4e946b8ba8665b51435e064456ca7260565310bc
[strongswan.git] / src / libpts / pts / pts_dh_group.c
1 /*
2 * Copyright (C) 2011 Sansar Choinyambuu
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "pts_dh_group.h"
17
18 #include <debug.h>
19
20 /**
21 * Described in header.
22 */
23 bool pts_probe_dh_groups(pts_dh_group_t *groups)
24 {
25 enumerator_t *enumerator;
26 diffie_hellman_group_t dh_group;
27 const char *plugin_name;
28 char format1[] = " %s PTS Diffie Hellman Group %N[%s] available";
29 char format2[] = " %s PTS Diffie Hellman Group %N[%s] not available";
30
31 *groups = 0;
32
33 enumerator = lib->crypto->create_dh_enumerator(lib->crypto);
34 while (enumerator->enumerate(enumerator, &dh_group, &plugin_name))
35 {
36 DBG2(DBG_PTS, format1, "Following ", diffie_hellman_group_names, dh_group,
37 plugin_name);
38
39 if (dh_group == MODP_1024_BIT)
40 {
41 *groups |= PTS_DH_GROUP_IKE2;
42 DBG2(DBG_PTS, format1, "optional", diffie_hellman_group_names, dh_group,
43 plugin_name);
44 }
45 else if (dh_group == MODP_1536_BIT)
46 {
47 *groups |= PTS_DH_GROUP_IKE5;
48 DBG2(DBG_PTS, format1, "optional", diffie_hellman_group_names, dh_group,
49 plugin_name);
50 }
51 else if (dh_group == MODP_2048_BIT)
52 {
53 *groups |= PTS_DH_GROUP_IKE14;
54 DBG2(DBG_PTS, format1, "optional", diffie_hellman_group_names, dh_group,
55 plugin_name);
56 }
57 else if (dh_group == ECP_256_BIT)
58 {
59 *groups |= PTS_DH_GROUP_IKE19;
60 DBG2(DBG_PTS, format1, "mandatory", diffie_hellman_group_names, dh_group,
61 plugin_name);
62 }
63 else if (dh_group == ECP_384_BIT)
64 {
65 *groups |= PTS_DH_GROUP_IKE20;
66 DBG2(DBG_PTS, format1, "optional", diffie_hellman_group_names, dh_group,
67 plugin_name);
68 }
69 }
70 enumerator->destroy(enumerator);
71
72 if (*groups & PTS_DH_GROUP_IKE19)
73 {
74 return TRUE;
75 }
76 else
77 {
78 DBG1(DBG_PTS, format2, "mandatory", diffie_hellman_group_names, ECP_256_BIT, plugin_name);
79 }
80
81 /* TODO: return FALSE : Elliptic Curves are not available */
82 return TRUE;
83
84 }
85
86 /**
87 * Described in header.
88 */
89 bool pts_update_supported_dh_groups(char *dh_group, pts_dh_group_t *groups)
90 {
91 if (strcaseeq(dh_group, "ike20"))
92 {
93 /* nothing to update, all groups are supported */
94 return TRUE;
95 }
96 else if (strcaseeq(dh_group, "ike19"))
97 {
98 /* remove DH Group 20 */
99 *groups = ~PTS_DH_GROUP_IKE20;
100 return TRUE;
101 }
102 else if (strcaseeq(dh_group, "ike14"))
103 {
104 /* remove DH Group 19 and 20 */
105 *groups = ~PTS_DH_GROUP_IKE20 | ~PTS_DH_GROUP_IKE19;
106 return TRUE;
107 }
108 else if (strcaseeq(dh_group, "ike5"))
109 {
110 /* remove DH Group 14, 19 and 20 */
111 *groups = ~PTS_DH_GROUP_IKE20 | ~PTS_DH_GROUP_IKE19
112 | ~PTS_DH_GROUP_IKE14;
113 return TRUE;
114 }
115 else if (strcaseeq(dh_group, "ike2"))
116 {
117 /* remove DH Group 5, 14, 19 and 20 */
118 *groups = ~PTS_DH_GROUP_IKE20 | ~PTS_DH_GROUP_IKE19 |
119 ~PTS_DH_GROUP_IKE14 | ~PTS_DH_GROUP_IKE5;
120 return TRUE;
121 }
122
123 DBG1(DBG_PTS, "Unknown DH Group: %s configured");
124 return FALSE;
125 }
126
127 /**
128 * Described in header.
129 */
130 diffie_hellman_group_t pts_dh_group_to_strongswan_dh_group(pts_dh_group_t dh_group)
131 {
132 switch (dh_group)
133 {
134 case PTS_DH_GROUP_IKE2:
135 return MODP_1024_BIT;
136 case PTS_DH_GROUP_IKE5:
137 return MODP_1536_BIT;
138 case PTS_DH_GROUP_IKE14:
139 return MODP_2048_BIT;
140 case PTS_DH_GROUP_IKE19:
141 return ECP_256_BIT;
142 case PTS_DH_GROUP_IKE20:
143 return ECP_384_BIT;
144 default:
145 return MODP_NONE;
146 }
147 }