sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity
18,086 Commits 101 Branches 327 Tags
Commit Graph

18086 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Steffen
3b864166e1 key-exchange: Added NIST round 2 submission KEM candidates 2021-10-18 18:49:12 +02:00
Tobias Brunner
211c4db369 wip: ike-init: Indicate support for IKE_INTERMEDIATE 
wip: Not strictly necessary. I guess we should also add some checks if
the notify was not received.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
f1d342456d proposal: Prevent selection of duplicate key exchange methods 
All additional (and the initial) key exchanges must use a different method.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
d48390c362 proposal: Add helper to check if additional key exchanges are contained 2021-10-18 18:49:12 +02:00
Tobias Brunner
946a6417ce proposal: Accept NONE for additional key exchanges also for IKE proposals 2021-10-18 18:49:12 +02:00
Tobias Brunner
50f5079387 unit-tests: Add tests for CHILD_SA rekeying with multiple key exchanges 2021-10-18 18:49:12 +02:00
Tobias Brunner
4631026dc8 unit-tests: Add tests for CHILD_SA creation with multiple key exchanges 2021-10-18 18:49:12 +02:00
Tobias Brunner
a40074dde1 unit-tests: Tests for additional key exchanges 2021-10-18 18:49:12 +02:00
Tobias Brunner
5181b47b08 unit-tests: Support multiple proposals in exchange tests 2021-10-18 18:49:12 +02:00
Tobias Brunner
7aed87e78c unit-tests: Hand out an actual shared secret in mock KE implementation 
Makes key derivation a bit more realistic.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
cbb5d4e33a proposal: Add prefix for additional key exchanges when logging proposals 2021-10-18 18:49:12 +02:00
Tobias Brunner
caa87d26e0 key-exchange: Add dynamic parser for additional key exchange methods 2021-10-18 18:49:12 +02:00
Tobias Brunner
e44b7695c9 child-rekey: Support CHILD_SA rekeying with multiple key exchanges 2021-10-18 18:49:12 +02:00
Tobias Brunner
ce4a3d6d75 child-sa: Cache and forward actual initiator flag for outbound SA 
Kernel interfaces (e.g. TKM) might rely on this flag to be correct.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
83721e865e unit-tests: Fix CHILD_SA rekey tests after INVALID_KE_PAYLOAD handling changes 
The responder doesn't create a CHILD_SA and allocate an SPI anymore
when responding with an INVALID_KE_PAYLOAD notify.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
985c09f295 child-create: Add support for multiple key exchanges 
It also changes that payloads are built before installing the CHILD_SA on
the responder, that is, the KE payload is generated before keys are derived,
so that key_exchange_t::get_public_key() is called before get_shared_secret(),
or it's internal equivalent, which could be relevant for KE implementations
that want to ensure that the key can't be used again after the key
derivation.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
bc2cb82d7f ike-rekey: Support IKE_SA rekeying with multiple key exchanges 2021-10-18 18:49:12 +02:00
Tobias Brunner
db139a02cb ikev2: Send deletes also for rekeyed SAs 
This way we can use the IKE_REKEYED state for both redundant and old SAs
to suppress ike_updown().

In the ike-delete task we don't suppress events in state IKE_REKEYING as
that's the case when we delete an SA the peer is currently rekeying with
multiple key exchanges.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
3baf713767 ikev2: Let ike/child-rekey tasks indicate if the passive task was adopted 
This gives us more flexibility with tasks that return NEED_MORE (currently
none of the colliding tasks do, but that will change with multi-KE
rekeyings).  The active task has to check itself if the passive task is
done and should be removed from the task manager.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
5673eb57d0 ike-rekey: Remove collision task type checks 
Since f67199378df9 ("ike-rekey: Handle undetected collisions also if
delete is delayed") we only ever track tasks of type TASK_IKE_REKEY, so
there is no need to check the type or use the generic task_t interface.

Also changed some of the comments to clarify collision handling.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
6c739d8bb7 ike-rekey: Don't actively rekey already rekeyed SAs 
If the peer successfully rekeyed the SA it gets marked as IKE_REKEYED
and it remains until the peer deletes it (or a timeout).  There is no
point in rekeying such SAs again.

IKE_REKEYING will be relevant if we have multi-KE rekeyings and are
waiting for followup key exchanges for a passive rekeying.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
4afd6d1726 ike-init: Ignore COOKIE payloads during rekeying 
This ensures that process_i() only returns NEED_MORE due to multiple
key exchanges or an INVALID_KE_PAYLOAD notify.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
8378077602 ike-init: Add support for multiple key exchanges 
Initially, this is handled with a key derivation for each
IKE_INTERMEDIATE exchange.  When rekeying the keys are derived only when
all IKE_FOLLOWUP_KE exchanges are done.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
e6535ecb03 bus: Support multiple key exchanges in ike/child_keys() events 2021-10-18 18:49:12 +02:00
Tobias Brunner
36d101f7e6 keymat_v2: Support key derivation with multiple key exchanges 2021-10-18 18:49:12 +02:00
Tobias Brunner
d9d0864349 key-exchange: Add helper to concatenate shared secrets of several key exchanges 2021-10-18 18:49:12 +02:00
Tobias Brunner
dcd5c945b5 keymat_v2: Proper cleanup if derive_ike_keys() is called multiple times 2021-10-18 18:49:12 +02:00
Tobias Brunner
5727ab2390 ike-sa-manager: Log SPIs when checking in an IKE_SA 2021-10-18 18:49:12 +02:00
Tobias Brunner
c52413e71e ikev2: Use hashes to detect retransmits 
We avoid parsing messages with unexpected message IDs.  This allows us to
process and detect retransmits of messages for which we don't have the keys
anymore (i.e. IKE_INTERMEDIATE after IKE_SA_INIT and changing the keys).

This also changes how retransmits for fragmented messages are triggered,
previously we waited for all fragments and reconstructed the message
before retransmitting the response.  Now we only track the first
fragment and if we receive a retransmit of it respond immediately
without waiting for other fragments (which are now ignored).  This is in
compliance with RFC 7383, section 2.6.1.
 2021-10-18 18:49:12 +02:00
Tobias Brunner
778f4e81cf ike-auth: Calculate and collect IntAuth for IKE_INTERMEDIATE exchanges 2021-10-18 18:49:12 +02:00
Tobias Brunner
58106bc07f pubkey-authenticator: Handle IntAuth data 2021-10-18 18:49:12 +02:00
Tobias Brunner
ddb77b9f75 psk-authenticator: Handle IntAuth data 2021-10-18 18:49:11 +02:00
Tobias Brunner
d82bd5e4fb eap-authenticator: Handle IntAuth data 2021-10-18 18:49:11 +02:00
Tobias Brunner
2ff825383c keymat_v2: Include optional IntAuth in signed octets 2021-10-18 18:49:11 +02:00
Tobias Brunner
e0dba02f88 authenticator: Add optional method to set IntAuth data 2021-10-18 18:49:11 +02:00
Tobias Brunner
5383899eb1 message: Add method to generate data to authenticate IKE_INTERMEDIATE exchanges 2021-10-18 18:49:11 +02:00
Tobias Brunner
16b6ae54d1 generator: Make pointer to length field optional 
Only useful if we generate an IKE header.
 2021-10-18 18:49:11 +02:00
Tobias Brunner
403977a521 message: Fix payload type in last unprotected payload of a fragmented message 2021-10-18 18:49:11 +02:00
Tobias Brunner
9708b2382d keymat_v2: Add method to calculate IntAuth for IKE_INTERMEDIATE exchanges 2021-10-18 18:49:11 +02:00
Tobias Brunner
8c7eee457e ike-rekey: Reset IKE_SA after processing CREATE_CHILD_SA request 
This probably didn't cause any problems, as there wasn't really anything
happening between the calls, but reset it anyway, just to be safe.
 2021-10-18 18:49:11 +02:00
Tobias Brunner
5a806b9b18 ikev2: Allow tasks to do work after processing requests/responses 2021-10-18 18:49:11 +02:00
Tobias Brunner
c9eb8a4498 task: Add optional post_process() method 
This will allows tasks to do some work after a message has been
processed.
 2021-10-18 18:49:11 +02:00
Tobias Brunner
6f847786cc ikev2: Allow tasks to do work after generating requests/responses 2021-10-18 18:49:11 +02:00
Tobias Brunner
5c0d987ce9 task: Add optional post_build() method 
This will allow tasks to do some work after the message has been
generated.
 2021-10-18 18:49:11 +02:00
Tobias Brunner
f5eef00302 ike-auth: Support IKE_INTERMEDIATE exchange between IKE_SA_INIT and IKE_AUTH 2021-10-18 18:49:11 +02:00
Tobias Brunner
0c2080ba02 child-create: Support IKE_INTERMEDIATE exchange between IKE_SA_INIT and IKE_AUTH 2021-10-18 18:49:11 +02:00
Tobias Brunner
78927145fe ike-mobike: Support IKE_INTERMEDIATE exchange between IKE_SA_INIT and IKE_AUTH 
This changes the MID of the first IKE_AUTH message.
 2021-10-18 18:49:11 +02:00
Tobias Brunner
9f1497d41c ike-config: Support IKE_INTERMEDIATE exchange between IKE_SA_INIT and IKE_AUTH 
This changes the MID of the first IKE_AUTH message.
 2021-10-18 18:49:11 +02:00
Tobias Brunner
b979511fcb ike-cert-post: Make absolutely sure certificates are only added to IKE_AUTH 
The AUTH payload check should be fine, but add some extra checks just to make
really sure and also for clarification.
 2021-10-18 18:49:11 +02:00
Tobias Brunner
3234407a95 ike-cert-pre: Support IKE_INTERMEDIATE exchange between IKE_SA_INIT and IKE_AUTH 
The first IKE_AUTH does not have MID 1 if that's the case.
 2021-10-18 18:49:11 +02:00