[svn-upgrade] Integrating new upstream version, strongswan (4.2.8)

7 files changed, 218 insertions, 137 deletions

diff --git a/src/libstrongswan/plugins/sha1/Makefile.am b/src/libstrongswan/plugins/sha1/Makefile.am
index 299e85083..5de45e4e8 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.am
+++ b/src/libstrongswan/plugins/sha1/Makefile.am
@@ -5,6 +5,7 @@ AM_CFLAGS = -rdynamic
 
 plugin_LTLIBRARIES = libstrongswan-sha1.la
 
-libstrongswan_sha1_la_SOURCES = sha1_plugin.h sha1_plugin.c sha1_hasher.c sha1_hasher.h
+libstrongswan_sha1_la_SOURCES = sha1_plugin.h sha1_plugin.c \
+	sha1_hasher.c sha1_hasher.h sha1_prf.c sha1_prf.h
 libstrongswan_sha1_la_LDFLAGS = -module
 
diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in
index b57c46aee..df6845b43 100644
--- a/src/libstrongswan/plugins/sha1/Makefile.in
+++ b/src/libstrongswan/plugins/sha1/Makefile.in
@@ -50,7 +50,8 @@ am__installdirs = "$(DESTDIR)$(plugindir)"
 pluginLTLIBRARIES_INSTALL = $(INSTALL)
 LTLIBRARIES = $(plugin_LTLIBRARIES)
 libstrongswan_sha1_la_LIBADD =
-am_libstrongswan_sha1_la_OBJECTS = sha1_plugin.lo sha1_hasher.lo
+am_libstrongswan_sha1_la_OBJECTS = sha1_plugin.lo sha1_hasher.lo \
+	sha1_prf.lo
 libstrongswan_sha1_la_OBJECTS = $(am_libstrongswan_sha1_la_OBJECTS)
 libstrongswan_sha1_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
 	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
@@ -187,6 +188,8 @@ localedir = @localedir@
 localstatedir = @localstatedir@
 mandir = @mandir@
 mkdir_p = @mkdir_p@
+nm_CFLAGS = @nm_CFLAGS@
+nm_LIBS = @nm_LIBS@
 oldincludedir = @oldincludedir@
 pdfdir = @pdfdir@
 piddir = @piddir@
@@ -209,7 +212,9 @@ xml_LIBS = @xml_LIBS@
 INCLUDES = -I$(top_srcdir)/src/libstrongswan
 AM_CFLAGS = -rdynamic
 plugin_LTLIBRARIES = libstrongswan-sha1.la
-libstrongswan_sha1_la_SOURCES = sha1_plugin.h sha1_plugin.c sha1_hasher.c sha1_hasher.h
+libstrongswan_sha1_la_SOURCES = sha1_plugin.h sha1_plugin.c \
+	sha1_hasher.c sha1_hasher.h sha1_prf.c sha1_prf.h
+
 libstrongswan_sha1_la_LDFLAGS = -module
 all: all-am
 
@@ -282,6 +287,7 @@ distclean-compile:
 
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha1_hasher.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha1_plugin.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha1_prf.Plo@am__quote@
 
 .c.o:
 @am__fastdepCC_TRUE@	$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
diff --git a/src/libstrongswan/plugins/sha1/sha1_hasher.c b/src/libstrongswan/plugins/sha1/sha1_hasher.c
index c496be8f4..ea0882cb5 100644
--- a/src/libstrongswan/plugins/sha1/sha1_hasher.c
+++ b/src/libstrongswan/plugins/sha1/sha1_hasher.c
@@ -16,7 +16,7 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: sha1_hasher.c 3619 2008-03-19 14:02:52Z martin $
+ * $Id: sha1_hasher.c 4308 2008-08-28 10:57:24Z martin $
  */
 
 #include <string.h>
@@ -47,7 +47,6 @@
 
 
 typedef struct private_sha1_hasher_t private_sha1_hasher_t;
-typedef struct private_sha1_keyed_prf_t private_sha1_keyed_prf_t;
 
 /**
  * Private data structure with hasing context.
@@ -59,28 +58,13 @@ struct private_sha1_hasher_t {
 	sha1_hasher_t public;
 	
 	/*
-	 * State of the hasher.
+	 * State of the hasher. Shared with sha1_prf.c, do not change it!!!
 	 */
 	u_int32_t state[5];
     u_int32_t count[2];
     u_int8_t buffer[64];
 };
 
-/**
- * Private data structure with keyed prf context.
- */
-struct private_sha1_keyed_prf_t {
-	/**
-	 * public prf interface
-	 */
-	sha1_keyed_prf_t public;
-
-	/**
-	 * internal used hasher
-	 */
-	private_sha1_hasher_t *hasher;
-};
-
 /* 
  * Hash a single 512-bit block. This is the core of the algorithm. *
  */
@@ -132,10 +116,10 @@ static void SHA1Transform(u_int32_t state[5], const unsigned char buffer[64])
     memset(block, '\0', sizeof(block));
 }
 
-/* 
- * Run your data through this. 
+/**
+ * Run your data through this. Also used in sha1_prf.
  */
-static void SHA1Update(private_sha1_hasher_t* this, u_int8_t *data, u_int32_t len)
+void SHA1Update(private_sha1_hasher_t* this, u_int8_t *data, u_int32_t len)
 {
 	u_int32_t i;
 	u_int32_t j;
@@ -275,92 +259,3 @@ sha1_hasher_t *sha1_hasher_create(hash_algorithm_t algo)
 	return &(this->public);
 }
 
-/**
- * Implementation of prf_t.get_bytes.
- */
-static void get_bytes(private_sha1_keyed_prf_t *this, chunk_t seed, u_int8_t *bytes)
-{
-	u_int32_t *hash = (u_int32_t*)bytes;
-
-	SHA1Update(this->hasher, seed.ptr, seed.len);
-
-	hash[0] = htonl(this->hasher->state[0]);
-	hash[1] = htonl(this->hasher->state[1]);
-	hash[2] = htonl(this->hasher->state[2]);
-	hash[3] = htonl(this->hasher->state[3]);
-	hash[4] = htonl(this->hasher->state[4]);
-}
-
-/**
- * Implementation of prf_t.get_block_size.
- */
-static size_t get_block_size(private_sha1_keyed_prf_t *this)
-{
-	return HASH_SIZE_SHA1;
-}
-
-/**
- * Implementation of prf_t.allocate_bytes.
- */
-static void allocate_bytes(private_sha1_keyed_prf_t *this, chunk_t seed, chunk_t *chunk)
-{
-	*chunk = chunk_alloc(HASH_SIZE_SHA1);
-	get_bytes(this, seed, chunk->ptr);
-}
-
-/**
- * Implementation of prf_t.get_key_size.
- */
-static size_t get_key_size(private_sha1_keyed_prf_t *this)
-{
-	return sizeof(this->hasher->state);
-}
-
-/**
- * Implementation of prf_t.set_key.
- */
-static void set_key(private_sha1_keyed_prf_t *this, chunk_t key)
-{
-	int i, rounds;
-	u_int32_t *iv = (u_int32_t*)key.ptr;
-	
-	reset(this->hasher);
-	rounds = min(key.len/sizeof(u_int32_t), sizeof(this->hasher->state));
-	for (i = 0; i < rounds; i++)
-	{
-		this->hasher->state[i] ^= htonl(iv[i]);
-	}
-}
-
-/**
- * Implementation of prf_t.destroy.
- */
-static void destroy_p(private_sha1_keyed_prf_t *this)
-{
-	destroy(this->hasher);
-	free(this);
-}
-
-/**
- * see header
- */
-sha1_keyed_prf_t *sha1_keyed_prf_create(pseudo_random_function_t algo)
-{
-	private_sha1_keyed_prf_t *this;
-	if (algo != PRF_KEYED_SHA1)
-	{
-		return NULL;
-	}
-	this = malloc_thing(private_sha1_keyed_prf_t);
-	this->public.prf_interface.get_bytes = (void (*) (prf_t *,chunk_t,u_int8_t*))get_bytes;
-	this->public.prf_interface.allocate_bytes = (void (*) (prf_t*,chunk_t,chunk_t*))allocate_bytes;
-	this->public.prf_interface.get_block_size = (size_t (*) (prf_t*))get_block_size;
-	this->public.prf_interface.get_key_size = (size_t (*) (prf_t*))get_key_size;
-	this->public.prf_interface.set_key = (void (*) (prf_t *,chunk_t))set_key;
-	this->public.prf_interface.destroy = (void (*) (prf_t *))destroy_p;
-	
-	this->hasher = (private_sha1_hasher_t*)sha1_hasher_create(HASH_SHA1);
-	
-	return &(this->public);
-}
-
diff --git a/src/libstrongswan/plugins/sha1/sha1_hasher.h b/src/libstrongswan/plugins/sha1/sha1_hasher.h
index 2e44797d8..7dcb0b8b3 100644
--- a/src/libstrongswan/plugins/sha1/sha1_hasher.h
+++ b/src/libstrongswan/plugins/sha1/sha1_hasher.h
@@ -23,10 +23,8 @@
 #define SHA1_HASHER_H_
 
 typedef struct sha1_hasher_t sha1_hasher_t;
-typedef struct sha1_keyed_prf_t sha1_keyed_prf_t;
 
 #include <crypto/hashers/hasher.h>
-#include <crypto/prfs/prf.h>
 
 /**
  * Implementation of hasher_t interface using the SHA1 algorithm.
@@ -40,17 +38,6 @@ struct sha1_hasher_t {
 };
 
 /**
- * Implementation of prf_t interface using keyed SHA1 algorithm (used for EAP-AKA).
- */
-struct sha1_keyed_prf_t {
-	
-	/**
-	 * Implements prf_t interface.
-	 */
-	prf_t prf_interface;
-};
-
-/**
  * Creates a new sha1_hasher_t.
  *
  * @param algo		algorithm, must be HASH_SHA1
@@ -58,12 +45,4 @@ struct sha1_keyed_prf_t {
  */
 sha1_hasher_t *sha1_hasher_create(hash_algorithm_t algo);
 
-/**
- * Creates a new sha1_keyed_prf_t.
- *
- * @param algo		algorithm, must be PRF_KEYED_SHA1
- * @return			sha1_keyed_prf_tobject
- */
-sha1_keyed_prf_t *sha1_keyed_prf_create(pseudo_random_function_t algo);
-
 #endif /*SHA1_HASHER_H_ @}*/
diff --git a/src/libstrongswan/plugins/sha1/sha1_plugin.c b/src/libstrongswan/plugins/sha1/sha1_plugin.c
index e8da99e6c..58f0faf56 100644
--- a/src/libstrongswan/plugins/sha1/sha1_plugin.c
+++ b/src/libstrongswan/plugins/sha1/sha1_plugin.c
@@ -12,13 +12,14 @@
  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  * for more details.
  *
- * $Id: sha1_plugin.c 3619 2008-03-19 14:02:52Z martin $
+ * $Id: sha1_plugin.c 4308 2008-08-28 10:57:24Z martin $
  */
 
 #include "sha1_plugin.h"
 
 #include <library.h>
 #include "sha1_hasher.h"
+#include "sha1_prf.h"
 
 typedef struct private_sha1_plugin_t private_sha1_plugin_t;
 
@@ -41,7 +42,7 @@ static void destroy(private_sha1_plugin_t *this)
 	lib->crypto->remove_hasher(lib->crypto,
 							   (hasher_constructor_t)sha1_hasher_create);
 	lib->crypto->remove_prf(lib->crypto,
-							   (prf_constructor_t)sha1_keyed_prf_create);
+							   (prf_constructor_t)sha1_prf_create);
 	free(this);
 }
 
@@ -57,7 +58,7 @@ plugin_t *plugin_create()
 	lib->crypto->add_hasher(lib->crypto, HASH_SHA1,
 							(hasher_constructor_t)sha1_hasher_create);
 	lib->crypto->add_prf(lib->crypto, PRF_KEYED_SHA1,
-							(prf_constructor_t)sha1_keyed_prf_create);
+							(prf_constructor_t)sha1_prf_create);
 	
 	return &this->public.plugin;
 }
diff --git a/src/libstrongswan/plugins/sha1/sha1_prf.c b/src/libstrongswan/plugins/sha1/sha1_prf.c
new file mode 100644
index 000000000..668801caf
--- /dev/null
+++ b/src/libstrongswan/plugins/sha1/sha1_prf.c
@@ -0,0 +1,152 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ *
+ * $Id$
+ */
+
+#include "sha1_prf.h"
+#include "sha1_hasher.h"
+
+#include <arpa/inet.h>
+
+typedef struct private_sha1_prf_t private_sha1_prf_t;
+typedef struct private_sha1_hasher_t private_sha1_hasher_t;
+
+/**
+ * Private data structure with hasing context.
+ */
+struct private_sha1_hasher_t {
+	/**
+	 * Public interface for this hasher.
+	 */
+	sha1_hasher_t public;
+	
+	/*
+	 * State of the hasher. From sha1_hasher.c, do not change it!
+	 */
+	u_int32_t state[5];
+    u_int32_t count[2];
+    u_int8_t buffer[64];
+};
+
+/**
+ * Private data structure with keyed prf context.
+ */
+struct private_sha1_prf_t {
+
+	/**
+	 * public prf interface
+	 */
+	sha1_prf_t public;
+
+	/**
+	 * internal used hasher
+	 */
+	private_sha1_hasher_t *hasher;
+};
+
+/**
+ * From sha1_hasher.c
+ */
+extern void SHA1Update(private_sha1_hasher_t* this, u_int8_t *data, u_int32_t len);
+
+/**
+ * Implementation of prf_t.get_bytes.
+ */
+static void get_bytes(private_sha1_prf_t *this, chunk_t seed, u_int8_t *bytes)
+{
+	u_int32_t *hash = (u_int32_t*)bytes;
+
+	SHA1Update(this->hasher, seed.ptr, seed.len);
+
+	hash[0] = htonl(this->hasher->state[0]);
+	hash[1] = htonl(this->hasher->state[1]);
+	hash[2] = htonl(this->hasher->state[2]);
+	hash[3] = htonl(this->hasher->state[3]);
+	hash[4] = htonl(this->hasher->state[4]);
+}
+
+/**
+ * Implementation of prf_t.get_block_size.
+ */
+static size_t get_block_size(private_sha1_prf_t *this)
+{
+	return HASH_SIZE_SHA1;
+}
+
+/**
+ * Implementation of prf_t.allocate_bytes.
+ */
+static void allocate_bytes(private_sha1_prf_t *this, chunk_t seed, chunk_t *chunk)
+{
+	*chunk = chunk_alloc(HASH_SIZE_SHA1);
+	get_bytes(this, seed, chunk->ptr);
+}
+
+/**
+ * Implementation of prf_t.get_key_size.
+ */
+static size_t get_key_size(private_sha1_prf_t *this)
+{
+	return sizeof(this->hasher->state);
+}
+
+/**
+ * Implementation of prf_t.set_key.
+ */
+static void set_key(private_sha1_prf_t *this, chunk_t key)
+{
+	int i, rounds;
+	u_int32_t *iv = (u_int32_t*)key.ptr;
+	
+	this->hasher->public.hasher_interface.reset(&this->hasher->public.hasher_interface);
+	rounds = min(key.len/sizeof(u_int32_t), sizeof(this->hasher->state));
+	for (i = 0; i < rounds; i++)
+	{
+		this->hasher->state[i] ^= htonl(iv[i]);
+	}
+}
+
+/**
+ * Implementation of prf_t.destroy.
+ */
+static void destroy(private_sha1_prf_t *this)
+{
+	this->hasher->public.hasher_interface.destroy(&this->hasher->public.hasher_interface);
+	free(this);
+}
+
+/**
+ * see header
+ */
+sha1_prf_t *sha1_prf_create(pseudo_random_function_t algo)
+{
+	private_sha1_prf_t *this;
+	if (algo != PRF_KEYED_SHA1)
+	{
+		return NULL;
+	}
+	this = malloc_thing(private_sha1_prf_t);
+	this->public.prf_interface.get_bytes = (void (*) (prf_t *,chunk_t,u_int8_t*))get_bytes;
+	this->public.prf_interface.allocate_bytes = (void (*) (prf_t*,chunk_t,chunk_t*))allocate_bytes;
+	this->public.prf_interface.get_block_size = (size_t (*) (prf_t*))get_block_size;
+	this->public.prf_interface.get_key_size = (size_t (*) (prf_t*))get_key_size;
+	this->public.prf_interface.set_key = (void (*) (prf_t *,chunk_t))set_key;
+	this->public.prf_interface.destroy = (void (*) (prf_t *))destroy;
+	
+	this->hasher = (private_sha1_hasher_t*)sha1_hasher_create(HASH_SHA1);
+	
+	return &this->public;
+}
+
diff --git a/src/libstrongswan/plugins/sha1/sha1_prf.h b/src/libstrongswan/plugins/sha1/sha1_prf.h
new file mode 100644
index 000000000..a0f56b681
--- /dev/null
+++ b/src/libstrongswan/plugins/sha1/sha1_prf.h
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+/**
+ * @defgroup sha1_prf sha1_prf
+ * @{ @ingroup sha1_p
+ */
+
+#ifndef SHA1_PRF_H_
+#define SHA1_PRF_H_
+
+typedef struct sha1_prf_t sha1_prf_t;
+
+#include <crypto/prfs/prf.h>
+
+/**
+ * Implementation of prf_t interface using keyed SHA1 algorithm (used for EAP-AKA).
+ */
+struct sha1_prf_t {
+	
+	/**
+	 * Implements prf_t interface.
+	 */
+	prf_t prf_interface;
+};
+
+/**
+ * Creates a new sha1_prf_t.
+ *
+ * @param algo		algorithm, must be PRF_KEYED_SHA1
+ * @return			sha1_keyed_prf_tobject
+ */
+sha1_prf_t *sha1_prf_create(pseudo_random_function_t algo);
+
+#endif /*SHA1_PRF_H_ @}*/