2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vlib/vlib.h>
17 #include <vnet/vnet.h>
18 #include <vnet/pg/pg.h>
19 #include <vppinfra/error.h>
20 #include <vnet/udp/udp.h>
21 #include <plugins/ikev2/ikev2.h>
22 #include <plugins/ikev2/ikev2_priv.h>
23 #include <openssl/obj_mac.h>
24 #include <openssl/ec.h>
25 #include <openssl/x509.h>
26 #include <openssl/pem.h>
27 #include <openssl/bn.h>
28 #include <openssl/dh.h>
31 static const char modp_dh_768_prime[] =
32 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
33 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
34 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
35 "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF";
36 static const char modp_dh_768_generator[] = "02";
38 static const char modp_dh_1024_prime[] =
39 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
40 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
41 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
42 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
43 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" "FFFFFFFFFFFFFFFF";
44 static const char modp_dh_1024_generator[] = "02";
47 static const char modp_dh_1536_prime[] =
48 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
49 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
50 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
51 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
52 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
53 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
54 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
55 "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF";
56 static const char modp_dh_1536_generator[] = "02";
58 static const char modp_dh_2048_prime[] =
59 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
60 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
61 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
62 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
63 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
64 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
65 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
66 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
67 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
68 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
69 "15728E5A8AACAA68FFFFFFFFFFFFFFFF";
70 static const char modp_dh_2048_generator[] = "02";
72 static const char modp_dh_3072_prime[] =
73 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
74 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
75 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
76 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
77 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
78 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
79 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
80 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
81 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
82 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
83 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
84 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
85 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
86 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
87 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
88 "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF";
89 static const char modp_dh_3072_generator[] = "02";
91 static const char modp_dh_4096_prime[] =
92 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
93 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
94 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
95 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
96 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
97 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
98 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
99 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
100 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
101 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
102 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
103 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
104 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
105 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
106 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
107 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
108 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
109 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
110 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
111 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
112 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" "FFFFFFFFFFFFFFFF";
113 static const char modp_dh_4096_generator[] = "02";
115 static const char modp_dh_6144_prime[] =
116 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
117 "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
118 "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
119 "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
120 "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
121 "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
122 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
123 "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
124 "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
125 "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
126 "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
127 "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
128 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
129 "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
130 "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
131 "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
132 "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
133 "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
134 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
135 "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
136 "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
137 "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
138 "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
139 "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
140 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
141 "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
142 "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E"
143 "6DCC4024FFFFFFFFFFFFFFFF";
144 static const char modp_dh_6144_generator[] = "02";
146 static const char modp_dh_8192_prime[] =
147 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
148 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
149 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
150 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
151 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
152 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
153 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
154 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
155 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
156 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
157 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
158 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
159 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
160 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
161 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
162 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
163 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
164 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
165 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
166 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
167 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
168 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD"
169 "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831"
170 "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B"
171 "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF"
172 "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6"
173 "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3"
174 "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
175 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328"
176 "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C"
177 "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE"
178 "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4"
179 "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300"
180 "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568"
181 "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9"
182 "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B"
183 "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A"
184 "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36"
185 "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1"
186 "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92"
187 "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47"
188 "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71"
189 "60C980DD98EDD3DFFFFFFFFFFFFFFFFF";
190 static const char modp_dh_8192_generator[] = "02";
193 static const char modp_dh_1024_160_prime[] =
194 "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
195 "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0"
196 "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
197 "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0"
198 "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" "DF1FB2BC2E4A4371";
199 static const char modp_dh_1024_160_generator[] =
200 "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
201 "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213"
202 "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
203 "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A"
204 "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" "855E6EEB22B3B2E5";
206 static const char modp_dh_2048_224_prime[] =
207 "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"
208 "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15"
209 "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"
210 "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207"
211 "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"
212 "B3BF8A317091883681286130BC8985DB1602E714415D9330"
213 "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"
214 "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8"
215 "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"
216 "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71"
217 "CF9DE5384E71B81C0AC4DFFE0C10E64F";
218 static const char modp_dh_2048_224_generator[] =
219 "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"
220 "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"
221 "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"
222 "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"
223 "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"
224 "F180EB34118E98D119529A45D6F834566E3025E316A330EF"
225 "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"
226 "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"
227 "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"
228 "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"
229 "81BC087F2A7065B384B890D3191F2BFA";
231 static const char modp_dh_2048_256_prime[] =
232 "87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F2"
233 "5D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA30"
234 "16C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD"
235 "5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B"
236 "6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C"
237 "4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0E"
238 "F13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D9"
239 "67E144E5140564251CCACB83E6B486F6B3CA3F7971506026"
240 "C0B857F689962856DED4010ABD0BE621C3A3960A54E710C3"
241 "75F26375D7014103A4B54330C198AF126116D2276E11715F"
242 "693877FAD7EF09CADB094AE91E1A1597";
243 static const char modp_dh_2048_256_generator[] =
244 "3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF2054"
245 "07F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555"
246 "BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18"
247 "A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B"
248 "777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC83"
249 "1D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55"
250 "A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14"
251 "C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915"
252 "B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6"
253 "184B523D1DB246C32F63078490F00EF8D647D148D4795451"
254 "5E2327CFEF98C582664B4C0F6CC41659";
257 ikev2_calc_prf (ikev2_sa_transform_t * tr, v8 * key, v8 * data)
259 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
265 unsigned int len = 0;
267 prf = vec_new (u8, tr->key_trunc);
268 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
269 ctx = HMAC_CTX_new ();
270 HMAC_Init_ex (ctx, key, vec_len (key), tr->md, NULL);
271 HMAC_Update (ctx, data, vec_len (data));
272 HMAC_Final (ctx, prf, &len);
275 HMAC_CTX_init (&ctx);
276 HMAC_Init_ex (&ctx, key, vec_len (key), tr->md, NULL);
277 HMAC_Update (&ctx, data, vec_len (data));
278 HMAC_Final (&ctx, prf, &len);
279 HMAC_CTX_cleanup (&ctx);
281 ASSERT (len == tr->key_trunc);
287 ikev2_calc_prfplus (ikev2_sa_transform_t * tr, u8 * key, u8 * seed, int len)
289 v8 *t = 0, *s = 0, *tmp = 0, *ret = 0;
292 /* prf+ (K,S) = T1 | T2 | T3 | T4 | ...
295 T1 = prf (K, S | 0x01)
296 T2 = prf (K, T1 | S | 0x02)
297 T3 = prf (K, T2 | S | 0x03)
298 T4 = prf (K, T3 | S | 0x04)
301 while (vec_len (ret) < len && x < 255)
309 vec_append (s, seed);
310 vec_add2 (s, tmp, 1);
312 t = ikev2_calc_prf (tr, key, s);
329 ikev2_calc_integr (ikev2_sa_transform_t * tr, v8 * key, u8 * data, int len)
332 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
339 ASSERT (tr->type == IKEV2_TRANSFORM_TYPE_INTEG);
341 r = vec_new (u8, tr->key_len);
343 if (tr->md == EVP_sha1 ())
345 ikev2_elog_debug ("integrity checking with sha1");
347 else if (tr->md == EVP_sha256 ())
349 ikev2_elog_debug ("integrity checking with sha256");
352 /* verify integrity of data */
353 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
354 hctx = HMAC_CTX_new ();
355 HMAC_Init_ex (hctx, key, vec_len (key), tr->md, NULL);
356 HMAC_Update (hctx, (const u8 *) data, len);
357 HMAC_Final (hctx, r, &l);
358 HMAC_CTX_free (hctx);
360 HMAC_CTX_init (&hctx);
361 HMAC_Init_ex (&hctx, key, vec_len (key), tr->md, NULL);
362 HMAC_Update (&hctx, (const u8 *) data, len);
363 HMAC_Final (&hctx, r, &l);
364 HMAC_CTX_cleanup (&hctx);
367 ASSERT (l == tr->key_len);
373 ikev2_decrypt_data (ikev2_sa_t * sa, u8 * data, int len)
375 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
381 int out_len = 0, block_size;
382 ikev2_sa_transform_t *tr_encr;
383 u8 *key = sa->is_initiator ? sa->sk_er : sa->sk_ei;
386 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
387 block_size = tr_encr->block_size;
389 /* check if data is multiplier of cipher block size */
390 if (len % block_size)
392 ikev2_elog_error ("wrong data length");
396 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
397 ctx = EVP_CIPHER_CTX_new ();
399 EVP_CIPHER_CTX_init (&ctx);
402 r = vec_new (u8, len - block_size);
404 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
405 EVP_DecryptInit_ex (ctx, tr_encr->cipher, NULL, key, data);
406 EVP_DecryptUpdate (ctx, r, &out_len, data + block_size, len - block_size);
407 EVP_DecryptFinal_ex (ctx, r + out_len, &out_len);
409 EVP_DecryptInit_ex (&ctx, tr_encr->cipher, NULL, key, data);
410 EVP_DecryptUpdate (&ctx, r, &out_len, data + block_size, len - block_size);
411 EVP_DecryptFinal_ex (&ctx, r + out_len, &out_len);
414 _vec_len (r) -= r[vec_len (r) - 1] + 1;
416 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
417 EVP_CIPHER_CTX_free (ctx);
419 EVP_CIPHER_CTX_cleanup (&ctx);
425 ikev2_encrypt_data (ikev2_sa_t * sa, v8 * src, u8 * dst)
427 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
434 ikev2_sa_transform_t *tr_encr;
435 u8 *key = sa->is_initiator ? sa->sk_ei : sa->sk_er;
438 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
439 bs = tr_encr->block_size;
442 RAND_bytes (dst, bs);
444 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
445 ctx = EVP_CIPHER_CTX_new ();
446 EVP_EncryptInit_ex (ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
447 EVP_EncryptUpdate (ctx, dst + bs, &out_len, src, vec_len (src));
448 EVP_CIPHER_CTX_free (ctx);
450 EVP_CIPHER_CTX_init (&ctx);
451 EVP_EncryptInit_ex (&ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
452 EVP_EncryptUpdate (&ctx, dst + bs, &out_len, src, vec_len (src));
453 EVP_CIPHER_CTX_cleanup (&ctx);
456 ASSERT (vec_len (src) == out_len);
462 ikev2_generate_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
466 if (t->dh_group == IKEV2_DH_GROUP_MODP)
469 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
472 const BIGNUM *pub_key, *priv_key;
474 BN_hex2bn (&p, t->dh_p);
475 BN_hex2bn (&g, t->dh_g);
476 DH_set0_pqg (dh, p, NULL, g);
478 BN_hex2bn (&dh->p, t->dh_p);
479 BN_hex2bn (&dh->g, t->dh_g);
481 DH_generate_key (dh);
483 if (sa->is_initiator)
485 sa->i_dh_data = vec_new (u8, t->key_len);
486 sa->dh_private_key = vec_new (u8, t->key_len);
487 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
488 DH_get0_key (dh, &pub_key, &priv_key);
489 r = BN_bn2bin (pub_key, sa->i_dh_data);
490 ASSERT (r == t->key_len);
491 r = BN_bn2bin (priv_key, sa->dh_private_key);
493 r = BN_bn2bin (dh->pub_key, sa->i_dh_data);
494 ASSERT (r == t->key_len);
495 r = BN_bn2bin (dh->priv_key, sa->dh_private_key);
497 ASSERT (r == t->key_len);
501 sa->r_dh_data = vec_new (u8, t->key_len);
502 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
503 DH_get0_key (dh, &pub_key, &priv_key);
504 r = BN_bn2bin (pub_key, sa->r_dh_data);
506 r = BN_bn2bin (dh->pub_key, sa->r_dh_data);
508 ASSERT (r == t->key_len);
511 sa->dh_shared_key = vec_new (u8, t->key_len);
512 ex = BN_bin2bn (sa->i_dh_data, vec_len (sa->i_dh_data), NULL);
513 r = DH_compute_key (sa->dh_shared_key, ex, dh);
514 ASSERT (r == t->key_len);
519 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
521 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
524 EC_KEY_generate_key (ec);
526 const EC_POINT *r_point = EC_KEY_get0_public_key (ec);
527 const EC_GROUP *group = EC_KEY_get0_group (ec);
528 BIGNUM *x = NULL, *y = NULL;
529 BN_CTX *bn_ctx = BN_CTX_new ();
530 u16 x_off, y_off, len;
531 EC_POINT *i_point = EC_POINT_new (group);
532 EC_POINT *shared_point = EC_POINT_new (group);
536 len = t->key_len / 2;
538 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
539 EC_POINT_get_affine_coordinates (group, r_point, x, y, bn_ctx);
541 EC_POINT_get_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
544 if (sa->is_initiator)
546 sa->i_dh_data = vec_new (u8, t->key_len);
547 x_off = len - BN_num_bytes (x);
548 clib_memset (sa->i_dh_data, 0, x_off);
549 BN_bn2bin (x, sa->i_dh_data + x_off);
550 y_off = t->key_len - BN_num_bytes (y);
551 clib_memset (sa->i_dh_data + len, 0, y_off - len);
552 BN_bn2bin (y, sa->i_dh_data + y_off);
554 const BIGNUM *prv = EC_KEY_get0_private_key (ec);
555 sa->dh_private_key = vec_new (u8, BN_num_bytes (prv));
556 r = BN_bn2bin (prv, sa->dh_private_key);
557 ASSERT (r == BN_num_bytes (prv));
561 sa->r_dh_data = vec_new (u8, t->key_len);
562 x_off = len - BN_num_bytes (x);
563 clib_memset (sa->r_dh_data, 0, x_off);
564 BN_bn2bin (x, sa->r_dh_data + x_off);
565 y_off = t->key_len - BN_num_bytes (y);
566 clib_memset (sa->r_dh_data + len, 0, y_off - len);
567 BN_bn2bin (y, sa->r_dh_data + y_off);
569 x = BN_bin2bn (sa->i_dh_data, len, x);
570 y = BN_bin2bn (sa->i_dh_data + len, len, y);
571 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
572 EC_POINT_set_affine_coordinates (group, i_point, x, y, bn_ctx);
574 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
576 sa->dh_shared_key = vec_new (u8, t->key_len);
577 EC_POINT_mul (group, shared_point, NULL, i_point,
578 EC_KEY_get0_private_key (ec), NULL);
579 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
580 EC_POINT_get_affine_coordinates (group, shared_point, x, y, bn_ctx);
582 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y,
585 x_off = len - BN_num_bytes (x);
586 clib_memset (sa->dh_shared_key, 0, x_off);
587 BN_bn2bin (x, sa->dh_shared_key + x_off);
588 y_off = t->key_len - BN_num_bytes (y);
589 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
590 BN_bn2bin (y, sa->dh_shared_key + y_off);
596 BN_CTX_free (bn_ctx);
597 EC_POINT_free (i_point);
598 EC_POINT_free (shared_point);
603 ikev2_complete_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
607 if (t->dh_group == IKEV2_DH_GROUP_MODP)
610 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
615 BN_hex2bn (&p, t->dh_p);
616 BN_hex2bn (&g, t->dh_g);
617 DH_set0_pqg (dh, p, NULL, g);
620 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
621 DH_set0_key (dh, NULL, priv_key);
623 BN_hex2bn (&dh->p, t->dh_p);
624 BN_hex2bn (&dh->g, t->dh_g);
627 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
630 sa->dh_shared_key = vec_new (u8, t->key_len);
631 ex = BN_bin2bn (sa->r_dh_data, vec_len (sa->r_dh_data), NULL);
632 r = DH_compute_key (sa->dh_shared_key, ex, dh);
633 ASSERT (r == t->key_len);
637 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
639 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
642 const EC_GROUP *group = EC_KEY_get0_group (ec);
643 BIGNUM *x = NULL, *y = NULL;
644 BN_CTX *bn_ctx = BN_CTX_new ();
645 u16 x_off, y_off, len;
649 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
650 EC_KEY_set_private_key (ec, prv);
654 len = t->key_len / 2;
656 x = BN_bin2bn (sa->r_dh_data, len, x);
657 y = BN_bin2bn (sa->r_dh_data + len, len, y);
658 EC_POINT *r_point = EC_POINT_new (group);
659 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
660 EC_POINT_set_affine_coordinates (group, r_point, x, y, bn_ctx);
662 EC_POINT_set_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
664 EC_KEY_set_public_key (ec, r_point);
666 EC_POINT *i_point = EC_POINT_new (group);
667 EC_POINT *shared_point = EC_POINT_new (group);
669 x = BN_bin2bn (sa->i_dh_data, len, x);
670 y = BN_bin2bn (sa->i_dh_data + len, len, y);
671 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
672 EC_POINT_set_affine_coordinates (group, i_point, x, y, bn_ctx);
674 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
676 EC_POINT_mul (group, shared_point, NULL, r_point,
677 EC_KEY_get0_private_key (ec), NULL);
678 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
679 EC_POINT_get_affine_coordinates (group, shared_point, x, y, bn_ctx);
681 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y, bn_ctx);
683 sa->dh_shared_key = vec_new (u8, t->key_len);
684 x_off = len - BN_num_bytes (x);
685 clib_memset (sa->dh_shared_key, 0, x_off);
686 BN_bn2bin (x, sa->dh_shared_key + x_off);
687 y_off = t->key_len - BN_num_bytes (y);
688 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
689 BN_bn2bin (y, sa->dh_shared_key + y_off);
695 BN_CTX_free (bn_ctx);
696 EC_POINT_free (i_point);
697 EC_POINT_free (r_point);
698 EC_POINT_free (shared_point);
703 ikev2_verify_sign (EVP_PKEY * pkey, u8 * sigbuf, u8 * data)
706 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
707 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
710 EVP_MD_CTX_init (&md_ctx);
713 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
714 EVP_VerifyInit (md_ctx, EVP_sha1 ());
715 EVP_VerifyUpdate (md_ctx, data, vec_len (data));
717 EVP_VerifyInit_ex (&md_ctx, EVP_sha1 (), NULL);
718 EVP_VerifyUpdate (&md_ctx, data, vec_len (data));
721 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
722 verify = EVP_VerifyFinal (md_ctx, sigbuf, vec_len (sigbuf), pkey);
723 EVP_MD_CTX_free (md_ctx);
725 verify = EVP_VerifyFinal (&md_ctx, sigbuf, vec_len (sigbuf), pkey);
726 EVP_MD_CTX_cleanup (&md_ctx);
732 ikev2_calc_sign (EVP_PKEY * pkey, u8 * data)
734 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
735 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
738 EVP_MD_CTX_init (&md_ctx);
740 unsigned int sig_len = 0;
743 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
744 EVP_SignInit (md_ctx, EVP_sha1 ());
745 EVP_SignUpdate (md_ctx, data, vec_len (data));
747 EVP_SignFinal (md_ctx, NULL, &sig_len, pkey);
748 sign = vec_new (u8, sig_len);
750 EVP_SignFinal (md_ctx, sign, &sig_len, pkey);
751 EVP_MD_CTX_free (md_ctx);
753 EVP_SignInit (&md_ctx, EVP_sha1 ());
754 EVP_SignUpdate (&md_ctx, data, vec_len (data));
756 EVP_SignFinal (&md_ctx, NULL, &sig_len, pkey);
757 sign = vec_new (u8, sig_len);
759 EVP_SignFinal (&md_ctx, sign, &sig_len, pkey);
760 EVP_MD_CTX_cleanup (&md_ctx);
766 ikev2_load_cert_file (u8 * file)
770 EVP_PKEY *pkey = NULL;
772 fp = fopen ((char *) file, "r");
775 ikev2_log_error ("open %s failed", file);
779 x509 = PEM_read_X509 (fp, NULL, NULL, NULL);
783 ikev2_log_error ("read cert %s failed", file);
787 pkey = X509_get_pubkey (x509);
789 ikev2_log_error ("get pubkey %s failed", file);
796 ikev2_load_key_file (u8 * file)
799 EVP_PKEY *pkey = NULL;
801 fp = fopen ((char *) file, "r");
804 ikev2_log_error ("open %s failed", file);
808 pkey = PEM_read_PrivateKey (fp, NULL, NULL, NULL);
811 ikev2_log_error ("read %s failed", file);
818 ikev2_crypto_init (ikev2_main_t * km)
820 ikev2_sa_transform_t *tr;
822 /* vector of supported transforms - in order of preference */
826 vec_add2 (km->supported_transforms, tr, 1);
827 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
828 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
829 tr->key_len = 256 / 8;
830 tr->block_size = 128 / 8;
831 tr->cipher = EVP_aes_256_cbc ();
833 vec_add2 (km->supported_transforms, tr, 1);
834 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
835 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
836 tr->key_len = 192 / 8;
837 tr->block_size = 128 / 8;
838 tr->cipher = EVP_aes_192_cbc ();
840 vec_add2 (km->supported_transforms, tr, 1);
841 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
842 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
843 tr->key_len = 128 / 8;
844 tr->block_size = 128 / 8;
845 tr->cipher = EVP_aes_128_cbc ();
847 vec_add2 (km->supported_transforms, tr, 1);
848 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
849 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
850 tr->key_len = 256 / 8;
851 tr->block_size = 128 / 8;
852 tr->cipher = EVP_aes_256_gcm ();
854 vec_add2 (km->supported_transforms, tr, 1);
855 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
856 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
857 tr->key_len = 192 / 8;
858 tr->block_size = 128 / 8;
859 tr->cipher = EVP_aes_192_gcm ();
861 vec_add2 (km->supported_transforms, tr, 1);
862 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
863 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
864 tr->key_len = 128 / 8;
865 tr->block_size = 128 / 8;
866 tr->cipher = EVP_aes_128_gcm ();
869 vec_add2 (km->supported_transforms, tr, 1);
870 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
871 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_256;
872 tr->key_len = 256 / 8;
873 tr->key_trunc = 256 / 8;
874 tr->md = EVP_sha256 ();
876 vec_add2 (km->supported_transforms, tr, 1);
877 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
878 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_384;
879 tr->key_len = 384 / 8;
880 tr->key_trunc = 384 / 8;
881 tr->md = EVP_sha384 ();
883 vec_add2 (km->supported_transforms, tr, 1);
884 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
885 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_512;
886 tr->key_len = 512 / 8;
887 tr->key_trunc = 512 / 8;
888 tr->md = EVP_sha512 ();
890 vec_add2 (km->supported_transforms, tr, 1);
891 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
892 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA1;
893 tr->key_len = 160 / 8;
894 tr->key_trunc = 160 / 8;
895 tr->md = EVP_sha1 ();
898 vec_add2 (km->supported_transforms, tr, 1);
899 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
900 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_256_128;
901 tr->key_len = 256 / 8;
902 tr->key_trunc = 128 / 8;
903 tr->md = EVP_sha256 ();
905 vec_add2 (km->supported_transforms, tr, 1);
906 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
907 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_384_192;
908 tr->key_len = 384 / 8;
909 tr->key_trunc = 192 / 8;
910 tr->md = EVP_sha384 ();
912 vec_add2 (km->supported_transforms, tr, 1);
913 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
914 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_512_256;
915 tr->key_len = 512 / 8;
916 tr->key_trunc = 256 / 8;
917 tr->md = EVP_sha512 ();
919 vec_add2 (km->supported_transforms, tr, 1);
920 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
921 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_160;
922 tr->key_len = 160 / 8;
923 tr->key_trunc = 160 / 8;
924 tr->md = EVP_sha1 ();
926 vec_add2 (km->supported_transforms, tr, 1);
927 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
928 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96;
929 tr->key_len = 160 / 8;
930 tr->key_trunc = 96 / 8;
931 tr->md = EVP_sha1 ();
934 #if defined(OPENSSL_NO_CISCO_FECDH)
935 vec_add2 (km->supported_transforms, tr, 1);
936 tr->type = IKEV2_TRANSFORM_TYPE_DH;
937 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_512;
938 tr->key_len = (512 * 2) / 8;
939 tr->nid = NID_brainpoolP512r1;
940 tr->dh_group = IKEV2_DH_GROUP_ECP;
942 vec_add2 (km->supported_transforms, tr, 1);
943 tr->type = IKEV2_TRANSFORM_TYPE_DH;
944 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_384;
945 tr->key_len = (384 * 2) / 8;
946 tr->nid = NID_brainpoolP384r1;
947 tr->dh_group = IKEV2_DH_GROUP_ECP;
949 vec_add2 (km->supported_transforms, tr, 1);
950 tr->type = IKEV2_TRANSFORM_TYPE_DH;
951 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_256;
952 tr->key_len = (256 * 2) / 8;
953 tr->nid = NID_brainpoolP256r1;
954 tr->dh_group = IKEV2_DH_GROUP_ECP;
956 vec_add2 (km->supported_transforms, tr, 1);
957 tr->type = IKEV2_TRANSFORM_TYPE_DH;
958 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_224;
959 tr->key_len = (224 * 2) / 8;
960 tr->nid = NID_brainpoolP224r1;
961 tr->dh_group = IKEV2_DH_GROUP_ECP;
963 vec_add2 (km->supported_transforms, tr, 1);
964 tr->type = IKEV2_TRANSFORM_TYPE_DH;
965 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_224;
966 tr->key_len = (224 * 2) / 8;
967 tr->nid = NID_secp224r1;
968 tr->dh_group = IKEV2_DH_GROUP_ECP;
971 vec_add2 (km->supported_transforms, tr, 1);
972 tr->type = IKEV2_TRANSFORM_TYPE_DH;
973 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_521;
974 tr->key_len = (528 * 2) / 8;
975 tr->nid = NID_secp521r1;
976 tr->dh_group = IKEV2_DH_GROUP_ECP;
978 vec_add2 (km->supported_transforms, tr, 1);
979 tr->type = IKEV2_TRANSFORM_TYPE_DH;
980 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_384;
981 tr->key_len = (384 * 2) / 8;
982 tr->nid = NID_secp384r1;
983 tr->dh_group = IKEV2_DH_GROUP_ECP;
985 vec_add2 (km->supported_transforms, tr, 1);
986 tr->type = IKEV2_TRANSFORM_TYPE_DH;
987 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_256;
988 tr->key_len = (256 * 2) / 8;
989 tr->nid = NID_X9_62_prime256v1;
990 tr->dh_group = IKEV2_DH_GROUP_ECP;
992 vec_add2 (km->supported_transforms, tr, 1);
993 tr->type = IKEV2_TRANSFORM_TYPE_DH;
994 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_192;
995 tr->key_len = (192 * 2) / 8;
996 tr->nid = NID_X9_62_prime192v1;
997 tr->dh_group = IKEV2_DH_GROUP_ECP;
999 vec_add2 (km->supported_transforms, tr, 1);
1000 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1001 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_256;
1002 tr->key_len = 2048 / 8;
1003 tr->dh_p = (const char *) &modp_dh_2048_256_prime;
1004 tr->dh_g = (const char *) &modp_dh_2048_256_generator;
1005 tr->dh_group = IKEV2_DH_GROUP_MODP;
1007 vec_add2 (km->supported_transforms, tr, 1);
1008 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1009 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_224;
1010 tr->key_len = 2048 / 8;
1011 tr->dh_p = (const char *) &modp_dh_2048_224_prime;
1012 tr->dh_g = (const char *) &modp_dh_2048_224_generator;
1013 tr->dh_group = IKEV2_DH_GROUP_MODP;
1015 vec_add2 (km->supported_transforms, tr, 1);
1016 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1017 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024_160;
1018 tr->key_len = 1024 / 8;
1019 tr->dh_p = (const char *) &modp_dh_1024_160_prime;
1020 tr->dh_g = (const char *) &modp_dh_1024_160_generator;
1021 tr->dh_group = IKEV2_DH_GROUP_MODP;
1023 vec_add2 (km->supported_transforms, tr, 1);
1024 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1025 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_8192;
1026 tr->key_len = 8192 / 8;
1027 tr->dh_p = (const char *) &modp_dh_8192_prime;
1028 tr->dh_g = (const char *) &modp_dh_8192_generator;
1029 tr->dh_group = IKEV2_DH_GROUP_MODP;
1031 vec_add2 (km->supported_transforms, tr, 1);
1032 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1033 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_6144;
1034 tr->key_len = 6144 / 8;
1035 tr->dh_p = (const char *) &modp_dh_6144_prime;
1036 tr->dh_g = (const char *) &modp_dh_6144_generator;
1037 tr->dh_group = IKEV2_DH_GROUP_MODP;
1039 vec_add2 (km->supported_transforms, tr, 1);
1040 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1041 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_4096;
1042 tr->key_len = 4096 / 8;
1043 tr->dh_p = (const char *) &modp_dh_4096_prime;
1044 tr->dh_g = (const char *) &modp_dh_4096_generator;
1045 tr->dh_group = IKEV2_DH_GROUP_MODP;
1047 vec_add2 (km->supported_transforms, tr, 1);
1048 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1049 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_3072;
1050 tr->key_len = 3072 / 8;
1051 tr->dh_p = (const char *) &modp_dh_3072_prime;
1052 tr->dh_g = (const char *) &modp_dh_3072_generator;
1053 tr->dh_group = IKEV2_DH_GROUP_MODP;
1055 vec_add2 (km->supported_transforms, tr, 1);
1056 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1057 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048;
1058 tr->key_len = 2048 / 8;
1059 tr->dh_p = (const char *) &modp_dh_2048_prime;
1060 tr->dh_g = (const char *) &modp_dh_2048_generator;
1061 tr->dh_group = IKEV2_DH_GROUP_MODP;
1063 vec_add2 (km->supported_transforms, tr, 1);
1064 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1065 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1536;
1066 tr->key_len = 1536 / 8;
1067 tr->dh_p = (const char *) &modp_dh_1536_prime;
1068 tr->dh_g = (const char *) &modp_dh_1536_generator;
1069 tr->dh_group = IKEV2_DH_GROUP_MODP;
1071 vec_add2 (km->supported_transforms, tr, 1);
1072 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1073 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024;
1074 tr->key_len = 1024 / 8;
1075 tr->dh_p = (const char *) &modp_dh_1024_prime;
1076 tr->dh_g = (const char *) &modp_dh_1024_generator;
1077 tr->dh_group = IKEV2_DH_GROUP_MODP;
1079 vec_add2 (km->supported_transforms, tr, 1);
1080 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1081 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_768;
1082 tr->key_len = 768 / 8;
1083 tr->dh_p = (const char *) &modp_dh_768_prime;
1084 tr->dh_g = (const char *) &modp_dh_768_generator;
1085 tr->dh_group = IKEV2_DH_GROUP_MODP;
1087 vec_add2 (km->supported_transforms, tr, 1);
1088 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1089 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_ESN;
1091 vec_add2 (km->supported_transforms, tr, 1);
1092 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1093 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_NO_ESN;
1099 * fd.io coding-style-patch-verification: ON
1102 * eval: (c-set-style "gnu")