New upstream version 5.6.1

author: Yves-Alexis Perez <corsac@corsac.net> 2017-11-21 10:22:31 +0100
committer: Yves-Alexis Perez <corsac@corsac.net> 2017-11-21 10:22:31 +0100
commit: e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e (patch)
tree: ae0c8b5f4cd8289d0797882ea18969f33ea59a1e /src/libstrongswan/crypto/hashers
parent: 11d6b62db969bdd808d0f56706cb18f113927a31 (diff)
download: vyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.tar.gz
vyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.zip
2 files changed, 87 insertions, 8 deletions
diff --git a/src/libstrongswan/crypto/hashers/hasher.c b/src/libstrongswan/crypto/hashers/hasher.c
index 26aab0ccc..2bd55ad2e 100644
--- a/src/libstrongswan/crypto/hashers/hasher.c
+++ b/src/libstrongswan/crypto/hashers/hasher.c
@@ -19,19 +19,20 @@
 #include "hasher.h"
 
 #include <asn1/oid.h>
+#include <credentials/keys/signature_params.h>
 
 ENUM_BEGIN(hash_algorithm_names, HASH_SHA1, HASH_IDENTITY,
 	"HASH_SHA1",
-	"HASH_SHA256",
-	"HASH_SHA384",
-	"HASH_SHA512",
+	"HASH_SHA2_256",
+	"HASH_SHA2_384",
+	"HASH_SHA2_512",
 	"HASH_IDENTITY");
 ENUM_NEXT(hash_algorithm_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
 	"HASH_UNKNOWN",
 	"HASH_MD2",
 	"HASH_MD4",
 	"HASH_MD5",
-	"HASH_SHA224",
+	"HASH_SHA2_224",
 	"HASH_SHA3_224",
 	"HASH_SHA3_256",
 	"HASH_SHA3_384",
@@ -56,6 +57,62 @@ ENUM_NEXT(hash_algorithm_short_names, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY
 	"sha3_512");
 ENUM_END(hash_algorithm_short_names, HASH_SHA3_512);
 
+ENUM_BEGIN(hash_algorithm_short_names_upper, HASH_SHA1, HASH_IDENTITY,
+	"SHA1",
+	"SHA2_256",
+	"SHA2_384",
+	"SHA2_512",
+	"IDENTITY");
+ENUM_NEXT(hash_algorithm_short_names_upper, HASH_UNKNOWN, HASH_SHA3_512, HASH_IDENTITY,
+	"UNKNOWN",
+	"MD2",
+	"MD4",
+	"MD5",
+	"SHA2_224",
+	"SHA3_224",
+	"SHA3_256",
+	"SHA3_384",
+	"SHA3_512");
+ENUM_END(hash_algorithm_short_names_upper, HASH_SHA3_512);
+
+/*
+ * Described in header
+ */
+size_t hasher_hash_size(hash_algorithm_t alg)
+{
+	switch (alg)
+	{
+		case HASH_SHA1:
+			return HASH_SIZE_SHA1;
+		case HASH_SHA256:
+			return HASH_SIZE_SHA256;
+		case HASH_SHA384:
+			return HASH_SIZE_SHA384;
+		case HASH_SHA512:
+			return HASH_SIZE_SHA512;
+		case HASH_MD2:
+			return HASH_SIZE_MD2;
+		case HASH_MD4:
+			return HASH_SIZE_MD4;
+		case HASH_MD5:
+			return HASH_SIZE_MD5;
+		case HASH_SHA224:
+			return HASH_SIZE_SHA224;
+		case HASH_SHA3_224:
+			return HASH_SIZE_SHA224;
+		case HASH_SHA3_256:
+			return HASH_SIZE_SHA256;
+		case HASH_SHA3_384:
+			return HASH_SIZE_SHA384;
+		case HASH_SHA3_512:
+			return HASH_SIZE_SHA512;
+		case HASH_IDENTITY:
+		case HASH_UNKNOWN:
+			break;
+	}
+	return 0;
+}
+
 /*
  * Described in header.
  */
@@ -287,7 +344,6 @@ bool hasher_algorithm_for_ikev2(hash_algorithm_t alg)
 	switch (alg)
 	{
 		case HASH_IDENTITY:
-		case HASH_SHA1:
 		case HASH_SHA256:
 		case HASH_SHA384:
 		case HASH_SHA512:
@@ -296,6 +352,7 @@ bool hasher_algorithm_for_ikev2(hash_algorithm_t alg)
 		case HASH_MD2:
 		case HASH_MD4:
 		case HASH_MD5:
+		case HASH_SHA1:
 		case HASH_SHA224:
 		case HASH_SHA3_224:
 		case HASH_SHA3_256:
@@ -445,7 +502,8 @@ int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key)
 /*
  * Defined in header.
  */
-hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme)
+hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme,
+											  void *params)
 {
 	switch (scheme)
 	{
@@ -453,6 +511,13 @@ hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme)
 		case SIGN_RSA_EMSA_PKCS1_NULL:
 		case SIGN_ECDSA_WITH_NULL:
 			break;
+		case SIGN_RSA_EMSA_PSS:
+			if (params)
+			{
+				rsa_pss_params_t *pss = params;
+				return pss->hash;
+			}
+			break;
 		case SIGN_ED25519:
 		case SIGN_ED448:
 			return HASH_IDENTITY;
diff --git a/src/libstrongswan/crypto/hashers/hasher.h b/src/libstrongswan/crypto/hashers/hasher.h
index ec0c6320b..41654553d 100644
--- a/src/libstrongswan/crypto/hashers/hasher.h
+++ b/src/libstrongswan/crypto/hashers/hasher.h
@@ -27,7 +27,6 @@
 typedef enum hash_algorithm_t hash_algorithm_t;
 typedef struct hasher_t hasher_t;
 
-#include <library.h>
 #include <crypto/prfs/prf.h>
 #include <crypto/signers/signer.h>
 #include <credentials/keys/public_key.h>
@@ -75,6 +74,11 @@ extern enum_name_t *hash_algorithm_names;
 extern enum_name_t *hash_algorithm_short_names;
 
 /**
+ * Uppercase short names for hash_algorithm_names
+ */
+extern enum_name_t *hash_algorithm_short_names_upper;
+
+/**
  * Generic interface for all hash functions.
  */
 struct hasher_t {
@@ -131,6 +135,14 @@ struct hasher_t {
 };
 
 /**
+ * Returns the size of the hash for the given algorithm.
+ *
+ * @param alg			hash algorithm
+ * @return				size of hash or 0 if unknown
+ */
+size_t hasher_hash_size(hash_algorithm_t alg);
+
+/**
  * Conversion of ASN.1 OID to hash algorithm.
  *
  * @param oid			ASN.1 OID
@@ -199,8 +211,10 @@ int hasher_signature_algorithm_to_oid(hash_algorithm_t alg, key_type_t key);
  * Determine the hash algorithm associated with a given signature scheme.
  *
  * @param scheme		signature scheme
+ * @param params		optional parameters
  * @return				hash algorithm (could be HASH_UNKNOWN)
  */
-hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme);
+hash_algorithm_t hasher_from_signature_scheme(signature_scheme_t scheme,
+											  void *params);
 
 #endif /** HASHER_H_ @}*/
author	Yves-Alexis Perez <corsac@corsac.net>	2017-11-21 10:22:31 +0100
committer	Yves-Alexis Perez <corsac@corsac.net>	2017-11-21 10:22:31 +0100
commit	e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e (patch)
tree	ae0c8b5f4cd8289d0797882ea18969f33ea59a1e /src/libstrongswan/crypto/hashers
parent	11d6b62db969bdd808d0f56706cb18f113927a31 (diff)
download	vyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.tar.gz vyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.zip