diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/charon/config/proposal.h | 2 | ||||
| -rw-r--r-- | src/charon/encoding/payloads/transform_substructure.c | 9 | ||||
| -rw-r--r-- | src/charon/sa/child_sa.c | 81 | ||||
| -rw-r--r-- | src/charon/sa/ike_sa.c | 4 | ||||
| -rw-r--r-- | src/charon/testing/kernel_interface_test.c | 26 | ||||
| -rw-r--r-- | src/charon/threads/kernel_interface.c | 167 | ||||
| -rw-r--r-- | src/charon/threads/kernel_interface.h | 15 | ||||
| -rwxr-xr-x | src/charon/threads/stroke_interface.c | 9 |
8 files changed, 171 insertions, 142 deletions
diff --git a/src/charon/config/proposal.h b/src/charon/config/proposal.h index 02819559b..9cb8f04aa 100644 --- a/src/charon/config/proposal.h +++ b/src/charon/config/proposal.h @@ -112,7 +112,7 @@ struct algorithm_t { u_int16_t algorithm; /** - * the associated key size, or zero if not needed + * the associated key size in bits, or zero if not needed */ u_int16_t key_size; }; diff --git a/src/charon/encoding/payloads/transform_substructure.c b/src/charon/encoding/payloads/transform_substructure.c index 350ad63e4..d814f765c 100644 --- a/src/charon/encoding/payloads/transform_substructure.c +++ b/src/charon/encoding/payloads/transform_substructure.c @@ -473,12 +473,15 @@ transform_substructure_t *transform_substructure_create_type(transform_type_t tr transform->set_transform_type(transform,transform_type); transform->set_transform_id(transform,transform_id); - /* a keylength attribute is only created for AES encryption */ + /* a keylength attribute is only created for variable length algos */ if (transform_type == ENCRYPTION_ALGORITHM && - transform_id == ENCR_AES_CBC) + (transform_id == ENCR_AES_CBC || + transform_id == ENCR_IDEA || + transform_id == ENCR_CAST || + transform_id == ENCR_BLOWFISH)) { transform_attribute_t *attribute = transform_attribute_create_key_length(key_length); - transform->add_transform_attribute(transform,attribute); + transform->add_transform_attribute(transform,attribute); } return transform; diff --git a/src/charon/sa/child_sa.c b/src/charon/sa/child_sa.c index 87fcea0cb..af73bc16f 100644 --- a/src/charon/sa/child_sa.c +++ b/src/charon/sa/child_sa.c @@ -164,13 +164,9 @@ static status_t alloc(private_child_sa_t *this, linked_list_t *proposals) static status_t install(private_child_sa_t *this, proposal_t *proposal, prf_plus_t *prf_plus, bool mine) { u_int32_t spi; - encryption_algorithm_t enc_algo; - integrity_algorithm_t int_algo; - chunk_t enc_key, int_key; - algorithm_t *algo; - crypter_t *crypter; - signer_t *signer; - size_t key_size; + algorithm_t *enc_algo, *int_algo; + algorithm_t enc_algo_none = {ENCR_UNDEFINED, 0}; + algorithm_t int_algo_none = {AUTH_UNDEFINED, 0}; host_t *src; host_t *dst; status_t status; @@ -201,75 +197,44 @@ static status_t install(private_child_sa_t *this, proposal_t *proposal, prf_plus this->other.spi = spi; } - /* derive encryption key first */ - if (proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &algo)) + this->logger->log(this->logger, CONTROL|LEVEL1, "Adding %s %s SA", + mine ? "inbound" : "outbound", + mapping_find(protocol_id_m, this->protocol)); + + /* select encryption algo */ + if (proposal->get_algorithm(proposal, ENCRYPTION_ALGORITHM, &enc_algo)) { - enc_algo = algo->algorithm; - this->logger->log(this->logger, CONTROL|LEVEL1, "%s for %s: using %s %s, ", - mapping_find(protocol_id_m, this->protocol), - mine ? "me" : "other", - mapping_find(transform_type_m, ENCRYPTION_ALGORITHM), - mapping_find(encryption_algorithm_m, enc_algo)); - - /* we must create a (unused) crypter, since its the only way to get the size - * of the key. This is not so nice, since charon must support all algorithms - * the kernel supports... - * TODO: build something of a encryption algorithm lookup function - */ - crypter = crypter_create(enc_algo, algo->key_size); - key_size = crypter->get_key_size(crypter); - crypter->destroy(crypter); - prf_plus->allocate_bytes(prf_plus, key_size, &enc_key); - this->logger->log_chunk(this->logger, PRIVATE, "key:", enc_key); + this->logger->log(this->logger, CONTROL|LEVEL2, " using %s for encryption", + mapping_find(encryption_algorithm_m, enc_algo->algorithm)); } else { - enc_algo = ENCR_UNDEFINED; + enc_algo = &enc_algo_none; } - /* derive integrity key */ - if (proposal->get_algorithm(proposal, INTEGRITY_ALGORITHM, &algo)) + /* select integrity algo */ + if (proposal->get_algorithm(proposal, INTEGRITY_ALGORITHM, &int_algo)) { - int_algo = algo->algorithm; - this->logger->log(this->logger, CONTROL|LEVEL1, "%s for %s: using %s %s,", - mapping_find(protocol_id_m, this->protocol), - mine ? "me" : "other", - mapping_find(transform_type_m, INTEGRITY_ALGORITHM), - mapping_find(integrity_algorithm_m, algo->algorithm)); - - signer = signer_create(int_algo); - key_size = signer->get_key_size(signer); - signer->destroy(signer); - prf_plus->allocate_bytes(prf_plus, key_size, &int_key); - this->logger->log_chunk(this->logger, PRIVATE, "key:", int_key); + this->logger->log(this->logger, CONTROL|LEVEL2, " using %s for integrity", + mapping_find(integrity_algorithm_m, int_algo->algorithm)); } else { - int_algo = AUTH_UNDEFINED; + int_algo = &int_algo_none; } - /* send keys down to kernel */ - this->logger->log(this->logger, CONTROL|LEVEL1, - "installing 0x%.8x for %s, src %s dst %s", - ntohl(spi), mapping_find(protocol_id_m, this->protocol), - src->get_address(src), dst->get_address(dst)); + /* send SA down to the kernel */ + this->logger->log(this->logger, CONTROL|LEVEL2, + " SPI 0x%.8x, src %s dst %s", + ntohl(spi), src->get_address(src), dst->get_address(dst)); status = charon->kernel_interface->add_sa(charon->kernel_interface, src, dst, spi, this->protocol, this->reqid, mine ? 0 : this->soft_lifetime, this->hard_lifetime, - enc_algo, enc_key, - int_algo, int_key, mine); - /* clean up */ - if (enc_algo != ENCR_UNDEFINED) - { - chunk_free(&enc_key); - } - if (int_algo != AUTH_UNDEFINED) - { - chunk_free(&int_key); - } + enc_algo, int_algo, prf_plus, mine); + return status; } diff --git a/src/charon/sa/ike_sa.c b/src/charon/sa/ike_sa.c index bc1871317..8dbca1982 100644 --- a/src/charon/sa/ike_sa.c +++ b/src/charon/sa/ike_sa.c @@ -486,8 +486,8 @@ static status_t build_transforms(private_ike_sa_t *this, proposal_t *proposal, d this->crypter_responder->destroy(this->crypter_responder); } - this->crypter_initiator = crypter_create(algo->algorithm, algo->key_size); - this->crypter_responder = crypter_create(algo->algorithm, algo->key_size); + this->crypter_initiator = crypter_create(algo->algorithm, algo->key_size / 8); + this->crypter_responder = crypter_create(algo->algorithm, algo->key_size / 8); if (this->crypter_initiator == NULL || this->crypter_responder == NULL) { this->logger->log(this->logger, ERROR|LEVEL1, diff --git a/src/charon/testing/kernel_interface_test.c b/src/charon/testing/kernel_interface_test.c index 29b3dc34e..a5638dce0 100644 --- a/src/charon/testing/kernel_interface_test.c +++ b/src/charon/testing/kernel_interface_test.c @@ -39,24 +39,18 @@ void test_kernel_interface(protected_tester_t *tester) u_int32_t spi; host_t *me, *other, *left, *right; status_t status; - - u_int8_t enc_key_bytes[] = { - 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, - 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 - }; - - u_int8_t inc_key_bytes[] = { - 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, + prf_plus_t *prf_plus; + prf_t *prf; + u_int8_t key_bytes[] = { 0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08 }; + chunk_t key = chunk_from_buf(key_bytes); + algorithm_t int_alg = {AUTH_HMAC_MD5_96, 0}; + algorithm_t enc_alg = {ENCR_AES_CBC, 128}; - chunk_t enc_key,inc_key; - enc_key.ptr = enc_key_bytes; - enc_key.len = sizeof(enc_key_bytes); - inc_key.ptr = inc_key_bytes; - inc_key.len = sizeof(inc_key_bytes); - - + prf = prf_create(PRF_HMAC_MD5); + prf->set_key(prf, key); + prf_plus = prf_plus_create(prf, key); kernel_interface = kernel_interface_create(); @@ -66,7 +60,7 @@ void test_kernel_interface(protected_tester_t *tester) status = kernel_interface->get_spi(kernel_interface, me, other, 50, 1234, &spi); tester->assert_true(tester, status == SUCCESS, "spi get"); - status = kernel_interface->add_sa(kernel_interface, me, other, spi, 50, 1234, 5, 10, ENCR_AES_CBC, enc_key,AUTH_UNDEFINED,inc_key,TRUE); + status = kernel_interface->add_sa(kernel_interface, me, other, spi, 50, 1234, 5, 10, &enc_alg, &int_alg, prf_plus, TRUE); tester->assert_true(tester, status == SUCCESS, "add sa"); left = host_create(AF_INET, "10.1.0.0", 0); diff --git a/src/charon/threads/kernel_interface.c b/src/charon/threads/kernel_interface.c index 41dee48a6..b78f67449 100644 --- a/src/charon/threads/kernel_interface.c +++ b/src/charon/threads/kernel_interface.c @@ -45,7 +45,7 @@ #define SPD_PRIORITY 1024 -#define XFRM_DATA_LENGTH 512 +#define XFRM_DATA_LENGTH 1024 typedef struct xfrm_data_t xfrm_data_t; @@ -109,6 +109,85 @@ struct netlink_message_t { u_int8_t data[XFRM_DATA_LENGTH]; }; +typedef struct kernel_algorithm_t kernel_algorithm_t; + +/** + * Mapping from the algorithms defined in IKEv2 to + * kernel level algorithm names and their key length + */ +struct kernel_algorithm_t { + /** + * Identifier specified in IKEv2 + */ + int ikev2_id; + + /** + * Name of the algorithm, as used as kernel identifier + */ + char *name; + + /** + * Key length in bits, if fixed size + */ + u_int key_size; +}; +#define END_OF_LIST -1 + +/** + * Algorithms for encryption + */ +kernel_algorithm_t encryption_algs[] = { +/* {ENCR_DES_IV64, "***", 0}, */ + {ENCR_DES, "des", 64}, + {ENCR_3DES, "des3_ede", 192}, +/* {ENCR_RC5, "***", 0}, */ +/* {ENCR_IDEA, "***", 0}, */ + {ENCR_CAST, "cast128", 0}, + {ENCR_BLOWFISH, "blowfish", 0}, +/* {ENCR_3IDEA, "***", 0}, */ +/* {ENCR_DES_IV32, "***", 0}, */ + {ENCR_NULL, "cipher_null", 0}, + {ENCR_AES_CBC, "aes", 0}, +/* {ENCR_AES_CTR, "***", 0}, */ + {END_OF_LIST, NULL, 0}, +}; + +/** + * Algorithms for integrity protection + */ +kernel_algorithm_t integrity_algs[] = { + {AUTH_HMAC_MD5_96, "md5", 128}, + {AUTH_HMAC_SHA1_96, "sha1", 160}, +/* {AUTH_DES_MAC, "***", 0}, */ +/* {AUTH_KPDK_MD5, "***", 0}, */ +/* {AUTH_AES_XCBC_96, "***", 0}, */ + {END_OF_LIST, NULL, 0}, +}; + +/** + * Look up a kernel algorithm name and its key size + */ +char* lookup_algorithm(kernel_algorithm_t *kernel_algo, algorithm_t *ikev2_algo, u_int *key_size) +{ + while (kernel_algo->ikev2_id != END_OF_LIST) + { + if (ikev2_algo->algorithm == kernel_algo->ikev2_id) + { + /* match, evaluate key length */ + if (ikev2_algo->key_size) + { /* variable length */ + *key_size = ikev2_algo->key_size; + } + else + { /* fixed length */ + *key_size = kernel_algo->key_size; + } + return kernel_algo->name; + } + kernel_algo++; + } + return NULL; +} typedef struct private_kernel_interface_t private_kernel_interface_t; @@ -174,42 +253,6 @@ struct private_kernel_interface_t { }; /** - * In the kernel, algorithms are identified as strings, we use our - * mapping functions... - * Algorithms for encryption. - * TODO: Add missing algorithm strings - */ -mapping_t kernel_encryption_algs_m[] = { - {ENCR_DES_IV64, ""}, - {ENCR_DES, "des"}, - {ENCR_3DES, "des3_ede"}, - {ENCR_RC5, ""}, - {ENCR_IDEA, "idea"}, - {ENCR_CAST, "cast128"}, - {ENCR_BLOWFISH, "blowfish"}, - {ENCR_3IDEA, ""}, - {ENCR_DES_IV32, ""}, - {ENCR_NULL, ""}, - {ENCR_AES_CBC, "aes"}, - {ENCR_AES_CTR, ""}, - {MAPPING_END, NULL} -}; -/** - * In the kernel, algorithms are identified as strings, we use our - * mapping functions... - * Algorithms for integrity protection. - * TODO: Add missing algorithm strings - */ -mapping_t kernel_integrity_algs_m[] = { - {AUTH_HMAC_MD5_96, "md5"}, - {AUTH_HMAC_SHA1_96, "sha1"}, - {AUTH_DES_MAC, ""}, - {AUTH_KPDK_MD5, ""}, - {AUTH_AES_XCBC_96, ""}, - {MAPPING_END, NULL} -}; - -/** * Implementation of kernel_interface_t.get_spi. */ static status_t get_spi(private_kernel_interface_t *this, @@ -277,15 +320,17 @@ static status_t add_sa( private_kernel_interface_t *this, u_int32_t reqid, u_int64_t expire_soft, u_int64_t expire_hard, - encryption_algorithm_t enc_alg, - chunk_t encryption_key, - integrity_algorithm_t int_alg, - chunk_t integrity_key, + algorithm_t *enc_alg, + algorithm_t *int_alg, + prf_plus_t *prf_plus, bool replace) { netlink_message_t request, *response; - memset(&request, 0, sizeof(request)); status_t status = SUCCESS; + int key_size; + char *alg_name; + + memset(&request, 0, sizeof(request)); this->logger->log(this->logger, CONTROL|LEVEL2, "adding SA"); @@ -314,36 +359,52 @@ static status_t add_sa( private_kernel_interface_t *this, request.hdr.nlmsg_len = NLMSG_ALIGN(NLMSG_LENGTH(sizeof(request.sa))); - if (enc_alg != ENCR_UNDEFINED) + if (enc_alg->algorithm != ENCR_UNDEFINED) { xfrm_data_t *data = (xfrm_data_t*)(((u_int8_t*)&request) + request.hdr.nlmsg_len); data->type = XFRMA_ALG_CRYPT; - data->length = 4 + sizeof(data->algo) + encryption_key.len; - data->algo.alg_key_len = encryption_key.len * 8; + alg_name = lookup_algorithm(encryption_algs, enc_alg, &key_size); + if (alg_name == NULL) + { + this->logger->log(this->logger, ERROR, "Algorithm %s not supported by kernel!", + mapping_find(encryption_algorithm_m, enc_alg->algorithm)); + return FAILED; + } + this->logger->log(this->logger, CONTROL|LEVEL2, "using key size %d", key_size); + data->length = 4 + sizeof(data->algo) + key_size; + data->algo.alg_key_len = key_size; request.hdr.nlmsg_len += data->length; if (request.hdr.nlmsg_len > sizeof(request)) { return FAILED; } - strcpy(data->algo.alg_name, mapping_find(kernel_encryption_algs_m, enc_alg)); - memcpy(data->algo.alg_key, encryption_key.ptr, encryption_key.len); + strcpy(data->algo.alg_name, alg_name); + prf_plus->get_bytes(prf_plus, key_size / 8, data->algo.alg_key); } - if (int_alg != AUTH_UNDEFINED) + if (int_alg->algorithm != AUTH_UNDEFINED) { xfrm_data_t *data = (xfrm_data_t*)(((u_int8_t*)&request) + request.hdr.nlmsg_len); data->type = XFRMA_ALG_AUTH; - data->length = 4 + sizeof(data->algo) + integrity_key.len; - data->algo.alg_key_len = integrity_key.len * 8; + alg_name = lookup_algorithm(integrity_algs, int_alg, &key_size); + if (alg_name == NULL) + { + this->logger->log(this->logger, ERROR, "Algorithm %s not supported by kernel!", + mapping_find(integrity_algorithm_m, int_alg->algorithm)); + return FAILED; + } + this->logger->log(this->logger, CONTROL|LEVEL2, "using key size %d", key_size); + data->length = 4 + sizeof(data->algo) + key_size; + data->algo.alg_key_len = key_size; request.hdr.nlmsg_len += data->length; if (request.hdr.nlmsg_len > sizeof(request)) { return FAILED; } - strcpy(data->algo.alg_name, mapping_find(kernel_integrity_algs_m, int_alg)); - memcpy(data->algo.alg_key, integrity_key.ptr, integrity_key.len); + strcpy(data->algo.alg_name, alg_name); + prf_plus->get_bytes(prf_plus, key_size / 8, data->algo.alg_key); } /* TODO: add IPComp here*/ @@ -739,7 +800,7 @@ kernel_interface_t *kernel_interface_create() /* public functions */ this->public.get_spi = (status_t(*)(kernel_interface_t*,host_t*,host_t*,protocol_id_t,u_int32_t,u_int32_t*))get_spi; - this->public.add_sa = (status_t(*)(kernel_interface_t *,host_t*,host_t*,u_int32_t,protocol_id_t,u_int32_t,u_int64_t,u_int64_t,encryption_algorithm_t,chunk_t,integrity_algorithm_t,chunk_t,bool))add_sa; + this->public.add_sa = (status_t(*)(kernel_interface_t *,host_t*,host_t*,u_int32_t,protocol_id_t,u_int32_t,u_int64_t,u_int64_t,algorithm_t*,algorithm_t*,prf_plus_t*,bool))add_sa; this->public.add_policy = (status_t(*)(kernel_interface_t*,host_t*, host_t*,host_t*,host_t*,u_int8_t,u_int8_t,int,int,bool,bool,u_int32_t))add_policy; this->public.del_sa = (status_t(*)(kernel_interface_t*,host_t*,u_int32_t,protocol_id_t))del_sa; this->public.del_policy = (status_t(*)(kernel_interface_t*,host_t*,host_t*,host_t*,host_t*,u_int8_t,u_int8_t,int,int))del_policy; diff --git a/src/charon/threads/kernel_interface.h b/src/charon/threads/kernel_interface.h index 6c9a181ed..9d5846f34 100644 --- a/src/charon/threads/kernel_interface.h +++ b/src/charon/threads/kernel_interface.h @@ -26,6 +26,7 @@ #include <linux/xfrm.h> #include <utils/host.h> +#include <crypto/prf_plus.h> #include <encoding/payloads/proposal_substructure.h> typedef struct kernel_interface_t kernel_interface_t; @@ -70,7 +71,9 @@ struct kernel_interface_t { * SPI (via get_spi). In this case, the replace * flag must be set. * This function does install a single SA for a - * single protocol in one direction. + * single protocol in one direction. The kernel-interface + * gets the keys itself from the PRF, as we don't know + * his algorithms and key sizes. * * @param this calling object * @param src source address for this SA @@ -81,9 +84,8 @@ struct kernel_interface_t { * @param expire_soft lifetime in seconds before rekeying * @param expire_hard lieftime in seconds before delete * @param enc_alg Algorithm to use for encryption (ESP only) - * @param enc_key Key to use for encryption * @param int_alg Algorithm to use for integrity protection - * @param int_key Key for integrity protection + * @param prf_plus PRF to derive keys * @param replace Should an already installed SA be updated? * @return * - SUCCESS @@ -96,10 +98,9 @@ struct kernel_interface_t { u_int32_t reqid, u_int64_t expire_soft, u_int64_t expire_hard, - encryption_algorithm_t enc_alg, - chunk_t enc_key, - integrity_algorithm_t int_alg, - chunk_t int_key, + algorithm_t *enc_alg, + algorithm_t *int_alg, + prf_plus_t *prf_plus, bool replace); /** * @brief Delete a previusly installed SA from the SAD. diff --git a/src/charon/threads/stroke_interface.c b/src/charon/threads/stroke_interface.c index 33de8012a..b2d49c946 100755 --- a/src/charon/threads/stroke_interface.c +++ b/src/charon/threads/stroke_interface.c @@ -311,7 +311,7 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) my_host, other_host, RSA_DIGITAL_SIGNATURE); proposal = proposal_create(PROTO_IKE); - proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16); + proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128); proposal->add_algorithm(proposal, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0); proposal->add_algorithm(proposal, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0); proposal->add_algorithm(proposal, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0); @@ -334,8 +334,12 @@ static void stroke_add_conn(private_stroke_t *this, stroke_msg_t *msg) policy = policy_create(msg->add_conn.name, my_id, other_id); proposal = proposal_create(PROTO_ESP); - proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 16); + proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128); + proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256); + proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, ENCR_3DES, 0); + proposal->add_algorithm(proposal, ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256); proposal->add_algorithm(proposal, INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0); + proposal->add_algorithm(proposal, INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0); policy->add_proposal(policy, proposal); policy->add_my_traffic_selector(policy, my_ts); policy->add_other_traffic_selector(policy, other_ts); @@ -514,6 +518,7 @@ logger_context_t get_context(char *context) else if (strcasecmp(context, "CONFG") == 0) return CONFIG; else if (strcasecmp(context, "ENCPL") == 0) return ENCRYPTION_PAYLOAD; else if (strcasecmp(context, "PAYLD") == 0) return PAYLOAD; + else if (strcasecmp(context, "XFRM") == 0) return XFRM; else return -2; } |