New upstream version 5.5.2

author: Yves-Alexis Perez <corsac@corsac.net> 2017-04-01 16:26:44 +0200
committer: Yves-Alexis Perez <corsac@corsac.net> 2017-04-01 16:26:44 +0200
commit: 05ddd767992d68bb38c7f16ece142e8c2e9ae016 (patch)
tree: 302c618be306d4ed3c7f9fc58a1f6aaad4dd252f /src/libstrongswan/crypto
parent: 25663e04c3ab01ef8dc9f906608282319cfea2db (diff)
download: vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.tar.gz
vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.zip
6 files changed, 161 insertions, 119 deletions
diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c
index 6dcb6cb33..820b8d1d8 100644
--- a/src/libstrongswan/crypto/diffie_hellman.c
+++ b/src/libstrongswan/crypto/diffie_hellman.c
@@ -32,7 +32,7 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_2048_BIT, ECP_521_BIT, MODP_1536_BIT,
 	"ECP_256",
 	"ECP_384",
 	"ECP_521");
-ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, ECP_512_BP, ECP_521_BIT,
+ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, CURVE_448, ECP_521_BIT,
 	"MODP_1024_160",
 	"MODP_2048_224",
 	"MODP_2048_256",
@@ -41,8 +41,10 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, ECP_512_BP, ECP_521_BIT,
 	"ECP_224_BP",
 	"ECP_256_BP",
 	"ECP_384_BP",
-	"ECP_512_BP");
-ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_NULL, ECP_512_BP,
+	"ECP_512_BP",
+	"CURVE_25519",
+	"CURVE_448");
+ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_NULL, CURVE_448,
 	"MODP_NULL");
 ENUM_NEXT(diffie_hellman_group_names, NTRU_112_BIT, NTRU_256_BIT, MODP_NULL,
 	"NTRU_112",
@@ -552,6 +554,12 @@ bool diffie_hellman_verify_value(diffie_hellman_group_t group, chunk_t value)
 		case ECP_521_BIT:
 			valid = value.len == 132;
 			break;
+		case CURVE_25519:
+			valid = value.len == 32;
+			break;
+		case CURVE_448:
+			valid = value.len == 56;
+			break;
 		case NTRU_112_BIT:
 		case NTRU_128_BIT:
 		case NTRU_192_BIT:
diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h
index f457153c9..1a8110abb 100644
--- a/src/libstrongswan/crypto/diffie_hellman.h
+++ b/src/libstrongswan/crypto/diffie_hellman.h
@@ -37,6 +37,7 @@ typedef struct diffie_hellman_params_t diffie_hellman_params_t;
  *
  * ECP groups are defined in RFC 4753 and RFC 5114.
  * ECC Brainpool groups are defined in RFC 6954.
+ * Curve25519 and Curve448 groups are defined in RFC 8031.
  */
 enum diffie_hellman_group_t {
 	MODP_NONE     =  0,
@@ -60,6 +61,8 @@ enum diffie_hellman_group_t {
 	ECP_256_BP    = 28,
 	ECP_384_BP    = 29,
 	ECP_512_BP    = 30,
+	CURVE_25519   = 31,
+	CURVE_448     = 32,
 	/** insecure NULL diffie hellman group for testing, in PRIVATE USE */
 	MODP_NULL = 1024,
 	/** MODP group with custom generator/prime */
diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c
index d136799d7..26aab0ccc 100644
--- a/src/libstrongswan/crypto/hashers/hasher.c
+++ b/src/libstrongswan/crypto/hashers/hasher.c
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2012-2015 Tobias Brunner
- * Copyright (C) 2015-2016 Andreas Steffen
+ * Copyright (C) 2015-2017 Andreas Steffen
  * Copyright (C) 2005-2006 Martin Willi
  * Copyright (C) 2005 Jan Hutter
  * HSR Hochschule fuer Technik Rapperswil
@@ -20,12 +20,13 @@
 
 #include <asn1/oid.h>
 
-ENUM_BEGIN(hash_algorithm_names, HASH_SHA1, HASH_SHA512,
+ENUM_BEGIN(hash_algorithm_names, HASH_SHA1, HASH_IDENTITY,
 	"HASH_SHA1",
 	"HASH_SHA256",
 	"HASH_SHA384",
-	"HASH_SHA512");
-ENUM_NEXT(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_SHA512,
+	"HASH_SHA512",
+	"HASH_IDENTITY");
+ENUM_NEXT(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
 	"HASH_UNKNOWN",
 	"HASH_MD2",
 	"HASH_MD4",
@@ -37,12 +38,13 @@ ENUM_NEXT(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_SHA512,
 	"HASH_SHA3_512");
 ENUM_END(hash_algorithm_names, HASH_SHA3_512);
 
-ENUM_BEGIN(hash_algorithm_short_names, HASH_SHA1, HASH_SHA512,
+ENUM_BEGIN(hash_algorithm_short_names, HASH_SHA1, HASH_IDENTITY,
 	"sha1",
 	"sha256",
 	"sha384",
-	"sha512");
-ENUM_NEXT(hash_algorithm_short_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_SHA512,
+	"sha512",
+	"identity");
+ENUM_NEXT(hash_algorithm_short_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
 	"unknown",
 	"md2",
 	"md4",
@@ -94,6 +96,9 @@ hash_algorithm_t hasher_algorithm_from_oid(int oid)
 		case OID_SHA3_512:
 		case OID_RSASSA_PKCS1V15_WITH_SHA3_512:
 			return HASH_SHA3_512;
+		case OID_ED25519:
+		case OID_ED448:
+			return HASH_IDENTITY;
 		default:
 			return HASH_UNKNOWN;
 	}
@@ -267,6 +272,7 @@ integrity_algorithm_t hasher_algorithm_to_integrity(hash_algorithm_t alg,
 		case HASH_SHA3_256:
 		case HASH_SHA3_384:
 		case HASH_SHA3_512:
+		case HASH_IDENTITY:
 		case HASH_UNKNOWN:
 			break;
 	}
@@ -280,6 +286,7 @@ bool hasher_algorithm_for_ikev2(hash_algorithm_t alg)
 {
 	switch (alg)
 	{
+		case HASH_IDENTITY:
 		case HASH_SHA1:
 		case HASH_SHA256:
 		case HASH_SHA384:
@@ -396,6 +403,22 @@ int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key)
 				default:
 					return OID_UNKNOWN;
 			}
+		case KEY_ED25519:
+			switch (alg)
+			{
+				case HASH_IDENTITY:
+					return OID_ED25519;
+				default:
+					return OID_UNKNOWN;
+			}
+		case KEY_ED448:
+			switch (alg)
+			{
+				case HASH_IDENTITY:
+					return OID_ED448;
+				default:
+					return OID_UNKNOWN;
+			}
 		case KEY_BLISS:
 			switch (alg)
 			{
@@ -430,6 +453,9 @@ hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme)
 		case SIGN_RSA_EMSA_PKCS1_NULL:
 		case SIGN_ECDSA_WITH_NULL:
 			break;
+		case SIGN_ED25519:
+		case SIGN_ED448:
+			return HASH_IDENTITY;
 		case SIGN_RSA_EMSA_PKCS1_MD5:
 			return HASH_MD5;
 		case SIGN_RSA_EMSA_PKCS1_SHA1:
diff --git a/src/libstrongswan/crypto/hashers/hasher.h b/src/libstrongswan/crypto/hashers/hasher.h
index 2d28b207d..ec0c6320b 100644
--- a/src/libstrongswan/crypto/hashers/hasher.h
+++ b/src/libstrongswan/crypto/hashers/hasher.h
@@ -1,8 +1,9 @@
 /*
+ * Copyright (C) 2016-2017 Andreas Steffen
  * Copyright (C) 2012-2015 Tobias Brunner
  * Copyright (C) 2005-2006 Martin Willi
  * Copyright (C) 2005 Jan Hutter
- * Hochschule fuer Technik Rapperswil
+ * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by the
@@ -32,13 +33,16 @@ typedef struct hasher_t hasher_t;
 #include <credentials/keys/public_key.h>
 
 /**
- * Hash algorithms as defined for IKEv2 by RFC 7427
+ * Hash algorithms as defined for IKEv2
  */
 enum hash_algorithm_t {
+	/* RFC 7427 */
 	HASH_SHA1 			= 1,
 	HASH_SHA256			= 2,
 	HASH_SHA384			= 3,
 	HASH_SHA512			= 4,
+	/* draft-ietf-ipsecme-eddsa (RFC TBA) */
+	HASH_IDENTITY		= 5,
 	/* use private use range for algorithms not defined/permitted by RFC 7427 */
 	HASH_UNKNOWN 		= 1024,
 	HASH_MD2 			= 1025,
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
index b058ad288..420a66d7c 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c
@@ -59,12 +59,12 @@ struct proposal_token {
 	uint16_t          keysize;
 };
 
-#define TOTAL_KEYWORDS 141
+#define TOTAL_KEYWORDS 143
 #define MIN_WORD_LENGTH 3
 #define MAX_WORD_LENGTH 17
 #define MIN_HASH_VALUE 7
-#define MAX_HASH_VALUE 282
-/* maximum key range = 276, duplicates = 0 */
+#define MAX_HASH_VALUE 259
+/* maximum key range = 253, duplicates = 0 */
 
 #ifdef __GNUC__
 __inline
@@ -80,32 +80,32 @@ hash (str, len)
 {
   static const unsigned short asso_values[] =
     {
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283,  75,   2,
-       16,  16,  30,  26,   8,  35,   3,   1, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283,  29, 283,  10,   2,  16,
-       46,   1,  23,  78,   4,   4, 283, 283,   1,   9,
-        5,   2, 124, 117,  77, 106,  85,  27, 283, 283,
-        1, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283, 283, 283, 283,
-      283, 283, 283, 283, 283, 283, 283
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260,  73,   2,
+       16,  40,  30,  26,   8,  15,   3,   1, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 106, 260,   2,   2,  16,
+       46,  75,   1,  78,   2,   4, 260, 260,   1,  18,
+        7,   2, 164,   5,  94, 116,  23,  41, 260, 260,
+        1,   2, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260, 260, 260, 260,
+      260, 260, 260, 260, 260, 260, 260
     };
   register int hval = len;
 
@@ -145,19 +145,25 @@ hash (str, len)
 static const struct proposal_token wordlist[] =
   {
     {"null",             ENCRYPTION_ALGORITHM, ENCR_NULL,                 0},
+    {"esn",              EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS,      0},
+    {"x25519",           DIFFIE_HELLMAN_GROUP, CURVE_25519,               0},
+    {"prfsha1",          PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1,           0},
     {"noesn",            EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS,   0},
-    {"modpnone",         DIFFIE_HELLMAN_GROUP, MODP_NONE,                 0},
+    {"ecp521",           DIFFIE_HELLMAN_GROUP, ECP_521_BIT,               0},
+    {"sha",              INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA1_96,         0},
+    {"sha1",             INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA1_96,         0},
     {"aes128",           ENCRYPTION_ALGORITHM, ENCR_AES_CBC,            128},
-    {"esn",              EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS,      0},
     {"ntru128",          DIFFIE_HELLMAN_GROUP, NTRU_128_BIT,              0},
     {"md5",              INTEGRITY_ALGORITHM,  AUTH_HMAC_MD5_96,          0},
     {"modp8192",         DIFFIE_HELLMAN_GROUP, MODP_8192_BIT,             0},
     {"md5_128",          INTEGRITY_ALGORITHM,  AUTH_HMAC_MD5_128,         0},
+    {"ecp192",           DIFFIE_HELLMAN_GROUP, ECP_192_BIT,               0},
     {"aes192",           ENCRYPTION_ALGORITHM, ENCR_AES_CBC,            192},
+    {"prfsha256",        PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256,       0},
+    {"modp768",          DIFFIE_HELLMAN_GROUP, MODP_768_BIT,              0},
     {"ntru192",          DIFFIE_HELLMAN_GROUP, NTRU_192_BIT,              0},
     {"ntru112",          DIFFIE_HELLMAN_GROUP, NTRU_112_BIT,              0},
-    {"modpnull",         DIFFIE_HELLMAN_GROUP, MODP_NULL,                 0},
-    {"ecp521",           DIFFIE_HELLMAN_GROUP, ECP_521_BIT,               0},
+    {"ecp256",           DIFFIE_HELLMAN_GROUP, ECP_256_BIT,               0},
     {"aes256",           ENCRYPTION_ALGORITHM, ENCR_AES_CBC,            256},
     {"aes192ccm8",       ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8,       192},
     {"aes192ccm128",     ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16,      192},
@@ -168,17 +174,18 @@ static const struct proposal_token wordlist[] =
     {"aes128ccm96",      ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12,      128},
     {"aes128ccm16",      ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16,      128},
     {"aesxcbc",          INTEGRITY_ALGORITHM,  AUTH_AES_XCBC_96,          0},
+    {"prfsha512",        PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512,       0},
     {"aescmac",          INTEGRITY_ALGORITHM,  AUTH_AES_CMAC_96,          0},
-    {"modp768",          DIFFIE_HELLMAN_GROUP, MODP_768_BIT,              0},
-    {"ecp192",           DIFFIE_HELLMAN_GROUP, ECP_192_BIT,               0},
+    {"camellia",         ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC,       128},
+    {"sha512",           INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_512_256,    0},
     {"aes192ccm12",      ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12,      192},
-    {"modp1536",         DIFFIE_HELLMAN_GROUP, MODP_1536_BIT,             0},
+    {"modpnull",         DIFFIE_HELLMAN_GROUP, MODP_NULL,                 0},
     {"aes128ccm12",      ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12,      128},
     {"ntru256",          DIFFIE_HELLMAN_GROUP, NTRU_256_BIT,              0},
     {"aes256ccm8",       ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8,       256},
     {"aes256ccm128",     ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16,      256},
-    {"camellia",         ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC,       128},
-    {"ecp256",           DIFFIE_HELLMAN_GROUP, ECP_256_BIT,               0},
+    {"ecp384",           DIFFIE_HELLMAN_GROUP, ECP_384_BIT,               0},
+    {"sha256",           INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_256_128,    0},
     {"aes256ccm96",      ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12,      256},
     {"aes256ccm16",      ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16,      256},
     {"camellia192ccm8",  ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8,  192},
@@ -189,29 +196,29 @@ static const struct proposal_token wordlist[] =
     {"camellia192",      ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC,       192},
     {"aes256ccm12",      ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12,      256},
     {"camellia128",      ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC,       128},
-    {"modp6144",         DIFFIE_HELLMAN_GROUP, MODP_6144_BIT,             0},
+    {"ecp224",           DIFFIE_HELLMAN_GROUP, ECP_224_BIT,               0},
     {"aes192ccm64",      ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8,       192},
+    {"modp6144",         DIFFIE_HELLMAN_GROUP, MODP_6144_BIT,             0},
     {"aes128ccm64",      ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8,       128},
     {"camellia192ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192},
+    {"prfsha384",        PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384,       0},
     {"camellia128ccm8",  ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8,  128},
     {"camellia128ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
-    {"sha1",             INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA1_96,         0},
-    {"ecp384",           DIFFIE_HELLMAN_GROUP, ECP_384_BIT,               0},
+    {"modp1536",         DIFFIE_HELLMAN_GROUP, MODP_1536_BIT,             0},
+    {"sha384",           INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_384_192,    0},
     {"camellia128ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
     {"camellia128ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128},
     {"camelliaxcbc",     INTEGRITY_ALGORITHM,  AUTH_CAMELLIA_XCBC_96,     0},
     {"camellia256",      ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC,       256},
-    {"sha",              INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA1_96,         0},
     {"camellia256ccm8",  ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8,  256},
     {"camellia256ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
     {"aes256ccm64",      ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8,       256},
     {"camellia128ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128},
     {"camellia256ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
     {"camellia256ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256},
-    {"ecp224",           DIFFIE_HELLMAN_GROUP, ECP_224_BIT,               0},
+    {"modpnone",         DIFFIE_HELLMAN_GROUP, MODP_NONE,                 0},
     {"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8,  192},
-    {"des",              ENCRYPTION_ALGORITHM, ENCR_DES,                  0},
-    {"aes",              ENCRYPTION_ALGORITHM, ENCR_AES_CBC,            128},
+    {"prfmd5",           PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5,            0},
     {"camellia256ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256},
     {"aes192gcm8",       ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8,       192},
     {"aes192gcm128",     ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16,      192},
@@ -221,103 +228,95 @@ static const struct proposal_token wordlist[] =
     {"aes192gcm16",      ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16,      192},
     {"aes128gcm96",      ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12,      128},
     {"aes128gcm16",      ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16,      128},
-    {"aes192ctr",        ENCRYPTION_ALGORITHM, ENCR_AES_CTR,            192},
+    {"aes",              ENCRYPTION_ALGORITHM, ENCR_AES_CBC,            128},
     {"camellia128ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8,  128},
-    {"aes128ctr",        ENCRYPTION_ALGORITHM, ENCR_AES_CTR,            128},
-    {"sha512",           INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_512_256,    0},
     {"aes192gcm12",      ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12,      192},
     {"modp4096",         DIFFIE_HELLMAN_GROUP, MODP_4096_BIT,             0},
     {"aes128gcm12",      ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12,      128},
     {"aes256gcm8",       ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8,       256},
     {"aes256gcm128",     ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16,      256},
     {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8,  256},
-    {"sha256",           INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_256_128,    0},
     {"aes256gcm96",      ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12,      256},
     {"aes256gcm16",      ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16,      256},
     {"modp1024",         DIFFIE_HELLMAN_GROUP, MODP_1024_BIT,             0},
     {"modp2048",         DIFFIE_HELLMAN_GROUP, MODP_2048_BIT,             0},
-    {"aes256ctr",        ENCRYPTION_ALGORITHM, ENCR_AES_CTR,            256},
+    {"aes192ctr",        ENCRYPTION_ALGORITHM, ENCR_AES_CTR,            192},
     {"aes192gmac",       ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192},
-    {"3des",             ENCRYPTION_ALGORITHM, ENCR_3DES,                 0},
+    {"aes128ctr",        ENCRYPTION_ALGORITHM, ENCR_AES_CTR,            128},
     {"aes128gmac",       ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128},
-    {"prfsha1",          PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1,           0},
     {"aes256gcm12",      ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12,      256},
-    {"camellia192ctr",   ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR,       192},
-    {"newhope128",       DIFFIE_HELLMAN_GROUP, NH_128_BIT,                0},
+    {"serpent128",       ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC,        128},
     {"aes192gcm64",      ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8,       192},
+    {"blowfish",         ENCRYPTION_ALGORITHM, ENCR_BLOWFISH,           128},
     {"aes128gcm64",      ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8,       128},
-    {"twofish",          ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC,        128},
-    {"sha384",           INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_384_192,    0},
-    {"modp3072",         DIFFIE_HELLMAN_GROUP, MODP_3072_BIT,             0},
+    {"3des",             ENCRYPTION_ALGORITHM, ENCR_3DES,                 0},
+    {"prfcamelliaxcbc",  PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC,    0},
+    {"serpent256",       ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC,        256},
+    {"aes256ctr",        ENCRYPTION_ALGORITHM, ENCR_AES_CTR,            256},
     {"aes256gmac",       ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256},
-    {"twofish128",       ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC,        128},
-    {"camellia128ctr",   ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR,       128},
-    {"blowfish",         ENCRYPTION_ALGORITHM, ENCR_BLOWFISH,           128},
+    {"serpent",          ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC,        128},
+    {"modp3072",         DIFFIE_HELLMAN_GROUP, MODP_3072_BIT,             0},
+    {"camellia192ctr",   ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR,       192},
     {"modp2048s256",     DIFFIE_HELLMAN_GROUP, MODP_2048_256,             0},
     {"aes256gcm64",      ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8,       256},
-    {"prfsha256",        PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256,       0},
+    {"blowfish192",      ENCRYPTION_ALGORITHM, ENCR_BLOWFISH,           192},
+    {"blowfish128",      ENCRYPTION_ALGORITHM, ENCR_BLOWFISH,           128},
+    {"serpent192",       ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC,        192},
+    {"twofish",          ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC,        128},
+    {"curve25519",       DIFFIE_HELLMAN_GROUP, CURVE_25519,               0},
+    {"camellia128ctr",   ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR,       128},
+    {"twofish128",       ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC,        128},
     {"sha256_96",        INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_256_96,     0},
     {"sha2_512",         INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_512_256,    0},
-    {"twofish256",       ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC,        256},
+    {"blowfish256",      ENCRYPTION_ALGORITHM, ENCR_BLOWFISH,           256},
+    {"chacha20poly1305", ENCRYPTION_ALGORITHM, ENCR_CHACHA20_POLY1305,  256},
+    {"modp2048s224",     DIFFIE_HELLMAN_GROUP, MODP_2048_224,             0},
+    {"modp1024s160",     DIFFIE_HELLMAN_GROUP, MODP_1024_160,             0},
     {"camellia256ctr",   ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR,       256},
-    {"sha2_384",         INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_384_192,    0},
     {"sha2_256",         INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_256_128,    0},
-    {"ecp512bp",         DIFFIE_HELLMAN_GROUP, ECP_512_BP,                0},
+    {"twofish256",       ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC,        256},
     {"sha2_256_96",      INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_256_96,     0},
-    {"blowfish192",      ENCRYPTION_ALGORITHM, ENCR_BLOWFISH,           192},
-    {"blowfish128",      ENCRYPTION_ALGORITHM, ENCR_BLOWFISH,           128},
-    {"prfsha512",        PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512,       0},
+    {"ecp512bp",         DIFFIE_HELLMAN_GROUP, ECP_512_BP,                0},
+    {"des",              ENCRYPTION_ALGORITHM, ENCR_DES,                  0},
     {"twofish192",       ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC,        192},
-    {"modp2048s224",     DIFFIE_HELLMAN_GROUP, MODP_2048_224,             0},
-    {"prfsha384",        PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384,       0},
-    {"modp1024s160",     DIFFIE_HELLMAN_GROUP, MODP_1024_160,             0},
-    {"prfcamelliaxcbc",  PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC,    0},
     {"ecp384bp",         DIFFIE_HELLMAN_GROUP, ECP_384_BP,                0},
     {"ecp256bp",         DIFFIE_HELLMAN_GROUP, ECP_256_BP,                0},
-    {"serpent128",       ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC,        128},
-    {"blowfish256",      ENCRYPTION_ALGORITHM, ENCR_BLOWFISH,           256},
-    {"chacha20poly1305", ENCRYPTION_ALGORITHM, ENCR_CHACHA20_POLY1305,  256},
-    {"serpent256",       ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC,        256},
-    {"ecp224bp",         DIFFIE_HELLMAN_GROUP, ECP_224_BP,                0},
+    {"sha2_384",         INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA2_384_192,    0},
     {"sha1_160",         INTEGRITY_ALGORITHM,  AUTH_HMAC_SHA1_160,        0},
-    {"serpent192",       ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC,        192},
-    {"prfmd5",           PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5,            0},
+    {"ecp224bp",         DIFFIE_HELLMAN_GROUP, ECP_224_BP,                0},
     {"prfaesxcbc",       PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC,         0},
-    {"serpent",          ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC,        128},
-    {"prfaescmac",       PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC,         0}
+    {"prfaescmac",       PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC,         0},
+    {"newhope128",       DIFFIE_HELLMAN_GROUP, NH_128_BIT,                0}
   };
 
 static const short lookup[] =
   {
      -1,  -1,  -1,  -1,  -1,  -1,  -1,   0,  -1,  -1,
-     -1,  -1,  -1,  -1,  -1,  -1,  -1,   1,  -1,  -1,
-     -1,  -1,  -1,  -1,  -1,  -1,   2,  -1,  -1,  -1,
-      3,   4,  -1,   5,   6,   7,   8,  -1,  -1,  -1,
-     -1,   9,  -1,  -1,  10,  11,  -1,  12,  -1,  13,
-     14,  15,  16,  17,  18,  19,  20,  21,  22,  23,
-     24,  25,  26,  -1,  27,  28,  29,  30,  31,  32,
-     33,  34,  35,  36,  37,  38,  -1,  39,  40,  41,
-     42,  43,  44,  45,  46,  -1,  47,  48,  -1,  49,
-     50,  51,  52,  53,  54,  -1,  55,  56,  57,  58,
-     59,  60,  61,  62,  63,  64,  -1,  65,  -1,  -1,
-     66,  67,  68,  69,  70,  71,  72,  73,  74,  75,
-     76,  77,  78,  79,  -1,  80,  81,  82,  83,  -1,
-     84,  85,  86,  87,  88,  89,  90,  91,  92,  93,
-     94,  95,  96,  97,  98,  99, 100,  -1, 101,  -1,
-     -1,  -1, 102,  -1, 103, 104, 105, 106,  -1, 107,
-     -1, 108, 109, 110, 111, 112, 113, 114,  -1, 115,
-     -1, 116, 117,  -1,  -1, 118, 119, 120,  -1, 121,
-     -1,  -1, 122, 123, 124,  -1, 125, 126, 127,  -1,
-    128, 129, 130,  -1, 131, 132,  -1,  -1,  -1,  -1,
-     -1,  -1, 133, 134,  -1,  -1,  -1, 135,  -1,  -1,
-     -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1, 136,  -1,
-     -1, 137,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,
-     -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,
-     -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,
-     -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,
-     -1,  -1,  -1,  -1,  -1,  -1,  -1, 138, 139,  -1,
+     -1,   1,   2,  -1,  -1,  -1,  -1,  -1,  -1,  -1,
+      3,   4,  -1,  -1,  -1,  -1,  -1,   5,   6,   7,
+      8,  -1,  -1,   9,  -1,  -1,  10,  11,  12,  -1,
+     13,  14,  15,  16,  17,  18,  -1,  -1,  -1,  19,
+     20,  21,  22,  23,  24,  25,  26,  27,  28,  29,
+     30,  31,  32,  33,  34,  35,  36,  37,  38,  39,
+     40,  41,  42,  43,  44,  45,  -1,  46,  47,  48,
+     49,  50,  51,  52,  53,  54,  55,  56,  57,  58,
+     59,  60,  61,  62,  63,  -1,  64,  65,  -1,  66,
+     67,  68,  69,  70,  71,  -1,  72,  73,  -1,  74,
+     -1,  -1,  75,  76,  77,  78,  79,  80,  81,  82,
+     83,  84,  85,  -1,  -1,  -1,  86,  87,  88,  -1,
+     89,  90,  91,  -1,  92,  93,  94,  95,  96,  97,
+     98,  99,  -1, 100, 101,  -1, 102, 103, 104,  -1,
+    105, 106,  -1,  -1, 107, 108, 109,  -1, 110, 111,
+     -1, 112, 113, 114,  -1, 115,  -1, 116,  -1,  -1,
+    117,  -1, 118,  -1,  -1, 119, 120,  -1,  -1, 121,
+    122, 123, 124, 125, 126, 127, 128, 129,  -1, 130,
+     -1, 131,  -1, 132, 133,  -1,  -1,  -1,  -1,  -1,
+     -1,  -1,  -1,  -1,  -1, 134,  -1,  -1, 135, 136,
+    137,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,
+    138, 139,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,
+     -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1, 140,
      -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,  -1,
-     -1,  -1, 140
+     -1,  -1,  -1,  -1, 141,  -1,  -1,  -1,  -1, 142
   };
 
 #ifdef __GNUC__
diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
index 3ac772962..c44ed96a0 100644
--- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
+++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt
@@ -163,6 +163,8 @@ ecp224bp,         DIFFIE_HELLMAN_GROUP, ECP_224_BP,                0
 ecp256bp,         DIFFIE_HELLMAN_GROUP, ECP_256_BP,                0
 ecp384bp,         DIFFIE_HELLMAN_GROUP, ECP_384_BP,                0
 ecp512bp,         DIFFIE_HELLMAN_GROUP, ECP_512_BP,                0
+curve25519,       DIFFIE_HELLMAN_GROUP, CURVE_25519,               0
+x25519,           DIFFIE_HELLMAN_GROUP, CURVE_25519,               0
 ntru112,          DIFFIE_HELLMAN_GROUP, NTRU_112_BIT,              0
 ntru128,          DIFFIE_HELLMAN_GROUP, NTRU_128_BIT,              0
 ntru192,          DIFFIE_HELLMAN_GROUP, NTRU_192_BIT,              0
author	Yves-Alexis Perez <corsac@corsac.net>	2017-04-01 16:26:44 +0200
committer	Yves-Alexis Perez <corsac@corsac.net>	2017-04-01 16:26:44 +0200
commit	05ddd767992d68bb38c7f16ece142e8c2e9ae016 (patch)
tree	302c618be306d4ed3c7f9fc58a1f6aaad4dd252f /src/libstrongswan/crypto
parent	25663e04c3ab01ef8dc9f906608282319cfea2db (diff)
download	vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.tar.gz vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.zip