New upstream version 5.5.2

author: Yves-Alexis Perez <corsac@corsac.net> 2017-04-01 16:26:44 +0200
committer: Yves-Alexis Perez <corsac@corsac.net> 2017-04-01 16:26:44 +0200
commit: 05ddd767992d68bb38c7f16ece142e8c2e9ae016 (patch)
tree: 302c618be306d4ed3c7f9fc58a1f6aaad4dd252f /src/libstrongswan/credentials/keys
parent: 25663e04c3ab01ef8dc9f906608282319cfea2db (diff)
download: vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.tar.gz
vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.zip
2 files changed, 41 insertions, 16 deletions
diff --git a/src/libstrongswan/credentials/keys/public_key.c b/src/libstrongswan/credentials/keys/public_key.c
index 03f93b1d3..2c76ad680 100644
--- a/src/libstrongswan/credentials/keys/public_key.c
+++ b/src/libstrongswan/credentials/keys/public_key.c
@@ -24,6 +24,8 @@ ENUM(key_type_names, KEY_ANY, KEY_BLISS,
 	"RSA",
 	"ECDSA",
 	"DSA",
+	"ED25519",
+	"ED448",
 	"BLISS"
 );
 
@@ -48,6 +50,8 @@ ENUM(signature_scheme_names, SIGN_UNKNOWN, SIGN_BLISS_WITH_SHA3_512,
 	"ECDSA-256",
 	"ECDSA-384",
 	"ECDSA-521",
+	"ED25519",
+	"ED448",
 	"BLISS_WITH_SHA2_256",
 	"BLISS_WITH_SHA2_384",
 	"BLISS_WITH_SHA2_512",
@@ -151,6 +155,10 @@ signature_scheme_t signature_scheme_from_oid(int oid)
 			return SIGN_ECDSA_WITH_SHA384_DER;
 		case OID_ECDSA_WITH_SHA512:
 			return SIGN_ECDSA_WITH_SHA512_DER;
+		case OID_ED25519:
+			return SIGN_ED25519;
+		case OID_ED448:
+			return SIGN_ED448;
 		case OID_BLISS_PUBLICKEY:
 		case OID_BLISS_WITH_SHA2_512:
 			return SIGN_BLISS_WITH_SHA2_512;
@@ -210,6 +218,10 @@ int signature_scheme_to_oid(signature_scheme_t scheme)
 			return OID_ECDSA_WITH_SHA384;
 		case SIGN_ECDSA_WITH_SHA512_DER:
 			return OID_ECDSA_WITH_SHA512;
+		case SIGN_ED25519:
+			return OID_ED25519;
+		case SIGN_ED448:
+			return OID_ED448;
 		case SIGN_BLISS_WITH_SHA2_256:
 			return OID_BLISS_WITH_SHA2_256;
 		case SIGN_BLISS_WITH_SHA2_384:
@@ -236,15 +248,17 @@ static struct {
 	key_type_t type;
 	int max_keysize;
 } scheme_map[] = {
-	{ SIGN_RSA_EMSA_PKCS1_SHA2_256, KEY_RSA, 3072 },
-	{ SIGN_RSA_EMSA_PKCS1_SHA2_384, KEY_RSA, 7680 },
-	{ SIGN_RSA_EMSA_PKCS1_SHA2_512, KEY_RSA, 0 },
-	{ SIGN_ECDSA_WITH_SHA256_DER, KEY_ECDSA, 256 },
-	{ SIGN_ECDSA_WITH_SHA384_DER, KEY_ECDSA, 384 },
-	{ SIGN_ECDSA_WITH_SHA512_DER, KEY_ECDSA, 0 },
-	{ SIGN_BLISS_WITH_SHA2_256,   KEY_BLISS, 128 },
-	{ SIGN_BLISS_WITH_SHA2_384,   KEY_BLISS, 192 },
-	{ SIGN_BLISS_WITH_SHA2_512,   KEY_BLISS, 0 }
+	{ SIGN_RSA_EMSA_PKCS1_SHA2_256, KEY_RSA,  3072 },
+	{ SIGN_RSA_EMSA_PKCS1_SHA2_384, KEY_RSA,  7680 },
+	{ SIGN_RSA_EMSA_PKCS1_SHA2_512, KEY_RSA,     0 },
+	{ SIGN_ECDSA_WITH_SHA256_DER,   KEY_ECDSA, 256 },
+	{ SIGN_ECDSA_WITH_SHA384_DER,   KEY_ECDSA, 384 },
+	{ SIGN_ECDSA_WITH_SHA512_DER,   KEY_ECDSA,   0 },
+	{ SIGN_ED25519,                 KEY_ED25519, 0 },
+	{ SIGN_ED448,                   KEY_ED448,   0 },
+	{ SIGN_BLISS_WITH_SHA2_256,     KEY_BLISS, 128 },
+	{ SIGN_BLISS_WITH_SHA2_384,     KEY_BLISS, 192 },
+	{ SIGN_BLISS_WITH_SHA2_512,     KEY_BLISS,   0 }
 };
 
 /**
@@ -323,6 +337,10 @@ key_type_t key_type_from_signature_scheme(signature_scheme_t scheme)
 		case SIGN_ECDSA_384:
 		case SIGN_ECDSA_521:
 			return KEY_ECDSA;
+		case SIGN_ED25519:
+			return KEY_ED25519;
+		case SIGN_ED448:
+			return KEY_ED448;
 		case SIGN_BLISS_WITH_SHA2_256:
 		case SIGN_BLISS_WITH_SHA2_384:
 		case SIGN_BLISS_WITH_SHA2_512:
diff --git a/src/libstrongswan/credentials/keys/public_key.h b/src/libstrongswan/credentials/keys/public_key.h
index 236128234..06c1aa488 100644
--- a/src/libstrongswan/credentials/keys/public_key.h
+++ b/src/libstrongswan/credentials/keys/public_key.h
@@ -1,7 +1,7 @@
 /*
  * Copyright (C) 2015 Tobias Brunner
  * Copyright (C) 2007 Martin Willi
- * Copyright (C) 2014-2016 Andreas Steffen
+ * Copyright (C) 2014-2017 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -37,16 +37,19 @@ typedef enum encryption_scheme_t encryption_scheme_t;
  */
 enum key_type_t {
 	/** key type wildcard */
-	KEY_ANY   = 0,
+	KEY_ANY     = 0,
 	/** RSA crypto system as in PKCS#1 */
-	KEY_RSA   = 1,
+	KEY_RSA     = 1,
 	/** ECDSA as in ANSI X9.62 */
-	KEY_ECDSA = 2,
+	KEY_ECDSA   = 2,
 	/** DSA */
-	KEY_DSA   = 3,
+	KEY_DSA     = 3,
+	/** Ed25519 PureEdDSA instance as in RFC 8032 */
+	KEY_ED25519 = 4,
+	/** Ed448   PureEdDSA instance as in RFC 8032 */
+	KEY_ED448   = 5,
 	/** BLISS */
-	KEY_BLISS = 4,
-	/** ElGamal, ... */
+	KEY_BLISS = 6,
 };
 
 /**
@@ -102,6 +105,10 @@ enum signature_scheme_t {
 	SIGN_ECDSA_384,
 	/** ECDSA on the P-521 curve with SHA-512 as in RFC 4754           */
 	SIGN_ECDSA_521,
+	/** PureEdDSA on Curve25519 as in draft-ietf-curdle-pkix (RFC TBA) */
+	SIGN_ED25519,
+	/** PureEdDSA on Curve448 as in draft-ietf-curdle-pkix (RFC TBA)   */
+	SIGN_ED448,
 	/** BLISS with SHA-2_256                                           */
 	SIGN_BLISS_WITH_SHA2_256,
 	/** BLISS with SHA-2_384                                           */
author	Yves-Alexis Perez <corsac@corsac.net>	2017-04-01 16:26:44 +0200
committer	Yves-Alexis Perez <corsac@corsac.net>	2017-04-01 16:26:44 +0200
commit	05ddd767992d68bb38c7f16ece142e8c2e9ae016 (patch)
tree	302c618be306d4ed3c7f9fc58a1f6aaad4dd252f /src/libstrongswan/credentials/keys
parent	25663e04c3ab01ef8dc9f906608282319cfea2db (diff)
download	vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.tar.gz vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.zip