sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-08 00:02:03 -04:00
Code Issues Projects Releases Wiki Activity

proposal: Add helper to check if additional key exchanges are contained

Browse Source
This commit is contained in:
Tobias Brunner 2019-11-05 17:03:42 +01:00 committed by Andreas Steffen
parent 4c3914b6f9
commit f5cda8967b
3 changed files with 50 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/libstrongswan/crypto/proposal/proposal.c
View File

@ -1409,3 +1409,27 @@ proposal_t *proposal_select(linked_list_t *configured, linked_list_t *supplied,
}
return selected;
}
/*
* Described in header
*/
bool proposal_has_additional_ke(proposal_t *public)
{
private_proposal_t *this = (private_proposal_t*)public;
enumerator_t *enumerator;
entry_t *entry;
bool found = FALSE;
enumerator = array_create_enumerator(this->transforms);
while (enumerator->enumerate(enumerator, &entry))
{
if (entry->type != KEY_EXCHANGE_METHOD &&
is_ke_transform(entry->type))
{
found = TRUE;
break;
}
}
enumerator->destroy(enumerator);
return found;
}

8
src/libstrongswan/crypto/proposal/proposal.h
View File

@ -286,6 +286,14 @@ proposal_t *proposal_create_from_string(protocol_id_t protocol,
proposal_t *proposal_select(linked_list_t *configured, linked_list_t *supplied,
proposal_selection_flag_t flags);
/**
* Check whether this proposal algorithms for any additional key exchange
* method transform types.
*
* @return TRUE if found
*/
bool proposal_has_additional_ke(proposal_t *this);
/**
* printf hook function for proposal_t.
*

18
src/libstrongswan/tests/suites/test_proposal.c
View File

@ -473,6 +473,20 @@ START_TEST(test_unknown_transform_types_select_success)
}
END_TEST
START_TEST(test_proposal_has_additional_ke)
{
proposal_t *proposal;
proposal = proposal_create_from_string(PROTO_IKE, "aes128-sha256-ecp256");
ck_assert(!proposal_has_additional_ke(proposal));
proposal->destroy(proposal);
proposal = proposal_create_from_string(PROTO_IKE, "aes128-sha256-modp3072-ke1_ecp256");
ck_assert(proposal_has_additional_ke(proposal));
proposal->destroy(proposal);
}
END_TEST
START_TEST(test_chacha20_poly1305_key_length)
{
proposal_t *proposal;
@ -574,6 +588,10 @@ Suite *proposal_suite_create()
tcase_add_test(tc, test_unknown_transform_types_select_success);
suite_add_tcase(s, tc);
tc = tcase_create("proposal_has_additional_ke");
tcase_add_test(tc, test_proposal_has_additional_ke);
suite_add_tcase(s, tc);
tc = tcase_create("chacha20/poly1305");
tcase_add_test(tc, test_chacha20_poly1305_key_length);
suite_add_tcase(s, tc);