key-exchange: Add helper to concatenate shared secrets of several key exchanges

author Tobias Brunner <tobias@strongswan.org>

Thu, 9 Apr 2020 09:36:30 +0000 (11:36 +0200)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Mon, 1 Apr 2024 10:26:35 +0000 (12:26 +0200)
author Tobias Brunner <tobias@strongswan.org>
Thu, 9 Apr 2020 09:36:30 +0000 (11:36 +0200)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Mon, 1 Apr 2024 10:26:35 +0000 (12:26 +0200)
diff --git a/src/libstrongswan/crypto/key_exchange.c b/src/libstrongswan/crypto/key_exchange.c

index d672ec7e8fb682a9a84cbf3571505052ba3db4b4..5b011398978a4f748f96645a98dfe7e65f1eaece 100644 (file)
--- a/src/libstrongswan/crypto/key_exchange.c
+++ b/src/libstrongswan/crypto/key_exchange.c
@@ -1,5 +1,5 @@
  /*
- * Copyright (C) 2010-2019 Tobias Brunner
+ * Copyright (C) 2010-2020 Tobias Brunner
   * Copyright (C) 2005-2010 Martin Willi
   * Copyright (C) 2005 Jan Hutter
   *
@@ -619,3 +619,43 @@ bool key_exchange_verify_pubkey(key_exchange_method_t ke, chunk_t value)
         }
         return valid;
  }
+
+/*
+ * Described in header
+ */
+bool key_exchange_concat_secrets(array_t *kes, chunk_t *first,
+                                                                chunk_t *others)
+{
+       key_exchange_t *ke;
+       chunk_t secret;
+       int i;
+
+       if (!array_count(kes))
+       {
+               return FALSE;
+       }
+       *first = chunk_empty;
+       *others = chunk_empty;
+       for (i = 0; i < array_count(kes); i++)
+       {
+               if (array_get(kes, i, &ke) &&
+                       ke->get_shared_secret(ke, &secret))
+               {
+                       if (i == 0)
+                       {
+                               *first = secret;
+                       }
+                       else
+                       {
+                               *others = chunk_cat("ss", *others, secret);
+                       }
+               }
+               else
+               {
+                       chunk_clear(first);
+                       chunk_clear(others);
+                       return FALSE;
+               }
+       }
+       return TRUE;
+}
diff --git a/src/libstrongswan/crypto/key_exchange.h b/src/libstrongswan/crypto/key_exchange.h

index 70d6d49938a23ed842dfdad9f2cc9b778b9f56c8..73bf61f06e001062aeaa2d826d3b037d80b39f36 100644 (file)
--- a/src/libstrongswan/crypto/key_exchange.h
+++ b/src/libstrongswan/crypto/key_exchange.h
@@ -1,5 +1,5 @@
  /*
- * Copyright (C) 2010-2019 Tobias Brunner
+ * Copyright (C) 2010-2020 Tobias Brunner
   * Copyright (C) 2005-2007 Martin Willi
   * Copyright (C) 2005 Jan Hutter
   *
@@ -29,6 +29,7 @@ typedef struct key_exchange_t key_exchange_t;
  typedef struct diffie_hellman_params_t diffie_hellman_params_t;
  
  #include <library.h>
+#include <collections/array.h>
  
  /**
   * Key exchange method.
@@ -209,4 +210,16 @@ bool key_exchange_is_ecdh(key_exchange_method_t ke);
   */
  bool key_exchange_verify_pubkey(key_exchange_method_t ke, chunk_t value);
  
+/**
+ * Return the first shared secret plus the concatenated additional shared
+ * secrets of all the key exchange methods in the given array.
+ *
+ * @param kes                  array of key_exchange_t*
+ * @param secret               first shared secret (allocated)
+ * @param add_secret   concatenated additional shared secrets (allocated)
+ * @return                             TRUE on success
+ */
+bool key_exchange_concat_secrets(array_t *kes, chunk_t *secret,
+                                                                chunk_t *add_secret);
+
  #endif /** KEY_EXCHANGE_H_ @}*/
author	Tobias Brunner <tobias@strongswan.org>
	Thu, 9 Apr 2020 09:36:30 +0000 (11:36 +0200)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Mon, 1 Apr 2024 10:26:35 +0000 (12:26 +0200)
src/libstrongswan/crypto/key_exchange.c		patch \| blob \| blame \| history
src/libstrongswan/crypto/key_exchange.h		patch \| blob \| blame \| history