[svn-upgrade] Integrating new upstream version, strongswan (4.2.4)

5 files changed, 34 insertions, 49 deletions

diff --git a/src/libstrongswan/fips/fips.c b/src/libstrongswan/fips/fips.c
index aba292d81..c268a7429 100644
--- a/src/libstrongswan/fips/fips.c
+++ b/src/libstrongswan/fips/fips.c
@@ -1,10 +1,3 @@
-/**
- * @file fips.c
- * 
- * @brief Implementation of the libstrongswan integrity test.
- * 
- */
-
 /*
  * Copyright (C) 2007 Bruno Krieg, Daniel Wydler
  * Hochschule fuer Technik Rapperswil
@@ -18,12 +11,14 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
+ *
+ * $Id: fips.c 3681 2008-03-28 10:21:04Z martin $
  */
 
 #include <stdio.h>
 
 #include <debug.h>
-#include <crypto/signers/hmac_signer.h>
+#include <crypto/signers/signer.h>
 #include "fips.h"
 
 extern const u_char FIPS_rodata_start[];
@@ -61,7 +56,7 @@ bool fips_compute_hmac_signature(const char *key, char *signature)
     DBG1("  RODATA: %p + %6d = %p",
 			FIPS_rodata_start, (int)rodata_len, FIPS_rodata_end);
 
-    signer = (signer_t *)hmac_signer_create(HASH_SHA1, HASH_SIZE_SHA1);
+    signer = lib->crypto->create_signer(lib->crypto, AUTH_HMAC_SHA1_128);
 	if (signer == NULL)
 	{
 	    DBG1("  SHA-1 HMAC signer could not be created");
@@ -69,7 +64,7 @@ bool fips_compute_hmac_signature(const char *key, char *signature)
 	}
 	else
 	{
-		chunk_t hmac_key = { key, strlen(key) };
+		chunk_t hmac_key = { (u_char *)key, strlen(key) };
 		chunk_t text_chunk = { text_start, text_len };
 		chunk_t rodata_chunk = { (u_char *)FIPS_rodata_start, rodata_len };
 		chunk_t signature_chunk = chunk_empty;
diff --git a/src/libstrongswan/fips/fips.h b/src/libstrongswan/fips/fips.h
index decf73bfd..a4ff440ba 100644
--- a/src/libstrongswan/fips/fips.h
+++ b/src/libstrongswan/fips/fips.h
@@ -1,11 +1,3 @@
-/**
- * @file fips.h
- * 
- * @brief Interface of the libstrongswan integrity test
- *
- * @ingroup fips
- */
-
 /*
  * Copyright (C) 2007 Bruno Krieg, Daniel Wydler
  * Hochschule fuer Technik Rapperswil
@@ -19,6 +11,13 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
+ *
+ * $Id: fips.h 3877 2008-04-26 09:40:22Z andreas $
+ */
+ 
+/**
+ * @defgroup fips1 fips
+ * @{ @ingroup fips
  */
 
 #ifndef FIPS_H_
@@ -27,21 +26,21 @@
 #include <library.h>
 
 /**
- * @brief compute HMAC signature over RODATA and TEXT sections of libstrongswan
+ * compute HMAC signature over RODATA and TEXT sections of libstrongswan
  *
- * @param  key		key used for HMAC signature in ASCII string format
- * @param  signature	HMAC signature in HEX string format
- * @return 		TRUE if HMAC signature computation was successful
+ * @param key		key used for HMAC signature in ASCII string format
+ * @param signature	HMAC signature in HEX string format
+ * @return 			TRUE if HMAC signature computation was successful
  */
 bool fips_compute_hmac_signature(const char *key, char *signature);
 
 /**
- * @brief verify HMAC signature over RODATA and TEXT sections of libstrongswan
+ * verify HMAC signature over RODATA and TEXT sections of libstrongswan
  *
- * @param  key		key used for HMAC signature in ASCII string format
- * @param  signature	signature value from fips_signature.h in HEX string format
- * @return		TRUE if signatures agree
+ * @param key		key used for HMAC signature in ASCII string format
+ * @param signature	signature value from fips_signature.h in HEX string format
+ * @return			TRUE if signatures agree
  */
 bool fips_verify_hmac_signature(const char *key, const char *signature);
 
-#endif /*FIPS_H_*/
+#endif /*FIPS_H_ @} */
diff --git a/src/libstrongswan/fips/fips_canister_end.c b/src/libstrongswan/fips/fips_canister_end.c
index 46d41a664..93f78e696 100644
--- a/src/libstrongswan/fips/fips_canister_end.c
+++ b/src/libstrongswan/fips/fips_canister_end.c
@@ -1,14 +1,9 @@
-/**
- * @file fips_canister_end.c
- * 
- * @brief Marks the end of TEXT and RODATA.
- * 
- */
-
 /* ====================================================================
  * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution
  * and usage in source and binary forms are granted according to the
  * OpenSSL license.
+ *
+ * $Id: fips_canister_end.c 3589 2008-03-13 14:14:44Z martin $
  */
 
 #include <stdio.h>
diff --git a/src/libstrongswan/fips/fips_canister_start.c b/src/libstrongswan/fips/fips_canister_start.c
index eaf2571f8..a15517ec1 100644
--- a/src/libstrongswan/fips/fips_canister_start.c
+++ b/src/libstrongswan/fips/fips_canister_start.c
@@ -1,14 +1,9 @@
-/**
- * @file fips_canister_start.c
- * 
- * @brief Marks the start of TEXT and RODATA.
- * 
- */
-
 /* ====================================================================
  * Copyright (c) 2005 The OpenSSL Project. Rights for redistribution
  * and usage in source and binary forms are granted according to the
  * OpenSSL license.
+ *
+ * $Id: fips_canister_start.c 3589 2008-03-13 14:14:44Z martin $
  */
 
 #include <stdio.h>
diff --git a/src/libstrongswan/fips/fips_signer.c b/src/libstrongswan/fips/fips_signer.c
index 7fb61d5b7..81a5874f7 100644
--- a/src/libstrongswan/fips/fips_signer.c
+++ b/src/libstrongswan/fips/fips_signer.c
@@ -1,10 +1,3 @@
-/**
- * @file fips_signer.c
- * 
- * @brief Computes a HMAC signature and stores it in fips_signature.h.
- * 
- */
-
 /*
  * Copyright (C) 2007 Bruno Krieg, Daniel Wydler
  * Hochschule fuer Technik Rapperswil, Switzerland
@@ -18,6 +11,8 @@
  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
+ *
+ * $Id: fips_signer.c 3964 2008-05-15 14:01:26Z martin $
  */
 
 #include <stdio.h>
@@ -31,6 +26,10 @@ int main(int argc, char* argv[])
 	char *hmac_key = "strongSwan Version " VERSION;
 	char  hmac_signature[BUF_LEN];
 
+	/* initialize library */
+	library_init(STRONGSWAN_CONF);
+	lib->plugins->load(lib->plugins, IPSEC_PLUGINDIR, "sha1 hmac");
+
 	if (!fips_compute_hmac_signature(hmac_key, hmac_signature))
 	{
 		exit(1);
@@ -57,7 +56,9 @@ int main(int argc, char* argv[])
 	fprintf(f, "const char *hmac_key = \"%s\";\n", hmac_key);
 	fprintf(f, "const char *hmac_signature = \"%s\";\n", hmac_signature);
 	fprintf(f, "\n");
-	fprintf(f, "#endif /* FIPS_SIGNATURE_H_ */\n");
+	fprintf(f, "#endif /* FIPS_SIGNATURE_H_ @} */\n");
 	fclose(f);
+
+	library_deinit();
 	exit(0);
 }