auth-cfg: Make IKE signature schemes configurable
authorTobias Brunner <tobias@strongswan.org>
Mon, 1 Feb 2016 17:16:16 +0000 (18:16 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 4 Mar 2016 15:19:54 +0000 (16:19 +0100)
This also restores the charon.signature_authentication_constraints
functionality, that is, if no explicit IKE signature schemes are
configured we apply all regular signature constraints as IKE constraints.

man/ipsec.conf.5.in
src/libcharon/plugins/stroke/stroke_config.c
src/libcharon/plugins/vici/vici_config.c
src/libstrongswan/credentials/auth_cfg.c
src/libstrongswan/credentials/auth_cfg.h
src/libstrongswan/tests/Makefile.am
src/libstrongswan/tests/suites/test_auth_cfg.c [new file with mode: 0644]
src/libstrongswan/tests/tests.h

index 61804c8..f070eaa 100644 (file)
@@ -587,18 +587,23 @@ or a key strength definition (for example
 or
 .BR rsa-2048-ecdsa-256-sha256-sha384-sha512 ).
 Unless disabled in
-.BR strongswan.conf (5)
-such key types and hash algorithms are also applied as constraints against IKEv2
+.BR strongswan.conf (5),
+or explicit IKEv2 signature constraints are configured (see below), such key
+types and hash algorithms are also applied as constraints against IKEv2
 signature authentication schemes used by the remote side.
 
 If both peers support RFC 7427 ("Signature Authentication in IKEv2") specific
 hash algorithms to be used during IKEv2 authentication may be configured.
-The syntax is the same as above. For example, with
-.B pubkey-sha384-sha256
+The syntax is the same as above, but with ike: prefix. For example, with
+.B ike:pubkey-sha384-sha256
 a public key signature scheme with either SHA-384 or SHA-256 would get used for
 authentication, in that order and depending on the hash algorithms supported by
 the peer.  If no specific hash algorithms are configured, the default is to
 prefer an algorithm that matches or exceeds the strength of the signature key.
+If no constraints with ike: prefix are configured any signature scheme
+constraint (without ike: prefix) will also apply to IKEv2 authentication, unless
+this is disabled in
+.BR strongswan.conf (5).
 
 For
 .BR eap ,
index 134abb9..d0eb2aa 100644 (file)
@@ -506,14 +506,15 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this,
        }
 
        /* authentication metod (class, actually) */
-       if (strpfx(auth, "pubkey") ||
+       if (strpfx(auth, "ike:") ||
+               strpfx(auth, "pubkey") ||
                strpfx(auth, "rsa") ||
                strpfx(auth, "ecdsa") ||
                strpfx(auth, "bliss"))
        {
                cfg->add(cfg, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
                build_crl_policy(cfg, local, msg->add_conn.crl_policy);
-               cfg->add_pubkey_constraints(cfg, auth);
+               cfg->add_pubkey_constraints(cfg, auth, TRUE);
        }
        else if (streq(auth, "psk") || streq(auth, "secret"))
        {
@@ -546,7 +547,7 @@ static auth_cfg_t *build_auth_cfg(private_stroke_config_t *this,
                if (pos)
                {
                        *pos = 0;
-                       cfg->add_pubkey_constraints(cfg, pos + 1);
+                       cfg->add_pubkey_constraints(cfg, pos + 1, FALSE);
                }
                type = eap_vendor_type_from_string(auth);
                if (type)
index 6cbe501..7711fa0 100644 (file)
@@ -955,13 +955,14 @@ CALLBACK(parse_auth, bool,
        {
                return FALSE;
        }
-       if (strpfx(buf, "pubkey") ||
+       if (strpfx(buf, "ike:") ||
+               strpfx(buf, "pubkey") ||
                strpfx(buf, "rsa") ||
                strpfx(buf, "ecdsa") ||
                strpfx(buf, "bliss"))
        {
                cfg->add(cfg, AUTH_RULE_AUTH_CLASS, AUTH_CLASS_PUBKEY);
-               cfg->add_pubkey_constraints(cfg, buf);
+               cfg->add_pubkey_constraints(cfg, buf, TRUE);
                return TRUE;
        }
        if (strcaseeq(buf, "psk"))
index 2f18cb6..5466a2e 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2008-2015 Tobias Brunner
+ * Copyright (C) 2008-2016 Tobias Brunner
  * Copyright (C) 2007-2009 Martin Willi
  * Hochschule fuer Technik Rapperswil
  *
@@ -518,13 +518,16 @@ static void add(private_auth_cfg_t *this, auth_rule_t type, ...)
 }
 
 METHOD(auth_cfg_t, add_pubkey_constraints, void,
-       private_auth_cfg_t *this, char* constraints)
+       private_auth_cfg_t *this, char* constraints, bool ike)
 {
        enumerator_t *enumerator;
-       bool rsa = FALSE, ecdsa = FALSE, bliss = FALSE,
-                rsa_len = FALSE, ecdsa_len = FALSE, bliss_strength = FALSE;
+       bool is_ike = FALSE, ike_added = FALSE;
+       key_type_t expected_type = -1;
+       auth_rule_t expected_strength = AUTH_RULE_MAX;
        int strength;
        char *token;
+       auth_rule_t type;
+       void *value;
 
        enumerator = enumerator_create_token(constraints, "-", "");
        while (enumerator->enumerate(enumerator, &token))
@@ -554,46 +557,47 @@ METHOD(auth_cfg_t, add_pubkey_constraints, void,
                        { "sha512",             SIGN_BLISS_WITH_SHA2_512,               KEY_BLISS,      },
                };
 
-               if (rsa_len || ecdsa_len || bliss_strength)
+               if (expected_strength != AUTH_RULE_MAX)
                {       /* expecting a key strength token */
                        strength = atoi(token);
                        if (strength)
                        {
-                               if (rsa_len)
-                               {
-                                       add(this, AUTH_RULE_RSA_STRENGTH, (uintptr_t)strength);
-                               }
-                               else if (ecdsa_len)
-                               {
-                                       add(this, AUTH_RULE_ECDSA_STRENGTH, (uintptr_t)strength);
-                               }
-                               else if (bliss_strength)
-                               {
-                                       add(this, AUTH_RULE_BLISS_STRENGTH, (uintptr_t)strength);
-                               }
+                               add(this, expected_strength, (uintptr_t)strength);
                        }
-                       rsa_len = ecdsa_len = bliss_strength = FALSE;
+                       expected_strength = AUTH_RULE_MAX;
                        if (strength)
                        {
                                continue;
                        }
                }
-               if (streq(token, "rsa"))
+               if (streq(token, "rsa") || streq(token, "ike:rsa"))
+               {
+                       expected_type = KEY_RSA;
+                       expected_strength = AUTH_RULE_RSA_STRENGTH;
+                       is_ike = strpfx(token, "ike:");
+                       continue;
+               }
+               if (streq(token, "ecdsa") || streq(token, "ike:ecdsa"))
                {
-                       rsa = rsa_len = TRUE;
+                       expected_type = KEY_ECDSA;
+                       expected_strength = AUTH_RULE_ECDSA_STRENGTH;
+                       is_ike = strpfx(token, "ike:");
                        continue;
                }
-               if (streq(token, "ecdsa"))
+               if (streq(token, "bliss") || streq(token, "ike:bliss"))
                {
-                       ecdsa = ecdsa_len = TRUE;
+                       expected_type = KEY_BLISS;
+                       expected_strength = AUTH_RULE_BLISS_STRENGTH;
+                       is_ike = strpfx(token, "ike:");
                        continue;
                }
-               if (streq(token, "bliss"))
+               if (streq(token, "pubkey") || streq(token, "ike:pubkey"))
                {
-                       bliss = bliss_strength = TRUE;
+                       expected_type = KEY_ANY;
+                       is_ike = strpfx(token, "ike:");
                        continue;
                }
-               if (streq(token, "pubkey"))
+               if (is_ike && !ike)
                {
                        continue;
                }
@@ -602,18 +606,19 @@ METHOD(auth_cfg_t, add_pubkey_constraints, void,
                {
                        if (streq(schemes[i].name, token))
                        {
-                               /* for each matching string, allow the scheme, if:
-                                * - it is an RSA scheme, and we enforced RSA
-                                * - it is an ECDSA scheme, and we enforced ECDSA
-                                * - it is not a key type specific scheme
-                                */
-                               if ((rsa && schemes[i].key == KEY_RSA) ||
-                                       (ecdsa && schemes[i].key == KEY_ECDSA) ||
-                                       (bliss && schemes[i].key == KEY_BLISS) ||
-                                       (!rsa && !ecdsa && !bliss))
+                               if (expected_type == KEY_ANY || expected_type == schemes[i].key)
                                {
-                                       add(this, AUTH_RULE_SIGNATURE_SCHEME,
-                                          (uintptr_t)schemes[i].scheme);
+                                       if (is_ike)
+                                       {
+                                               add(this, AUTH_RULE_IKE_SIGNATURE_SCHEME,
+                                                       (uintptr_t)schemes[i].scheme);
+                                               ike_added = TRUE;
+                                       }
+                                       else
+                                       {
+                                               add(this, AUTH_RULE_SIGNATURE_SCHEME,
+                                                  (uintptr_t)schemes[i].scheme);
+                                       }
                                }
                                found = TRUE;
                        }
@@ -624,6 +629,25 @@ METHOD(auth_cfg_t, add_pubkey_constraints, void,
                }
        }
        enumerator->destroy(enumerator);
+
+       /* if no explicit IKE signature contraints were added we add them for all
+        * configured signature contraints */
+       if (ike && !ike_added &&
+               lib->settings->get_bool(lib->settings,
+                                                       "%s.signature_authentication_constraints", TRUE,
+                                                       lib->ns))
+       {
+               enumerator = create_enumerator(this);
+               while (enumerator->enumerate(enumerator, &type, &value))
+               {
+                       if (type == AUTH_RULE_SIGNATURE_SCHEME)
+                       {
+                               add(this, AUTH_RULE_IKE_SIGNATURE_SCHEME,
+                                       (uintptr_t)value);
+                       }
+               }
+               enumerator->destroy(enumerator);
+       }
 }
 
 /**
index f00e64f..75bc7e9 100644 (file)
@@ -187,8 +187,10 @@ struct auth_cfg_t {
         * Add public key and signature scheme constraints to the set.
         *
         * @param constraints   constraints string (e.g. "rsa-sha384")
+        * @param ike                   whether to add/parse constraints for IKE signatures
         */
-       void (*add_pubkey_constraints)(auth_cfg_t *this, char *constraints);
+       void (*add_pubkey_constraints)(auth_cfg_t *this, char *constraints,
+                                                                  bool ike);
 
        /**
         * Get a rule value.
index d86584a..b2d4560 100644 (file)
@@ -44,6 +44,7 @@ tests_SOURCES = tests.h tests.c \
   suites/test_certpolicy.c \
   suites/test_certnames.c \
   suites/test_host.c \
+  suites/test_auth_cfg.c \
   suites/test_hasher.c \
   suites/test_crypter.c \
   suites/test_crypto_factory.c \
diff --git a/src/libstrongswan/tests/suites/test_auth_cfg.c b/src/libstrongswan/tests/suites/test_auth_cfg.c
new file mode 100644 (file)
index 0000000..e046725
--- /dev/null
@@ -0,0 +1,122 @@
+/*
+ * Copyright (C) 2016 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "test_suite.h"
+
+#include <credentials/auth_cfg.h>
+
+struct {
+       char *constraints;
+       signature_scheme_t sig[5];
+       signature_scheme_t ike[5];
+} sig_constraints_tests[] = {
+       { "rsa-sha256", { SIGN_RSA_EMSA_PKCS1_SHA256, 0 }, {0}},
+       { "rsa-sha256-sha512", { SIGN_RSA_EMSA_PKCS1_SHA256, SIGN_RSA_EMSA_PKCS1_SHA512, 0 }, {0}},
+       { "ecdsa-sha256", { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, {0}},
+       { "rsa-sha256-ecdsa-sha256", { SIGN_RSA_EMSA_PKCS1_SHA256, SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, {0}},
+       { "pubkey-sha256", { SIGN_RSA_EMSA_PKCS1_SHA256, SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, SIGN_BLISS_WITH_SHA2_256, 0 }, {0}},
+       { "ike:rsa-sha256", {0}, { SIGN_RSA_EMSA_PKCS1_SHA256, 0 }},
+       { "ike:rsa-sha256-rsa-sha256", { SIGN_RSA_EMSA_PKCS1_SHA256, 0 }, { SIGN_RSA_EMSA_PKCS1_SHA256, 0 }},
+       { "rsa-sha256-ike:rsa-sha256", { SIGN_RSA_EMSA_PKCS1_SHA256, 0 }, { SIGN_RSA_EMSA_PKCS1_SHA256, 0 }},
+       { "ike:pubkey-sha256", {0}, { SIGN_RSA_EMSA_PKCS1_SHA256, SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, SIGN_BLISS_WITH_SHA2_256, 0 }},
+       { "rsa-ecdsa-sha256", { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, {0}},
+       { "rsa-4096-ecdsa-sha256", { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, {0}},
+       { "rsa-4096-ecdsa-256-sha256", { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_256, 0 }, {0}},
+       { "rsa-ecdsa256-sha256", { SIGN_RSA_EMSA_PKCS1_SHA256, 0 }, {0}},
+       { "rsa4096-sha256", {0}, {0}},
+       { "sha256", {0}, {0}},
+       { "ike:sha256", {0}, {0}},
+};
+
+static void check_sig_constraints(auth_cfg_t *cfg, auth_rule_t type,
+                                                                 signature_scheme_t expected[])
+{
+       enumerator_t *enumerator;
+       auth_rule_t t;
+       void *value;
+       int i = 0;
+
+       enumerator = cfg->create_enumerator(cfg);
+       while (enumerator->enumerate(enumerator, &t, &value))
+       {
+               if (t == type)
+               {
+                       ck_assert(expected[i]);
+                       ck_assert_int_eq(expected[i], (signature_scheme_t)value);
+                       i++;
+               }
+       }
+       enumerator->destroy(enumerator);
+       ck_assert(!expected[i]);
+}
+
+START_TEST(test_sig_contraints)
+{
+       auth_cfg_t *cfg;
+       signature_scheme_t none[] = {0};
+
+       cfg = auth_cfg_create();
+       cfg->add_pubkey_constraints(cfg, sig_constraints_tests[_i].constraints, FALSE);
+       check_sig_constraints(cfg, AUTH_RULE_SIGNATURE_SCHEME, sig_constraints_tests[_i].sig);
+       check_sig_constraints(cfg, AUTH_RULE_IKE_SIGNATURE_SCHEME, none);
+       cfg->destroy(cfg);
+
+       lib->settings->set_bool(lib->settings, "%s.signature_authentication_constraints",
+                                                       FALSE, lib->ns);
+
+       cfg = auth_cfg_create();
+       cfg->add_pubkey_constraints(cfg, sig_constraints_tests[_i].constraints, TRUE);
+       check_sig_constraints(cfg, AUTH_RULE_SIGNATURE_SCHEME, sig_constraints_tests[_i].sig);
+       check_sig_constraints(cfg, AUTH_RULE_IKE_SIGNATURE_SCHEME, sig_constraints_tests[_i].ike);
+       cfg->destroy(cfg);
+}
+END_TEST
+
+START_TEST(test_ike_contraints_fallback)
+{
+       auth_cfg_t *cfg;
+
+       lib->settings->set_bool(lib->settings, "%s.signature_authentication_constraints",
+                                                       TRUE, lib->ns);
+
+       cfg = auth_cfg_create();
+       cfg->add_pubkey_constraints(cfg, sig_constraints_tests[_i].constraints, TRUE);
+       check_sig_constraints(cfg, AUTH_RULE_SIGNATURE_SCHEME, sig_constraints_tests[_i].sig);
+       if (sig_constraints_tests[_i].ike[0])
+       {
+               check_sig_constraints(cfg, AUTH_RULE_IKE_SIGNATURE_SCHEME, sig_constraints_tests[_i].ike);
+       }
+       else
+       {
+               check_sig_constraints(cfg, AUTH_RULE_IKE_SIGNATURE_SCHEME, sig_constraints_tests[_i].sig);
+       }
+       cfg->destroy(cfg);
+}
+END_TEST
+
+Suite *auth_cfg_suite_create()
+{
+       Suite *s;
+       TCase *tc;
+
+       s = suite_create("auth_cfg");
+
+       tc = tcase_create("add_pubkey_constraints");
+       tcase_add_loop_test(tc, test_sig_contraints, 0, countof(sig_constraints_tests));
+       tcase_add_loop_test(tc, test_ike_contraints_fallback, 0, countof(sig_constraints_tests));
+       suite_add_tcase(s, tc);
+
+       return s;
+}
index e1074b9..824c880 100644 (file)
@@ -37,6 +37,7 @@ TEST_SUITE_DEPEND(certpolicy_suite_create, CERT_ENCODE, CERT_X509)
 TEST_SUITE_DEPEND(certnames_suite_create, CERT_ENCODE, CERT_X509)
 TEST_SUITE(host_suite_create)
 TEST_SUITE(printf_suite_create)
+TEST_SUITE(auth_cfg_suite_create)
 TEST_SUITE(hasher_suite_create)
 TEST_SUITE(crypter_suite_create)
 TEST_SUITE(crypto_factory_suite_create)