diff options
author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2007-02-22 20:26:30 +0000 |
---|---|---|
committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2007-02-22 20:26:30 +0000 |
commit | c54a140a445bfe7aa66721f68bb0781f26add91c (patch) | |
tree | f0c377d556ca1ac780bd5e2f2149c7ec40e1d8d3 | |
parent | 64081ed57a64812a1e09b5a749a6a105389a79ca (diff) | |
download | vyos-strongswan-c54a140a445bfe7aa66721f68bb0781f26add91c.tar.gz vyos-strongswan-c54a140a445bfe7aa66721f68bb0781f26add91c.zip |
- Update to new upstream release.
44 files changed, 1616 insertions, 83 deletions
@@ -1,3 +1,15 @@ +strongswan-2.8.3 +---------------- + +- Support of SHA2_384 hash function for protecting IKEv1 + negotiations and support of SHA2 signatures in X.509 certificates. + +- Fixed a serious bug in the computation of the SHA2-512 HMAC + function. Introduced testvector-based self-tests of all IKEv1 hash + and hmac functions during pluto startup. Failure of a self-test + currently issues a warning only but does not exit pluto [yet]. + + strongswan-2.8.2 ---------------- diff --git a/Makefile.ver b/Makefile.ver index f42026a56..98bef89bb 100644 --- a/Makefile.ver +++ b/Makefile.ver @@ -1 +1 @@ -IPSECVERSION=2.8.2 +IPSECVERSION=2.8.3 @@ -41,7 +41,7 @@ Contents 6.1 Loading private key files in PKCS#1 format 6.2 Entering passphrases interactively 6.3 Multiple private keys - 7. Configuring CA properties - ipsec.onf + 7. Configuring CA properties - ipsec.conf 8. Smartcard support 8.1 Configuring a smartcard-based connection 8.2 Entering the PIN code @@ -3147,5 +3147,5 @@ by the pluto/xauth.h header file. for more details. ----------------------------------------------------------------------------- -This file is RCSID $Id: README,v 1.38 2007/01/14 18:16:51 as Exp $ +This file is RCSID $Id: README,v 1.39 2007/01/30 14:43:12 as Exp $ diff --git a/debian/changelog b/debian/changelog index ddb0a90f0..396dd2916 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +strongswan (2.8.3-1) unstable; urgency=low + + * New upstream release with fixes for the SHA-512-HMAC function and + added SHA-384 and SHA-2 implementations. + + -- Rene Mayrhofer <rmayr@debian.org> Thu, 22 Feb 2007 20:19:45 +0000 + strongswan (2.8.2-1) unstable; urgency=low * New upstream release with interoperability fixes for some VPN diff --git a/programs/openac/Makefile b/programs/openac/Makefile index 7aeacee0a..98051f7bc 100644 --- a/programs/openac/Makefile +++ b/programs/openac/Makefile @@ -12,7 +12,7 @@ # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # -# RCSID $Id: Makefile,v 1.16 2006/02/17 19:33:27 as Exp $ +# RCSID $Id: Makefile,v 1.17 2007/02/21 14:19:45 as Exp $ FREESWANSRCDIR=../.. include ${FREESWANSRCDIR}/Makefile.inc @@ -23,6 +23,11 @@ PLUTODIR=../pluto PROGRAM=openac EXTRA8PROC=${PROGRAM}.8 +# where to find sha2.h +LIBCRYPTO=$(FREESWANSRCDIR)/lib/libcrypto +LIBSHA2=$(LIBCRYPTO)/libsha2 +CFLAGS+= -I$(LIBCRYPTO) + LIBS=${FREESWANLIB} $(LIBDESLITE) -lgmp CFLAGS+= -DDEBUG -DNO_PLUTO @@ -33,7 +38,7 @@ endif X509_OBJS= ac.o asn1.o ca.o certs.o constants.o crl.o defs.o mp_defs.o fetch.o \ id.o keys.o lex.o md2.o md5.o ocsp.o oid.o pem.o pgp.o pkcs1.o \ - rnd.o sha1.o smartcard.o x509.o + rnd.o sha1.o sha2.o smartcard.o x509.o OBJS= build.o loglite.o ${X509_OBJS} @@ -110,6 +115,9 @@ rnd.o : $(PLUTODIR)/rnd.c $(PLUTODIR)/rnd.h sha1.o : $(PLUTODIR)/sha1.c $(PLUTODIR)/sha1.h $(CC) $(CFLAGS) -c -o $@ $< +sha2.o : $(LIBSHA2)/sha2.c $(LIBSHA2)/sha2.h + $(CC) $(CFLAGS) -c -o $@ $< + smartcard.o : $(PLUTODIR)/smartcard.c $(PLUTODIR)/smartcard.h $(CC) $(CFLAGS) -c -o $@ $< diff --git a/programs/pluto/alg/ike_alg_sha2.c b/programs/pluto/alg/ike_alg_sha2.c index ad24f7cf0..6b7c8438c 100644 --- a/programs/pluto/alg/ike_alg_sha2.c +++ b/programs/pluto/alg/ike_alg_sha2.c @@ -11,51 +11,624 @@ #include "alg_info.h" #include "ike_alg.h" -#define SHA2_256_DIGEST_SIZE (256/BITS_PER_BYTE) -#define SHA2_512_DIGEST_SIZE (512/BITS_PER_BYTE) +static void +sha256_hash_final(u_char *hash, sha256_context *ctx) +{ + sha256_final(ctx); + memcpy(hash, ctx->sha_out, SHA2_256_DIGEST_SIZE); +} -static void sha256_hash_final(u_char *hash, sha256_context *ctx) +static void +sha384_hash_final(u_char *hash, sha512_context *ctx) { - sha256_final(ctx); - memcpy(hash, &ctx->sha_out[0], SHA2_256_DIGEST_SIZE); + sha512_final(ctx); + memcpy(hash, ctx->sha_out, SHA2_384_DIGEST_SIZE); } -static void sha512_hash_final(u_char *hash, sha512_context *ctx) + +static void +sha512_hash_final(u_char *hash, sha512_context *ctx) { - sha512_final(ctx); - memcpy(hash, &ctx->sha_out[0], SHA2_512_DIGEST_SIZE); + sha512_final(ctx); + memcpy(hash, ctx->sha_out, SHA2_512_DIGEST_SIZE); } + +/* SHA-256 hash test vectors + * from "The Secure Hash Algorithm Validation System (SHAVS)" + * July 22, 2004, Lawrence E. Bassham III, NIST + */ + +static const u_char sha256_short2_msg[] = { + 0x19 +}; + +static const u_char sha256_short2_msg_digest[] = { + 0x68, 0xaa, 0x2e, 0x2e, 0xe5, 0xdf, 0xf9, 0x6e, + 0x33, 0x55, 0xe6, 0xc7, 0xee, 0x37, 0x3e, 0x3d, + 0x6a, 0x4e, 0x17, 0xf7, 0x5f, 0x95, 0x18, 0xd8, + 0x43, 0x70, 0x9c, 0x0c, 0x9b, 0xc3, 0xe3, 0xd4 +}; + +static const u_char sha256_short4_msg[] = { + 0xe3, 0xd7, 0x25, 0x70, 0xdc, 0xdd, 0x78, 0x7c, + 0xe3, 0x88, 0x7a, 0xb2, 0xcd, 0x68, 0x46, 0x52 +}; + +static const u_char sha256_short4_msg_digest[] = { + 0x17, 0x5e, 0xe6, 0x9b, 0x02, 0xba, 0x9b, 0x58, + 0xe2, 0xb0, 0xa5, 0xfd, 0x13, 0x81, 0x9c, 0xea, + 0x57, 0x3f, 0x39, 0x40, 0xa9, 0x4f, 0x82, 0x51, + 0x28, 0xcf, 0x42, 0x09, 0xbe, 0xab, 0xb4, 0xe8 +}; + +static const u_char sha256_long2_msg[] = { + 0x83, 0x26, 0x75, 0x4e, 0x22, 0x77, 0x37, 0x2f, + 0x4f, 0xc1, 0x2b, 0x20, 0x52, 0x7a, 0xfe, 0xf0, + 0x4d, 0x8a, 0x05, 0x69, 0x71, 0xb1, 0x1a, 0xd5, + 0x71, 0x23, 0xa7, 0xc1, 0x37, 0x76, 0x00, 0x00, + 0xd7, 0xbe, 0xf6, 0xf3, 0xc1, 0xf7, 0xa9, 0x08, + 0x3a, 0xa3, 0x9d, 0x81, 0x0d, 0xb3, 0x10, 0x77, + 0x7d, 0xab, 0x8b, 0x1e, 0x7f, 0x02, 0xb8, 0x4a, + 0x26, 0xc7, 0x73, 0x32, 0x5f, 0x8b, 0x23, 0x74, + 0xde, 0x7a, 0x4b, 0x5a, 0x58, 0xcb, 0x5c, 0x5c, + 0xf3, 0x5b, 0xce, 0xe6, 0xfb, 0x94, 0x6e, 0x5b, + 0xd6, 0x94, 0xfa, 0x59, 0x3a, 0x8b, 0xeb, 0x3f, + 0x9d, 0x65, 0x92, 0xec, 0xed, 0xaa, 0x66, 0xca, + 0x82, 0xa2, 0x9d, 0x0c, 0x51, 0xbc, 0xf9, 0x33, + 0x62, 0x30, 0xe5, 0xd7, 0x84, 0xe4, 0xc0, 0xa4, + 0x3f, 0x8d, 0x79, 0xa3, 0x0a, 0x16, 0x5c, 0xba, + 0xbe, 0x45, 0x2b, 0x77, 0x4b, 0x9c, 0x71, 0x09, + 0xa9, 0x7d, 0x13, 0x8f, 0x12, 0x92, 0x28, 0x96, + 0x6f, 0x6c, 0x0a, 0xdc, 0x10, 0x6a, 0xad, 0x5a, + 0x9f, 0xdd, 0x30, 0x82, 0x57, 0x69, 0xb2, 0xc6, + 0x71, 0xaf, 0x67, 0x59, 0xdf, 0x28, 0xeb, 0x39, + 0x3d, 0x54, 0xd6 +}; + +static const u_char sha256_long2_msg_digest[] = { + 0x97, 0xdb, 0xca, 0x7d, 0xf4, 0x6d, 0x62, 0xc8, + 0xa4, 0x22, 0xc9, 0x41, 0xdd, 0x7e, 0x83, 0x5b, + 0x8a, 0xd3, 0x36, 0x17, 0x63, 0xf7, 0xe9, 0xb2, + 0xd9, 0x5f, 0x4f, 0x0d, 0xa6, 0xe1, 0xcc, 0xbc +}; + +static const hash_testvector_t sha256_hash_testvectors[] = { + { sizeof(sha256_short2_msg), sha256_short2_msg, sha256_short2_msg_digest }, + { sizeof(sha256_short4_msg), sha256_short4_msg, sha256_short4_msg_digest }, + { sizeof(sha256_long2_msg), sha256_long2_msg, sha256_long2_msg_digest }, + { 0, NULL, NULL } +}; + +/* SHA-384 hash test vectors + * from "The Secure Hash Algorithm Validation System (SHAVS)" + * July 22, 2004, Lawrence E. Bassham III, NIST + */ + +static const u_char sha384_short2_msg[] = { + 0xb9 +}; + +static const u_char sha384_short2_msg_digest[] = { + 0xbc, 0x80, 0x89, 0xa1, 0x90, 0x07, 0xc0, 0xb1, + 0x41, 0x95, 0xf4, 0xec, 0xc7, 0x40, 0x94, 0xfe, + 0xc6, 0x4f, 0x01, 0xf9, 0x09, 0x29, 0x28, 0x2c, + 0x2f, 0xb3, 0x92, 0x88, 0x15, 0x78, 0x20, 0x8a, + 0xd4, 0x66, 0x82, 0x8b, 0x1c, 0x6c, 0x28, 0x3d, + 0x27, 0x22, 0xcf, 0x0a, 0xd1, 0xab, 0x69, 0x38 +}; + +static const u_char sha384_short4_msg[] = { + 0xa4, 0x1c, 0x49, 0x77, 0x79, 0xc0, 0x37, 0x5f, + 0xf1, 0x0a, 0x7f, 0x4e, 0x08, 0x59, 0x17, 0x39 +}; + +static const u_char sha384_short4_msg_digest[] = { + 0xc9, 0xa6, 0x84, 0x43, 0xa0, 0x05, 0x81, 0x22, + 0x56, 0xb8, 0xec, 0x76, 0xb0, 0x05, 0x16, 0xf0, + 0xdb, 0xb7, 0x4f, 0xab, 0x26, 0xd6, 0x65, 0x91, + 0x3f, 0x19, 0x4b, 0x6f, 0xfb, 0x0e, 0x91, 0xea, + 0x99, 0x67, 0x56, 0x6b, 0x58, 0x10, 0x9c, 0xbc, + 0x67, 0x5c, 0xc2, 0x08, 0xe4, 0xc8, 0x23, 0xf7 +}; + +static const u_char sha384_long2_msg[] = { + 0x39, 0x96, 0x69, 0xe2, 0x8f, 0x6b, 0x9c, 0x6d, + 0xbc, 0xbb, 0x69, 0x12, 0xec, 0x10, 0xff, 0xcf, + 0x74, 0x79, 0x03, 0x49, 0xb7, 0xdc, 0x8f, 0xbe, + 0x4a, 0x8e, 0x7b, 0x3b, 0x56, 0x21, 0xdb, 0x0f, + 0x3e, 0x7d, 0xc8, 0x7f, 0x82, 0x32, 0x64, 0xbb, + 0xe4, 0x0d, 0x18, 0x11, 0xc9, 0xea, 0x20, 0x61, + 0xe1, 0xc8, 0x4a, 0xd1, 0x0a, 0x23, 0xfa, 0xc1, + 0x72, 0x7e, 0x72, 0x02, 0xfc, 0x3f, 0x50, 0x42, + 0xe6, 0xbf, 0x58, 0xcb, 0xa8, 0xa2, 0x74, 0x6e, + 0x1f, 0x64, 0xf9, 0xb9, 0xea, 0x35, 0x2c, 0x71, + 0x15, 0x07, 0x05, 0x3c, 0xf4, 0xe5, 0x33, 0x9d, + 0x52, 0x86, 0x5f, 0x25, 0xcc, 0x22, 0xb5, 0xe8, + 0x77, 0x84, 0xa1, 0x2f, 0xc9, 0x61, 0xd6, 0x6c, + 0xb6, 0xe8, 0x95, 0x73, 0x19, 0x9a, 0x2c, 0xe6, + 0x56, 0x5c, 0xbd, 0xf1, 0x3d, 0xca, 0x40, 0x38, + 0x32, 0xcf, 0xcb, 0x0e, 0x8b, 0x72, 0x11, 0xe8, + 0x3a, 0xf3, 0x2a, 0x11, 0xac, 0x17, 0x92, 0x9f, + 0xf1, 0xc0, 0x73, 0xa5, 0x1c, 0xc0, 0x27, 0xaa, + 0xed, 0xef, 0xf8, 0x5a, 0xad, 0x7c, 0x2b, 0x7c, + 0x5a, 0x80, 0x3e, 0x24, 0x04, 0xd9, 0x6d, 0x2a, + 0x77, 0x35, 0x7b, 0xda, 0x1a, 0x6d, 0xae, 0xed, + 0x17, 0x15, 0x1c, 0xb9, 0xbc, 0x51, 0x25, 0xa4, + 0x22, 0xe9, 0x41, 0xde, 0x0c, 0xa0, 0xfc, 0x50, + 0x11, 0xc2, 0x3e, 0xcf, 0xfe, 0xfd, 0xd0, 0x96, + 0x76, 0x71, 0x1c, 0xf3, 0xdb, 0x0a, 0x34, 0x40, + 0x72, 0x0e ,0x16, 0x15, 0xc1, 0xf2, 0x2f, 0xbc, + 0x3c, 0x72, 0x1d, 0xe5, 0x21, 0xe1, 0xb9, 0x9b, + 0xa1, 0xbd, 0x55, 0x77, 0x40, 0x86, 0x42, 0x14, + 0x7e, 0xd0, 0x96 +}; + +static const u_char sha384_long2_msg_digest[] = { + 0x4f, 0x44, 0x0d, 0xb1, 0xe6, 0xed, 0xd2, 0x89, + 0x9f, 0xa3, 0x35, 0xf0, 0x95, 0x15, 0xaa, 0x02, + 0x5e, 0xe1, 0x77, 0xa7, 0x9f, 0x4b, 0x4a, 0xaf, + 0x38, 0xe4, 0x2b, 0x5c, 0x4d, 0xe6, 0x60, 0xf5, + 0xde, 0x8f, 0xb2, 0xa5, 0xb2, 0xfb, 0xd2, 0xa3, + 0xcb, 0xff, 0xd2, 0x0c, 0xff, 0x12, 0x88, 0xc0 +}; + +static const hash_testvector_t sha384_hash_testvectors[] = { + { sizeof(sha384_short2_msg), sha384_short2_msg, sha384_short2_msg_digest }, + { sizeof(sha384_short4_msg), sha384_short4_msg, sha384_short4_msg_digest }, + { sizeof(sha384_long2_msg), sha384_long2_msg, sha384_long2_msg_digest }, + { 0, NULL, NULL } +}; + +/* SHA-512 hash test vectors + * from "The Secure Hash Algorithm Validation System (SHAVS)" + * July 22, 2004, Lawrence E. Bassham III, NIST + */ + +static const u_char sha512_short2_msg[] = { + 0xd0 +}; + +static const u_char sha512_short2_msg_digest[] = { + 0x99, 0x92, 0x20, 0x29, 0x38, 0xe8, 0x82, 0xe7, + 0x3e, 0x20, 0xf6, 0xb6, 0x9e, 0x68, 0xa0, 0xa7, + 0x14, 0x90, 0x90, 0x42, 0x3d, 0x93, 0xc8, 0x1b, + 0xab, 0x3f, 0x21, 0x67, 0x8d, 0x4a, 0xce, 0xee, + 0xe5, 0x0e, 0x4e, 0x8c, 0xaf, 0xad, 0xa4, 0xc8, + 0x5a, 0x54, 0xea, 0x83, 0x06, 0x82, 0x6c, 0x4a, + 0xd6, 0xe7, 0x4c, 0xec, 0xe9, 0x63, 0x1b, 0xfa, + 0x8a, 0x54, 0x9b, 0x4a, 0xb3, 0xfb, 0xba, 0x15 +}; + +static const u_char sha512_short4_msg[] = { + 0x8d, 0x4e, 0x3c, 0x0e, 0x38, 0x89, 0x19, 0x14, + 0x91, 0x81, 0x6e, 0x9d, 0x98, 0xbf, 0xf0, 0xa0 +}; + +static const u_char sha512_short4_msg_digest[] = { + 0xcb, 0x0b, 0x67, 0xa4, 0xb8, 0x71, 0x2c, 0xd7, + 0x3c, 0x9a, 0xab, 0xc0, 0xb1, 0x99, 0xe9, 0x26, + 0x9b, 0x20, 0x84, 0x4a, 0xfb, 0x75, 0xac, 0xbd, + 0xd1, 0xc1, 0x53, 0xc9, 0x82, 0x89, 0x24, 0xc3, + 0xdd, 0xed, 0xaa, 0xfe, 0x66, 0x9c, 0x5f, 0xdd, + 0x0b, 0xc6, 0x6f, 0x63, 0x0f, 0x67, 0x73, 0x98, + 0x82, 0x13, 0xeb, 0x1b, 0x16, 0xf5, 0x17, 0xad, + 0x0d, 0xe4, 0xb2, 0xf0, 0xc9, 0x5c, 0x90, 0xf8 +}; + +static const u_char sha512_long2_msg[] = { + 0xa5, 0x5f, 0x20, 0xc4, 0x11, 0xaa, 0xd1, 0x32, + 0x80, 0x7a, 0x50, 0x2d, 0x65, 0x82, 0x4e, 0x31, + 0xa2, 0x30, 0x54, 0x32, 0xaa, 0x3d, 0x06, 0xd3, + 0xe2, 0x82, 0xa8, 0xd8, 0x4e, 0x0d, 0xe1, 0xde, + 0x69, 0x74, 0xbf, 0x49, 0x54, 0x69, 0xfc, 0x7f, + 0x33, 0x8f, 0x80, 0x54, 0xd5, 0x8c, 0x26, 0xc4, + 0x93, 0x60, 0xc3, 0xe8, 0x7a, 0xf5, 0x65, 0x23, + 0xac, 0xf6, 0xd8, 0x9d, 0x03, 0xe5, 0x6f, 0xf2, + 0xf8, 0x68, 0x00, 0x2b, 0xc3, 0xe4, 0x31, 0xed, + 0xc4, 0x4d, 0xf2, 0xf0, 0x22, 0x3d, 0x4b, 0xb3, + 0xb2, 0x43, 0x58, 0x6e, 0x1a, 0x7d, 0x92, 0x49, + 0x36, 0x69, 0x4f, 0xcb, 0xba, 0xf8, 0x8d, 0x95, + 0x19, 0xe4, 0xeb, 0x50, 0xa6, 0x44, 0xf8, 0xe4, + 0xf9, 0x5e, 0xb0, 0xea, 0x95, 0xbc, 0x44, 0x65, + 0xc8, 0x82, 0x1a, 0xac, 0xd2, 0xfe, 0x15, 0xab, + 0x49, 0x81, 0x16, 0x4b, 0xbb, 0x6d, 0xc3, 0x2f, + 0x96, 0x90, 0x87, 0xa1, 0x45, 0xb0, 0xd9, 0xcc, + 0x9c, 0x67, 0xc2, 0x2b, 0x76, 0x32, 0x99, 0x41, + 0x9c, 0xc4, 0x12, 0x8b, 0xe9, 0xa0, 0x77, 0xb3, + 0xac, 0xe6, 0x34, 0x06, 0x4e, 0x6d, 0x99, 0x28, + 0x35, 0x13, 0xdc, 0x06, 0xe7, 0x51, 0x5d, 0x0d, + 0x73, 0x13, 0x2e, 0x9a, 0x0d, 0xc6, 0xd3, 0xb1, + 0xf8, 0xb2, 0x46, 0xf1, 0xa9, 0x8a, 0x3f, 0xc7, + 0x29, 0x41, 0xb1, 0xe3, 0xbb, 0x20, 0x98, 0xe8, + 0xbf, 0x16, 0xf2, 0x68, 0xd6, 0x4f, 0x0b, 0x0f, + 0x47, 0x07, 0xfe, 0x1e, 0xa1, 0xa1, 0x79, 0x1b, + 0xa2, 0xf3, 0xc0, 0xc7, 0x58, 0xe5, 0xf5, 0x51, + 0x86, 0x3a, 0x96, 0xc9, 0x49, 0xad, 0x47, 0xd7, + 0xfb, 0x40, 0xd2 +}; + +static const u_char sha512_long2_msg_digest[] = { + 0xc6, 0x65, 0xbe, 0xfb, 0x36, 0xda, 0x18, 0x9d, + 0x78, 0x82, 0x2d, 0x10, 0x52, 0x8c, 0xbf, 0x3b, + 0x12, 0xb3, 0xee, 0xf7, 0x26, 0x03, 0x99, 0x09, + 0xc1, 0xa1, 0x6a, 0x27, 0x0d, 0x48, 0x71, 0x93, + 0x77, 0x96, 0x6b, 0x95, 0x7a, 0x87, 0x8e, 0x72, + 0x05, 0x84, 0x77, 0x9a, 0x62, 0x82, 0x5c, 0x18, + 0xda, 0x26, 0x41, 0x5e, 0x49, 0xa7, 0x17, 0x6a, + 0x89, 0x4e, 0x75, 0x10, 0xfd, 0x14, 0x51, 0xf5 +}; + +static const hash_testvector_t sha512_hash_testvectors[] = { + { sizeof(sha512_short2_msg), sha512_short2_msg, sha512_short2_msg_digest }, + { sizeof(sha512_short4_msg), sha512_short4_msg, sha512_short4_msg_digest }, + { sizeof(sha512_long2_msg), sha512_long2_msg, sha512_long2_msg_digest }, + { 0, NULL, NULL } +}; + +/* SHA-256, SHA-384, and SHA-512 hmac test vectors + * from RFC 4231 "Identifiers and Test Vectors for HMAC-SHA-224, + * HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512" + * December 2005, M. Nystrom, RSA Security + */ + +static const u_char sha2_hmac1_key[] = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b +}; + +static const u_char sha2_hmac1_msg[] = { + 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 +}; + +static const u_char sha2_hmac1_256[] = { + 0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, + 0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b, + 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, + 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7 +}; + +static const u_char sha2_hmac1_384[] = { + 0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62, + 0x6b, 0x08, 0x25, 0xf4, 0xab ,0x46, 0x90, 0x7f, + 0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6, + 0x82, 0xaa, 0x03, 0x4c, 0x7c, 0xeb, 0xc5, 0x9c, + 0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f, + 0x4a, 0xf1, 0x52, 0xe8, 0xb2, 0xfa, 0x9c, 0xb6 +}; + +static const u_char sha2_hmac1_512[] = { + 0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, + 0x4f, 0xf0, 0xb4, 0x24, 0x1a, 0x1d, 0x6c, 0xb0, + 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, + 0x7a, 0xd0, 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, + 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7, 0x02, + 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, + 0xbe, 0x9d, 0x91, 0x4e, 0xeb, 0x61, 0xf1, 0x70, + 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54 +}; + +static const u_char sha2_hmac2_key[] = { + 0x4a, 0x65, 0x66, 0x65 +}; + +static const u_char sha2_hmac2_msg[] = { + 0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20, + 0x79, 0x61, 0x20, 0x77, 0x61, 0x6e, 0x74, 0x20, + 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f, 0x74, 0x68, + 0x69, 0x6e, 0x67, 0x3f +}; + +static const u_char sha2_hmac2_256[] = { + 0x5b, 0xdc, 0xc1, 0x46, 0xbf, 0x60, 0x75, 0x4e, + 0x6a, 0x04, 0x24, 0x26, 0x08, 0x95, 0x75, 0xc7, + 0x5a, 0x00, 0x3f, 0x08, 0x9d, 0x27, 0x39, 0x83, + 0x9d, 0xec, 0x58, 0xb9, 0x64, 0xec, 0x38, 0x43 +}; + +static const u_char sha2_hmac2_384[] = { + 0xaf, 0x45, 0xd2, 0xe3, 0x76, 0x48, 0x40, 0x31, + 0x61, 0x7f, 0x78, 0xd2, 0xb5, 0x8a, 0x6b, 0x1b, + 0x9c, 0x7e, 0xf4, 0x64, 0xf5, 0xa0, 0x1b, 0x47, + 0xe4, 0x2e, 0xc3, 0x73, 0x63, 0x22, 0x44, 0x5e, + 0x8e, 0x22, 0x40, 0xca, 0x5e, 0x69, 0xe2, 0xc7, + 0x8b, 0x32, 0x39, 0xec, 0xfa, 0xb2, 0x16, 0x49 +}; + +static const u_char sha2_hmac2_512[] = { + 0x16, 0x4b, 0x7a, 0x7b, 0xfc, 0xf8, 0x19, 0xe2, + 0xe3, 0x95, 0xfb, 0xe7, 0x3b, 0x56, 0xe0, 0xa3, + 0x87, 0xbd, 0x64, 0x22, 0x2e, 0x83, 0x1f, 0xd6, + 0x10, 0x27, 0x0c, 0xd7, 0xea, 0x25, 0x05, 0x54, + 0x97, 0x58, 0xbf, 0x75, 0xc0, 0x5a, 0x99, 0x4a, + 0x6d, 0x03, 0x4f, 0x65, 0xf8, 0xf0, 0xe6, 0xfd, + 0xca, 0xea, 0xb1, 0xa3, 0x4d, 0x4a, 0x6b, 0x4b, + 0x63, 0x6e, 0x07, 0x0a, 0x38, 0xbc, 0xe7, 0x37 +}; + +static const u_char sha2_hmac3_key[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa +}; + +static const u_char sha2_hmac3_msg[] = { + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd +}; + +static const u_char sha2_hmac3_256[] = { + 0x77, 0x3e, 0xa9, 0x1e, 0x36, 0x80, 0x0e, 0x46, + 0x85, 0x4d, 0xb8, 0xeb, 0xd0, 0x91, 0x81, 0xa7, + 0x29, 0x59, 0x09, 0x8b, 0x3e, 0xf8, 0xc1, 0x22, + 0xd9, 0x63, 0x55, 0x14, 0xce, 0xd5, 0x65, 0xfe +}; + +static const u_char sha2_hmac3_384[] = { + 0x88, 0x06, 0x26, 0x08, 0xd3, 0xe6, 0xad, 0x8a, + 0x0a, 0xa2, 0xac, 0xe0, 0x14, 0xc8, 0xa8, 0x6f, + 0x0a, 0xa6, 0x35, 0xd9, 0x47, 0xac, 0x9f, 0xeb, + 0xe8, 0x3e, 0xf4, 0xe5, 0x59, 0x66, 0x14, 0x4b, + 0x2a, 0x5a, 0xb3, 0x9d, 0xc1, 0x38, 0x14, 0xb9, + 0x4e, 0x3a, 0xb6, 0xe1, 0x01, 0xa3, 0x4f, 0x27 +}; + +static const u_char sha2_hmac3_512[] = { + 0xfa, 0x73, 0xb0, 0x08, 0x9d, 0x56, 0xa2, 0x84, + 0xef, 0xb0, 0xf0, 0x75, 0x6c, 0x89, 0x0b, 0xe9, + 0xb1, 0xb5, 0xdb, 0xdd, 0x8e, 0xe8, 0x1a, 0x36, + 0x55, 0xf8, 0x3e, 0x33, 0xb2, 0x27, 0x9d, 0x39, + 0xbf, 0x3e, 0x84, 0x82, 0x79, 0xa7, 0x22, 0xc8, + 0x06, 0xb4, 0x85, 0xa4, 0x7e, 0x67, 0xc8, 0x07, + 0xb9, 0x46, 0xa3, 0x37, 0xbe, 0xe8, 0x94, 0x26, + 0x74, 0x27, 0x88, 0x59, 0xe1, 0x32, 0x92, 0xfb +}; + +static const u_char sha2_hmac4_key[] = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19 +}; + +static const u_char sha2_hmac4_msg[] = { + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd +}; + +static const u_char sha2_hmac4_256[] = { + 0x82, 0x55, 0x8a, 0x38, 0x9a, 0x44, 0x3c, 0x0e, + 0xa4, 0xcc, 0x81, 0x98, 0x99, 0xf2, 0x08, 0x3a, + 0x85, 0xf0, 0xfa, 0xa3, 0xe5, 0x78, 0xf8, 0x07, + 0x7a, 0x2e, 0x3f, 0xf4, 0x67, 0x29, 0x66, 0x5b +}; + +static const u_char sha2_hmac4_384[] = { + 0x3e, 0x8a, 0x69, 0xb7, 0x78, 0x3c, 0x25, 0x85, + 0x19, 0x33, 0xab, 0x62, 0x90, 0xaf, 0x6c, 0xa7, + 0x7a, 0x99, 0x81, 0x48, 0x08, 0x50, 0x00, 0x9c, + 0xc5, 0x57, 0x7c, 0x6e, 0x1f, 0x57, 0x3b, 0x4e, + 0x68, 0x01, 0xdd, 0x23, 0xc4, 0xa7, 0xd6, 0x79, + 0xcc, 0xf8, 0xa3, 0x86, 0xc6, 0x74, 0xcf, 0xfb +}; + +static const u_char sha2_hmac4_512[] = { + 0xb0, 0xba, 0x46, 0x56, 0x37, 0x45, 0x8c, 0x69, + 0x90, 0xe5, 0xa8, 0xc5, 0xf6, 0x1d, 0x4a, 0xf7, + 0xe5, 0x76, 0xd9, 0x7f, 0xf9, 0x4b, 0x87, 0x2d, + 0xe7, 0x6f, 0x80, 0x50, 0x36, 0x1e, 0xe3, 0xdb, + 0xa9, 0x1c, 0xa5, 0xc1, 0x1a, 0xa2, 0x5e, 0xb4, + 0xd6, 0x79, 0x27, 0x5c, 0xc5, 0x78, 0x80, 0x63, + 0xa5, 0xf1, 0x97, 0x41, 0x12, 0x0c, 0x4f, 0x2d, + 0xe2, 0xad, 0xeb, 0xeb, 0x10, 0xa2, 0x98, 0xdd +}; + +static const u_char sha2_hmac6_key[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa +}; + +static const u_char sha2_hmac6_msg[] = { + 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, + 0x6e, 0x67, 0x20, 0x4c, 0x61, 0x72, 0x67, 0x65, + 0x72, 0x20, 0x54, 0x68, 0x61, 0x6e, 0x20, 0x42, + 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, + 0x65, 0x20, 0x4b, 0x65, 0x79, 0x20, 0x2d, 0x20, + 0x48, 0x61, 0x73, 0x68, 0x20, 0x4b, 0x65, 0x79, + 0x20, 0x46, 0x69, 0x72, 0x73, 0x74 +}; + +static const u_char sha2_hmac6_256[] = { + 0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, + 0x0d, 0x8a, 0x26, 0xaa, 0xcb, 0xf5, 0xb7, 0x7f, + 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28, 0xc5, 0x14, + 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54 +}; + +static const u_char sha2_hmac6_384[] = { + 0x4e, 0xce, 0x08, 0x44, 0x85, 0x81, 0x3e, 0x90, + 0x88, 0xd2, 0xc6, 0x3a, 0x04, 0x1b, 0xc5, 0xb4, + 0x4f, 0x9e, 0xf1, 0x01, 0x2a, 0x2b, 0x58, 0x8f, + 0x3c, 0xd1, 0x1f, 0x05, 0x03, 0x3a, 0xc4, 0xc6, + 0x0c, 0x2e, 0xf6, 0xab, 0x40, 0x30, 0xfe, 0x82, + 0x96, 0x24, 0x8d, 0xf1, 0x63, 0xf4, 0x49, 0x52 +}; + +static const u_char sha2_hmac6_512[] = { + 0x80, 0xb2, 0x42, 0x63, 0xc7, 0xc1, 0xa3, 0xeb, + 0xb7, 0x14, 0x93, 0xc1, 0xdd, 0x7b, 0xe8, 0xb4, + 0x9b, 0x46, 0xd1, 0xf4, 0x1b, 0x4a, 0xee, 0xc1, + 0x12, 0x1b, 0x01, 0x37, 0x83, 0xf8, 0xf3, 0x52, + 0x6b, 0x56, 0xd0, 0x37, 0xe0, 0x5f, 0x25, 0x98, + 0xbd, 0x0f, 0xd2, 0x21, 0x5d, 0x6a, 0x1e, 0x52, + 0x95, 0xe6, 0x4f, 0x73, 0xf6, 0x3f, 0x0a, 0xec, + 0x8b, 0x91, 0x5a, 0x98, 0x5d, 0x78, 0x65, 0x98 +}; + +static const u_char sha2_hmac7_msg[] = { + 0x54, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, + 0x61, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x75, + 0x73, 0x69, 0x6e, 0x67, 0x20, 0x61, 0x20, 0x6c, + 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x74, 0x68, + 0x61, 0x6e, 0x20, 0x62, 0x6c, 0x6f, 0x63, 0x6b, + 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20, 0x6b, 0x65, + 0x79, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x61, 0x20, + 0x6c, 0x61, 0x72, 0x67, 0x65, 0x72, 0x20, 0x74, + 0x68, 0x61, 0x6e, 0x20, 0x62, 0x6c, 0x6f, 0x63, + 0x6b, 0x2d, 0x73, 0x69, 0x7a, 0x65, 0x20, 0x64, + 0x61, 0x74, 0x61, 0x2e, 0x20, 0x54, 0x68, 0x65, + 0x20, 0x6b, 0x65, 0x79, 0x20, 0x6e, 0x65, 0x65, + 0x64, 0x73, 0x20, 0x74, 0x6f, 0x20, 0x62, 0x65, + 0x20, 0x68, 0x61, 0x73, 0x68, 0x65, 0x64, 0x20, + 0x62, 0x65, 0x66, 0x6f, 0x72, 0x65, 0x20, 0x62, + 0x65, 0x69, 0x6e, 0x67, 0x20, 0x75, 0x73, 0x65, + 0x64, 0x20, 0x62, 0x79, 0x20, 0x74, 0x68, 0x65, + 0x20, 0x48, 0x4d, 0x41, 0x43, 0x20, 0x61, 0x6c, + 0x67, 0x6f, 0x72, 0x69, 0x74, 0x68, 0x6d, 0x2e +}; + +static const u_char sha2_hmac7_256[] = { + 0x9b, 0x09, 0xff, 0xa7, 0x1b, 0x94, 0x2f, 0xcb, + 0x27, 0x63, 0x5f, 0xbc, 0xd5, 0xb0, 0xe9, 0x44, + 0xbf, 0xdc, 0x63, 0x64, 0x4f, 0x07, 0x13, 0x93, + 0x8a, 0x7f, 0x51, 0x53, 0x5c, 0x3a, 0x35, 0xe2 +}; + +static const u_char sha2_hmac7_384[] = { + 0x66, 0x17, 0x17, 0x8e, 0x94, 0x1f, 0x02, 0x0d, + 0x35, 0x1e, 0x2f, 0x25, 0x4e, 0x8f, 0xd3, 0x2c, + 0x60, 0x24, 0x20, 0xfe, 0xb0, 0xb8, 0xfb, 0x9a, + 0xdc, 0xce, 0xbb, 0x82, 0x46, 0x1e, 0x99, 0xc5, + 0xa6, 0x78, 0xcc, 0x31, 0xe7, 0x99, 0x17, 0x6d, + 0x38, 0x60, 0xe6, 0x11, 0x0c, 0x46, 0x52, 0x3e +}; + +static const u_char sha2_hmac7_512[] = { + 0xe3, 0x7b, 0x6a, 0x77, 0x5d, 0xc8, 0x7d, 0xba, + 0xa4, 0xdf, 0xa9, 0xf9, 0x6e, 0x5e, 0x3f, 0xfd, + 0xde, 0xbd, 0x71, 0xf8, 0x86, 0x72, 0x89, 0x86, + 0x5d, 0xf5, 0xa3, 0x2d, 0x20, 0xcd, 0xc9, 0x44, + 0xb6, 0x02, 0x2c, 0xac, 0x3c, 0x49, 0x82, 0xb1, + 0x0d, 0x5e, 0xeb, 0x55, 0xc3, 0xe4, 0xde, 0x15, + 0x13, 0x46, 0x76, 0xfb, 0x6d, 0xe0, 0x44, 0x60, + 0x65, 0xc9, 0x74, 0x40, 0xfa, 0x8c, 0x6a, 0x58 +}; + +static const hmac_testvector_t sha256_hmac_testvectors[] = { + { sizeof(sha2_hmac1_key), sha2_hmac1_key, sizeof(sha2_hmac1_msg), sha2_hmac1_msg, sha2_hmac1_256 }, + { sizeof(sha2_hmac2_key), sha2_hmac2_key, sizeof(sha2_hmac2_msg), sha2_hmac2_msg, sha2_hmac2_256 }, + { sizeof(sha2_hmac3_key), sha2_hmac3_key, sizeof(sha2_hmac3_msg), sha2_hmac3_msg, sha2_hmac3_256 }, + { sizeof(sha2_hmac4_key), sha2_hmac4_key, sizeof(sha2_hmac4_msg), sha2_hmac4_msg, sha2_hmac4_256 }, + { sizeof(sha2_hmac6_key), sha2_hmac6_key, sizeof(sha2_hmac6_msg), sha2_hmac6_msg, sha2_hmac6_256 }, + { sizeof(sha2_hmac6_key), sha2_hmac6_key, sizeof(sha2_hmac7_msg), sha2_hmac7_msg, sha2_hmac7_256 }, + { 0, NULL, 0, NULL, NULL } +}; + +static const hmac_testvector_t sha384_hmac_testvectors[] = { + { sizeof(sha2_hmac1_key), sha2_hmac1_key, sizeof(sha2_hmac1_msg), sha2_hmac1_msg, sha2_hmac1_384 }, + { sizeof(sha2_hmac2_key), sha2_hmac2_key, sizeof(sha2_hmac2_msg), sha2_hmac2_msg, sha2_hmac2_384 }, + { sizeof(sha2_hmac3_key), sha2_hmac3_key, sizeof(sha2_hmac3_msg), sha2_hmac3_msg, sha2_hmac3_384 }, + { sizeof(sha2_hmac4_key), sha2_hmac4_key, sizeof(sha2_hmac4_msg), sha2_hmac4_msg, sha2_hmac4_384 }, + { sizeof(sha2_hmac6_key), sha2_hmac6_key, sizeof(sha2_hmac6_msg), sha2_hmac6_msg, sha2_hmac6_384 }, + { sizeof(sha2_hmac6_key), sha2_hmac6_key, sizeof(sha2_hmac7_msg), sha2_hmac7_msg, sha2_hmac7_384 }, + { 0, NULL, 0, NULL, NULL } +}; + +static const hmac_testvector_t sha512_hmac_testvectors[] = { + { sizeof(sha2_hmac1_key), sha2_hmac1_key, sizeof(sha2_hmac1_msg), sha2_hmac1_msg, sha2_hmac1_512 }, + { sizeof(sha2_hmac2_key), sha2_hmac2_key, sizeof(sha2_hmac2_msg), sha2_hmac2_msg, sha2_hmac2_512 }, + { sizeof(sha2_hmac3_key), sha2_hmac3_key, sizeof(sha2_hmac3_msg), sha2_hmac3_msg, sha2_hmac3_512 }, + { sizeof(sha2_hmac4_key), sha2_hmac4_key, sizeof(sha2_hmac4_msg), sha2_hmac4_msg, sha2_hmac4_512 }, + { sizeof(sha2_hmac6_key), sha2_hmac6_key, sizeof(sha2_hmac6_msg), sha2_hmac6_msg, sha2_hmac6_512 }, + { sizeof(sha2_hmac6_key), sha2_hmac6_key, sizeof(sha2_hmac7_msg), sha2_hmac7_msg, sha2_hmac7_512 }, + { 0, NULL, 0, NULL, NULL } +}; + struct hash_desc hash_desc_sha2_256 = { algo_type: IKE_ALG_HASH, algo_id: OAKLEY_SHA2_256, algo_next: NULL, - hash_ctx_size: sizeof(sha256_context), - hash_init: (void (*)(void *))sha256_init, - hash_update: (void (*)(void *, const u_char *, size_t ))sha256_write, - hash_final:(void (*)(u_char *, void *))sha256_hash_final, + hash_ctx_size: sizeof(sha256_context), + hash_block_size: SHA2_256_BLOCK_SIZE, hash_digest_size: SHA2_256_DIGEST_SIZE, + hash_testvectors: sha256_hash_testvectors, + hmac_testvectors: sha256_hmac_testvectors, + hash_init: (void (*)(void *))sha256_init, + hash_update: (void (*)(void *, const u_char *, size_t ))sha256_write, + hash_final:(void (*)(u_char *, void *))sha256_hash_final +}; + +struct hash_desc hash_desc_sha2_384 = { + algo_type: IKE_ALG_HASH, + algo_id: OAKLEY_SHA2_384, + algo_next: NULL, + hash_ctx_size: sizeof(sha512_context), + hash_block_size: SHA2_384_BLOCK_SIZE, + hash_digest_size: SHA2_384_DIGEST_SIZE, + hash_testvectors: sha384_hash_testvectors, + hmac_testvectors: sha384_hmac_testvectors, + hash_init: (void (*)(void *))sha384_init, + hash_update: (void (*)(void *, const u_char *, size_t ))sha512_write, + hash_final:(void (*)(u_char *, void *))sha384_hash_final }; + struct hash_desc hash_desc_sha2_512 = { algo_type: IKE_ALG_HASH, algo_id: OAKLEY_SHA2_512, algo_next: NULL, - hash_ctx_size: sizeof(sha512_context), - hash_init: (void (*)(void *))sha512_init, - hash_update: (void (*)(void *, const u_char *, size_t ))sha512_write, - hash_final:(void (*)(u_char *, void *))sha512_hash_final, + hash_ctx_size: sizeof(sha512_context), + hash_block_size: SHA2_512_BLOCK_SIZE, hash_digest_size: SHA2_512_DIGEST_SIZE, + hash_testvectors: sha512_hash_testvectors, + hmac_testvectors: sha512_hmac_testvectors, + hash_init: (void (*)(void *))sha512_init, + hash_update: (void (*)(void *, const u_char *, size_t ))sha512_write, + hash_final:(void (*)(u_char *, void *))sha512_hash_final }; + int ike_alg_sha2_init(void); + int ike_alg_sha2_init(void) { - int ret; - ret = ike_alg_register_hash(&hash_desc_sha2_256); - if (ret) - goto out; - ret = ike_alg_register_hash(&hash_desc_sha2_512); + int ret +; + ret = ike_alg_register_hash(&hash_desc_sha2_256); + if (ret) + goto out; + ret = ike_alg_register_hash(&hash_desc_sha2_384); + if (ret) + goto out; + ret = ike_alg_register_hash(&hash_desc_sha2_512); + out: return ret; } + /* IKE_ALG_INIT_NAME: ike_alg_sha2_init */ diff --git a/programs/pluto/constants.h b/programs/pluto/constants.h index cd0d6357d..1fbfad1da 100644 --- a/programs/pluto/constants.h +++ b/programs/pluto/constants.h @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: constants.h,v 1.27 2007/01/29 08:27:53 as Exp $ + * RCSID $Id: constants.h,v 1.28 2007/02/21 14:21:48 as Exp $ */ #ifndef _CONSTANTS_H @@ -287,22 +287,26 @@ extern const char sparse_end[]; #define COOKIE_SIZE 8 #define MAX_ISAKMP_SPI_SIZE 16 -#define MD2_DIGEST_SIZE (128 / BITS_PER_BYTE) /* ought to be supplied by md2.h */ -#define MD5_DIGEST_SIZE (128 / BITS_PER_BYTE) /* ought to be supplied by md5.h */ -#define SHA1_DIGEST_SIZE (160 / BITS_PER_BYTE) /* ought to be supplied by sha1.h */ +#define MD2_DIGEST_SIZE (128 / BITS_PER_BYTE) +#define MD5_DIGEST_SIZE (128 / BITS_PER_BYTE) +#define SHA1_DIGEST_SIZE (160 / BITS_PER_BYTE) +#define SHA2_256_DIGEST_SIZE (256 / BITS_PER_BYTE) +#define SHA2_384_DIGEST_SIZE (384 / BITS_PER_BYTE) +#define SHA2_512_DIGEST_SIZE (512 / BITS_PER_BYTE) + +#define MD5_BLOCK_SIZE (512 / BITS_PER_BYTE) +#define SHA1_BLOCK_SIZE (512 / BITS_PER_BYTE) +#define SHA2_256_BLOCK_SIZE (512 / BITS_PER_BYTE) +#define SHA2_384_BLOCK_SIZE (1024 / BITS_PER_BYTE) +#define SHA2_512_BLOCK_SIZE (1024 / BITS_PER_BYTE) #define DES_CBC_BLOCK_SIZE (64 / BITS_PER_BYTE) #define DSS_QBITS 160 /* bits in DSS's "q" (FIPS 186-1) */ -/* to statically allocate IV, we need max of - * MD5_DIGEST_SIZE, SHA1_DIGEST_SIZE, and DES_CBC_BLOCK_SIZE. - * To avoid combinatorial explosion, we leave out DES_CBC_BLOCK_SIZE. - */ -#define MAX_DIGEST_LEN_OLD (MD5_DIGEST_SIZE > SHA1_DIGEST_SIZE? MD5_DIGEST_SIZE : SHA1_DIGEST_SIZE) - -/* for max: SHA2_512 */ -#define MAX_DIGEST_LEN (512/BITS_PER_BYTE) +/* Maximum is required for SHA2_512 */ +#define MAX_DIGEST_LEN SHA2_512_DIGEST_SIZE +#define MAX_HASH_BLOCK_SIZE SHA2_512_BLOCK_SIZE /* RFC 2404 "HMAC-SHA-1-96" section 3 */ #define HMAC_SHA1_KEY_LEN SHA1_DIGEST_SIZE @@ -1007,7 +1011,6 @@ extern enum_names oakley_prf_names; #define HMAC_IPAD 0x36 #define HMAC_OPAD 0x5C -#define HMAC_BUFSIZE 64 /* Oakley Encryption Algorithm attribute * draft-ietf-ipsec-ike-01.txt appendix A diff --git a/programs/pluto/crypto.c b/programs/pluto/crypto.c index 24939bd04..63a53ad5c 100644 --- a/programs/pluto/crypto.c +++ b/programs/pluto/crypto.c @@ -1,5 +1,6 @@ /* crypto interfaces - * Copyright (C) 1998-2001 D. Hugh Redelmeier. + * Copyright (C) 1998-2001 D. Hugh Redelmeier + * Copyright (C) 2007 Andreas Steffen * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -11,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: crypto.c,v 1.5 2005/12/06 22:51:34 as Exp $ + * RCSID $Id: crypto.c,v 1.6 2007/02/21 14:21:48 as Exp $ */ #include <stdio.h> @@ -64,16 +65,377 @@ static struct encrypt_desc crypto_encryptor_3des = do_crypt: do_3des, }; +/* MD5 hash test vectors + * from RFC 1321 "MD5 Message-Digest Algorithm" + * April 1992, R. Rivest, RSA Data Security + */ + +static const u_char md5_test0_msg[] = { + +}; + +static const u_char md5_test0_msg_digest[] = { + 0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04, + 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e +}; + +static const u_char md5_test1_msg[] = { + 0x61 +}; + +static const u_char md5_test1_msg_digest[] = { + 0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8, + 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 +}; + +static const u_char md5_test2_msg[] = { + 0x61, 0x62, 0x63 +}; + +static const u_char md5_test2_msg_digest[] = { + 0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, + 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 +}; + +static const u_char md5_test3_msg[] = { + 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x20, + 0x64, 0x69, 0x67, 0x65, 0x73, 0x74 +}; + +static const u_char md5_test3_msg_digest[] = { + 0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d, + 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0 +}; + +static const u_char md5_test4_msg[] = { + 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, + 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, 0x70, + 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, + 0x79, 0x7a +}; + +static const u_char md5_test4_msg_digest[] = { + 0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00, + 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b +}; + +static const u_char md5_test5_msg[] = { + 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, + 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, + 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, + 0x59, 0x5a, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, + 0x67, 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, + 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, + 0x77, 0x78, 0x79, 0x7a, 0x30, 0x31, 0x32, 0x33, + 0x34, 0x35, 0x36, 0x37, 0x38, 0x39 +}; + +static const u_char md5_test5_msg_digest[] = { + 0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5, + 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f +}; + +static const u_char md5_test6_msg[] = { + 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, + 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, + 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, + 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, + 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, + 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, + 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30 +}; + +static const u_char md5_test6_msg_digest[] = { + 0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55, + 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a +}; + +static const hash_testvector_t md5_hash_testvectors[] = { + { sizeof(md5_test0_msg), md5_test0_msg, md5_test0_msg_digest }, + { sizeof(md5_test1_msg), md5_test1_msg, md5_test1_msg_digest }, + { sizeof(md5_test2_msg), md5_test2_msg, md5_test2_msg_digest }, + { sizeof(md5_test3_msg), md5_test3_msg, md5_test3_msg_digest }, + { sizeof(md5_test4_msg), md5_test4_msg, md5_test4_msg_digest }, + { sizeof(md5_test5_msg), md5_test5_msg, md5_test5_msg_digest }, + { sizeof(md5_test6_msg), md5_test6_msg, md5_test6_msg_digest }, + { 0, NULL, NULL } +}; + +/* MD5 hmac test vectors + * from RFC 2202 "Test Cases for HMAC-MD5 and HMAC-SHA-1" + * September 1997, P. Cheng, IBM & R. Glenn, NIST + */ + +static const u_char md5_hmac1_key[] = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b +}; + +static const u_char md5_hmac1_msg[] = { + 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 +}; + +static const u_char md5_hmac1[] = { + 0x92, 0x94, 0x72, 0x7a, 0x36, 0x38, 0xbb, 0x1c, + 0x13, 0xf4, 0x8e, 0xf8, 0x15, 0x8b, 0xfc, 0x9d +}; + +static const u_char md5_hmac2_key[] = { + 0x4a, 0x65, 0x66, 0x65 +}; + +static const u_char md5_hmac2_msg[] = { + 0x77, 0x68, 0x61, 0x74, 0x20, 0x64, 0x6f, 0x20, + 0x79, 0x61, 0x20, 0x77, 0x61, 0x6e, 0x74, 0x20, + 0x66, 0x6f, 0x72, 0x20, 0x6e, 0x6f, 0x74, 0x68, + 0x69, 0x6e, 0x67, 0x3f +}; + +static const u_char md5_hmac2[] = { + 0x75, 0x0c, 0x78, 0x3e, 0x6a, 0xb0, 0xb5, 0x03, + 0xea, 0xa8, 0x6e, 0x31, 0x0a, 0x5d, 0xb7, 0x38 +}; + +static const u_char md5_hmac3_key[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa +}; + +static const u_char md5_hmac3_msg[] = { + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd +}; + +static const u_char md5_hmac3[] = { + 0x56, 0xbe, 0x34, 0x52, 0x1d, 0x14, 0x4c, 0x88, + 0xdb, 0xb8, 0xc7, 0x33, 0xf0, 0xe8, 0xb3, 0xf6 +}; + +static const u_char md5_hmac4_key[] = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19 +}; + +static const u_char md5_hmac4_msg[] = { + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd +}; + +static const u_char md5_hmac4[] = { + 0x69, 0x7e, 0xaf, 0x0a, 0xca, 0x3a, 0x3a, 0xea, + 0x3a, 0x75, 0x16, 0x47, 0x46, 0xff, 0xaa, 0x79 +}; + +static const u_char md5_hmac6_key[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, +}; + +static const u_char md5_hmac6_msg[] = { + 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, + 0x6e, 0x67, 0x20, 0x4c, 0x61, 0x72, 0x67, 0x65, + 0x72, 0x20, 0x54, 0x68, 0x61, 0x6e, 0x20, 0x42, + 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, + 0x65, 0x20, 0x4b, 0x65, 0x79, 0x20, 0x2d, 0x20, + 0x48, 0x61, 0x73, 0x68, 0x20, 0x4b, 0x65, 0x79, + 0x20, 0x46, 0x69, 0x72, 0x73, 0x74 +}; + +static const u_char md5_hmac6[] = { + 0x6b, 0x1a, 0xb7, 0xfe, 0x4b, 0xd7, 0xbf, 0x8f, + 0x0b, 0x62, 0xe6, 0xce, 0x61, 0xb9, 0xd0, 0xcd +}; + +static const u_char md5_hmac7_msg[] = { + 0x54, 0x65, 0x73, 0x74, 0x20, 0x55, 0x73, 0x69, + 0x6e, 0x67, 0x20, 0x4c, 0x61, 0x72, 0x67, 0x65, + 0x72, 0x20, 0x54, 0x68, 0x61, 0x6e, 0x20, 0x42, + 0x6c, 0x6f, 0x63, 0x6b, 0x2d, 0x53, 0x69, 0x7a, + 0x65, 0x20, 0x4b, 0x65, 0x79, 0x20, 0x61, 0x6e, + 0x64, 0x20, 0x4c, 0x61, 0x72, 0x67, 0x65, 0x72, + 0x20, 0x54, 0x68, 0x61, 0x6e, 0x20, 0x4f, 0x6e, + 0x65, 0x20, 0x42, 0x6c, 0x6f, 0x63, 0x6b, 0x2d, + 0x53, 0x69, 0x7a, 0x65, 0x20, 0x44, 0x61, 0x74, + 0x61 +}; + +static const u_char md5_hmac7[] = { + 0x6f, 0x63, 0x0f, 0xad, 0x67, 0xcd, 0xa0, 0xee, + 0x1f, 0xb1, 0xf5, 0x62, 0xdb, 0x3a, 0xa5, 0x3e +}; + +static const hmac_testvector_t md5_hmac_testvectors[] = { + { sizeof(md5_hmac1_key), md5_hmac1_key, sizeof(md5_hmac1_msg), md5_hmac1_msg, md5_hmac1 }, + { sizeof(md5_hmac2_key), md5_hmac2_key, sizeof(md5_hmac2_msg), md5_hmac2_msg, md5_hmac2 }, + { sizeof(md5_hmac3_key), md5_hmac3_key, sizeof(md5_hmac3_msg), md5_hmac3_msg, md5_hmac3 }, + { sizeof(md5_hmac4_key), md5_hmac4_key, sizeof(md5_hmac4_msg), md5_hmac4_msg, md5_hmac4 }, + { sizeof(md5_hmac6_key), md5_hmac6_key, sizeof(md5_hmac6_msg), md5_hmac6_msg, md5_hmac6 }, + { sizeof(md5_hmac6_key), md5_hmac6_key, sizeof(md5_hmac7_msg), md5_hmac7_msg, md5_hmac7 }, + { 0, NULL, 0, NULL, NULL } +}; + static struct hash_desc crypto_hasher_md5 = { algo_type: IKE_ALG_HASH, algo_id: OAKLEY_MD5, algo_next: NULL, - hash_ctx_size: sizeof(MD5_CTX), + hash_ctx_size: sizeof(MD5_CTX), + hash_block_size: MD5_BLOCK_SIZE, hash_digest_size: MD5_DIGEST_SIZE, + hash_testvectors: md5_hash_testvectors, + hmac_testvectors: md5_hmac_testvectors, hash_init: (void (*)(void *)) MD5Init, hash_update: (void (*)(void *, const u_int8_t *, size_t)) MD5Update, - hash_final: (void (*)(u_char *, void *)) MD5Final, + hash_final: (void (*)(u_char *, void *)) MD5Final +}; + +/* SHA-1 test vectors + * from "The Secure Hash Algorithm Validation System (SHAVS)" + * July 22, 2004, Lawrence E. Bassham III, NIST + */ + +static const u_char sha1_short2_msg[] = { + 0x5e +}; + +static const u_char sha1_short2_msg_digest[] = { + 0x5e, 0x6f, 0x80, 0xa3, 0x4a, 0x97, 0x98, 0xca, + 0xfc, 0x6a, 0x5d, 0xb9, 0x6c, 0xc5, 0x7b, 0xa4, + 0xc4, 0xdb, 0x59, 0xc2 +}; + +static const u_char sha1_short4_msg[] = { + 0x9a, 0x7d, 0xfd, 0xf1, 0xec, 0xea, 0xd0, 0x6e, + 0xd6, 0x46, 0xaa, 0x55, 0xfe, 0x75, 0x71, 0x46 +}; + +static const u_char sha1_short4_msg_digest[] = { + 0x82, 0xab, 0xff, 0x66, 0x05, 0xdb, 0xe1, 0xc1, + 0x7d, 0xef, 0x12, 0xa3, 0x94, 0xfa, 0x22, 0xa8, + 0x2b, 0x54, 0x4a, 0x35 +}; + +static const u_char sha1_long2_msg[] = { + 0xf7, 0x8f, 0x92, 0x14, 0x1b, 0xcd, 0x17, 0x0a, + 0xe8, 0x9b, 0x4f, 0xba, 0x15, 0xa1, 0xd5, 0x9f, + 0x3f, 0xd8, 0x4d, 0x22, 0x3c, 0x92, 0x51, 0xbd, + 0xac, 0xbb, 0xae, 0x61, 0xd0, 0x5e, 0xd1, 0x15, + 0xa0, 0x6a, 0x7c, 0xe1, 0x17, 0xb7, 0xbe, 0xea, + 0xd2, 0x44, 0x21, 0xde, 0xd9, 0xc3, 0x25, 0x92, + 0xbd, 0x57, 0xed, 0xea, 0xe3, 0x9c, 0x39, 0xfa, + 0x1f, 0xe8, 0x94, 0x6a, 0x84, 0xd0, 0xcf, 0x1f, + 0x7b, 0xee, 0xad, 0x17, 0x13, 0xe2, 0xe0, 0x95, + 0x98, 0x97, 0x34, 0x7f, 0x67, 0xc8, 0x0b, 0x04, + 0x00, 0xc2, 0x09, 0x81, 0x5d, 0x6b, 0x10, 0xa6, + 0x83, 0x83, 0x6f, 0xd5, 0x56, 0x2a, 0x56, 0xca, + 0xb1, 0xa2, 0x8e, 0x81, 0xb6, 0x57, 0x66, 0x54, + 0x63, 0x1c, 0xf1, 0x65, 0x66, 0xb8, 0x6e, 0x3b, + 0x33, 0xa1, 0x08, 0xb0, 0x53, 0x07, 0xc0, 0x0a, + 0xff, 0x14, 0xa7, 0x68, 0xed, 0x73, 0x50, 0x60, + 0x6a, 0x0f, 0x85, 0xe6, 0xa9, 0x1d, 0x39, 0x6f, + 0x5b, 0x5c, 0xbe, 0x57, 0x7f, 0x9b, 0x38, 0x80, + 0x7c, 0x7d, 0x52, 0x3d, 0x6d, 0x79, 0x2f, 0x6e, + 0xbc, 0x24, 0xa4, 0xec, 0xf2, 0xb3, 0xa4, 0x27, + 0xcd, 0xbb, 0xfb +}; + +static const u_char sha1_long2_msg_digest[] = { + 0xcb, 0x00, 0x82, 0xc8, 0xf1, 0x97, 0xd2, 0x60, + 0x99, 0x1b, 0xa6, 0xa4, 0x60, 0xe7, 0x6e, 0x20, + 0x2b, 0xad, 0x27, 0xb3 +}; + +static const hash_testvector_t sha1_hash_testvectors[] = { + { sizeof(sha1_short2_msg), sha1_short2_msg, sha1_short2_msg_digest }, + { sizeof(sha1_short4_msg), sha1_short4_msg, sha1_short4_msg_digest }, + { sizeof(sha1_long2_msg), sha1_long2_msg, sha1_long2_msg_digest }, + { 0, NULL, NULL } +}; + +/* SHA-1 hmac test vectors + * from RFC 2202 "Test Cases for HMAC-MD5 and HMAC-SHA-1" + * September 1997, P. Cheng, IBM & R. Glenn, NIST + */ + +static const u_char sha1_hmac1_key[] = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b +}; + +static const u_char sha1_hmac1[] = { + 0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, + 0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e, + 0xf1, 0x46, 0xbe, 0x00 +}; + +static const u_char sha1_hmac2[] = { + 0xef, 0xfc, 0xdf, 0x6a, 0xe5, 0xeb, 0x2f, 0xa2, + 0xd2, 0x74, 0x16, 0xd5, 0xf1, 0x84, 0xdf, 0x9c, + 0x25, 0x9a, 0x7c, 0x79 +}; + +static const u_char sha1_hmac3_key[] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa +}; + +static const u_char sha1_hmac3[] = { + 0x12, 0x5d, 0x73, 0x42, 0xb9, 0xac, 0x11, 0xcd, + 0x91, 0xa3, 0x9a, 0xf4, 0x8a, 0xa1, 0x7b, 0x4f, + 0x63, 0xf1, 0x75, 0xd3 +}; + +static const u_char sha1_hmac4[] = { + 0x4c, 0x90, 0x07, 0xf4, 0x02, 0x62, 0x50, 0xc6, + 0xbc, 0x84, 0x14, 0xf9, 0xbf, 0x50, 0xc8, 0x6c, + 0x2d, 0x72, 0x35, 0xda +}; + +static const u_char sha1_hmac6[] = { + 0xaa, 0x4a, 0xe5, 0xe1, 0x52, 0x72, 0xd0, 0x0e, + 0x95, 0x70, 0x56, 0x37, 0xce, 0x8a, 0x3b, 0x55, + 0xed, 0x40, 0x21, 0x12 +}; + +static const u_char sha1_hmac7[] = { + 0xe8, 0xe9, 0x9d, 0x0f, 0x45, 0x23, 0x7d, 0x78, + 0x6d, 0x6b, 0xba, 0xa7, 0x96, 0x5c, 0x78, 0x08, + 0xbb, 0xff, 0x1a, 0x91 +}; + +static const hmac_testvector_t sha1_hmac_testvectors[] = { + { sizeof(sha1_hmac1_key), sha1_hmac1_key, sizeof(md5_hmac1_msg), md5_hmac1_msg, sha1_hmac1 }, + { sizeof(md5_hmac2_key), md5_hmac2_key, sizeof(md5_hmac2_msg), md5_hmac2_msg, sha1_hmac2 }, + { sizeof(sha1_hmac3_key), sha1_hmac3_key, sizeof(md5_hmac3_msg), md5_hmac3_msg, sha1_hmac3 }, + { sizeof(md5_hmac4_key), md5_hmac4_key, sizeof(md5_hmac4_msg), md5_hmac4_msg, sha1_hmac4 }, + { sizeof(md5_hmac6_key), md5_hmac6_key, sizeof(md5_hmac6_msg), md5_hmac6_msg, sha1_hmac6 }, + { sizeof(md5_hmac6_key), md5_hmac6_key, sizeof(md5_hmac7_msg), md5_hmac7_msg, sha1_hmac7 }, + { 0, NULL, 0, NULL, NULL } }; static struct hash_desc crypto_hasher_sha1 = @@ -81,11 +443,14 @@ static struct hash_desc crypto_hasher_sha1 = algo_type: IKE_ALG_HASH, algo_id: OAKLEY_SHA, algo_next: NULL, - hash_ctx_size: sizeof(SHA1_CTX), + hash_ctx_size: sizeof(SHA1_CTX), + hash_block_size: SHA1_BLOCK_SIZE, hash_digest_size: SHA1_DIGEST_SIZE, + hash_testvectors: sha1_hash_testvectors, + hmac_testvectors: sha1_hmac_testvectors, hash_init: (void (*)(void *)) SHA1Init, hash_update: (void (*)(void *, const u_int8_t *, size_t)) SHA1Update, - hash_final: (void (*)(u_char *, void *)) SHA1Final, + hash_final: (void (*)(u_char *, void *)) SHA1Final }; void @@ -105,6 +470,7 @@ init_crypto(void) ike_alg_add((struct ike_alg *) &crypto_hasher_sha1); ike_alg_add((struct ike_alg *) &crypto_hasher_md5); ike_alg_init(); + ike_alg_test(); } /* Oakley group description @@ -209,9 +575,9 @@ hmac_init(struct hmac_ctx *ctx, /* Prepare the two pads for the HMAC */ - memset(ctx->buf1, '\0', HMAC_BUFSIZE); + memset(ctx->buf1, '\0', h->hash_block_size); - if (key_len <= HMAC_BUFSIZE) + if (key_len <= h->hash_block_size) { memcpy(ctx->buf1, key, key_len); } @@ -222,9 +588,9 @@ hmac_init(struct hmac_ctx *ctx, h->hash_final(ctx->buf1, &ctx->hash_ctx); } - memcpy(ctx->buf2, ctx->buf1, HMAC_BUFSIZE); + memcpy(ctx->buf2, ctx->buf1, h->hash_block_size); - for (k = 0; k < HMAC_BUFSIZE; k++) + for (k = 0; k < h->hash_block_size; k++) { ctx->buf1[k] ^= HMAC_IPAD; ctx->buf2[k] ^= HMAC_OPAD; @@ -237,7 +603,7 @@ void hmac_reinit(struct hmac_ctx *ctx) { ctx->h->hash_init(&ctx->hash_ctx); - ctx->h->hash_update(&ctx->hash_ctx, ctx->buf1, HMAC_BUFSIZE); + ctx->h->hash_update(&ctx->hash_ctx, ctx->buf1, ctx->h->hash_block_size); } void @@ -255,7 +621,7 @@ hmac_final(u_char *output, struct hmac_ctx *ctx) h->hash_final(output, &ctx->hash_ctx); h->hash_init(&ctx->hash_ctx); - h->hash_update(&ctx->hash_ctx, ctx->buf2, HMAC_BUFSIZE); + h->hash_update(&ctx->hash_ctx, ctx->buf2, h->hash_block_size); h->hash_update(&ctx->hash_ctx, output, h->hash_digest_size); h->hash_final(output, &ctx->hash_ctx); } diff --git a/programs/pluto/crypto.h b/programs/pluto/crypto.h index d29475af2..fa3af3a8b 100644 --- a/programs/pluto/crypto.h +++ b/programs/pluto/crypto.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: crypto.h,v 1.6 2005/04/07 20:13:30 as Exp $ + * RCSID $Id: crypto.h,v 1.7 2007/02/21 14:21:48 as Exp $ */ #include <gmp.h> /* GNU MP library */ @@ -76,7 +76,8 @@ struct hmac_ctx { const struct hash_desc *h; /* underlying hash function */ size_t hmac_digest_size; /* copy of h->hash_digest_size */ union hash_ctx hash_ctx; /* ctx for hash function */ - u_char buf1[HMAC_BUFSIZE], buf2[HMAC_BUFSIZE]; + u_char buf1[MAX_HASH_BLOCK_SIZE]; + u_char buf2[MAX_HASH_BLOCK_SIZE]; }; extern void hmac_init( diff --git a/programs/pluto/ike_alg.c b/programs/pluto/ike_alg.c index 508e4ed2a..e090ebed3 100644 --- a/programs/pluto/ike_alg.c +++ b/programs/pluto/ike_alg.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ike_alg.c,v 1.8 2007/01/15 07:48:01 as Exp $ + * RCSID $Id: ike_alg.c,v 1.9 2007/02/21 14:21:48 as Exp $ */ #include <stdio.h> @@ -437,6 +437,113 @@ ike_alg_show_connection(struct connection *c, const char *instance) } /* + * Apply a suite of testvectors to a hash algorithm + */ +static bool +ike_hash_test(const struct hash_desc *desc) +{ + bool hash_results = TRUE; + bool hmac_results = TRUE; + + if (desc->hash_testvectors == NULL) + { + plog(" %s hash self-test not available", enum_name(&oakley_hash_names, desc->algo_id)); + } + else + { + int i; + + for (i = 0; desc->hash_testvectors[i].msg_digest != NULL; i++) + { + u_char digest[MAX_DIGEST_LEN]; + bool result; + + union hash_ctx ctx; + + desc->hash_init(&ctx); + desc->hash_update(&ctx, desc->hash_testvectors[i].msg + ,desc->hash_testvectors[i].msg_size); + desc->hash_final(digest, &ctx); + result = memcmp(digest, desc->hash_testvectors[i].msg_digest + , desc->hash_digest_size) == 0; + DBG(DBG_CRYPT, + DBG_log(" hash testvector %d: %s", i, result ? "ok":"failed") + ) + hash_results &= result; + } + plog(" %s hash self-test %s", enum_name(&oakley_hash_names, desc->algo_id) + , hash_results ? "passed":"failed"); + } + + if (desc->hmac_testvectors == NULL) + { + plog(" %s hmac self-test not available", enum_name(&oakley_hash_names, desc->algo_id)); + } + else + { + int i; + + for (i = 0; desc->hmac_testvectors[i].hmac != NULL; i++) + { + u_char digest[MAX_DIGEST_LEN]; + bool result; + + struct hmac_ctx ctx; + + hmac_init(&ctx, desc, desc->hmac_testvectors[i].key + , desc->hmac_testvectors[i].key_size); + hmac_update(&ctx, desc->hmac_testvectors[i].msg + ,desc->hmac_testvectors[i].msg_size); + hmac_final(digest, &ctx); + result = memcmp(digest, desc->hmac_testvectors[i].hmac + , desc->hash_digest_size) == 0; + DBG(DBG_CRYPT, + DBG_log(" hmac testvector %d: %s", i, result ? "ok":"failed") + ) + hmac_results &= result; + } + plog(" %s hmac self-test %s", enum_name(&oakley_hash_names, desc->algo_id) + , hmac_results ? "passed":"failed"); + } + return hash_results && hmac_results; +} + +/* + * Apply test vectors to registered encryption and hash algorithms + */ +bool +ike_alg_test(void) +{ + bool all_results = TRUE; + struct ike_alg *a; + + plog("Testing registered IKE encryption algorithms:"); + + for (a = ike_alg_base[IKE_ALG_ENCRYPT]; a != NULL; a = a->algo_next) + { + + struct encrypt_desc *desc = (struct encrypt_desc*)a; + + plog(" %s self-test not available", enum_name(&oakley_enc_names, a->algo_id)); + } + + plog("Testing registered IKE hash algorithms:"); + + for (a = ike_alg_base[IKE_ALG_HASH]; a != NULL; a = a->algo_next) + { + struct hash_desc *desc = (struct hash_desc*)a; + + all_results &= ike_hash_test(desc); + } + + if (all_results) + plog("All crypto self-tests passed"); + else + plog("Some crypto self-tests failed"); + return all_results; +} + +/* * ML: make F_STRICT logic consider enc,hash/auth,modp algorithms */ bool diff --git a/programs/pluto/ike_alg.h b/programs/pluto/ike_alg.h index a41718c04..32f6e8be0 100644 --- a/programs/pluto/ike_alg.h +++ b/programs/pluto/ike_alg.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ike_alg.h,v 1.3 2004/09/16 23:22:22 as Exp $ + * RCSID $Id: ike_alg.h,v 1.4 2007/02/21 14:21:48 as Exp $ */ #ifndef _IKE_ALG_H @@ -38,13 +38,33 @@ struct encrypt_desc { void (*do_crypt)(u_int8_t *dat, size_t datasize, u_int8_t *key, size_t key_size, u_int8_t *iv, bool enc); }; +typedef struct hash_testvector hash_testvector_t; + +struct hash_testvector { + const size_t msg_size; + const u_char *msg; + const u_char *msg_digest; +}; + +typedef struct hmac_testvector hmac_testvector_t; + +struct hmac_testvector { + const size_t key_size; + const u_char *key; + const size_t msg_size; + const u_char *msg; + const u_char *hmac; +}; struct hash_desc { u_int16_t algo_type; u_int16_t algo_id; struct ike_alg *algo_next; size_t hash_ctx_size; + size_t hash_block_size; size_t hash_digest_size; + const hash_testvector_t *hash_testvectors; + const hmac_testvector_t *hmac_testvectors; void (*hash_init)(void *ctx); void (*hash_update)(void *ctx, const u_int8_t *in, size_t datasize); void (*hash_final)(u_int8_t *out, void *ctx); @@ -66,6 +86,7 @@ extern const struct oakley_group_desc* ike_alg_pfsgroup(struct connection *c extern struct db_context * ike_alg_db_new(struct alg_info_ike *ai, lset_t policy); extern void ike_alg_list(void); extern void ike_alg_show_connection(struct connection *c, const char *instance); +extern bool ike_alg_test(void); extern bool ike_alg_ok_final(u_int ealg, u_int key_len, u_int aalg, u_int group , struct alg_info_ike *alg_info_ike); extern int ike_alg_init(void); diff --git a/programs/pluto/ipsec_doi.c b/programs/pluto/ipsec_doi.c index e627f98b2..f4ec22301 100644 --- a/programs/pluto/ipsec_doi.c +++ b/programs/pluto/ipsec_doi.c @@ -12,7 +12,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: ipsec_doi.c,v 1.42 2007/01/10 00:36:19 as Exp $ + * RCSID $Id: ipsec_doi.c,v 1.43 2007/02/21 14:21:48 as Exp $ */ #include <stdio.h> @@ -1781,7 +1781,7 @@ RSA_check_signature(const struct id* peer { char id_buf[BUF_LEN]; /* arbitrary limit on length of ID reported */ - (void) idtoa(&st->st_connection->spd.that.id, id_buf, sizeof(id_buf)); + (void) idtoa(peer, id_buf, sizeof(id_buf)); if (s.best_ugh == NULL) { diff --git a/programs/pluto/oid.h b/programs/pluto/oid.h index 71f8101cd..ccdfb2954 100644 --- a/programs/pluto/oid.h +++ b/programs/pluto/oid.h @@ -63,6 +63,9 @@ extern const oid_t oid_names[]; #define OID_DES_CBC 139 #define OID_SHA1 140 #define OID_SHA1_WITH_RSA_OIW 141 +#define OID_SHA256 157 +#define OID_SHA384 158 +#define OID_SHA512 159 #define OID_NS_REVOCATION_URL 165 #define OID_NS_CA_REVOCATION_URL 166 #define OID_NS_CA_POLICY_URL 167 diff --git a/programs/pluto/oid.txt b/programs/pluto/oid.txt index eed46d59d..e8750024e 100644 --- a/programs/pluto/oid.txt +++ b/programs/pluto/oid.txt @@ -155,9 +155,9 @@ 0x03 "csor" 0x04 "nistalgorithm" 0x02 "hashalgs" - 0x01 "id-SHA-256" - 0x02 "id-SHA-384" - 0x03 "id-SHA-512" + 0x01 "id-SHA-256" OID_SHA256 + 0x02 "id-SHA-384" OID_SHA384 + 0x03 "id-SHA-512" OID_SHA512 0x86 "" 0xf8 "" 0x42 "netscape" diff --git a/programs/pluto/pkcs1.c b/programs/pluto/pkcs1.c index 413938976..b3c0face9 100644 --- a/programs/pluto/pkcs1.c +++ b/programs/pluto/pkcs1.c @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: pkcs1.c,v 1.17 2006/01/04 21:00:43 as Exp $ + * RCSID $Id: pkcs1.c,v 1.18 2007/02/21 14:21:05 as Exp $ */ #include <stddef.h> @@ -21,6 +21,7 @@ #include <string.h> #include <freeswan.h> +#include <libsha2/sha2.h> #include "constants.h" #include "defs.h" @@ -290,29 +291,31 @@ compute_digest(chunk_t tbs, int alg, chunk_t *digest) { switch (alg) { - case OID_MD2: - case OID_MD2_WITH_RSA: + case OID_MD2: + case OID_MD2_WITH_RSA: { MD2_CTX context; + MD2Init(&context); MD2Update(&context, tbs.ptr, tbs.len); MD2Final(digest->ptr, &context); digest->len = MD2_DIGEST_SIZE; return TRUE; } - case OID_MD5: - case OID_MD5_WITH_RSA: + case OID_MD5: + case OID_MD5_WITH_RSA: { MD5_CTX context; + MD5Init(&context); MD5Update(&context, tbs.ptr, tbs.len); MD5Final(digest->ptr, &context); digest->len = MD5_DIGEST_SIZE; return TRUE; } - case OID_SHA1: - case OID_SHA1_WITH_RSA: - case OID_SHA1_WITH_RSA_OIW: + case OID_SHA1: + case OID_SHA1_WITH_RSA: + case OID_SHA1_WITH_RSA_OIW: { SHA1_CTX context; @@ -322,9 +325,45 @@ compute_digest(chunk_t tbs, int alg, chunk_t *digest) digest->len = SHA1_DIGEST_SIZE; return TRUE; } - default: - digest->len = 0; - return FALSE; + case OID_SHA256: + case OID_SHA256_WITH_RSA: + { + sha256_context context; + + sha256_init(&context); + sha256_write(&context, tbs.ptr, tbs.len); + sha256_final(&context); + memcpy(digest->ptr, context.sha_out, SHA2_256_DIGEST_SIZE); + digest->len = SHA2_256_DIGEST_SIZE; + return TRUE; + } + case OID_SHA384: + case OID_SHA384_WITH_RSA: + { + sha512_context context; + + sha384_init(&context); + sha512_write(&context, tbs.ptr, tbs.len); + sha512_final(&context); + memcpy(digest->ptr, context.sha_out, SHA2_384_DIGEST_SIZE); + digest->len = SHA2_384_DIGEST_SIZE; + return TRUE; + } + case OID_SHA512: + case OID_SHA512_WITH_RSA: + { + sha512_context context; + + sha512_init(&context); + sha512_write(&context, tbs.ptr, tbs.len); + sha512_final(&context); + memcpy(digest->ptr, context.sha_out, SHA2_512_DIGEST_SIZE); + digest->len = SHA2_512_DIGEST_SIZE; + return TRUE; + } + default: + digest->len = 0; + return FALSE; } } diff --git a/programs/pluto/vendor.c b/programs/pluto/vendor.c index 4ca3adffc..6d1137c09 100644 --- a/programs/pluto/vendor.c +++ b/programs/pluto/vendor.c @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: vendor.c,v 1.45 2007/01/20 18:01:13 as Exp $ + * RCSID $Id: vendor.c,v 1.46 2007/02/21 14:20:25 as Exp $ */ #include <stdlib.h> @@ -210,7 +210,8 @@ static struct vid_struct _vid_tab[] = { DEC_MD5_VID(STRONGSWAN_4_0_6, "strongSwan 4.0.6") DEC_MD5_VID(STRONGSWAN_4_0_7, "strongSwan 4.0.7") - DEC_MD5_VID(STRONGSWAN, "strongSwan 2.8.2") + DEC_MD5_VID(STRONGSWAN, "strongSwan 2.8.3") + DEC_MD5_VID(STRONGSWAN_2_8_2, "strongSwan 2.8.2") DEC_MD5_VID(STRONGSWAN_2_8_1, "strongSwan 2.8.1") DEC_MD5_VID(STRONGSWAN_2_8_0, "strongSwan 2.8.0") DEC_MD5_VID(STRONGSWAN_2_7_3, "strongSwan 2.7.3") diff --git a/programs/pluto/vendor.h b/programs/pluto/vendor.h index 2649c5b2f..69d98cd38 100644 --- a/programs/pluto/vendor.h +++ b/programs/pluto/vendor.h @@ -11,7 +11,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. * - * RCSID $Id: vendor.h,v 1.40 2007/01/20 18:01:13 as Exp $ + * RCSID $Id: vendor.h,v 1.41 2007/02/21 14:20:25 as Exp $ */ #ifndef _VENDOR_H_ @@ -83,6 +83,7 @@ enum known_vendorid { VID_STRONGSWAN_2_7_3 = 62, VID_STRONGSWAN_2_8_0 = 63, VID_STRONGSWAN_2_8_1 = 64, + VID_STRONGSWAN_2_8_2 = 65, VID_STRONGSWAN_4_0_0 = 70, VID_STRONGSWAN_4_0_1 = 71, diff --git a/programs/scepclient/Makefile b/programs/scepclient/Makefile index dec36c888..d42320236 100644 --- a/programs/scepclient/Makefile +++ b/programs/scepclient/Makefile @@ -22,6 +22,11 @@ OPENACDIR=../openac PROGRAM=scepclient EXTRA8PROC=${PROGRAM}.8 +# where to find sha2.h +LIBCRYPTO=$(FREESWANSRCDIR)/lib/libcrypto +LIBSHA2=$(LIBCRYPTO)/libsha2 +CFLAGS+= -I$(LIBCRYPTO) + LIBS=${FREESWANLIB} $(LIBDESLITE) -lgmp CFLAGS+= -DDEBUG -DNO_PLUTO @@ -38,7 +43,7 @@ endif X509_OBJS= asn1.o ca.o certs.o constants.o crl.o defs.o fetch.o id.o keys.o \ lex.o md2.o md5.o mp_defs.o ocsp.o oid.o pem.o pgp.o pkcs1.o pkcs7.o \ - rnd.o sha1.o smartcard.o x509.o + rnd.o sha1.o sha2.o smartcard.o x509.o OBJS= rsakey.o pkcs10.o loglite.o scep.o ${X509_OBJS} @@ -121,6 +126,9 @@ rnd.o : $(PLUTODIR)/rnd.c $(PLUTODIR)/rnd.h sha1.o : $(PLUTODIR)/sha1.c $(PLUTODIR)/sha1.h $(CC) $(CFLAGS) -c -o $@ $< +sha2.o : $(LIBSHA2)/sha2.c $(LIBSHA2)/sha2.h + $(CC) $(CFLAGS) -c -o $@ $< + smartcard.o : $(PLUTODIR)/smartcard.c $(PLUTODIR)/smartcard.h $(CC) $(CFLAGS) -c -o $@ $< diff --git a/testing/INSTALL b/testing/INSTALL index 8d0dc2a3b..7f2fb70cd 100644 --- a/testing/INSTALL +++ b/testing/INSTALL @@ -53,7 +53,7 @@ are required for the strongSwan testing environment: * A vanilla Linux kernel on which the UML kernel will be based on. We recommend the use of - http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.18.3.tar.bz2 + http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.20.1.tar.bz2 * Starting with Linux kernel 2.6.9 no patch must be applied any more in order to make the vanilla kernel UML-capable. For older kernels you'll find @@ -63,7 +63,7 @@ are required for the strongSwan testing environment: * The matching .config file required to compile the UML kernel: - http://download.strongswan.org/uml/.config-2.6.18 + http://download.strongswan.org/uml/.config-2.6.20 * A gentoo-based UML file system (compressed size 130 MBytes) found at @@ -71,7 +71,7 @@ are required for the strongSwan testing environment: * The latest strongSwan distribution - http://download.strongswan.org/strongswan-2.8.2.tar.gz + http://download.strongswan.org/strongswan-2.8.3.tar.gz 3. Creating the environment @@ -146,5 +146,5 @@ README document. ----------------------------------------------------------------------------- -This file is RCSID $Id: INSTALL,v 1.45 2007/01/29 08:29:41 as Exp $ +This file is RCSID $Id: INSTALL,v 1.46 2007/02/21 22:17:52 as Exp $ diff --git a/testing/testing.conf b/testing/testing.conf index 3d1228503..32169d985 100755 --- a/testing/testing.conf +++ b/testing/testing.conf @@ -14,27 +14,27 @@ # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # -# RCSID $Id: testing.conf,v 1.59 2007/01/29 08:29:41 as Exp $ +# RCSID $Id: testing.conf,v 1.60 2007/02/21 22:17:52 as Exp $ # Root directory of testing UMLTESTDIR=~/strongswan-testing # Bzipped kernel sources # (file extension .tar.bz2 required) -KERNEL=$UMLTESTDIR/linux-2.6.18.3.tar.bz2 +KERNEL=$UMLTESTDIR/linux-2.6.20.1.tar.bz2 # Extract kernel version KERNELVERSION=`basename $KERNEL .tar.bz2 | sed -e 's/linux-//'` # Kernel configuration file -KERNELCONFIG=$UMLTESTDIR/.config-2.6.18 +KERNELCONFIG=$UMLTESTDIR/.config-2.6.20 # Bzipped uml patch for kernel # (not needed anymore for 2.6.9 kernel or higher) UMLPATCH=$UMLTESTDIR/uml_jmpbuf-2.6.18.patch.bz2 # Bzipped source of strongSwan -STRONGSWAN=$UMLTESTDIR/strongswan-2.8.2.tar.bz2 +STRONGSWAN=$UMLTESTDIR/strongswan-2.8.3.tar.bz2 # strongSwan compile options (use "yes" or "no") USE_LIBCURL="yes" diff --git a/testing/tests/ike-alg-sha2_384/description.txt b/testing/tests/ike-alg-sha2_384/description.txt new file mode 100644 index 000000000..a347a3fed --- /dev/null +++ b/testing/tests/ike-alg-sha2_384/description.txt @@ -0,0 +1,4 @@ +Roadwarrior <b>carol</b> proposes to gateway <b>moon</b> the strong cipher suite +<b>AES_CBC_192-SHA2_384-MODP4096</b> for the IKE protocol and +<b>AES_192-HMAC_SHA2_256</b> for ESP packets. A ping from <b>carol</b> to +<b>alice</b> successfully checks the established tunnel. diff --git a/testing/tests/ike-alg-sha2_384/evaltest.dat b/testing/tests/ike-alg-sha2_384/evaltest.dat new file mode 100644 index 000000000..31959f53a --- /dev/null +++ b/testing/tests/ike-alg-sha2_384/evaltest.dat @@ -0,0 +1,8 @@ +carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES +moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES +moon::ipsec statusall::IKE algorithm newest: AES_CBC_192-SHA2_384-MODP4096::YES +carol::ipsec statusall::IKE algorithm newest: AES_CBC_192-SHA2_384-MODP4096::YES +moon::ipsec statusall::ESP algorithm newest: AES_192-HMAC_SHA2_256::YES +carol::ipsec statusall::ESP algorithm newest: AES_192-HMAC_SHA2_256::YES +carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES + diff --git a/testing/tests/ike-alg-sha2_384/hosts/carol/etc/ipsec.conf b/testing/tests/ike-alg-sha2_384/hosts/carol/etc/ipsec.conf new file mode 100755 index 000000000..027ad4fd2 --- /dev/null +++ b/testing/tests/ike-alg-sha2_384/hosts/carol/etc/ipsec.conf @@ -0,0 +1,23 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + plutodebug="control crypt" + crlcheckinterval=180 + strictcrlpolicy=no + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + ike=aes192-sha2_384-modp4096! + esp=aes192-sha2_256! +conn home + left=PH_IP_CAROL + leftnexthop=%direct + leftcert=carolCert.pem + leftid=carol@strongswan.org + right=PH_IP_MOON + rightsubnet=10.1.0.0/16 + rightid=@moon.strongswan.org + auto=add diff --git a/testing/tests/ike-alg-sha2_384/hosts/moon/etc/ipsec.conf b/testing/tests/ike-alg-sha2_384/hosts/moon/etc/ipsec.conf new file mode 100755 index 000000000..46742d8fb --- /dev/null +++ b/testing/tests/ike-alg-sha2_384/hosts/moon/etc/ipsec.conf @@ -0,0 +1,24 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + plutodebug="control crypt" + crlcheckinterval=180 + strictcrlpolicy=no + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + leftnexthop=%direct + ike=aes192-sha2_384-modp4096! + esp=aes192-sha2_256! + +conn rw + left=PH_IP_MOON + leftcert=moonCert.pem + leftid=@moon.strongswan.org + leftsubnet=10.1.0.0/16 + right=%any + rightid=carol@strongswan.org + auto=add diff --git a/testing/tests/ike-alg-sha2_384/posttest.dat b/testing/tests/ike-alg-sha2_384/posttest.dat new file mode 100644 index 000000000..c6d6235f9 --- /dev/null +++ b/testing/tests/ike-alg-sha2_384/posttest.dat @@ -0,0 +1,2 @@ +moon::ipsec stop +carol::ipsec stop diff --git a/testing/tests/ike-alg-sha2_384/pretest.dat b/testing/tests/ike-alg-sha2_384/pretest.dat new file mode 100644 index 000000000..87e219e73 --- /dev/null +++ b/testing/tests/ike-alg-sha2_384/pretest.dat @@ -0,0 +1,5 @@ +moon::echo 1 > /proc/sys/net/ipv4/ip_forward +carol::ipsec start +moon::ipsec start +carol::sleep 3 +carol::ipsec up home diff --git a/testing/tests/ike-alg-sha2_384/test.conf b/testing/tests/ike-alg-sha2_384/test.conf new file mode 100644 index 000000000..a6c8f026c --- /dev/null +++ b/testing/tests/ike-alg-sha2_384/test.conf @@ -0,0 +1,22 @@ +#!/bin/bash +# +# This configuration file provides information on the +# UML instances used for this test + +# All UML instances that are required for this test +# +UMLHOSTS="moon carol winnetou" + +# Corresponding block diagram +# +DIAGRAM="m-c-w.png" + +# UML instances on which tcpdump is to be started +# +TCPDUMPHOSTS="" + +# UML instances on which IPsec is started +# Used for IPsec logging purposes +# +IPSECHOSTS="moon carol" + diff --git a/testing/tests/strong-certs/description.txt b/testing/tests/strong-certs/description.txt new file mode 100644 index 000000000..22b58668d --- /dev/null +++ b/testing/tests/strong-certs/description.txt @@ -0,0 +1,6 @@ +This is a remote-access scenario with two roadwarriors <b>carol</b> and <b>dave</b> +setting up a connection each to the VPN gateway <b>moon</b>. Authentication is +based on strong X.509 certificates with SHA-2 signatures. +The X.509 certificate of the gateway <b>moon</b> uses a <b>SHA-256</b> hash in +its signature whereas the certificates of the roadwarriors <b>carol</b> +and <b>dave</b> use <b>SHA-384</b> and <b>SHA-512</b>, respectively. diff --git a/testing/tests/strong-certs/evaltest.dat b/testing/tests/strong-certs/evaltest.dat new file mode 100644 index 000000000..2fe4de76f --- /dev/null +++ b/testing/tests/strong-certs/evaltest.dat @@ -0,0 +1,10 @@ +carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES +dave::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES +moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES +carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES +dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES +moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES +moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES +moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES +moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES + diff --git a/testing/tests/strong-certs/hosts/carol/etc/ipsec.conf b/testing/tests/strong-certs/hosts/carol/etc/ipsec.conf new file mode 100755 index 000000000..6ab379636 --- /dev/null +++ b/testing/tests/strong-certs/hosts/carol/etc/ipsec.conf @@ -0,0 +1,23 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + plutodebug=control + strictcrlpolicy=no + crlcheckinterval=180 + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + +conn home + left=PH_IP_CAROL + leftnexthop=%direct + leftcert=carolCert-sha384.pem + leftid=carol@strongswan.org + leftfirewall=yes + right=PH_IP_MOON + rightid=@moon.strongswan.org + rightsubnet=10.1.0.0/16 + auto=add diff --git a/testing/tests/strong-certs/hosts/carol/etc/ipsec.d/certs/carolCert-sha384.pem b/testing/tests/strong-certs/hosts/carol/etc/ipsec.d/certs/carolCert-sha384.pem new file mode 100644 index 000000000..d4b532323 --- /dev/null +++ b/testing/tests/strong-certs/hosts/carol/etc/ipsec.d/certs/carolCert-sha384.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEITCCAwmgAwIBAgIBETANBgkqhkiG9w0BAQwFADBFMQswCQYDVQQGEwJDSDEZ +MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS +b290IENBMB4XDTA2MTAwODEyMTI1MFoXDTExMTAwNzEyMTI1MFowWTELMAkGA1UE +BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xEDAOBgNVBAsTB1NIQS0z +ODQxHTAbBgNVBAMUFGNhcm9sQHN0cm9uZ3N3YW4ub3JnMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAtCwjB6Yni4jSTbPJ4GX0kM06nr2tDBdU0PH6dZra +IXNaNiBthBNPNDeCYAQDG/ouwuywAJ6L2Lt0GYEhJSwfXMm87fYSG8qRP+C/nlKz +3fCfsuZ8yOAo5NAp2kgvbFVdB5cMeOtid21UqUvDxkncjFRDgpERtrjSthalUFYu +ObIcSMPdlcDho73jzq6zVK5XDJ4l1LHUQLbS4SzyrphCYKekTIoDy3YwRUys6Pdm +4QlFBIXuBwOYHjclvVu0HQVNSM4nWAJd+204KUm/+8neO0kn1Yakv9yoa47o3KGP +3XjtmcgY9SqBbuF+8yDcZQ7+5zUBjc0J+d8txdPoIjLi7wIDAQABo4IBBjCCAQIw +CQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFIUlEfDm3V0eDmRrpIvj +4FiPpGlpMG0GA1UdIwRmMGSAFF2n3XAGUTJ+57Zts7Xl4GDqLk3voUmkRzBFMQsw +CQYDVQQGEwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMS +c3Ryb25nU3dhbiBSb290IENBggEAMB8GA1UdEQQYMBaBFGNhcm9sQHN0cm9uZ3N3 +YW4ub3JnMDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6Ly9jcmwuc3Ryb25nc3dhbi5v +cmcvc3Ryb25nc3dhbi5jcmwwDQYJKoZIhvcNAQEMBQADggEBAL5ZmFmy8lW4Vdwq +hWB6qTtLLa1wwCvTXwbV9V+F8dK39AvHj6CHFqTiFhAbGIq/Ryt9cg2XGy1TDjVj +hQEua7mjp8XH2j2NLY2SiFTMjchbHmMylFk2FrHy2ZnmlRCiH83TAw+EnUWsQKj+ +gL+7Of9SpiaaIblrl+aCiBVktRuXcFSaxjYWTVXOeTCwnxQdF2SNtUKDoCuVPk1J +XCrs86mj575xL/FGjyN4SVbjTEZ4lm1emxrf/RblZOhCKp7mUic8KyP0kf7o6X8E +MXXjq9fDQVrSDG/q62uhZu7CyInnBpWnoUKiMImSxRn/cs0r7RUspC5DtJyhE33Y +DW2BzIc= +-----END CERTIFICATE----- diff --git a/testing/tests/strong-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem b/testing/tests/strong-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem new file mode 100644 index 000000000..f719e4455 --- /dev/null +++ b/testing/tests/strong-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAtCwjB6Yni4jSTbPJ4GX0kM06nr2tDBdU0PH6dZraIXNaNiBt +hBNPNDeCYAQDG/ouwuywAJ6L2Lt0GYEhJSwfXMm87fYSG8qRP+C/nlKz3fCfsuZ8 +yOAo5NAp2kgvbFVdB5cMeOtid21UqUvDxkncjFRDgpERtrjSthalUFYuObIcSMPd +lcDho73jzq6zVK5XDJ4l1LHUQLbS4SzyrphCYKekTIoDy3YwRUys6Pdm4QlFBIXu +BwOYHjclvVu0HQVNSM4nWAJd+204KUm/+8neO0kn1Yakv9yoa47o3KGP3XjtmcgY +9SqBbuF+8yDcZQ7+5zUBjc0J+d8txdPoIjLi7wIDAQABAoIBAGmMhcUAYKBMui8N +CVHtSJXftNyz74Fq1aRGbdyhp/H6urmEy8OY8Eh90GHhV9T2/pfwwrbKKtEAF+at +EDbPn1vjT0v0YO1pAShzyK2+c2KsiVHr1uRy9WH+VNZsfWOwqnw8z/CyrI+cPAGl +wf4S3SJUZuxBgigSJFbJ83SZ2CCxrF3xyGyHxqiFWp0QMV2FPR3zedmwQiZTJft5 +fu3K5n8xlhHoiS32fuM57eNKKxt0v50JcobpT4uXBqPCrffOlORnjISRoWt/coSy +pmj1GFyRaaM5StvaEcowdZejIeVInhM+T1WEQ6mxog/JkzBPBStuSdCKxccqiTRs +ZO4i8xkCgYEA2KBVcgot6LB/UmYkXF2roaag/PYL7V0wdcF3BMJ2rwdT67fIaKm3 +aroxZpVauRLknH8epFpPpxbbLdyBjkNCuwB4NMKGwTZLzN+mFsQKLtFAxz959pPx +df5G30CmU09pJ+99C1m3AF295tOd4LTsw6OjyqUJpwl0y10EBg/FwN0CgYEA1OuY +jU8s029Hv6/2HB22rw5UN4Lj/ori/6SGZ5pHAdQVCooVaEd7HRgzPQKXGGMeNAxH +7oCVJWz16+XHDzyRVnjErn9Ux1mr/axiAiFC5MeNIHT1EZ8/NUCZJ14PANWobJpt +ft55BiNd92ygzVVsJgDzuWF87MILhk9AA7buMDsCgYBrPm0uyQVTZlWSOIkVxTXc +EH8w3Kqo93KvSXkfvRo+qpUMZG7uCd+JEea1D4nbiBPvuis0WJWIdhNKUBk/keLu +a1wXWpqV+shqA+rY6HLWHLhCLBW4UiO/M4RosDvnkK/RmonAXcjwgHgsV2WYwllY +vaGwCCaQMGlG6KS+T36qbQKBgELciNc3Gbh7pWhIdVx26DsooMGd1MLGEmp828gE +5m9ojgL1QauxZrPIOa7a9V+vIHjvslbvAebyxHcDfPMH7gvdeMXjLlg7jIroaw6I +K110XJjooVybSVoLowx9uPBmJ7GS/PduHUsUKBneftB8Fq4IdoCsYHJorP3MPSnt +c/apAoGANwqIIdgf+Lu17kDO0svQDzuZR5cRCmGZ8BpC+SpT49VpRaitYNqbSgVy +kOzXK1ZrO7nPnGkOQQjcaZZjKrUaMFMECFhNTwAv1RQZgkYDA8yAIC0MyACrwiGp +5fg/ZwLjlOuiJZ3sEUwRsrp72DwXE3x6X0+bJOr+KlPEq200E84= +-----END RSA PRIVATE KEY----- diff --git a/testing/tests/strong-certs/hosts/carol/etc/ipsec.secrets b/testing/tests/strong-certs/hosts/carol/etc/ipsec.secrets new file mode 100644 index 000000000..fac55d63b --- /dev/null +++ b/testing/tests/strong-certs/hosts/carol/etc/ipsec.secrets @@ -0,0 +1,3 @@ +# /etc/ipsec.secrets - strongSwan IPsec secrets file + +: RSA carolKey.pem diff --git a/testing/tests/strong-certs/hosts/dave/etc/ipsec.conf b/testing/tests/strong-certs/hosts/dave/etc/ipsec.conf new file mode 100755 index 000000000..90cee47c2 --- /dev/null +++ b/testing/tests/strong-certs/hosts/dave/etc/ipsec.conf @@ -0,0 +1,23 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + plutodebug=control + strictcrlpolicy=no + crlcheckinterval=180 + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + +conn home + left=PH_IP_DAVE + leftnexthop=%direct + leftcert=daveCert-sha512.pem + leftid=dave@strongswan.org + leftfirewall=yes + right=PH_IP_MOON + rightid=@moon.strongswan.org + rightsubnet=10.1.0.0/16 + auto=add diff --git a/testing/tests/strong-certs/hosts/dave/etc/ipsec.d/certs/daveCert-sha512.pem b/testing/tests/strong-certs/hosts/dave/etc/ipsec.d/certs/daveCert-sha512.pem new file mode 100644 index 000000000..73088cd1d --- /dev/null +++ b/testing/tests/strong-certs/hosts/dave/etc/ipsec.d/certs/daveCert-sha512.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEHzCCAwegAwIBAgIBEjANBgkqhkiG9w0BAQ0FADBFMQswCQYDVQQGEwJDSDEZ +MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS +b290IENBMB4XDTA2MTAwODEyMjExMloXDTExMTAwNzEyMjExMlowWDELMAkGA1UE +BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xEDAOBgNVBAsTB1NIQS01 +MTIxHDAaBgNVBAMUE2RhdmVAc3Ryb25nc3dhbi5vcmcwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQDL4+PsltDM0QCCS08tkefhll5Q0nb2VEdRZotBIdt6 +XEY1kmDlw0yQOp0XUznnIhcrxXpKeWpLqJdbo56jSxMaUB3Mod1u+aKvVhCgkOT8 +uQa7gIdcNMuXnfnch7yYYS6YxVfzdr/qXBxmVYNbR9sXy48vAD6glZLEVjDITHJO +a6tEVSrAOMyeuA9XTYJiGw5loj63YbUr6Ikp6W9SncPCtfX6G2Amk38MTuITu93W +Pd/bGB06ra6gmMQGAhXuGs14n3QZfQz9PWTp9TPsQNqQZdEjQyNdfeAKtPuz5jnO +cnZuhvVR0q4sxWuy64vkyZ57luTZAXyxdInBeBOp7sC3AgMBAAGjggEFMIIBATAJ +BgNVHRMEAjAAMAsGA1UdDwQEAwIDqDAdBgNVHQ4EFgQU0wvMMeoe59mocM/RiYnD +iw9NUm0wbQYDVR0jBGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJ +BgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJz +dHJvbmdTd2FuIFJvb3QgQ0GCAQAwHgYDVR0RBBcwFYETZGF2ZUBzdHJvbmdzd2Fu +Lm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3Jn +L3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBDQUAA4IBAQC/uKe2O9elbSFgpKP5 +7ZjJrCkYu493iH/PDm5G4D76q6WkRvZDqTgGDSIrXrt1xRLIsVJES+HERxfED0DB +yXNe22p1jR8iZdCesZxmEsKYyLh9XmeixKCfnLvStWCVs0+vqwhJlIkyEAveZ4HR +Yq121khdmCDDUugpjEl/nU7CLvCRVgFrlhDm1QLs2rYqxwQrJ2SH4/1W0YRdkY2R +vKZ2ngjLBNjBfXWNXSOpEAG367nVam5lFAepUC0wZTshyCUXt1NzClTnxWABm6M6 +x2Qwg4D6Qt5iXSjR8+DGVh+LaBL/alQi1YYcjkxufdFHnko294c0HsZcTZ3KRghk +ue1F +-----END CERTIFICATE----- diff --git a/testing/tests/strong-certs/hosts/dave/etc/ipsec.d/private/daveKey.pem b/testing/tests/strong-certs/hosts/dave/etc/ipsec.d/private/daveKey.pem new file mode 100644 index 000000000..a4a8a4f22 --- /dev/null +++ b/testing/tests/strong-certs/hosts/dave/etc/ipsec.d/private/daveKey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAy+Pj7JbQzNEAgktPLZHn4ZZeUNJ29lRHUWaLQSHbelxGNZJg +5cNMkDqdF1M55yIXK8V6SnlqS6iXW6Oeo0sTGlAdzKHdbvmir1YQoJDk/LkGu4CH +XDTLl5353Ie8mGEumMVX83a/6lwcZlWDW0fbF8uPLwA+oJWSxFYwyExyTmurRFUq +wDjMnrgPV02CYhsOZaI+t2G1K+iJKelvUp3DwrX1+htgJpN/DE7iE7vd1j3f2xgd +Oq2uoJjEBgIV7hrNeJ90GX0M/T1k6fUz7EDakGXRI0MjXX3gCrT7s+Y5znJ2bob1 +UdKuLMVrsuuL5Mmee5bk2QF8sXSJwXgTqe7AtwIDAQABAoIBAH9mxAoW5xvEUTQZ +SL1p2WH9qquIB2u+l93GXKdzN4iK1hgtgjyvv0y0Q2rKx3iktaPVPqgAnCnwi7to +Tv0sMSCVBTnTvuDUPhKfjb43K8668vkAxBQarUjtHq7tZiw1NX+ieGWaQyt3KQvM +zUqhaMbCnJK67Wc8bzwdu1e9ZQOYZlRWke4G8OU3GFkG5XsOPnoQySWAlhB6VEjv +qUZ6BS8SYTy0Rdzyjc35a3cvtDUqs0MOFVJ+gW44bje2B9X+59Wc8m1PJUf9P5+4 +HyNJl3BYfMUobfDuoSKBtcJtudGClUpBSCvBV34X3cYS//jNTuQxfZVc1HJym94C +uHj63wECgYEA/7ZyDDGap7dZahmhsU1a7H69zSrhwZDj9SozSnbWHfpml2yleLYO +fh94Jf8iL8yA4taS7JlB0YCuvvBsvXez2aD2Alh5rYqKYA/TROEXz+MLr4fqwi/X +ZvG1O5oM1/rJPQ06TKzEsYyAUKY3vInivrzUKIv0UP9D9HdkFWAvTYECgYEAzB6J +0Rrn15LFGhpzC3m2QH6EjWpoD8FMgGyV9E86d/v8kwBGvxRL8uma/mqP2A3okfuw +8ONP2HgXM7mUkr5wN9XbSuTRRUkDBsV9+tmR4pzMhKfiXZTekPIfaXTA60Fp9Ip8 +ddojWjs9P57ayxL6YVU/Y6uAON9Jbi7jH5DmGjcCgYEAjSjYGGchqsgKMgnoOoor +UTY97I5phYNIc8RSAB9N38qk655sUhCeO31/w+nto1lPJOmyva10qgRRctIiFQ2J +WPAEHhNdSDGcZZ8Wz4U6seXyQ3nSXFQwooF3vGk0Ad5NTMiKkF0nT6PyCZNYXVn4 +s7Zln+RygGwJxWBK/YnVUwECgYARgPzohZokDl4AowwCi+lpFnBfgCR0VWsuCCHD +1Zd5+o3qPTfT4vWwWwADmTfEm0y6WA8QWS3brlCvCtcGznXpE9m+TmjzvBMaXY00 +Gbw85p1TMuJijAWaAGlZLb3tbqqbYdTSdmZZsoLKFeFFUNdPyXOqJGbWea9eV376 +kf5peQKBgF5S8s7A73IqmvUcfGLdg91ff4PGkDhDjNt+hzACX9pk0LQiCBSM28Tm +bYwKy3P/Id7lfkPqe/lyTxBMVThBMIgW676g1yNKz21l2L5qakZQvunfqNfaV3iP +Y0i+BmuXM/SjEP+agX9hVyUZfqxITqUUgHA7GIP1O4/LJAZCbd/X +-----END RSA PRIVATE KEY----- diff --git a/testing/tests/strong-certs/hosts/dave/etc/ipsec.secrets b/testing/tests/strong-certs/hosts/dave/etc/ipsec.secrets new file mode 100644 index 000000000..9031f323a --- /dev/null +++ b/testing/tests/strong-certs/hosts/dave/etc/ipsec.secrets @@ -0,0 +1,3 @@ +# /etc/ipsec.secrets - strongSwan IPsec secrets file + +: RSA daveKey.pem diff --git a/testing/tests/strong-certs/hosts/moon/etc/ipsec.conf b/testing/tests/strong-certs/hosts/moon/etc/ipsec.conf new file mode 100755 index 000000000..76c89aa6b --- /dev/null +++ b/testing/tests/strong-certs/hosts/moon/etc/ipsec.conf @@ -0,0 +1,22 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + plutodebug=control + strictcrlpolicy=no + crlcheckinterval=180 + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + +conn rw + left=PH_IP_MOON + leftnexthop=%direct + leftcert=moonCert-sha256.pem + leftid=@moon.strongswan.org + leftsubnet=10.1.0.0/16 + leftfirewall=yes + right=%any + auto=add diff --git a/testing/tests/strong-certs/hosts/moon/etc/ipsec.d/certs/moonCert-sha256.pem b/testing/tests/strong-certs/hosts/moon/etc/ipsec.d/certs/moonCert-sha256.pem new file mode 100644 index 000000000..307f4953e --- /dev/null +++ b/testing/tests/strong-certs/hosts/moon/etc/ipsec.d/certs/moonCert-sha256.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEHzCCAwegAwIBAgIBEDANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ +MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS +b290IENBMB4XDTA2MTAwODEwNTgxMVoXDTExMTAwNzEwNTgxMVowWDELMAkGA1UE +BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xEDAOBgNVBAsTB1NIQS0y +NTYxHDAaBgNVBAMTE21vb24uc3Ryb25nc3dhbi5vcmcwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQDzXHm8D8sY1lmX7o1KK0jt/M+UzAI2Ifpx7nAqoviH +XQIPe56BOAm4zHhEIlojEMFd1nncplXvDDGjuV/2F0KK1bFxbNtom88Ix1jrRWtk +FLopYwj3ERC2970OhNO3nuPLrnEAzj6k3XPGMTA3drGnpRf162f7mHAdmYIRXtWm +mfaecs4wGFs8BFGdeDfo6SPhQXZSBwZqjzQxvk1PA7E1qifgR5IGNZkNQRQ9IZD0 +86xzjmZgg5DaJcQKw45elpiVKQN6OkdWTngR3uUBfseWNeRGP5UxCUbDnPijWUbA +6ZAdEfFXLgSpSoXHLNttvGg+SWm0kgKTpHYWYhvpflKNAgMBAAGjggEFMIIBATAJ +BgNVHRMEAjAAMAsGA1UdDwQEAwIDqDAdBgNVHQ4EFgQU0gL3aEo/H8c/Ld/GkBTb +W9Ma+nUwbQYDVR0jBGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJ +BgNVBAYTAkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJz +dHJvbmdTd2FuIFJvb3QgQ0GCAQAwHgYDVR0RBBcwFYITbW9vbi5zdHJvbmdzd2Fu +Lm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3Jn +L3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQCItzRn3TNWUzczBd8z +MtdPEsRl5Oi4fV3UecQxhjxAmJDLsEZT5I4uNa1XoLkJm6jVdSL7k+bjzjmpNJ1H +uL49cqia2yTdGP4IU0K8dTGaflg3ccaLLGGXTWU/NtgdI1o6yuZTwb6a9ZL7wWZT +x21BAsvyPTzCpUS1yCK4bFeYOxOYDphUGcwb0JTuRxx2/710b+p64BYiCfVkQJxT +eF1ZtjSW6nJgzMRg5n2zNpdrdXMMCPI6Nl7V6wxbs3Cphmz5qx3lijwi7nZt+jE5 +qK5gphph1MkKIhnA7MF66KEcx5Rknao68yLBBDIA/AISZ3bCIj8R1SGgl/tMYfep +sbRF +-----END CERTIFICATE----- diff --git a/testing/tests/strong-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem b/testing/tests/strong-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem new file mode 100644 index 000000000..58ddc1525 --- /dev/null +++ b/testing/tests/strong-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEA81x5vA/LGNZZl+6NSitI7fzPlMwCNiH6ce5wKqL4h10CD3ue +gTgJuMx4RCJaIxDBXdZ53KZV7wwxo7lf9hdCitWxcWzbaJvPCMdY60VrZBS6KWMI +9xEQtve9DoTTt57jy65xAM4+pN1zxjEwN3axp6UX9etn+5hwHZmCEV7Vppn2nnLO +MBhbPARRnXg36Okj4UF2UgcGao80Mb5NTwOxNaon4EeSBjWZDUEUPSGQ9POsc45m +YIOQ2iXECsOOXpaYlSkDejpHVk54Ed7lAX7HljXkRj+VMQlGw5z4o1lGwOmQHRHx +Vy4EqUqFxyzbbbxoPklptJICk6R2FmIb6X5SjQIDAQABAoIBAFl1Rf6eo57mtJqI +A4IfNTjetQPSloGFrgWRi8PwkoFX7Dj6zUJc8h3vc8pAAnhfYWV4QOWec3pjNiAk +NaVF2Z0lfoveYy0qEUn91a7untJ0WBZ8pEAGEunfWazroNQf4UbvQfT028xI55UU +YdARnq6snok01s2CtLv8wPZXsRwDRzs3FGg+S9ZCyYJ/NdRVn9JdjJLqi79mqGqM +il2bia6xmS7C/FVbHo3qS1G3WTXuwN6wLRihAzAzgvByeRnj1P3XuBU5xdAUwulm +6/LAcdZ/teWhR0z/NGAkCJ5NZa9u6u0OAyc6HSrPG6sGo8fQjXNWUIMwP2ucpg8q +Cvxt0GECgYEA/xfPo9d3cAFCnrBkefamtOU2jOOJeFVoapYQpEpOR0soTKx1BqUz +MWoqDuwjQTutwmfOlsDCL7T7QCQwAOQ4jwNdxwTm1EysNojVTkwoFJBicmvjrjof +MYyXv6EuDJnSDSmeTLuiDL91VoYgE1IeJjrunDLTCEFYBObI/LOjCmUCgYEA9Dn8 +a5wm15t4pSFJl81vLfY8lz4FtCWYygqmafh1HEb8UOAFZAEtCe7ulb1E4ce/IaNt +/YALjbMFT5D0jhRwmljBLHzJh3v9H0jl/0vudXxrzS7bqfHnbB0enJWsZBCfDBA6 +hiZd645F4gJyWcI/MQXP199w+UgV/v80XGyFUQkCgYBejo/8VrFCRmVQd2g3QXOY +GGL5JJrfjSEwaUHv9E9B5B0jFsYmWXQ5e/XtJCEJXDrTljEg9oDEuFxt8TwOCIri +kEfhrvJ1fZpUeLJA3L/6p26mpVF3UrofXtMdSHzOVPJkyKmSHfc6rHmtQfh/0O+2 +EiBCrCBHrhkXcAjOizQDdQKBgQDNb9l9S6UAyK77eLzHDO/w4aimMG3r05Rqn/rM +OUuJtcyY21itfq+8I1hebQ98POHyEd971jHhyC03eN++hEMUEoSsP2vmo82Qe2m9 +DspP2ZF0z23Hzsy0jOorHVwd8D1ZkG0qWyu18b+nFhfKmTM+sXzcQgBuMM0P6uzI +siCSwQKBgCOPBbSSXEIMUAKcsJ0p+j2fEy6CKmb/lOu+Aw1uvVNZI+xoOuXTmj9h +Jf79Lbhj16vmj0BPhRPyVEpgGIbNLiAU8518xGGaNdJgxQONwn9UGSJz4bgsbNBj +icwIRVYbKF13EKJp50tFpY+4FK2Z6Bg2KXh5RWWQdYcTApWBjyrZ +-----END RSA PRIVATE KEY----- diff --git a/testing/tests/strong-certs/hosts/moon/etc/ipsec.secrets b/testing/tests/strong-certs/hosts/moon/etc/ipsec.secrets new file mode 100644 index 000000000..e86d6aa5c --- /dev/null +++ b/testing/tests/strong-certs/hosts/moon/etc/ipsec.secrets @@ -0,0 +1,3 @@ +# /etc/ipsec.secrets - strongSwan IPsec secrets file + +: RSA moonKey.pem diff --git a/testing/tests/strong-certs/posttest.dat b/testing/tests/strong-certs/posttest.dat new file mode 100644 index 000000000..12b540b53 --- /dev/null +++ b/testing/tests/strong-certs/posttest.dat @@ -0,0 +1,15 @@ +moon::iptables -v -n -L +carol::iptables -v -n -L +dave::iptables -v -n -L +moon::ipsec stop +carol::ipsec stop +dave::ipsec stop +moon::/etc/init.d/iptables stop 2> /dev/null +carol::/etc/init.d/iptables stop 2> /dev/null +dave::/etc/init.d/iptables stop 2> /dev/null +moon::rm /etc/ipsec.d/private/* +carol::rm /etc/ipsec.d/private/* +dave::rm /etc/ipsec.d/private/* +moon::rm /etc/ipsec.d/certs/* +carol::rm /etc/ipsec.d/certs/* +dave::rm /etc/ipsec.d/certs/* diff --git a/testing/tests/strong-certs/pretest.dat b/testing/tests/strong-certs/pretest.dat new file mode 100644 index 000000000..de51ccdfa --- /dev/null +++ b/testing/tests/strong-certs/pretest.dat @@ -0,0 +1,10 @@ +moon::/etc/init.d/iptables start 2> /dev/null +carol::/etc/init.d/iptables start 2> /dev/null +dave::/etc/init.d/iptables start 2> /dev/null +moon::ipsec start +carol::ipsec start +dave::ipsec start +carol::sleep 1 +carol::ipsec up home +dave::ipsec up home +carol::sleep 1 diff --git a/testing/tests/strong-certs/test.conf b/testing/tests/strong-certs/test.conf new file mode 100644 index 000000000..70416826e --- /dev/null +++ b/testing/tests/strong-certs/test.conf @@ -0,0 +1,21 @@ +#!/bin/bash +# +# This configuration file provides information on the +# UML instances used for this test + +# All UML instances that are required for this test +# +UMLHOSTS="alice moon carol winnetou dave" + +# Corresponding block diagram +# +DIAGRAM="a-m-c-w-d.png" + +# UML instances on which tcpdump is to be started +# +TCPDUMPHOSTS="moon" + +# UML instances on which IPsec is started +# Used for IPsec logging purposes +# +IPSECHOSTS="moon carol dave" |