static void ikev1_skeyid_alphabet(PK11SymKey *skeyid)
{
PK11SymKey *skeyid_d =
ikev1_skeyid_d(hasher, skeyid,
g_xy, cky_i, cky_r);
print_symkey("SKEYID_d", skeyid_d, 0);
PK11SymKey *skeyid_a =
ikev1_skeyid_a(hasher, skeyid, skeyid_d,
g_xy, cky_i, cky_r);
print_symkey("SKEYID_a", skeyid_a, 0);
PK11SymKey *skeyid_e =
ikev1_skeyid_e(hasher, skeyid, skeyid_a,
g_xy, cky_i, cky_r);
print_symkey("SKEYID_e", skeyid_e, 0);
free_any_symkey("skeyid_d", &skeyid_d);
free_any_symkey("skeyid_e", &skeyid_e);
free_any_symkey("skeyid_a", &skeyid_a);
}
static void ikev1_skeyid_alphabet(PK11SymKey *skeyid)
{
PK11SymKey *skeyid_d =
ikev1_skeyid_d(prf->prf, skeyid,
g_xy, cky_i, cky_r);
print_symkey("SKEYID_d", skeyid_d, 0);
PK11SymKey *skeyid_a =
ikev1_skeyid_a(prf->prf, skeyid, skeyid_d,
g_xy, cky_i, cky_r);
print_symkey("SKEYID_a", skeyid_a, 0);
PK11SymKey *skeyid_e =
ikev1_skeyid_e(prf->prf, skeyid, skeyid_a,
g_xy, cky_i, cky_r);
print_symkey("SKEYID_e", skeyid_e, 0);
release_symkey(__func__, "skeyid_d", &skeyid_d);
release_symkey(__func__, "skeyid_e", &skeyid_e);
release_symkey(__func__, "skeyid_a", &skeyid_a);
}
static void run_psk(void)
{
print_number("COUNT", count);
print_chunk("CKY_I", cky_i, 0);
print_chunk("CKY_R", cky_r, 0);
print_chunk("Ni", ni, 0);
print_chunk("Nr", nr, 0);
print_symkey("g^xy", g_xy, 0);
print_chunk("pre-shared-key", psk, 0);
if (prf == NULL) {
print_line(prf->key);
return;
}
PK11SymKey *skeyid = ikev1_pre_shared_key_skeyid(prf->prf, psk,
ni, nr);
print_symkey("SKEYID", skeyid, 0);
ikev1_skeyid_alphabet(skeyid);
release_symkey(__func__, "skeyid", &skeyid);
}
static void run_sig(void)
{
print_number("COUNT", count);
print_chunk("CKY_I", cky_i, 0);
print_chunk("CKY_R", cky_r, 0);
print_chunk("Ni", ni, 0);
print_chunk("Nr", nr, 0);
print_symkey("g^xy", g_xy, 0);
if (hasher == NULL) {
print_line(hasher_name);
return;
}
PK11SymKey *skeyid =
ikev1_signature_skeyid(hasher,
ni, nr,
g_xy);
print_symkey("SKEYID", skeyid, 0);
ikev1_skeyid_alphabet(skeyid);
free_any_symkey("skeyid", &skeyid);
}
static void run_ikev2(void)
{
print_number("COUNT", count);
print_chunk("Ni", ni, 0);
print_chunk("Nr", nr, 0);
print_symkey("g^ir", g_ir, 0);
print_symkey("g^ir (new)", g_ir_new, 0);
print_chunk("SPIi", spi_i, 0);
print_chunk("SPIr", spi_r, 0);
if (hasher == NULL) {
print_line(hasher_name);
return;
}
/* SKEYSEED = prf(Ni | Nr, g^ir) */
PK11SymKey *skeyseed =
ikev2_ike_sa_skeyseed(hasher, ni, nr, g_ir);
print_symkey("SKEYSEED", skeyseed, 0);
/* prf+(SKEYSEED, Ni | Nr | SPIi | SPIr) */
PK11SymKey *dkm =
ikev2_ike_sa_keymat(hasher, skeyseed,
ni, nr, spi_i, spi_r, dkm_length / 8);
print_symkey("DKM", dkm, dkm_length / 8);
/* prf+(SK_d, Ni | Nr) */
PK11SymKey *SK_d = key_from_symkey_bytes(dkm, 0, hasher->hash_digest_len);
PK11SymKey *child_sa_dkm =
ikev2_child_sa_keymat(hasher, SK_d, NULL, ni, nr, child_sa_dkm_length / 8);
print_symkey("DKM(Child SA)", child_sa_dkm, child_sa_dkm_length / 8);
/* prf+(SK_d, g^ir (new) | Ni | Nr) */
PK11SymKey *child_sa_dkm_dh =
ikev2_child_sa_keymat(hasher, SK_d, g_ir_new, ni, nr,
child_sa_dkm_length / 8);
print_symkey("DKM(Child SA D-H)", child_sa_dkm_dh, child_sa_dkm_length / 8);
/* prf(SK_d (old), g^ir (new) | Ni | Nr) */
PK11SymKey *skeyseed_rekey =
ikev2_ike_sa_rekey_skeyseed(hasher, SK_d, g_ir_new, ni, nr);
print_symkey("SKEYSEED(Rekey)", skeyseed_rekey, 0);
free_any_symkey("skeyseed", &skeyseed);
free_any_symkey("dkm", &dkm);
free_any_symkey("SK_d", &SK_d);
free_any_symkey("child_sa_dkm", &child_sa_dkm);
free_any_symkey("child_sa_dkm_dh", &child_sa_dkm_dh);
free_any_symkey("skeyseed_rekey", &skeyseed_rekey);
}
static void gcm_run_test(void)
{
print_number("Count", NULL, count);
print_symkey("Key", NULL, key, 0);
print_chunk("IV", NULL, iv, 0);
print_chunk("CT", NULL, ct, 0);
print_chunk("AAD", NULL, aad, 0);
print_chunk("Tag", NULL, tag, 0);
const struct encrypt_desc *gcm_alg = lookup_by_taglen();
if (gcm_alg == NULL) {
fprintf(stderr, "taglen %lu not supported\n",
taglen);
return;
}
PK11SymKey *gcm_key = encrypt_key_from_symkey_bytes("GCM key", gcm_alg,
0, sizeof_symkey(key),
key);
chunk_t text_and_tag = clone_chunk_chunk(ct, tag, "text-and-tag");
bool result = gcm_alg->encrypt_ops
->do_aead(gcm_alg,
salt.ptr, salt.len,
iv.ptr, iv.len,
aad.ptr, aad.len,
text_and_tag.ptr,
ct.len, tag.len,
gcm_key,
FALSE/*encrypt*/);
if (result) {
/* plain text */
chunk_t pt = {
.ptr = text_and_tag.ptr,
.len = ct.len,
};
print_chunk("PT", NULL, pt, 0);
} else {
print_line("FAIL");
}
release_symkey(__func__, "GCM-key", &gcm_key);
freeanychunk(text_and_tag);
}
