added pts_dh_group_select

diff --git a/src/libpts/pts/pts_dh_group.c b/src/libpts/pts/pts_dh_group.c
index c3b7063bb9546a5581295bc58235747da10e3871..7fc914805b4550a76aefd02bc6620053e0c927cf 100644 (file)
--- a/src/libpts/pts/pts_dh_group.c
+++ b/src/libpts/pts/pts_dh_group.c
@@ -120,6 +120,40 @@ bool pts_update_supported_dh_groups(char *dh_group, pts_dh_group_t *groups)
        return FALSE;
 }
 
+/**
+ * Described in header.
+ */
+pts_dh_group_t pts_dh_group_select(pts_dh_group_t supported_dh_groups,
+                                                                  pts_dh_group_t offered_dh_groups)
+{
+       if ((supported_dh_groups & PTS_DH_GROUP_IKE20) &&
+               (offered_dh_groups   & PTS_DH_GROUP_IKE20))
+       {
+               return PTS_DH_GROUP_IKE20;
+       }
+       if ((supported_dh_groups & PTS_DH_GROUP_IKE19) &&
+               (offered_dh_groups   & PTS_DH_GROUP_IKE19))
+       {
+               return PTS_DH_GROUP_IKE19;
+       }
+       if ((supported_dh_groups & PTS_DH_GROUP_IKE14) &&
+               (offered_dh_groups   & PTS_DH_GROUP_IKE14))
+       {
+               return PTS_DH_GROUP_IKE14;
+       }
+       if ((supported_dh_groups & PTS_DH_GROUP_IKE5) &&
+               (offered_dh_groups   & PTS_DH_GROUP_IKE5))
+       {
+               return PTS_DH_GROUP_IKE5;
+       }
+       if ((supported_dh_groups & PTS_DH_GROUP_IKE2) &&
+               (offered_dh_groups   & PTS_DH_GROUP_IKE2))
+       {
+               return PTS_DH_GROUP_IKE2;
+       }
+       return PTS_DH_GROUP_NONE;
+}
+
 /**
  * Described in header.
  */

diff --git a/src/libpts/pts/pts_dh_group.h b/src/libpts/pts/pts_dh_group.h
index 2621e0ef5a78c2e4854c2b4691e8a74e0ebbe071..5312e4fe36a997f8db26a2eeaaea3a81f8bf7112 100644 (file)
--- a/src/libpts/pts/pts_dh_group.h
+++ b/src/libpts/pts/pts_dh_group.h
@@ -30,10 +30,12 @@ typedef enum pts_dh_group_t pts_dh_group_t;
  * PTS Diffie Hellman Group Values
  */
 enum pts_dh_group_t {
+       /** No DH Group */
+       PTS_DH_GROUP_NONE  =                                    0,
        /** IKE Group 2 */
-       PTS_DH_GROUP_IKE2 =                                      (1<<15),
+       PTS_DH_GROUP_IKE2  =                             (1<<15),
        /** IKE Group 5 */
-       PTS_DH_GROUP_IKE5 =                                      (1<<14),
+       PTS_DH_GROUP_IKE5  =                             (1<<14),
        /** IKE Group 14 */
        PTS_DH_GROUP_IKE14 =                             (1<<13),
        /** IKE Group 19 */
@@ -63,17 +65,28 @@ enum pts_dh_group_t {
 bool pts_probe_dh_groups(pts_dh_group_t *groups);
 
 /**
- * Update supported Diffie Hellman Groups according to configuration
+ * Update supported Diffie-Hellman groups according to configuration
  *
- * @param dh_group             configured Diffie Hellman Group
+ * @param dh_group             configured Diffie-Hellman group
  * @param groups               set of available groups
  */
 bool pts_update_supported_dh_groups(char *dh_group, pts_dh_group_t *groups);
 
+/**
+ * Select the strongest supported Diffie-Hellman group
+ * among a set of offered Diffie-Hellman groups
+ *
+ * @param dh_group             set of supported DH groups
+ * @param groups               set of offered DH groups
+ * @return                             selected DH group
+ */
+pts_dh_group_t pts_dh_group_select(pts_dh_group_t supported_dh_groups,
+                                                                  pts_dh_group_t offered_dh_groups);
+
 /**
  * Convert pts_dh_group_t to diffie_hellman_group_t
  *
- * @param dh_group             PTS Diffie Hellman Group type
+ * @param dh_group             PTS Diffie-Hellman group type
  * @return                             libstrongswan diffie hellman group type
  */
 diffie_hellman_group_t pts_dh_group_to_strongswan_dh_group(pts_dh_group_t dh_group);