Major new upstream release, just ran svn-upgrade for now (and wrote some

debian/changelong entries).

4 files changed, 454 insertions, 0 deletions

diff --git a/src/libstrongswan/crypto/signers/hmac_signer.c b/src/libstrongswan/crypto/signers/hmac_signer.c
new file mode 100644
index 000000000..76e1ce50e
--- /dev/null
+++ b/src/libstrongswan/crypto/signers/hmac_signer.c
@@ -0,0 +1,174 @@
+/**
+ * @file hmac_signer.c
+ * 
+ * @brief Implementation of hmac_signer_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <string.h>
+
+#include "hmac_signer.h"
+
+#include <crypto/prfs/hmac_prf.h>
+
+typedef struct private_hmac_signer_t private_hmac_signer_t;
+
+/**
+ * Private data structure with signing context.
+ */
+struct private_hmac_signer_t {
+	/**
+	 * Public interface of hmac_signer_t.
+	 */
+	hmac_signer_t public;
+	
+	/**
+	 * Assigned hmac function.
+	 */
+	prf_t *hmac_prf;
+	
+	/**
+	 * Block size (truncation of HMAC Hash)
+	 */
+	size_t block_size;
+};
+
+/**
+ * Implementation of signer_t.get_signature.
+ */
+static void get_signature (private_hmac_signer_t *this, chunk_t data, u_int8_t *buffer)
+{
+	u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
+	
+	this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);
+
+	/* copy MAC depending on truncation */
+	memcpy(buffer, full_mac, this->block_size);
+}
+
+/**
+ * Implementation of signer_t.allocate_signature.
+ */
+static void allocate_signature (private_hmac_signer_t *this, chunk_t data, chunk_t *chunk)
+{
+	chunk_t signature;
+	u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
+	
+	this->hmac_prf->get_bytes(this->hmac_prf,data,full_mac);
+
+	signature.ptr = malloc(this->block_size);
+	signature.len = this->block_size;
+	
+	/* copy signature */
+	memcpy(signature.ptr, full_mac, this->block_size);
+
+	*chunk = signature;
+}
+
+/**
+ * Implementation of signer_t.verify_signature.
+ */
+static bool verify_signature(private_hmac_signer_t *this, chunk_t data, chunk_t signature)
+{
+	u_int8_t full_mac[this->hmac_prf->get_block_size(this->hmac_prf)];
+	
+	this->hmac_prf->get_bytes(this->hmac_prf, data, full_mac);
+	
+	if (signature.len != this->block_size)
+	{
+		return FALSE;
+	}
+	
+	/* compare mac aka signature :-) */
+	if (memcmp(signature.ptr, full_mac, this->block_size) == 0)
+	{
+		return TRUE;
+	}
+	else
+	{
+		return FALSE;
+	}
+}
+
+/**
+ * Implementation of signer_t.get_key_size.
+ */
+static size_t get_key_size(private_hmac_signer_t *this)
+{
+	/* for HMAC signer, IKEv2 uses block size as key size */
+	return this->hmac_prf->get_block_size(this->hmac_prf);
+}
+
+/**
+ * Implementation of signer_t.get_block_size.
+ */
+static size_t get_block_size(private_hmac_signer_t *this)
+{
+	return this->block_size;
+}
+
+/**
+ * Implementation of signer_t.set_key.
+ */
+static void set_key(private_hmac_signer_t *this, chunk_t key)
+{
+	this->hmac_prf->set_key(this->hmac_prf, key);
+}
+
+/**
+ * Implementation of signer_t.destroy.
+ */
+static status_t destroy(private_hmac_signer_t *this)
+{
+	this->hmac_prf->destroy(this->hmac_prf);
+	free(this);
+	return SUCCESS;
+}
+
+/*
+ * Described in header
+ */
+hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm, size_t block_size)
+{
+	size_t hmac_block_size;
+	private_hmac_signer_t *this = malloc_thing(private_hmac_signer_t);
+
+	this->hmac_prf = (prf_t *) hmac_prf_create(hash_algoritm);
+	if (this->hmac_prf == NULL)
+	{
+		/* algorithm not supported */
+		free(this);
+		return NULL;
+	}
+	
+	/* prevent invalid truncation */
+	hmac_block_size = this->hmac_prf->get_block_size(this->hmac_prf);
+	this->block_size = min(block_size, hmac_block_size);
+	
+	/* interface functions */
+	this->public.signer_interface.get_signature = (void (*) (signer_t*, chunk_t, u_int8_t*))get_signature;
+	this->public.signer_interface.allocate_signature = (void (*) (signer_t*, chunk_t, chunk_t*))allocate_signature;
+	this->public.signer_interface.verify_signature = (bool (*) (signer_t*, chunk_t, chunk_t))verify_signature;
+	this->public.signer_interface.get_key_size = (size_t (*) (signer_t*))get_key_size;
+	this->public.signer_interface.get_block_size = (size_t (*) (signer_t*))get_block_size;
+	this->public.signer_interface.set_key = (void (*) (signer_t*,chunk_t))set_key;
+	this->public.signer_interface.destroy = (void (*) (signer_t*))destroy;
+	
+	return &(this->public);
+}
diff --git a/src/libstrongswan/crypto/signers/hmac_signer.h b/src/libstrongswan/crypto/signers/hmac_signer.h
new file mode 100644
index 000000000..2449069bd
--- /dev/null
+++ b/src/libstrongswan/crypto/signers/hmac_signer.h
@@ -0,0 +1,68 @@
+/**
+ * @file hmac_signer.h
+ * 
+ * @brief Interface of hmac_signer_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef HMAC_SIGNER_H_
+#define HMAC_SIGNER_H_
+
+typedef struct hmac_signer_t hmac_signer_t;
+
+#include <crypto/signers/signer.h>
+#include <crypto/hashers/hasher.h>
+
+/**
+ * @brief Implementation of signer_t interface using HMAC.
+ *
+ * HMAC uses a standard hash function implemented in a hasher_t to build
+ * a MAC.
+ *
+ * @ingroup signers
+ */
+struct hmac_signer_t {
+	
+	/**
+	 * generic signer_t interface for this signer
+	 */
+	signer_t signer_interface;
+};
+
+/**
+ * @brief Creates a new hmac_signer_t.
+ *
+ * HMAC signatures are often truncated to shorten them to a more usable, but
+ * still secure enough length.
+ * Block size must be equal or smaller then the hash algorithms
+ * hash.
+ *
+ * @param hash_algoritm		Hash algorithm to use with signer
+ * @param block_size		Size of resulting signature (truncated to block_size)
+ * @return					
+ * 							- hmac_signer_t
+ * 							- NULL if hash algorithm not supported
+ * 
+ * @ingroup signers
+ */
+hmac_signer_t *hmac_signer_create(hash_algorithm_t hash_algoritm,
+								  size_t block_size);
+
+
+#endif /*HMAC_SIGNER_H_*/
diff --git a/src/libstrongswan/crypto/signers/signer.c b/src/libstrongswan/crypto/signers/signer.c
new file mode 100644
index 000000000..747bc5efa
--- /dev/null
+++ b/src/libstrongswan/crypto/signers/signer.c
@@ -0,0 +1,65 @@
+/**
+ * @file signer.c
+ * 
+ * @brief Implementation of generic signer_t constructor.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include "signer.h"
+
+#include <crypto/signers/hmac_signer.h>
+
+ENUM_BEGIN(integrity_algorithm_names, AUTH_UNDEFINED, AUTH_HMAC_SHA1_128,
+	"UNDEFINED",
+	"AUTH_HMAC_SHA1_128");
+ENUM_NEXT(integrity_algorithm_names, AUTH_HMAC_MD5_96, AUTH_AES_XCBC_96, AUTH_HMAC_SHA1_128,
+	"HMAC_MD5_96",
+	"HMAC_SHA1_96",
+	"DES_MAC",
+	"KPDK_MD5",
+	"AES_XCBC_96");
+ENUM_NEXT(integrity_algorithm_names, AUTH_HMAC_SHA2_256_128, AUTH_HMAC_SHA2_512_256, AUTH_AES_XCBC_96,
+	"AUTH_HMAC_SHA2_256_128",
+	"AUTH_HMAC_SHA2_384_192",
+	"AUTH_HMAC_SHA2_512_256");
+ENUM_END(integrity_algorithm_names, AUTH_HMAC_SHA2_512_256);
+
+/*
+ * Described in header.
+ */
+signer_t *signer_create(integrity_algorithm_t integrity_algorithm)
+{
+	switch(integrity_algorithm)
+	{
+		case AUTH_HMAC_SHA1_96:
+			return (signer_t *)hmac_signer_create(HASH_SHA1, 12);
+		case AUTH_HMAC_SHA1_128:
+			return (signer_t *)hmac_signer_create(HASH_SHA1, 16);
+		case AUTH_HMAC_MD5_96:
+			return (signer_t *)hmac_signer_create(HASH_MD5, 12);
+		case AUTH_HMAC_SHA2_256_128:
+			return (signer_t *)hmac_signer_create(HASH_SHA256, 16);
+		case AUTH_HMAC_SHA2_384_192:
+			return (signer_t *)hmac_signer_create(HASH_SHA384, 24);
+		case AUTH_HMAC_SHA2_512_256:
+			return (signer_t *)hmac_signer_create(HASH_SHA512, 32);
+		default:
+			return NULL;
+	}
+}
diff --git a/src/libstrongswan/crypto/signers/signer.h b/src/libstrongswan/crypto/signers/signer.h
new file mode 100644
index 000000000..0f3709712
--- /dev/null
+++ b/src/libstrongswan/crypto/signers/signer.h
@@ -0,0 +1,147 @@
+/**
+ * @file signer.h
+ * 
+ * @brief Interface for signer_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005-2006 Martin Willi
+ * Copyright (C) 2005 Jan Hutter
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef SIGNER_H_
+#define SIGNER_H_
+
+typedef enum integrity_algorithm_t integrity_algorithm_t;
+typedef struct signer_t signer_t;
+
+#include <library.h>
+
+/**
+ * @brief Integrity algorithm, as in IKEv2 RFC 3.3.2.
+ *
+ * Algorithms not specified in IKEv2 are allocated in private use space.
+ *
+ * @ingroup signers
+ */
+enum integrity_algorithm_t {
+	AUTH_UNDEFINED = 1024,
+	/** Implemented via hmac_signer_t */
+	AUTH_HMAC_MD5_96 = 1,
+	/** Implemented via hmac_signer_t */
+	AUTH_HMAC_SHA1_96 = 2,
+	AUTH_DES_MAC = 3,
+	AUTH_KPDK_MD5 = 4,
+	AUTH_AES_XCBC_96 = 5,
+	/** Implemented via hmac_signer_t */
+	AUTH_HMAC_SHA2_256_128 = 12,
+	/** Implemented via hmac_signer_t */
+	AUTH_HMAC_SHA2_384_192 = 13,
+	/** Implemented via hmac_signer_t */
+	AUTH_HMAC_SHA2_512_256 = 14,
+	/** Implemented via hmac_signer_t */
+	AUTH_HMAC_SHA1_128 = 1025,
+};
+
+/**
+ * enum names for integrity_algorithm_t.
+ */
+extern enum_name_t *integrity_algorithm_names;
+
+/**
+ * @brief Generig interface for a symmetric signature algorithm.
+ *
+ * @b Constructors:
+ *  - signer_create()
+ *  - hmac_signer_create()
+ *
+ * @todo Implement more integrity algorithms
+ *
+ * @ingroup signers
+ */
+struct signer_t {
+	/**
+	 * @brief Generate a signature.
+	 * 
+	 * @param this			calling object
+	 * @param data			a chunk containing the data to sign
+	 * @param[out] buffer	pointer where the signature will be written
+	 */
+	void (*get_signature) (signer_t *this, chunk_t data, u_int8_t *buffer);
+	
+	/**
+	 * @brief Generate a signature and allocate space for it.
+	 * 
+	 * @param this			calling object
+	 * @param data			a chunk containing the data to sign
+	 * @param[out] chunk	chunk which will hold the allocated signature
+	 */
+	void (*allocate_signature) (signer_t *this, chunk_t data, chunk_t *chunk);
+	
+	/**
+	 * @brief Verify a signature.
+	 * 
+	 * @param this			calling object
+	 * @param data			a chunk containing the data to verify
+	 * @param signature		a chunk containing the signature
+	 * @return				TRUE, if signature is valid, FALSE otherwise
+	 */
+	bool (*verify_signature) (signer_t *this, chunk_t data, chunk_t signature);
+	
+	/**
+	 * @brief Get the block size of this signature algorithm.
+	 * 
+	 * @param this			calling object
+	 * @return				block size in bytes
+	 */
+	size_t (*get_block_size) (signer_t *this);
+	
+	/**
+	 * @brief Get the key size of the signature algorithm.
+	 * 
+	 * @param this			calling object
+	 * @return				key size in bytes
+	 */
+	size_t (*get_key_size) (signer_t *this);
+	
+	/**
+	 * @brief Set the key for this object.
+	 * 
+	 * @param this			calling object
+	 * @param key			key to set
+	 */
+	void (*set_key) (signer_t *this, chunk_t key);
+	
+	/**
+	 * @brief Destroys a signer_t object.
+	 *
+	 * @param this			calling object
+	 */
+	void (*destroy) (signer_t *this);
+};
+
+/**
+ * @brief Creates a new signer_t object.
+ * 
+ * @param integrity_algorithm	Algorithm to use for signing and verifying.
+ * @return
+ * 								- signer_t object
+ * 								- NULL if signer not supported
+ * 
+ * @ingroup signers
+ */
+signer_t *signer_create(integrity_algorithm_t integrity_algorithm);
+
+#endif /*SIGNER_H_*/