sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity

botan: Move shared secret calculation to get_shared_secret()

Browse Source
This commit is contained in:
Tobias Brunner 2021-07-23 14:53:15 +02:00 committed by Andreas Steffen
parent 156e391192
commit bc36e255e7
3 changed files with 39 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
src/libstrongswan/plugins/botan/botan_diffie_hellman.c
View File

@ -54,7 +54,12 @@ struct private_botan_diffie_hellman_t {
/**
* Private key
*/
botan_privkey_t dh_key;
botan_privkey_t key;
/**
* Public key value provided by peer
*/
chunk_t pubkey;
/**
* Diffie hellman shared secret
@ -84,8 +89,8 @@ bool load_private_key(private_botan_diffie_hellman_t *this, chunk_t value)
return FALSE;
}
if (botan_privkey_destroy(this->dh_key) ||
botan_privkey_load_dh(&this->dh_key, this->p, this->g, xa))
if (botan_privkey_destroy(this->key) ||
botan_privkey_load_dh(&this->key, this->p, this->g, xa))
{
botan_mp_destroy(xa);
return FALSE;
@ -102,9 +107,9 @@ METHOD(key_exchange_t, set_public_key, bool,
return FALSE;
}
chunk_clear(&this->shared_secret);
return botan_dh_key_derivation(this->dh_key, value, &this->shared_secret);
chunk_clear(&this->pubkey);
this->pubkey = chunk_clone(value);
return TRUE;
}
METHOD(key_exchange_t, get_public_key, bool,
@ -113,14 +118,14 @@ METHOD(key_exchange_t, get_public_key, bool,
*value = chunk_empty;
/* get key size of public key first */
if (botan_pk_op_key_agreement_export_public(this->dh_key, NULL, &value->len)
if (botan_pk_op_key_agreement_export_public(this->key, NULL, &value->len)
!= BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE)
{
return FALSE;
}
*value = chunk_alloc(value->len);
if (botan_pk_op_key_agreement_export_public(this->dh_key, value->ptr,
if (botan_pk_op_key_agreement_export_public(this->key, value->ptr,
&value->len))
{
chunk_clear(value);
@ -139,7 +144,8 @@ METHOD(key_exchange_t, set_seed, bool,
METHOD(key_exchange_t, get_shared_secret, bool,
private_botan_diffie_hellman_t *this, chunk_t *secret)
{
if (!this->shared_secret.len)
if (!this->shared_secret.len &&
!botan_dh_key_derivation(this->key, this->pubkey, &this->shared_secret))
{
return FALSE;
}
@ -158,8 +164,9 @@ METHOD(key_exchange_t, destroy, void,
{
botan_mp_destroy(this->p);
botan_mp_destroy(this->g);
botan_privkey_destroy(this->dh_key);
botan_privkey_destroy(this->key);
chunk_clear(&this->shared_secret);
chunk_clear(&this->pubkey);
free(this);
}

17
src/libstrongswan/plugins/botan/botan_ec_diffie_hellman.c
View File

@ -60,6 +60,11 @@ struct private_botan_ec_diffie_hellman_t {
*/
botan_privkey_t key;
/**
* Public key value provided by peer
*/
chunk_t pubkey;
/**
* Shared secret
*/
@ -74,12 +79,10 @@ METHOD(key_exchange_t, set_public_key, bool,
return FALSE;
}
chunk_clear(&this->shared_secret);
chunk_clear(&this->pubkey);
/* prepend 0x04 to indicate uncompressed point format */
value = chunk_cata("cc", chunk_from_chars(0x04), value);
return botan_dh_key_derivation(this->key, value, &this->shared_secret);
this->pubkey = chunk_cat("cc", chunk_from_chars(0x04), value);
return TRUE;
}
METHOD(key_exchange_t, get_public_key, bool,
@ -135,7 +138,8 @@ METHOD(key_exchange_t, set_seed, bool,
METHOD(key_exchange_t, get_shared_secret, bool,
private_botan_ec_diffie_hellman_t *this, chunk_t *secret)
{
if (!this->shared_secret.len)
if (!this->shared_secret.len &&
!botan_dh_key_derivation(this->key, this->pubkey, &this->shared_secret))
{
return FALSE;
}
@ -154,6 +158,7 @@ METHOD(key_exchange_t, destroy, void,
{
botan_privkey_destroy(this->key);
chunk_clear(&this->shared_secret);
chunk_clear(&this->pubkey);
free(this);
}

15
src/libstrongswan/plugins/botan/botan_x25519.c
View File

@ -50,6 +50,11 @@ struct private_diffie_hellman_t {
*/
botan_privkey_t key;
/**
* Public key value provided by peer
*/
chunk_t pubkey;
/**
* Shared secret
*/
@ -64,9 +69,9 @@ METHOD(key_exchange_t, set_public_key, bool,
return FALSE;
}
chunk_clear(&this->shared_secret);
return botan_dh_key_derivation(this->key, value, &this->shared_secret);
chunk_clear(&this->pubkey);
this->pubkey = chunk_clone(value);
return TRUE;
}
METHOD(key_exchange_t, get_public_key, bool,
@ -114,7 +119,8 @@ METHOD(key_exchange_t, set_seed, bool,
METHOD(key_exchange_t, get_shared_secret, bool,
private_diffie_hellman_t *this, chunk_t *secret)
{
if (!this->shared_secret.len)
if (!this->shared_secret.len &&
!botan_dh_key_derivation(this->key, this->pubkey, &this->shared_secret))
{
return FALSE;
}
@ -133,6 +139,7 @@ METHOD(key_exchange_t, destroy, void,
{
botan_privkey_destroy(this->key);
chunk_clear(&this->shared_secret);
chunk_clear(&this->pubkey);
free(this);
}