diff options
author | René Mayrhofer <rene@mayrhofer.eu.org> | 2011-05-19 13:37:29 +0200 |
---|---|---|
committer | René Mayrhofer <rene@mayrhofer.eu.org> | 2011-05-19 13:37:29 +0200 |
commit | 0a9d51a49042a68daa15b0c74a2b7f152f52606b (patch) | |
tree | 451888dcb17d00e52114f734e846821373fbbd44 /src/libstrongswan/crypto | |
parent | 568905f488e63e28778f87ac0e38d845f45bae79 (diff) | |
download | vyos-strongswan-0a9d51a49042a68daa15b0c74a2b7f152f52606b.tar.gz vyos-strongswan-0a9d51a49042a68daa15b0c74a2b7f152f52606b.zip |
Imported Upstream version 4.5.2
Diffstat (limited to 'src/libstrongswan/crypto')
-rw-r--r-- | src/libstrongswan/crypto/crypto_tester.c | 6 | ||||
-rw-r--r-- | src/libstrongswan/crypto/crypto_tester.h | 2 | ||||
-rw-r--r-- | src/libstrongswan/crypto/proposal/proposal_keywords.c | 141 | ||||
-rw-r--r-- | src/libstrongswan/crypto/proposal/proposal_keywords.txt | 2 | ||||
-rw-r--r-- | src/libstrongswan/crypto/transform.c | 5 | ||||
-rw-r--r-- | src/libstrongswan/crypto/transform.h | 13 |
6 files changed, 96 insertions, 73 deletions
diff --git a/src/libstrongswan/crypto/crypto_tester.c b/src/libstrongswan/crypto/crypto_tester.c index 276f4329a..4635dccea 100644 --- a/src/libstrongswan/crypto/crypto_tester.c +++ b/src/libstrongswan/crypto/crypto_tester.c @@ -247,7 +247,7 @@ METHOD(crypto_tester_t, test_crypter, bool, { DBG1(DBG_LIB,"disable %N[%s]: no key size supported", encryption_algorithm_names, alg, plugin_name); - return FALSE; + return FALSE; } else { @@ -263,7 +263,7 @@ METHOD(crypto_tester_t, test_crypter, bool, { *speed = bench_crypter(this, alg, create); DBG1(DBG_LIB, "enabled %N[%s]: passed %u test vectors, %d points", - encryption_algorithm_names, alg, tested, plugin_name, *speed); + encryption_algorithm_names, alg, plugin_name, tested, *speed); } else { @@ -417,7 +417,7 @@ METHOD(crypto_tester_t, test_aead, bool, { DBG1(DBG_LIB,"disable %N[%s]: no key size supported", encryption_algorithm_names, alg, plugin_name); - return FALSE; + return FALSE; } else { diff --git a/src/libstrongswan/crypto/crypto_tester.h b/src/libstrongswan/crypto/crypto_tester.h index 019c87c39..9ac665929 100644 --- a/src/libstrongswan/crypto/crypto_tester.h +++ b/src/libstrongswan/crypto/crypto_tester.h @@ -72,7 +72,7 @@ struct aead_test_vector_t { struct signer_test_vector_t { /** signer algorithm this test vector tests */ - pseudo_random_function_t alg; + integrity_algorithm_t alg; /** key to use, with a length the algorithm expects */ u_char *key; /** size of the input data */ diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.c b/src/libstrongswan/crypto/proposal/proposal_keywords.c index 10ab9fc23..d65955a2e 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords.c +++ b/src/libstrongswan/crypto/proposal/proposal_keywords.c @@ -59,12 +59,12 @@ struct proposal_token { u_int16_t keysize; }; -#define TOTAL_KEYWORDS 117 +#define TOTAL_KEYWORDS 119 #define MIN_WORD_LENGTH 3 #define MAX_WORD_LENGTH 17 #define MIN_HASH_VALUE 9 -#define MAX_HASH_VALUE 209 -/* maximum key range = 201, duplicates = 0 */ +#define MAX_HASH_VALUE 213 +/* maximum key range = 205, duplicates = 0 */ #ifdef __GNUC__ __inline @@ -80,32 +80,32 @@ hash (str, len) { static const unsigned char asso_values[] = { - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 16, 9, - 4, 41, 66, 19, 8, 4, 5, 3, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 122, 210, 3, 22, 21, - 3, 111, 103, 48, 7, 4, 210, 210, 3, 210, - 57, 3, 210, 210, 78, 6, 3, 28, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210, 210, 210, 210, - 210, 210, 210, 210, 210, 210, 210 + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 14, 9, + 4, 34, 66, 19, 8, 4, 5, 3, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 131, 214, 3, 22, 21, + 3, 1, 101, 48, 3, 4, 214, 214, 3, 214, + 57, 4, 214, 214, 94, 6, 3, 32, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214, 214, 214, 214, + 214, 214, 214, 214, 214, 214, 214 }; register int hval = len; @@ -143,14 +143,19 @@ hash (str, len) static const struct proposal_token wordlist[] = { {"sha", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, + {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0}, {"null", ENCRYPTION_ALGORITHM, ENCR_NULL, 0}, {"sha1", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA1_96, 0}, + {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, {"camellia", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, {"sha512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, + {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192}, + {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, {"camellia192", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 192}, {"cast128", ENCRYPTION_ALGORITHM, ENCR_CAST, 128}, {"camellia128", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CBC, 128}, {"aes", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, + {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256}, {"aes192", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 192}, {"sha256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, {"aes128", ENCRYPTION_ALGORITHM, ENCR_AES_CBC, 128}, @@ -209,81 +214,79 @@ static const struct proposal_token wordlist[] = {"aes128gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 128}, {"camellia192ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 192}, {"camellia128ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 128}, - {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192}, - {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128}, {"modp1024s160", DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0}, + {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0}, {"aes256gcm8", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, {"aes256gcm96", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, {"aes256gcm12", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, 256}, - {"modp3072", DIFFIE_HELLMAN_GROUP, MODP_3072_BIT, 0}, - {"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, {"ecp192", DIFFIE_HELLMAN_GROUP, ECP_192_BIT, 0}, + {"aes256gcm128", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, + {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0}, {"aes256gcm16", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, 256}, {"camellia256ccm64", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CCM_ICV8, 256}, - {"des", ENCRYPTION_ALGORITHM, ENCR_DES, 0}, - {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256}, {"ecp521", DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0}, - {"modp1536", DIFFIE_HELLMAN_GROUP, MODP_1536_BIT, 0}, + {"camellia192ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 192}, + {"camellia128ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 128}, + {"noesn", EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0}, {"aes192gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 192}, {"aes128gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 128}, - {"serpent", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, {"modpnull", DIFFIE_HELLMAN_GROUP, MODP_NULL, 0}, {"aes192ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 192}, {"aes128ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 128}, - {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192}, - {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128}, - {"serpent192", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 192}, {"ecp256", DIFFIE_HELLMAN_GROUP, ECP_256_BIT, 0}, - {"serpent128", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 128}, + {"camellia256ctr", ENCRYPTION_ALGORITHM, ENCR_CAMELLIA_CTR, 256}, + {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, {"modp2048", DIFFIE_HELLMAN_GROUP, MODP_2048_BIT, 0}, {"aes256gmac", ENCRYPTION_ALGORITHM, ENCR_NULL_AUTH_AES_GMAC, 256}, {"modp4096", DIFFIE_HELLMAN_GROUP, MODP_4096_BIT, 0}, - {"serpent256", ENCRYPTION_ALGORITHM, ENCR_SERPENT_CBC, 256}, {"modp1024", DIFFIE_HELLMAN_GROUP, MODP_1024_BIT, 0}, - {"blowfish", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, - {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, - {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, {"blowfish192", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 192}, - {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256}, + {"aes256ccm64", ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, 256}, {"blowfish128", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 128}, + {"aes192ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 192}, + {"aes128ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 128}, {"modp2048s256", DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0}, + {"sha2_512", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_512_256, 0}, {"aes192gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 192}, {"aes128gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 128}, + {"esn", EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0}, + {"aes256ctr", ENCRYPTION_ALGORITHM, ENCR_AES_CTR, 256}, + {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256}, {"sha2_256", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_128, 0}, {"sha256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, - {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, - {"blowfish256", ENCRYPTION_ALGORITHM, ENCR_BLOWFISH, 256}, {"aes256gcm64", ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, 256}, + {"sha2_256_96", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_256_96, 0}, {"ecp224", DIFFIE_HELLMAN_GROUP, ECP_224_BIT, 0}, {"ecp384", DIFFIE_HELLMAN_GROUP, ECP_384_BIT, 0}, - {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0}, {"modp6144", DIFFIE_HELLMAN_GROUP, MODP_6144_BIT, 0}, - {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0} + {"modp2048s224", DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0}, + {"sha2_384", INTEGRITY_ALGORITHM, AUTH_HMAC_SHA2_384_192, 0} }; static const short lookup[] = { -1, -1, -1, -1, -1, -1, -1, -1, -1, 0, - 1, -1, -1, -1, -1, -1, 2, -1, -1, -1, - -1, 3, 4, -1, -1, -1, -1, -1, 5, 6, - 7, 8, -1, -1, -1, 9, 10, 11, 12, 13, - 14, 15, 16, 17, 18, 19, 20, 21, 22, -1, - -1, -1, -1, 23, 24, 25, 26, 27, 28, 29, - 30, -1, 31, -1, 32, 33, 34, 35, 36, 37, - 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, - 48, -1, 49, -1, 50, -1, 51, -1, 52, -1, - 53, -1, 54, 55, 56, 57, 58, 59, 60, 61, - 62, 63, 64, 65, 66, 67, 68, 69, -1, 70, - -1, 71, -1, 72, 73, 74, 75, 76, -1, 77, - 78, 79, 80, 81, -1, 82, 83, 84, 85, -1, - -1, 86, 87, 88, 89, 90, 91, 92, -1, -1, - 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, - 103, 104, -1, -1, -1, -1, -1, -1, 105, 106, - 107, 108, -1, -1, -1, -1, 109, -1, 110, -1, - -1, -1, -1, -1, 111, -1, -1, -1, -1, 112, - 113, -1, -1, -1, -1, -1, -1, -1, -1, -1, + 1, 2, -1, -1, -1, -1, 3, 4, -1, -1, + -1, 5, 6, -1, -1, 7, -1, 8, 9, 10, + 11, 12, -1, 13, -1, 14, 15, 16, 17, 18, + 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, + -1, -1, -1, -1, 29, 30, 31, 32, 33, 34, + 35, -1, 36, -1, 37, 38, 39, 40, 41, 42, + 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, + 53, -1, 54, -1, 55, -1, 56, -1, 57, -1, + 58, -1, 59, 60, 61, 62, 63, 64, 65, 66, + 67, 68, 69, 70, 71, 72, -1, 73, -1, 74, + -1, 75, -1, 76, 77, 78, 79, 80, -1, 81, + 82, 83, 84, 85, -1, 86, 87, -1, 88, -1, + -1, 89, 90, -1, 91, -1, -1, 92, -1, 93, + 94, 95, 96, -1, 97, -1, 98, 99, 100, 101, + 102, 103, -1, -1, -1, 104, -1, -1, 105, 106, + -1, 107, -1, -1, -1, 108, 109, -1, -1, 110, + 111, -1, -1, -1, 112, 113, -1, 114, 115, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, 114, 115, -1, -1, -1, 116 + -1, -1, -1, -1, -1, 116, -1, -1, -1, 117, + -1, -1, -1, 118 }; #ifdef __GNUC__ diff --git a/src/libstrongswan/crypto/proposal/proposal_keywords.txt b/src/libstrongswan/crypto/proposal/proposal_keywords.txt index 208c6715b..4ef664d8f 100644 --- a/src/libstrongswan/crypto/proposal/proposal_keywords.txt +++ b/src/libstrongswan/crypto/proposal/proposal_keywords.txt @@ -146,3 +146,5 @@ ecp521, DIFFIE_HELLMAN_GROUP, ECP_521_BIT, 0 modp1024s160, DIFFIE_HELLMAN_GROUP, MODP_1024_160, 0 modp2048s224, DIFFIE_HELLMAN_GROUP, MODP_2048_224, 0 modp2048s256, DIFFIE_HELLMAN_GROUP, MODP_2048_256, 0 +noesn, EXTENDED_SEQUENCE_NUMBERS, NO_EXT_SEQ_NUMBERS, 0 +esn, EXTENDED_SEQUENCE_NUMBERS, EXT_SEQ_NUMBERS, 0 diff --git a/src/libstrongswan/crypto/transform.c b/src/libstrongswan/crypto/transform.c index cec90a616..1e108f1de 100644 --- a/src/libstrongswan/crypto/transform.c +++ b/src/libstrongswan/crypto/transform.c @@ -28,3 +28,8 @@ ENUM_NEXT(transform_type_names, ENCRYPTION_ALGORITHM, EXTENDED_SEQUENCE_NUMBERS, "EXTENDED_SEQUENCE_NUMBERS"); ENUM_END(transform_type_names, EXTENDED_SEQUENCE_NUMBERS); + +ENUM(extended_sequence_numbers_names, NO_EXT_SEQ_NUMBERS, EXT_SEQ_NUMBERS, + "NO_EXT_SEQ", + "EXT_SEQ", +); diff --git a/src/libstrongswan/crypto/transform.h b/src/libstrongswan/crypto/transform.h index 1a2660199..1393c674c 100644 --- a/src/libstrongswan/crypto/transform.h +++ b/src/libstrongswan/crypto/transform.h @@ -45,4 +45,17 @@ enum transform_type_t { */ extern enum_name_t *transform_type_names; +/** + * Extended sequence numbers, as in IKEv2 RFC 3.3.2. + */ +enum extended_sequence_numbers_t { + NO_EXT_SEQ_NUMBERS = 0, + EXT_SEQ_NUMBERS = 1 +}; + +/** + * enum strings for extended_sequence_numbers_t. + */ +extern enum_name_t *extended_sequence_numbers_names; + #endif /** TRANSFORM_H_ @}*/ |