proposal: Make sure non-AEAD IKE proposals contain integrity algorithms
authorTobias Brunner <tobias@strongswan.org>
Thu, 8 Mar 2018 17:26:19 +0000 (18:26 +0100)
committerTobias Brunner <tobias@strongswan.org>
Wed, 21 Mar 2018 09:15:18 +0000 (10:15 +0100)
src/libstrongswan/crypto/proposal/proposal.c
src/libstrongswan/tests/suites/test_proposal.c

index 39630a1..5252064 100644 (file)
@@ -710,6 +710,14 @@ static bool check_proposal(private_proposal_t *this)
                         * we MUST NOT propose any integrity algorithms */
                        remove_transform(this, INTEGRITY_ALGORITHM);
                }
+               else if (this->protocol == PROTO_IKE &&
+                                !get_algorithm(this, INTEGRITY_ALGORITHM, NULL, NULL))
+               {
+                       DBG1(DBG_CFG, "an integrity algorithm is mandatory in %N proposals "
+                                "with classic (non-AEAD) encryption algorithms",
+                                protocol_id_names, this->protocol);
+                       return FALSE;
+               }
        }
        else
        {       /* AES-GMAC is parsed as encryption algorithm, so we map that to the
index 4e23586..29621a8 100644 (file)
@@ -29,6 +29,8 @@ static struct {
        { PROTO_IKE, "aes128", NULL },
        { PROTO_IKE, "aes128-sha256", NULL },
        { PROTO_IKE, "aes128-sha256-modpnone", NULL },
+       { PROTO_IKE, "aes128-prfsha256", NULL },
+       { PROTO_IKE, "aes128-prfsha256-modp2048", NULL },
        { PROTO_IKE, "aes128-sha256-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072" },
        { PROTO_IKE, "aes128-sha256-prfsha384-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/MODP_3072" },
        { PROTO_IKE, "aes128gcm16-modp3072", NULL },