crypt_dh.c
来自「ipsec vpn」· C语言 代码 · 共 539 行 · 第 1/2 页
C
539 行
hmac_init_chunk(&ctx, hasher, *skeyid_e); hmac_update(&ctx, "\0", 1); for (;;) { hmac_final(&keytemp[i], &ctx); i += ctx.hmac_digest_len; if (i >= keysize) break; hmac_reinit(&ctx); hmac_update(&ctx, &keytemp[i - ctx.hmac_digest_len], ctx.hmac_digest_len); } k = keytemp; } clonereplacechunk(*enc_key, k, keysize, "st_enc_key"); } DBG(DBG_CRYPT, DBG_dump_chunk("Skeyid: ", *skeyid); DBG_dump_chunk("Skeyid_d:", *skeyid_d); DBG_dump_chunk("Skeyid_a:", *skeyid_a); DBG_dump_chunk("Skeyid_e:", *skeyid_e); DBG_dump_chunk("enc key:", *enc_key); DBG_dump_chunk("IV:", *new_iv));}void calc_dh_iv(struct pluto_crypto_req *r){ struct pcr_skeyid_q *skq = &r->pcr_d.dhq; struct pcr_skeyid_r *skr = &r->pcr_d.dhr; struct pcr_skeyid_q dhq; const struct oakley_group_desc *group; MP_INT sec; chunk_t shared, g; chunk_t skeyid, skeyid_d, skeyid_a, skeyid_e; chunk_t new_iv, enc_key; /* copy the request, since we will use the same memory for the reply */ memcpy(&dhq, skq, sizeof(struct pcr_skeyid_q)); /* clear out the reply */ memset(skr, 0, sizeof(*skr)); skr->thespace.start = 0; skr->thespace.len = sizeof(skr->space); group = lookup_group(dhq.oakley_group); pluto_crypto_allocchunk(&skr->thespace , &skr->shared , group->bytes); shared.ptr = wire_chunk_ptr(skr, &skr->shared); shared.len = group->bytes; /* recover the long term secret */ n_to_mpz(&sec, wire_chunk_ptr(&dhq, &dhq.secret), dhq.secret.len); /* now calculate the (g^x)(g^y) --- need gi on responder, gr on initiator */ if(dhq.init == RESPONDER) { setchunk_fromwire(g, &dhq.gi, &dhq); } else { setchunk_fromwire(g, &dhq.gr, &dhq); } calc_dh_shared(&shared, g, &sec, group); mpz_clear (&sec); memset(&skeyid, 0, sizeof(skeyid)); memset(&skeyid_d, 0, sizeof(skeyid_d)); memset(&skeyid_a, 0, sizeof(skeyid_a)); memset(&skeyid_e, 0, sizeof(skeyid_e)); memset(&new_iv, 0, sizeof(new_iv)); memset(&enc_key, 0, sizeof(enc_key)); /* okay, so now calculate IV */ calc_skeyids_iv(&dhq , shared , dhq.keysize , &skeyid , &skeyid_d , &skeyid_a , &skeyid_e , &new_iv , &enc_key); /* now translate it back to wire chunks, freeing the chunks */ setwirechunk_fromchunk(skr->shared, shared, skr); setwirechunk_fromchunk(skr->skeyid, skeyid, skr); setwirechunk_fromchunk(skr->skeyid_d, skeyid_d, skr); setwirechunk_fromchunk(skr->skeyid_a, skeyid_a, skr); setwirechunk_fromchunk(skr->skeyid_e, skeyid_e, skr); setwirechunk_fromchunk(skr->new_iv, new_iv, skr); setwirechunk_fromchunk(skr->enc_key, enc_key, skr); freeanychunk(shared); freeanychunk(skeyid); freeanychunk(skeyid_d); freeanychunk(skeyid_a); freeanychunk(skeyid_e); freeanychunk(new_iv); freeanychunk(enc_key); return;}void calc_dh(struct pluto_crypto_req *r){ struct pcr_skeyid_q *skq = &r->pcr_d.dhq; struct pcr_skeyid_r *skr = &r->pcr_d.dhr; struct pcr_skeyid_q dhq; const struct oakley_group_desc *group; MP_INT sec; chunk_t shared, g; /* copy the request, since we will use the same memory for the reply */ memcpy(&dhq, skq, sizeof(struct pcr_skeyid_q)); /* clear out the reply */ memset(skr, 0, sizeof(*skr)); skr->thespace.start = 0; skr->thespace.len = sizeof(skr->space); group = lookup_group(dhq.oakley_group); pluto_crypto_allocchunk(&skr->thespace , &skr->shared , group->bytes); shared.ptr = wire_chunk_ptr(skr, &skr->shared); shared.len = group->bytes; /* recover the long term secret */ n_to_mpz(&sec, wire_chunk_ptr(&dhq, &dhq.secret), dhq.secret.len); /* now calculate the (g^x)(g^y) */ if(dhq.init == RESPONDER) { setchunk_fromwire(g, &dhq.gi, &dhq); } else { setchunk_fromwire(g, &dhq.gr, &dhq); } calc_dh_shared(&shared, g, &sec, group); mpz_clear (&sec); /* now translate it back to wire chunks, freeing the chunks */ setwirechunk_fromchunk(skr->shared, shared, skr); freeanychunk(shared); return;}stf_status perform_dh_secretiv(struct state *st , enum phase1_role init /* TRUE=g_init,FALSE=g_r */ , u_int16_t oakley_group){ struct pluto_crypto_req r; struct pcr_skeyid_q *dhq = &r.pcr_d.dhq; struct pcr_skeyid_r *dhr = &r.pcr_d.dhr; const chunk_t *pss = get_preshared_secret(st->st_connection); passert(st->st_sec_in_use); dhq->thespace.start = 0; dhq->thespace.len = sizeof(dhq->space); /* convert appropriate data to dhq */ dhq->auth = st->st_oakley.auth; dhq->hash = st->st_oakley.hash; dhq->oakley_group = oakley_group; dhq->init = init; dhq->keysize = st->st_oakley.enckeylen/BITS_PER_BYTE; if(pss) { pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->pss, *pss); } pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->ni, st->st_ni); pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->nr, st->st_nr); pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->gi, st->st_gi); pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->gr, st->st_gr); pluto_crypto_copychunk(&dhq->thespace, dhq->space , &dhq->secret, st->st_sec_chunk); pluto_crypto_allocchunk(&dhq->thespace, &dhq->icookie, COOKIE_SIZE); memcpy(wire_chunk_ptr(&r.pcr_d.dhq, &dhq->icookie) , st->st_icookie, COOKIE_SIZE); pluto_crypto_allocchunk(&dhq->thespace, &dhq->rcookie, COOKIE_SIZE); memcpy(wire_chunk_ptr(&r.pcr_d.dhq, &dhq->rcookie) , st->st_rcookie, COOKIE_SIZE); calc_dh_iv(&r); clonetochunk(st->st_shared, wire_chunk_ptr(dhr, &(dhr->shared)) , dhr->shared.len, "calculated shared secret"); clonetochunk(st->st_skeyid, wire_chunk_ptr(dhr, &(dhr->skeyid)) , dhr->skeyid.len, "calculated skeyid secret"); clonetochunk(st->st_skeyid_d, wire_chunk_ptr(dhr, &(dhr->skeyid_d)) , dhr->skeyid_d.len, "calculated skeyid_d secret"); clonetochunk(st->st_skeyid_a, wire_chunk_ptr(dhr, &(dhr->skeyid_a)) , dhr->skeyid_a.len, "calculated skeyid_a secret"); clonetochunk(st->st_skeyid_e, wire_chunk_ptr(dhr, &(dhr->skeyid_e)) , dhr->skeyid_e.len, "calculated skeyid_a secret"); clonetochunk(st->st_enc_key, wire_chunk_ptr(dhr, &(dhr->enc_key)) , dhr->enc_key.len, "calculated key for phase 1"); passert(dhr->new_iv.len <= MAX_DIGEST_LEN); passert(dhr->new_iv.len > 0); memcpy(st->st_new_iv, wire_chunk_ptr(dhr, &(dhr->new_iv)),dhr->new_iv.len); st->st_new_iv_len = dhr->new_iv.len; st->hidden_variables.st_skeyid_calculated = TRUE; return STF_OK;}stf_status perform_dh_secret(struct state *st , enum phase1_role init , u_int16_t oakley_group){ struct pluto_crypto_req r; struct pcr_skeyid_q *dhq = &r.pcr_d.dhq; struct pcr_skeyid_r *dhr = &r.pcr_d.dhr; const chunk_t *pss = get_preshared_secret(st->st_connection); passert(st->st_sec_in_use); dhq->thespace.start = 0; dhq->thespace.len = sizeof(dhq->space); /* convert appropriate data to dhq */ dhq->auth = st->st_oakley.auth; dhq->hash = st->st_oakley.hash; dhq->oakley_group = oakley_group; dhq->init = init; dhq->keysize = st->st_oakley.enckeylen/BITS_PER_BYTE; if(pss) { pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->pss, *pss); } pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->ni, st->st_ni); pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->nr, st->st_nr); pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->gi, st->st_gi); pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->gr, st->st_gr); pluto_crypto_copychunk(&dhq->thespace, dhq->space , &dhq->secret, st->st_sec_chunk); pluto_crypto_allocchunk(&dhq->thespace, &dhq->icookie, COOKIE_SIZE); memcpy(wire_chunk_ptr(&r.pcr_d.dhq, &dhq->icookie) , st->st_icookie, COOKIE_SIZE); pluto_crypto_allocchunk(&dhq->thespace, &dhq->rcookie, COOKIE_SIZE); memcpy(wire_chunk_ptr(&r.pcr_d.dhq, &dhq->rcookie) , st->st_rcookie, COOKIE_SIZE); calc_dh(&r); clonetochunk(st->st_shared, wire_chunk_ptr(dhr, &(dhr->shared)) , dhr->shared.len, "calculated shared secret"); return STF_OK;}/* * Local Variables: * c-basic-offset:4 * c-style: pluto * End: */⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?