2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vlib/vlib.h>
17 #include <vnet/vnet.h>
18 #include <vnet/pg/pg.h>
19 #include <vppinfra/error.h>
20 #include <vnet/udp/udp.h>
21 #include <plugins/ikev2/ikev2.h>
22 #include <plugins/ikev2/ikev2_priv.h>
23 #include <openssl/obj_mac.h>
24 #include <openssl/ec.h>
25 #include <openssl/x509.h>
26 #include <openssl/pem.h>
27 #include <openssl/bn.h>
28 #include <openssl/dh.h>
31 static const char modp_dh_768_prime[] =
32 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
33 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
34 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
35 "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF";
36 static const char modp_dh_768_generator[] = "02";
38 static const char modp_dh_1024_prime[] =
39 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
40 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
41 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
42 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
43 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" "FFFFFFFFFFFFFFFF";
44 static const char modp_dh_1024_generator[] = "02";
47 static const char modp_dh_1536_prime[] =
48 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
49 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
50 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
51 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
52 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
53 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
54 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
55 "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF";
56 static const char modp_dh_1536_generator[] = "02";
58 static const char modp_dh_2048_prime[] =
59 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
60 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
61 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
62 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
63 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
64 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
65 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
66 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
67 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
68 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
69 "15728E5A8AACAA68FFFFFFFFFFFFFFFF";
70 static const char modp_dh_2048_generator[] = "02";
72 static const char modp_dh_3072_prime[] =
73 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
74 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
75 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
76 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
77 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
78 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
79 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
80 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
81 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
82 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
83 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
84 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
85 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
86 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
87 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
88 "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF";
89 static const char modp_dh_3072_generator[] = "02";
91 static const char modp_dh_4096_prime[] =
92 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
93 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
94 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
95 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
96 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
97 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
98 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
99 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
100 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
101 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
102 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
103 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
104 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
105 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
106 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
107 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
108 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
109 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
110 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
111 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
112 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" "FFFFFFFFFFFFFFFF";
113 static const char modp_dh_4096_generator[] = "02";
115 static const char modp_dh_6144_prime[] =
116 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
117 "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
118 "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
119 "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
120 "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
121 "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
122 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
123 "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
124 "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
125 "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
126 "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
127 "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
128 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
129 "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
130 "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
131 "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
132 "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
133 "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
134 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
135 "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
136 "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
137 "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
138 "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
139 "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
140 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
141 "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
142 "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E"
143 "6DCC4024FFFFFFFFFFFFFFFF";
144 static const char modp_dh_6144_generator[] = "02";
146 static const char modp_dh_8192_prime[] =
147 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
148 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
149 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
150 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
151 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
152 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
153 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
154 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
155 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
156 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
157 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
158 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
159 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
160 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
161 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
162 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
163 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
164 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
165 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
166 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
167 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
168 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD"
169 "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831"
170 "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B"
171 "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF"
172 "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6"
173 "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3"
174 "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
175 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328"
176 "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C"
177 "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE"
178 "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4"
179 "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300"
180 "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568"
181 "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9"
182 "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B"
183 "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A"
184 "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36"
185 "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1"
186 "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92"
187 "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47"
188 "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71"
189 "60C980DD98EDD3DFFFFFFFFFFFFFFFFF";
190 static const char modp_dh_8192_generator[] = "02";
193 static const char modp_dh_1024_160_prime[] =
194 "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
195 "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0"
196 "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
197 "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0"
198 "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" "DF1FB2BC2E4A4371";
199 static const char modp_dh_1024_160_generator[] =
200 "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
201 "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213"
202 "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
203 "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A"
204 "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" "855E6EEB22B3B2E5";
206 static const char modp_dh_2048_224_prime[] =
207 "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"
208 "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15"
209 "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"
210 "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207"
211 "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"
212 "B3BF8A317091883681286130BC8985DB1602E714415D9330"
213 "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"
214 "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8"
215 "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"
216 "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71"
217 "CF9DE5384E71B81C0AC4DFFE0C10E64F";
218 static const char modp_dh_2048_224_generator[] =
219 "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"
220 "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"
221 "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"
222 "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"
223 "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"
224 "F180EB34118E98D119529A45D6F834566E3025E316A330EF"
225 "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"
226 "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"
227 "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"
228 "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"
229 "81BC087F2A7065B384B890D3191F2BFA";
231 static const char modp_dh_2048_256_prime[] =
232 "87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F2"
233 "5D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA30"
234 "16C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD"
235 "5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B"
236 "6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C"
237 "4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0E"
238 "F13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D9"
239 "67E144E5140564251CCACB83E6B486F6B3CA3F7971506026"
240 "C0B857F689962856DED4010ABD0BE621C3A3960A54E710C3"
241 "75F26375D7014103A4B54330C198AF126116D2276E11715F"
242 "693877FAD7EF09CADB094AE91E1A1597";
243 static const char modp_dh_2048_256_generator[] =
244 "3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF2054"
245 "07F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555"
246 "BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18"
247 "A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B"
248 "777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC83"
249 "1D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55"
250 "A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14"
251 "C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915"
252 "B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6"
253 "184B523D1DB246C32F63078490F00EF8D647D148D4795451"
254 "5E2327CFEF98C582664B4C0F6CC41659";
257 ikev2_calc_prf (ikev2_sa_transform_t * tr, v8 * key, v8 * data)
259 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
265 unsigned int len = 0;
267 prf = vec_new (u8, tr->key_trunc);
268 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
269 ctx = HMAC_CTX_new ();
270 HMAC_Init_ex (ctx, key, vec_len (key), tr->md, NULL);
271 HMAC_Update (ctx, data, vec_len (data));
272 HMAC_Final (ctx, prf, &len);
274 HMAC_CTX_init (&ctx);
275 HMAC_Init_ex (&ctx, key, vec_len (key), tr->md, NULL);
276 HMAC_Update (&ctx, data, vec_len (data));
277 HMAC_Final (&ctx, prf, &len);
278 HMAC_CTX_cleanup (&ctx);
280 ASSERT (len == tr->key_trunc);
286 ikev2_calc_prfplus (ikev2_sa_transform_t * tr, u8 * key, u8 * seed, int len)
288 v8 *t = 0, *s = 0, *tmp = 0, *ret = 0;
291 /* prf+ (K,S) = T1 | T2 | T3 | T4 | ...
294 T1 = prf (K, S | 0x01)
295 T2 = prf (K, T1 | S | 0x02)
296 T3 = prf (K, T2 | S | 0x03)
297 T4 = prf (K, T3 | S | 0x04)
300 while (vec_len (ret) < len && x < 255)
308 vec_append (s, seed);
309 vec_add2 (s, tmp, 1);
311 t = ikev2_calc_prf (tr, key, s);
328 ikev2_calc_integr (ikev2_sa_transform_t * tr, v8 * key, u8 * data, int len)
331 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
338 ASSERT (tr->type == IKEV2_TRANSFORM_TYPE_INTEG);
340 r = vec_new (u8, tr->key_len);
342 if (tr->md == EVP_sha1 ())
344 clib_warning ("integrity checking with sha1");
346 else if (tr->md == EVP_sha256 ())
348 clib_warning ("integrity checking with sha256");
351 /* verify integrity of data */
352 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
353 hctx = HMAC_CTX_new ();
354 HMAC_Init_ex (hctx, key, vec_len (key), tr->md, NULL);
355 HMAC_Update (hctx, (const u8 *) data, len);
356 HMAC_Final (hctx, r, &l);
358 HMAC_CTX_init (&hctx);
359 HMAC_Init_ex (&hctx, key, vec_len (key), tr->md, NULL);
360 HMAC_Update (&hctx, (const u8 *) data, len);
361 HMAC_Final (&hctx, r, &l);
362 HMAC_CTX_cleanup (&hctx);
365 ASSERT (l == tr->key_len);
371 ikev2_decrypt_data (ikev2_sa_t * sa, u8 * data, int len)
373 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
379 int out_len = 0, block_size;
380 ikev2_sa_transform_t *tr_encr;
381 u8 *key = sa->is_initiator ? sa->sk_er : sa->sk_ei;
384 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
385 block_size = tr_encr->block_size;
387 /* check if data is multiplier of cipher block size */
388 if (len % block_size)
390 clib_warning ("wrong data length");
394 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
395 ctx = EVP_CIPHER_CTX_new ();
397 EVP_CIPHER_CTX_init (&ctx);
400 r = vec_new (u8, len - block_size);
402 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
403 EVP_DecryptInit_ex (ctx, tr_encr->cipher, NULL, key, data);
404 EVP_DecryptUpdate (ctx, r, &out_len, data + block_size, len - block_size);
405 EVP_DecryptFinal_ex (ctx, r + out_len, &out_len);
407 EVP_DecryptInit_ex (&ctx, tr_encr->cipher, NULL, key, data);
408 EVP_DecryptUpdate (&ctx, r, &out_len, data + block_size, len - block_size);
409 EVP_DecryptFinal_ex (&ctx, r + out_len, &out_len);
412 _vec_len (r) -= r[vec_len (r) - 1] + 1;
414 #if OPENSSL_VERSION_NUMBER < 0x10100000L
415 EVP_CIPHER_CTX_cleanup (&ctx);
421 ikev2_encrypt_data (ikev2_sa_t * sa, v8 * src, u8 * dst)
423 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
430 ikev2_sa_transform_t *tr_encr;
431 u8 *key = sa->is_initiator ? sa->sk_ei : sa->sk_er;
434 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
435 bs = tr_encr->block_size;
438 RAND_bytes (dst, bs);
440 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
441 ctx = EVP_CIPHER_CTX_new ();
442 EVP_EncryptInit_ex (ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
443 EVP_EncryptUpdate (ctx, dst + bs, &out_len, src, vec_len (src));
445 EVP_CIPHER_CTX_init (&ctx);
446 EVP_EncryptInit_ex (&ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
447 EVP_EncryptUpdate (&ctx, dst + bs, &out_len, src, vec_len (src));
448 EVP_CIPHER_CTX_cleanup (&ctx);
451 ASSERT (vec_len (src) == out_len);
457 ikev2_generate_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
461 if (t->dh_group == IKEV2_DH_GROUP_MODP)
464 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
467 const BIGNUM *pub_key, *priv_key;
469 BN_hex2bn (&p, t->dh_p);
470 BN_hex2bn (&g, t->dh_g);
471 DH_set0_pqg (dh, p, NULL, g);
473 BN_hex2bn (&dh->p, t->dh_p);
474 BN_hex2bn (&dh->g, t->dh_g);
476 DH_generate_key (dh);
478 if (sa->is_initiator)
480 sa->i_dh_data = vec_new (u8, t->key_len);
481 sa->dh_private_key = vec_new (u8, t->key_len);
482 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
483 DH_get0_key (dh, &pub_key, &priv_key);
484 r = BN_bn2bin (pub_key, sa->i_dh_data);
485 ASSERT (r == t->key_len);
486 r = BN_bn2bin (priv_key, sa->dh_private_key);
488 r = BN_bn2bin (dh->pub_key, sa->i_dh_data);
489 ASSERT (r == t->key_len);
490 r = BN_bn2bin (dh->priv_key, sa->dh_private_key);
492 ASSERT (r == t->key_len);
496 sa->r_dh_data = vec_new (u8, t->key_len);
497 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
498 DH_get0_key (dh, &pub_key, &priv_key);
499 r = BN_bn2bin (pub_key, sa->r_dh_data);
501 r = BN_bn2bin (dh->pub_key, sa->r_dh_data);
503 ASSERT (r == t->key_len);
506 sa->dh_shared_key = vec_new (u8, t->key_len);
507 ex = BN_bin2bn (sa->i_dh_data, vec_len (sa->i_dh_data), NULL);
508 r = DH_compute_key (sa->dh_shared_key, ex, dh);
509 ASSERT (r == t->key_len);
514 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
516 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
519 EC_KEY_generate_key (ec);
521 const EC_POINT *r_point = EC_KEY_get0_public_key (ec);
522 const EC_GROUP *group = EC_KEY_get0_group (ec);
523 BIGNUM *x = NULL, *y = NULL;
524 BN_CTX *bn_ctx = BN_CTX_new ();
525 u16 x_off, y_off, len;
526 EC_POINT *i_point = EC_POINT_new (group);
527 EC_POINT *shared_point = EC_POINT_new (group);
531 len = t->key_len / 2;
533 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
534 EC_POINT_get_affine_coordinates (group, r_point, x, y, bn_ctx);
536 EC_POINT_get_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
539 if (sa->is_initiator)
541 sa->i_dh_data = vec_new (u8, t->key_len);
542 x_off = len - BN_num_bytes (x);
543 clib_memset (sa->i_dh_data, 0, x_off);
544 BN_bn2bin (x, sa->i_dh_data + x_off);
545 y_off = t->key_len - BN_num_bytes (y);
546 clib_memset (sa->i_dh_data + len, 0, y_off - len);
547 BN_bn2bin (y, sa->i_dh_data + y_off);
549 const BIGNUM *prv = EC_KEY_get0_private_key (ec);
550 sa->dh_private_key = vec_new (u8, BN_num_bytes (prv));
551 r = BN_bn2bin (prv, sa->dh_private_key);
552 ASSERT (r == BN_num_bytes (prv));
556 sa->r_dh_data = vec_new (u8, t->key_len);
557 x_off = len - BN_num_bytes (x);
558 clib_memset (sa->r_dh_data, 0, x_off);
559 BN_bn2bin (x, sa->r_dh_data + x_off);
560 y_off = t->key_len - BN_num_bytes (y);
561 clib_memset (sa->r_dh_data + len, 0, y_off - len);
562 BN_bn2bin (y, sa->r_dh_data + y_off);
564 x = BN_bin2bn (sa->i_dh_data, len, x);
565 y = BN_bin2bn (sa->i_dh_data + len, len, y);
566 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
567 EC_POINT_set_affine_coordinates (group, i_point, x, y, bn_ctx);
569 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
571 sa->dh_shared_key = vec_new (u8, t->key_len);
572 EC_POINT_mul (group, shared_point, NULL, i_point,
573 EC_KEY_get0_private_key (ec), NULL);
574 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
575 EC_POINT_get_affine_coordinates (group, shared_point, x, y, bn_ctx);
577 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y,
580 x_off = len - BN_num_bytes (x);
581 clib_memset (sa->dh_shared_key, 0, x_off);
582 BN_bn2bin (x, sa->dh_shared_key + x_off);
583 y_off = t->key_len - BN_num_bytes (y);
584 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
585 BN_bn2bin (y, sa->dh_shared_key + y_off);
591 BN_CTX_free (bn_ctx);
592 EC_POINT_free (i_point);
593 EC_POINT_free (shared_point);
598 ikev2_complete_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
602 if (t->dh_group == IKEV2_DH_GROUP_MODP)
605 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
610 BN_hex2bn (&p, t->dh_p);
611 BN_hex2bn (&g, t->dh_g);
612 DH_set0_pqg (dh, p, NULL, g);
615 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
616 DH_set0_key (dh, NULL, priv_key);
618 BN_hex2bn (&dh->p, t->dh_p);
619 BN_hex2bn (&dh->g, t->dh_g);
622 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
625 sa->dh_shared_key = vec_new (u8, t->key_len);
626 ex = BN_bin2bn (sa->r_dh_data, vec_len (sa->r_dh_data), NULL);
627 r = DH_compute_key (sa->dh_shared_key, ex, dh);
628 ASSERT (r == t->key_len);
632 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
634 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
637 const EC_GROUP *group = EC_KEY_get0_group (ec);
638 BIGNUM *x = NULL, *y = NULL;
639 BN_CTX *bn_ctx = BN_CTX_new ();
640 u16 x_off, y_off, len;
644 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
645 EC_KEY_set_private_key (ec, prv);
649 len = t->key_len / 2;
651 x = BN_bin2bn (sa->r_dh_data, len, x);
652 y = BN_bin2bn (sa->r_dh_data + len, len, y);
653 EC_POINT *r_point = EC_POINT_new (group);
654 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
655 EC_POINT_set_affine_coordinates (group, r_point, x, y, bn_ctx);
657 EC_POINT_set_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
659 EC_KEY_set_public_key (ec, r_point);
661 EC_POINT *i_point = EC_POINT_new (group);
662 EC_POINT *shared_point = EC_POINT_new (group);
664 x = BN_bin2bn (sa->i_dh_data, len, x);
665 y = BN_bin2bn (sa->i_dh_data + len, len, y);
666 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
667 EC_POINT_set_affine_coordinates (group, i_point, x, y, bn_ctx);
669 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
671 EC_POINT_mul (group, shared_point, NULL, r_point,
672 EC_KEY_get0_private_key (ec), NULL);
673 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
674 EC_POINT_get_affine_coordinates (group, shared_point, x, y, bn_ctx);
676 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y, bn_ctx);
678 sa->dh_shared_key = vec_new (u8, t->key_len);
679 x_off = len - BN_num_bytes (x);
680 clib_memset (sa->dh_shared_key, 0, x_off);
681 BN_bn2bin (x, sa->dh_shared_key + x_off);
682 y_off = t->key_len - BN_num_bytes (y);
683 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
684 BN_bn2bin (y, sa->dh_shared_key + y_off);
690 BN_CTX_free (bn_ctx);
691 EC_POINT_free (i_point);
692 EC_POINT_free (r_point);
693 EC_POINT_free (shared_point);
698 ikev2_verify_sign (EVP_PKEY * pkey, u8 * sigbuf, u8 * data)
700 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
701 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
704 EVP_MD_CTX_init (&md_ctx);
707 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
708 EVP_VerifyInit (md_ctx, EVP_sha1 ());
709 EVP_VerifyUpdate (md_ctx, data, vec_len (data));
711 EVP_VerifyInit_ex (&md_ctx, EVP_sha1 (), NULL);
712 EVP_VerifyUpdate (&md_ctx, data, vec_len (data));
715 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
716 return EVP_VerifyFinal (md_ctx, sigbuf, vec_len (sigbuf), pkey);
718 return EVP_VerifyFinal (&md_ctx, sigbuf, vec_len (sigbuf), pkey);
723 ikev2_calc_sign (EVP_PKEY * pkey, u8 * data)
725 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
726 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
730 unsigned int sig_len = 0;
733 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
734 EVP_SignInit (md_ctx, EVP_sha1 ());
735 EVP_SignUpdate (md_ctx, data, vec_len (data));
737 EVP_SignFinal (md_ctx, NULL, &sig_len, pkey);
738 sign = vec_new (u8, sig_len);
740 EVP_SignFinal (md_ctx, sign, &sig_len, pkey);
742 EVP_SignInit (&md_ctx, EVP_sha1 ());
743 EVP_SignUpdate (&md_ctx, data, vec_len (data));
745 EVP_SignFinal (&md_ctx, NULL, &sig_len, pkey);
746 sign = vec_new (u8, sig_len);
748 EVP_SignFinal (&md_ctx, sign, &sig_len, pkey);
754 ikev2_load_cert_file (u8 * file)
758 EVP_PKEY *pkey = NULL;
760 fp = fopen ((char *) file, "r");
763 clib_warning ("open %s failed", file);
767 x509 = PEM_read_X509 (fp, NULL, NULL, NULL);
771 clib_warning ("read cert %s failed", file);
775 pkey = X509_get_pubkey (x509);
777 clib_warning ("get pubkey %s failed", file);
784 ikev2_load_key_file (u8 * file)
787 EVP_PKEY *pkey = NULL;
789 fp = fopen ((char *) file, "r");
792 clib_warning ("open %s failed", file);
796 pkey = PEM_read_PrivateKey (fp, NULL, NULL, NULL);
799 clib_warning ("read %s failed", file);
806 ikev2_crypto_init (ikev2_main_t * km)
808 ikev2_sa_transform_t *tr;
810 /* vector of supported transforms - in order of preference */
814 vec_add2 (km->supported_transforms, tr, 1);
815 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
816 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
817 tr->key_len = 256 / 8;
818 tr->block_size = 128 / 8;
819 tr->cipher = EVP_aes_256_cbc ();
821 vec_add2 (km->supported_transforms, tr, 1);
822 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
823 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
824 tr->key_len = 192 / 8;
825 tr->block_size = 128 / 8;
826 tr->cipher = EVP_aes_192_cbc ();
828 vec_add2 (km->supported_transforms, tr, 1);
829 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
830 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
831 tr->key_len = 128 / 8;
832 tr->block_size = 128 / 8;
833 tr->cipher = EVP_aes_128_cbc ();
836 vec_add2 (km->supported_transforms, tr, 1);
837 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
838 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_256;
839 tr->key_len = 256 / 8;
840 tr->key_trunc = 256 / 8;
841 tr->md = EVP_sha256 ();
843 vec_add2 (km->supported_transforms, tr, 1);
844 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
845 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_384;
846 tr->key_len = 384 / 8;
847 tr->key_trunc = 384 / 8;
848 tr->md = EVP_sha384 ();
850 vec_add2 (km->supported_transforms, tr, 1);
851 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
852 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_512;
853 tr->key_len = 512 / 8;
854 tr->key_trunc = 512 / 8;
855 tr->md = EVP_sha512 ();
857 vec_add2 (km->supported_transforms, tr, 1);
858 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
859 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA1;
860 tr->key_len = 160 / 8;
861 tr->key_trunc = 160 / 8;
862 tr->md = EVP_sha1 ();
865 vec_add2 (km->supported_transforms, tr, 1);
866 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
867 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_256_128;
868 tr->key_len = 256 / 8;
869 tr->key_trunc = 128 / 8;
870 tr->md = EVP_sha256 ();
872 vec_add2 (km->supported_transforms, tr, 1);
873 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
874 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_384_192;
875 tr->key_len = 384 / 8;
876 tr->key_trunc = 192 / 8;
877 tr->md = EVP_sha384 ();
879 vec_add2 (km->supported_transforms, tr, 1);
880 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
881 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_512_256;
882 tr->key_len = 512 / 8;
883 tr->key_trunc = 256 / 8;
884 tr->md = EVP_sha512 ();
886 vec_add2 (km->supported_transforms, tr, 1);
887 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
888 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_160;
889 tr->key_len = 160 / 8;
890 tr->key_trunc = 160 / 8;
891 tr->md = EVP_sha1 ();
893 vec_add2 (km->supported_transforms, tr, 1);
894 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
895 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96;
896 tr->key_len = 160 / 8;
897 tr->key_trunc = 96 / 8;
898 tr->md = EVP_sha1 ();
901 #if defined(OPENSSL_NO_CISCO_FECDH)
902 vec_add2 (km->supported_transforms, tr, 1);
903 tr->type = IKEV2_TRANSFORM_TYPE_DH;
904 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_512;
905 tr->key_len = (512 * 2) / 8;
906 tr->nid = NID_brainpoolP512r1;
907 tr->dh_group = IKEV2_DH_GROUP_ECP;
909 vec_add2 (km->supported_transforms, tr, 1);
910 tr->type = IKEV2_TRANSFORM_TYPE_DH;
911 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_384;
912 tr->key_len = (384 * 2) / 8;
913 tr->nid = NID_brainpoolP384r1;
914 tr->dh_group = IKEV2_DH_GROUP_ECP;
916 vec_add2 (km->supported_transforms, tr, 1);
917 tr->type = IKEV2_TRANSFORM_TYPE_DH;
918 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_256;
919 tr->key_len = (256 * 2) / 8;
920 tr->nid = NID_brainpoolP256r1;
921 tr->dh_group = IKEV2_DH_GROUP_ECP;
923 vec_add2 (km->supported_transforms, tr, 1);
924 tr->type = IKEV2_TRANSFORM_TYPE_DH;
925 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_224;
926 tr->key_len = (224 * 2) / 8;
927 tr->nid = NID_brainpoolP224r1;
928 tr->dh_group = IKEV2_DH_GROUP_ECP;
930 vec_add2 (km->supported_transforms, tr, 1);
931 tr->type = IKEV2_TRANSFORM_TYPE_DH;
932 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_224;
933 tr->key_len = (224 * 2) / 8;
934 tr->nid = NID_secp224r1;
935 tr->dh_group = IKEV2_DH_GROUP_ECP;
938 vec_add2 (km->supported_transforms, tr, 1);
939 tr->type = IKEV2_TRANSFORM_TYPE_DH;
940 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_521;
941 tr->key_len = (528 * 2) / 8;
942 tr->nid = NID_secp521r1;
943 tr->dh_group = IKEV2_DH_GROUP_ECP;
945 vec_add2 (km->supported_transforms, tr, 1);
946 tr->type = IKEV2_TRANSFORM_TYPE_DH;
947 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_384;
948 tr->key_len = (384 * 2) / 8;
949 tr->nid = NID_secp384r1;
950 tr->dh_group = IKEV2_DH_GROUP_ECP;
952 vec_add2 (km->supported_transforms, tr, 1);
953 tr->type = IKEV2_TRANSFORM_TYPE_DH;
954 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_256;
955 tr->key_len = (256 * 2) / 8;
956 tr->nid = NID_X9_62_prime256v1;
957 tr->dh_group = IKEV2_DH_GROUP_ECP;
959 vec_add2 (km->supported_transforms, tr, 1);
960 tr->type = IKEV2_TRANSFORM_TYPE_DH;
961 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_192;
962 tr->key_len = (192 * 2) / 8;
963 tr->nid = NID_X9_62_prime192v1;
964 tr->dh_group = IKEV2_DH_GROUP_ECP;
966 vec_add2 (km->supported_transforms, tr, 1);
967 tr->type = IKEV2_TRANSFORM_TYPE_DH;
968 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_256;
969 tr->key_len = 2048 / 8;
970 tr->dh_p = (const char *) &modp_dh_2048_256_prime;
971 tr->dh_g = (const char *) &modp_dh_2048_256_generator;
972 tr->dh_group = IKEV2_DH_GROUP_MODP;
974 vec_add2 (km->supported_transforms, tr, 1);
975 tr->type = IKEV2_TRANSFORM_TYPE_DH;
976 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_224;
977 tr->key_len = 2048 / 8;
978 tr->dh_p = (const char *) &modp_dh_2048_224_prime;
979 tr->dh_g = (const char *) &modp_dh_2048_224_generator;
980 tr->dh_group = IKEV2_DH_GROUP_MODP;
982 vec_add2 (km->supported_transforms, tr, 1);
983 tr->type = IKEV2_TRANSFORM_TYPE_DH;
984 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024_160;
985 tr->key_len = 1024 / 8;
986 tr->dh_p = (const char *) &modp_dh_1024_160_prime;
987 tr->dh_g = (const char *) &modp_dh_1024_160_generator;
988 tr->dh_group = IKEV2_DH_GROUP_MODP;
990 vec_add2 (km->supported_transforms, tr, 1);
991 tr->type = IKEV2_TRANSFORM_TYPE_DH;
992 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_8192;
993 tr->key_len = 8192 / 8;
994 tr->dh_p = (const char *) &modp_dh_8192_prime;
995 tr->dh_g = (const char *) &modp_dh_8192_generator;
996 tr->dh_group = IKEV2_DH_GROUP_MODP;
998 vec_add2 (km->supported_transforms, tr, 1);
999 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1000 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_6144;
1001 tr->key_len = 6144 / 8;
1002 tr->dh_p = (const char *) &modp_dh_6144_prime;
1003 tr->dh_g = (const char *) &modp_dh_6144_generator;
1004 tr->dh_group = IKEV2_DH_GROUP_MODP;
1006 vec_add2 (km->supported_transforms, tr, 1);
1007 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1008 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_4096;
1009 tr->key_len = 4096 / 8;
1010 tr->dh_p = (const char *) &modp_dh_4096_prime;
1011 tr->dh_g = (const char *) &modp_dh_4096_generator;
1012 tr->dh_group = IKEV2_DH_GROUP_MODP;
1014 vec_add2 (km->supported_transforms, tr, 1);
1015 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1016 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_3072;
1017 tr->key_len = 3072 / 8;
1018 tr->dh_p = (const char *) &modp_dh_3072_prime;
1019 tr->dh_g = (const char *) &modp_dh_3072_generator;
1020 tr->dh_group = IKEV2_DH_GROUP_MODP;
1022 vec_add2 (km->supported_transforms, tr, 1);
1023 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1024 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048;
1025 tr->key_len = 2048 / 8;
1026 tr->dh_p = (const char *) &modp_dh_2048_prime;
1027 tr->dh_g = (const char *) &modp_dh_2048_generator;
1028 tr->dh_group = IKEV2_DH_GROUP_MODP;
1030 vec_add2 (km->supported_transforms, tr, 1);
1031 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1032 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1536;
1033 tr->key_len = 1536 / 8;
1034 tr->dh_p = (const char *) &modp_dh_1536_prime;
1035 tr->dh_g = (const char *) &modp_dh_1536_generator;
1036 tr->dh_group = IKEV2_DH_GROUP_MODP;
1038 vec_add2 (km->supported_transforms, tr, 1);
1039 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1040 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024;
1041 tr->key_len = 1024 / 8;
1042 tr->dh_p = (const char *) &modp_dh_1024_prime;
1043 tr->dh_g = (const char *) &modp_dh_1024_generator;
1044 tr->dh_group = IKEV2_DH_GROUP_MODP;
1046 vec_add2 (km->supported_transforms, tr, 1);
1047 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1048 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_768;
1049 tr->key_len = 768 / 8;
1050 tr->dh_p = (const char *) &modp_dh_768_prime;
1051 tr->dh_g = (const char *) &modp_dh_768_generator;
1052 tr->dh_group = IKEV2_DH_GROUP_MODP;
1054 vec_add2 (km->supported_transforms, tr, 1);
1055 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1056 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_ESN;
1058 vec_add2 (km->supported_transforms, tr, 1);
1059 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1060 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_NO_ESN;
1066 * fd.io coding-style-patch-verification: ON
1069 * eval: (c-set-style "gnu")