From: Tobias Brunner Date: Tue, 2 Jul 2019 13:01:26 +0000 (+0200) Subject: keymat_v2: Add method to calculate IntAuth for IKE_INTERMEDIATE exchanges X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=df886ea9717c6206f5fbfb9bd57a55a881dc79c5;p=thirdparty%2Fstrongswan.git keymat_v2: Add method to calculate IntAuth for IKE_INTERMEDIATE exchanges --- diff --git a/src/charon-tkm/src/tkm/tkm_keymat.c b/src/charon-tkm/src/tkm/tkm_keymat.c index 6e79c639eb..2d3c1030e5 100644 --- a/src/charon-tkm/src/tkm/tkm_keymat.c +++ b/src/charon-tkm/src/tkm/tkm_keymat.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015 Tobias Brunner + * Copyright (C) 2015-2019 Tobias Brunner * Copyright (C) 2012 Reto Buerki * Copyright (C) 2012 Adrian-Ken Rueegsegger * @@ -246,6 +246,14 @@ METHOD(keymat_t, get_aead, aead_t*, return this->aead; } +METHOD(keymat_v2_t, get_int_auth, bool, + private_tkm_keymat_t *this, bool verify, chunk_t data, chunk_t prev, + chunk_t *auth) +{ + DBG1(DBG_IKE, "TKM doesn't support IntAuth calculation"); + return FALSE; +} + METHOD(keymat_v2_t, get_auth_octets, bool, private_tkm_keymat_t *this, bool verify, chunk_t ike_sa_init, chunk_t nonce, chunk_t ppk, identification_t *id, char reserved[3], @@ -388,6 +396,7 @@ tkm_keymat_t *tkm_keymat_create(bool initiator) .derive_ike_keys_ppk = (void*)return_false, .derive_child_keys = _derive_child_keys, .get_skd = _get_skd, + .get_int_auth = _get_int_auth, .get_auth_octets = _get_auth_octets, .get_psk_sig = _get_psk_sig, .add_hash_algorithm = _add_hash_algorithm, diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c index c8a9c7117d..42ce6c67bd 100644 --- a/src/libcharon/sa/ikev2/keymat_v2.c +++ b/src/libcharon/sa/ikev2/keymat_v2.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2015 Tobias Brunner + * Copyright (C) 2015-2019 Tobias Brunner * Copyright (C) 2008 Martin Willi * * Copyright (C) secunet Security Networks AG @@ -261,6 +261,7 @@ METHOD(keymat_v2_t, derive_ike_keys, bool, return FALSE; } this->prf_alg = prf_alg; + DESTROY_IF(this->prf); this->prf = lib->crypto->create_prf(lib->crypto, this->prf_alg); if (!this->prf) { @@ -656,6 +657,27 @@ METHOD(keymat_t, get_aead, aead_t*, return in ? this->aead_in : this->aead_out; } +METHOD(keymat_v2_t, get_int_auth, bool, + private_keymat_v2_t *this, bool verify, chunk_t data, chunk_t prev, + chunk_t *auth) +{ + chunk_t skp; + + skp = verify ? this->skp_verify : this->skp_build; + + DBG3(DBG_IKE, "IntAuth_N-1 %B", &prev); + DBG3(DBG_IKE, "IntAuth_A|P %B", &data); + DBG4(DBG_IKE, "SK_p %B", &skp); + data = chunk_cata("cc", prev, data); + if (!this->prf->set_key(this->prf, skp) || + !this->prf->allocate_bytes(this->prf, data, auth)) + { + return FALSE; + } + DBG3(DBG_IKE, "IntAuth_N = prf(Sk_px, data) %B", auth); + return TRUE; +} + METHOD(keymat_v2_t, get_auth_octets, bool, private_keymat_v2_t *this, bool verify, chunk_t ike_sa_init, chunk_t nonce, chunk_t ppk, identification_t *id, char reserved[3], @@ -749,7 +771,6 @@ failure: chunk_free(&octets); chunk_free(&key); return success; - } METHOD(keymat_v2_t, hash_algorithm_supported, bool, @@ -805,6 +826,7 @@ keymat_v2_t *keymat_v2_create(bool initiator) .derive_ike_keys_ppk = _derive_ike_keys_ppk, .derive_child_keys = _derive_child_keys, .get_skd = _get_skd, + .get_int_auth = _get_int_auth, .get_auth_octets = _get_auth_octets, .get_psk_sig = _get_psk_sig, .add_hash_algorithm = _add_hash_algorithm, diff --git a/src/libcharon/sa/ikev2/keymat_v2.h b/src/libcharon/sa/ikev2/keymat_v2.h index 60bac653b7..f2f0bec1ce 100644 --- a/src/libcharon/sa/ikev2/keymat_v2.h +++ b/src/libcharon/sa/ikev2/keymat_v2.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011-2015 Tobias Brunner + * Copyright (C) 2011-2019 Tobias Brunner * * Copyright (C) secunet Security Networks AG * @@ -91,6 +91,7 @@ struct keymat_v2_t { chunk_t nonce_i, chunk_t nonce_r, chunk_t *encr_i, chunk_t *integ_i, chunk_t *encr_r, chunk_t *integ_r); + /** * Get SKd to pass to derive_ikey_keys() during rekeying. * @@ -99,6 +100,22 @@ struct keymat_v2_t { */ pseudo_random_function_t (*get_skd)(keymat_v2_t *this, chunk_t *skd); + /** + * Generate data for signed octets when using IKE_INTEMEDIATE exchanges. + * + * The supplied chunk must contain the IKE header until the end of the + * Encrypted Payload header followed by the plaintext contents of the + * latter. + * + * @param verify TRUE as recipient, FALSE as sender + * @param data IKE_INTERMEDIATE packet data + * @param prev previous IntAuth value + * @param[out] auth IntAuth data to be used later with get_auth_octets() + * @return TRUE if octets created successfully + */ + bool (*get_int_auth)(keymat_v2_t *this, bool verify, chunk_t data, + chunk_t prev, chunk_t *auth); + /** * Generate octets to use for authentication procedure (RFC4306 2.15). *