Added support for DH groups 22, 23 and 24, patch contributed by Joy Latten
authorMartin Willi <martin@revosec.ch>
Mon, 19 Apr 2010 12:41:20 +0000 (14:41 +0200)
committerMartin Willi <martin@revosec.ch>
Mon, 19 Apr 2010 12:41:20 +0000 (14:41 +0200)
13 files changed:
NEWS
scripts/dh_speed.c
scripts/dh_speed.sh
src/libcharon/config/proposal.c
src/libstrongswan/crypto/diffie_hellman.c
src/libstrongswan/crypto/diffie_hellman.h
src/libstrongswan/crypto/proposal/proposal_keywords.txt
src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c
src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
src/libstrongswan/plugins/gmp/gmp_plugin.c
src/libstrongswan/plugins/openssl/openssl_plugin.c
src/pluto/constants.c
src/pluto/crypto.c

diff --git a/NEWS b/NEWS
index ea34d30..cc3ca6a 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -8,6 +8,11 @@ strongswan-4.4.0
   The development of the High Availability functionality was sponsored by
   secunet Security Networks AG.
 
+- Added support for Diffie-Hellman groups 22, 23 and 24 to the gmp, gcrypt
+  and openssl plugins, usable by both pluto and charon. The new proposal
+  keywords are modp1024s160, modp2048s224 and modp2048s256. Thanks to Joy Latten
+  from IBM for his contribution.
+
 - The IKEv1 pluto daemon supports RAM-based virtual IP pools using
   the rightsourceip directive with a subnet from which addresses
   are allocated.
index b85bf1a..ce10249 100644 (file)
@@ -15,19 +15,22 @@ struct {
        char *name;
        diffie_hellman_group_t group;
 } groups[] = {
-       {"modp768",             MODP_768_BIT},
-       {"modp1024",    MODP_1024_BIT},
-       {"modp1536",    MODP_1536_BIT},
-       {"modp2048",    MODP_2048_BIT},
-       {"modp3072",    MODP_3072_BIT},
-       {"modp4096",    MODP_4096_BIT},
-       {"modp6144",    MODP_6144_BIT},
-       {"modp8192",    MODP_8192_BIT},
-       {"ecp256",              ECP_256_BIT},
-       {"ecp384",              ECP_384_BIT},
-       {"ecp521",              ECP_521_BIT},
-       {"ecp192",              ECP_192_BIT},
-       {"ecp224",              ECP_224_BIT},
+       {"modp768",                     MODP_768_BIT},
+       {"modp1024",            MODP_1024_BIT},
+       {"modp1024s160",        MODP_1024_160},
+       {"modp1536",            MODP_1536_BIT},
+       {"modp2048",            MODP_2048_BIT},
+       {"modp2048s224",        MODP_2048_224},
+       {"modp2048s256",        MODP_2048_256},
+       {"modp3072",            MODP_3072_BIT},
+       {"modp4096",            MODP_4096_BIT},
+       {"modp6144",            MODP_6144_BIT},
+       {"modp8192",            MODP_8192_BIT},
+       {"ecp256",                      ECP_256_BIT},
+       {"ecp384",                      ECP_384_BIT},
+       {"ecp521",                      ECP_521_BIT},
+       {"ecp192",                      ECP_192_BIT},
+       {"ecp224",                      ECP_224_BIT},
 };
 
 static void start_timing(struct timespec *start)
index d934a84..1df5f09 100755 (executable)
@@ -4,17 +4,17 @@
 
 echo "testing gmp"
 # gmp needs a RNG plugin, pick gcrypt
-sudo ./dh_speed "gmp gcrypt" 400 modp768 modp768 modp1024 modp1536 modp2048 | tail -n 4
+sudo ./dh_speed "gmp gcrypt" 400 modp768 modp768 modp1024 modp1024s160 modp1536 modp2048 modp2048s224 modp2048s256 | tail -n 7
 sudo ./dh_speed "gmp gcrypt" 100 modp1024 modp3072 modp4096 | tail -n 2
 sudo ./dh_speed "gmp gcrypt" 5 modp2048 modp6144 modp8192 | tail -n 2
 
 echo "testing gcrypt"
-sudo ./dh_speed "gcrypt" 400 modp768 modp768 modp1024 modp1536 modp2048 | tail -n 4
+sudo ./dh_speed "gcrypt" 400 modp768 modp768 modp1024 modp1024s160 modp1536 modp2048 modp2048s224 modp2048s256 | tail -n 7
 sudo ./dh_speed "gcrypt" 100 modp1024 modp3072 modp4096 | tail -n 2
 sudo ./dh_speed "gcrypt" 5 modp2048 modp6144 modp8192 | tail -n 2
 
 echo "testing openssl"
-sudo ./dh_speed "openssl" 400 modp768 modp768 modp1024 modp1536 modp2048 | tail -n 4
+sudo ./dh_speed "openssl" 400 modp768 modp768 modp1024 modp1024s160 modp1536 modp2048 modp2048s224 modp2048s256 | tail -n 7
 sudo ./dh_speed "openssl" 100 modp1024 modp3072 modp4096 | tail -n 2
 sudo ./dh_speed "openssl" 5 modp2048 modp6144 modp8192 | tail -n 2
 sudo ./dh_speed "openssl" 300 ecp192 ecp192 ecp224 ecp256 ecp384 ecp521 | tail -n 5
index f2a34f2..e863930 100644 (file)
@@ -858,6 +858,9 @@ static void proposal_add_supported_ike(private_proposal_t *this)
                        case ECP_256_BIT:
                        case ECP_384_BIT:
                        case ECP_521_BIT:
+                       case MODP_1024_160:
+                       case MODP_2048_224:
+                       case MODP_2048_256:
                        case ECP_192_BIT:
                        case ECP_224_BIT:
                                add_algorithm(this, DIFFIE_HELLMAN_GROUP, group, 0);
index 8dd56ab..9bd8991 100644 (file)
@@ -32,7 +32,10 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, ECP_521_BIT, MODP_1536_BIT,
        "ECP_256",
        "ECP_384",
        "ECP_521");
-ENUM_NEXT(diffie_hellman_group_names, ECP_192_BIT, ECP_224_BIT, ECP_521_BIT,
+ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, ECP_224_BIT, ECP_521_BIT,
+       "MODP_1024_160",
+       "MODP_2048_224",
+       "MODP_2048_256",
        "ECP_192",
        "ECP_224");
 ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_NULL, ECP_224_BIT,
@@ -301,6 +304,110 @@ static struct {
                                0x9E,0x30,0x50,0xE2,0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71,
                                0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF)
                },
+       },{
+               .group = MODP_1024_160, .opt_exp = 20, .public = {
+                       .subgroup = chunk_from_chars(
+                               0xF5,0x18,0xAA,0x87,0x81,0xA8,0xDF,0x27,0x8A,0xBA,0x4E,0x7D,0x64,0xB7,0xCB,0x9D,
+                               0x49,0x46,0x23,0x53),
+                       .generator = chunk_from_chars(
+                               0xA4,0xD1,0xCB,0xD5,0xC3,0xFD,0x34,0x12,0x67,0x65,0xA4,0x42,0xEF,0xB9,0x99,0x05,
+                               0xF8,0x10,0x4D,0xD2,0x58,0xAC,0x50,0x7F,0xD6,0x40,0x6C,0xFF,0x14,0x26,0x6D,0x31,
+                               0x26,0x6F,0xEA,0x1E,0x5C,0x41,0x56,0x4B,0x77,0x7E,0x69,0x0F,0x55,0x04,0xF2,0x13,
+                               0x16,0x02,0x17,0xB4,0xB0,0x1B,0x88,0x6A,0x5E,0x91,0x54,0x7F,0x9E,0x27,0x49,0xF4,
+                               0xD7,0xFB,0xD7,0xD3,0xB9,0xA9,0x2E,0xE1,0x90,0x9D,0x0D,0x22,0x63,0xF8,0x0A,0x76,
+                               0xA6,0xA2,0x4C,0x08,0x7A,0x09,0x1F,0x53,0x1D,0xBF,0x0A,0x01,0x69,0xB6,0xA2,0x8A,
+                               0xD6,0x62,0xA4,0xD1,0x8E,0x73,0xAF,0xA3,0x2D,0x77,0x9D,0x59,0x18,0xD0,0x8B,0xC8,
+                               0x85,0x8F,0x4D,0xCE,0xF9,0x7C,0x2A,0x24,0x85,0x5E,0x6E,0xEB,0x22,0xB3,0xB2,0xE5),
+                       .prime = chunk_from_chars(
+                               0xB1,0x0B,0x8F,0x96,0xA0,0x80,0xE0,0x1D,0xDE,0x92,0xDE,0x5E,0xAE,0x5D,0x54,0xEC,
+                               0x52,0xC9,0x9F,0xBC,0xFB,0x06,0xA3,0xC6,0x9A,0x6A,0x9D,0xCA,0x52,0xD2,0x3B,0x61,
+                               0x60,0x73,0xE2,0x86,0x75,0xA2,0x3D,0x18,0x98,0x38,0xEF,0x1E,0x2E,0xE6,0x52,0xC0,
+                               0x13,0xEC,0xB4,0xAE,0xA9,0x06,0x11,0x23,0x24,0x97,0x5C,0x3C,0xD4,0x9B,0x83,0xBF,
+                               0xAC,0xCB,0xDD,0x7D,0x90,0xC4,0xBD,0x70,0x98,0x48,0x8E,0x9C,0x21,0x9A,0x73,0x72,
+                               0x4E,0xFF,0xD6,0xFA,0xE5,0x64,0x47,0x38,0xFA,0xA3,0x1A,0x4F,0xF5,0x5B,0xCC,0xC0,
+                               0xA1,0x51,0xAF,0x5F,0x0D,0xC8,0xB4,0xBD,0x45,0xBF,0x37,0xDF,0x36,0x5C,0x1A,0x65,
+                               0xE6,0x8C,0xFD,0xA7,0x6D,0x4D,0xA7,0x08,0xDF,0x1F,0xB2,0xBC,0x2E,0x4A,0x43,0x71),
+               },
+       }, {
+               .group = MODP_2048_224, .opt_exp = 28, .public = {
+                       .subgroup = chunk_from_chars(
+                               0x80,0x1C,0x0D,0x34,0xC5,0x8D,0x93,0xFE,0x99,0x71,0x77,0x10,0x1F,0x80,0x53,0x5A,
+                               0x47,0x38,0xCE,0xBC,0xBF,0x38,0x9A,0x99,0xB3,0x63,0x71,0xEB),
+                       .generator = chunk_from_chars(
+                               0xAC,0x40,0x32,0xEF,0x4F,0x2D,0x9A,0xE3,0x9D,0xF3,0x0B,0x5C,0x8F,0xFD,0xAC,0x50,
+                               0x6C,0xDE,0xBE,0x7B,0x89,0x99,0x8C,0xAF,0x74,0x86,0x6A,0x08,0xCF,0xE4,0xFF,0xE3,
+                               0xA6,0x82,0x4A,0x4E,0x10,0xB9,0xA6,0xF0,0xDD,0x92,0x1F,0x01,0xA7,0x0C,0x4A,0xFA,
+                               0xAB,0x73,0x9D,0x77,0x00,0xC2,0x9F,0x52,0xC5,0x7D,0xB1,0x7C,0x62,0x0A,0x86,0x52,
+                               0xBE,0x5E,0x90,0x01,0xA8,0xD6,0x6A,0xD7,0xC1,0x76,0x69,0x10,0x19,0x99,0x02,0x4A,
+                               0xF4,0xD0,0x27,0x27,0x5A,0xC1,0x34,0x8B,0xB8,0xA7,0x62,0xD0,0x52,0x1B,0xC9,0x8A,
+                               0xE2,0x47,0x15,0x04,0x22,0xEA,0x1E,0xD4,0x09,0x93,0x9D,0x54,0xDA,0x74,0x60,0xCD,
+                               0xB5,0xF6,0xC6,0xB2,0x50,0x71,0x7C,0xBE,0xF1,0x80,0xEB,0x34,0x11,0x8E,0x98,0xD1,
+                               0x19,0x52,0x9A,0x45,0xD6,0xF8,0x34,0x56,0x6E,0x30,0x25,0xE3,0x16,0xA3,0x30,0xEF,
+                               0xBB,0x77,0xA8,0x6F,0x0C,0x1A,0xB1,0x5B,0x05,0x1A,0xE3,0xD4,0x28,0xC8,0xF8,0xAC,
+                               0xB7,0x0A,0x81,0x37,0x15,0x0B,0x8E,0xEB,0x10,0xE1,0x83,0xED,0xD1,0x99,0x63,0xDD,
+                               0xD9,0xE2,0x63,0xE4,0x77,0x05,0x89,0xEF,0x6A,0xA2,0x1E,0x7F,0x5F,0x2F,0xF3,0x81,
+                               0xB5,0x39,0xCC,0xE3,0x40,0x9D,0x13,0xCD,0x56,0x6A,0xFB,0xB4,0x8D,0x6C,0x01,0x91,
+                               0x81,0xE1,0xBC,0xFE,0x94,0xB3,0x02,0x69,0xED,0xFE,0x72,0xFE,0x9B,0x6A,0xA4,0xBD,
+                               0x7B,0x5A,0x0F,0x1C,0x71,0xCF,0xFF,0x4C,0x19,0xC4,0x18,0xE1,0xF6,0xEC,0x01,0x79,
+                               0x81,0xBC,0x08,0x7F,0x2A,0x70,0x65,0xB3,0x84,0xB8,0x90,0xD3,0x19,0x1F,0x2B,0xFA),
+                       .prime = chunk_from_chars(
+                               0xAD,0x10,0x7E,0x1E,0x91,0x23,0xA9,0xD0,0xD6,0x60,0xFA,0xA7,0x95,0x59,0xC5,0x1F,
+                               0xA2,0x0D,0x64,0xE5,0x68,0x3B,0x9F,0xD1,0xB5,0x4B,0x15,0x97,0xB6,0x1D,0x0A,0x75,
+                               0xE6,0xFA,0x14,0x1D,0xF9,0x5A,0x56,0xDB,0xAF,0x9A,0x3C,0x40,0x7B,0xA1,0xDF,0x15,
+                               0xEB,0x3D,0x68,0x8A,0x30,0x9C,0x18,0x0E,0x1D,0xE6,0xB8,0x5A,0x12,0x74,0xA0,0xA6,
+                               0x6D,0x3F,0x81,0x52,0xAD,0x6A,0xC2,0x12,0x90,0x37,0xC9,0xED,0xEF,0xDA,0x4D,0xF8,
+                               0xD9,0x1E,0x8F,0xEF,0x55,0xB7,0x39,0x4B,0x7A,0xD5,0xB7,0xD0,0xB6,0xC1,0x22,0x07,
+                               0xC9,0xF9,0x8D,0x11,0xED,0x34,0xDB,0xF6,0xC6,0xBA,0x0B,0x2C,0x8B,0xBC,0x27,0xBE,
+                               0x6A,0x00,0xE0,0xA0,0xB9,0xC4,0x97,0x08,0xB3,0xBF,0x8A,0x31,0x70,0x91,0x88,0x36,
+                               0x81,0x28,0x61,0x30,0xBC,0x89,0x85,0xDB,0x16,0x02,0xE7,0x14,0x41,0x5D,0x93,0x30,
+                               0x27,0x82,0x73,0xC7,0xDE,0x31,0xEF,0xDC,0x73,0x10,0xF7,0x12,0x1F,0xD5,0xA0,0x74,
+                               0x15,0x98,0x7D,0x9A,0xDC,0x0A,0x48,0x6D,0xCD,0xF9,0x3A,0xCC,0x44,0x32,0x83,0x87,
+                               0x31,0x5D,0x75,0xE1,0x98,0xC6,0x41,0xA4,0x80,0xCD,0x86,0xA1,0xB9,0xE5,0x87,0xE8,
+                               0xBE,0x60,0xE6,0x9C,0xC9,0x28,0xB2,0xB9,0xC5,0x21,0x72,0xE4,0x13,0x04,0x2E,0x9B,
+                               0x23,0xF1,0x0B,0x0E,0x16,0xE7,0x97,0x63,0xC9,0xB5,0x3D,0xCF,0x4B,0xA8,0x0A,0x29,
+                               0xE3,0xFB,0x73,0xC1,0x6B,0x8E,0x75,0xB9,0x7E,0xF3,0x63,0xE2,0xFF,0xA3,0x1F,0x71,
+                               0xCF,0x9D,0xE5,0x38,0x4E,0x71,0xB8,0x1C,0x0A,0xC4,0xDF,0xFE,0x0C,0x10,0xE6,0x4F)
+               },
+       },{
+               .group = MODP_2048_256, .opt_exp = 32, .public = {
+                       .subgroup = chunk_from_chars(
+                               0x8C,0xF8,0x36,0x42,0xA7,0x09,0xA0,0x97,0xB4,0x47,0x99,0x76,0x40,0x12,0x9D,0xA2,
+                               0x99,0xB1,0xA4,0x7D,0x1E,0xB3,0x75,0x0B,0xA3,0x08,0xB0,0xFE,0x64,0xF5,0xFB,0xD3),
+                       .generator = chunk_from_chars(
+                               0x3F,0xB3,0x2C,0x9B,0x73,0x13,0x4D,0x0B,0x2E,0x77,0x50,0x66,0x60,0xED,0xBD,0x48,
+                               0x4C,0xA7,0xB1,0x8F,0x21,0xEF,0x20,0x54,0x07,0xF4,0x79,0x3A,0x1A,0x0B,0xA1,0x25,
+                               0x10,0xDB,0xC1,0x50,0x77,0xBE,0x46,0x3F,0xFF,0x4F,0xED,0x4A,0xAC,0x0B,0xB5,0x55,
+                               0xBE,0x3A,0x6C,0x1B,0x0C,0x6B,0x47,0xB1,0xBC,0x37,0x73,0xBF,0x7E,0x8C,0x6F,0x62,
+                               0x90,0x12,0x28,0xF8,0xC2,0x8C,0xBB,0x18,0xA5,0x5A,0xE3,0x13,0x41,0x00,0x0A,0x65,
+                               0x01,0x96,0xF9,0x31,0xC7,0x7A,0x57,0xF2,0xDD,0xF4,0x63,0xE5,0xE9,0xEC,0x14,0x4B,
+                               0x77,0x7D,0xE6,0x2A,0xAA,0xB8,0xA8,0x62,0x8A,0xC3,0x76,0xD2,0x82,0xD6,0xED,0x38,
+                               0x64,0xE6,0x79,0x82,0x42,0x8E,0xBC,0x83,0x1D,0x14,0x34,0x8F,0x6F,0x2F,0x91,0x93,
+                               0xB5,0x04,0x5A,0xF2,0x76,0x71,0x64,0xE1,0xDF,0xC9,0x67,0xC1,0xFB,0x3F,0x2E,0x55,
+                               0xA4,0xBD,0x1B,0xFF,0xE8,0x3B,0x9C,0x80,0xD0,0x52,0xB9,0x85,0xD1,0x82,0xEA,0x0A,
+                               0xDB,0x2A,0x3B,0x73,0x13,0xD3,0xFE,0x14,0xC8,0x48,0x4B,0x1E,0x05,0x25,0x88,0xB9,
+                               0xB7,0xD2,0xBB,0xD2,0xDF,0x01,0x61,0x99,0xEC,0xD0,0x6E,0x15,0x57,0xCD,0x09,0x15,
+                               0xB3,0x35,0x3B,0xBB,0x64,0xE0,0xEC,0x37,0x7F,0xD0,0x28,0x37,0x0D,0xF9,0x2B,0x52,
+                               0xC7,0x89,0x14,0x28,0xCD,0xC6,0x7E,0xB6,0x18,0x4B,0x52,0x3D,0x1D,0xB2,0x46,0xC3,
+                               0x2F,0x63,0x07,0x84,0x90,0xF0,0x0E,0xF8,0xD6,0x47,0xD1,0x48,0xD4,0x79,0x54,0x51,
+                               0x5E,0x23,0x27,0xCF,0xEF,0x98,0xC5,0x82,0x66,0x4B,0x4C,0x0F,0x6C,0xC4,0x16,0x59),
+                       .prime = chunk_from_chars(
+                               0x87,0xA8,0xE6,0x1D,0xB4,0xB6,0x66,0x3C,0xFF,0xBB,0xD1,0x9C,0x65,0x19,0x59,0x99,
+                               0x8C,0xEE,0xF6,0x08,0x66,0x0D,0xD0,0xF2,0x5D,0x2C,0xEE,0xD4,0x43,0x5E,0x3B,0x00,
+                               0xE0,0x0D,0xF8,0xF1,0xD6,0x19,0x57,0xD4,0xFA,0xF7,0xDF,0x45,0x61,0xB2,0xAA,0x30,
+                               0x16,0xC3,0xD9,0x11,0x34,0x09,0x6F,0xAA,0x3B,0xF4,0x29,0x6D,0x83,0x0E,0x9A,0x7C,
+                               0x20,0x9E,0x0C,0x64,0x97,0x51,0x7A,0xBD,0x5A,0x8A,0x9D,0x30,0x6B,0xCF,0x67,0xED,
+                               0x91,0xF9,0xE6,0x72,0x5B,0x47,0x58,0xC0,0x22,0xE0,0xB1,0xEF,0x42,0x75,0xBF,0x7B,
+                               0x6C,0x5B,0xFC,0x11,0xD4,0x5F,0x90,0x88,0xB9,0x41,0xF5,0x4E,0xB1,0xE5,0x9B,0xB8,
+                               0xBC,0x39,0xA0,0xBF,0x12,0x30,0x7F,0x5C,0x4F,0xDB,0x70,0xC5,0x81,0xB2,0x3F,0x76,
+                               0xB6,0x3A,0xCA,0xE1,0xCA,0xA6,0xB7,0x90,0x2D,0x52,0x52,0x67,0x35,0x48,0x8A,0x0E,
+                               0xF1,0x3C,0x6D,0x9A,0x51,0xBF,0xA4,0xAB,0x3A,0xD8,0x34,0x77,0x96,0x52,0x4D,0x8E,
+                               0xF6,0xA1,0x67,0xB5,0xA4,0x18,0x25,0xD9,0x67,0xE1,0x44,0xE5,0x14,0x05,0x64,0x25,
+                               0x1C,0xCA,0xCB,0x83,0xE6,0xB4,0x86,0xF6,0xB3,0xCA,0x3F,0x79,0x71,0x50,0x60,0x26,
+                               0xC0,0xB8,0x57,0xF6,0x89,0x96,0x28,0x56,0xDE,0xD4,0x01,0x0A,0xBD,0x0B,0xE6,0x21,
+                               0xC3,0xA3,0x96,0x0A,0x54,0xE7,0x10,0xC3,0x75,0xF2,0x63,0x75,0xD7,0x01,0x41,0x03,
+                               0xA4,0xB5,0x43,0x30,0xC1,0x98,0xAF,0x12,0x61,0x16,0xD2,0x27,0x6E,0x11,0x71,0x5F,
+                               0x69,0x38,0x77,0xFA,0xD7,0xEF,0x09,0xCA,0xDB,0x09,0x4A,0xE9,0x1E,0x1A,0x15,0x97)
+               },
        },
 };
 
@@ -317,7 +424,8 @@ diffie_hellman_params_t *diffie_hellman_get_params(diffie_hellman_group_t group)
                {
                        if (!dh_params[i].public.exp_len)
                        {
-                               if (lib->settings->get_int(lib->settings,
+                               if (!dh_params[i].public.subgroup.len &&
+                                       lib->settings->get_int(lib->settings,
                                                                "libstrongswan.dh_exponent_ansi_x9_42", TRUE))
                                {
                                        dh_params[i].public.exp_len = dh_params[i].public.prime.len;
index 7a0c9b2..cdc9c78 100644 (file)
@@ -50,6 +50,9 @@ enum diffie_hellman_group_t {
        ECP_256_BIT   = 19,
        ECP_384_BIT   = 20,
        ECP_521_BIT   = 21,
+       MODP_1024_160 = 22,
+       MODP_2048_224 = 23,
+       MODP_2048_256 = 24,
        ECP_192_BIT   = 25,
        ECP_224_BIT   = 26,
        /** insecure NULL diffie hellman group for testing, in PRIVATE USE */
@@ -127,6 +130,11 @@ struct diffie_hellman_params_t {
         * Exponent length to use
         */
        size_t exp_len;
+
+       /**
+        * Prime order subgroup; for MODP Groups 22-24
+        */
+       const chunk_t subgroup;
 };
 
 /**
index 0997c93..3389938 100644 (file)
@@ -121,3 +121,6 @@ ecp224,           DIFFIE_HELLMAN_GROUP, ECP_224_BIT,               0
 ecp256,           DIFFIE_HELLMAN_GROUP, ECP_256_BIT,               0
 ecp384,           DIFFIE_HELLMAN_GROUP, ECP_384_BIT,               0
 ecp521,           DIFFIE_HELLMAN_GROUP, ECP_521_BIT,               0
+modp1024s160,     DIFFIE_HELLMAN_GROUP, MODP_1024_160,             0
+modp2048s224,     DIFFIE_HELLMAN_GROUP, MODP_2048_224,             0
+modp2048s256,     DIFFIE_HELLMAN_GROUP, MODP_2048_256,             0
index 341ba51..039036b 100644 (file)
@@ -190,6 +190,10 @@ plugin_t *gcrypt_plugin_create()
        /* diffie hellman groups, using modp */
        lib->crypto->add_dh(lib->crypto, MODP_2048_BIT,
                                        (dh_constructor_t)gcrypt_dh_create);
+       lib->crypto->add_dh(lib->crypto, MODP_2048_224,
+                                       (dh_constructor_t)gcrypt_dh_create);
+       lib->crypto->add_dh(lib->crypto, MODP_2048_256,
+                                       (dh_constructor_t)gcrypt_dh_create);
        lib->crypto->add_dh(lib->crypto, MODP_1536_BIT,
                                        (dh_constructor_t)gcrypt_dh_create);
        lib->crypto->add_dh(lib->crypto, MODP_3072_BIT,
@@ -202,6 +206,8 @@ plugin_t *gcrypt_plugin_create()
                                        (dh_constructor_t)gcrypt_dh_create);
        lib->crypto->add_dh(lib->crypto, MODP_1024_BIT,
                                        (dh_constructor_t)gcrypt_dh_create);
+       lib->crypto->add_dh(lib->crypto, MODP_1024_160,
+                                       (dh_constructor_t)gcrypt_dh_create);
        lib->crypto->add_dh(lib->crypto, MODP_768_BIT,
                                        (dh_constructor_t)gcrypt_dh_create);
 
index 7b12cf7..4ee4498 100644 (file)
@@ -106,10 +106,20 @@ static void set_other_public_value(private_gmp_diffie_hellman_t *this, chunk_t v
 #ifdef EXTENDED_DH_TEST
                /* 3. test if y ^ q mod p = 1, where q = (p - 1)/2. */
                mpz_t q, one;
+               diffie_hellman_params_t *params;
 
                mpz_init(q);
                mpz_init(one);
-               mpz_fdiv_q_2exp(q, p_min_1, 1);
+
+               params = diffie_hellman_get_params(this->group);
+               if (!params->subgroup.len)
+               {
+                       mpz_fdiv_q_2exp(q, p_min_1, 1);
+               }
+               else
+               {
+                       mpz_import(q, params->subgroup.len, 1, 1, 1, 0, params->subgroup.ptr);
+               }
                mpz_powm(one, this->yb, q, this->p);
                mpz_clear(q);
                if (mpz_cmp_ui(one, 1) == 0)
index ca50514..fbce973 100644 (file)
@@ -60,6 +60,10 @@ plugin_t *gmp_plugin_create()
 
        lib->crypto->add_dh(lib->crypto, MODP_2048_BIT,
                                                (dh_constructor_t)gmp_diffie_hellman_create);
+       lib->crypto->add_dh(lib->crypto, MODP_2048_224,
+                                               (dh_constructor_t)gmp_diffie_hellman_create);
+       lib->crypto->add_dh(lib->crypto, MODP_2048_256,
+                                               (dh_constructor_t)gmp_diffie_hellman_create);
        lib->crypto->add_dh(lib->crypto, MODP_1536_BIT,
                                                (dh_constructor_t)gmp_diffie_hellman_create);
        lib->crypto->add_dh(lib->crypto, MODP_3072_BIT,
@@ -72,6 +76,8 @@ plugin_t *gmp_plugin_create()
                                                (dh_constructor_t)gmp_diffie_hellman_create);
        lib->crypto->add_dh(lib->crypto, MODP_1024_BIT,
                                                (dh_constructor_t)gmp_diffie_hellman_create);
+       lib->crypto->add_dh(lib->crypto, MODP_1024_160,
+                                               (dh_constructor_t)gmp_diffie_hellman_create);
        lib->crypto->add_dh(lib->crypto, MODP_768_BIT,
                                                (dh_constructor_t)gmp_diffie_hellman_create);
 
index 165f83c..c1545ff 100644 (file)
@@ -266,6 +266,10 @@ plugin_t *openssl_plugin_create()
        /* (ec) diffie hellman */
        lib->crypto->add_dh(lib->crypto, MODP_2048_BIT,
                                                (dh_constructor_t)openssl_diffie_hellman_create);
+       lib->crypto->add_dh(lib->crypto, MODP_2048_224,
+                                               (dh_constructor_t)openssl_diffie_hellman_create);
+       lib->crypto->add_dh(lib->crypto, MODP_2048_256,
+                                               (dh_constructor_t)openssl_diffie_hellman_create);
        lib->crypto->add_dh(lib->crypto, MODP_1536_BIT,
                                                (dh_constructor_t)openssl_diffie_hellman_create);
        lib->crypto->add_dh(lib->crypto, ECP_256_BIT,
@@ -288,6 +292,8 @@ plugin_t *openssl_plugin_create()
                                                (dh_constructor_t)openssl_diffie_hellman_create);
        lib->crypto->add_dh(lib->crypto, MODP_1024_BIT,
                                                (dh_constructor_t)openssl_diffie_hellman_create);
+       lib->crypto->add_dh(lib->crypto, MODP_1024_160,
+                                               (dh_constructor_t)openssl_diffie_hellman_create);
        lib->crypto->add_dh(lib->crypto, MODP_768_BIT,
                                                (dh_constructor_t)openssl_diffie_hellman_create);
 
index 7823abe..da04400 100644 (file)
@@ -920,12 +920,15 @@ static const char *const oakley_group_name_rfc4753[] = {
 };
 
 static const char *const oakley_group_name_rfc5114[] = {
+       "MODP_1024_160",
+       "MODP_2048_224",
+       "MODP_2048_256",
        "ECP_192",
        "ECP_224"
 };
 
 enum_names oakley_group_names_rfc5114 =
-       { ECP_192_BIT, ECP_224_BIT,
+       { MODP_1024_160, ECP_224_BIT,
                        oakley_group_name_rfc5114, NULL };
 
 enum_names oakley_group_names_rfc4753 =
index fb0cff7..a62e763 100644 (file)
@@ -237,6 +237,27 @@ static struct dh_desc dh_desc_ecp_521 = {
        ke_size:    2*528 / BITS_PER_BYTE
 };
 
+static struct dh_desc dh_desc_modp_1024_160 = {
+       algo_type:  IKE_ALG_DH_GROUP,
+       algo_id:    MODP_1024_160,
+       algo_next:  NULL,
+       ke_size:    1024 / BITS_PER_BYTE
+};
+
+static struct dh_desc dh_desc_modp_2048_224 = {
+       algo_type:  IKE_ALG_DH_GROUP,
+       algo_id:    MODP_2048_224,
+       algo_next:  NULL,
+       ke_size:    2048 / BITS_PER_BYTE
+};
+
+static struct dh_desc dh_desc_modp_2048_256 = {
+       algo_type:  IKE_ALG_DH_GROUP,
+       algo_id:    MODP_2048_256,
+       algo_next:  NULL,
+       ke_size:    2048 / BITS_PER_BYTE
+};
+
 static struct dh_desc dh_desc_ecp_192 = {
        algo_type:  IKE_ALG_DH_GROUP,
        algo_id:    ECP_192_BIT,
@@ -370,6 +391,15 @@ bool init_crypto(void)
                        case ECP_521_BIT:
                                desc = &dh_desc_ecp_521;
                                break;
+                       case MODP_1024_160:
+                               desc = &dh_desc_modp_1024_160;
+                               break;
+                       case MODP_2048_224:
+                               desc = &dh_desc_modp_2048_224;
+                               break;
+                       case MODP_2048_256:
+                               desc = &dh_desc_modp_2048_256;
+                               break;
                        case ECP_192_BIT:
                                desc = &dh_desc_ecp_192;
                                break;