FD.io VPP  v17.04.2-2-ga8f93f8
Vector Packet Processing
ikev2_crypto.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2015 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <vlib/vlib.h>
17 #include <vnet/vnet.h>
18 #include <vnet/pg/pg.h>
19 #include <vppinfra/error.h>
20 #include <vnet/udp/udp.h>
21 #include <vnet/ipsec/ikev2.h>
22 #include <vnet/ipsec/ikev2_priv.h>
23 #include <openssl/obj_mac.h>
24 #include <openssl/ec.h>
25 #include <openssl/x509.h>
26 #include <openssl/pem.h>
27 #include <openssl/bn.h>
28 
29 /* from RFC7296 */
30 static const char modp_dh_768_prime[] =
31  "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
32  "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
33  "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
34  "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF";
35 static const char modp_dh_768_generator[] = "02";
36 
37 static const char modp_dh_1024_prime[] =
38  "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
39  "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
40  "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
41  "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
42  "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" "FFFFFFFFFFFFFFFF";
43 static const char modp_dh_1024_generator[] = "02";
44 
45 /* from RFC3526 */
46 static const char modp_dh_1536_prime[] =
47  "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
48  "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
49  "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
50  "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
51  "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
52  "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
53  "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
54  "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF";
55 static const char modp_dh_1536_generator[] = "02";
56 
57 static const char modp_dh_2048_prime[] =
58  "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
59  "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
60  "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
61  "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
62  "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
63  "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
64  "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
65  "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
66  "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
67  "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
68  "15728E5A8AACAA68FFFFFFFFFFFFFFFF";
69 static const char modp_dh_2048_generator[] = "02";
70 
71 static const char modp_dh_3072_prime[] =
72  "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
73  "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
74  "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
75  "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
76  "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
77  "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
78  "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
79  "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
80  "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
81  "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
82  "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
83  "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
84  "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
85  "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
86  "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
87  "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF";
88 static const char modp_dh_3072_generator[] = "02";
89 
90 static const char modp_dh_4096_prime[] =
91  "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
92  "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
93  "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
94  "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
95  "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
96  "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
97  "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
98  "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
99  "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
100  "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
101  "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
102  "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
103  "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
104  "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
105  "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
106  "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
107  "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
108  "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
109  "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
110  "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
111  "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" "FFFFFFFFFFFFFFFF";
112 static const char modp_dh_4096_generator[] = "02";
113 
114 static const char modp_dh_6144_prime[] =
115  "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
116  "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
117  "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
118  "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
119  "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
120  "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
121  "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
122  "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
123  "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
124  "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
125  "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
126  "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
127  "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
128  "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
129  "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
130  "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
131  "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
132  "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
133  "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
134  "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
135  "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
136  "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
137  "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
138  "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
139  "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
140  "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
141  "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E"
142  "6DCC4024FFFFFFFFFFFFFFFF";
143 static const char modp_dh_6144_generator[] = "02";
144 
145 static const char modp_dh_8192_prime[] =
146  "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
147  "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
148  "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
149  "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
150  "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
151  "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
152  "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
153  "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
154  "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
155  "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
156  "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
157  "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
158  "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
159  "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
160  "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
161  "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
162  "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
163  "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
164  "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
165  "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
166  "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
167  "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD"
168  "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831"
169  "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B"
170  "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF"
171  "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6"
172  "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3"
173  "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
174  "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328"
175  "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C"
176  "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE"
177  "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4"
178  "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300"
179  "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568"
180  "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9"
181  "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B"
182  "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A"
183  "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36"
184  "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1"
185  "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92"
186  "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47"
187  "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71"
188  "60C980DD98EDD3DFFFFFFFFFFFFFFFFF";
189 static const char modp_dh_8192_generator[] = "02";
190 
191 /* from RFC5114 */
192 static const char modp_dh_1024_160_prime[] =
193  "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
194  "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0"
195  "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
196  "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0"
197  "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" "DF1FB2BC2E4A4371";
198 static const char modp_dh_1024_160_generator[] =
199  "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
200  "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213"
201  "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
202  "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A"
203  "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" "855E6EEB22B3B2E5";
204 
205 static const char modp_dh_2048_224_prime[] =
206  "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"
207  "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15"
208  "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"
209  "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207"
210  "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"
211  "B3BF8A317091883681286130BC8985DB1602E714415D9330"
212  "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"
213  "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8"
214  "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"
215  "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71"
216  "CF9DE5384E71B81C0AC4DFFE0C10E64F";
217 static const char modp_dh_2048_224_generator[] =
218  "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"
219  "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"
220  "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"
221  "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"
222  "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"
223  "F180EB34118E98D119529A45D6F834566E3025E316A330EF"
224  "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"
225  "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"
226  "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"
227  "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"
228  "81BC087F2A7065B384B890D3191F2BFA";
229 
230 static const char modp_dh_2048_256_prime[] =
231  "87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F2"
232  "5D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA30"
233  "16C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD"
234  "5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B"
235  "6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C"
236  "4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0E"
237  "F13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D9"
238  "67E144E5140564251CCACB83E6B486F6B3CA3F7971506026"
239  "C0B857F689962856DED4010ABD0BE621C3A3960A54E710C3"
240  "75F26375D7014103A4B54330C198AF126116D2276E11715F"
241  "693877FAD7EF09CADB094AE91E1A1597";
242 static const char modp_dh_2048_256_generator[] =
243  "3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF2054"
244  "07F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555"
245  "BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18"
246  "A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B"
247  "777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC83"
248  "1D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55"
249  "A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14"
250  "C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915"
251  "B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6"
252  "184B523D1DB246C32F63078490F00EF8D647D148D4795451"
253  "5E2327CFEF98C582664B4C0F6CC41659";
254 
255 v8 *
256 ikev2_calc_prf (ikev2_sa_transform_t * tr, v8 * key, v8 * data)
257 {
258  HMAC_CTX ctx;
259  v8 *prf;
260  unsigned int len = 0;
261 
262  prf = vec_new (u8, tr->key_trunc);
263  HMAC_CTX_init (&ctx);
264  HMAC_Init_ex (&ctx, key, vec_len (key), tr->md, NULL);
265  HMAC_Update (&ctx, data, vec_len (data));
266  HMAC_Final (&ctx, prf, &len);
267  HMAC_CTX_cleanup (&ctx);
268 
269  ASSERT (len == tr->key_trunc);
270 
271  return prf;
272 }
273 
274 u8 *
275 ikev2_calc_prfplus (ikev2_sa_transform_t * tr, u8 * key, u8 * seed, int len)
276 {
277  v8 *t = 0, *s = 0, *tmp = 0, *ret = 0;
278  u8 x = 0;
279 
280  /* prf+ (K,S) = T1 | T2 | T3 | T4 | ...
281 
282  where:
283  T1 = prf (K, S | 0x01)
284  T2 = prf (K, T1 | S | 0x02)
285  T3 = prf (K, T2 | S | 0x03)
286  T4 = prf (K, T3 | S | 0x04)
287  */
288 
289  while (vec_len (ret) < len && x < 255)
290  {
291  if (t)
292  {
293  vec_append (s, t);
294  vec_free (t);
295  }
296 
297  vec_append (s, seed);
298  vec_add2 (s, tmp, 1);
299  *tmp = x + 1;
300  t = ikev2_calc_prf (tr, key, s);
301  vec_append (ret, t);
302  vec_free (s);
303  x++;
304  }
305 
306  vec_free (t);
307 
308  if (x == 255)
309  {
310  vec_free (ret);
311  }
312 
313  return ret;
314 }
315 
316 v8 *
317 ikev2_calc_integr (ikev2_sa_transform_t * tr, v8 * key, u8 * data, int len)
318 {
319  v8 *r;
320  HMAC_CTX hctx;
321  unsigned int l;
322 
323  ASSERT (tr->type == IKEV2_TRANSFORM_TYPE_INTEG);
324 
325  r = vec_new (u8, tr->key_len);
326 
327  /* verify integrity of data */
328  HMAC_CTX_init (&hctx);
329  HMAC_Init (&hctx, key, vec_len (key), tr->md);
330  HMAC_Update (&hctx, (const u8 *) data, len);
331  HMAC_Final (&hctx, r, &l);
332  HMAC_CTX_cleanup (&hctx);
333 
334  ASSERT (l == tr->key_len);
335 
336  return r;
337 }
338 
339 v8 *
340 ikev2_decrypt_data (ikev2_sa_t * sa, u8 * data, int len)
341 {
342  EVP_CIPHER_CTX ctx;
343  v8 *r;
344  int out_len = 0, block_size;
345  ikev2_sa_transform_t *tr_encr;
346  u8 *key = sa->is_initiator ? sa->sk_er : sa->sk_ei;
347 
348  tr_encr =
349  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
350  block_size = tr_encr->block_size;
351 
352  /* check if data is multiplier of cipher block size */
353  if (len % block_size)
354  {
355  clib_warning ("wrong data length");
356  return 0;
357  }
358 
359  EVP_CIPHER_CTX_init (&ctx);
360  r = vec_new (u8, len - block_size);
361  EVP_DecryptInit_ex (&ctx, tr_encr->cipher, NULL, key, data);
362  EVP_DecryptUpdate (&ctx, r, &out_len, data + block_size, len - block_size);
363  EVP_DecryptFinal_ex (&ctx, r + out_len, &out_len);
364 
365  /* remove padding */
366  _vec_len (r) -= r[vec_len (r) - 1] + 1;
367 
368  EVP_CIPHER_CTX_cleanup (&ctx);
369  return r;
370 }
371 
372 int
373 ikev2_encrypt_data (ikev2_sa_t * sa, v8 * src, u8 * dst)
374 {
375  EVP_CIPHER_CTX ctx;
376  int out_len;
377  int bs;
378  ikev2_sa_transform_t *tr_encr;
379  u8 *key = sa->is_initiator ? sa->sk_ei : sa->sk_er;
380 
381  tr_encr =
382  ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
383  bs = tr_encr->block_size;
384 
385  /* generate IV */
386  RAND_bytes (dst, bs);
387 
388  EVP_CIPHER_CTX_init (&ctx);
389 
390  EVP_EncryptInit_ex (&ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
391  EVP_EncryptUpdate (&ctx, dst + bs, &out_len, src, vec_len (src));
392 
393  EVP_CIPHER_CTX_cleanup (&ctx);
394 
395  ASSERT (vec_len (src) == out_len);
396 
397  return out_len + bs;
398 }
399 
400 void
401 ikev2_generate_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
402 {
403  int r;
404 
405  if (t->dh_group == IKEV2_DH_GROUP_MODP)
406  {
407  DH *dh = DH_new ();
408  BN_hex2bn (&dh->p, t->dh_p);
409  BN_hex2bn (&dh->g, t->dh_g);
410  DH_generate_key (dh);
411 
412  if (sa->is_initiator)
413  {
414  sa->i_dh_data = vec_new (u8, t->key_len);
415  r = BN_bn2bin (dh->pub_key, sa->i_dh_data);
416  ASSERT (r == t->key_len);
417 
418  sa->dh_private_key = vec_new (u8, t->key_len);
419  r = BN_bn2bin (dh->priv_key, sa->dh_private_key);
420  ASSERT (r == t->key_len);
421 
422  }
423  else
424  {
425  sa->r_dh_data = vec_new (u8, t->key_len);
426  r = BN_bn2bin (dh->pub_key, sa->r_dh_data);
427  ASSERT (r == t->key_len);
428  BIGNUM *ex;
429  sa->dh_shared_key = vec_new (u8, t->key_len);
430  ex = BN_bin2bn (sa->i_dh_data, vec_len (sa->i_dh_data), NULL);
431  r = DH_compute_key (sa->dh_shared_key, ex, dh);
432  ASSERT (r == t->key_len);
433  BN_clear_free (ex);
434  }
435  DH_free (dh);
436  }
437  else if (t->dh_group == IKEV2_DH_GROUP_ECP)
438  {
439  EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
440  ASSERT (ec);
441 
442  EC_KEY_generate_key (ec);
443 
444  const EC_POINT *r_point = EC_KEY_get0_public_key (ec);
445  const EC_GROUP *group = EC_KEY_get0_group (ec);
446  BIGNUM *x = NULL, *y = NULL;
447  BN_CTX *bn_ctx = BN_CTX_new ();
448  u16 x_off, y_off, len;
449  EC_POINT *i_point = EC_POINT_new (group);
450  EC_POINT *shared_point = EC_POINT_new (group);
451 
452  x = BN_new ();
453  y = BN_new ();
454  len = t->key_len / 2;
455 
456  EC_POINT_get_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
457 
458  if (sa->is_initiator)
459  {
460  sa->i_dh_data = vec_new (u8, t->key_len);
461  x_off = len - BN_num_bytes (x);
462  memset (sa->i_dh_data, 0, x_off);
463  BN_bn2bin (x, sa->i_dh_data + x_off);
464  y_off = t->key_len - BN_num_bytes (y);
465  memset (sa->i_dh_data + len, 0, y_off - len);
466  BN_bn2bin (y, sa->i_dh_data + y_off);
467 
468  const BIGNUM *prv = EC_KEY_get0_private_key (ec);
469  sa->dh_private_key = vec_new (u8, BN_num_bytes (prv));
470  r = BN_bn2bin (prv, sa->dh_private_key);
471  ASSERT (r == BN_num_bytes (prv));
472  }
473  else
474  {
475  sa->r_dh_data = vec_new (u8, t->key_len);
476  x_off = len - BN_num_bytes (x);
477  memset (sa->r_dh_data, 0, x_off);
478  BN_bn2bin (x, sa->r_dh_data + x_off);
479  y_off = t->key_len - BN_num_bytes (y);
480  memset (sa->r_dh_data + len, 0, y_off - len);
481  BN_bn2bin (y, sa->r_dh_data + y_off);
482 
483  x = BN_bin2bn (sa->i_dh_data, len, x);
484  y = BN_bin2bn (sa->i_dh_data + len, len, y);
485  EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
486  sa->dh_shared_key = vec_new (u8, t->key_len);
487  EC_POINT_mul (group, shared_point, NULL, i_point,
488  EC_KEY_get0_private_key (ec), NULL);
489  EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y,
490  bn_ctx);
491  x_off = len - BN_num_bytes (x);
492  memset (sa->dh_shared_key, 0, x_off);
493  BN_bn2bin (x, sa->dh_shared_key + x_off);
494  y_off = t->key_len - BN_num_bytes (y);
495  memset (sa->dh_shared_key + len, 0, y_off - len);
496  BN_bn2bin (y, sa->dh_shared_key + y_off);
497  }
498 
499  EC_KEY_free (ec);
500  BN_free (x);
501  BN_free (y);
502  BN_CTX_free (bn_ctx);
503  EC_POINT_free (i_point);
504  EC_POINT_free (shared_point);
505  }
506 }
507 
508 void
509 ikev2_complete_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
510 {
511  int r;
512 
513  if (t->dh_group == IKEV2_DH_GROUP_MODP)
514  {
515  DH *dh = DH_new ();
516  BN_hex2bn (&dh->p, t->dh_p);
517  BN_hex2bn (&dh->g, t->dh_g);
518  dh->priv_key =
519  BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
520 
521  BIGNUM *ex;
522  sa->dh_shared_key = vec_new (u8, t->key_len);
523  ex = BN_bin2bn (sa->r_dh_data, vec_len (sa->r_dh_data), NULL);
524  r = DH_compute_key (sa->dh_shared_key, ex, dh);
525  ASSERT (r == t->key_len);
526  BN_clear_free (ex);
527  DH_free (dh);
528  }
529  else if (t->dh_group == IKEV2_DH_GROUP_ECP)
530  {
531  EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
532  ASSERT (ec);
533 
534  const EC_GROUP *group = EC_KEY_get0_group (ec);
535  BIGNUM *x = NULL, *y = NULL;
536  BN_CTX *bn_ctx = BN_CTX_new ();
537  u16 x_off, y_off, len;
538  BIGNUM *prv;
539 
540  prv =
541  BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
542  EC_KEY_set_private_key (ec, prv);
543 
544  x = BN_new ();
545  y = BN_new ();
546  len = t->key_len / 2;
547 
548  x = BN_bin2bn (sa->r_dh_data, len, x);
549  y = BN_bin2bn (sa->r_dh_data + len, len, y);
550  EC_POINT *r_point = EC_POINT_new (group);
551  EC_POINT_set_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
552  EC_KEY_set_public_key (ec, r_point);
553 
554  EC_POINT *i_point = EC_POINT_new (group);
555  EC_POINT *shared_point = EC_POINT_new (group);
556 
557  x = BN_bin2bn (sa->i_dh_data, len, x);
558  y = BN_bin2bn (sa->i_dh_data + len, len, y);
559  EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
560  EC_POINT_mul (group, shared_point, NULL, r_point,
561  EC_KEY_get0_private_key (ec), NULL);
562  EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y, bn_ctx);
563  sa->dh_shared_key = vec_new (u8, t->key_len);
564  x_off = len - BN_num_bytes (x);
565  memset (sa->dh_shared_key, 0, x_off);
566  BN_bn2bin (x, sa->dh_shared_key + x_off);
567  y_off = t->key_len - BN_num_bytes (y);
568  memset (sa->dh_shared_key + len, 0, y_off - len);
569  BN_bn2bin (y, sa->dh_shared_key + y_off);
570 
571  EC_KEY_free (ec);
572  BN_free (x);
573  BN_free (y);
574  BN_free (prv);
575  BN_CTX_free (bn_ctx);
576  EC_POINT_free (i_point);
577  EC_POINT_free (r_point);
578  EC_POINT_free (shared_point);
579  }
580 }
581 
582 int
583 ikev2_verify_sign (EVP_PKEY * pkey, u8 * sigbuf, u8 * data)
584 {
585  EVP_MD_CTX md_ctx;
586 
587  EVP_VerifyInit (&md_ctx, EVP_sha1 ());
588  EVP_VerifyUpdate (&md_ctx, data, vec_len (data));
589 
590  return EVP_VerifyFinal (&md_ctx, sigbuf, vec_len (sigbuf), pkey);
591 }
592 
593 u8 *
594 ikev2_calc_sign (EVP_PKEY * pkey, u8 * data)
595 {
596  EVP_MD_CTX md_ctx;
597  unsigned int sig_len = 0;
598  u8 *sign;
599 
600  EVP_SignInit (&md_ctx, EVP_sha1 ());
601  EVP_SignUpdate (&md_ctx, data, vec_len (data));
602  /* get sign len */
603  EVP_SignFinal (&md_ctx, NULL, &sig_len, pkey);
604  sign = vec_new (u8, sig_len);
605  /* calc sign */
606  EVP_SignFinal (&md_ctx, sign, &sig_len, pkey);
607 
608  return sign;
609 }
610 
611 EVP_PKEY *
612 ikev2_load_cert_file (u8 * file)
613 {
614  FILE *fp;
615  X509 *x509;
616  EVP_PKEY *pkey = NULL;
617 
618  fp = fopen ((char *) file, "r");
619  if (!fp)
620  {
621  clib_warning ("open %s failed", file);
622  goto end;
623  }
624 
625  x509 = PEM_read_X509 (fp, NULL, NULL, NULL);
626  fclose (fp);
627  if (x509 == NULL)
628  {
629  clib_warning ("read cert %s failed", file);
630  goto end;
631  }
632 
633  pkey = X509_get_pubkey (x509);
634  if (pkey == NULL)
635  clib_warning ("get pubkey %s failed", file);
636 
637 end:
638  return pkey;
639 }
640 
641 EVP_PKEY *
642 ikev2_load_key_file (u8 * file)
643 {
644  FILE *fp;
645  EVP_PKEY *pkey = NULL;
646 
647  fp = fopen ((char *) file, "r");
648  if (!fp)
649  {
650  clib_warning ("open %s failed", file);
651  goto end;
652  }
653 
654  pkey = PEM_read_PrivateKey (fp, NULL, NULL, NULL);
655  fclose (fp);
656  if (pkey == NULL)
657  clib_warning ("read %s failed", file);
658 
659 end:
660  return pkey;
661 }
662 
663 void
664 ikev2_crypto_init (ikev2_main_t * km)
665 {
666  ikev2_sa_transform_t *tr;
667 
668  /* vector of supported transforms - in order of preference */
669  vec_add2 (km->supported_transforms, tr, 1);
670  tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
671  tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
672  tr->key_len = 256 / 8;
673  tr->block_size = 128 / 8;
674  tr->cipher = EVP_aes_256_cbc ();
675 
676  vec_add2 (km->supported_transforms, tr, 1);
677  tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
678  tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
679  tr->key_len = 192 / 8;
680  tr->block_size = 128 / 8;
681  tr->cipher = EVP_aes_192_cbc ();
682 
683  vec_add2 (km->supported_transforms, tr, 1);
684  tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
685  tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
686  tr->key_len = 128 / 8;
687  tr->block_size = 128 / 8;
688  tr->cipher = EVP_aes_128_cbc ();
689 
690  vec_add2 (km->supported_transforms, tr, 1);
691  tr->type = IKEV2_TRANSFORM_TYPE_PRF;
692  tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA1;
693  tr->key_len = 160 / 8;
694  tr->key_trunc = 160 / 8;
695  tr->md = EVP_sha1 ();
696 
697  vec_add2 (km->supported_transforms, tr, 1);
698  tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
699  tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96;
700  tr->key_len = 160 / 8;
701  tr->key_trunc = 96 / 8;
702  tr->md = EVP_sha1 ();
703 
704 #if defined(OPENSSL_NO_CISCO_FECDH)
705  vec_add2 (km->supported_transforms, tr, 1);
706  tr->type = IKEV2_TRANSFORM_TYPE_DH;
707  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_512;
708  tr->key_len = (512 * 2) / 8;
709  tr->nid = NID_brainpoolP512r1;
710  tr->dh_group = IKEV2_DH_GROUP_ECP;
711 
712  vec_add2 (km->supported_transforms, tr, 1);
713  tr->type = IKEV2_TRANSFORM_TYPE_DH;
714  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_384;
715  tr->key_len = (384 * 2) / 8;
716  tr->nid = NID_brainpoolP384r1;
717  tr->dh_group = IKEV2_DH_GROUP_ECP;
718 
719  vec_add2 (km->supported_transforms, tr, 1);
720  tr->type = IKEV2_TRANSFORM_TYPE_DH;
721  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_256;
722  tr->key_len = (256 * 2) / 8;
723  tr->nid = NID_brainpoolP256r1;
724  tr->dh_group = IKEV2_DH_GROUP_ECP;
725 
726  vec_add2 (km->supported_transforms, tr, 1);
727  tr->type = IKEV2_TRANSFORM_TYPE_DH;
728  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_224;
729  tr->key_len = (224 * 2) / 8;
730  tr->nid = NID_brainpoolP224r1;
731  tr->dh_group = IKEV2_DH_GROUP_ECP;
732 
733  vec_add2 (km->supported_transforms, tr, 1);
734  tr->type = IKEV2_TRANSFORM_TYPE_DH;
735  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_224;
736  tr->key_len = (224 * 2) / 8;
737  tr->nid = NID_secp224r1;
738  tr->dh_group = IKEV2_DH_GROUP_ECP;
739 #endif
740 
741  vec_add2 (km->supported_transforms, tr, 1);
742  tr->type = IKEV2_TRANSFORM_TYPE_DH;
743  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_521;
744  tr->key_len = (528 * 2) / 8;
745  tr->nid = NID_secp521r1;
746  tr->dh_group = IKEV2_DH_GROUP_ECP;
747 
748  vec_add2 (km->supported_transforms, tr, 1);
749  tr->type = IKEV2_TRANSFORM_TYPE_DH;
750  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_384;
751  tr->key_len = (384 * 2) / 8;
752  tr->nid = NID_secp384r1;
753  tr->dh_group = IKEV2_DH_GROUP_ECP;
754 
755  vec_add2 (km->supported_transforms, tr, 1);
756  tr->type = IKEV2_TRANSFORM_TYPE_DH;
757  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_256;
758  tr->key_len = (256 * 2) / 8;
759  tr->nid = NID_X9_62_prime256v1;
760  tr->dh_group = IKEV2_DH_GROUP_ECP;
761 
762  vec_add2 (km->supported_transforms, tr, 1);
763  tr->type = IKEV2_TRANSFORM_TYPE_DH;
764  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_192;
765  tr->key_len = (192 * 2) / 8;
766  tr->nid = NID_X9_62_prime192v1;
767  tr->dh_group = IKEV2_DH_GROUP_ECP;
768 
769  vec_add2 (km->supported_transforms, tr, 1);
770  tr->type = IKEV2_TRANSFORM_TYPE_DH;
771  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_256;
772  tr->key_len = 2048 / 8;
773  tr->dh_p = (const char *) &modp_dh_2048_256_prime;
774  tr->dh_g = (const char *) &modp_dh_2048_256_generator;
775  tr->dh_group = IKEV2_DH_GROUP_MODP;
776 
777  vec_add2 (km->supported_transforms, tr, 1);
778  tr->type = IKEV2_TRANSFORM_TYPE_DH;
779  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_224;
780  tr->key_len = 2048 / 8;
781  tr->dh_p = (const char *) &modp_dh_2048_224_prime;
782  tr->dh_g = (const char *) &modp_dh_2048_224_generator;
783  tr->dh_group = IKEV2_DH_GROUP_MODP;
784 
785  vec_add2 (km->supported_transforms, tr, 1);
786  tr->type = IKEV2_TRANSFORM_TYPE_DH;
787  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024_160;
788  tr->key_len = 1024 / 8;
789  tr->dh_p = (const char *) &modp_dh_1024_160_prime;
790  tr->dh_g = (const char *) &modp_dh_1024_160_generator;
791  tr->dh_group = IKEV2_DH_GROUP_MODP;
792 
793  vec_add2 (km->supported_transforms, tr, 1);
794  tr->type = IKEV2_TRANSFORM_TYPE_DH;
795  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_8192;
796  tr->key_len = 8192 / 8;
797  tr->dh_p = (const char *) &modp_dh_8192_prime;
798  tr->dh_g = (const char *) &modp_dh_8192_generator;
799  tr->dh_group = IKEV2_DH_GROUP_MODP;
800 
801  vec_add2 (km->supported_transforms, tr, 1);
802  tr->type = IKEV2_TRANSFORM_TYPE_DH;
803  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_6144;
804  tr->key_len = 6144 / 8;
805  tr->dh_p = (const char *) &modp_dh_6144_prime;
806  tr->dh_g = (const char *) &modp_dh_6144_generator;
807  tr->dh_group = IKEV2_DH_GROUP_MODP;
808 
809  vec_add2 (km->supported_transforms, tr, 1);
810  tr->type = IKEV2_TRANSFORM_TYPE_DH;
811  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_4096;
812  tr->key_len = 4096 / 8;
813  tr->dh_p = (const char *) &modp_dh_4096_prime;
814  tr->dh_g = (const char *) &modp_dh_4096_generator;
815  tr->dh_group = IKEV2_DH_GROUP_MODP;
816 
817  vec_add2 (km->supported_transforms, tr, 1);
818  tr->type = IKEV2_TRANSFORM_TYPE_DH;
819  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_3072;
820  tr->key_len = 3072 / 8;
821  tr->dh_p = (const char *) &modp_dh_3072_prime;
822  tr->dh_g = (const char *) &modp_dh_3072_generator;
823  tr->dh_group = IKEV2_DH_GROUP_MODP;
824 
825  vec_add2 (km->supported_transforms, tr, 1);
826  tr->type = IKEV2_TRANSFORM_TYPE_DH;
827  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048;
828  tr->key_len = 2048 / 8;
829  tr->dh_p = (const char *) &modp_dh_2048_prime;
830  tr->dh_g = (const char *) &modp_dh_2048_generator;
831  tr->dh_group = IKEV2_DH_GROUP_MODP;
832 
833  vec_add2 (km->supported_transforms, tr, 1);
834  tr->type = IKEV2_TRANSFORM_TYPE_DH;
835  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1536;
836  tr->key_len = 1536 / 8;
837  tr->dh_p = (const char *) &modp_dh_1536_prime;
838  tr->dh_g = (const char *) &modp_dh_1536_generator;
839  tr->dh_group = IKEV2_DH_GROUP_MODP;
840 
841  vec_add2 (km->supported_transforms, tr, 1);
842  tr->type = IKEV2_TRANSFORM_TYPE_DH;
843  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024;
844  tr->key_len = 1024 / 8;
845  tr->dh_p = (const char *) &modp_dh_1024_prime;
846  tr->dh_g = (const char *) &modp_dh_1024_generator;
847  tr->dh_group = IKEV2_DH_GROUP_MODP;
848 
849  vec_add2 (km->supported_transforms, tr, 1);
850  tr->type = IKEV2_TRANSFORM_TYPE_DH;
851  tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_768;
852  tr->key_len = 768 / 8;
853  tr->dh_p = (const char *) &modp_dh_768_prime;
854  tr->dh_g = (const char *) &modp_dh_768_generator;
855  tr->dh_group = IKEV2_DH_GROUP_MODP;
856 
857  vec_add2 (km->supported_transforms, tr, 1);
858  tr->type = IKEV2_TRANSFORM_TYPE_ESN;
859  tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_ESN;
860 
861  vec_add2 (km->supported_transforms, tr, 1);
862  tr->type = IKEV2_TRANSFORM_TYPE_ESN;
863  tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_NO_ESN;
864 }
865 
866 
867 
868 /*
869  * fd.io coding-style-patch-verification: ON
870  *
871  * Local Variables:
872  * eval: (c-set-style "gnu")
873  * End:
874  */
ikev2_sa_t::dh_shared_key
u8 * dh_shared_key
Definition: ikev2_priv.h:211
ikev2_sa_t::dh_private_key
u8 * dh_private_key
Definition: ikev2_priv.h:212
ikev2_sa_transform_t::type
ikev2_transform_type_t type
Definition: ikev2_priv.h:69
modp_dh_1536_prime
static const char modp_dh_1536_prime[]
Definition: ikev2_crypto.c:46
modp_dh_3072_generator
static const char modp_dh_3072_generator[]
Definition: ikev2_crypto.c:88
IKEV2_DH_GROUP_ECP
Definition: ikev2_priv.h:64
modp_dh_8192_prime
static const char modp_dh_8192_prime[]
Definition: ikev2_crypto.c:145
modp_dh_4096_prime
static const char modp_dh_4096_prime[]
Definition: ikev2_crypto.c:90
v8
u8 v8
Definition: ikev2.h:27
ikev2_sa_transform_t::block_size
u16 block_size
Definition: ikev2_priv.h:82
NULL
#define NULL
Definition: clib.h:55
ikev2_calc_prf
v8 * ikev2_calc_prf(ikev2_sa_transform_t *tr, v8 *key, v8 *data)
Definition: ikev2_crypto.c:256
modp_dh_8192_generator
static const char modp_dh_8192_generator[]
Definition: ikev2_crypto.c:189
ikev2_sa_transform_t::esn_type
ikev2_transform_esn_type_t esn_type
Definition: ikev2_priv.h:77
modp_dh_768_generator
static const char modp_dh_768_generator[]
Definition: ikev2_crypto.c:35
vec_add2
#define vec_add2(V, P, N)
Add N elements to end of vector V, return pointer to new elements in P.
Definition: vec.h:561
modp_dh_1024_prime
static const char modp_dh_1024_prime[]
Definition: ikev2_crypto.c:37
y
add_epi add_epi sub_epi sub_epi adds_epu subs_epu i16x8 y
Definition: vector_sse2.h:299
ikev2_sa_get_td_for_type
ikev2_sa_transform_t * ikev2_sa_get_td_for_type(ikev2_sa_proposal_t *p, ikev2_transform_type_t type)
Definition: ikev2.c:189
ikev2_sa_transform_t::nid
int nid
Definition: ikev2_priv.h:84
modp_dh_6144_prime
static const char modp_dh_6144_prime[]
Definition: ikev2_crypto.c:114
ikev2_encrypt_data
int ikev2_encrypt_data(ikev2_sa_t *sa, v8 *src, u8 *dst)
Definition: ikev2_crypto.c:373
modp_dh_768_prime
static const char modp_dh_768_prime[]
Definition: ikev2_crypto.c:30
ikev2_main_t
Definition: ikev2_priv.h:268
ikev2_generate_dh
void ikev2_generate_dh(ikev2_sa_t *sa, ikev2_sa_transform_t *t)
Definition: ikev2_crypto.c:401
ikev2_load_cert_file
EVP_PKEY * ikev2_load_cert_file(u8 *file)
Definition: ikev2_crypto.c:612
vec_new
#define vec_new(T, N)
Create new vector of given type and length (unspecified alignment, no header).
Definition: vec.h:310
ikev2_load_key_file
EVP_PKEY * ikev2_load_key_file(u8 *file)
Definition: ikev2_crypto.c:642
modp_dh_1024_160_prime
static const char modp_dh_1024_160_prime[]
Definition: ikev2_crypto.c:192
ikev2_sa_t::r_dh_data
u8 * r_dh_data
Definition: ikev2_priv.h:214
ikev2_calc_prfplus
u8 * ikev2_calc_prfplus(ikev2_sa_transform_t *tr, u8 *key, u8 *seed, int len)
Definition: ikev2_crypto.c:275
modp_dh_1024_generator
static const char modp_dh_1024_generator[]
Definition: ikev2_crypto.c:43
ikev2_sa_t::i_dh_data
u8 * i_dh_data
Definition: ikev2_priv.h:213
modp_dh_2048_256_prime
static const char modp_dh_2048_256_prime[]
Definition: ikev2_crypto.c:230
IKEV2_DH_GROUP_MODP
Definition: ikev2_priv.h:63
ikev2_main_t::supported_transforms
ikev2_sa_transform_t * supported_transforms
Definition: ikev2_priv.h:274
ikev2_sa_transform_t::dh_group
u8 dh_group
Definition: ikev2_priv.h:83
ikev2_verify_sign
int ikev2_verify_sign(EVP_PKEY *pkey, u8 *sigbuf, u8 *data)
Definition: ikev2_crypto.c:583
ikev2_sa_transform_t
Definition: ikev2_priv.h:67
modp_dh_1536_generator
static const char modp_dh_1536_generator[]
Definition: ikev2_crypto.c:55
ikev2_sa_t::sk_ei
u8 * sk_ei
Definition: ikev2_priv.h:224
modp_dh_3072_prime
static const char modp_dh_3072_prime[]
Definition: ikev2_crypto.c:71
ikev2_sa_transform_t::dh_type
ikev2_transform_dh_type_t dh_type
Definition: ikev2_priv.h:76
ikev2_sa_t
Definition: ikev2_priv.h:197
vec_free
#define vec_free(V)
Free vector&#39;s memory (no header).
Definition: vec.h:340
clib_warning
#define clib_warning(format, args...)
Definition: error.h:59
ikev2_sa_t::sk_er
u8 * sk_er
Definition: ikev2_priv.h:225
ikev2_sa_t::is_initiator
u8 is_initiator
Definition: ikev2_priv.h:251
ikev2_sa_transform_t::cipher
const void * cipher
Definition: ikev2_priv.h:88
ikev2_priv.h
ikev2_sa_t::r_proposals
ikev2_sa_proposal_t * r_proposals
Definition: ikev2_priv.h:218
modp_dh_2048_generator
static const char modp_dh_2048_generator[]
Definition: ikev2_crypto.c:69
ASSERT
#define ASSERT(truth)
Definition: error_bootstrap.h:69
modp_dh_6144_generator
static const char modp_dh_6144_generator[]
Definition: ikev2_crypto.c:143
ikev2_complete_dh
void ikev2_complete_dh(ikev2_sa_t *sa, ikev2_sa_transform_t *t)
Definition: ikev2_crypto.c:509
vec_append
#define vec_append(v1, v2)
Append v2 after v1.
Definition: vec.h:819
ikev2_sa_transform_t::dh_p
const char * dh_p
Definition: ikev2_priv.h:85
modp_dh_1024_160_generator
static const char modp_dh_1024_160_generator[]
Definition: ikev2_crypto.c:198
ikev2_sa_transform_t::md
const void * md
Definition: ikev2_priv.h:87
ikev2_sa_transform_t::encr_type
ikev2_transform_encr_type_t encr_type
Definition: ikev2_priv.h:73
ikev2_sa_transform_t::dh_g
const char * dh_g
Definition: ikev2_priv.h:86
ikev2_sa_transform_t::integ_type
ikev2_transform_integ_type_t integ_type
Definition: ikev2_priv.h:75
modp_dh_4096_generator
static const char modp_dh_4096_generator[]
Definition: ikev2_crypto.c:112
u16
unsigned short u16
Definition: types.h:57
ikev2_sa_transform_t::key_len
u16 key_len
Definition: ikev2_priv.h:80
modp_dh_2048_prime
static const char modp_dh_2048_prime[]
Definition: ikev2_crypto.c:57
vec_len
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
Definition: vec_bootstrap.h:142
u8
unsigned char u8
Definition: types.h:56
ikev2_sa_transform_t::prf_type
ikev2_transform_prf_type_t prf_type
Definition: ikev2_priv.h:74
modp_dh_2048_224_generator
static const char modp_dh_2048_224_generator[]
Definition: ikev2_crypto.c:217
modp_dh_2048_256_generator
static const char modp_dh_2048_256_generator[]
Definition: ikev2_crypto.c:242
ikev2_crypto_init
void ikev2_crypto_init(ikev2_main_t *km)
Definition: ikev2_crypto.c:664
ikev2_decrypt_data
v8 * ikev2_decrypt_data(ikev2_sa_t *sa, u8 *data, int len)
Definition: ikev2_crypto.c:340
ikev2_calc_sign
u8 * ikev2_calc_sign(EVP_PKEY *pkey, u8 *data)
Definition: ikev2_crypto.c:594
ikev2_calc_integr
v8 * ikev2_calc_integr(ikev2_sa_transform_t *tr, v8 *key, u8 *data, int len)
Definition: ikev2_crypto.c:317
modp_dh_2048_224_prime
static const char modp_dh_2048_224_prime[]
Definition: ikev2_crypto.c:205
ikev2_sa_transform_t::key_trunc
u16 key_trunc
Definition: ikev2_priv.h:81