Strongswan with GM algorithm integration

Acknowledgement

The most part of the GM algorithm and integrate modification is contributed by Zhangke, code base is at zhangke5959/strongswan.

And also thanks to:

Allen Lee and his contribution

Lin Chen and his commit 40eefd8,214cb34e

In this repo, we merged the integrate modification to the strongswan master branch and fixed some code bug reported by the complier, so the GM algorithm can be integrated with latest strongswan release.

Also, you may refer strongswan orginal README, if needed.

Build essential

For success build, the following essential build environment shall be satisfied :

For Debian/Ubuntu

apt install build-essential autoconf libtool pkg-config gettext perl python flex bison gperf libgmp-dev libssl-dev

Build & Install

Currently, the strongswan with Chinese SM2\SM3\SM4 algorithm is not officially supported by the maintainer nor widely tested, to avoid conflict with the official bin installation , we suggest install strongswan-gmalg in specified directory

./autogen.sh
./build.sh linux /opt/ss-gmalg

The build & install step shall be executed on both server or client platform (If required)

Prepare the certificate

According to GB/T 36968-2018 requirement, the participant of the peers shall be identified by the SM2 certificate during IKE negotiation

cd /opt/ss-gmalg

#For CA private key
bin/pki --gen --type sm2 --outform pem > etc/swanctl/private/ca.key.pem

#For self-signed CA certificate
bin/pki --self --in etc/swanctl/private/ca.key.pem --type sm2 --digest sm3 --dn "C=Country, O=Company Name, CN=Unit Name" --ca --lifetime 3650 --outform pem > etc/swanctl/x509ca/ca.cert.pem

#For VPN server private key
bin/pki --gen --type sm2 --outform pem > etc/swanctl/private/server.key.pem

#For VPN server public key
#Not sure whether the public key is used or not
bin/pki --pub --type sm2 --in etc/swanctl/private/server.key.pem --outform pem > etc/swanctl/pubkey/server.pub.key.pem

#For VPN server certificate key
bin/pki --req --in etc/swanctl/private/server.key.pem --type sm2 --dn "C=Country, O=Company Name, CN=Unit Name" --digest sm3 --outform pem | bin/pki --issue --type pkcs10 --digest sm3 --lifetime 1200 --cacert etc/swanctl/x509ca/ca.cert.pem --cakey etc/swanctl/private/ca.key.pem --flag serverAuth --flag ikeIntermediate --outform pem  --san="Alt name for server" > etc/swanctl/x509/server.cert.pem

#For client private key [Testing purpose only,the client private key shall be generated by client itself]
bin/pki --gen --type sm2 --outform pem > /tmp/client.key.pem
bin/pki --req --in /tmp/client.key.pem --type sm2 --dn "C=Country, O=Company Name, CN=End Entity Name" --digest sm3 --outform pem | bin/pki --issue --type pkcs10 --digest sm3 --lifetime 1200 --cacert etc/swanctl/x509ca/ca.cert.pem --cakey etc/swanctl/private/ca.key.pem --outform pem  --san="Alt name for end entity" > /tmp/client.cert.pem

Test & Run

Prepare the certificate for the Client or End Entity

Copy the certificate generated by preceding procedure /tmp/client.key.pem and /tmp/client.cert.pem to strongswan installation directory, which shall be ./etc/swanctl/private/ and ./etc/swanctl/x509/

Copy the CA certifacate, from server /opt/ss-gmalg/etc/swanctl/x509ca/ca.cert.pem into client ca directory like ./etc/swanctl/x509ca/ca.cert.pem

NOTE . stands for installation dir

Start the charon daemon on both server and client

libexec/ipsec/charon > /var/log/charon.log 2>&1 &

Prepare the connect configuration

Network structure

Set up between the two gateways:
```
   10.0.0.0/24 -- | server.wanip | === | client.lanip | -- 172.26.48.0/20
   server-lan          server                 client           client-lan
```
In this scenario we assume two security gateways server and client will connect the two subnets server-lan and client-lan with each other through a VPN tunnel,and the client is behind a NAT network.

Also, the server also has a server.lanip which belongs to 10.0.0.0/24.

On server side

Edit /opt/ss-gmalg/etc/swanctl/conf.d/server.conf, add following:

connections {
    gw-ent1 {
        proposals = sm4cbc-sm3-sm2dh

        local {
            auth = pubkey
            id = "Alt name for server"
            certs = server.cert.pem
        }
        remote {
            auth = pubkey
            id = "Alt name for end entity"
        }
        children {
            gw-ent1 {
                local_ts  = 10.0.0.0/24
                remote_ts = 172.26.48.0/20
                esp_proposals = sm4cbc-sm3-sm2dh
                updown = /opt/ss-gmalg/libexec/ipsec/_updown iptables
            }
        }
    }
}

On client side

Edit /opt/ss-gmalg/etc/swanctl/conf.d/client.conf, add following:

connections {
    gw-ent1 {
        proposals = sm4cbc-sm3-sm2dh

        remote_addrs = your.server.wan.ip

        local {
            auth = pubkey
            id = "Alt name for end entity"
            certs = client.cert.pem
        }
        remote {
            auth = pubkey
            id = "Alt name for server"
        }
        children {
            gw-ent1 {
                remote_ts  = 10.0.0.0/24
                local_ts = 172.26.48.0/20
                esp_proposals = sm4cbc-sm3-sm2dh
                updown = /opt/ss-gmalg/libexec/ipsec/_updown iptables
            }
        }
    }
}

Note: /opt/ss-gmalg shall be replaced by actual installation path

Load server connection config and inspect log

Try

/opt/ss-gmalg/sbin/swanctl --load-all --clear

Success output

loaded certificate from '/opt/ss-gmalg/etc/swanctl/x509/server.cert.pem'
loaded certificate from '/opt/ss-gmalg/etc/swanctl/x509ca/ca.cert.pem'
loaded certificate from '/opt/ss-gmalg/etc/swanctl/pubkey/server.pub.key.pem'
loaded SM2 key from '/opt/ss-gmalg/etc/swanctl/private/ca.key.pem'
loaded SM2 key from '/opt/ss-gmalg/etc/swanctl/private/server.key.pem'
no authorities found, 0 unloaded
no pools found, 0 unloaded
loaded connection 'gw-ent1'
successfully loaded 1 connections, 0 unloaded

Inspect logs
```
/opt/ss-gmalg/sbin/swanctl -T
```

Load connection config and initiate connection

Try

/opt/ss-gmalg/sbin/swanctl --load-all --clear

Success output

loaded certificate from '/opt/ss-gmalg/etc/swanctl/x509/client.cert.pem'
loaded certificate from '/opt/ss-gmalg/etc/swanctl/x509ca/ca.cert.pem'
loaded SM2 key from '/opt/ss-gmalg/etc/swanctl/private/client.key.pem'
no authorities found, 0 unloaded
no pools found, 0 unloaded
loaded connection 'gw-ent1'
successfully loaded 1 connections, 0 unloaded

Try

/opt/ipsec/sbin/swanctl -i --child gw-ent1

Client success output

[IKE] initiating IKE_SA gw-ent1[17] to your.server.wan.ip
[ENC] generating IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
[NET] sending packet: from your.client.lan.ip[500] to your.server.wan.ip[500] (274 bytes)
[NET] received packet: from your.server.wan.ip[500] to your.client.lan.ip[500] (307 bytes)
[ENC] parsed IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
[CFG] selected proposal: IKE:SM4_CBC_128/HMAC_SM3/PRF_HMAC_SM3/CURVE_SM2
[IKE] local host is behind NAT, sending keep alives
[IKE] remote host is behind NAT
[IKE] received cert request for "C=Country, O=Company Name, CN=End Entity Name"
[IKE] sending cert request for "C=Country, O=Company Name, CN=Unit Name"
[IKE] sending cert request for "C=cn, O=haoyuanee, CN=VPN CA"
[IKE] authentication of 'Alt name for end entity' (myself) with SM2_WITH_SM3 successful
[IKE] sending end entity cert "C=Country, O=Company Name, CN=End Entity Name"
[IKE] establishing CHILD_SA gw-ent1{29}
[ENC] generating IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
[NET] sending packet: from your.client.lan.ip[4500] to your.server.wan.ip[4500] (864 bytes)
[NET] received packet: from your.server.wan.ip[4500] to your.client.lan.ip[4500] (816 bytes)
[ENC] parsed IKE_AUTH response 1 [ IDr CERT AUTH SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) ]
[IKE] received end entity cert "C=Country, O=Company Name, CN=Unit Name"
[CFG]   using certificate "C=Country, O=Company Name, CN=Unit Name"
[CFG]   using trusted ca certificate "C=Country, O=Company Name, CN=Unit Name"
[CFG] checking certificate status of "C=Country, O=Company Name, CN=Unit Name"
[CFG] certificate status is not available
[CFG]   reached self-signed root ca with a path length of 0
[IKE] authentication of 'Alt name for server' with SM2_WITH_SM3 successful
[IKE] IKE_SA gw-ent1[17] established between your.client.lan.ip[Alt name for end entity]...your.server.wan.ip[Alt name for server]
[IKE] scheduling rekeying in 13655s
[IKE] maximum IKE_SA lifetime 15095s
[CFG] selected proposal: ESP:SM4_CBC_128/HMAC_SM3/NO_EXT_SEQ
[IKE] CHILD_SA gw-ent1{29} established with SPIs e59b16ff_i 4a46d97b_o and TS 172.26.48.0/20 === 10.0.0.0/24
initiate completed successfully

Log on server side expected

11[NET] received packet: from your.client.wan.ip[2712] to you.actual.server.lanip[500] (274 bytes)
11[ENC] parsed IKE_SA_INIT request 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) N(FRAG_SUP) N(HASH_ALG) N(REDIR_SUP) ]
11[IKE] your.client.wan.ip is initiating an IKE_SA
11[CFG] selected proposal: IKE:SM4_CBC_128/HMAC_SM3/PRF_HMAC_SM3/CURVE_SM2
11[IKE] local host is behind NAT, sending keep alives
11[IKE] remote host is behind NAT
11[IKE] sending cert request for "C=Country, O=Company Name, CN=Unit Name"
11[ENC] generating IKE_SA_INIT response 0 [ SA KE No N(NATD_S_IP) N(NATD_D_IP) CERTREQ N(FRAG_SUP) N(HASH_ALG) N(CHDLESS_SUP) N(MULT_AUTH) ]
11[NET] sending packet: from you.actual.server.lanip[500] to your.client.wan.ip[2712] (307 bytes)
09[NET] received packet: from your.client.wan.ip[3016] to you.actual.server.lanip[4500] (864 bytes)
09[ENC] parsed IKE_AUTH request 1 [ IDi CERT N(INIT_CONTACT) CERTREQ IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) N(MULT_AUTH) N(EAP_ONLY) N(MSG_ID_SYN_SUP) ]
09[IKE] received cert request for "C=Country, O=Company Name, CN=Unit Name"
09[IKE] received cert request for "C=Country, O=Company Name, CN=Unit Name"
09[IKE] received end entity cert "C=Country, O=Company Name, CN=End Entity Name"
09[CFG] looking for peer configs matching you.actual.server.lanip[Alt name for server]...your.client.wan.ip[Alt name for end entity]
09[CFG] selected peer config 'gw-ent1'
09[CFG]   using certificate "C=Country, O=Company Name, CN=End Entity Name"
09[CFG]   using trusted ca certificate "C=Country, O=Company Name, CN=Unit Name"
09[CFG] checking certificate status of "C=Country, O=Company Name, CN=End Entity Name"
09[CFG] certificate status is not available
09[CFG]   reached self-signed root ca with a path length of 0
09[IKE] authentication of 'Alt name for end entity' with SM2_WITH_SM3 successful
09[IKE] peer supports MOBIKE
09[IKE] authentication of 'Alt name for server' (myself) with SM2_WITH_SM3 successful
09[IKE] IKE_SA gw-ent1[5] established between you.actual.server.lanip[Alt name for server]...your.client.wan.ip[Alt name for end entity]
09[IKE] scheduling rekeying in 12989s
09[IKE] maximum IKE_SA lifetime 14429s
09[IKE] sending end entity cert "C=Country, O=Company Name, CN=Unit Name"
09[CFG] selected proposal: ESP:SM4_CBC_128/HMAC_SM3/NO_EXT_SEQ
09[IKE] CHILD_SA gw-ent1{11} established with SPIs 4a46d97b_i e59b16ff_o and TS 10.0.0.0/24 === 172.26.48.0/20
09[ENC] generating IKE_AUTH response 1 [ IDr CERT AUTH SA TSi TSr N(MOBIKE_SUP) N(ADD_4_ADDR) N(ADD_4_ADDR) N(ADD_4_ADDR) ]
09[NET] sending packet: from you.actual.server.lanip[4500] to your.client.wan.ip[3016] (816 bytes)
14[IKE] sending keep alive to your.client.wan.ip[3016]
12[IKE] sending keep alive to your.client.wan.ip[3016]

Now you may try ping you.actual.server.lanip from client side
```
ping you.actual.server.lanip
```
Or ping your.client.lan.ip from the server side
```
ping you.actual.server.lanip
```

If you want to access the lan behind the gateway, you shall add static route to your gateway's router, route server-lan to client-ip or/and route client-lan to server,lanip

zhenfdfs / strongswan-gmalg-merge