added the ECP groups from RFC 5114
authorTobias Brunner <tobias@strongswan.org>
Thu, 22 May 2008 11:55:05 +0000 (11:55 -0000)
committerTobias Brunner <tobias@strongswan.org>
Thu, 22 May 2008 11:55:05 +0000 (11:55 -0000)
src/charon/config/proposal.c
src/libstrongswan/crypto/diffie_hellman.c
src/libstrongswan/crypto/diffie_hellman.h
src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
src/libstrongswan/plugins/openssl/openssl_plugin.c

index 45d0108..e0da8ce 100644 (file)
@@ -766,6 +766,14 @@ static status_t add_string_algo(private_proposal_t *this, chunk_t alg)
        {
                add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0);
        }
+       else if (strncmp(alg.ptr, "ecp192", alg.len) == 0)
+       {
+               add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0);
+       }
+       else if (strncmp(alg.ptr, "ecp224", alg.len) == 0)
+       {
+               add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0);
+       }
        else if (strncmp(alg.ptr, "ecp256", alg.len) == 0)
        {
                add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0);
index a915074..feb0029 100644 (file)
@@ -33,5 +33,8 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, ECP_521_BIT, MODP_1536_BIT,
        "ECP_256_BIT",
        "ECP_384_BIT",
        "ECP_521_BIT");
-ENUM_END(diffie_hellman_group_names, ECP_521_BIT);
+ENUM_NEXT(diffie_hellman_group_names, ECP_192_BIT, ECP_224_BIT, ECP_521_BIT,
+       "ECP_192_BIT",
+       "ECP_224_BIT");
+ENUM_END(diffie_hellman_group_names, ECP_224_BIT);
 
index 53d89c3..b94c679 100644 (file)
@@ -35,7 +35,7 @@ typedef struct diffie_hellman_t diffie_hellman_t;
  * The modulus (or group) to use for a Diffie-Hellman calculation.
  * See IKEv2 RFC 3.3.2 and RFC 3526.
  * 
- * ECP groups are defined in RFC 4753.
+ * ECP groups are defined in RFC 4753 and RFC 5114.
  */
 enum diffie_hellman_group_t {
        MODP_NONE = 0,
@@ -50,6 +50,8 @@ enum diffie_hellman_group_t {
        ECP_256_BIT = 19,
        ECP_384_BIT = 20,
        ECP_521_BIT = 21,
+       ECP_192_BIT = 25,
+       ECP_224_BIT = 26,
        
 };
 
index 0aeaf6b..46371d2 100644 (file)
@@ -314,6 +314,12 @@ openssl_ec_diffie_hellman_t *openssl_ec_diffie_hellman_create(diffie_hellman_gro
        
        switch (group)
        {
+               case ECP_192_BIT:
+                       this->key = EC_KEY_new_by_curve_name(NID_X9_62_prime192v1);
+                       break;
+               case ECP_224_BIT:
+                       this->key = EC_KEY_new_by_curve_name(NID_secp224r1);
+                       break;
                case ECP_256_BIT:
                        this->key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
                        break;
index 7e57c7a..697a2c9 100644 (file)
@@ -125,6 +125,10 @@ plugin_t *plugin_create()
                                                (dh_constructor_t)openssl_diffie_hellman_create);
        
        /* ec diffie hellman */
+       lib->crypto->add_dh(lib->crypto, ECP_192_BIT,
+                                               (dh_constructor_t)openssl_ec_diffie_hellman_create);
+       lib->crypto->add_dh(lib->crypto, ECP_224_BIT,
+                                               (dh_constructor_t)openssl_ec_diffie_hellman_create);
        lib->crypto->add_dh(lib->crypto, ECP_256_BIT,
                                                (dh_constructor_t)openssl_ec_diffie_hellman_create);
        lib->crypto->add_dh(lib->crypto, ECP_384_BIT,