key-exchange: Add helper to concatenate shared secrets of several key exchanges

2025-10-03 00:00:24 -04:00 · 2020-04-09 11:36:30 +02:00 · 2020-04-09 11:36:30 +02:00 · c36eaf42da
commit c36eaf42da
parent ec0ec55070
2 changed files with 55 additions and 2 deletions
--- a/src/libstrongswan/crypto/key_exchange.c
+++ b/src/libstrongswan/crypto/key_exchange.c
@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2010-2019 Tobias Brunner
+ * Copyright (C) 2010-2020 Tobias Brunner
 * Copyright (C) 2005-2010 Martin Willi
 * Copyright (C) 2005 Jan Hutter
 *
@ -619,3 +619,43 @@ bool key_exchange_verify_pubkey(key_exchange_method_t ke, chunk_t value)
 	}
 	return valid;
 }
 /*
 * Described in header
 */
 bool key_exchange_concat_secrets(array_t *kes, chunk_t *first,
 								 chunk_t *others)
 {
 	key_exchange_t *ke;
 	chunk_t secret;
 	int i;
 	if (!array_count(kes))
 	{
 		return FALSE;
 	}
 	*first = chunk_empty;
 	*others = chunk_empty;
 	for (i = 0; i < array_count(kes); i++)
 	{
 		if (array_get(kes, i, &ke) &&
 			ke->get_shared_secret(ke, &secret))
 		{
 			if (i == 0)
 			{
 				*first = secret;
 			}
 			else
 			{
 				*others = chunk_cat("ss", *others, secret);
 			}
 		}
 		else
 		{
 			chunk_clear(first);
 			chunk_clear(others);
 			return FALSE;
 		}
 	}
 	return TRUE;
 }
--- a/src/libstrongswan/crypto/key_exchange.h
+++ b/src/libstrongswan/crypto/key_exchange.h
@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2010-2019 Tobias Brunner
+ * Copyright (C) 2010-2020 Tobias Brunner
 * Copyright (C) 2005-2007 Martin Willi
 * Copyright (C) 2005 Jan Hutter
 *
@ -29,6 +29,7 @@ typedef struct key_exchange_t key_exchange_t;
 typedef struct diffie_hellman_params_t diffie_hellman_params_t;
 #include <library.h>
 #include <collections/array.h>
 /**
 * Key exchange method.
@ -209,4 +210,16 @@ bool key_exchange_is_ecdh(key_exchange_method_t ke);
 */
 bool key_exchange_verify_pubkey(key_exchange_method_t ke, chunk_t value);
 /**
 * Return the first shared secret plus the concatenated additional shared
 * secrets of all the key exchange methods in the given array.
 *
 * @param kes			array of key_exchange_t*
 * @param secret		first shared secret (allocated)
 * @param add_secret	concatenated additional shared secrets (allocated)
 * @return				TRUE on success
 */
 bool key_exchange_concat_secrets(array_t *kes, chunk_t *secret,
 								 chunk_t *add_secret);
 #endif /** KEY_EXCHANGE_H_ @}*/