added the ECP groups from RFC 5114

2008-05-22 11:55:05 +00:00 · 2008-05-22 11:55:05 +00:00 · 346e9c5712
parent fc1a31d54b
commit 346e9c5712
5 changed files with 25 additions and 2 deletions
--- a/src/charon/config/proposal.c
+++ b/src/charon/config/proposal.c
@ -766,6 +766,14 @@ static status_t add_string_algo(private_proposal_t *this, chunk_t alg)
 	{
 		add_algorithm(this, DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0);
 	}
+	else if (strncmp(alg.ptr, "ecp192", alg.len) == 0)
+	{
+		add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0);
+	}
+	else if (strncmp(alg.ptr, "ecp224", alg.len) == 0)
+	{
+		add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0);
+	}
 	else if (strncmp(alg.ptr, "ecp256", alg.len) == 0)
 	{
 		add_algorithm(this, DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0);
--- a/src/libstrongswan/crypto/diffie_hellman.c
+++ b/src/libstrongswan/crypto/diffie_hellman.c
@ -33,5 +33,8 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, ECP_521_BIT, MODP_1536_BIT,
 	"ECP_256_BIT",
 	"ECP_384_BIT",
 	"ECP_521_BIT");
-ENUM_END(diffie_hellman_group_names, ECP_521_BIT);
+ENUM_NEXT(diffie_hellman_group_names, ECP_192_BIT, ECP_224_BIT, ECP_521_BIT,
+	"ECP_192_BIT",
+	"ECP_224_BIT");
+ENUM_END(diffie_hellman_group_names, ECP_224_BIT);

--- a/src/libstrongswan/crypto/diffie_hellman.h
+++ b/src/libstrongswan/crypto/diffie_hellman.h
@ -35,7 +35,7 @@ typedef struct diffie_hellman_t diffie_hellman_t;
 * The modulus (or group) to use for a Diffie-Hellman calculation.
 * See IKEv2 RFC 3.3.2 and RFC 3526.
 * 
- * ECP groups are defined in RFC 4753.
+ * ECP groups are defined in RFC 4753 and RFC 5114.
 */
 enum diffie_hellman_group_t {
 	MODP_NONE = 0,
@ -50,6 +50,8 @@ enum diffie_hellman_group_t {
 	ECP_256_BIT = 19,
 	ECP_384_BIT = 20,
 	ECP_521_BIT = 21,
+	ECP_192_BIT = 25,
+	ECP_224_BIT = 26,
 	
 };

--- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
@ -314,6 +314,12 @@ openssl_ec_diffie_hellman_t *openssl_ec_diffie_hellman_create(diffie_hellman_gro
 	
 	switch (group)
 	{
+		case ECP_192_BIT:
+			this->key = EC_KEY_new_by_curve_name(NID_X9_62_prime192v1);
+			break;
+		case ECP_224_BIT:
+			this->key = EC_KEY_new_by_curve_name(NID_secp224r1);
+			break;
 		case ECP_256_BIT:
 			this->key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
 			break;
--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
@ -125,6 +125,10 @@ plugin_t *plugin_create()
 						(dh_constructor_t)openssl_diffie_hellman_create);
 	
 	/* ec diffie hellman */
+	lib->crypto->add_dh(lib->crypto, ECP_192_BIT,
+						(dh_constructor_t)openssl_ec_diffie_hellman_create);
+	lib->crypto->add_dh(lib->crypto, ECP_224_BIT,
+						(dh_constructor_t)openssl_ec_diffie_hellman_create);
 	lib->crypto->add_dh(lib->crypto, ECP_256_BIT,
 						(dh_constructor_t)openssl_ec_diffie_hellman_create);
 	lib->crypto->add_dh(lib->crypto, ECP_384_BIT,