]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
projects / thirdparty / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7bde56a)
crypto: Add new KDF type for IKEv2 PRFs
authorTobias Brunner <tobias@strongswan.org>
Mon, 14 Mar 2022 15:56:32 +0000 (16:56 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 14 Apr 2022 17:02:56 +0000 (19:02 +0200)
src/libstrongswan/crypto/crypto_tester.c patch | blob | blame | history
src/libstrongswan/crypto/kdfs/kdf.c patch | blob | blame | history
src/libstrongswan/crypto/kdfs/kdf.h patch | blob | blame | history

diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c
index 3aad7773ad291fb304cf310f0114ee9ee30bfbfb..0247ce6f634de1021a1a397866d51b70aa48d39d 100644 (file)
--- a/src/libstrongswan/crypto/crypto_tester.c
+++ b/src/libstrongswan/crypto/crypto_tester.c
@@ -1217,6 +1217,7 @@ static kdf_t *create_kdf_vector(kdf_constructor_t create,
 {
        switch (alg)
        {
+               case KDF_PRF:
                case KDF_PRF_PLUS:
                        return create_kdf_args(create, alg, vector->arg.prf);
                case KDF_UNDEFINED:
@@ -1235,6 +1236,7 @@ static bool kdf_vector_applies(key_derivation_function_t alg,
 
        switch (alg)
        {
+               case KDF_PRF:
                case KDF_PRF_PLUS:
                {
                        pseudo_random_function_t prf;
diff --git a/src/libstrongswan/crypto/kdfs/kdf.c b/src/libstrongswan/crypto/kdfs/kdf.c
index f597629c67d30bb656776e88ec6d6e2f0131ea7a..f218013cb18235c0310d00104f248df25b685958 100644 (file)
--- a/src/libstrongswan/crypto/kdfs/kdf.c
+++ b/src/libstrongswan/crypto/kdfs/kdf.c
@@ -24,6 +24,7 @@
 
 ENUM(key_derivation_function_names, KDF_UNDEFINED, KDF_PRF_PLUS,
        "KDF_UNDEFINED",
+       "KDF_PRF",
        "KDF_PRF_PLUS",
 );
 
@@ -34,6 +35,8 @@ bool kdf_has_fixed_output_length(key_derivation_function_t type)
 {
        switch (type)
        {
+               case KDF_PRF:
+                       return TRUE;
                case KDF_PRF_PLUS:
                case KDF_UNDEFINED:
                        break;
diff --git a/src/libstrongswan/crypto/kdfs/kdf.h b/src/libstrongswan/crypto/kdfs/kdf.h
index 2e741153e093eb281d5bc303226054ee2a6657aa..5e06d2a616072a7cc4986c12c662766c94f0526d 100644 (file)
--- a/src/libstrongswan/crypto/kdfs/kdf.h
+++ b/src/libstrongswan/crypto/kdfs/kdf.h
@@ -41,9 +41,16 @@ enum key_derivation_function_t {
 
        KDF_UNDEFINED,
 
+       /**
+        * RFC 7296 prf, expects a pseudo_random_function_t in the constructor,
+        * parameters are KEY (DH secret) and SALT (nonces).
+        * Has a fixed output length.
+        */
+       KDF_PRF,
+
        /**
         * RFC 7296 prf+, expects a pseudo_random_function_t in the constructor,
-        * parameters are KEY and SALT.
+        * parameters are KEY (SKEYSEED/SK_d) and SALT (nonces etc.).
         */
        KDF_PRF_PLUS,
 };
Unnamed repository; edit this file 'description' to name the repository.