-/*
- * Compute unpredictable IV for IKEv2.
- */
-int
-oakley_newiv_ikev2(phase1_handle_t * iph1)
-{
- struct isakmp_ivm *newivm = NULL;
- int iv_length;
-
- /* Get IV length */
- iv_length = alg_oakley_encdef_blocklen(iph1->approval->enctype);
- if (iv_length == -1) {
- plog(ASL_LEVEL_ERR, "Invalid encryption algorithm %d.\n", iph1->approval->enctype);
- }
-
- /* Allocate IV Manager */
- newivm = racoon_calloc(1, sizeof(struct isakmp_ivm));
- if (newivm == NULL) {
- plog(ASL_LEVEL_ERR, "Failed to allocate IV buffer.\n");
- return -1;
- }
-
- /* Compute IV */
- /* There are two recommended methods for generating unpredictable IVs. The first method is to apply the forward cipher function, under the same key that is used for the encryption of the plaintext, to a nonce. The nonce must be a data block that is unique to each execution of the encryption operation. For example, the nonce may be a counter, as described in Appendix B, or a message number. The second method is to generate a random data block using a FIPS- approved random number generator.
- [National Institute of Standards and Technology, U.S.
- Department of Commerce, "Recommendation for Block Cipher
- Modes of Operation", SP 800-38A, 2001.]
- */
- /* Currently, we implement the second scheme, which uses a random block */
- newivm->iv = eay_set_random(iv_length);
- if (newivm->iv == NULL) {
- oakley_delivm(newivm);
- return -1;
- }
-
- /* Adjust length of IV */
- if (newivm->iv->l != iv_length) {
- plog(ASL_LEVEL_WARNING, "IV length was adjusted.\n");
- newivm->iv->l = iv_length;
- }
-
- /* Make copy of IV in IVe */
- if ((newivm->ive = vdup(newivm->iv)) == NULL) {
- plog(ASL_LEVEL_ERR, "vdup (%s)\n", strerror(errno));
- oakley_delivm(newivm);
- return -1;
- }
-
- /* Delete old IV if there is one */
- if (iph1->ivm != NULL)
- oakley_delivm(iph1->ivm);
-
- iph1->ivm = newivm;
-
- return 0;
-}
-
-
projects / apple / ipsec.git / blobdiff