Annotation of embedaddon/strongswan/src/libimcv/pts/pts_dh_group.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2011 Sansar Choinyambuu
! 3: * HSR Hochschule fuer Technik Rapperswil
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: #include "pts_dh_group.h"
! 17:
! 18: #include <utils/debug.h>
! 19:
! 20: /**
! 21: * Described in header.
! 22: */
! 23: bool pts_dh_group_probe(pts_dh_group_t *dh_groups, bool mandatory_dh_groups)
! 24: {
! 25: enumerator_t *enumerator;
! 26: diffie_hellman_group_t dh_group;
! 27: const char *plugin_name;
! 28: char format1[] = " %s PTS DH group %N[%s] available";
! 29: char format2[] = " %s PTS DH group %N not available";
! 30:
! 31: *dh_groups = PTS_DH_GROUP_NONE;
! 32:
! 33: enumerator = lib->crypto->create_dh_enumerator(lib->crypto);
! 34: while (enumerator->enumerate(enumerator, &dh_group, &plugin_name))
! 35: {
! 36: if (dh_group == MODP_1024_BIT)
! 37: {
! 38: *dh_groups |= PTS_DH_GROUP_IKE2;
! 39: DBG2(DBG_PTS, format1, "optional ", diffie_hellman_group_names,
! 40: dh_group, plugin_name);
! 41: }
! 42: else if (dh_group == MODP_1536_BIT)
! 43: {
! 44: *dh_groups |= PTS_DH_GROUP_IKE5;
! 45: DBG2(DBG_PTS, format1, "optional ", diffie_hellman_group_names,
! 46: dh_group, plugin_name);
! 47: }
! 48: else if (dh_group == MODP_2048_BIT)
! 49: {
! 50: *dh_groups |= PTS_DH_GROUP_IKE14;
! 51: DBG2(DBG_PTS, format1, "optional ", diffie_hellman_group_names,
! 52: dh_group, plugin_name);
! 53: }
! 54: else if (dh_group == ECP_256_BIT)
! 55: {
! 56: *dh_groups |= PTS_DH_GROUP_IKE19;
! 57: DBG2(DBG_PTS, format1, "mandatory", diffie_hellman_group_names,
! 58: dh_group, plugin_name);
! 59: }
! 60: else if (dh_group == ECP_384_BIT)
! 61: {
! 62: *dh_groups |= PTS_DH_GROUP_IKE20;
! 63: DBG2(DBG_PTS, format1, "optional ", diffie_hellman_group_names,
! 64: dh_group, plugin_name);
! 65: }
! 66: }
! 67: enumerator->destroy(enumerator);
! 68:
! 69: if (*dh_groups & PTS_DH_GROUP_IKE19)
! 70: {
! 71: /* mandatory PTS DH group is available */
! 72: return TRUE;
! 73: }
! 74: if (*dh_groups == PTS_DH_GROUP_NONE)
! 75: {
! 76: DBG1(DBG_PTS, "no PTS DH group available");
! 77: return FALSE;
! 78: }
! 79: if (mandatory_dh_groups)
! 80: {
! 81: DBG1(DBG_PTS, format2, "mandatory", diffie_hellman_group_names,
! 82: ECP_256_BIT);
! 83: return FALSE;
! 84: }
! 85:
! 86: /* at least one optional PTS DH group is available */
! 87: return TRUE;
! 88: }
! 89:
! 90: /**
! 91: * Described in header.
! 92: */
! 93: bool pts_dh_group_update(char *dh_group, pts_dh_group_t *dh_groups)
! 94: {
! 95: if (strcaseeq(dh_group, "ecp384"))
! 96: {
! 97: /* nothing to update, all groups are supported */
! 98: return TRUE;
! 99: }
! 100: if (strcaseeq(dh_group, "ecp256"))
! 101: {
! 102: /* remove DH group 20 */
! 103: *dh_groups &= ~PTS_DH_GROUP_IKE20;
! 104: return TRUE;
! 105: }
! 106: if (strcaseeq(dh_group, "modp2048"))
! 107: {
! 108: /* remove DH groups 19 and 20 */
! 109: *dh_groups &= ~(PTS_DH_GROUP_IKE20 | PTS_DH_GROUP_IKE19);
! 110: return TRUE;
! 111: }
! 112: if (strcaseeq(dh_group, "modp1536"))
! 113: {
! 114: /* remove DH groups 14, 19 and 20 */
! 115: *dh_groups &= ~(PTS_DH_GROUP_IKE20 | PTS_DH_GROUP_IKE19 |
! 116: PTS_DH_GROUP_IKE14);
! 117: return TRUE;
! 118: }
! 119: if (strcaseeq(dh_group, "modp1024"))
! 120: {
! 121: /* remove DH groups 5, 14, 19 and 20 */
! 122: *dh_groups &= ~(PTS_DH_GROUP_IKE20 | PTS_DH_GROUP_IKE19 |
! 123: PTS_DH_GROUP_IKE14 | PTS_DH_GROUP_IKE5);
! 124: return TRUE;
! 125: }
! 126: DBG1(DBG_PTS, "unknown DH group '%s' configured", dh_group);
! 127: return FALSE;
! 128: }
! 129:
! 130: /**
! 131: * Described in header.
! 132: */
! 133: pts_dh_group_t pts_dh_group_select(pts_dh_group_t supported_dh_groups,
! 134: pts_dh_group_t offered_dh_groups)
! 135: {
! 136: if ((supported_dh_groups & PTS_DH_GROUP_IKE20) &&
! 137: (offered_dh_groups & PTS_DH_GROUP_IKE20))
! 138: {
! 139: return PTS_DH_GROUP_IKE20;
! 140: }
! 141: if ((supported_dh_groups & PTS_DH_GROUP_IKE19) &&
! 142: (offered_dh_groups & PTS_DH_GROUP_IKE19))
! 143: {
! 144: return PTS_DH_GROUP_IKE19;
! 145: }
! 146: if ((supported_dh_groups & PTS_DH_GROUP_IKE14) &&
! 147: (offered_dh_groups & PTS_DH_GROUP_IKE14))
! 148: {
! 149: return PTS_DH_GROUP_IKE14;
! 150: }
! 151: if ((supported_dh_groups & PTS_DH_GROUP_IKE5) &&
! 152: (offered_dh_groups & PTS_DH_GROUP_IKE5))
! 153: {
! 154: return PTS_DH_GROUP_IKE5;
! 155: }
! 156: if ((supported_dh_groups & PTS_DH_GROUP_IKE2) &&
! 157: (offered_dh_groups & PTS_DH_GROUP_IKE2))
! 158: {
! 159: return PTS_DH_GROUP_IKE2;
! 160: }
! 161: return PTS_DH_GROUP_NONE;
! 162: }
! 163:
! 164: /**
! 165: * Described in header.
! 166: */
! 167: diffie_hellman_group_t pts_dh_group_to_ike(pts_dh_group_t dh_group)
! 168: {
! 169: switch (dh_group)
! 170: {
! 171: case PTS_DH_GROUP_IKE2:
! 172: return MODP_1024_BIT;
! 173: case PTS_DH_GROUP_IKE5:
! 174: return MODP_1536_BIT;
! 175: case PTS_DH_GROUP_IKE14:
! 176: return MODP_2048_BIT;
! 177: case PTS_DH_GROUP_IKE19:
! 178: return ECP_256_BIT;
! 179: case PTS_DH_GROUP_IKE20:
! 180: return ECP_384_BIT;
! 181: default:
! 182: return MODP_NONE;
! 183: }
! 184: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to pts_dh_group.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libimcv / pts