2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vlib/vlib.h>
17 #include <vnet/vnet.h>
18 #include <vnet/pg/pg.h>
19 #include <vppinfra/error.h>
20 #include <vnet/udp/udp.h>
21 #include <plugins/ikev2/ikev2.h>
22 #include <plugins/ikev2/ikev2_priv.h>
23 #include <openssl/obj_mac.h>
24 #include <openssl/ec.h>
25 #include <openssl/x509.h>
26 #include <openssl/pem.h>
27 #include <openssl/bn.h>
28 #include <openssl/dh.h>
31 static const char modp_dh_768_prime[] =
32 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
33 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
34 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
35 "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF";
36 static const char modp_dh_768_generator[] = "02";
38 static const char modp_dh_1024_prime[] =
39 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
40 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
41 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
42 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
43 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" "FFFFFFFFFFFFFFFF";
44 static const char modp_dh_1024_generator[] = "02";
47 static const char modp_dh_1536_prime[] =
48 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
49 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
50 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
51 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
52 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
53 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
54 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
55 "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF";
56 static const char modp_dh_1536_generator[] = "02";
58 static const char modp_dh_2048_prime[] =
59 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
60 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
61 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
62 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
63 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
64 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
65 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
66 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
67 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
68 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
69 "15728E5A8AACAA68FFFFFFFFFFFFFFFF";
70 static const char modp_dh_2048_generator[] = "02";
72 static const char modp_dh_3072_prime[] =
73 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
74 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
75 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
76 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
77 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
78 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
79 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
80 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
81 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
82 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
83 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
84 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
85 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
86 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
87 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
88 "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF";
89 static const char modp_dh_3072_generator[] = "02";
91 static const char modp_dh_4096_prime[] =
92 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
93 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
94 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
95 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
96 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
97 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
98 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
99 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
100 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
101 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
102 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
103 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
104 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
105 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
106 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
107 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
108 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
109 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
110 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
111 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
112 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" "FFFFFFFFFFFFFFFF";
113 static const char modp_dh_4096_generator[] = "02";
115 static const char modp_dh_6144_prime[] =
116 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
117 "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
118 "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
119 "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
120 "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
121 "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
122 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
123 "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
124 "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
125 "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
126 "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
127 "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
128 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
129 "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
130 "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
131 "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
132 "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
133 "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
134 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
135 "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
136 "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
137 "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
138 "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
139 "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
140 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
141 "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
142 "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E"
143 "6DCC4024FFFFFFFFFFFFFFFF";
144 static const char modp_dh_6144_generator[] = "02";
146 static const char modp_dh_8192_prime[] =
147 "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
148 "29024E088A67CC74020BBEA63B139B22514A08798E3404DD"
149 "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
150 "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED"
151 "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
152 "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F"
153 "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
154 "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B"
155 "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
156 "DE2BCBF6955817183995497CEA956AE515D2261898FA0510"
157 "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
158 "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7"
159 "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
160 "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
161 "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
162 "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7"
163 "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
164 "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6"
165 "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
166 "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9"
167 "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
168 "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD"
169 "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831"
170 "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B"
171 "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF"
172 "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6"
173 "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3"
174 "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
175 "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328"
176 "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C"
177 "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE"
178 "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4"
179 "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300"
180 "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568"
181 "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9"
182 "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B"
183 "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A"
184 "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36"
185 "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1"
186 "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92"
187 "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47"
188 "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71"
189 "60C980DD98EDD3DFFFFFFFFFFFFFFFFF";
190 static const char modp_dh_8192_generator[] = "02";
193 static const char modp_dh_1024_160_prime[] =
194 "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
195 "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0"
196 "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
197 "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0"
198 "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708" "DF1FB2BC2E4A4371";
199 static const char modp_dh_1024_160_generator[] =
200 "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
201 "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213"
202 "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
203 "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A"
204 "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24" "855E6EEB22B3B2E5";
206 static const char modp_dh_2048_224_prime[] =
207 "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"
208 "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15"
209 "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"
210 "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207"
211 "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"
212 "B3BF8A317091883681286130BC8985DB1602E714415D9330"
213 "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"
214 "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8"
215 "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"
216 "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71"
217 "CF9DE5384E71B81C0AC4DFFE0C10E64F";
218 static const char modp_dh_2048_224_generator[] =
219 "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"
220 "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA"
221 "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"
222 "C17669101999024AF4D027275AC1348BB8A762D0521BC98A"
223 "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"
224 "F180EB34118E98D119529A45D6F834566E3025E316A330EF"
225 "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"
226 "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381"
227 "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"
228 "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179"
229 "81BC087F2A7065B384B890D3191F2BFA";
231 static const char modp_dh_2048_256_prime[] =
232 "87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F2"
233 "5D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA30"
234 "16C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD"
235 "5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B"
236 "6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C"
237 "4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0E"
238 "F13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D9"
239 "67E144E5140564251CCACB83E6B486F6B3CA3F7971506026"
240 "C0B857F689962856DED4010ABD0BE621C3A3960A54E710C3"
241 "75F26375D7014103A4B54330C198AF126116D2276E11715F"
242 "693877FAD7EF09CADB094AE91E1A1597";
243 static const char modp_dh_2048_256_generator[] =
244 "3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF2054"
245 "07F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555"
246 "BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18"
247 "A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B"
248 "777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC83"
249 "1D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55"
250 "A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14"
251 "C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915"
252 "B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6"
253 "184B523D1DB246C32F63078490F00EF8D647D148D4795451"
254 "5E2327CFEF98C582664B4C0F6CC41659";
257 ikev2_calc_prf (ikev2_sa_transform_t * tr, v8 * key, v8 * data)
259 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
265 unsigned int len = 0;
267 prf = vec_new (u8, tr->key_trunc);
268 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
269 ctx = HMAC_CTX_new ();
270 HMAC_Init_ex (ctx, key, vec_len (key), tr->md, NULL);
271 HMAC_Update (ctx, data, vec_len (data));
272 HMAC_Final (ctx, prf, &len);
274 HMAC_CTX_init (&ctx);
275 HMAC_Init_ex (&ctx, key, vec_len (key), tr->md, NULL);
276 HMAC_Update (&ctx, data, vec_len (data));
277 HMAC_Final (&ctx, prf, &len);
278 HMAC_CTX_cleanup (&ctx);
280 ASSERT (len == tr->key_trunc);
286 ikev2_calc_prfplus (ikev2_sa_transform_t * tr, u8 * key, u8 * seed, int len)
288 v8 *t = 0, *s = 0, *tmp = 0, *ret = 0;
291 /* prf+ (K,S) = T1 | T2 | T3 | T4 | ...
294 T1 = prf (K, S | 0x01)
295 T2 = prf (K, T1 | S | 0x02)
296 T3 = prf (K, T2 | S | 0x03)
297 T4 = prf (K, T3 | S | 0x04)
300 while (vec_len (ret) < len && x < 255)
308 vec_append (s, seed);
309 vec_add2 (s, tmp, 1);
311 t = ikev2_calc_prf (tr, key, s);
328 ikev2_calc_integr (ikev2_sa_transform_t * tr, v8 * key, u8 * data, int len)
331 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
338 ASSERT (tr->type == IKEV2_TRANSFORM_TYPE_INTEG);
340 r = vec_new (u8, tr->key_len);
342 if (tr->md == EVP_sha1 ())
344 clib_warning ("integrity checking with sha1");
346 else if (tr->md == EVP_sha256 ())
348 clib_warning ("integrity checking with sha256");
351 /* verify integrity of data */
352 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
353 hctx = HMAC_CTX_new ();
354 HMAC_Init_ex (hctx, key, vec_len (key), tr->md, NULL);
355 HMAC_Update (hctx, (const u8 *) data, len);
356 HMAC_Final (hctx, r, &l);
358 HMAC_CTX_init (&hctx);
359 HMAC_Init_ex (&hctx, key, vec_len (key), tr->md, NULL);
360 HMAC_Update (&hctx, (const u8 *) data, len);
361 HMAC_Final (&hctx, r, &l);
362 HMAC_CTX_cleanup (&hctx);
365 ASSERT (l == tr->key_len);
371 ikev2_decrypt_data (ikev2_sa_t * sa, u8 * data, int len)
373 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
379 int out_len = 0, block_size;
380 ikev2_sa_transform_t *tr_encr;
381 u8 *key = sa->is_initiator ? sa->sk_er : sa->sk_ei;
384 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
385 block_size = tr_encr->block_size;
387 /* check if data is multiplier of cipher block size */
388 if (len % block_size)
390 clib_warning ("wrong data length");
394 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
395 ctx = EVP_CIPHER_CTX_new ();
397 EVP_CIPHER_CTX_init (&ctx);
400 r = vec_new (u8, len - block_size);
402 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
403 EVP_DecryptInit_ex (ctx, tr_encr->cipher, NULL, key, data);
404 EVP_DecryptUpdate (ctx, r, &out_len, data + block_size, len - block_size);
405 EVP_DecryptFinal_ex (ctx, r + out_len, &out_len);
407 EVP_DecryptInit_ex (&ctx, tr_encr->cipher, NULL, key, data);
408 EVP_DecryptUpdate (&ctx, r, &out_len, data + block_size, len - block_size);
409 EVP_DecryptFinal_ex (&ctx, r + out_len, &out_len);
412 _vec_len (r) -= r[vec_len (r) - 1] + 1;
414 #if OPENSSL_VERSION_NUMBER < 0x10100000L
415 EVP_CIPHER_CTX_cleanup (&ctx);
421 ikev2_encrypt_data (ikev2_sa_t * sa, v8 * src, u8 * dst)
423 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
430 ikev2_sa_transform_t *tr_encr;
431 u8 *key = sa->is_initiator ? sa->sk_ei : sa->sk_er;
434 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
435 bs = tr_encr->block_size;
438 RAND_bytes (dst, bs);
440 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
441 ctx = EVP_CIPHER_CTX_new ();
442 EVP_EncryptInit_ex (ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
443 EVP_EncryptUpdate (ctx, dst + bs, &out_len, src, vec_len (src));
445 EVP_CIPHER_CTX_init (&ctx);
446 EVP_EncryptInit_ex (&ctx, tr_encr->cipher, NULL, key, dst /* dst */ );
447 EVP_EncryptUpdate (&ctx, dst + bs, &out_len, src, vec_len (src));
448 EVP_CIPHER_CTX_cleanup (&ctx);
451 ASSERT (vec_len (src) == out_len);
457 ikev2_generate_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
461 if (t->dh_group == IKEV2_DH_GROUP_MODP)
464 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
467 const BIGNUM *pub_key, *priv_key;
469 BN_hex2bn (&p, t->dh_p);
470 BN_hex2bn (&g, t->dh_g);
471 DH_set0_pqg (dh, p, NULL, g);
473 BN_hex2bn (&dh->p, t->dh_p);
474 BN_hex2bn (&dh->g, t->dh_g);
476 DH_generate_key (dh);
478 if (sa->is_initiator)
480 sa->i_dh_data = vec_new (u8, t->key_len);
481 sa->dh_private_key = vec_new (u8, t->key_len);
482 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
483 DH_get0_key (dh, &pub_key, &priv_key);
484 r = BN_bn2bin (pub_key, sa->i_dh_data);
485 ASSERT (r == t->key_len);
486 r = BN_bn2bin (priv_key, sa->dh_private_key);
488 r = BN_bn2bin (dh->pub_key, sa->i_dh_data);
489 ASSERT (r == t->key_len);
490 r = BN_bn2bin (dh->priv_key, sa->dh_private_key);
492 ASSERT (r == t->key_len);
496 sa->r_dh_data = vec_new (u8, t->key_len);
497 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
498 DH_get0_key (dh, &pub_key, &priv_key);
499 r = BN_bn2bin (pub_key, sa->r_dh_data);
501 r = BN_bn2bin (dh->pub_key, sa->r_dh_data);
503 ASSERT (r == t->key_len);
506 sa->dh_shared_key = vec_new (u8, t->key_len);
507 ex = BN_bin2bn (sa->i_dh_data, vec_len (sa->i_dh_data), NULL);
508 r = DH_compute_key (sa->dh_shared_key, ex, dh);
509 ASSERT (r == t->key_len);
514 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
516 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
519 EC_KEY_generate_key (ec);
521 const EC_POINT *r_point = EC_KEY_get0_public_key (ec);
522 const EC_GROUP *group = EC_KEY_get0_group (ec);
523 BIGNUM *x = NULL, *y = NULL;
524 BN_CTX *bn_ctx = BN_CTX_new ();
525 u16 x_off, y_off, len;
526 EC_POINT *i_point = EC_POINT_new (group);
527 EC_POINT *shared_point = EC_POINT_new (group);
531 len = t->key_len / 2;
533 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
534 EC_POINT_get_affine_coordinates (group, r_point, x, y, bn_ctx);
536 EC_POINT_get_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
539 if (sa->is_initiator)
541 sa->i_dh_data = vec_new (u8, t->key_len);
542 x_off = len - BN_num_bytes (x);
543 clib_memset (sa->i_dh_data, 0, x_off);
544 BN_bn2bin (x, sa->i_dh_data + x_off);
545 y_off = t->key_len - BN_num_bytes (y);
546 clib_memset (sa->i_dh_data + len, 0, y_off - len);
547 BN_bn2bin (y, sa->i_dh_data + y_off);
549 const BIGNUM *prv = EC_KEY_get0_private_key (ec);
550 sa->dh_private_key = vec_new (u8, BN_num_bytes (prv));
551 r = BN_bn2bin (prv, sa->dh_private_key);
552 ASSERT (r == BN_num_bytes (prv));
556 sa->r_dh_data = vec_new (u8, t->key_len);
557 x_off = len - BN_num_bytes (x);
558 clib_memset (sa->r_dh_data, 0, x_off);
559 BN_bn2bin (x, sa->r_dh_data + x_off);
560 y_off = t->key_len - BN_num_bytes (y);
561 clib_memset (sa->r_dh_data + len, 0, y_off - len);
562 BN_bn2bin (y, sa->r_dh_data + y_off);
564 x = BN_bin2bn (sa->i_dh_data, len, x);
565 y = BN_bin2bn (sa->i_dh_data + len, len, y);
566 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
567 EC_POINT_set_affine_coordinates (group, i_point, x, y, bn_ctx);
569 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
571 sa->dh_shared_key = vec_new (u8, t->key_len);
572 EC_POINT_mul (group, shared_point, NULL, i_point,
573 EC_KEY_get0_private_key (ec), NULL);
574 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
575 EC_POINT_get_affine_coordinates (group, shared_point, x, y, bn_ctx);
577 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y,
580 x_off = len - BN_num_bytes (x);
581 clib_memset (sa->dh_shared_key, 0, x_off);
582 BN_bn2bin (x, sa->dh_shared_key + x_off);
583 y_off = t->key_len - BN_num_bytes (y);
584 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
585 BN_bn2bin (y, sa->dh_shared_key + y_off);
591 BN_CTX_free (bn_ctx);
592 EC_POINT_free (i_point);
593 EC_POINT_free (shared_point);
598 ikev2_complete_dh (ikev2_sa_t * sa, ikev2_sa_transform_t * t)
602 if (t->dh_group == IKEV2_DH_GROUP_MODP)
605 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
610 BN_hex2bn (&p, t->dh_p);
611 BN_hex2bn (&g, t->dh_g);
612 DH_set0_pqg (dh, p, NULL, g);
615 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
616 DH_set0_key (dh, NULL, priv_key);
618 BN_hex2bn (&dh->p, t->dh_p);
619 BN_hex2bn (&dh->g, t->dh_g);
622 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
625 sa->dh_shared_key = vec_new (u8, t->key_len);
626 ex = BN_bin2bn (sa->r_dh_data, vec_len (sa->r_dh_data), NULL);
627 r = DH_compute_key (sa->dh_shared_key, ex, dh);
628 ASSERT (r == t->key_len);
632 else if (t->dh_group == IKEV2_DH_GROUP_ECP)
634 EC_KEY *ec = EC_KEY_new_by_curve_name (t->nid);
637 const EC_GROUP *group = EC_KEY_get0_group (ec);
638 BIGNUM *x = NULL, *y = NULL;
639 BN_CTX *bn_ctx = BN_CTX_new ();
640 u16 x_off, y_off, len;
644 BN_bin2bn (sa->dh_private_key, vec_len (sa->dh_private_key), NULL);
645 EC_KEY_set_private_key (ec, prv);
649 len = t->key_len / 2;
651 x = BN_bin2bn (sa->r_dh_data, len, x);
652 y = BN_bin2bn (sa->r_dh_data + len, len, y);
653 EC_POINT *r_point = EC_POINT_new (group);
654 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
655 EC_POINT_set_affine_coordinates (group, r_point, x, y, bn_ctx);
657 EC_POINT_set_affine_coordinates_GFp (group, r_point, x, y, bn_ctx);
659 EC_KEY_set_public_key (ec, r_point);
661 EC_POINT *i_point = EC_POINT_new (group);
662 EC_POINT *shared_point = EC_POINT_new (group);
664 x = BN_bin2bn (sa->i_dh_data, len, x);
665 y = BN_bin2bn (sa->i_dh_data + len, len, y);
666 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
667 EC_POINT_set_affine_coordinates (group, i_point, x, y, bn_ctx);
669 EC_POINT_set_affine_coordinates_GFp (group, i_point, x, y, bn_ctx);
671 EC_POINT_mul (group, shared_point, NULL, r_point,
672 EC_KEY_get0_private_key (ec), NULL);
673 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
674 EC_POINT_get_affine_coordinates (group, shared_point, x, y, bn_ctx);
676 EC_POINT_get_affine_coordinates_GFp (group, shared_point, x, y, bn_ctx);
678 sa->dh_shared_key = vec_new (u8, t->key_len);
679 x_off = len - BN_num_bytes (x);
680 clib_memset (sa->dh_shared_key, 0, x_off);
681 BN_bn2bin (x, sa->dh_shared_key + x_off);
682 y_off = t->key_len - BN_num_bytes (y);
683 clib_memset (sa->dh_shared_key + len, 0, y_off - len);
684 BN_bn2bin (y, sa->dh_shared_key + y_off);
690 BN_CTX_free (bn_ctx);
691 EC_POINT_free (i_point);
692 EC_POINT_free (r_point);
693 EC_POINT_free (shared_point);
698 ikev2_verify_sign (EVP_PKEY * pkey, u8 * sigbuf, u8 * data)
700 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
701 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
704 EVP_MD_CTX_init (&md_ctx);
707 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
708 EVP_VerifyInit (md_ctx, EVP_sha1 ());
709 EVP_VerifyUpdate (md_ctx, data, vec_len (data));
711 EVP_VerifyInit_ex (&md_ctx, EVP_sha1 (), NULL);
712 EVP_VerifyUpdate (&md_ctx, data, vec_len (data));
715 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
716 return EVP_VerifyFinal (md_ctx, sigbuf, vec_len (sigbuf), pkey);
718 return EVP_VerifyFinal (&md_ctx, sigbuf, vec_len (sigbuf), pkey);
723 ikev2_calc_sign (EVP_PKEY * pkey, u8 * data)
725 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
726 EVP_MD_CTX *md_ctx = EVP_MD_CTX_new ();
730 unsigned int sig_len = 0;
733 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
734 EVP_SignInit (md_ctx, EVP_sha1 ());
735 EVP_SignUpdate (md_ctx, data, vec_len (data));
737 EVP_SignFinal (md_ctx, NULL, &sig_len, pkey);
738 sign = vec_new (u8, sig_len);
740 EVP_SignFinal (md_ctx, sign, &sig_len, pkey);
742 EVP_SignInit (&md_ctx, EVP_sha1 ());
743 EVP_SignUpdate (&md_ctx, data, vec_len (data));
745 EVP_SignFinal (&md_ctx, NULL, &sig_len, pkey);
746 sign = vec_new (u8, sig_len);
748 EVP_SignFinal (&md_ctx, sign, &sig_len, pkey);
754 ikev2_load_cert_file (u8 * file)
758 EVP_PKEY *pkey = NULL;
760 fp = fopen ((char *) file, "r");
763 clib_warning ("open %s failed", file);
767 x509 = PEM_read_X509 (fp, NULL, NULL, NULL);
771 clib_warning ("read cert %s failed", file);
775 pkey = X509_get_pubkey (x509);
777 clib_warning ("get pubkey %s failed", file);
784 ikev2_load_key_file (u8 * file)
787 EVP_PKEY *pkey = NULL;
789 fp = fopen ((char *) file, "r");
792 clib_warning ("open %s failed", file);
796 pkey = PEM_read_PrivateKey (fp, NULL, NULL, NULL);
799 clib_warning ("read %s failed", file);
806 ikev2_crypto_init (ikev2_main_t * km)
808 ikev2_sa_transform_t *tr;
810 /* vector of supported transforms - in order of preference */
814 vec_add2 (km->supported_transforms, tr, 1);
815 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
816 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
817 tr->key_len = 256 / 8;
818 tr->block_size = 128 / 8;
819 tr->cipher = EVP_aes_256_cbc ();
821 vec_add2 (km->supported_transforms, tr, 1);
822 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
823 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
824 tr->key_len = 192 / 8;
825 tr->block_size = 128 / 8;
826 tr->cipher = EVP_aes_192_cbc ();
828 vec_add2 (km->supported_transforms, tr, 1);
829 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
830 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC;
831 tr->key_len = 128 / 8;
832 tr->block_size = 128 / 8;
833 tr->cipher = EVP_aes_128_cbc ();
835 vec_add2 (km->supported_transforms, tr, 1);
836 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
837 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM;
838 tr->key_len = 256 / 8;
839 tr->block_size = 128 / 8;
840 tr->cipher = EVP_aes_256_gcm ();
842 vec_add2 (km->supported_transforms, tr, 1);
843 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
844 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM;
845 tr->key_len = 192 / 8;
846 tr->block_size = 128 / 8;
847 tr->cipher = EVP_aes_192_gcm ();
849 vec_add2 (km->supported_transforms, tr, 1);
850 tr->type = IKEV2_TRANSFORM_TYPE_ENCR;
851 tr->encr_type = IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM;
852 tr->key_len = 128 / 8;
853 tr->block_size = 128 / 8;
854 tr->cipher = EVP_aes_128_gcm ();
857 vec_add2 (km->supported_transforms, tr, 1);
858 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
859 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_256;
860 tr->key_len = 256 / 8;
861 tr->key_trunc = 256 / 8;
862 tr->md = EVP_sha256 ();
864 vec_add2 (km->supported_transforms, tr, 1);
865 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
866 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_384;
867 tr->key_len = 384 / 8;
868 tr->key_trunc = 384 / 8;
869 tr->md = EVP_sha384 ();
871 vec_add2 (km->supported_transforms, tr, 1);
872 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
873 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_512;
874 tr->key_len = 512 / 8;
875 tr->key_trunc = 512 / 8;
876 tr->md = EVP_sha512 ();
878 vec_add2 (km->supported_transforms, tr, 1);
879 tr->type = IKEV2_TRANSFORM_TYPE_PRF;
880 tr->prf_type = IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA1;
881 tr->key_len = 160 / 8;
882 tr->key_trunc = 160 / 8;
883 tr->md = EVP_sha1 ();
886 vec_add2 (km->supported_transforms, tr, 1);
887 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
888 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_256_128;
889 tr->key_len = 256 / 8;
890 tr->key_trunc = 128 / 8;
891 tr->md = EVP_sha256 ();
893 vec_add2 (km->supported_transforms, tr, 1);
894 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
895 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_384_192;
896 tr->key_len = 384 / 8;
897 tr->key_trunc = 192 / 8;
898 tr->md = EVP_sha384 ();
900 vec_add2 (km->supported_transforms, tr, 1);
901 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
902 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_512_256;
903 tr->key_len = 512 / 8;
904 tr->key_trunc = 256 / 8;
905 tr->md = EVP_sha512 ();
907 vec_add2 (km->supported_transforms, tr, 1);
908 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
909 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_160;
910 tr->key_len = 160 / 8;
911 tr->key_trunc = 160 / 8;
912 tr->md = EVP_sha1 ();
914 vec_add2 (km->supported_transforms, tr, 1);
915 tr->type = IKEV2_TRANSFORM_TYPE_INTEG;
916 tr->integ_type = IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96;
917 tr->key_len = 160 / 8;
918 tr->key_trunc = 96 / 8;
919 tr->md = EVP_sha1 ();
922 #if defined(OPENSSL_NO_CISCO_FECDH)
923 vec_add2 (km->supported_transforms, tr, 1);
924 tr->type = IKEV2_TRANSFORM_TYPE_DH;
925 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_512;
926 tr->key_len = (512 * 2) / 8;
927 tr->nid = NID_brainpoolP512r1;
928 tr->dh_group = IKEV2_DH_GROUP_ECP;
930 vec_add2 (km->supported_transforms, tr, 1);
931 tr->type = IKEV2_TRANSFORM_TYPE_DH;
932 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_384;
933 tr->key_len = (384 * 2) / 8;
934 tr->nid = NID_brainpoolP384r1;
935 tr->dh_group = IKEV2_DH_GROUP_ECP;
937 vec_add2 (km->supported_transforms, tr, 1);
938 tr->type = IKEV2_TRANSFORM_TYPE_DH;
939 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_256;
940 tr->key_len = (256 * 2) / 8;
941 tr->nid = NID_brainpoolP256r1;
942 tr->dh_group = IKEV2_DH_GROUP_ECP;
944 vec_add2 (km->supported_transforms, tr, 1);
945 tr->type = IKEV2_TRANSFORM_TYPE_DH;
946 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_BRAINPOOL_224;
947 tr->key_len = (224 * 2) / 8;
948 tr->nid = NID_brainpoolP224r1;
949 tr->dh_group = IKEV2_DH_GROUP_ECP;
951 vec_add2 (km->supported_transforms, tr, 1);
952 tr->type = IKEV2_TRANSFORM_TYPE_DH;
953 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_224;
954 tr->key_len = (224 * 2) / 8;
955 tr->nid = NID_secp224r1;
956 tr->dh_group = IKEV2_DH_GROUP_ECP;
959 vec_add2 (km->supported_transforms, tr, 1);
960 tr->type = IKEV2_TRANSFORM_TYPE_DH;
961 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_521;
962 tr->key_len = (528 * 2) / 8;
963 tr->nid = NID_secp521r1;
964 tr->dh_group = IKEV2_DH_GROUP_ECP;
966 vec_add2 (km->supported_transforms, tr, 1);
967 tr->type = IKEV2_TRANSFORM_TYPE_DH;
968 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_384;
969 tr->key_len = (384 * 2) / 8;
970 tr->nid = NID_secp384r1;
971 tr->dh_group = IKEV2_DH_GROUP_ECP;
973 vec_add2 (km->supported_transforms, tr, 1);
974 tr->type = IKEV2_TRANSFORM_TYPE_DH;
975 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_256;
976 tr->key_len = (256 * 2) / 8;
977 tr->nid = NID_X9_62_prime256v1;
978 tr->dh_group = IKEV2_DH_GROUP_ECP;
980 vec_add2 (km->supported_transforms, tr, 1);
981 tr->type = IKEV2_TRANSFORM_TYPE_DH;
982 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_ECP_192;
983 tr->key_len = (192 * 2) / 8;
984 tr->nid = NID_X9_62_prime192v1;
985 tr->dh_group = IKEV2_DH_GROUP_ECP;
987 vec_add2 (km->supported_transforms, tr, 1);
988 tr->type = IKEV2_TRANSFORM_TYPE_DH;
989 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_256;
990 tr->key_len = 2048 / 8;
991 tr->dh_p = (const char *) &modp_dh_2048_256_prime;
992 tr->dh_g = (const char *) &modp_dh_2048_256_generator;
993 tr->dh_group = IKEV2_DH_GROUP_MODP;
995 vec_add2 (km->supported_transforms, tr, 1);
996 tr->type = IKEV2_TRANSFORM_TYPE_DH;
997 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048_224;
998 tr->key_len = 2048 / 8;
999 tr->dh_p = (const char *) &modp_dh_2048_224_prime;
1000 tr->dh_g = (const char *) &modp_dh_2048_224_generator;
1001 tr->dh_group = IKEV2_DH_GROUP_MODP;
1003 vec_add2 (km->supported_transforms, tr, 1);
1004 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1005 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024_160;
1006 tr->key_len = 1024 / 8;
1007 tr->dh_p = (const char *) &modp_dh_1024_160_prime;
1008 tr->dh_g = (const char *) &modp_dh_1024_160_generator;
1009 tr->dh_group = IKEV2_DH_GROUP_MODP;
1011 vec_add2 (km->supported_transforms, tr, 1);
1012 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1013 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_8192;
1014 tr->key_len = 8192 / 8;
1015 tr->dh_p = (const char *) &modp_dh_8192_prime;
1016 tr->dh_g = (const char *) &modp_dh_8192_generator;
1017 tr->dh_group = IKEV2_DH_GROUP_MODP;
1019 vec_add2 (km->supported_transforms, tr, 1);
1020 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1021 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_6144;
1022 tr->key_len = 6144 / 8;
1023 tr->dh_p = (const char *) &modp_dh_6144_prime;
1024 tr->dh_g = (const char *) &modp_dh_6144_generator;
1025 tr->dh_group = IKEV2_DH_GROUP_MODP;
1027 vec_add2 (km->supported_transforms, tr, 1);
1028 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1029 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_4096;
1030 tr->key_len = 4096 / 8;
1031 tr->dh_p = (const char *) &modp_dh_4096_prime;
1032 tr->dh_g = (const char *) &modp_dh_4096_generator;
1033 tr->dh_group = IKEV2_DH_GROUP_MODP;
1035 vec_add2 (km->supported_transforms, tr, 1);
1036 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1037 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_3072;
1038 tr->key_len = 3072 / 8;
1039 tr->dh_p = (const char *) &modp_dh_3072_prime;
1040 tr->dh_g = (const char *) &modp_dh_3072_generator;
1041 tr->dh_group = IKEV2_DH_GROUP_MODP;
1043 vec_add2 (km->supported_transforms, tr, 1);
1044 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1045 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_2048;
1046 tr->key_len = 2048 / 8;
1047 tr->dh_p = (const char *) &modp_dh_2048_prime;
1048 tr->dh_g = (const char *) &modp_dh_2048_generator;
1049 tr->dh_group = IKEV2_DH_GROUP_MODP;
1051 vec_add2 (km->supported_transforms, tr, 1);
1052 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1053 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1536;
1054 tr->key_len = 1536 / 8;
1055 tr->dh_p = (const char *) &modp_dh_1536_prime;
1056 tr->dh_g = (const char *) &modp_dh_1536_generator;
1057 tr->dh_group = IKEV2_DH_GROUP_MODP;
1059 vec_add2 (km->supported_transforms, tr, 1);
1060 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1061 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_1024;
1062 tr->key_len = 1024 / 8;
1063 tr->dh_p = (const char *) &modp_dh_1024_prime;
1064 tr->dh_g = (const char *) &modp_dh_1024_generator;
1065 tr->dh_group = IKEV2_DH_GROUP_MODP;
1067 vec_add2 (km->supported_transforms, tr, 1);
1068 tr->type = IKEV2_TRANSFORM_TYPE_DH;
1069 tr->dh_type = IKEV2_TRANSFORM_DH_TYPE_MODP_768;
1070 tr->key_len = 768 / 8;
1071 tr->dh_p = (const char *) &modp_dh_768_prime;
1072 tr->dh_g = (const char *) &modp_dh_768_generator;
1073 tr->dh_group = IKEV2_DH_GROUP_MODP;
1075 vec_add2 (km->supported_transforms, tr, 1);
1076 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1077 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_ESN;
1079 vec_add2 (km->supported_transforms, tr, 1);
1080 tr->type = IKEV2_TRANSFORM_TYPE_ESN;
1081 tr->esn_type = IKEV2_TRANSFORM_ESN_TYPE_NO_ESN;
1087 * fd.io coding-style-patch-verification: ON
1090 * eval: (c-set-style "gnu")