diff options
author | Yves-Alexis Perez <corsac@debian.org> | 2014-03-11 20:48:48 +0100 |
---|---|---|
committer | Yves-Alexis Perez <corsac@debian.org> | 2014-03-11 20:48:48 +0100 |
commit | 15fb7904f4431a6e7c305fd08732458f7f885e7e (patch) | |
tree | c93b60ee813af70509f00f34e29ebec311762427 /src/libstrongswan/crypto | |
parent | 5313d2d78ca150515f7f5eb39801c100690b6b29 (diff) | |
download | vyos-strongswan-15fb7904f4431a6e7c305fd08732458f7f885e7e.tar.gz vyos-strongswan-15fb7904f4431a6e7c305fd08732458f7f885e7e.zip |
Imported Upstream version 5.1.2
Diffstat (limited to 'src/libstrongswan/crypto')
-rw-r--r-- | src/libstrongswan/crypto/crypto_factory.c | 6 | ||||
-rw-r--r-- | src/libstrongswan/crypto/crypto_tester.c | 8 | ||||
-rw-r--r-- | src/libstrongswan/crypto/diffie_hellman.c | 9 | ||||
-rw-r--r-- | src/libstrongswan/crypto/diffie_hellman.h | 5 | ||||
-rw-r--r-- | src/libstrongswan/crypto/proposal/proposal_keywords.c | 55 | ||||
-rw-r--r-- | src/libstrongswan/crypto/proposal/proposal_keywords.h | 13 | ||||
-rw-r--r-- | src/libstrongswan/crypto/proposal/proposal_keywords_static.c | 324 | ||||
-rw-r--r-- | src/libstrongswan/crypto/proposal/proposal_keywords_static.txt | 8 |
8 files changed, 260 insertions, 168 deletions
diff --git a/src/libstrongswan/crypto/crypto_factory.c b/src/libstrongswan/crypto/crypto_factory.c index edcabfe58..dba3f6f6d 100644 --- a/src/libstrongswan/crypto/crypto_factory.c +++ b/src/libstrongswan/crypto/crypto_factory.c @@ -967,11 +967,11 @@ crypto_factory_t *crypto_factory_create() .lock = rwlock_create(RWLOCK_TYPE_DEFAULT), .tester = crypto_tester_create(), .test_on_add = lib->settings->get_bool(lib->settings, - "libstrongswan.crypto_test.on_add", FALSE), + "%s.crypto_test.on_add", FALSE, lib->ns), .test_on_create = lib->settings->get_bool(lib->settings, - "libstrongswan.crypto_test.on_create", FALSE), + "%s.crypto_test.on_create", FALSE, lib->ns), .bench = lib->settings->get_bool(lib->settings, - "libstrongswan.crypto_test.bench", FALSE), + "%s.crypto_test.bench", FALSE, lib->ns), ); return &this->public; diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c index 5a0dccced..30724b16d 100644 --- a/src/libstrongswan/crypto/crypto_tester.c +++ b/src/libstrongswan/crypto/crypto_tester.c @@ -1207,13 +1207,13 @@ crypto_tester_t *crypto_tester_create() .rng = linked_list_create(), .required = lib->settings->get_bool(lib->settings, - "libstrongswan.crypto_test.required", FALSE), + "%s.crypto_test.required", FALSE, lib->ns), .rng_true = lib->settings->get_bool(lib->settings, - "libstrongswan.crypto_test.rng_true", FALSE), + "%s.crypto_test.rng_true", FALSE, lib->ns), .bench_time = lib->settings->get_int(lib->settings, - "libstrongswan.crypto_test.bench_time", 50), + "%s.crypto_test.bench_time", 50, lib->ns), .bench_size = lib->settings->get_int(lib->settings, - "libstrongswan.crypto_test.bench_size", 1024), + "%s.crypto_test.bench_size", 1024, lib->ns), ); /* enforce a block size of 16, should be fine for all algorithms */ diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c index 3d319d2d4..5c1d08de2 100644 --- a/src/libstrongswan/crypto/diffie_hellman.c +++ b/src/libstrongswan/crypto/diffie_hellman.c @@ -45,7 +45,12 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, ECP_512_BP, ECP_521_BIT, ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_CUSTOM, ECP_512_BP, "MODP_NULL", "MODP_CUSTOM"); -ENUM_END(diffie_hellman_group_names, MODP_CUSTOM); +ENUM_NEXT(diffie_hellman_group_names, NTRU_112_BIT, NTRU_256_BIT, MODP_CUSTOM, + "NTRU_112", + "NTRU_128", + "NTRU_192", + "NTRU_256"); +ENUM_END(diffie_hellman_group_names, NTRU_256_BIT); /** @@ -439,7 +444,7 @@ diffie_hellman_params_t *diffie_hellman_get_params(diffie_hellman_group_t group) { if (!dh_params[i].public.subgroup.len && lib->settings->get_int(lib->settings, - "libstrongswan.dh_exponent_ansi_x9_42", TRUE)) + "%s.dh_exponent_ansi_x9_42", TRUE, lib->ns)) { dh_params[i].public.exp_len = dh_params[i].public.prime.len; } diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h index edf6bbd6d..00d700314 100644 --- a/src/libstrongswan/crypto/diffie_hellman.h +++ b/src/libstrongswan/crypto/diffie_hellman.h @@ -64,6 +64,11 @@ enum diffie_hellman_group_t { MODP_NULL = 1024, /** MODP group with custom generator/prime */ MODP_CUSTOM = 1025, + /** Parameters defined by IEEE 1363.1, in PRIVATE USE */ + NTRU_112_BIT = 1030, + NTRU_128_BIT = 1031, + NTRU_192_BIT = 1032, + NTRU_256_BIT = 1033 }; /** diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.c b/src/libstrongswan/crypto/proposal/proposal_keywords.c index 4db504eb0..bbb97d088 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords.c +++ b/src/libstrongswan/crypto/proposal/proposal_keywords.c @@ -56,6 +56,11 @@ struct private_proposal_keywords_t { linked_list_t * tokens; /** + * registered algname parsers, as proposal_algname_parser_t + */ + linked_list_t *parsers; + + /** * rwlock to lock access to modules */ rwlock_t *lock; @@ -85,11 +90,46 @@ static const proposal_token_t* find_token(private_proposal_keywords_t *this, return found; } +/** + * Parse the given algorithm into a token with user defined parser functions. + */ +static const proposal_token_t* parse_token(private_proposal_keywords_t *this, + const char *str) +{ + proposal_algname_parser_t parser; + enumerator_t *enumerator; + proposal_token_t *found = NULL; + + this->lock->read_lock(this->lock); + enumerator = this->parsers->create_enumerator(this->parsers); + while (enumerator->enumerate(enumerator, &parser)) + { + found = parser(str); + if (found) + { + break; + } + } + enumerator->destroy(enumerator); + this->lock->unlock(this->lock); + return found; +} + METHOD(proposal_keywords_t, get_token, const proposal_token_t*, private_proposal_keywords_t *this, const char *str) { - const proposal_token_t *token = proposal_get_token_static(str, strlen(str)); - return token ?: find_token(this, str); + const proposal_token_t *token; + + token = proposal_get_token_static(str, strlen(str)); + if (!token) + { + token = find_token(this, str); + } + if (!token) + { + token = parse_token(this, str); + } + return token; } METHOD(proposal_keywords_t, register_token, void, @@ -110,6 +150,14 @@ METHOD(proposal_keywords_t, register_token, void, this->lock->unlock(this->lock); } +METHOD(proposal_keywords_t, register_algname_parser, void, + private_proposal_keywords_t *this, proposal_algname_parser_t parser) +{ + this->lock->write_lock(this->lock); + this->tokens->insert_first(this->parsers, parser); + this->lock->unlock(this->lock); +} + METHOD(proposal_keywords_t, destroy, void, private_proposal_keywords_t *this) { @@ -121,6 +169,7 @@ METHOD(proposal_keywords_t, destroy, void, free(token); } this->tokens->destroy(this->tokens); + this->parsers->destroy(this->parsers); this->lock->destroy(this->lock); free(this); } @@ -136,9 +185,11 @@ proposal_keywords_t *proposal_keywords_create() .public = { .get_token = _get_token, .register_token = _register_token, + .register_algname_parser = _register_algname_parser, .destroy = _destroy, }, .tokens = linked_list_create(), + .parsers = linked_list_create(), .lock = rwlock_create(RWLOCK_TYPE_DEFAULT), ); diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.h b/src/libstrongswan/crypto/proposal/proposal_keywords.h index d6107abc0..5cdbafc51 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords.h +++ b/src/libstrongswan/crypto/proposal/proposal_keywords.h @@ -46,6 +46,8 @@ typedef struct proposal_token_t proposal_token_t; typedef struct proposal_keywords_t proposal_keywords_t; +typedef proposal_token_t*(*proposal_algname_parser_t)(const char *algname); + #include <library.h> #include <crypto/transform.h> @@ -102,6 +104,17 @@ struct proposal_keywords_t { u_int16_t keysize); /** + * Register an algorithm name parser. + * + * It is meant to parse an algorithm name into a proposal token in a + * generic, user defined way. + * + * @param parser a pointer to the parser function + */ + void (*register_algname_parser)(proposal_keywords_t *this, + proposal_algname_parser_t parser); + + /** * Destroy a proposal_keywords_t instance. */ void (*destroy)(proposal_keywords_t *this); diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c index a238f640e..1da1421f4 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.c +++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.c @@ -1,6 +1,6 @@ /* C code produced by gperf version 3.0.4 */ /* Command-line: /usr/bin/gperf -N proposal_get_token_static -m 10 -C -G -c -t -D */ -/* Computed positions: -k'1,5,7,10,15,$' */ +/* Computed positions: -k'1,5-7,10,15,$' */ #if !((' ' == 32) && ('!' == 33) && ('"' == 34) && ('#' == 35) \ && ('%' == 37) && ('&' == 38) && ('\'' == 39) && ('(' == 40) \ @@ -31,8 +31,8 @@ error "gperf generated tables don't work with this execution character set. Plea /* - * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * Copyright (C) 2009-2013 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil, Switzerland * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -59,12 +59,12 @@ struct proposal_token { u_int16_t keysize; }; -#define TOTAL_KEYWORDS 134 +#define TOTAL_KEYWORDS 138 #define MIN_WORD_LENGTH 3 #define MAX_WORD_LENGTH 17 -#define MIN_HASH_VALUE 4 -#define MAX_HASH_VALUE 215 -/* maximum key range = 212, duplicates = 0 */ +#define MIN_HASH_VALUE 20 +#define MAX_HASH_VALUE 295 +/* maximum key range = 276, duplicates = 0 */ #ifdef __GNUC__ __inline @@ -78,34 +78,34 @@ hash (str, len) register const char *str; register unsigned int len; { - static const unsigned char asso_values[] = + static const unsigned short asso_values[] = { - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 0, 4, - 1, 21, 15, 13, 9, 16, 2, 0, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 76, 216, 2, 28, 16, - 0, 39, 112, 42, 31, 0, 216, 216, 0, 9, - 100, 0, 7, 20, 95, 12, 44, 55, 216, 216, - 1, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216, 216, 216, 216, - 216, 216, 216, 216, 216, 216, 216 + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 47, 6, + 15, 8, 64, 24, 12, 14, 7, 5, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 120, 296, 9, 5, 22, + 48, 114, 28, 76, 6, 5, 296, 296, 5, 20, + 7, 14, 82, 7, 81, 98, 10, 86, 296, 296, + 5, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296, 296, 296, 296, + 296, 296, 296, 296, 296, 296, 296 }; register int hval = len; @@ -127,6 +127,8 @@ hash (str, len) hval += asso_values[(unsigned char)str[6]]; /*FALLTHROUGH*/ case 6: + hval += asso_values[(unsigned char)str[5]]; + /*FALLTHROUGH*/ case 5: hval += asso_values[(unsigned char)str[4]]; /*FALLTHROUGH*/ @@ -142,166 +144,178 @@ hash (str, len) static const struct proposal_token wordlist[] = { + {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, + {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, {"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0}, - {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, - {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192}, - {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, - {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128}, - {"camellia192ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192}, - {"camellia128ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128}, - {"camellia192ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192}, - {"camellia128ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128}, - {"camellia192ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192}, - {"camellia128ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128}, - {"camellia192ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192}, - {"camellia128ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128}, - {"camellia192ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192}, - {"camellia128ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128}, - {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0}, - {"camellia256ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256}, - {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256}, - {"camellia256ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256}, - {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192}, - {"camellia256ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256}, + {"noesn", EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0}, + {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0}, + {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0}, {"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, - {"camellia256ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256}, - {"prfmd5", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0}, - {"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192}, - {"camellia128ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128}, - {"camellia256ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256}, - {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, - {"camelliaxcbc", INTEGRITY_ALGORITHM, AUTH_CAMELLIA_XCBC_96, 0}, - {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, - {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, - {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256}, - {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0}, + {"prfsha1", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0}, + {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192}, + {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0}, + {"md5_128", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_128, 0}, {"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, + {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0}, + {"ntru128", DIFFIE_HELLMAN_GROUP, NTRU_128_BIT, 0}, + {"prfsha256", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0}, {"aes256", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 256}, + {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0}, + {"ntru192", DIFFIE_HELLMAN_GROUP, NTRU_192_BIT, 0}, + {"ntru112", DIFFIE_HELLMAN_GROUP, NTRU_112_BIT, 0}, + {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, + {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0}, + {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0}, + {"prfsha512", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0}, {"aes192ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192}, - {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, - {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192}, - {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128}, {"aes192ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192}, + {"aes128ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, {"aes128ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128}, {"aes192ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192}, - {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128}, - {"prfsha1", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1, 0}, - {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, {"aes192ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 192}, + {"aes128ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128}, {"aes128ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 128}, - {"prfsha256", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256, 0}, + {"aes192ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 192}, + {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, + {"aes128ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 128}, + {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0}, + {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0}, + {"ntru256", DIFFIE_HELLMAN_GROUP, NTRU_256_BIT, 0}, + {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0}, {"aes256ccm8", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, - {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, - {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256}, - {"prfsha512", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512, 0}, {"aes256ccm128", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256}, - {"aescmac", INTEGRITY_ALGORITHM, AUTH_AES_CMAC_96, 0}, + {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128}, {"aes256ccm96", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256}, - {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192}, - {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, {"aes256ccm16", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, 256}, - {"aesxcbc", INTEGRITY_ALGORITHM, AUTH_AES_XCBC_96, 0}, + {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192}, + {"aes256ccm12", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, 256}, + {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, + {"camellia192ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192}, + {"camellia192ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192}, + {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0}, + {"camellia192ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192}, + {"camellia192ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 192}, + {"prfsha384", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0}, + {"camellia192ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 192}, + {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, + {"camellia128ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128}, + {"camellia128ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128}, + {"prfmd5", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5, 0}, + {"camellia256", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 256}, + {"camellia128ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128}, + {"camellia128ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 128}, + {"camellia128ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 128}, + {"camellia256ccm8", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256}, + {"camellia256ccm128",ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256}, + {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0}, + {"camelliaxcbc", INTEGRITY_ALGORITHM, AUTH_CAMELLIA_XCBC_96, 0}, + {"camellia256ccm96", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256}, + {"camellia256ccm16", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV16, 256}, + {"camellia256ccm12", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV12, 256}, {"aes192gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, - {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, - {"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192}, - {"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128}, {"aes192gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192}, + {"aes128gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, {"aes128gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128}, {"aes192gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192}, - {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128}, - {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, {"aes192gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 192}, + {"aes128gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128}, {"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128}, - {"prfsha384", PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384, 0}, + {"aes192gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 192}, + {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192}, + {"aes128gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 128}, + {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, + {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192}, + {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128}, + {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0}, {"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, - {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192}, - {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, - {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, {"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, - {"prfaesxcbc", PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0}, + {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0}, + {"ecp512bp", DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0}, {"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, - {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, - {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, {"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, - {"prfcamelliaxcbc", PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0}, - {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192}, - {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128}, - {"modp8192", DIFFIE_HELLMAN_GROUP, MODP_8192_BIT, 0}, + {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0}, + {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0}, + {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, + {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, + {"sha384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, + {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256}, {"aes192gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192}, {"aes128gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128}, - {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256}, - {"md5_128", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_128, 0}, - {"md5", INTEGRITY_ALGORITHM, AUTH_HMAC_MD5_96, 0}, - {"prfaescmac", PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0}, - {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, - {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0}, - {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0}, - {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256}, - {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0}, - {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, - {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256}, - {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0}, - {"modp768", DIFFIE_HELLMAN_GROUP, MODP_768_BIT, 0}, - {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0}, - {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0}, - {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, - {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0}, + {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, + {"ecp256bp", DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0}, + {"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192}, + {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0}, + {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192}, + {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, + {"3des", ENCRYPTION_ALGORITHM, ENCR_3DES, 0}, + {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, {"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0}, - {"sha1_160", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_160, 0}, + {"camellia128ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128}, + {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256}, {"modp2048s256", DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0}, + {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128}, + {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256}, + {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0}, + {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256}, {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192}, - {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0}, - {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, - {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0}, - {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0}, - {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, - {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0}, - {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0}, - {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192}, - {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128}, - {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, - {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, + {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256}, + {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, {"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192}, - {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, {"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, - {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256}, - {"ecp224bp", DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0}, + {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, + {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, + {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, + {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, {"ecp384bp", DIFFIE_HELLMAN_GROUP, ECP_384_BP, 0}, - {"ecp512bp", DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0}, - {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256}, - {"ecp256bp", DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0}, + {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256}, - {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, - {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, - {"noesn", EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0}, - {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0}, - {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0} + {"ecp224bp", DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0}, + {"sha1_160", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_160, 0}, + {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, + {"twofish", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, + {"prfcamelliaxcbc", PSEUDO_RANDOM_FUNCTION, PRF_CAMELLIA128_XCBC, 0}, + {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0}, + {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, + {"twofish128", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 128}, + {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0}, + {"twofish256", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 256}, + {"twofish192", ENCRYPTION_ALGORITHM, ENCR_TWOFISH_CBC, 192}, + {"prfaesxcbc", PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC, 0}, + {"prfaescmac", PSEUDO_RANDOM_FUNCTION, PRF_AES128_CMAC, 0} }; static const short lookup[] = { - -1, -1, -1, -1, 0, -1, -1, -1, -1, -1, - 1, -1, 2, -1, 3, 4, -1, -1, -1, 5, - 6, 7, 8, 9, 10, 11, 12, -1, -1, 13, - 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, - 24, 25, 26, 27, 28, -1, -1, -1, -1, 29, - -1, -1, 30, 31, 32, 33, 34, -1, 35, 36, - 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, - 47, 48, 49, 50, 51, 52, 53, 54, -1, 55, - 56, 57, -1, 58, 59, 60, 61, 62, 63, 64, - 65, 66, 67, -1, 68, 69, 70, 71, 72, 73, - 74, 75, 76, 77, -1, 78, 79, 80, 81, 82, - 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, - -1, 93, 94, 95, 96, 97, 98, 99, 100, -1, - -1, -1, 101, 102, 103, 104, -1, 105, 106, 107, - 108, 109, 110, -1, 111, 112, 113, 114, 115, 116, - 117, 118, 119, 120, 121, 122, 123, 124, -1, 125, - -1, 126, -1, -1, -1, -1, -1, -1, 127, -1, - -1, -1, -1, 128, -1, -1, -1, -1, 129, 130, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, 131, -1, -1, 132, -1, - -1, -1, -1, -1, -1, 133 + 0, -1, 1, 2, -1, -1, -1, -1, -1, -1, + -1, -1, -1, 3, 4, -1, -1, -1, 5, -1, + 6, 7, -1, -1, -1, -1, 8, -1, 9, 10, + -1, -1, 11, -1, 12, -1, 13, -1, 14, 15, + -1, 16, 17, 18, 19, 20, -1, -1, -1, 21, + 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, + 32, 33, 34, 35, 36, 37, -1, 38, 39, -1, + 40, 41, 42, -1, 43, 44, 45, 46, 47, 48, + -1, 49, 50, 51, -1, 52, 53, 54, 55, 56, + 57, 58, 59, -1, -1, 60, 61, 62, 63, 64, + 65, 66, -1, -1, 67, 68, 69, 70, 71, 72, + 73, 74, 75, 76, 77, 78, 79, 80, -1, 81, + 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, + 92, 93, -1, 94, -1, 95, -1, 96, 97, 98, + 99, 100, -1, 101, -1, 102, 103, 104, -1, 105, + 106, 107, 108, 109, -1, 110, -1, 111, -1, 112, + -1, 113, 114, 115, 116, -1, 117, 118, 119, 120, + 121, -1, -1, -1, 122, -1, -1, 123, -1, -1, + 124, -1, 125, 126, 127, -1, -1, -1, 128, -1, + -1, -1, -1, -1, 129, 130, -1, 131, -1, 132, + -1, -1, -1, -1, 133, -1, -1, -1, -1, 134, + -1, -1, -1, -1, -1, 135, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, 136, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, 137 }; #ifdef __GNUC__ diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt index c484320ca..70e79157a 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt +++ b/src/libstrongswan/crypto/proposal/proposal_keywords_static.txt @@ -1,7 +1,7 @@ %{ /* - * Copyright (C) 2009 Andreas Steffen - * Hochschule fuer Technik Rapperswil, Switzerland + * Copyright (C) 2009-2013 Andreas Steffen + * HSR Hochschule fuer Technik Rapperswil, Switzerland * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the @@ -161,5 +161,9 @@ ecp224bp, DIFFIE_HELLMAN_GROUP, ECP_224_BP, 0 ecp256bp, DIFFIE_HELLMAN_GROUP, ECP_256_BP, 0 ecp384bp, DIFFIE_HELLMAN_GROUP, ECP_384_BP, 0 ecp512bp, DIFFIE_HELLMAN_GROUP, ECP_512_BP, 0 +ntru112, DIFFIE_HELLMAN_GROUP, NTRU_112_BIT, 0 +ntru128, DIFFIE_HELLMAN_GROUP, NTRU_128_BIT, 0 +ntru192, DIFFIE_HELLMAN_GROUP, NTRU_192_BIT, 0 +ntru256, DIFFIE_HELLMAN_GROUP, NTRU_256_BIT, 0 noesn, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0 esn, EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0 |