/*
* invoke helper to do DH work.
*/
stf_status start_dh_secretiv(struct pluto_crypto_req_cont *cn
, struct state *st
, enum crypto_importance importance
, enum phase1_role init /* TRUE=g_init,FALSE=g_r */
, u_int16_t oakley_group2)
{
struct pluto_crypto_req r;
struct pcr_skeyid_q *dhq;
const chunk_t *pss = get_preshared_secret(st->st_connection);
err_t e;
bool toomuch = FALSE;
pcr_init(&r, pcr_compute_dh_iv, importance);
dhq = &r.pcr_d.dhq;
passert(st->st_sec_in_use);
/* convert appropriate data to dhq */
dhq->auth = st->st_oakley.auth;
dhq->prf_hash = st->st_oakley.prf_hash;
dhq->oakley_group = oakley_group2;
dhq->init = init;
dhq->keysize = st->st_oakley.enckeylen/BITS_PER_BYTE;
passert(r.pcr_d.dhq.oakley_group != 0);
DBG(DBG_CONTROL | DBG_CRYPT,
DBG_log("parent1 type: %d group: %d len: %d\n", r.pcr_type,
r.pcr_d.dhq.oakley_group, (int)r.pcr_len));
if(pss) {
pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->pss, *pss);
}
pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->ni, st->st_ni);
pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->nr, st->st_nr);
pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->gi, st->st_gi);
pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->gr, st->st_gr);
pluto_crypto_copychunk(&dhq->thespace, dhq->space
, &dhq->secret, st->st_sec_chunk);
#ifdef HAVE_LIBNSS
/*copying required encryption algo*/
/*dhq->encrypt_algo = st->st_oakley.encrypt;*/
dhq->encrypter = st->st_oakley.encrypter;
DBG(DBG_CRYPT, DBG_log("Copying DH pub key pointer to be sent to a thread helper"));
pluto_crypto_copychunk(&dhq->thespace, dhq->space , &dhq->pubk, st->pubk);
#endif
pluto_crypto_allocchunk(&dhq->thespace, &dhq->icookie, COOKIE_SIZE);
memcpy(wire_chunk_ptr(dhq, &dhq->icookie)
, st->st_icookie, COOKIE_SIZE);
pluto_crypto_allocchunk(&dhq->thespace, &dhq->rcookie, COOKIE_SIZE);
memcpy(wire_chunk_ptr(dhq, &dhq->rcookie)
, st->st_rcookie, COOKIE_SIZE);
passert(dhq->oakley_group != 0);
e = send_crypto_helper_request(&r, cn, &toomuch);
if(e != NULL) {
loglog(RC_LOG_SERIOUS, "can not start crypto helper: %s", e);
if(toomuch) {
return STF_TOOMUCHCRYPTO;
} else {
return STF_FAIL;
}
} else if(!toomuch) {
st->st_calculating = TRUE;
delete_event(st);
event_schedule(EVENT_CRYPTO_FAILED, EVENT_CRYPTO_FAILED_DELAY, st);
return STF_SUSPEND;
} else {
/* we must have run the continuation directly, so
* complete_state_transition already got called.
*/
return STF_INLINE;
}
}
/*
* invoke helper to do DH work.
*/
stf_status start_dh_v2(struct pluto_crypto_req_cont *cn,
struct state *st,
enum crypto_importance importance,
enum phase1_role init, /* TRUE=g_init,FALSE=g_r */
u_int16_t oakley_group2)
{
struct pluto_crypto_req r;
struct pcr_skeyid_q *dhq;
err_t e;
bool toomuch = FALSE;
pcr_init(&r, pcr_compute_dh_v2, importance);
dhq = &r.pcr_d.dhq;
passert(st->st_sec_in_use);
DBG(DBG_CONTROLMORE,
DBG_log("calculating skeyseed using prf=%s integ=%s cipherkey=%s",
enum_name(&ikev2_trans_type_prf_names, st->st_oakley.prf_hash),
enum_name(&ikev2_trans_type_integ_names,
st->st_oakley.integ_hash),
enum_name(&ikev2_trans_type_encr_names,
st->st_oakley.encrypt)));
/* convert appropriate data to dhq */
dhq->auth = st->st_oakley.auth;
dhq->prf_hash = st->st_oakley.prf_hash;
dhq->integ_hash = st->st_oakley.integ_hash;
dhq->oakley_group = oakley_group2;
dhq->init = init;
dhq->keysize = st->st_oakley.enckeylen / BITS_PER_BYTE;
passert(r.pcr_d.dhq.oakley_group != 0);
pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->ni,
st->st_ni);
pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->nr,
st->st_nr);
pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->gi,
st->st_gi);
pluto_crypto_copychunk(&dhq->thespace, dhq->space, &dhq->gr,
st->st_gr);
pluto_crypto_copychunk(&dhq->thespace, dhq->space,
&dhq->secret, st->st_sec_chunk);
/*copying required encryption algo*/
/*dhq->encrypt_algo = st->st_oakley.encrypter->common.algo_v2id;*/
dhq->encrypter = st->st_oakley.encrypter;
DBG(DBG_CRYPT,
DBG_log("Copying DH pub key pointer to be sent to a thread helper"));
pluto_crypto_copychunk(&dhq->thespace, dhq->space,
&dhq->pubk, st->pubk);
pluto_crypto_allocchunk(&dhq->thespace, &dhq->icookie, COOKIE_SIZE);
memcpy(wire_chunk_ptr(dhq, &dhq->icookie),
st->st_icookie, COOKIE_SIZE);
pluto_crypto_allocchunk(&dhq->thespace, &dhq->rcookie, COOKIE_SIZE);
memcpy(wire_chunk_ptr(dhq, &dhq->rcookie),
st->st_rcookie, COOKIE_SIZE);
passert(dhq->oakley_group != 0);
e = send_crypto_helper_request(&r, cn, &toomuch);
if (e != NULL) {
loglog(RC_LOG_SERIOUS, "can not start crypto helper: %s", e);
if (toomuch)
return STF_TOOMUCHCRYPTO;
else
return STF_FAIL;
} else if (!toomuch) {
st->st_calculating = TRUE;
delete_event(st);
event_schedule(EVENT_CRYPTO_FAILED, EVENT_CRYPTO_FAILED_DELAY,
st);
return STF_SUSPEND;
} else {
/* we must have run the continuation directly, so
* complete_state_transition already got called.
*/
return STF_INLINE;
}
}