2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vlib/vlib.h>
17 #include <vnet/vnet.h>
18 #include <vnet/pg/pg.h>
19 #include <vppinfra/error.h>
20 #include <vnet/udp/udp.h>
21 #include <plugins/ikev2/ikev2.h>
22 #include <plugins/ikev2/ikev2_priv.h>
23 #include <openssl/obj_mac.h>
24 #include <openssl/ec.h>
25 #include <openssl/x509.h>
26 #include <openssl/pem.h>
27 #include <openssl/bn.h>
28 #include <openssl/dh.h>
31 static const char modp_dh_768_prime[] =
32 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
33 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
34 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
35 "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF";
36 static const char modp_dh_768_generator[] = "02";
38 static const char modp_dh_1024_prime[] =
39 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
40 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
41 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
42 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
43 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" "FFFFFFFFFFFFFFFF";
44 static const char modp_dh_1024_generator[] = "02";
47 static const char modp_dh_1536_prime[] =
48 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
49 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
50 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
51 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
52 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
53 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
54 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
55 "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF";
56 static const char modp_dh_1536_generator[] = "02";
58 static const char modp_dh_2048_prime[] =
59 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
60 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
61 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
62 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
63 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
64 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
65 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
66 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
67 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
68 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
69 "15728E5A8AACAA68FFFFFFFFFFFFFFFF";
70 static const char modp_dh_2048_generator[] = "02";
72 static const char modp_dh_3072_prime[] =
73 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
74 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
75 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
76 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
77 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
78 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
79 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
80 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
81 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
82 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
83 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
84 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
85 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
86 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
87 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
88 "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF";
89 static const char modp_dh_3072_generator[] = "02";
91 static const char modp_dh_4096_prime[] =
92 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
93 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
94 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
95 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
96 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
97 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
98 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
99 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
100 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
101 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
102 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
103 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
104 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
105 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
106 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
107 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
108 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
109 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
110 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
111 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
112 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" "FFFFFFFFFFFFFFFF";
113 static const char modp_dh_4096_generator[] = "02";
115 static const char modp_dh_6144_prime[] =
116 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
117 "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
118 "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
119 "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
120 "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
121 "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
122 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
123 "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
124 "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
125 "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
126 "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
127 "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
128 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
129 "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
130 "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
131 "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
132 "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
133 "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
134 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
135 "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
136 "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
137 "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
138 "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
139 "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
140 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
141 "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
142 "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E"
143 "6DCC4024FFFFFFFFFFFFFFFF";
144 static const char modp_dh_6144_generator[] = "02";
146 static const char modp_dh_8192_prime[] =
147 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
148 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
149 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
150 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
151 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
152 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
153 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
154 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
155 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
156 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
157 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
158 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
159 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
160 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
161 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
162 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
163 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
164 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
165 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
166 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
167 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
168 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD"
169 "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831"
170 "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B"
171 "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF"
172 "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6"
173 "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3"
174 "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
175 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328"
176 "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C"
177 "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE"
178 "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4"
179 "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300"
180 "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568"
181 "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9"
182 "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B"
183 "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A"
184 "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36"
185 "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1"
186 "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92"
187 "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47"
188 "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71"
189 "60C980DD98EDD3DFFFFFFFFFFFFFFFFF";
190 static const char modp_dh_8192_generator[] = "02";
193 static const char modp_dh_1024_160_prime[] =
194 "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
195 "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0"
196 "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
197 "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0"
198 "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" "DF1FB2BC2E4A4371";
199 static const char modp_dh_1024_160_generator[] =
200 "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
201 "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213"
202 "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
203 "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A"
204 "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" "855E6EEB22B3B2E5";
206 static const char modp_dh_2048_224_prime[] =
207 "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"
208 "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15"
209 "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"
210 "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207"
211 "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"
212 "B3BF8A317091883681286130BC8985DB1602E714415D9330"
213 "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"
214 "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8"
215 "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"
216 "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71"
217 "CF9DE5384E71B81C0AC4DFFE0C10E64F";
218 static const char modp_dh_2048_224_generator[] =
219 "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"
220 "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"
221 "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"
222 "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"
223 "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"
224 "F180EB34118E98D119529A45D6F834566E3025E316A330EF"
225 "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"
226 "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"
227 "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"
228 "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"
229 "81BC087F2A7065B384B890D3191F2BFA";
231 static const char modp_dh_2048_256_prime[] =
232 "87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F2"
233 "5D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA30"
234 "16C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD"
235 "5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B"
236 "6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C"
237 "4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0E"
238 "F13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D9"
239 "67E144E5140564251CCACB83E6B486F6B3CA3F7971506026"
240 "C0B857F689962856DED4010ABD0BE621C3A3960A54E710C3"
241 "75F26375D7014103A4B54330C198AF126116D2276E11715F"
242 "693877FAD7EF09CADB094AE91E1A1597";
243 static const char modp_dh_2048_256_generator[] =
244 "3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF2054"
245 "07F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555"
246 "BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18"
247 "A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B"
248 "777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC83"
249 "1D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55"
250 "A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14"
251 "C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915"
252 "B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6"
253 "184B523D1DB246C32F63078490F00EF8D647D148D4795451"
254 "5E2327CFEF98C582664B4C0F6CC41659";
257 ikev2_calc_prf (ikev2_sa_transform_t * tr, v8 * key, v8 * data)
259 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
265 unsigned int len = 0;
267 prf = vec_new (u8, tr->key_trunc);
268 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
269 ctx = HMAC_CTX_new ();
270 HMAC_Init_ex (ctx, key, vec_len (key), tr->md, NULL);
271 HMAC_Update (ctx, data, vec_len (data));
272 HMAC_Final (ctx, prf, &len);
275 HMAC_CTX_init (&ctx);
276 HMAC_Init_ex (&ctx, key, vec_len (key), tr->md, NULL);
277 HMAC_Update (&ctx, data, vec_len (data));
278 HMAC_Final (&ctx, prf, &len);
279 HMAC_CTX_cleanup (&ctx);
281 ASSERT (len == tr->key_trunc);
287 ikev2_calc_prfplus (ikev2_sa_transform_t * tr, u8 * key, u8 * seed, int len)
289 v8 *t = 0, *s = 0, *tmp = 0, *ret = 0;
292 /* prf+ (K,S) = T1 | T2 | T3 | T4 | ...
295 T1 = prf (K, S | 0x01)
296 T2 = prf (K, T1 | S | 0x02)
297 T3 = prf (K, T2 | S | 0x03)
298 T4 = prf (K, T3 | S | 0x04)
301 while (vec_len (ret) < len && x < 255)
309 vec_append (s, seed);
310 vec_add2 (s, tmp, 1);
312 t = ikev2_calc_prf (tr, key, s);
329 ikev2_calc_integr (ikev2_sa_transform_t * tr, v8 * key, u8 * data, int len)
332 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
339 ASSERT (tr->type == IKEV2_TRANSFORM_TYPE_INTEG);
341 r = vec_new (u8, tr->key_len);
343 if (tr->md == EVP_sha1 ())
345 ikev2_elog_debug ("integrity checking with sha1");
347 else if (tr->md == EVP_sha256 ())
349 ikev2_elog_debug ("integrity checking with sha256");
352 /* verify integrity of data */
353 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
354 hctx = HMAC_CTX_new ();
355 HMAC_Init_ex (hctx, key, vec_len (key), tr->md, NULL);
356 HMAC_Update (hctx, (const u8 *) data, len);
357 HMAC_Final (hctx, r, &l);
358 HMAC_CTX_free (hctx);
360 HMAC_CTX_init (&hctx);
361 HMAC_Init_ex (&hctx, key, vec_len (key), tr->md, NULL);
362 HMAC_Update (&hctx, (const u8 *) data, len);
363 HMAC_Final (&hctx, r, &l);
364 HMAC_CTX_cleanup (&hctx);
367 ASSERT (l == tr->key_len);
373 ikev2_decrypt_data (ikev2_sa_t * sa, u8 * data, int len)
375 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
381 int out_len = 0, block_size;
382 ikev2_sa_transform_t *tr_encr;
383 u8 *key = sa->is_initiator ? sa->sk_er : sa->sk_ei;
386 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
387 block_size = tr_encr->block_size;
389 /* check if data is multiplier of cipher block size */
390 if (len % block_size)
392 ikev2_elog_error ("wrong data length");
396 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
397 ctx = EVP_CIPHER_CTX_new ();
399 EVP_CIPHER_CTX_init (&ctx);
402 r = vec_new (u8, len - block_size);
404 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
405 EVP_DecryptInit_ex (ctx, tr_encr->cipher, NULL, key, data);
406 EVP_DecryptUpdate (ctx, r, &out_len, data + block_size, len - block_size);
407 EVP_DecryptFinal_ex (ctx, r + out_len, &out_len);
409 EVP_DecryptInit_ex (&ctx, tr_encr->cipher, NULL, key, data);
410 EVP_DecryptUpdate (&ctx, r, &out_len, data + block_size, len - block_size);
411 EVP_DecryptFinal_ex (&ctx, r + out_len, &out_len);
414 _vec_len (r) -= r[vec_len (r) - 1] + 1;
416 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
417 EVP_CIPHER_CTX_free (ctx);
419 EVP_CIPHER_CTX_cleanup (&ctx);
425 ikev2_encrypt_data (ikev2_sa_t * sa, v8 * src, u8 * dst)
427 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
434 ikev2_sa_transform_t *tr_encr;
435 u8 *key = sa->is_initiator ? sa->sk_ei : sa->sk_er;
438 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
439 bs = tr_encr->block_size;
442 RAND_bytes (dst, bs);
444 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
445 ctx = EVP_CIPHER_CTX_new ();
446 EVP_EncryptInit_ex (ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
447 EVP_EncryptUpdate (ctx, dst + bs, &out_len, src, vec_len (src));
448 EVP_CIPHER_CTX_free (ctx);
450 EVP_CIPHER_CTX_init (&ctx);
451 EVP_EncryptInit_ex (&ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
452 EVP_EncryptUpdate (&ctx, dst + bs, &out_len, src, vec_len (src));
453 EVP_CIPHER_CTX_cleanup (&ctx);
456 ASSERT (vec_len (src) == out_len);
463 BN_bn2binpad (const BIGNUM * a, unsigned char *to, int tolen)
465 int r = BN_bn2bin (a, to);
470 vec_insert (to, pad, 0);
471 clib_memset (to, 0, pad);
472 _vec_len (to) -= pad;
479 ikev2_generate_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
483 if (t->dh_group == IKEV2_DH_GROUP_MODP)
486 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
489 const BIGNUM *pub_key, *priv_key;
491 BN_hex2bn (&p, t->dh_p);
492 BN_hex2bn (&g, t->dh_g);
493 DH_set0_pqg (dh, p, NULL, g);
495 BN_hex2bn (&dh->p, t->dh_p);
496 BN_hex2bn (&dh->g, t->dh_g);
498 DH_generate_key (dh);
500 if (sa->is_initiator)
502 sa->i_dh_data = vec_new (u8, t->key_len);
503 sa->dh_private_key = vec_new (u8, t->key_len);
504 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
505 DH_get0_key (dh, &pub_key, &priv_key);
506 r = BN_bn2binpad (pub_key, sa->i_dh_data, t->key_len);
507 ASSERT (r == t->key_len);
508 r = BN_bn2binpad (priv_key, sa->dh_private_key, t->key_len);
510 r = BN_bn2binpad (dh->pub_key, sa->i_dh_data, t->key_len);
511 ASSERT (r == t->key_len);
512 r = BN_bn2binpad (dh->priv_key, sa->dh_private_key, t->key_len);
514 ASSERT (r == t->key_len);
518 sa->r_dh_data = vec_new (u8, t->key_len);
519 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
520 DH_get0_key (dh, &pub_key, &priv_key);
521 r = BN_bn2binpad (pub_key, sa->r_dh_data, t->key_len);
523 r = BN_bn2binpad (dh->pub_key, sa->r_dh_data, t->key_len);
525 ASSERT (r == t->key_len);
528 sa->dh_shared_key = vec_new (u8, t->key_len);
529 ex = BN_bin2bn (sa->i_dh_data, vec_len (sa->i_dh_data), NULL);
530 r = DH_compute_key (sa->dh_shared_key, ex, dh);
531 ASSERT (t->key_len >= r);
532 int pad = t->key_len - r;
535 vec_insert (sa->dh_shared_key, pad, 0);
536 clib_memset (sa->dh_shared_key, 0, pad);
537 _vec_len (sa->dh_shared_key) -= pad;
543 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
545 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
548 EC_KEY_generate_key (ec);
550 const EC_POINT *r_point = EC_KEY_get0_public_key (ec);
551 const EC_GROUP *group = EC_KEY_get0_group (ec);
552 BIGNUM *x = NULL, *y = NULL;
553 BN_CTX *bn_ctx = BN_CTX_new ();
554 u16 x_off, y_off, len;
555 EC_POINT *i_point = EC_POINT_new (group);
556 EC_POINT *shared_point = EC_POINT_new (group);
560 len = t->key_len / 2;
562 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
563 EC_POINT_get_affine_coordinates (group, r_point, x, y, bn_ctx);
565 EC_POINT_get_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
568 if (sa->is_initiator)
570 sa->i_dh_data = vec_new (u8, t->key_len);
571 x_off = len - BN_num_bytes (x);
572 clib_memset (sa->i_dh_data, 0, x_off);
573 BN_bn2bin (x, sa->i_dh_data + x_off);
574 y_off = t->key_len - BN_num_bytes (y);
575 clib_memset (sa->i_dh_data + len, 0, y_off - len);
576 BN_bn2bin (y, sa->i_dh_data + y_off);
578 const BIGNUM *prv = EC_KEY_get0_private_key (ec);
579 sa->dh_private_key = vec_new (u8, BN_num_bytes (prv));
580 r = BN_bn2bin (prv, sa->dh_private_key);
581 ASSERT (r == BN_num_bytes (prv));
585 sa->r_dh_data = vec_new (u8, t->key_len);
586 x_off = len - BN_num_bytes (x);
587 clib_memset (sa->r_dh_data, 0, x_off);
588 BN_bn2bin (x, sa->r_dh_data + x_off);
589 y_off = t->key_len - BN_num_bytes (y);
590 clib_memset (sa->r_dh_data + len, 0, y_off - len);
591 BN_bn2bin (y, sa->r_dh_data + y_off);
593 x = BN_bin2bn (sa->i_dh_data, len, x);
594 y = BN_bin2bn (sa->i_dh_data + len, len, y);
595 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
596 EC_POINT_set_affine_coordinates (group, i_point, x, y, bn_ctx);
598 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
600 sa->dh_shared_key = vec_new (u8, t->key_len);
601 EC_POINT_mul (group, shared_point, NULL, i_point,
602 EC_KEY_get0_private_key (ec), NULL);
603 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
604 EC_POINT_get_affine_coordinates (group, shared_point, x, y, bn_ctx);
606 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y,
609 x_off = len - BN_num_bytes (x);
610 clib_memset (sa->dh_shared_key, 0, x_off);
611 BN_bn2bin (x, sa->dh_shared_key + x_off);
612 y_off = t->key_len - BN_num_bytes (y);
613 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
614 BN_bn2bin (y, sa->dh_shared_key + y_off);
620 BN_CTX_free (bn_ctx);
621 EC_POINT_free (i_point);
622 EC_POINT_free (shared_point);
627 ikev2_complete_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
631 if (t->dh_group == IKEV2_DH_GROUP_MODP)
634 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
639 BN_hex2bn (&p, t->dh_p);
640 BN_hex2bn (&g, t->dh_g);
641 DH_set0_pqg (dh, p, NULL, g);
644 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
645 DH_set0_key (dh, NULL, priv_key);
647 BN_hex2bn (&dh->p, t->dh_p);
648 BN_hex2bn (&dh->g, t->dh_g);
651 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
654 sa->dh_shared_key = vec_new (u8, t->key_len);
655 ex = BN_bin2bn (sa->r_dh_data, vec_len (sa->r_dh_data), NULL);
656 r = DH_compute_key (sa->dh_shared_key, ex, dh);
657 ASSERT (t->key_len >= r);
658 int pad = t->key_len - r;
661 vec_insert (sa->dh_shared_key, pad, 0);
662 clib_memset (sa->dh_shared_key, 0, pad);
663 _vec_len (sa->dh_shared_key) -= pad;
668 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
670 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
673 const EC_GROUP *group = EC_KEY_get0_group (ec);
674 BIGNUM *x = NULL, *y = NULL;
675 BN_CTX *bn_ctx = BN_CTX_new ();
676 u16 x_off, y_off, len;
680 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
681 EC_KEY_set_private_key (ec, prv);
685 len = t->key_len / 2;
687 x = BN_bin2bn (sa->r_dh_data, len, x);
688 y = BN_bin2bn (sa->r_dh_data + len, len, y);
689 EC_POINT *r_point = EC_POINT_new (group);
690 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
691 EC_POINT_set_affine_coordinates (group, r_point, x, y, bn_ctx);
693 EC_POINT_set_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
695 EC_KEY_set_public_key (ec, r_point);
697 EC_POINT *i_point = EC_POINT_new (group);
698 EC_POINT *shared_point = EC_POINT_new (group);
700 x = BN_bin2bn (sa->i_dh_data, len, x);
701 y = BN_bin2bn (sa->i_dh_data + len, len, y);
702 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
703 EC_POINT_set_affine_coordinates (group, i_point, x, y, bn_ctx);
705 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
707 EC_POINT_mul (group, shared_point, NULL, r_point,
708 EC_KEY_get0_private_key (ec), NULL);
709 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
710 EC_POINT_get_affine_coordinates (group, shared_point, x, y, bn_ctx);
712 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y, bn_ctx);
714 sa->dh_shared_key = vec_new (u8, t->key_len);
715 x_off = len - BN_num_bytes (x);
716 clib_memset (sa->dh_shared_key, 0, x_off);
717 BN_bn2bin (x, sa->dh_shared_key + x_off);
718 y_off = t->key_len - BN_num_bytes (y);
719 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
720 BN_bn2bin (y, sa->dh_shared_key + y_off);
726 BN_CTX_free (bn_ctx);
727 EC_POINT_free (i_point);
728 EC_POINT_free (r_point);
729 EC_POINT_free (shared_point);
734 ikev2_verify_sign (EVP_PKEY * pkey, u8 * sigbuf, u8 * data)
737 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
738 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
741 EVP_MD_CTX_init (&md_ctx);
744 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
745 EVP_VerifyInit (md_ctx, EVP_sha1 ());
746 EVP_VerifyUpdate (md_ctx, data, vec_len (data));
748 EVP_VerifyInit_ex (&md_ctx, EVP_sha1 (), NULL);
749 EVP_VerifyUpdate (&md_ctx, data, vec_len (data));
752 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
753 verify = EVP_VerifyFinal (md_ctx, sigbuf, vec_len (sigbuf), pkey);
754 EVP_MD_CTX_free (md_ctx);
756 verify = EVP_VerifyFinal (&md_ctx, sigbuf, vec_len (sigbuf), pkey);
757 EVP_MD_CTX_cleanup (&md_ctx);
763 ikev2_calc_sign (EVP_PKEY * pkey, u8 * data)
765 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
766 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
769 EVP_MD_CTX_init (&md_ctx);
771 unsigned int sig_len = 0;
774 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
775 EVP_SignInit (md_ctx, EVP_sha1 ());
776 EVP_SignUpdate (md_ctx, data, vec_len (data));
778 EVP_SignFinal (md_ctx, NULL, &sig_len, pkey);
779 sign = vec_new (u8, sig_len);
781 EVP_SignFinal (md_ctx, sign, &sig_len, pkey);
782 EVP_MD_CTX_free (md_ctx);
784 EVP_SignInit (&md_ctx, EVP_sha1 ());
785 EVP_SignUpdate (&md_ctx, data, vec_len (data));
787 EVP_SignFinal (&md_ctx, NULL, &sig_len, pkey);
788 sign = vec_new (u8, sig_len);
790 EVP_SignFinal (&md_ctx, sign, &sig_len, pkey);
791 EVP_MD_CTX_cleanup (&md_ctx);
797 ikev2_load_cert_file (u8 * file)
801 EVP_PKEY *pkey = NULL;
803 fp = fopen ((char *) file, "r");
806 ikev2_log_error ("open %s failed", file);
810 x509 = PEM_read_X509 (fp, NULL, NULL, NULL);
814 ikev2_log_error ("read cert %s failed", file);
818 pkey = X509_get_pubkey (x509);
820 ikev2_log_error ("get pubkey %s failed", file);
827 ikev2_load_key_file (u8 * file)
830 EVP_PKEY *pkey = NULL;
832 fp = fopen ((char *) file, "r");
835 ikev2_log_error ("open %s failed", file);
839 pkey = PEM_read_PrivateKey (fp, NULL, NULL, NULL);
842 ikev2_log_error ("read %s failed", file);
849 ikev2_crypto_init (ikev2_main_t * km)
851 ikev2_sa_transform_t *tr;
853 /* vector of supported transforms - in order of preference */
857 vec_add2 (km->supported_transforms, tr, 1);
858 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
859 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
860 tr->key_len = 256 / 8;
861 tr->block_size = 128 / 8;
862 tr->cipher = EVP_aes_256_cbc ();
864 vec_add2 (km->supported_transforms, tr, 1);
865 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
866 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
867 tr->key_len = 192 / 8;
868 tr->block_size = 128 / 8;
869 tr->cipher = EVP_aes_192_cbc ();
871 vec_add2 (km->supported_transforms, tr, 1);
872 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
873 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
874 tr->key_len = 128 / 8;
875 tr->block_size = 128 / 8;
876 tr->cipher = EVP_aes_128_cbc ();
878 vec_add2 (km->supported_transforms, tr, 1);
879 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
880 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
881 tr->key_len = 256 / 8;
882 tr->block_size = 128 / 8;
883 tr->cipher = EVP_aes_256_gcm ();
885 vec_add2 (km->supported_transforms, tr, 1);
886 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
887 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
888 tr->key_len = 192 / 8;
889 tr->block_size = 128 / 8;
890 tr->cipher = EVP_aes_192_gcm ();
892 vec_add2 (km->supported_transforms, tr, 1);
893 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
894 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
895 tr->key_len = 128 / 8;
896 tr->block_size = 128 / 8;
897 tr->cipher = EVP_aes_128_gcm ();
900 vec_add2 (km->supported_transforms, tr, 1);
901 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
902 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_256;
903 tr->key_len = 256 / 8;
904 tr->key_trunc = 256 / 8;
905 tr->md = EVP_sha256 ();
907 vec_add2 (km->supported_transforms, tr, 1);
908 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
909 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_384;
910 tr->key_len = 384 / 8;
911 tr->key_trunc = 384 / 8;
912 tr->md = EVP_sha384 ();
914 vec_add2 (km->supported_transforms, tr, 1);
915 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
916 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_512;
917 tr->key_len = 512 / 8;
918 tr->key_trunc = 512 / 8;
919 tr->md = EVP_sha512 ();
921 vec_add2 (km->supported_transforms, tr, 1);
922 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
923 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA1;
924 tr->key_len = 160 / 8;
925 tr->key_trunc = 160 / 8;
926 tr->md = EVP_sha1 ();
929 vec_add2 (km->supported_transforms, tr, 1);
930 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
931 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_256_128;
932 tr->key_len = 256 / 8;
933 tr->key_trunc = 128 / 8;
934 tr->md = EVP_sha256 ();
936 vec_add2 (km->supported_transforms, tr, 1);
937 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
938 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_384_192;
939 tr->key_len = 384 / 8;
940 tr->key_trunc = 192 / 8;
941 tr->md = EVP_sha384 ();
943 vec_add2 (km->supported_transforms, tr, 1);
944 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
945 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_512_256;
946 tr->key_len = 512 / 8;
947 tr->key_trunc = 256 / 8;
948 tr->md = EVP_sha512 ();
950 vec_add2 (km->supported_transforms, tr, 1);
951 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
952 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_160;
953 tr->key_len = 160 / 8;
954 tr->key_trunc = 160 / 8;
955 tr->md = EVP_sha1 ();
957 vec_add2 (km->supported_transforms, tr, 1);
958 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
959 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96;
960 tr->key_len = 160 / 8;
961 tr->key_trunc = 96 / 8;
962 tr->md = EVP_sha1 ();
965 #if defined(OPENSSL_NO_CISCO_FECDH)
966 vec_add2 (km->supported_transforms, tr, 1);
967 tr->type = IKEV2_TRANSFORM_TYPE_DH;
968 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_512;
969 tr->key_len = (512 * 2) / 8;
970 tr->nid = NID_brainpoolP512r1;
971 tr->dh_group = IKEV2_DH_GROUP_ECP;
973 vec_add2 (km->supported_transforms, tr, 1);
974 tr->type = IKEV2_TRANSFORM_TYPE_DH;
975 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_384;
976 tr->key_len = (384 * 2) / 8;
977 tr->nid = NID_brainpoolP384r1;
978 tr->dh_group = IKEV2_DH_GROUP_ECP;
980 vec_add2 (km->supported_transforms, tr, 1);
981 tr->type = IKEV2_TRANSFORM_TYPE_DH;
982 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_256;
983 tr->key_len = (256 * 2) / 8;
984 tr->nid = NID_brainpoolP256r1;
985 tr->dh_group = IKEV2_DH_GROUP_ECP;
987 vec_add2 (km->supported_transforms, tr, 1);
988 tr->type = IKEV2_TRANSFORM_TYPE_DH;
989 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_224;
990 tr->key_len = (224 * 2) / 8;
991 tr->nid = NID_brainpoolP224r1;
992 tr->dh_group = IKEV2_DH_GROUP_ECP;
994 vec_add2 (km->supported_transforms, tr, 1);
995 tr->type = IKEV2_TRANSFORM_TYPE_DH;
996 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_224;
997 tr->key_len = (224 * 2) / 8;
998 tr->nid = NID_secp224r1;
999 tr->dh_group = IKEV2_DH_GROUP_ECP;
1002 vec_add2 (km->supported_transforms, tr, 1);
1003 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1004 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_521;
1005 tr->key_len = (528 * 2) / 8;
1006 tr->nid = NID_secp521r1;
1007 tr->dh_group = IKEV2_DH_GROUP_ECP;
1009 vec_add2 (km->supported_transforms, tr, 1);
1010 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1011 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_384;
1012 tr->key_len = (384 * 2) / 8;
1013 tr->nid = NID_secp384r1;
1014 tr->dh_group = IKEV2_DH_GROUP_ECP;
1016 vec_add2 (km->supported_transforms, tr, 1);
1017 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1018 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_256;
1019 tr->key_len = (256 * 2) / 8;
1020 tr->nid = NID_X9_62_prime256v1;
1021 tr->dh_group = IKEV2_DH_GROUP_ECP;
1023 vec_add2 (km->supported_transforms, tr, 1);
1024 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1025 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_192;
1026 tr->key_len = (192 * 2) / 8;
1027 tr->nid = NID_X9_62_prime192v1;
1028 tr->dh_group = IKEV2_DH_GROUP_ECP;
1030 vec_add2 (km->supported_transforms, tr, 1);
1031 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1032 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_256;
1033 tr->key_len = 2048 / 8;
1034 tr->dh_p = (const char *) &modp_dh_2048_256_prime;
1035 tr->dh_g = (const char *) &modp_dh_2048_256_generator;
1036 tr->dh_group = IKEV2_DH_GROUP_MODP;
1038 vec_add2 (km->supported_transforms, tr, 1);
1039 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1040 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_224;
1041 tr->key_len = 2048 / 8;
1042 tr->dh_p = (const char *) &modp_dh_2048_224_prime;
1043 tr->dh_g = (const char *) &modp_dh_2048_224_generator;
1044 tr->dh_group = IKEV2_DH_GROUP_MODP;
1046 vec_add2 (km->supported_transforms, tr, 1);
1047 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1048 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024_160;
1049 tr->key_len = 1024 / 8;
1050 tr->dh_p = (const char *) &modp_dh_1024_160_prime;
1051 tr->dh_g = (const char *) &modp_dh_1024_160_generator;
1052 tr->dh_group = IKEV2_DH_GROUP_MODP;
1054 vec_add2 (km->supported_transforms, tr, 1);
1055 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1056 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_8192;
1057 tr->key_len = 8192 / 8;
1058 tr->dh_p = (const char *) &modp_dh_8192_prime;
1059 tr->dh_g = (const char *) &modp_dh_8192_generator;
1060 tr->dh_group = IKEV2_DH_GROUP_MODP;
1062 vec_add2 (km->supported_transforms, tr, 1);
1063 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1064 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_6144;
1065 tr->key_len = 6144 / 8;
1066 tr->dh_p = (const char *) &modp_dh_6144_prime;
1067 tr->dh_g = (const char *) &modp_dh_6144_generator;
1068 tr->dh_group = IKEV2_DH_GROUP_MODP;
1070 vec_add2 (km->supported_transforms, tr, 1);
1071 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1072 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_4096;
1073 tr->key_len = 4096 / 8;
1074 tr->dh_p = (const char *) &modp_dh_4096_prime;
1075 tr->dh_g = (const char *) &modp_dh_4096_generator;
1076 tr->dh_group = IKEV2_DH_GROUP_MODP;
1078 vec_add2 (km->supported_transforms, tr, 1);
1079 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1080 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_3072;
1081 tr->key_len = 3072 / 8;
1082 tr->dh_p = (const char *) &modp_dh_3072_prime;
1083 tr->dh_g = (const char *) &modp_dh_3072_generator;
1084 tr->dh_group = IKEV2_DH_GROUP_MODP;
1086 vec_add2 (km->supported_transforms, tr, 1);
1087 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1088 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048;
1089 tr->key_len = 2048 / 8;
1090 tr->dh_p = (const char *) &modp_dh_2048_prime;
1091 tr->dh_g = (const char *) &modp_dh_2048_generator;
1092 tr->dh_group = IKEV2_DH_GROUP_MODP;
1094 vec_add2 (km->supported_transforms, tr, 1);
1095 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1096 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1536;
1097 tr->key_len = 1536 / 8;
1098 tr->dh_p = (const char *) &modp_dh_1536_prime;
1099 tr->dh_g = (const char *) &modp_dh_1536_generator;
1100 tr->dh_group = IKEV2_DH_GROUP_MODP;
1102 vec_add2 (km->supported_transforms, tr, 1);
1103 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1104 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024;
1105 tr->key_len = 1024 / 8;
1106 tr->dh_p = (const char *) &modp_dh_1024_prime;
1107 tr->dh_g = (const char *) &modp_dh_1024_generator;
1108 tr->dh_group = IKEV2_DH_GROUP_MODP;
1110 vec_add2 (km->supported_transforms, tr, 1);
1111 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1112 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_768;
1113 tr->key_len = 768 / 8;
1114 tr->dh_p = (const char *) &modp_dh_768_prime;
1115 tr->dh_g = (const char *) &modp_dh_768_generator;
1116 tr->dh_group = IKEV2_DH_GROUP_MODP;
1118 vec_add2 (km->supported_transforms, tr, 1);
1119 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1120 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_ESN;
1122 vec_add2 (km->supported_transforms, tr, 1);
1123 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1124 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_NO_ESN;
1130 * fd.io coding-style-patch-verification: ON
1133 * eval: (c-set-style "gnu")