2 * Copyright (C) 2008-2018 Tobias Brunner
3 * Copyright (C) 2006-2010 Martin Willi
4 * Copyright (C) 2013-2015 Andreas Steffen
5 * HSR Hochschule fuer Technik Rapperswil
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
22 #include <collections/array.h>
23 #include <utils/identification.h>
25 #include <crypto/transform.h>
26 #include <crypto/prfs/prf.h>
27 #include <crypto/crypters/crypter.h>
28 #include <crypto/signers/signer.h>
30 ENUM(protocol_id_names
, PROTO_NONE
, PROTO_IPCOMP
,
38 typedef struct private_proposal_t private_proposal_t
;
41 * Private data of an proposal_t object
43 struct private_proposal_t
{
51 * protocol (ESP or AH)
53 protocol_id_t protocol
;
56 * Priority ordered list of transforms, as entry_t
61 * Types of transforms contained, as transform_type_t
77 * This is a hack to not change the previous order when printing proposals
79 static transform_type_t
type_for_sort(const void *type
)
81 const transform_type_t
*t
= type
;
85 case PSEUDO_RANDOM_FUNCTION
:
86 return INTEGRITY_ALGORITHM
;
87 case INTEGRITY_ALGORITHM
:
88 return PSEUDO_RANDOM_FUNCTION
;
95 * Sort transform types
97 static int type_sort(const void *a
, const void *b
, void *user
)
99 transform_type_t ta
= type_for_sort(a
), tb
= type_for_sort(b
);
104 * Find a transform type
106 static int type_find(const void *a
, const void *b
)
108 return type_sort(a
, b
, NULL
);
112 * Check if the given transform type is already in the set
114 static bool contains_type(array_t
*types
, transform_type_t type
)
116 return array_bsearch(types
, &type
, type_find
, NULL
) != -1;
120 * Add the given transform type to the set
122 static void add_type(array_t
*types
, transform_type_t type
)
124 if (!contains_type(types
, type
))
126 array_insert(types
, ARRAY_TAIL
, &type
);
127 array_sort(types
, type_sort
, NULL
);
132 * Merge two sets of transform types into a new array
134 static array_t
*merge_types(private_proposal_t
*this, private_proposal_t
*other
)
137 transform_type_t type
;
140 count
= max(array_count(this->types
), array_count(other
->types
));
141 types
= array_create(sizeof(transform_type_t
), count
);
143 for (i
= 0; i
< count
; i
++)
145 if (array_get(this->types
, i
, &type
))
147 add_type(types
, type
);
149 if (array_get(other
->types
, i
, &type
))
151 add_type(types
, type
);
158 * Remove the given transform type from the set
160 static void remove_type(private_proposal_t
*this, transform_type_t type
)
164 i
= array_bsearch(this->types
, &type
, type_find
, NULL
);
167 array_remove(this->types
, i
, NULL
);
172 * Struct used to store different kinds of algorithms.
175 /** Type of the transform */
176 transform_type_t type
;
177 /** algorithm identifier */
179 /** key size in bits, or zero if not needed */
183 METHOD(proposal_t
, add_algorithm
, void,
184 private_proposal_t
*this, transform_type_t type
,
185 uint16_t alg
, uint16_t key_size
)
190 .key_size
= key_size
,
193 array_insert(this->transforms
, ARRAY_TAIL
, &entry
);
194 add_type(this->types
, type
);
197 CALLBACK(alg_filter
, bool,
198 uintptr_t type
, enumerator_t
*orig
, va_list args
)
201 uint16_t *alg
, *key_size
;
203 VA_ARGS_VGET(args
, alg
, key_size
);
205 while (orig
->enumerate(orig
, &entry
))
207 if (entry
->type
!= type
)
217 *key_size
= entry
->key_size
;
224 METHOD(proposal_t
, create_enumerator
, enumerator_t
*,
225 private_proposal_t
*this, transform_type_t type
)
227 return enumerator_create_filter(
228 array_create_enumerator(this->transforms
),
229 alg_filter
, (void*)(uintptr_t)type
, NULL
);
232 METHOD(proposal_t
, get_algorithm
, bool,
233 private_proposal_t
*this, transform_type_t type
,
234 uint16_t *alg
, uint16_t *key_size
)
236 enumerator_t
*enumerator
;
239 enumerator
= create_enumerator(this, type
);
240 if (enumerator
->enumerate(enumerator
, alg
, key_size
))
244 enumerator
->destroy(enumerator
);
249 METHOD(proposal_t
, has_dh_group
, bool,
250 private_proposal_t
*this, diffie_hellman_group_t group
)
252 bool found
= FALSE
, any
= FALSE
;
253 enumerator_t
*enumerator
;
256 enumerator
= create_enumerator(this, DIFFIE_HELLMAN_GROUP
);
257 while (enumerator
->enumerate(enumerator
, ¤t
, NULL
))
260 if (current
== group
)
266 enumerator
->destroy(enumerator
);
268 if (!any
&& group
== MODP_NONE
)
275 METHOD(proposal_t
, promote_dh_group
, bool,
276 private_proposal_t
*this, diffie_hellman_group_t group
)
278 enumerator_t
*enumerator
;
282 enumerator
= array_create_enumerator(this->transforms
);
283 while (enumerator
->enumerate(enumerator
, &entry
))
285 if (entry
->type
== DIFFIE_HELLMAN_GROUP
&&
288 array_remove_at(this->transforms
, enumerator
);
292 enumerator
->destroy(enumerator
);
297 .type
= DIFFIE_HELLMAN_GROUP
,
300 array_insert(this->transforms
, ARRAY_HEAD
, &entry
);
305 METHOD(proposal_t
, strip_dh
, void,
306 private_proposal_t
*this, diffie_hellman_group_t keep
)
308 enumerator_t
*enumerator
;
312 enumerator
= array_create_enumerator(this->transforms
);
313 while (enumerator
->enumerate(enumerator
, &entry
))
315 if (entry
->type
== DIFFIE_HELLMAN_GROUP
)
317 if (entry
->alg
!= keep
)
319 array_remove_at(this->transforms
, enumerator
);
327 enumerator
->destroy(enumerator
);
329 if (keep
== MODP_NONE
|| !found
)
331 remove_type(this, DIFFIE_HELLMAN_GROUP
);
336 * Select a matching proposal from this and other, insert into selected.
338 static bool select_algo(private_proposal_t
*this, proposal_t
*other
,
339 proposal_t
*selected
, transform_type_t type
, bool priv
)
341 enumerator_t
*e1
, *e2
;
342 uint16_t alg1
, alg2
, ks1
, ks2
;
343 bool found
= FALSE
, optional
= FALSE
;
345 if (type
== INTEGRITY_ALGORITHM
&&
346 selected
->get_algorithm(selected
, ENCRYPTION_ALGORITHM
, &alg1
, NULL
) &&
347 encryption_algorithm_is_aead(alg1
))
349 /* no integrity algorithm required, we have an AEAD */
352 if (type
== DIFFIE_HELLMAN_GROUP
)
354 optional
= this->protocol
== PROTO_ESP
|| this->protocol
== PROTO_AH
;
357 e1
= create_enumerator(this, type
);
358 e2
= other
->create_enumerator(other
, type
);
359 if (!e1
->enumerate(e1
, &alg1
, NULL
))
361 if (!e2
->enumerate(e2
, &alg2
, NULL
))
368 { /* if NONE is proposed, we accept the proposal */
371 while (!found
&& e2
->enumerate(e2
, &alg2
, NULL
));
374 else if (!e2
->enumerate(e2
, NULL
, NULL
))
379 { /* if NONE is proposed, we accept the proposal */
382 while (!found
&& e1
->enumerate(e1
, &alg1
, NULL
));
387 e1
= create_enumerator(this, type
);
388 /* compare algs, order of algs in "first" is preferred */
389 while (!found
&& e1
->enumerate(e1
, &alg1
, &ks1
))
392 e2
= other
->create_enumerator(other
, type
);
393 while (e2
->enumerate(e2
, &alg2
, &ks2
))
395 if (alg1
== alg2
&& ks1
== ks2
)
397 if (!priv
&& alg1
>= 1024)
399 /* accept private use algorithms only if requested */
400 DBG1(DBG_CFG
, "an algorithm from private space would match, "
401 "but peer implementation is unknown, skipped");
404 selected
->add_algorithm(selected
, type
, alg1
, ks1
);
410 /* no match in all comparisons */
416 DBG2(DBG_CFG
, " no acceptable %N found", transform_type_names
, type
);
421 METHOD(proposal_t
, select_proposal
, proposal_t
*,
422 private_proposal_t
*this, proposal_t
*other
, bool other_remote
,
425 proposal_t
*selected
;
426 transform_type_t type
;
430 DBG2(DBG_CFG
, "selecting proposal:");
432 if (this->protocol
!= other
->get_protocol(other
))
434 DBG2(DBG_CFG
, " protocol mismatch, skipping");
440 selected
= proposal_create(this->protocol
, other
->get_number(other
));
441 selected
->set_spi(selected
, other
->get_spi(other
));
445 selected
= proposal_create(this->protocol
, this->number
);
446 selected
->set_spi(selected
, this->spi
);
449 types
= merge_types(this, (private_proposal_t
*)other
);
450 for (i
= 0; i
< array_count(types
); i
++)
452 array_get(types
, i
, &type
);
453 if (!select_algo(this, other
, selected
, type
, private))
455 selected
->destroy(selected
);
456 array_destroy(types
);
460 array_destroy(types
);
462 DBG2(DBG_CFG
, " proposal matches");
466 METHOD(proposal_t
, get_protocol
, protocol_id_t
,
467 private_proposal_t
*this)
469 return this->protocol
;
472 METHOD(proposal_t
, set_spi
, void,
473 private_proposal_t
*this, uint64_t spi
)
478 METHOD(proposal_t
, get_spi
, uint64_t,
479 private_proposal_t
*this)
485 * Check if two proposals have the same algorithms for a given transform type
487 static bool algo_list_equals(private_proposal_t
*this, proposal_t
*other
,
488 transform_type_t type
)
490 enumerator_t
*e1
, *e2
;
491 uint16_t alg1
, alg2
, ks1
, ks2
;
494 e1
= create_enumerator(this, type
);
495 e2
= other
->create_enumerator(other
, type
);
496 while (e1
->enumerate(e1
, &alg1
, &ks1
))
498 if (!e2
->enumerate(e2
, &alg2
, &ks2
))
500 /* this has more algs */
504 if (alg1
!= alg2
|| ks1
!= ks2
)
510 if (e2
->enumerate(e2
, &alg2
, &ks2
))
512 /* other has more algs */
521 METHOD(proposal_t
, get_number
, u_int
,
522 private_proposal_t
*this)
527 METHOD(proposal_t
, equals
, bool,
528 private_proposal_t
*this, proposal_t
*other
)
530 transform_type_t type
;
534 if (&this->public == other
)
539 types
= merge_types(this, (private_proposal_t
*)other
);
540 for (i
= 0; i
< array_count(types
); i
++)
542 array_get(types
, i
, &type
);
543 if (!algo_list_equals(this, other
, type
))
545 array_destroy(types
);
549 array_destroy(types
);
553 METHOD(proposal_t
, clone_
, proposal_t
*,
554 private_proposal_t
*this)
556 private_proposal_t
*clone
;
557 enumerator_t
*enumerator
;
559 transform_type_t
*type
;
561 clone
= (private_proposal_t
*)proposal_create(this->protocol
, 0);
563 enumerator
= array_create_enumerator(this->transforms
);
564 while (enumerator
->enumerate(enumerator
, &entry
))
566 array_insert(clone
->transforms
, ARRAY_TAIL
, entry
);
568 enumerator
->destroy(enumerator
);
569 enumerator
= array_create_enumerator(this->types
);
570 while (enumerator
->enumerate(enumerator
, &type
))
572 array_insert(clone
->types
, ARRAY_TAIL
, type
);
574 enumerator
->destroy(enumerator
);
576 clone
->spi
= this->spi
;
577 clone
->number
= this->number
;
579 return &clone
->public;
583 * Map integrity algorithms to the PRF functions using the same algorithm.
585 static const struct {
586 integrity_algorithm_t integ
;
587 pseudo_random_function_t prf
;
588 } integ_prf_map
[] = {
589 {AUTH_HMAC_SHA1_96
, PRF_HMAC_SHA1
},
590 {AUTH_HMAC_SHA1_160
, PRF_HMAC_SHA1
},
591 {AUTH_HMAC_SHA2_256_128
, PRF_HMAC_SHA2_256
},
592 {AUTH_HMAC_SHA2_384_192
, PRF_HMAC_SHA2_384
},
593 {AUTH_HMAC_SHA2_512_256
, PRF_HMAC_SHA2_512
},
594 {AUTH_HMAC_MD5_96
, PRF_HMAC_MD5
},
595 {AUTH_HMAC_MD5_128
, PRF_HMAC_MD5
},
596 {AUTH_AES_XCBC_96
, PRF_AES128_XCBC
},
597 {AUTH_CAMELLIA_XCBC_96
, PRF_CAMELLIA128_XCBC
},
598 {AUTH_AES_CMAC_96
, PRF_AES128_CMAC
},
602 * Remove all entries of the given transform type
604 static void remove_transform(private_proposal_t
*this, transform_type_t type
)
609 e
= array_create_enumerator(this->transforms
);
610 while (e
->enumerate(e
, &entry
))
612 if (entry
->type
== type
)
614 array_remove_at(this->transforms
, e
);
618 remove_type(this, type
);
622 * Checks the proposal read from a string.
624 static bool check_proposal(private_proposal_t
*this)
629 bool all_aead
= TRUE
, any_aead
= FALSE
, any_enc
= FALSE
;
632 if (this->protocol
== PROTO_IKE
)
634 if (!get_algorithm(this, PSEUDO_RANDOM_FUNCTION
, NULL
, NULL
))
635 { /* No explicit PRF found. We assume the same algorithm as used
636 * for integrity checking. */
637 e
= create_enumerator(this, INTEGRITY_ALGORITHM
);
638 while (e
->enumerate(e
, &alg
, &ks
))
640 for (i
= 0; i
< countof(integ_prf_map
); i
++)
642 if (alg
== integ_prf_map
[i
].integ
)
644 add_algorithm(this, PSEUDO_RANDOM_FUNCTION
,
645 integ_prf_map
[i
].prf
, 0);
652 if (!get_algorithm(this, PSEUDO_RANDOM_FUNCTION
, NULL
, NULL
))
654 DBG1(DBG_CFG
, "a PRF algorithm is mandatory in IKE proposals");
657 /* remove MODP_NONE from IKE proposal */
658 e
= array_create_enumerator(this->transforms
);
659 while (e
->enumerate(e
, &entry
))
661 if (entry
->type
== DIFFIE_HELLMAN_GROUP
&& !entry
->alg
)
663 array_remove_at(this->transforms
, e
);
667 if (!get_algorithm(this, DIFFIE_HELLMAN_GROUP
, NULL
, NULL
))
669 DBG1(DBG_CFG
, "a DH group is mandatory in IKE proposals");
674 { /* remove PRFs from ESP/AH proposals */
675 remove_transform(this, PSEUDO_RANDOM_FUNCTION
);
678 if (this->protocol
== PROTO_IKE
|| this->protocol
== PROTO_ESP
)
680 e
= create_enumerator(this, ENCRYPTION_ALGORITHM
);
681 while (e
->enumerate(e
, &alg
, &ks
))
684 if (encryption_algorithm_is_aead(alg
))
695 DBG1(DBG_CFG
, "an encryption algorithm is mandatory in %N proposals",
696 protocol_id_names
, this->protocol
);
699 else if (any_aead
&& !all_aead
)
701 DBG1(DBG_CFG
, "classic and combined-mode (AEAD) encryption "
702 "algorithms can't be contained in the same %N proposal",
703 protocol_id_names
, this->protocol
);
707 { /* if all encryption algorithms in the proposal are AEADs,
708 * we MUST NOT propose any integrity algorithms */
709 remove_transform(this, INTEGRITY_ALGORITHM
);
713 { /* AES-GMAC is parsed as encryption algorithm, so we map that to the
714 * proper integrity algorithm */
715 e
= array_create_enumerator(this->transforms
);
716 while (e
->enumerate(e
, &entry
))
718 if (entry
->type
== ENCRYPTION_ALGORITHM
)
720 if (entry
->alg
== ENCR_NULL_AUTH_AES_GMAC
)
722 entry
->type
= INTEGRITY_ALGORITHM
;
723 ks
= entry
->key_size
;
728 entry
->alg
= AUTH_AES_128_GMAC
;
731 entry
->alg
= AUTH_AES_192_GMAC
;
734 entry
->alg
= AUTH_AES_256_GMAC
;
740 /* remove all other encryption algorithms */
741 array_remove_at(this->transforms
, e
);
745 remove_type(this, ENCRYPTION_ALGORITHM
);
747 if (!get_algorithm(this, INTEGRITY_ALGORITHM
, NULL
, NULL
))
749 DBG1(DBG_CFG
, "an integrity algorithm is mandatory in AH "
755 if (this->protocol
== PROTO_AH
|| this->protocol
== PROTO_ESP
)
757 if (!get_algorithm(this, EXTENDED_SEQUENCE_NUMBERS
, NULL
, NULL
))
758 { /* ESN not specified, assume not supported */
759 add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS
, NO_EXT_SEQ_NUMBERS
, 0);
763 array_compress(this->transforms
);
768 * add a algorithm identified by a string to the proposal.
770 static bool add_string_algo(private_proposal_t
*this, const char *alg
)
772 const proposal_token_t
*token
;
774 token
= lib
->proposal
->get_token(lib
->proposal
, alg
);
777 DBG1(DBG_CFG
, "algorithm '%s' not recognized", alg
);
781 add_algorithm(this, token
->type
, token
->algorithm
, token
->keysize
);
787 * Print all algorithms of the given type
789 static int print_alg(private_proposal_t
*this, printf_hook_data_t
*data
,
790 transform_type_t type
, bool *first
)
792 enumerator_t
*enumerator
;
797 names
= transform_get_enum_names(type
);
799 enumerator
= array_create_enumerator(this->transforms
);
800 while (enumerator
->enumerate(enumerator
, &entry
))
804 if (type
!= entry
->type
)
815 written
+= print_in_hook(data
, "%s%N", prefix
, names
, entry
->alg
);
819 written
+= print_in_hook(data
, "%sUNKNOWN_%u_%u", prefix
,
820 entry
->type
, entry
->alg
);
824 written
+= print_in_hook(data
, "_%u", entry
->key_size
);
827 enumerator
->destroy(enumerator
);
832 * Described in header.
834 int proposal_printf_hook(printf_hook_data_t
*data
, printf_hook_spec_t
*spec
,
835 const void *const *args
)
837 private_proposal_t
*this = *((private_proposal_t
**)(args
[0]));
838 linked_list_t
*list
= *((linked_list_t
**)(args
[0]));
839 enumerator_t
*enumerator
;
840 transform_type_t
*type
;
846 return print_in_hook(data
, "(null)");
851 enumerator
= list
->create_enumerator(list
);
852 while (enumerator
->enumerate(enumerator
, &this))
853 { /* call recursively */
856 written
+= print_in_hook(data
, "%P", this);
861 written
+= print_in_hook(data
, ", %P", this);
864 enumerator
->destroy(enumerator
);
868 written
= print_in_hook(data
, "%N:", protocol_id_names
, this->protocol
);
869 enumerator
= array_create_enumerator(this->types
);
870 while (enumerator
->enumerate(enumerator
, &type
))
872 written
+= print_alg(this, data
, *type
, &first
);
874 enumerator
->destroy(enumerator
);
878 METHOD(proposal_t
, destroy
, void,
879 private_proposal_t
*this)
881 array_destroy(this->transforms
);
882 array_destroy(this->types
);
887 * Described in header
889 proposal_t
*proposal_create(protocol_id_t protocol
, u_int number
)
891 private_proposal_t
*this;
895 .add_algorithm
= _add_algorithm
,
896 .create_enumerator
= _create_enumerator
,
897 .get_algorithm
= _get_algorithm
,
898 .has_dh_group
= _has_dh_group
,
899 .promote_dh_group
= _promote_dh_group
,
900 .strip_dh
= _strip_dh
,
901 .select
= _select_proposal
,
902 .get_protocol
= _get_protocol
,
905 .get_number
= _get_number
,
910 .protocol
= protocol
,
912 .transforms
= array_create(sizeof(entry_t
), 0),
913 .types
= array_create(sizeof(transform_type_t
), 0),
916 return &this->public;
920 * Add supported IKE algorithms to proposal
922 static bool proposal_add_supported_ike(private_proposal_t
*this, bool aead
)
924 enumerator_t
*enumerator
;
925 encryption_algorithm_t encryption
;
926 integrity_algorithm_t integrity
;
927 pseudo_random_function_t prf
;
928 diffie_hellman_group_t group
;
929 const char *plugin_name
;
933 /* Round 1 adds algorithms with at least 128 bit security strength */
934 enumerator
= lib
->crypto
->create_aead_enumerator(lib
->crypto
);
935 while (enumerator
->enumerate(enumerator
, &encryption
, &plugin_name
))
939 case ENCR_AES_GCM_ICV16
:
940 case ENCR_AES_CCM_ICV16
:
941 case ENCR_CAMELLIA_CCM_ICV16
:
942 /* we assume that we support all AES/Camellia sizes */
943 add_algorithm(this, ENCRYPTION_ALGORITHM
, encryption
, 128);
944 add_algorithm(this, ENCRYPTION_ALGORITHM
, encryption
, 192);
945 add_algorithm(this, ENCRYPTION_ALGORITHM
, encryption
, 256);
947 case ENCR_CHACHA20_POLY1305
:
948 add_algorithm(this, ENCRYPTION_ALGORITHM
, encryption
, 256);
954 enumerator
->destroy(enumerator
);
956 /* Round 2 adds algorithms with less than 128 bit security strength */
957 enumerator
= lib
->crypto
->create_aead_enumerator(lib
->crypto
);
958 while (enumerator
->enumerate(enumerator
, &encryption
, &plugin_name
))
962 case ENCR_AES_GCM_ICV12
:
963 case ENCR_AES_GCM_ICV8
:
964 case ENCR_AES_CCM_ICV12
:
965 case ENCR_AES_CCM_ICV8
:
966 case ENCR_CAMELLIA_CCM_ICV12
:
967 case ENCR_CAMELLIA_CCM_ICV8
:
968 /* we assume that we support all AES/Camellia sizes */
969 add_algorithm(this, ENCRYPTION_ALGORITHM
, encryption
, 128);
970 add_algorithm(this, ENCRYPTION_ALGORITHM
, encryption
, 192);
971 add_algorithm(this, ENCRYPTION_ALGORITHM
, encryption
, 256);
977 enumerator
->destroy(enumerator
);
979 if (!array_count(this->transforms
))
986 /* Round 1 adds algorithms with at least 128 bit security strength */
987 enumerator
= lib
->crypto
->create_crypter_enumerator(lib
->crypto
);
988 while (enumerator
->enumerate(enumerator
, &encryption
, &plugin_name
))
994 case ENCR_CAMELLIA_CBC
:
995 case ENCR_CAMELLIA_CTR
:
996 /* we assume that we support all AES/Camellia sizes */
997 add_algorithm(this, ENCRYPTION_ALGORITHM
, encryption
, 128);
998 add_algorithm(this, ENCRYPTION_ALGORITHM
, encryption
, 192);
999 add_algorithm(this, ENCRYPTION_ALGORITHM
, encryption
, 256);
1005 enumerator
->destroy(enumerator
);
1007 /* Round 2 adds algorithms with less than 128 bit security strength */
1008 enumerator
= lib
->crypto
->create_crypter_enumerator(lib
->crypto
);
1009 while (enumerator
->enumerate(enumerator
, &encryption
, &plugin_name
))
1014 add_algorithm(this, ENCRYPTION_ALGORITHM
, encryption
, 0);
1023 enumerator
->destroy(enumerator
);
1025 if (!array_count(this->transforms
))
1030 /* Round 1 adds algorithms with at least 128 bit security strength */
1031 enumerator
= lib
->crypto
->create_signer_enumerator(lib
->crypto
);
1032 while (enumerator
->enumerate(enumerator
, &integrity
, &plugin_name
))
1036 case AUTH_HMAC_SHA2_256_128
:
1037 case AUTH_HMAC_SHA2_384_192
:
1038 case AUTH_HMAC_SHA2_512_256
:
1039 add_algorithm(this, INTEGRITY_ALGORITHM
, integrity
, 0);
1045 enumerator
->destroy(enumerator
);
1047 /* Round 2 adds algorithms with less than 128 bit security strength */
1048 enumerator
= lib
->crypto
->create_signer_enumerator(lib
->crypto
);
1049 while (enumerator
->enumerate(enumerator
, &integrity
, &plugin_name
))
1053 case AUTH_AES_XCBC_96
:
1054 case AUTH_AES_CMAC_96
:
1055 case AUTH_HMAC_SHA1_96
:
1056 add_algorithm(this, INTEGRITY_ALGORITHM
, integrity
, 0);
1058 case AUTH_HMAC_MD5_96
:
1064 enumerator
->destroy(enumerator
);
1067 /* Round 1 adds algorithms with at least 128 bit security strength */
1068 enumerator
= lib
->crypto
->create_prf_enumerator(lib
->crypto
);
1069 while (enumerator
->enumerate(enumerator
, &prf
, &plugin_name
))
1073 case PRF_HMAC_SHA2_256
:
1074 case PRF_HMAC_SHA2_384
:
1075 case PRF_HMAC_SHA2_512
:
1076 case PRF_AES128_XCBC
:
1077 case PRF_AES128_CMAC
:
1078 add_algorithm(this, PSEUDO_RANDOM_FUNCTION
, prf
, 0);
1084 enumerator
->destroy(enumerator
);
1086 /* Round 2 adds algorithms with less than 128 bit security strength */
1087 enumerator
= lib
->crypto
->create_prf_enumerator(lib
->crypto
);
1088 while (enumerator
->enumerate(enumerator
, &prf
, &plugin_name
))
1093 add_algorithm(this, PSEUDO_RANDOM_FUNCTION
, prf
, 0);
1102 enumerator
->destroy(enumerator
);
1104 /* Round 1 adds ECC and NTRU algorithms with at least 128 bit security strength */
1105 enumerator
= lib
->crypto
->create_dh_enumerator(lib
->crypto
);
1106 while (enumerator
->enumerate(enumerator
, &group
, &plugin_name
))
1122 add_algorithm(this, DIFFIE_HELLMAN_GROUP
, group
, 0);
1128 enumerator
->destroy(enumerator
);
1130 /* Round 2 adds other algorithms with at least 128 bit security strength */
1131 enumerator
= lib
->crypto
->create_dh_enumerator(lib
->crypto
);
1132 while (enumerator
->enumerate(enumerator
, &group
, &plugin_name
))
1140 add_algorithm(this, DIFFIE_HELLMAN_GROUP
, group
, 0);
1146 enumerator
->destroy(enumerator
);
1148 /* Round 3 adds algorithms with less than 128 bit security strength */
1149 enumerator
= lib
->crypto
->create_dh_enumerator(lib
->crypto
);
1150 while (enumerator
->enumerate(enumerator
, &group
, &plugin_name
))
1155 /* only for testing purposes */
1165 /* RFC 5114 primes are of questionable source */
1174 add_algorithm(this, DIFFIE_HELLMAN_GROUP
, group
, 0);
1180 enumerator
->destroy(enumerator
);
1186 * Described in header
1188 proposal_t
*proposal_create_default(protocol_id_t protocol
)
1190 private_proposal_t
*this = (private_proposal_t
*)proposal_create(protocol
, 0);
1195 if (!proposal_add_supported_ike(this, FALSE
))
1202 add_algorithm(this, ENCRYPTION_ALGORITHM
, ENCR_AES_CBC
, 128);
1203 add_algorithm(this, ENCRYPTION_ALGORITHM
, ENCR_AES_CBC
, 192);
1204 add_algorithm(this, ENCRYPTION_ALGORITHM
, ENCR_AES_CBC
, 256);
1205 add_algorithm(this, INTEGRITY_ALGORITHM
, AUTH_HMAC_SHA2_256_128
, 0);
1206 add_algorithm(this, INTEGRITY_ALGORITHM
, AUTH_HMAC_SHA2_384_192
, 0);
1207 add_algorithm(this, INTEGRITY_ALGORITHM
, AUTH_HMAC_SHA2_512_256
, 0);
1208 add_algorithm(this, INTEGRITY_ALGORITHM
, AUTH_HMAC_SHA1_96
, 0);
1209 add_algorithm(this, INTEGRITY_ALGORITHM
, AUTH_AES_XCBC_96
, 0);
1210 add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS
, NO_EXT_SEQ_NUMBERS
, 0);
1213 add_algorithm(this, INTEGRITY_ALGORITHM
, AUTH_HMAC_SHA2_256_128
, 0);
1214 add_algorithm(this, INTEGRITY_ALGORITHM
, AUTH_HMAC_SHA2_384_192
, 0);
1215 add_algorithm(this, INTEGRITY_ALGORITHM
, AUTH_HMAC_SHA2_512_256
, 0);
1216 add_algorithm(this, INTEGRITY_ALGORITHM
, AUTH_HMAC_SHA1_96
, 0);
1217 add_algorithm(this, INTEGRITY_ALGORITHM
, AUTH_AES_XCBC_96
, 0);
1218 add_algorithm(this, EXTENDED_SEQUENCE_NUMBERS
, NO_EXT_SEQ_NUMBERS
, 0);
1223 return &this->public;
1227 * Described in header
1229 proposal_t
*proposal_create_default_aead(protocol_id_t protocol
)
1231 private_proposal_t
*this;
1236 this = (private_proposal_t
*)proposal_create(protocol
, 0);
1237 if (!proposal_add_supported_ike(this, TRUE
))
1242 return &this->public;
1244 /* we currently don't include any AEAD proposal for ESP, as we
1245 * don't know if our kernel backend actually supports it. */
1254 * Described in header
1256 proposal_t
*proposal_create_from_string(protocol_id_t protocol
, const char *algs
)
1258 private_proposal_t
*this;
1259 enumerator_t
*enumerator
;
1263 this = (private_proposal_t
*)proposal_create(protocol
, 0);
1265 /* get all tokens, separated by '-' */
1266 enumerator
= enumerator_create_token(algs
, "-", " ");
1267 while (enumerator
->enumerate(enumerator
, &alg
))
1269 if (!add_string_algo(this, alg
))
1276 enumerator
->destroy(enumerator
);
1278 if (failed
|| !check_proposal(this))
1284 return &this->public;