added ECDH with OpenSSL (see RFC 4753)

2 files changed, 13 insertions, 4 deletions

diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c
index 922708720..a91507454 100644
--- a/src/libstrongswan/crypto/diffie_hellman.c
+++ b/src/libstrongswan/crypto/diffie_hellman.c
@@ -24,11 +24,14 @@ ENUM_BEGIN(diffie_hellman_group_names, MODP_NONE, MODP_1024_BIT,
 	"MODP_1024_BIT");
 ENUM_NEXT(diffie_hellman_group_names, MODP_1536_BIT, MODP_1536_BIT, MODP_1024_BIT,
 	"MODP_1536_BIT");
-ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, MODP_8192_BIT, MODP_1536_BIT,
+ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, ECP_521_BIT, MODP_1536_BIT,
 	"MODP_2048_BIT",
 	"MODP_3072_BIT",
 	"MODP_4096_BIT",
 	"MODP_6144_BIT",
-	"MODP_8192_BIT");
-ENUM_END(diffie_hellman_group_names, MODP_8192_BIT);
+	"MODP_8192_BIT"
+	"ECP_256_BIT",
+	"ECP_384_BIT",
+	"ECP_521_BIT");
+ENUM_END(diffie_hellman_group_names, ECP_521_BIT);
 
diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h
index 07e475b47..53d89c377 100644
--- a/src/libstrongswan/crypto/diffie_hellman.h
+++ b/src/libstrongswan/crypto/diffie_hellman.h
@@ -34,6 +34,8 @@ typedef struct diffie_hellman_t diffie_hellman_t;
  *
  * The modulus (or group) to use for a Diffie-Hellman calculation.
  * See IKEv2 RFC 3.3.2 and RFC 3526.
+ * 
+ * ECP groups are defined in RFC 4753.
  */
 enum diffie_hellman_group_t {
 	MODP_NONE = 0,
@@ -44,7 +46,11 @@ enum diffie_hellman_group_t {
 	MODP_3072_BIT = 15,
 	MODP_4096_BIT = 16,
 	MODP_6144_BIT = 17,
-	MODP_8192_BIT = 18
+	MODP_8192_BIT = 18,
+	ECP_256_BIT = 19,
+	ECP_384_BIT = 20,
+	ECP_521_BIT = 21,
+	
 };
 
 /**