diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2017-09-19 11:10:09 +0200 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2017-11-08 16:47:24 +0100 |
| commit | 43b59d13239e0d9593649b77bdea3651150f6132 (patch) | |
| tree | 7fec605b0c29e2bbc64a40588814f63eaef1b1e1 /src | |
| parent | 76c58498efd1a80a70966889bd3fdc3b9e863b06 (diff) | |
| download | strongswan-43b59d13239e0d9593649b77bdea3651150f6132.tar.bz2 strongswan-43b59d13239e0d9593649b77bdea3651150f6132.tar.xz | |
ikev2: Don't use SHA-1 for RFC 7427 signature authentication
RFC 8247 demoted it to MUST NOT.
References #2427.
Diffstat (limited to 'src')
| -rw-r--r-- | src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c | 4 | ||||
| -rw-r--r-- | src/libstrongswan/crypto/hashers/hasher.c | 2 | ||||
| -rw-r--r-- | src/libstrongswan/tests/suites/test_hasher.c | 6 |
3 files changed, 5 insertions, 7 deletions
diff --git a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c index 19ea72d0b..b2b1ef289 100644 --- a/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c +++ b/src/libcharon/sa/ikev2/authenticators/pubkey_authenticator.c @@ -156,14 +156,12 @@ static array_t *select_signature_schemes(keymat_v2_t *keymat, } enumerator->destroy(enumerator); - /* for RSA we tried at least SHA-512, also try other schemes down to - * what we'd use with classic authentication */ + /* for RSA we tried at least SHA-512, also try other schemes */ if (key_type == KEY_RSA) { signature_scheme_t schemes[] = { SIGN_RSA_EMSA_PKCS1_SHA2_384, SIGN_RSA_EMSA_PKCS1_SHA2_256, - SIGN_RSA_EMSA_PKCS1_SHA1, }, contained; bool found; int i, j; diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c index 26aab0ccc..6b5c05c46 100644 --- a/src/libstrongswan/crypto/hashers/hasher.c +++ b/src/libstrongswan/crypto/hashers/hasher.c @@ -287,7 +287,6 @@ bool hasher_algorithm_for_ikev2(hash_algorithm_t alg) switch (alg) { case HASH_IDENTITY: - case HASH_SHA1: case HASH_SHA256: case HASH_SHA384: case HASH_SHA512: @@ -296,6 +295,7 @@ bool hasher_algorithm_for_ikev2(hash_algorithm_t alg) case HASH_MD2: case HASH_MD4: case HASH_MD5: + case HASH_SHA1: case HASH_SHA224: case HASH_SHA3_224: case HASH_SHA3_256: diff --git a/src/libstrongswan/tests/suites/test_hasher.c b/src/libstrongswan/tests/suites/test_hasher.c index 6a83fe777..9f7741969 100644 --- a/src/libstrongswan/tests/suites/test_hasher.c +++ b/src/libstrongswan/tests/suites/test_hasher.c @@ -201,9 +201,9 @@ START_TEST(test_hasher_from_integrity) size_t length; length = 0; - ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, NULL) == + ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, NULL) == auths[_i].alg); - ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, &length) == + ck_assert(hasher_algorithm_from_integrity(auths[_i].auth, &length) == auths[_i].alg); ck_assert(length == auths[_i].length); } @@ -226,7 +226,7 @@ typedef struct { static hasher_ikev2_t ikev2[] = { { HASH_IDENTITY, TRUE }, - { HASH_SHA1, TRUE }, + { HASH_SHA1, FALSE }, { HASH_SHA256, TRUE }, { HASH_SHA384, TRUE }, { HASH_SHA512, TRUE }, |