From ee019ab321187a56389e885080a841d6ec1b78dc Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Thu, 8 Mar 2018 18:26:19 +0100 Subject: [PATCH] proposal: Make sure non-AEAD IKE proposals contain integrity algorithms --- src/libstrongswan/crypto/proposal/proposal.c | 8 ++++++++ src/libstrongswan/tests/suites/test_proposal.c | 2 ++ 2 files changed, 10 insertions(+) diff --git a/src/libstrongswan/crypto/proposal/proposal.c b/src/libstrongswan/crypto/proposal/proposal.c index 39630a1688..52520640cd 100644 --- a/src/libstrongswan/crypto/proposal/proposal.c +++ b/src/libstrongswan/crypto/proposal/proposal.c @@ -710,6 +710,14 @@ static bool check_proposal(private_proposal_t *this) * we MUST NOT propose any integrity algorithms */ remove_transform(this, INTEGRITY_ALGORITHM); } + else if (this->protocol == PROTO_IKE && + !get_algorithm(this, INTEGRITY_ALGORITHM, NULL, NULL)) + { + DBG1(DBG_CFG, "an integrity algorithm is mandatory in %N proposals " + "with classic (non-AEAD) encryption algorithms", + protocol_id_names, this->protocol); + return FALSE; + } } else { /* AES-GMAC is parsed as encryption algorithm, so we map that to the diff --git a/src/libstrongswan/tests/suites/test_proposal.c b/src/libstrongswan/tests/suites/test_proposal.c index 4e235861c0..29621a8d91 100644 --- a/src/libstrongswan/tests/suites/test_proposal.c +++ b/src/libstrongswan/tests/suites/test_proposal.c @@ -29,6 +29,8 @@ static struct { { PROTO_IKE, "aes128", NULL }, { PROTO_IKE, "aes128-sha256", NULL }, { PROTO_IKE, "aes128-sha256-modpnone", NULL }, + { PROTO_IKE, "aes128-prfsha256", NULL }, + { PROTO_IKE, "aes128-prfsha256-modp2048", NULL }, { PROTO_IKE, "aes128-sha256-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072" }, { PROTO_IKE, "aes128-sha256-prfsha384-modp3072", "IKE:AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_384/MODP_3072" }, { PROTO_IKE, "aes128gcm16-modp3072", NULL }, -- 2.47.2