Since 2010 isakmpd(8) and iked(8) share the same Diffie-Hellman
implementation based on libcrypto. In 2014 reyk@ synced these
two implementations bringing support for DH groups 27-30 using
Brainpool curves.
Sadly the necessary plumbing and documentation was missing. So
here's a diff to make isakmpd(8) users happy.
ok?
Index: ipsecctl/ike.c
===================================================================
RCS file: /cvs/src/sbin/ipsecctl/ike.c,v
retrieving revision 1.81
diff -u -p -r1.81 ike.c
--- ipsecctl/ike.c 9 Dec 2015 21:41:50 -0000 1.81
+++ ipsecctl/ike.c 24 Oct 2017 14:44:38 -0000
@@ -330,30 +330,57 @@ ike_section_p2(struct ipsec_rule *r, FIL
switch (r->p2xfs->groupxf->id) {
case GROUPXF_NONE:
break;
- case GROUPXF_768:
+ case GROUPXF_1:
group_desc = "MODP_768";
break;
- case GROUPXF_1024:
+ case GROUPXF_2:
group_desc = "MODP_1024";
break;
- case GROUPXF_1536:
+ case GROUPXF_5:
group_desc = "MODP_1536";
break;
- case GROUPXF_2048:
+ case GROUPXF_14:
group_desc = "MODP_2048";
break;
- case GROUPXF_3072:
+ case GROUPXF_15:
group_desc = "MODP_3072";
break;
- case GROUPXF_4096:
+ case GROUPXF_16:
group_desc = "MODP_4096";
break;
- case GROUPXF_6144:
+ case GROUPXF_17:
group_desc = "MODP_6144";
break;
- case GROUPXF_8192:
+ case GROUPXF_18:
group_desc = "MODP_8192";
break;
+ case GROUPXF_19:
+ group_desc = "ECP_256";
+ break;
+ case GROUPXF_20:
+ group_desc = "ECP_384";
+ break;
+ case GROUPXF_21:
+ group_desc = "ECP_521";
+ break;
+ case GROUPXF_25:
+ group_desc = "ECP_192";
+ break;
+ case GROUPXF_26:
+ group_desc = "ECP_224";
+ break;
+ case GROUPXF_27:
+ group_desc = "BP_224";
+ break;
+ case GROUPXF_28:
+ group_desc = "BP_256";
+ break;
+ case GROUPXF_29:
+ group_desc = "BP_384";
+ break;
+ case GROUPXF_30:
+ group_desc = "BP_512";
+ break;
default:
warnx("illegal group %s", r->p2xfs->groupxf->name);
return (-1);
@@ -496,34 +523,61 @@ ike_section_p1(struct ipsec_rule *r, FIL
if (r->p1xfs && r->p1xfs->groupxf) {
switch (r->p1xfs->groupxf->id) {
- case GROUPXF_768:
+ case GROUPXF_1:
group_desc = "MODP_768";
break;
- case GROUPXF_1024:
+ case GROUPXF_2:
group_desc = "MODP_1024";
break;
- case GROUPXF_1536:
+ case GROUPXF_5:
group_desc = "MODP_1536";
break;
- case GROUPXF_2048:
+ case GROUPXF_14:
group_desc = "MODP_2048";
break;
- case GROUPXF_3072:
+ case GROUPXF_15:
group_desc = "MODP_3072";
break;
- case GROUPXF_4096:
+ case GROUPXF_16:
group_desc = "MODP_4096";
break;
- case GROUPXF_6144:
+ case GROUPXF_17:
group_desc = "MODP_6144";
break;
- case GROUPXF_8192:
+ case GROUPXF_18:
group_desc = "MODP_8192";
break;
+ case GROUPXF_19:
+ group_desc = "ECP_256";
+ break;
+ case GROUPXF_20:
+ group_desc = "ECP_384";
+ break;
+ case GROUPXF_21:
+ group_desc = "ECP_521";
+ break;
+ case GROUPXF_25:
+ group_desc = "ECP_192";
+ break;
+ case GROUPXF_26:
+ group_desc = "ECP_224";
+ break;
+ case GROUPXF_27:
+ group_desc = "BP_224";
+ break;
+ case GROUPXF_28:
+ group_desc = "BP_256";
+ break;
+ case GROUPXF_29:
+ group_desc = "BP_384";
+ break;
+ case GROUPXF_30:
+ group_desc = "BP_512";
+ break;
default:
warnx("illegal group %s", r->p1xfs->groupxf->name);
return (-1);
- };
+ }
} else
group_desc = "MODP_3072";
Index: ipsecctl/ipsec.conf.5
===================================================================
RCS file: /cvs/src/sbin/ipsecctl/ipsec.conf.5,v
retrieving revision 1.152
diff -u -p -r1.152 ipsec.conf.5
--- ipsecctl/ipsec.conf.5 14 Apr 2017 18:06:28 -0000 1.152
+++ ipsecctl/ipsec.conf.5 24 Oct 2017 14:40:23 -0000
@@ -668,6 +668,15 @@ keyword:
.It Li modp4096 Ta 4096 Ta "[DH group 16]"
.It Li modp6144 Ta 6144 Ta "[DH group 17]"
.It Li modp8192 Ta 8192 Ta "[DH group 18]"
+.It Li ecp256 Ta 256 Ta "[DH group 19]"
+.It Li ecp384 Ta 384 Ta "[DH group 20]"
+.It Li ecp521 Ta 512 Ta "[DH group 21]"
+.It Li ecp192 Ta 192 Ta "[DH group 25]"
+.It Li ecp224 Ta 224 Ta "[DH group 26]"
+.It Li bp224 Ta 224 Ta "[DH group 27]"
+.It Li bp256 Ta 256 Ta "[DH group 28]"
+.It Li bp384 Ta 384 Ta "[DH group 29]"
+.It Li bp512 Ta 512 Ta "[DH group 30]"
.It Li none Ta 0 Ta "[phase 2 only]"
.El
.Sh MANUAL FLOWS
Index: ipsecctl/ipsecctl.h
===================================================================
RCS file: /cvs/src/sbin/ipsecctl/ipsecctl.h,v
retrieving revision 1.71
diff -u -p -r1.71 ipsecctl.h
--- ipsecctl/ipsecctl.h 19 Apr 2017 15:59:38 -0000 1.71
+++ ipsecctl/ipsecctl.h 24 Oct 2017 14:43:47 -0000
@@ -73,8 +73,10 @@ enum {
COMPXF_UNKNOWN, COMPXF_DEFLATE, COMPXF_LZS
};
enum {
- GROUPXF_UNKNOWN, GROUPXF_NONE, GROUPXF_768, GROUPXF_1024, GROUPXF_1536,
- GROUPXF_2048, GROUPXF_3072, GROUPXF_4096, GROUPXF_6144, GROUPXF_8192,
+ GROUPXF_UNKNOWN, GROUPXF_NONE, GROUPXF_1, GROUPXF_2, GROUPXF_5,
+ GROUPXF_14, GROUPXF_15, GROUPXF_16, GROUPXF_17, GROUPXF_18,
+ GROUPXF_19, GROUPXF_20, GROUPXF_21, GROUPXF_25, GROUPXF_26,
+ GROUPXF_27, GROUPXF_28, GROUPXF_29, GROUPXF_30
};
enum {
IKE_ACTIVE, IKE_PASSIVE, IKE_DYNAMIC
Index: ipsecctl/parse.y
===================================================================
RCS file: /cvs/src/sbin/ipsecctl/parse.y,v
retrieving revision 1.168
diff -u -p -r1.168 parse.y
--- ipsecctl/parse.y 19 Apr 2017 15:59:38 -0000 1.168
+++ ipsecctl/parse.y 24 Oct 2017 14:43:46 -0000
@@ -136,22 +136,40 @@ const struct ipsec_xf compxfs[] = {
const struct ipsec_xf groupxfs[] = {
{ "unknown", GROUPXF_UNKNOWN, 0, 0 },
{ "none", GROUPXF_NONE, 0, 0 },
- { "modp768", GROUPXF_768, 768, 0 },
- { "grp1", GROUPXF_768, 768, 0 },
- { "modp1024", GROUPXF_1024, 1024, 0 },
- { "grp2", GROUPXF_1024, 1024, 0 },
- { "modp1536", GROUPXF_1536, 1536, 0 },
- { "grp5", GROUPXF_1536, 1536, 0 },
- { "modp2048", GROUPXF_2048, 2048, 0 },
- { "grp14", GROUPXF_2048, 2048, 0 },
- { "modp3072", GROUPXF_3072, 3072, 0 },
- { "grp15", GROUPXF_3072, 3072, 0 },
- { "modp4096", GROUPXF_4096, 4096, 0 },
- { "grp16", GROUPXF_4096, 4096, 0 },
- { "modp6144", GROUPXF_6144, 6144, 0 },
- { "grp17", GROUPXF_6144, 6144, 0 },
- { "modp8192", GROUPXF_8192, 8192, 0 },
- { "grp18", GROUPXF_8192, 8192, 0 },
+ { "modp768", GROUPXF_1, 768, 0 },
+ { "grp1", GROUPXF_1, 768, 0 },
+ { "modp1024", GROUPXF_2, 1024, 0 },
+ { "grp2", GROUPXF_2, 1024, 0 },
+ { "modp1536", GROUPXF_5, 1536, 0 },
+ { "grp5", GROUPXF_5, 1536, 0 },
+ { "modp2048", GROUPXF_14, 2048, 0 },
+ { "grp14", GROUPXF_14, 2048, 0 },
+ { "modp3072", GROUPXF_15, 3072, 0 },
+ { "grp15", GROUPXF_15, 3072, 0 },
+ { "modp4096", GROUPXF_16, 4096, 0 },
+ { "grp16", GROUPXF_16, 4096, 0 },
+ { "modp6144", GROUPXF_17, 6144, 0 },
+ { "grp17", GROUPXF_17, 6144, 0 },
+ { "modp8192", GROUPXF_18, 8192, 0 },
+ { "grp18", GROUPXF_18, 8192, 0 },
+ { "ecp256", GROUPXF_19, 256, 0 },
+ { "grp19", GROUPXF_19, 256, 0 },
+ { "ecp384", GROUPXF_20, 384, 0 },
+ { "grp20", GROUPXF_20, 384, 0 },
+ { "ecp521", GROUPXF_21, 521, 0 },
+ { "grp21", GROUPXF_21, 521, 0 },
+ { "ecp192", GROUPXF_25, 192, 0 },
+ { "grp25", GROUPXF_25, 192, 0 },
+ { "ecp224", GROUPXF_26, 224, 0 },
+ { "grp26", GROUPXF_26, 224, 0 },
+ { "bp224", GROUPXF_27, 224, 0 },
+ { "grp27", GROUPXF_27, 224, 0 },
+ { "bp256", GROUPXF_28, 256, 0 },
+ { "grp28", GROUPXF_28, 256, 0 },
+ { "bp384", GROUPXF_29, 384, 0 },
+ { "grp29", GROUPXF_29, 384, 0 },
+ { "bp512", GROUPXF_30, 512, 0 },
+ { "grp30", GROUPXF_30, 512, 0 },
{ NULL, 0, 0, 0 },
};
Index: isakmpd/conf.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/conf.c,v
retrieving revision 1.106
diff -u -p -r1.106 conf.c
--- isakmpd/conf.c 16 Mar 2016 15:41:10 -0000 1.106
+++ isakmpd/conf.c 24 Oct 2017 14:49:19 -0000
@@ -289,14 +289,14 @@ conf_parse(int trans, char *buf, size_t
* Resulting section names can be:
* For main mode:
* {BLF,3DES,CAST,AES,AES-{128,192,256}-{MD5,SHA,SHA2-{256,384,512}} \
- * [-GRP{1,2,5,14,15}][-{DSS,RSA_SIG}]
+ * [-GRP{1,2,5,14-21,25-30}][-{DSS,RSA_SIG}]
* For quick mode:
* QM-{proto}[-TRP]-{cipher}[-{hash}][-PFS[-{group}]]-SUITE
* where
* {proto} = ESP, AH
* {cipher} = 3DES, CAST, BLF, AES, AES-{128,192,256}, AESCTR
* {hash} = MD5, SHA, RIPEMD, SHA2-{256,384,512}
- * {group} = GRP1, GRP2, GRP5, GRP14, GRP15
+ * {group} = GRP{1,2,5,14-21,25-30}
*
* DH group defaults to MODP_1024.
*
@@ -483,9 +483,13 @@ conf_load_defaults(int tr)
"AES-192", "AES-256", 0};
char *dhgroup[] = {"MODP_1024", "MODP_768", "MODP_1024",
"MODP_1536", "MODP_2048", "MODP_3072", "MODP_4096",
- "MODP_6144", "MODP_8192", 0};
+ "MODP_6144", "MODP_8192",
+ "ECP_256", "ECP_384", "ECP_521", "ECP_192", "ECP_224",
+ "BP_224", "BP_256", "BP_384", "BP_512", 0};
char *dhgroup_p[] = {"", "-GRP1", "-GRP2", "-GRP5", "-GRP14",
- "-GRP15", "-GRP16", "-GRP17", "-GRP18", 0};
+ "-GRP15", "-GRP16", "-GRP17", "-GRP18", "-GRP19", "-GRP20",
+ "-GRP21", "-GRP25", "-GRP26", "-GRP27", "-GRP28", "-GRP29",
+ "-GRP30", 0};
char *qm_enc[] = {"3DES", "CAST", "BLOWFISH", "AES",
"AES", "AES", "AES", "AES_CTR", "AES_CTR", "AES_CTR",
"AES_CTR", "AES_GCM_16",
Index: isakmpd/ipsec.c
===================================================================
RCS file: /cvs/src/sbin/isakmpd/ipsec.c,v
retrieving revision 1.147
diff -u -p -r1.147 ipsec.c
--- isakmpd/ipsec.c 18 Jul 2017 06:19:07 -0000 1.147
+++ isakmpd/ipsec.c 24 Oct 2017 14:50:29 -0000
@@ -1263,7 +1263,9 @@ ipsec_is_attribute_incompatible(u_int16_
return (dv < IKE_GROUP_DESC_MODP_768 ||
dv > IKE_GROUP_DESC_MODP_1536) &&
(dv < IKE_GROUP_DESC_MODP_2048 ||
- dv > IKE_GROUP_DESC_MODP_8192);
+ dv > IKE_GROUP_DESC_ECP_521) &&
+ (dv < IKE_GROUP_DESC_ECP_192 ||
+ dv > IKE_GROUP_DESC_BP_512);
case IKE_ATTR_GROUP_TYPE:
return 1;
case IKE_ATTR_GROUP_PRIME:
@@ -1305,7 +1307,9 @@ ipsec_is_attribute_incompatible(u_int16_
return (dv < IKE_GROUP_DESC_MODP_768 ||
dv > IKE_GROUP_DESC_MODP_1536) &&
(dv < IKE_GROUP_DESC_MODP_2048 ||
- IKE_GROUP_DESC_MODP_8192 < dv);
+ dv > IKE_GROUP_DESC_ECP_521) &&
+ (dv < IKE_GROUP_DESC_ECP_192 ||
+ dv > IKE_GROUP_DESC_BP_512);
case IPSEC_ATTR_ENCAPSULATION_MODE:
return dv != IPSEC_ENCAP_TUNNEL &&
dv != IPSEC_ENCAP_TRANSPORT &&
Index: isakmpd/ipsec_num.cst
===================================================================
RCS file: /cvs/src/sbin/isakmpd/ipsec_num.cst,v
retrieving revision 1.19
diff -u -p -r1.19 ipsec_num.cst
--- isakmpd/ipsec_num.cst 30 Jun 2012 14:51:31 -0000 1.19
+++ isakmpd/ipsec_num.cst 24 Oct 2017 14:49:58 -0000
@@ -171,6 +171,15 @@ IKE_GROUP_DESC
MODP_4096 16
MODP_6144 17
MODP_8192 18
+ ECP_256 19
+ ECP_384 20
+ ECP_521 21
+ ECP_192 25
+ ECP_224 26
+ BP_224 27
+ BP_256 28
+ BP_384 29
+ BP_512 30
.
# IKE Group type.
Index: isakmpd/isakmpd.conf.5
===================================================================
RCS file: /cvs/src/sbin/isakmpd/isakmpd.conf.5,v
retrieving revision 1.133
diff -u -p -r1.133 isakmpd.conf.5
--- isakmpd/isakmpd.conf.5 1 Jan 2017 01:08:11 -0000 1.133
+++ isakmpd/isakmpd.conf.5 24 Oct 2017 14:51:35 -0000
@@ -100,7 +100,8 @@ is either BLF, 3DES, CAST, AES, AES-128,
.It Ar hash
is either MD5, SHA, or SHA2-{256,384,512}
.It Ar group
-is either GRP1, GRP2, GRP5, GRP14, or GRP15
+is either GRP1, GRP2, GRP5, GRP14, GRP15, GRP16, GRP17, GRP18,
+GRP19, GRP20, GRP21, GRP25, GRP26, GRP27, GRP28, GRP29 or GRP30.
.El
.Pp
For Quick Mode:
@@ -128,7 +129,8 @@ or NULL
.It Ar hash
is either MD5, SHA, RIPEMD, or SHA2-{256,384,512}
.It Ar group
-is either GRP1, GRP2, GRP5, GRP14, or GRP15
+is either GRP1, GRP2, GRP5, GRP14, GRP15, GRP16, GRP17, GRP18,
+GRP19, GRP20, GRP21, GRP25, GRP26, GRP27, GRP28, GRP29 or GRP30.
.El
.Pp
For example, AES-SHA2-256 means: AES encryption, SHA2-256 hash, and
@@ -138,8 +140,8 @@ e.g. AES-SHA2-256-RSA_SIG.
Similarly, QM-ESP-3DES-SHA-PFS-SUITE means: ESP protocol, 3DES encryption,
SHA hash, and use Perfect Forward Secrecy.
.Pp
-Unless explicitly stated with -GRP1, 2, 5, 14 or 15, transforms and
-PFS suites use DH group 2.
+Unless explicitly stated with -GRP1, 2, 5, 14, 15, 16, 17, 18, 19, 20, 21,
+25, 26, 27, 28, 29 or 30, transforms and PFS suites use DH group 2.
There are currently no predefined ESP+AH Quick Mode suites.
.Pp
The predefinitions include some default values for the special
