
710 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256);
711 }
712 else if (strncmp(alg.ptr, "sha", alg.len) == 0 ||
713 strncmp(alg.ptr, "sha1", alg.len) == 0)
714 {
715 /* sha means we use SHA for both, PRF and AUTH */
716 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
717 if (this->protocol == PROTO_IKE)
718 {
719 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0);
720 }
721 }
722 else if (strncmp(alg.ptr, "sha256", alg.len) == 0 ||
723 strncmp(alg.ptr, "sha2_256", alg.len) == 0)
724 {
725 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0);
726 if (this->protocol == PROTO_IKE)
727 {
728 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0);
729 }
730 }
731 else if (strncmp(alg.ptr, "sha384", alg.len) == 0 ||
732 strncmp(alg.ptr, "sha2_384", alg.len) == 0)
733 {
734 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0);
735 if (this->protocol == PROTO_IKE)
736 {
737 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0);
738 }
739 }
740 else if (strncmp(alg.ptr, "sha512", alg.len) == 0 ||
741 strncmp(alg.ptr, "sha2_512", alg.len) == 0)
742 {
743 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0);
744 if (this->protocol == PROTO_IKE)
745 {
746 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0);
747 }
748 }
749 else if (strncmp(alg.ptr, "md5", alg.len) == 0)
750 {
751 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0);
752 if (this->protocol == PROTO_IKE)
753 {
754 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0);
755 }
756 }
757 else if (strncmp(alg.ptr, "aesxcbc", alg.len) == 0)
758 {
759 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0);
760 if (this->protocol == PROTO_IKE)
761 {
762 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0);
763 }
764 }
765 else if (strncmp(alg.ptr, "modp768", alg.len) == 0)
766 {
767 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0);
768 }
769 else if (strncmp(alg.ptr, "modp1024", alg.len) == 0)
770 {
771 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0);
772 }
773 else if (strncmp(alg.ptr, "modp1536", alg.len) == 0)
774 {
775 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0);
776 }
777 else if (strncmp(alg.ptr, "modp2048", alg.len) == 0)
778 {
779 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0);
780 }
781 else if (strncmp(alg.ptr, "modp4096", alg.len) == 0)
782 {
783 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0);
784 }
785 else if (strncmp(alg.ptr, "modp8192", alg.len) == 0)
786 {
787 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0);
788 }
789 else if (strncmp(alg.ptr, "ecp192", alg.len) == 0)
790 {
791 add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0);
792 }
793 else if (strncmp(alg.ptr, "ecp224", alg.len) == 0)
794 {
795 add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0);
796 }
797 else if (strncmp(alg.ptr, "ecp256", alg.len) == 0)
798 {
799 add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0);
800 }
801 else if (strncmp(alg.ptr, "ecp384", alg.len) == 0)
802 {
803 add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0);
804 }
805 else if (strncmp(alg.ptr, "ecp521", alg.len) == 0)
806 {
807 add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0);
808 }
809 else
810 {
811 return FAILED;
812 }
813 return SUCCESS;
814 }
815
816 /**
817 * Implements proposal_t.destroy.
818 */
819 static void destroy(private_proposal_t *this)
820 {
821 this->encryption_algos->destroy_function(this->encryption_algos, free);
822 this->integrity_algos->destroy_function(this->integrity_algos, free);
823 this->prf_algos->destroy_function(this->prf_algos, free);
824 this->dh_groups->destroy_function(this->dh_groups, free);
825 this->esns->destroy_function(this->esns, free);
826 free(this);
827 }
828
829 /*
830 * Describtion in header-file
831 */
832 proposal_t *proposal_create(protocol_id_t protocol)
833 {
834 private_proposal_t *this = malloc_thing(private_proposal_t);
835
836 this->public.add_algorithm = (void (*)(proposal_t*,transform_type_t,u_int16_t,u_int16_t))add_algorithm;
837 this->public.create_enumerator = (enumerator_t* (*)(proposal_t*,transform_type_t))create_enumerator;
838 this->public.get_algorithm = (bool (*)(proposal_t*,transform_type_t,u_int16_t*,u_int16_t*))get_algorithm;
839 this->public.has_dh_group = (bool (*)(proposal_t*,diffie_hellman_group_t))has_dh_group;
840 this->public.strip_dh = (void(*)(proposal_t*))strip_dh;
841 this->public.select = (proposal_t* (*)(proposal_t*,proposal_t*))select_proposal;
842 this->public.get_protocol = (protocol_id_t(*)(proposal_t*))get_protocol;
843 this->public.set_spi = (void(*)(proposal_t*,u_int64_t))set_spi;
844 this->public.get_spi = (u_int64_t(*)(proposal_t*))get_spi;
845 this->public.equals = (bool(*)(proposal_t*, proposal_t *other))equals;
846 this->public.clone = (proposal_t*(*)(proposal_t*))clone_;
847 this->public.destroy = (void(*)(proposal_t*))destroy;
848
849 this->spi = 0;
850 this->protocol = protocol;
851
852 this->encryption_algos = linked_list_create();
853 this->integrity_algos = linked_list_create();
854 this->prf_algos = linked_list_create();
855 this->dh_groups = linked_list_create();
856 this->esns = linked_list_create();
857
858 return &this->public;
859 }
860
861 /*
862 * Describtion in header-file
863 */
864 proposal_t *proposal_create_default(protocol_id_t protocol)
865 {
866 private_proposal_t *this = (private_proposal_t*)proposal_create(protocol);
867
868 switch (protocol)
869 {
870 case PROTO_IKE:
871 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128);
872 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192);
873 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256);
874 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_3DES, 0);
875 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0);
876 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0);
877 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
878 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0);
879 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0);
880 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0);
881 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0);
882 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0);
883 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0);
884 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0);
885 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0);
886 add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0);
887 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0);
888 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0);
889 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0);
890 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0);
891 add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0);
892 break;
893 case PROTO_ESP:
894 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128);
895 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192);
896 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256);
897 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_3DES, 0);
898 add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256);
899 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
900 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0);
901 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0);
902 add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
903 break;
904 case PROTO_AH:
905 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0);
906 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0);
907 add_algorithm(this, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0);
908 add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
909 break;
910 default:
911 break;
912 }
913
914 return &this->public;
915 }
916
917 /*
918 * Describtion in header-file
919 */
920 proposal_t *proposal_create_from_string(protocol_id_t protocol, const char *algs)
921 {
922 private_proposal_t *this = (private_proposal_t*)proposal_create(protocol);
923 chunk_t string = {(void*)algs, strlen(algs)};
924 chunk_t alg;
925 status_t status = SUCCESS;
926
927 eat_whitespace(&string);
928 if (string.len < 1)
929 {
930 destroy(this);
931 return NULL;
932 }
933
934 /* get all tokens, separated by '-' */
935 while (extract_token(&alg, '-', &string))
936 {
937 status |= add_string_algo(this, alg);
938 }
939 if (string.len)
940 {
941 status |= add_string_algo(this, string);
942 }
943 if (status != SUCCESS)
944 {
945 destroy(this);
946 return NULL;
947 }
948
949 check_proposal(this);
950
951 if (protocol == PROTO_AH || protocol == PROTO_ESP)
952 {
953 add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0);
954 }
955 return &this->public;
956 }