keymat_v2: Add method to calculate IntAuth for IKE_INTERMEDIATE exchanges

diff --git a/src/charon-tkm/src/tkm/tkm_keymat.c b/src/charon-tkm/src/tkm/tkm_keymat.c
index 6e79c639eb96e67d6fad4a79664c48741d381ae6..2d3c1030e56ba42757b24a2db69c2a7218b89d9b 100644 (file)
--- a/src/charon-tkm/src/tkm/tkm_keymat.c
+++ b/src/charon-tkm/src/tkm/tkm_keymat.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2015 Tobias Brunner
+ * Copyright (C) 2015-2019 Tobias Brunner
  * Copyright (C) 2012 Reto Buerki
  * Copyright (C) 2012 Adrian-Ken Rueegsegger
  *
@@ -246,6 +246,14 @@ METHOD(keymat_t, get_aead, aead_t*,
        return this->aead;
 }
 
+METHOD(keymat_v2_t, get_int_auth, bool,
+       private_tkm_keymat_t *this, bool verify, chunk_t data, chunk_t prev,
+       chunk_t *auth)
+{
+       DBG1(DBG_IKE, "TKM doesn't support IntAuth calculation");
+       return FALSE;
+}
+
 METHOD(keymat_v2_t, get_auth_octets, bool,
        private_tkm_keymat_t *this, bool verify, chunk_t ike_sa_init,
        chunk_t nonce, chunk_t ppk, identification_t *id, char reserved[3],
@@ -388,6 +396,7 @@ tkm_keymat_t *tkm_keymat_create(bool initiator)
                                .derive_ike_keys_ppk = (void*)return_false,
                                .derive_child_keys = _derive_child_keys,
                                .get_skd = _get_skd,
+                               .get_int_auth = _get_int_auth,
                                .get_auth_octets = _get_auth_octets,
                                .get_psk_sig = _get_psk_sig,
                                .add_hash_algorithm = _add_hash_algorithm,

diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c
index c8a9c7117d396e314ffbb84dcb9acc21896155a2..1a6cda609d4c1e13b360ff5c540d8ec6144a4d3c 100644 (file)
--- a/src/libcharon/sa/ikev2/keymat_v2.c
+++ b/src/libcharon/sa/ikev2/keymat_v2.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2015 Tobias Brunner
+ * Copyright (C) 2015-2019 Tobias Brunner
  * Copyright (C) 2008 Martin Willi
  *
  * Copyright (C) secunet Security Networks AG
@@ -261,6 +261,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool,
                return FALSE;
        }
        this->prf_alg = prf_alg;
+       DESTROY_IF(this->prf);
        this->prf = lib->crypto->create_prf(lib->crypto, this->prf_alg);
        if (!this->prf)
        {
@@ -656,6 +657,27 @@ METHOD(keymat_t, get_aead, aead_t*,
        return in ? this->aead_in : this->aead_out;
 }
 
+METHOD(keymat_v2_t, get_int_auth, bool,
+       private_keymat_v2_t *this, bool verify, chunk_t data, chunk_t prev,
+       chunk_t *auth)
+{
+       chunk_t skp;
+
+       skp = verify ? this->skp_verify : this->skp_build;
+
+       DBG3(DBG_IKE, "IntAuth_N-1 %B", &prev);
+       DBG3(DBG_IKE, "IntAuth_A|P %B", &data);
+       DBG4(DBG_IKE, "SK_p %B", &skp);
+       if (!this->prf->set_key(this->prf, skp) ||
+               !this->prf->allocate_bytes(this->prf, prev, NULL) ||
+               !this->prf->allocate_bytes(this->prf, data, auth))
+       {
+               return FALSE;
+       }
+       DBG3(DBG_IKE, "IntAuth_N = prf(Sk_px, data) %B", auth);
+       return TRUE;
+}
+
 METHOD(keymat_v2_t, get_auth_octets, bool,
        private_keymat_v2_t *this, bool verify, chunk_t ike_sa_init,
        chunk_t nonce, chunk_t ppk, identification_t *id, char reserved[3],
@@ -749,7 +771,6 @@ failure:
        chunk_free(&octets);
        chunk_free(&key);
        return success;
-
 }
 
 METHOD(keymat_v2_t, hash_algorithm_supported, bool,
@@ -805,6 +826,7 @@ keymat_v2_t *keymat_v2_create(bool initiator)
                        .derive_ike_keys_ppk = _derive_ike_keys_ppk,
                        .derive_child_keys = _derive_child_keys,
                        .get_skd = _get_skd,
+                       .get_int_auth = _get_int_auth,
                        .get_auth_octets = _get_auth_octets,
                        .get_psk_sig = _get_psk_sig,
                        .add_hash_algorithm = _add_hash_algorithm,

diff --git a/src/libcharon/sa/ikev2/keymat_v2.h b/src/libcharon/sa/ikev2/keymat_v2.h
index 60bac653b79bceb06eec4fbf9b94050361990e3f..f2f0bec1ce952c0b9d8d68c40b047d75224b834b 100644 (file)
--- a/src/libcharon/sa/ikev2/keymat_v2.h
+++ b/src/libcharon/sa/ikev2/keymat_v2.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2011-2015 Tobias Brunner
+ * Copyright (C) 2011-2019 Tobias Brunner
  *
  * Copyright (C) secunet Security Networks AG
  *
@@ -91,6 +91,7 @@ struct keymat_v2_t {
                                                          chunk_t nonce_i, chunk_t nonce_r,
                                                          chunk_t *encr_i, chunk_t *integ_i,
                                                          chunk_t *encr_r, chunk_t *integ_r);
+
        /**
         * Get SKd to pass to derive_ikey_keys() during rekeying.
         *
@@ -99,6 +100,22 @@ struct keymat_v2_t {
         */
        pseudo_random_function_t (*get_skd)(keymat_v2_t *this, chunk_t *skd);
 
+       /**
+        * Generate data for signed octets when using IKE_INTEMEDIATE exchanges.
+        *
+        * The supplied chunk must contain the IKE header until the end of the
+        * Encrypted Payload header followed by the plaintext contents of the
+        * latter.
+        *
+        * @param verify                TRUE as recipient, FALSE as sender
+        * @param data                  IKE_INTERMEDIATE packet data
+        * @param prev                  previous IntAuth value
+        * @param[out] auth             IntAuth data to be used later with get_auth_octets()
+        * @return                              TRUE if octets created successfully
+        */
+       bool (*get_int_auth)(keymat_v2_t *this, bool verify, chunk_t data,
+                                                chunk_t prev, chunk_t *auth);
+
        /**
         * Generate octets to use for authentication procedure (RFC4306 2.15).
         *