Adrian-Ken Rueegsegger [Mon, 17 Dec 2012 16:21:47 +0000 (17:21 +0100)]
Set sp_id to reqid when creating ESA
The reqid corresponds to the sp_id (security policy id) on the TKM side.
Adrian-Ken Rueegsegger [Mon, 12 Nov 2012 18:05:28 +0000 (19:05 +0100)]
Call Esa_Select after creation of child SA
This tells the TKM which child SA is the currently active SA.
Adrian-Ken Rueegsegger [Mon, 12 Nov 2012 11:08:32 +0000 (12:08 +0100)]
Check that chunk fits into sequence when converting
Reto Buerki [Thu, 8 Nov 2012 14:32:54 +0000 (15:32 +0100)]
Remove result out parameter from EES Init
Error processing is done by the registered exception handler.
Adrian-Ken Rueegsegger [Thu, 8 Nov 2012 11:22:10 +0000 (12:22 +0100)]
Drop support for pre-shared key authentication
Reto Buerki [Tue, 16 Oct 2012 15:12:51 +0000 (17:12 +0200)]
charon-tkm: Register TKM private key on startup
Reto Buerki [Tue, 16 Oct 2012 14:27:46 +0000 (16:27 +0200)]
Add TKM private key implementation
The key currently imitates the private key of alice@strongswan.org by
returning it's fingerprint in the get_fingerprint function.
This associates the private key with alice's X.509 cert and charon will
use it to create a signature over the local AUTH octets of the test
connection.
The private key serves as a proxy to the TKM ike_isa_sign operation and
extracts the required information from the auth octets chunk passed on
by the keymat.
Reto Buerki [Tue, 16 Oct 2012 14:42:23 +0000 (16:42 +0200)]
keymat: Store signature info in auth octets
Store the ISA context id and the initial message in the auth octets
chunk using the sign_info_t struct. Charon will pass on this information
to the TKM private key sign operation where it is extracted.
Reto Buerki [Tue, 16 Oct 2012 14:39:54 +0000 (16:39 +0200)]
Add AUTH signature info data structure
The sign_info_t type is used to transfer an ISA context id and the
initial message from the keymat to the TKM private key sign operation.
Adrian-Ken Rueegsegger [Thu, 8 Nov 2012 10:04:48 +0000 (11:04 +0100)]
charon-tkm: Register TKM public key on startup
Adrian-Ken Rueegsegger [Thu, 8 Nov 2012 10:00:21 +0000 (11:00 +0100)]
Add TKM public key implementation
The key unconditionally returns TRUE for the verify operation if it is called
with a supported signature algorithm. All such verification operations are
performed by the TKM (e.g. trustchain or auth octets verification) anyway, so
this is safe.
Adrian-Ken Rueegsegger [Wed, 7 Nov 2012 16:55:47 +0000 (17:55 +0100)]
Authenticate ISA using certificates
The authentication of the ISA is now done using the certificate provided
by the peer.
Adrian-Ken Rueegsegger [Wed, 7 Nov 2012 16:54:24 +0000 (17:54 +0100)]
Store peer IKE init message
The IKE init message sent to us by the peer is needed for authentication
in the authorization hook. Store the message as chunk in the keymat and
provide a getter to make it available.
Adrian-Ken Rueegsegger [Tue, 25 Sep 2012 13:21:11 +0000 (15:21 +0200)]
Build cc context in tkm listener authorize hook
Extract peer certificate information and build a TKM certificate chain
context in the authorize hook of the tkm_listener_t. The cc context will
be used for ISA authentication using certificates.
Adrian-Ken Rueegsegger [Tue, 25 Sep 2012 15:13:19 +0000 (17:13 +0200)]
Add TKM_CTX_CC (Certificate chain context id)
Adrian-Ken Rueegsegger [Thu, 4 Oct 2012 09:17:33 +0000 (11:17 +0200)]
Add typelen parameter to chunk_to_sequence function
The parameter is used to initialize the given sequence to zero.
Reto Buerki [Tue, 2 Oct 2012 15:03:39 +0000 (17:03 +0200)]
Implement Ada exception processing
Register a global exception action with the Ada runtime to log uncaught
exceptions to the daemon log and terminate.
Reto Buerki [Wed, 26 Sep 2012 13:40:27 +0000 (15:40 +0200)]
Implement Esa Event Service (EES)
The Esa Event Service can be used to trigger ESP SA (ESA) events such as
acquire or expire. The incoming events are forwarded to the hydra kernel
interface for processing.
Adrian-Ken Rueegsegger [Wed, 19 Sep 2012 15:55:28 +0000 (17:55 +0200)]
Conditionally reset AE context in keymat destroy
The responsibility to reset an authenticated endpoint context is passed
from a parent IKE SA keymat to the new keymat by including it in the ISA
info data contained in the skd chunk. The last IKE SA to be destroyed
will also reset the associated AE context.
Adrian-Ken Rueegsegger [Tue, 18 Sep 2012 17:01:38 +0000 (19:01 +0200)]
Let tkm_keymat_t extend keymat_v2_t
Adrian-Ken Rueegsegger [Tue, 18 Sep 2012 13:21:08 +0000 (15:21 +0200)]
Implement IKE SA rekeying
Use the TKM ike_isa_create_child exchange to rekey an IKE SA. The isa context id
is passed on (ab)using the rekey_skd chunk.
Adrian-Ken Rueegsegger [Tue, 18 Sep 2012 09:15:16 +0000 (11:15 +0200)]
Add test for keymat derive_child_keys operation
Adrian-Ken Rueegsegger [Mon, 17 Sep 2012 15:19:58 +0000 (17:19 +0200)]
Implement ESA rekeying with and without PFS
A child SA is being rekeyed if the esa information passed to the add_sa
function contains nonces. If it also contains a valid Diffie-Hellman
context id PFS is used.
The fact that the encr_r encryption key is passed to add_sa in the
inbound case can be used to determine if we are initiator or not by
inspecting the is_encr_r flag of the esa information struct.
Adrian-Ken Rueegsegger [Fri, 14 Sep 2012 15:29:21 +0000 (17:29 +0200)]
Extend esa_info_t struct
Add additional fields to the esa_info_t struct so the necessary data can
be passed from the keymat to the kernel ipsec interface, where ESA
creation and key generation using the TKM takes place.
The information is used during the inbound add_sa call to create an ESP
SA. This makes the hack of storing the local SPI in a kernel interface
variable between subsequent add_sa calls unnecessary.
Adrian-Ken Rueegsegger [Fri, 14 Sep 2012 13:42:17 +0000 (15:42 +0200)]
Use SAD to manage TKM ESA context information
An SAD entry is added after successfull creation of a TKM ESA context
in the add_sa() function. The corresponding entry is removed in
del_sa() using the SAD, src, dst, spi and protocol parameters.
Adrian-Ken Rueegsegger [Fri, 14 Sep 2012 12:59:04 +0000 (14:59 +0200)]
Implement TKM kernel SA database (SAD)
The TKM kernel SAD (security association database) stores information
about CHILD SAs.
Adrian-Ken Rueegsegger [Fri, 14 Sep 2012 08:29:38 +0000 (10:29 +0200)]
Add TKM_CTX_ESA (ESP SA context id)
Adrian-Ken Rueegsegger [Wed, 12 Sep 2012 09:52:08 +0000 (11:52 +0200)]
Use rng to generate local ESP SPIs
Adrian-Ken Rueegsegger [Tue, 11 Sep 2012 17:17:23 +0000 (19:17 +0200)]
charon-tkm: Register kernel_netlink_net
Explicitly register kernel netlink net implementation and avoid loading
the whole kernel-netlink plugin since the kernel netlink ipsec part is
unwanted.
Adrian-Ken Rueegsegger [Tue, 11 Sep 2012 17:13:29 +0000 (19:13 +0200)]
Do not return shared secret in TKM Diffie-Hellman
Since the TKM handles all relevant key material, charon-tkm must not
have access to it anymore. Thus the ike_dh_get_shared_secret operation
is not available anymore.
Adrian-Ken Rueegsegger [Tue, 11 Sep 2012 17:04:55 +0000 (19:04 +0200)]
Remove keymat proxy from TKM keymat
Since the TKM completely handles key derivation and installation there
is no need for the keymat proxy anymore.
Reto Buerki [Tue, 11 Sep 2012 16:32:50 +0000 (18:32 +0200)]
Remove netlink proxy from TKM kernel interface
The TKM is now able to manage simple child SAs, so there is no need for
the netlink proxy anymore.
Reto Buerki [Tue, 11 Sep 2012 16:24:21 +0000 (18:24 +0200)]
Avoid proxy for bypass_socket, enable_udp_decap
This is in preparation for the removal of the netlink kernel proxy. The
code is copied as-is from the kernel_netlink_ipsec plugin.
Adrian-Ken Rueegsegger [Mon, 10 Sep 2012 08:43:05 +0000 (10:43 +0200)]
Implement CHILD SA key derivation using TKM
ESP SAs are created when adding CHILD SAs via the kernel ipsec
interface.
The encr_i key is used to transfer the context id of the parent IKE SA
from the keymat to the TKM kernel ipsec interface.
Adrian-Ken Rueegsegger [Fri, 7 Sep 2012 13:17:25 +0000 (15:17 +0200)]
Register TKM kernel ipsec interface in charon-tkm
Adrian-Ken Rueegsegger [Fri, 7 Sep 2012 12:58:35 +0000 (14:58 +0200)]
Add TKM kernel ipsec skeleton
The existing kernel netlink ipsec interface is currently used as proxy
to perform the actual work. It will be gradually removed as the TKM
implements the needed features.
Reto Buerki [Fri, 7 Sep 2012 13:44:37 +0000 (15:44 +0200)]
chunk_map: Store key, value pair in entry_t struct
To make the chunk map more robust it now stores a clone of the data
chunk given on insertion. The entry struct is needed to properly free
the allocated chunk after use.
Reto Buerki [Thu, 6 Sep 2012 16:17:26 +0000 (18:17 +0200)]
Call ike_isa_auth_psk in listener authorize hook
This exchange initiates the AUTH verification in the TKM.
Reto Buerki [Fri, 31 Aug 2012 10:58:00 +0000 (12:58 +0200)]
listener: Register message hook
Use the message hook to save the AUTHENTICATION payload of an incoming
IKE_AUTH message.
The AUTH payload will be passed on to the TKM ike_isa_auth operation in
the authorize hook.
Reto Buerki [Thu, 6 Sep 2012 15:27:45 +0000 (17:27 +0200)]
keymat: Add AUTH payload setter/getter functions
These functions are used in the TKM specific bus listener to
store/retrieve the AUTH payload chunk in the message/authorize hooks.
Reto Buerki [Fri, 31 Aug 2012 09:13:39 +0000 (11:13 +0200)]
Register TKM bus listener in charon-tkm
Reto Buerki [Fri, 31 Aug 2012 09:11:30 +0000 (11:11 +0200)]
Add TKM specific bus listener skeleton
This listener gets informed about IKE authorization rounds and will be
used to call ike_isa_auth on a given ISA.
Reto Buerki [Fri, 31 Aug 2012 09:24:45 +0000 (11:24 +0200)]
Add ISA context id getter to TKM keymat
Reto Buerki [Fri, 31 Aug 2012 08:13:55 +0000 (10:13 +0200)]
keymat: Acquire AE context ID on initialization
Reto Buerki [Thu, 30 Aug 2012 13:07:21 +0000 (15:07 +0200)]
Add TKM_CTX_AE (Authenticated Endpoint context)
Reto Buerki [Thu, 30 Aug 2012 12:42:19 +0000 (14:42 +0200)]
keymat: Acquire ISA context ID on initialization
Reto Buerki [Thu, 30 Aug 2012 12:36:06 +0000 (14:36 +0200)]
Add TKM_CTX_ISA (IKE SA context)
Reto Buerki [Thu, 30 Aug 2012 11:57:58 +0000 (13:57 +0200)]
Use remote PSK signature computed by TKM
Reto Buerki [Thu, 30 Aug 2012 09:25:14 +0000 (11:25 +0200)]
keymat: Check for aes256-sha512 in derive_ike_keys
Return FALSE if peers try to use other algorithm combinations.
Adrian-Ken Rueegsegger [Wed, 29 Aug 2012 16:32:28 +0000 (18:32 +0200)]
keymat: Call ike_isa_sign_psk in get_psk_sig
Get PSK signed AUTH octets from TKM in initiator case.
Reto Buerki [Wed, 29 Aug 2012 08:38:47 +0000 (10:38 +0200)]
Factor out AEAD transform creation
Introduce static aead_create_from_keys function to initialize AEAD
transforms from key chunks.
Reto Buerki [Wed, 29 Aug 2012 07:48:14 +0000 (09:48 +0200)]
Add keymat IKE key derivation test case
Reto Buerki [Wed, 29 Aug 2012 07:44:17 +0000 (09:44 +0200)]
keymat: Create inbound and outbound AEAD transforms
Create and initialize AEAD transforms with keys derived by the TKM.
Return these transforms in the get_aead function.
IKE keys used by charon are derived by TKM now.
Reto Buerki [Wed, 29 Aug 2012 07:41:02 +0000 (09:41 +0200)]
keymat: Extract enc,inc algorithms from proposal
Extract encryption and integrity algorithms from proposal and check them
before deriving IKE keys.
Reto Buerki [Fri, 24 Aug 2012 14:17:27 +0000 (16:17 +0200)]
keymat: Call TKM Isa_Create procedure
Reto Buerki [Fri, 24 Aug 2012 10:58:47 +0000 (12:58 +0200)]
Implement chunk_to_sequence function
This function converts a given chunk to a variable-length byte sequence.
Reto Buerki [Fri, 24 Aug 2012 10:16:17 +0000 (12:16 +0200)]
Implement sequence_to_chunk function
This function converts a given TKM variable-length byte sequence to
chunk.
Adrian-Ken Rueegsegger [Wed, 22 Aug 2012 09:27:30 +0000 (11:27 +0200)]
keymat: Log nonce and DH context ids
Adrian-Ken Rueegsegger [Wed, 22 Aug 2012 09:17:14 +0000 (11:17 +0200)]
Add context id getter to TKM DH implementation
Adrian-Ken Rueegsegger [Wed, 22 Aug 2012 09:05:44 +0000 (11:05 +0200)]
keymat: Get context id of local nonce
To derive IKE keys using TKM the nonce context id of the local nonce is needed.
Get the id for a given chunk using the chunk map.
Adrian-Ken Rueegsegger [Wed, 22 Aug 2012 08:53:08 +0000 (10:53 +0200)]
nonceg: Insert id mapping when allocating nonce
Adrian-Ken Rueegsegger [Wed, 22 Aug 2012 08:17:59 +0000 (10:17 +0200)]
Add chunk map
This data structure allows to store mappings of chunks to ids. This will
be used to map nonces to their corresponding nonce context ids.
Adrian-Ken Rueegsegger [Tue, 21 Aug 2012 12:31:13 +0000 (14:31 +0200)]
Add context id getter to TKM nonce generator
Reto Buerki [Tue, 21 Aug 2012 13:29:30 +0000 (15:29 +0200)]
id_manager: Use calloc instead of malloc
This way we don't need to manually initialize the slot status; free
slots are now indicated by 0 though.
Reto Buerki [Tue, 21 Aug 2012 10:38:50 +0000 (12:38 +0200)]
Use ikev2 keymat proxy
Forward incoming calls to default ikev2 keymat instance. This is needed
to make a stepwise migration to TKM keymat possible. It will be removed
once the corresponding parts are implemented in the TKM.
Reto Buerki [Tue, 21 Aug 2012 10:17:05 +0000 (12:17 +0200)]
Add skeleton for TKM keymat variant
Reto Buerki [Thu, 9 Aug 2012 14:13:55 +0000 (16:13 +0200)]
id_manager: Use limits given by TKM
Reto Buerki [Thu, 9 Aug 2012 13:18:05 +0000 (15:18 +0200)]
Pass context limits on to id manager
Reto Buerki [Thu, 9 Aug 2012 13:12:40 +0000 (15:12 +0200)]
Request limits from TKM on init
Reto Buerki [Thu, 9 Aug 2012 10:47:58 +0000 (12:47 +0200)]
id_manager: Use array of bool instead of list
Instead of storing the acquired context ids in a linked list, use an
array of booleans for the job. A boolean value of true in the array
designates an available context id.
Reto Buerki [Wed, 8 Aug 2012 14:59:19 +0000 (16:59 +0200)]
Use id manager to acquire DH context id
Reto Buerki [Wed, 8 Aug 2012 14:56:30 +0000 (16:56 +0200)]
Add TKM_CTX_DH (Diffie-Hellman context) to id manager
Reto Buerki [Tue, 7 Aug 2012 15:46:45 +0000 (17:46 +0200)]
Use id manager to acquire nonce context id
Reto Buerki [Tue, 24 Jul 2012 08:40:26 +0000 (10:40 +0200)]
Add initial TKM Diffie-Hellman implementation
The tkm_diffie_hellman_t plugin acquires a DH context from the Trusted
Key Manager and uses it to get a DH public value and the calculated
shared secret. Proper context handling is still missing though, the
plugin currently uses context ID 1.
The get_shared_secret function will be removed as soon as the TKM
specific keymat is ready.
Reto Buerki [Tue, 12 Jun 2012 12:39:33 +0000 (14:39 +0200)]
charon-tkm: Register tkm nonce generator
Reto Buerki [Tue, 12 Jun 2012 09:05:14 +0000 (11:05 +0200)]
tkm_nonceg: Return nonce generated by TKM
Reto Buerki [Thu, 7 Jun 2012 15:45:34 +0000 (17:45 +0200)]
Initialize TKM client library in tkm.c
Reto Buerki [Fri, 18 May 2012 12:09:24 +0000 (14:09 +0200)]
Introduce TKM specific charon daemon (charon-tkm)
Analogous to charon-nm the charon-tkm daemon is a specialized charon
instance used in combination with the trusted key manager (TKM) written
in Ada.
The charon-tkm is basically a copy of the charon-nm code which will
register it's own TKM specific plugins.
The daemon binary is built using the gprbuild utility. This is needed
because it uses the tkm-rpc Ada library and consequently the Ada
runtime. gprbuild takes care of the complete binding and linker steps
required to properly initialize the Ada runtime.
Adrian-Ken Rueegsegger [Tue, 22 Jan 2013 15:13:15 +0000 (16:13 +0100)]
starter: Make daemon name configurable
A daemon can be specified using the '--daemon' command line parameter. This
tells starter to invoke a daemon other than 'charon'.
Additionally the ipsec script uses the environment variable DAEMON_NAME to tell
the starter which daemon to use.
Adrian-Ken Rueegsegger [Fri, 18 May 2012 19:19:52 +0000 (21:19 +0200)]
Add configure option --enable-unit-tests
This configure option enables check-based unit testing. Check is a unit
test framework for C [1].
The unit tests can be executed by issuing the following command in the
toplevel build directory:
make check
[1] - http://check.sourceforge.net/
Tobias Brunner [Fri, 22 Feb 2013 17:59:52 +0000 (18:59 +0100)]
Load arbitrary (non-host) attributes from strongswan.conf
This allows to e.g. load Cisco-specific attributes that contain FQDNs.
Martin Willi [Tue, 19 Mar 2013 12:44:11 +0000 (13:44 +0100)]
Don't try to mmap() empty ipsec.secret files
Tobias Brunner [Fri, 21 Sep 2012 10:14:29 +0000 (12:14 +0200)]
Delete IKE_SAs if responder does not initiate XAuth exchange within a certain time frame
Tobias Brunner [Fri, 8 Mar 2013 13:47:42 +0000 (14:47 +0100)]
testing: Rename interfaces and bridges so they are easier to identify
This simplifies capturing traffic with Wireshark on the host as each of
the guest's interfaces is clearly identified.
The three bridges were previously numbered starting from 0, this scheme
is restored here.
Tobias Brunner [Fri, 8 Mar 2013 13:18:54 +0000 (14:18 +0100)]
testing: Don't use a specific version for the QEMU machine type
The previously used pc-1.1 is not yet available on e.g. Ubuntu 12.04.
With 'pc' the most current supported version of that type is used.
Tobias Brunner [Tue, 19 Mar 2013 09:58:58 +0000 (10:58 +0100)]
NEWS about xauth-noauth added
Tobias Brunner [Tue, 19 Mar 2013 09:57:17 +0000 (10:57 +0100)]
Make sure that xauth-noauth is not used accidentally
It has to be selected explicitly with rightauth2=xauth-noauth.
Tobias Brunner [Mon, 4 Feb 2013 17:55:54 +0000 (18:55 +0100)]
Added xauth-noauth plugin
This XAuth backend does not do any authentication of client credentials
but simply sends a successful XAuth status to the client, thereby
concluding the XAuth exchange. This can be useful to fallback to basic
RSA authentication with clients that can not be configured without XAuth
authentication.
Martin Willi [Tue, 19 Mar 2013 10:20:35 +0000 (11:20 +0100)]
In stroke counters, check if we have an IKE_SA before getting the name from it
Fixes a segfault when receiving an invalid IKE SPI, where we don't have an
IKE_SA for the raised alert.
Martin Willi [Mon, 18 Mar 2013 13:29:37 +0000 (14:29 +0100)]
Add an "esp" load-tester option to configure custom CHILD_SA ESP proposal
Tobias Brunner [Mon, 18 Mar 2013 11:18:44 +0000 (12:18 +0100)]
Algorithms are not really specific to an IKE version
But not all of them can be used with IKEv1.
Fixes #314.
Martin Willi [Mon, 18 Mar 2013 09:47:26 +0000 (10:47 +0100)]
Add some 5.0.3 NEWS
Martin Willi [Mon, 18 Mar 2013 09:13:36 +0000 (10:13 +0100)]
Merge branch 'radius-ext'
Bring some extensions to eap-radius, namely a virtual IP address provider based
on received Framed-IPs, forwarding of Cisco Unity banners, Interim Accounting
updates and the reporting of sent/received packets.
Martin Willi [Mon, 18 Mar 2013 09:12:22 +0000 (10:12 +0100)]
Merge branch 'stroke-counters'
Extend stroke counters functionality by connection specific counters, and
a resetcounters command to reset the global or connection counters.
Martin Willi [Mon, 18 Mar 2013 09:11:46 +0000 (10:11 +0100)]
Merge branch 'stroke-timeout'
Add a strongswan.conf timeout option for stroke control commands.
Martin Willi [Mon, 18 Mar 2013 09:09:35 +0000 (10:09 +0100)]
Merge branch 'netlink-align'
Fixes some Netlink alignment issues, and then refactors Netlink XFRM message
attribute handling.
Martin Willi [Fri, 15 Mar 2013 15:01:32 +0000 (16:01 +0100)]
Use netlink_add_attribute() to copy over attributes during update_sa()
Martin Willi [Fri, 15 Mar 2013 14:17:13 +0000 (15:17 +0100)]
Use a helper function to add XFRM_MARK attribute
Martin Willi [Fri, 15 Mar 2013 14:05:00 +0000 (15:05 +0100)]
Use netlink_reserve() helper function in XFRM to simplify message construction
Martin Willi [Fri, 15 Mar 2013 13:32:51 +0000 (14:32 +0100)]
Add a Netlink utility function to add a RTA header and reserve space for data