ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

botan: Simplify DH/ECDH key derivation

This commit is contained in:
Tobias Brunner 2018-09-11 10:58:42 +02:00
parent 125222dca7
commit 40b3bf6ba7
4 changed files with 45 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
src/libstrongswan/plugins/botan/botan_diffie_hellman.c
View File

@ -97,37 +97,14 @@ bool load_private_key(private_botan_diffie_hellman_t *this, chunk_t value)
METHOD(diffie_hellman_t, set_other_public_value, bool,
private_botan_diffie_hellman_t *this, chunk_t value)
{
botan_pk_op_ka_t op;
if (!diffie_hellman_verify_value(this->group, value))
{
return FALSE;
}
if (botan_pk_op_key_agreement_create(&op, this->dh_key, "Raw", 0))
{
return FALSE;
}
chunk_clear(&this->shared_secret);
if (botan_pk_op_key_agreement_size(op, &this->shared_secret.len))
{
botan_pk_op_key_agreement_destroy(op);
return FALSE;
}
this->shared_secret = chunk_alloc(this->shared_secret.len);
if (botan_pk_op_key_agreement(op, this->shared_secret.ptr,
&this->shared_secret.len, value.ptr,
value.len, NULL, 0))
{
chunk_clear(&this->shared_secret);
botan_pk_op_key_agreement_destroy(op);
return FALSE;
}
botan_pk_op_key_agreement_destroy(op);
return TRUE;
return botan_dh_key_derivation(this->dh_key, value, &this->shared_secret);
}
METHOD(diffie_hellman_t, get_my_public_value, bool,

25
src/libstrongswan/plugins/botan/botan_ec_diffie_hellman.c
View File

@ -69,40 +69,17 @@ struct private_botan_ec_diffie_hellman_t {
METHOD(diffie_hellman_t, set_other_public_value, bool,
private_botan_ec_diffie_hellman_t *this, chunk_t value)
{
botan_pk_op_ka_t ka;
if (!diffie_hellman_verify_value(this->group, value))
{
return FALSE;
}
if (botan_pk_op_key_agreement_create(&ka, this->key, "Raw", 0))
{
return FALSE;
}
chunk_clear(&this->shared_secret);
if (botan_pk_op_key_agreement_size(ka, &this->shared_secret.len))
{
botan_pk_op_key_agreement_destroy(ka);
return FALSE;
}
/* prepend 0x04 to indicate uncompressed point format */
value = chunk_cata("cc", chunk_from_chars(0x04), value);
this->shared_secret = chunk_alloc(this->shared_secret.len);
if (botan_pk_op_key_agreement(ka, this->shared_secret.ptr,
&this->shared_secret.len, value.ptr,
value.len, NULL, 0))
{
chunk_clear(&this->shared_secret);
botan_pk_op_key_agreement_destroy(ka);
return FALSE;
}
botan_pk_op_key_agreement_destroy(ka);
return TRUE;
return botan_dh_key_derivation(this->key, value, &this->shared_secret);
}
METHOD(diffie_hellman_t, get_my_public_value, bool,

30
src/libstrongswan/plugins/botan/botan_util.c
View File

@ -259,3 +259,33 @@ bool botan_get_signature(botan_privkey_t key, const char *scheme,
botan_pk_op_sign_destroy(sign_op);
return TRUE;
}
/*
* Described in header
*/
bool botan_dh_key_derivation(botan_privkey_t key, chunk_t pub, chunk_t *secret)
{
botan_pk_op_ka_t ka;
if (botan_pk_op_key_agreement_create(&ka, key, "Raw", 0))
{
return FALSE;
}
if (botan_pk_op_key_agreement_size(ka, &secret->len))
{
botan_pk_op_key_agreement_destroy(ka);
return FALSE;
}
*secret = chunk_alloc(secret->len);
if (botan_pk_op_key_agreement(ka, secret->ptr, &secret->len, pub.ptr,
pub.len, NULL, 0))
{
chunk_clear(secret);
botan_pk_op_key_agreement_destroy(ka);
return FALSE;
}
botan_pk_op_key_agreement_destroy(ka);
return TRUE;
}

13
src/libstrongswan/plugins/botan/botan_util.h
View File

@ -100,4 +100,17 @@ bool botan_get_fingerprint(botan_pubkey_t pubkey, void *cache,
bool botan_get_signature(botan_privkey_t key, const char *scheme,
chunk_t data, chunk_t *signature);
/**
* Do the Diffie-Hellman key derivation using the given private key and public
* value.
*
* Note that the public value is not verified in this function.
*
* @param key DH private key
* @param pub other's public value
* @param secret the derived secret (allocated on success)
* @return TRUE if derivation was successful
*/
bool botan_dh_key_derivation(botan_privkey_t key, chunk_t pub, chunk_t *secret);
#endif /** BOTAN_UTIL_H_ @}*/