diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-06-23 11:35:38 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2009-06-23 11:35:38 +0000 |
| commit | 7c52c3f35cdbdff58443b994f2f33d13b4d81f57 (patch) | |
| tree | e54a27979ea72ec41702bec2984c2eadac3b8862 /src/libstrongswan/plugins | |
| parent | 4ef45ba0404dac3773e83af995a5ec584b23d633 (diff) | |
| download | vyos-strongswan-7c52c3f35cdbdff58443b994f2f33d13b4d81f57.tar.gz vyos-strongswan-7c52c3f35cdbdff58443b994f2f33d13b4d81f57.zip | |
Updated to new upstream version.
Diffstat (limited to 'src/libstrongswan/plugins')
155 files changed, 9747 insertions, 715 deletions
diff --git a/src/libstrongswan/plugins/aes/Makefile.in b/src/libstrongswan/plugins/aes/Makefile.in index e4eb7e5cf..19d3249b5 100644 --- a/src/libstrongswan/plugins/aes/Makefile.in +++ b/src/libstrongswan/plugins/aes/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -87,6 +87,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -109,6 +110,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -120,6 +124,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -133,6 +138,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -193,6 +200,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -204,6 +212,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -221,8 +230,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -317,7 +326,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/aes/aes_crypter.c b/src/libstrongswan/plugins/aes/aes_crypter.c index ce4c6da99..c5b091750 100644 --- a/src/libstrongswan/plugins/aes/aes_crypter.c +++ b/src/libstrongswan/plugins/aes/aes_crypter.c @@ -13,8 +13,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: aes_crypter.c 3900 2008-04-30 14:02:25Z martin $ */ #include "aes_crypter.h" @@ -34,8 +32,6 @@ #define AES_KS_LENGTH 120 #define AES_RC_LENGTH 29 -#define AES_BLOCK_SIZE 16 - typedef struct private_aes_crypter_t private_aes_crypter_t; /** diff --git a/src/libstrongswan/plugins/aes/aes_plugin.c b/src/libstrongswan/plugins/aes/aes_plugin.c index 71e49ad73..63fa48330 100644 --- a/src/libstrongswan/plugins/aes/aes_plugin.c +++ b/src/libstrongswan/plugins/aes/aes_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: aes_plugin.c 3488 2008-02-21 15:10:02Z martin $ */ #include "aes_plugin.h" diff --git a/src/libstrongswan/plugins/agent/Makefile.in b/src/libstrongswan/plugins/agent/Makefile.in index 6b2da9cb4..5a5202262 100644 --- a/src/libstrongswan/plugins/agent/Makefile.in +++ b/src/libstrongswan/plugins/agent/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -88,6 +88,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -110,6 +111,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -121,6 +125,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -134,6 +139,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -194,6 +201,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -205,6 +213,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -224,8 +233,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -320,7 +329,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/agent/agent_plugin.c b/src/libstrongswan/plugins/agent/agent_plugin.c index 474171ad1..84b85d4bd 100644 --- a/src/libstrongswan/plugins/agent/agent_plugin.c +++ b/src/libstrongswan/plugins/agent/agent_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "agent_plugin.h" diff --git a/src/libstrongswan/plugins/agent/agent_private_key.c b/src/libstrongswan/plugins/agent/agent_private_key.c index 5e7d0839e..ffdc6d778 100644 --- a/src/libstrongswan/plugins/agent/agent_private_key.c +++ b/src/libstrongswan/plugins/agent/agent_private_key.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "agent_private_key.h" @@ -191,8 +189,8 @@ static bool matches_pubkey(chunk_t key, public_key_t *pubkey) return FALSE; } pubkeydata = asn1_wrap(ASN1_SEQUENCE, "mm", - asn1_wrap(ASN1_INTEGER, "c", n), - asn1_wrap(ASN1_INTEGER, "c", e)); + asn1_integer("c", n), + asn1_integer("c", e)); hasher->allocate_hash(hasher, pubkeydata, &hash); free(pubkeydata.ptr); id = pubkey->get_id(pubkey, ID_PUBKEY_SHA1); @@ -271,7 +269,7 @@ static bool sign(private_agent_private_key_t *this, signature_scheme_t scheme, char buf[2048]; chunk_t blob = chunk_from_buf(buf); - if (scheme != SIGN_DEFAULT && scheme != SIGN_RSA_EMSA_PKCS1_SHA1) + if (scheme != SIGN_RSA_EMSA_PKCS1_SHA1) { DBG1("signature scheme %N not supported by ssh-agent", signature_scheme_names, scheme); @@ -389,8 +387,8 @@ static public_key_t* get_public_key(private_agent_private_key_t *this) e = read_string(&key); n = read_string(&key); encoded = asn1_wrap(ASN1_SEQUENCE, "mm", - asn1_wrap(ASN1_INTEGER, "c", n), - asn1_wrap(ASN1_INTEGER, "c", e)); + asn1_integer("c", n), + asn1_integer("c", e)); public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, BUILD_BLOB_ASN1_DER, encoded, BUILD_END); @@ -442,8 +440,8 @@ static bool build_ids(private_agent_private_key_t *this) return FALSE; } publicKey = asn1_wrap(ASN1_SEQUENCE, "mm", - asn1_wrap(ASN1_INTEGER, "c", n), - asn1_wrap(ASN1_INTEGER, "c", e)); + asn1_integer("c", n), + asn1_integer("c", e)); hasher->allocate_hash(hasher, publicKey, &hash); this->keyid = identification_create_from_encoding(ID_PUBKEY_SHA1, hash); chunk_free(&hash); diff --git a/src/libstrongswan/plugins/blowfish/Makefile.am b/src/libstrongswan/plugins/blowfish/Makefile.am new file mode 100644 index 000000000..6bb82169e --- /dev/null +++ b/src/libstrongswan/plugins/blowfish/Makefile.am @@ -0,0 +1,12 @@ + +INCLUDES = -I$(top_srcdir)/src/libstrongswan + +AM_CFLAGS = -rdynamic + +plugin_LTLIBRARIES = libstrongswan-blowfish.la + +libstrongswan_blowfish_la_SOURCES = \ +blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \ +bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c +libstrongswan_blowfish_la_LDFLAGS = -module + diff --git a/src/libstrongswan/plugins/blowfish/Makefile.in b/src/libstrongswan/plugins/blowfish/Makefile.in new file mode 100644 index 000000000..25cea73df --- /dev/null +++ b/src/libstrongswan/plugins/blowfish/Makefile.in @@ -0,0 +1,513 @@ +# Makefile.in generated by automake 1.10.2 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/libstrongswan/plugins/blowfish +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_CLEAN_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(plugindir)" +pluginLTLIBRARIES_INSTALL = $(INSTALL) +LTLIBRARIES = $(plugin_LTLIBRARIES) +libstrongswan_blowfish_la_LIBADD = +am_libstrongswan_blowfish_la_OBJECTS = blowfish_plugin.lo \ + blowfish_crypter.lo bf_skey.lo bf_enc.lo +libstrongswan_blowfish_la_OBJECTS = \ + $(am_libstrongswan_blowfish_la_OBJECTS) +libstrongswan_blowfish_la_LINK = $(LIBTOOL) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) $(libstrongswan_blowfish_la_LDFLAGS) \ + $(LDFLAGS) -o $@ +DEFAULT_INCLUDES = -I.@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(libstrongswan_blowfish_la_SOURCES) +DIST_SOURCES = $(libstrongswan_blowfish_la_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GPERF = @GPERF@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +confdir = @confdir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +gtk_CFLAGS = @gtk_CFLAGS@ +gtk_LIBS = @gtk_LIBS@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +ipsecdir = @ipsecdir@ +ipsecgroup = @ipsecgroup@ +ipsecuser = @ipsecuser@ +libdir = @libdir@ +libexecdir = @libexecdir@ +libstrongswan_plugins = @libstrongswan_plugins@ +linuxdir = @linuxdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +piddir = @piddir@ +plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +resolv_conf = @resolv_conf@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +simreader = @simreader@ +srcdir = @srcdir@ +strongswan_conf = @strongswan_conf@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +INCLUDES = -I$(top_srcdir)/src/libstrongswan +AM_CFLAGS = -rdynamic +plugin_LTLIBRARIES = libstrongswan-blowfish.la +libstrongswan_blowfish_la_SOURCES = \ +blowfish_plugin.h blowfish_plugin.c blowfish_crypter.c blowfish_crypter.h \ +bf_skey.c blowfish.h bf_pi.h bf_locl.h bf_enc.c + +libstrongswan_blowfish_la_LDFLAGS = -module +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/blowfish/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libstrongswan/plugins/blowfish/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(plugindir)/$$f"; \ + else :; fi; \ + done + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$p'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$p"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libstrongswan-blowfish.la: $(libstrongswan_blowfish_la_OBJECTS) $(libstrongswan_blowfish_la_DEPENDENCIES) + $(libstrongswan_blowfish_la_LINK) -rpath $(plugindir) $(libstrongswan_blowfish_la_OBJECTS) $(libstrongswan_blowfish_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bf_enc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/bf_skey.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blowfish_crypter.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blowfish_plugin.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) +installdirs: + for dir in "$(DESTDIR)$(plugindir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-exec-am: + +install-html: install-html-am + +install-info: install-info-am + +install-man: + +install-pdf: install-pdf-am + +install-ps: install-ps-am + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-pluginLTLIBRARIES ctags distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-pluginLTLIBRARIES \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/libstrongswan/plugins/blowfish/bf_enc.c b/src/libstrongswan/plugins/blowfish/bf_enc.c new file mode 100644 index 000000000..c2f3ce2e8 --- /dev/null +++ b/src/libstrongswan/plugins/blowfish/bf_enc.c @@ -0,0 +1,306 @@ +/* crypto/bf/bf_enc.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "blowfish.h" +#include "bf_locl.h" + +/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper' + * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, + * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) + */ + +#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20) +#error If you set BF_ROUNDS to some value other than 16 or 20, you will have \ +to modify the code. +#endif + +void BF_encrypt(BF_LONG *data, const BF_KEY *key) +{ +#ifndef BF_PTR2 + const BF_LONG *p,*s; + BF_LONG l,r; + + p=key->P; + s= &(key->S[0]); + l=data[0]; + r=data[1]; + + l^=p[0]; + BF_ENC(r,l,s,p[ 1]); + BF_ENC(l,r,s,p[ 2]); + BF_ENC(r,l,s,p[ 3]); + BF_ENC(l,r,s,p[ 4]); + BF_ENC(r,l,s,p[ 5]); + BF_ENC(l,r,s,p[ 6]); + BF_ENC(r,l,s,p[ 7]); + BF_ENC(l,r,s,p[ 8]); + BF_ENC(r,l,s,p[ 9]); + BF_ENC(l,r,s,p[10]); + BF_ENC(r,l,s,p[11]); + BF_ENC(l,r,s,p[12]); + BF_ENC(r,l,s,p[13]); + BF_ENC(l,r,s,p[14]); + BF_ENC(r,l,s,p[15]); + BF_ENC(l,r,s,p[16]); +#if BF_ROUNDS == 20 + BF_ENC(r,l,s,p[17]); + BF_ENC(l,r,s,p[18]); + BF_ENC(r,l,s,p[19]); + BF_ENC(l,r,s,p[20]); +#endif + r^=p[BF_ROUNDS+1]; + + data[1]=l&0xffffffffL; + data[0]=r&0xffffffffL; +#else + BF_LONG l,r,t,*k; + + l=data[0]; + r=data[1]; + k=(BF_LONG*)key; + + l^=k[0]; + BF_ENC(r,l,k, 1); + BF_ENC(l,r,k, 2); + BF_ENC(r,l,k, 3); + BF_ENC(l,r,k, 4); + BF_ENC(r,l,k, 5); + BF_ENC(l,r,k, 6); + BF_ENC(r,l,k, 7); + BF_ENC(l,r,k, 8); + BF_ENC(r,l,k, 9); + BF_ENC(l,r,k,10); + BF_ENC(r,l,k,11); + BF_ENC(l,r,k,12); + BF_ENC(r,l,k,13); + BF_ENC(l,r,k,14); + BF_ENC(r,l,k,15); + BF_ENC(l,r,k,16); +#if BF_ROUNDS == 20 + BF_ENC(r,l,k,17); + BF_ENC(l,r,k,18); + BF_ENC(r,l,k,19); + BF_ENC(l,r,k,20); +#endif + r^=k[BF_ROUNDS+1]; + + data[1]=l&0xffffffffL; + data[0]=r&0xffffffffL; +#endif +} + +#ifndef BF_DEFAULT_OPTIONS + +void BF_decrypt(BF_LONG *data, const BF_KEY *key) +{ +#ifndef BF_PTR2 + const BF_LONG *p,*s; + BF_LONG l,r; + + p=key->P; + s= &(key->S[0]); + l=data[0]; + r=data[1]; + + l^=p[BF_ROUNDS+1]; +#if BF_ROUNDS == 20 + BF_ENC(r,l,s,p[20]); + BF_ENC(l,r,s,p[19]); + BF_ENC(r,l,s,p[18]); + BF_ENC(l,r,s,p[17]); +#endif + BF_ENC(r,l,s,p[16]); + BF_ENC(l,r,s,p[15]); + BF_ENC(r,l,s,p[14]); + BF_ENC(l,r,s,p[13]); + BF_ENC(r,l,s,p[12]); + BF_ENC(l,r,s,p[11]); + BF_ENC(r,l,s,p[10]); + BF_ENC(l,r,s,p[ 9]); + BF_ENC(r,l,s,p[ 8]); + BF_ENC(l,r,s,p[ 7]); + BF_ENC(r,l,s,p[ 6]); + BF_ENC(l,r,s,p[ 5]); + BF_ENC(r,l,s,p[ 4]); + BF_ENC(l,r,s,p[ 3]); + BF_ENC(r,l,s,p[ 2]); + BF_ENC(l,r,s,p[ 1]); + r^=p[0]; + + data[1]=l&0xffffffffL; + data[0]=r&0xffffffffL; +#else + BF_LONG l,r,t,*k; + + l=data[0]; + r=data[1]; + k=(BF_LONG *)key; + + l^=k[BF_ROUNDS+1]; +#if BF_ROUNDS == 20 + BF_ENC(r,l,k,20); + BF_ENC(l,r,k,19); + BF_ENC(r,l,k,18); + BF_ENC(l,r,k,17); +#endif + BF_ENC(r,l,k,16); + BF_ENC(l,r,k,15); + BF_ENC(r,l,k,14); + BF_ENC(l,r,k,13); + BF_ENC(r,l,k,12); + BF_ENC(l,r,k,11); + BF_ENC(r,l,k,10); + BF_ENC(l,r,k, 9); + BF_ENC(r,l,k, 8); + BF_ENC(l,r,k, 7); + BF_ENC(r,l,k, 6); + BF_ENC(l,r,k, 5); + BF_ENC(r,l,k, 4); + BF_ENC(l,r,k, 3); + BF_ENC(r,l,k, 2); + BF_ENC(l,r,k, 1); + r^=k[0]; + + data[1]=l&0xffffffffL; + data[0]=r&0xffffffffL; +#endif +} + +void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, + const BF_KEY *schedule, unsigned char *ivec, int encrypt) +{ + BF_LONG tin0,tin1; + BF_LONG tout0,tout1,xor0,xor1; + long l=length; + BF_LONG tin[2]; + + if (encrypt) + { + n2l(ivec,tout0); + n2l(ivec,tout1); + ivec-=8; + for (l-=8; l>=0; l-=8) + { + n2l(in,tin0); + n2l(in,tin1); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + BF_encrypt(tin,schedule); + tout0=tin[0]; + tout1=tin[1]; + l2n(tout0,out); + l2n(tout1,out); + } + if (l != -8) + { + n2ln(in,tin0,tin1,l+8); + tin0^=tout0; + tin1^=tout1; + tin[0]=tin0; + tin[1]=tin1; + BF_encrypt(tin,schedule); + tout0=tin[0]; + tout1=tin[1]; + l2n(tout0,out); + l2n(tout1,out); + } + l2n(tout0,ivec); + l2n(tout1,ivec); + } + else + { + n2l(ivec,xor0); + n2l(ivec,xor1); + ivec-=8; + for (l-=8; l>=0; l-=8) + { + n2l(in,tin0); + n2l(in,tin1); + tin[0]=tin0; + tin[1]=tin1; + BF_decrypt(tin,schedule); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2n(tout0,out); + l2n(tout1,out); + xor0=tin0; + xor1=tin1; + } + if (l != -8) + { + n2l(in,tin0); + n2l(in,tin1); + tin[0]=tin0; + tin[1]=tin1; + BF_decrypt(tin,schedule); + tout0=tin[0]^xor0; + tout1=tin[1]^xor1; + l2nn(tout0,tout1,out,l+8); + xor0=tin0; + xor1=tin1; + } + l2n(xor0,ivec); + l2n(xor1,ivec); + } + tin0=tin1=tout0=tout1=xor0=xor1=0; + tin[0]=tin[1]=0; +} + +#endif diff --git a/src/libstrongswan/plugins/blowfish/bf_locl.h b/src/libstrongswan/plugins/blowfish/bf_locl.h new file mode 100644 index 000000000..283bf4c43 --- /dev/null +++ b/src/libstrongswan/plugins/blowfish/bf_locl.h @@ -0,0 +1,218 @@ +/* crypto/bf/bf_locl.h */ +/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_BF_LOCL_H +#define HEADER_BF_LOCL_H + +#undef c2l +#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<<24L) + +/* NOTE - c is not incremented as per c2l */ +#undef c2ln +#define c2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c))))<<24L; \ + case 7: l2|=((unsigned long)(*(--(c))))<<16L; \ + case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \ + case 5: l2|=((unsigned long)(*(--(c)))); \ + case 4: l1 =((unsigned long)(*(--(c))))<<24L; \ + case 3: l1|=((unsigned long)(*(--(c))))<<16L; \ + case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \ + case 1: l1|=((unsigned long)(*(--(c)))); \ + } \ + } + +#undef l2c +#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>24L)&0xff)) + +/* NOTE - c is not incremented as per l2c */ +#undef l2cn +#define l2cn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \ + } \ + } + +/* NOTE - c is not incremented as per n2l */ +#define n2ln(c,l1,l2,n) { \ + c+=n; \ + l1=l2=0; \ + switch (n) { \ + case 8: l2 =((unsigned long)(*(--(c)))) ; \ + case 7: l2|=((unsigned long)(*(--(c))))<< 8; \ + case 6: l2|=((unsigned long)(*(--(c))))<<16; \ + case 5: l2|=((unsigned long)(*(--(c))))<<24; \ + case 4: l1 =((unsigned long)(*(--(c)))) ; \ + case 3: l1|=((unsigned long)(*(--(c))))<< 8; \ + case 2: l1|=((unsigned long)(*(--(c))))<<16; \ + case 1: l1|=((unsigned long)(*(--(c))))<<24; \ + } \ + } + +/* NOTE - c is not incremented as per l2n */ +#define l2nn(l1,l2,c,n) { \ + c+=n; \ + switch (n) { \ + case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \ + case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \ + case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \ + case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \ + case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \ + case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \ + case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \ + case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \ + } \ + } + +#undef n2l +#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \ + l|=((unsigned long)(*((c)++)))<<16L, \ + l|=((unsigned long)(*((c)++)))<< 8L, \ + l|=((unsigned long)(*((c)++)))) + +#undef l2n +#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \ + *((c)++)=(unsigned char)(((l)>>16L)&0xff), \ + *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \ + *((c)++)=(unsigned char)(((l) )&0xff)) + +/* This is actually a big endian algorithm, the most significant byte + * is used to lookup array 0 */ + +#if defined(BF_PTR2) + +/* + * This is basically a special Intel version. Point is that Intel + * doesn't have many registers, but offers a reach choice of addressing + * modes. So we spare some registers by directly traversing BF_KEY + * structure and hiring the most decorated addressing mode. The code + * generated by EGCS is *perfectly* competitive with assembler + * implementation! + */ +#define BF_ENC(LL,R,KEY,Pi) (\ + LL^=KEY[Pi], \ + t= KEY[BF_ROUNDS+2 + 0 + ((R>>24)&0xFF)], \ + t+= KEY[BF_ROUNDS+2 + 256 + ((R>>16)&0xFF)], \ + t^= KEY[BF_ROUNDS+2 + 512 + ((R>>8 )&0xFF)], \ + t+= KEY[BF_ROUNDS+2 + 768 + ((R )&0xFF)], \ + LL^=t \ + ) + +#elif defined(BF_PTR) + +#ifndef BF_LONG_LOG2 +#define BF_LONG_LOG2 2 /* default to BF_LONG being 32 bits */ +#endif +#define BF_M (0xFF<<BF_LONG_LOG2) +#define BF_0 (24-BF_LONG_LOG2) +#define BF_1 (16-BF_LONG_LOG2) +#define BF_2 ( 8-BF_LONG_LOG2) +#define BF_3 BF_LONG_LOG2 /* left shift */ + +/* + * This is normally very good on RISC platforms where normally you + * have to explicitly "multiply" array index by sizeof(BF_LONG) + * in order to calculate the effective address. This implementation + * excuses CPU from this extra work. Power[PC] uses should have most + * fun as (R>>BF_i)&BF_M gets folded into a single instruction, namely + * rlwinm. So let'em double-check if their compiler does it. + */ + +#define BF_ENC(LL,R,S,P) ( \ + LL^=P, \ + LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \ + *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \ + *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \ + *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M))) \ + ) +#else + +/* + * This is a *generic* version. Seem to perform best on platforms that + * offer explicit support for extraction of 8-bit nibbles preferably + * complemented with "multiplying" of array index by sizeof(BF_LONG). + * For the moment of this writing the list comprises Alpha CPU featuring + * extbl and s[48]addq instructions. + */ + +#define BF_ENC(LL,R,S,P) ( \ + LL^=P, \ + LL^=((( S[ ((int)(R>>24)&0xff)] + \ + S[0x0100+((int)(R>>16)&0xff)])^ \ + S[0x0200+((int)(R>> 8)&0xff)])+ \ + S[0x0300+((int)(R )&0xff)])&0xffffffffL \ + ) +#endif + +#endif diff --git a/src/libstrongswan/plugins/blowfish/bf_pi.h b/src/libstrongswan/plugins/blowfish/bf_pi.h new file mode 100644 index 000000000..9949513c6 --- /dev/null +++ b/src/libstrongswan/plugins/blowfish/bf_pi.h @@ -0,0 +1,325 @@ +/* crypto/bf/bf_pi.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +static const BF_KEY bf_init= { + { + 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L, + 0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L, + 0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL, + 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L, + 0x9216d5d9L, 0x8979fb1b + },{ + 0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L, + 0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L, + 0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L, + 0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL, + 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL, + 0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L, + 0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL, + 0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL, + 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L, + 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L, + 0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL, + 0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL, + 0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL, + 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L, + 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L, + 0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L, + 0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L, + 0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L, + 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL, + 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L, + 0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L, + 0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L, + 0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L, + 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL, + 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L, + 0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL, + 0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL, + 0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L, + 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL, + 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L, + 0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL, + 0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L, + 0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L, + 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL, + 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L, + 0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L, + 0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL, + 0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L, + 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL, + 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L, + 0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L, + 0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL, + 0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L, + 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L, + 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L, + 0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L, + 0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L, + 0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL, + 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL, + 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L, + 0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L, + 0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L, + 0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L, + 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL, + 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L, + 0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL, + 0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL, + 0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L, + 0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L, + 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L, + 0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L, + 0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L, + 0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L, + 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL, + 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L, + 0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L, + 0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L, + 0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL, + 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L, + 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L, + 0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL, + 0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L, + 0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L, + 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L, + 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL, + 0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL, + 0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L, + 0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L, + 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L, + 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L, + 0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL, + 0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL, + 0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL, + 0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L, + 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL, + 0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L, + 0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L, + 0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL, + 0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL, + 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L, + 0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL, + 0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L, + 0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL, + 0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL, + 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L, + 0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L, + 0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L, + 0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L, + 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L, + 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L, + 0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L, + 0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL, + 0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L, + 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL, + 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L, + 0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L, + 0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L, + 0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L, + 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L, + 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L, + 0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L, + 0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L, + 0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L, + 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L, + 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L, + 0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L, + 0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L, + 0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L, + 0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L, + 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L, + 0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL, + 0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL, + 0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L, + 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL, + 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L, + 0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L, + 0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L, + 0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L, + 0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L, + 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L, + 0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL, + 0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L, + 0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L, + 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L, + 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL, + 0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL, + 0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL, + 0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L, + 0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L, + 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL, + 0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L, + 0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL, + 0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L, + 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL, + 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L, + 0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL, + 0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L, + 0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL, + 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L, + 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L, + 0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL, + 0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L, + 0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L, + 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L, + 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L, + 0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL, + 0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L, + 0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL, + 0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L, + 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL, + 0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L, + 0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL, + 0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL, + 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL, + 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L, + 0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L, + 0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL, + 0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL, + 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL, + 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL, + 0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL, + 0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L, + 0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L, + 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L, + 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L, + 0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL, + 0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL, + 0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L, + 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L, + 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L, + 0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L, + 0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L, + 0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L, + 0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L, + 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L, + 0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L, + 0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L, + 0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL, + 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L, + 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL, + 0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L, + 0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L, + 0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL, + 0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL, + 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL, + 0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L, + 0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L, + 0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L, + 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L, + 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L, + 0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L, + 0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L, + 0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L, + 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L, + 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L, + 0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L, + 0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L, + 0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL, + 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL, + 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L, + 0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL, + 0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL, + 0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL, + 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L, + 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL, + 0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL, + 0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L, + 0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L, + 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L, + 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L, + 0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL, + 0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL, + 0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L, + 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L, + 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L, + 0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL, + 0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L, + 0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L, + 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L, + 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL, + 0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L, + 0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L, + 0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L, + 0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL, + 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL, + 0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L, + 0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L, + 0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L, + 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L, + 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL, + 0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L, + 0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL, + 0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL, + 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L, + 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L, + 0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL, + 0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L, + 0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL, + 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L, + 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL, + 0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L, + 0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L, + 0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL, + 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L, + 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL, + 0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L, + } + }; + diff --git a/src/libstrongswan/plugins/blowfish/bf_skey.c b/src/libstrongswan/plugins/blowfish/bf_skey.c new file mode 100644 index 000000000..8cdbbd283 --- /dev/null +++ b/src/libstrongswan/plugins/blowfish/bf_skey.c @@ -0,0 +1,122 @@ +/* crypto/bf/bf_skey.c */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifdef __KERNEL__ +#include <linux/types.h> +#include <linux/string.h> +#else +#include <stdio.h> +#include <string.h> +#endif + +#include "blowfish.h" +#include "bf_locl.h" +#include "bf_pi.h" + +void BF_set_key(BF_KEY *key, int len, const unsigned char *data) + { + int i; + BF_LONG *p,ri,in[2]; + const unsigned char *d,*end; + + + memcpy((char *)key,(const char *)&bf_init,sizeof(BF_KEY)); + p=key->P; + + if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4; + + d=data; + end= &(data[len]); + for (i=0; i<(BF_ROUNDS+2); i++) + { + ri= *(d++); + if (d >= end) d=data; + + ri<<=8; + ri|= *(d++); + if (d >= end) d=data; + + ri<<=8; + ri|= *(d++); + if (d >= end) d=data; + + ri<<=8; + ri|= *(d++); + if (d >= end) d=data; + + p[i]^=ri; + } + + in[0]=0L; + in[1]=0L; + for (i=0; i<(BF_ROUNDS+2); i+=2) + { + BF_encrypt(in,key); + p[i ]=in[0]; + p[i+1]=in[1]; + } + + p=key->S; + for (i=0; i<4*256; i+=2) + { + BF_encrypt(in,key); + p[i ]=in[0]; + p[i+1]=in[1]; + } + } + diff --git a/src/libstrongswan/plugins/blowfish/blowfish.h b/src/libstrongswan/plugins/blowfish/blowfish.h new file mode 100644 index 000000000..ccb97e272 --- /dev/null +++ b/src/libstrongswan/plugins/blowfish/blowfish.h @@ -0,0 +1,133 @@ +/* crypto/bf/blowfish.h */ +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_BLOWFISH_H +#define HEADER_BLOWFISH_H + +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef NO_BF +#error BF is disabled. +#endif + +#define BF_ENCRYPT 1 +#define BF_DECRYPT 0 + +/* + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + * ! BF_LONG has to be at least 32 bits wide. If it's wider, then ! + * ! BF_LONG_LOG2 has to be defined along. ! + * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! + */ + +#if defined(WIN16) || defined(__LP32__) +#define BF_LONG unsigned long +#elif defined(_CRAY) || defined(__ILP64__) +#define BF_LONG unsigned long +#define BF_LONG_LOG2 3 +#endif +/* + * _CRAY note. I could declare short, but I have no idea what impact + * does it have on performance on none-T3E machines. I could declare + * int, but at least on C90 sizeof(int) can be chosen at compile time. + * So I've chosen long... + * <appro@fy.chalmers.se> + */ + +/* des.h-like hack <jjo-ipsec@mendoza.gov.ar> */ +#ifndef BF_LONG +#ifdef __KERNEL__ +#include <linux/types.h> +#else +#include <sys/types.h> +#endif +#define BF_LONG u_int32_t +#endif + +#define BF_ROUNDS 16 +#define BF_BLOCK 8 + +typedef struct bf_key_st + { + BF_LONG P[BF_ROUNDS+2]; + BF_LONG S[4*256]; + } BF_KEY; + + +void BF_set_key(BF_KEY *key, int len, const unsigned char *data); + +void BF_encrypt(BF_LONG *data,const BF_KEY *key); +void BF_decrypt(BF_LONG *data,const BF_KEY *key); + +void BF_ecb_encrypt(const unsigned char *in, unsigned char *out, + const BF_KEY *key, int enc); +void BF_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, + const BF_KEY *schedule, unsigned char *ivec, int enc); +void BF_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, + const BF_KEY *schedule, unsigned char *ivec, int *num, int enc); +void BF_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, + const BF_KEY *schedule, unsigned char *ivec, int *num); +const char *BF_options(void); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/libstrongswan/plugins/blowfish/blowfish_crypter.c b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c new file mode 100644 index 000000000..5064bfef6 --- /dev/null +++ b/src/libstrongswan/plugins/blowfish/blowfish_crypter.c @@ -0,0 +1,197 @@ +/* + * Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "blowfish.h" + +/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper' + * (From LECTURE NOTES IN COMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION, + * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993) + */ + +#include "blowfish_crypter.h" + +typedef struct private_blowfish_crypter_t private_blowfish_crypter_t; + +/** + * Class implementing the Blowfish symmetric encryption algorithm. + * + * @ingroup crypters + */ +struct private_blowfish_crypter_t { + + /** + * Public part of this class. + */ + blowfish_crypter_t public; + + /** + * Blowfish key schedule + */ + BF_KEY schedule; + + /** + * Key size of this Blowfish cipher object. + */ + u_int32_t key_size; +}; + +/** + * Implementation of crypter_t.decrypt. + */ +static void decrypt(private_blowfish_crypter_t *this, chunk_t data, chunk_t iv, + chunk_t *decrypted) +{ + u_int8_t *in, *out; + + if (decrypted) + { + *decrypted = chunk_alloc(data.len); + out = decrypted->ptr; + } + else + { + out = data.ptr; + } + in = data.ptr; + iv = chunk_clone(iv); + + BF_cbc_encrypt(in, out, data.len, &this->schedule, iv.ptr, 0); + + free(iv.ptr); +} + +/** + * Implementation of crypter_t.decrypt. + */ +static void encrypt (private_blowfish_crypter_t *this, chunk_t data, chunk_t iv, + chunk_t *encrypted) +{ + u_int8_t *in, *out; + + if (encrypted) + { + *encrypted = chunk_alloc(data.len); + out = encrypted->ptr; + } + else + { + out = data.ptr; + } + in = data.ptr; + iv = chunk_clone(iv); + + BF_cbc_encrypt(in, out, data.len, &this->schedule, iv.ptr, 1); + + free(iv.ptr); +} + +/** + * Implementation of crypter_t.get_block_size. + */ +static size_t get_block_size (private_blowfish_crypter_t *this) +{ + return BLOWFISH_BLOCK_SIZE; +} + +/** + * Implementation of crypter_t.get_key_size. + */ +static size_t get_key_size (private_blowfish_crypter_t *this) +{ + return this->key_size; +} + +/** + * Implementation of crypter_t.set_key. + */ +static void set_key (private_blowfish_crypter_t *this, chunk_t key) +{ + BF_set_key(&this->schedule, key.len , key.ptr); +} + +/** + * Implementation of crypter_t.destroy and blowfish_crypter_t.destroy. + */ +static void destroy (private_blowfish_crypter_t *this) +{ + free(this); +} + +/* + * Described in header + */ +blowfish_crypter_t *blowfish_crypter_create(encryption_algorithm_t algo, size_t key_size) +{ + private_blowfish_crypter_t *this; + + if (algo != ENCR_BLOWFISH) + { + return NULL; + } + + this = malloc_thing(private_blowfish_crypter_t); + + this->key_size = key_size; + this->public.crypter_interface.encrypt = (void (*) (crypter_t *, chunk_t,chunk_t, chunk_t *)) encrypt; + this->public.crypter_interface.decrypt = (void (*) (crypter_t *, chunk_t , chunk_t, chunk_t *)) decrypt; + this->public.crypter_interface.get_block_size = (size_t (*) (crypter_t *)) get_block_size; + this->public.crypter_interface.get_key_size = (size_t (*) (crypter_t *)) get_key_size; + this->public.crypter_interface.set_key = (void (*) (crypter_t *,chunk_t)) set_key; + this->public.crypter_interface.destroy = (void (*) (crypter_t *)) destroy; + + return &(this->public); +} diff --git a/src/libstrongswan/plugins/blowfish/blowfish_crypter.h b/src/libstrongswan/plugins/blowfish/blowfish_crypter.h new file mode 100644 index 000000000..2bb896e64 --- /dev/null +++ b/src/libstrongswan/plugins/blowfish/blowfish_crypter.h @@ -0,0 +1,50 @@ +/* + * Copyright (C) 2005-2008 Martin Willi + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup blowfish_crypter blowfish_crypter + * @{ @ingroup blowfish_p + */ + +#ifndef BLOWFISH_CRYPTER_H_ +#define BLOWFISH_CRYPTER_H_ + +typedef struct blowfish_crypter_t blowfish_crypter_t; + +#include <crypto/crypters/crypter.h> + +/** + * Class implementing the Blowfish encryption algorithm. + */ +struct blowfish_crypter_t { + + /** + * The crypter_t interface. + */ + crypter_t crypter_interface; +}; + +/** + * Constructor to create blowfish_crypter_t objects. + * + * @param key_size key size in bytes + * @param algo algorithm to implement + * @return blowfish_crypter_t object, NULL if not supported + */ +blowfish_crypter_t *blowfish_crypter_create(encryption_algorithm_t algo, + size_t key_size); + +#endif /** BLOWFISH_CRYPTER_H_ @}*/ diff --git a/src/libstrongswan/plugins/blowfish/blowfish_plugin.c b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c new file mode 100644 index 000000000..6e2f6d4fa --- /dev/null +++ b/src/libstrongswan/plugins/blowfish/blowfish_plugin.c @@ -0,0 +1,59 @@ +/* + * Copyright (C) 2008 Martin Willi + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "blowfish_plugin.h" + +#include <library.h> +#include "blowfish_crypter.h" + +typedef struct private_blowfish_plugin_t private_blowfish_plugin_t; + +/** + * private data of blowfish_plugin + */ +struct private_blowfish_plugin_t { + + /** + * public functions + */ + blowfish_plugin_t public; +}; + +/** + * Implementation of blowfish_plugin_t.destroy + */ +static void destroy(private_blowfish_plugin_t *this) +{ + lib->crypto->remove_crypter(lib->crypto, + (crypter_constructor_t)blowfish_crypter_create); + free(this); +} + +/* + * see header file + */ +plugin_t *plugin_create() +{ + private_blowfish_plugin_t *this = malloc_thing(private_blowfish_plugin_t); + + this->public.plugin.destroy = (void(*)(plugin_t*))destroy; + + lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, + (crypter_constructor_t)blowfish_crypter_create); + + return &this->public.plugin; +} + diff --git a/src/libstrongswan/plugins/blowfish/blowfish_plugin.h b/src/libstrongswan/plugins/blowfish/blowfish_plugin.h new file mode 100644 index 000000000..596a7c791 --- /dev/null +++ b/src/libstrongswan/plugins/blowfish/blowfish_plugin.h @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2008 Martin Willi + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup blowfish_p blowfish + * @ingroup plugins + * + * @defgroup blowfish_plugin blowfish_plugin + * @{ @ingroup blowfish_p + */ + +#ifndef BLOWFISH_PLUGIN_H_ +#define BLOWFISH_PLUGIN_H_ + +#include <plugins/plugin.h> + +typedef struct blowfish_plugin_t blowfish_plugin_t; + +/** + * Plugin implementing Blowfish based algorithms in software. + */ +struct blowfish_plugin_t { + + /** + * implements plugin interface + */ + plugin_t plugin; +}; + +/** + * Create a blowfish_plugin instance. + */ +plugin_t *plugin_create(); + +#endif /** BLOWFISH_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/curl/Makefile.in b/src/libstrongswan/plugins/curl/Makefile.in index cd916ccbe..b413e035e 100644 --- a/src/libstrongswan/plugins/curl/Makefile.in +++ b/src/libstrongswan/plugins/curl/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -87,6 +87,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -109,6 +110,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -120,6 +124,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -133,6 +138,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -193,6 +200,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -204,6 +212,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -222,8 +231,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -318,7 +327,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/curl/curl_fetcher.c b/src/libstrongswan/plugins/curl/curl_fetcher.c index cd54c76a3..7ee9fa1bd 100644 --- a/src/libstrongswan/plugins/curl/curl_fetcher.c +++ b/src/libstrongswan/plugins/curl/curl_fetcher.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: curl_fetcher.c 4632 2008-11-11 18:37:19Z martin $ */ #include <curl/curl.h> @@ -35,16 +33,16 @@ struct private_curl_fetcher_t { * Public data */ curl_fetcher_t public; - + /** * CURL handle */ CURL* curl; /** - * request type, as set with FETCH_REQUEST_TYPE + * Optional HTTP headers */ - char *request_type; + struct curl_slist *headers; }; /** @@ -52,15 +50,15 @@ struct private_curl_fetcher_t { */ static size_t append(void *ptr, size_t size, size_t nmemb, chunk_t *data) { - size_t realsize = size * nmemb; - - data->ptr = (u_char*)realloc(data->ptr, data->len + realsize); - if (data->ptr) - { + size_t realsize = size * nmemb; + + data->ptr = (u_char*)realloc(data->ptr, data->len + realsize); + if (data->ptr) + { memcpy(&data->ptr[data->len], ptr, realsize); data->len += realsize; - } - return realsize; + } + return realsize; } /** @@ -68,9 +66,7 @@ static size_t append(void *ptr, size_t size, size_t nmemb, chunk_t *data) */ static status_t fetch(private_curl_fetcher_t *this, char *uri, chunk_t *result) { - struct curl_slist *headers = NULL; char error[CURL_ERROR_SIZE]; - char buf[256];; status_t status; *result = chunk_empty; @@ -85,14 +81,12 @@ static status_t fetch(private_curl_fetcher_t *this, char *uri, chunk_t *result) curl_easy_setopt(this->curl, CURLOPT_CONNECTTIMEOUT, DEFAULT_TIMEOUT); curl_easy_setopt(this->curl, CURLOPT_WRITEFUNCTION, (void*)append); curl_easy_setopt(this->curl, CURLOPT_WRITEDATA, (void*)result); - if (this->request_type) + if (this->headers) { - snprintf(buf, sizeof(buf), "Content-Type: %s", this->request_type); - headers = curl_slist_append(headers, buf); - curl_easy_setopt(this->curl, CURLOPT_HTTPHEADER, headers); + curl_easy_setopt(this->curl, CURLOPT_HTTPHEADER, this->headers); } - - DBG2("sending http request to '%s'...", uri); + + DBG2(" sending http request to '%s'...", uri); switch (curl_easy_perform(this->curl)) { case CURLE_UNSUPPORTED_PROTOCOL: @@ -102,11 +96,10 @@ static status_t fetch(private_curl_fetcher_t *this, char *uri, chunk_t *result) status = SUCCESS; break; default: - DBG1("libcurl http request failed: %s", error); + DBG1("libcurl http request failed: %s", error); status = FAILED; break; } - curl_slist_free_all(headers); return status; } @@ -123,13 +116,31 @@ static bool set_option(private_curl_fetcher_t *this, fetcher_option_t option, .. case FETCH_REQUEST_DATA: { chunk_t data = va_arg(args, chunk_t); + curl_easy_setopt(this->curl, CURLOPT_POSTFIELDS, (char*)data.ptr); curl_easy_setopt(this->curl, CURLOPT_POSTFIELDSIZE, data.len); return TRUE; } case FETCH_REQUEST_TYPE: { - this->request_type = va_arg(args, char*); + char header[BUF_LEN]; + char *request_type = va_arg(args, char*); + + snprintf(header, BUF_LEN, "Content-Type: %s", request_type); + this->headers = curl_slist_append(this->headers, header); + return TRUE; + } + case FETCH_REQUEST_HEADER: + { + char *header = va_arg(args, char*); + + this->headers = curl_slist_append(this->headers, header); + return TRUE; + } + case FETCH_HTTP_VERSION_1_0: + { + curl_easy_setopt(this->curl, CURLOPT_HTTP_VERSION, + CURL_HTTP_VERSION_1_0); return TRUE; } case FETCH_TIMEOUT: @@ -148,6 +159,7 @@ static bool set_option(private_curl_fetcher_t *this, fetcher_option_t option, .. */ static void destroy(private_curl_fetcher_t *this) { + curl_slist_free_all(this->headers); curl_easy_cleanup(this->curl); free(this); } @@ -158,19 +170,19 @@ static void destroy(private_curl_fetcher_t *this) curl_fetcher_t *curl_fetcher_create() { private_curl_fetcher_t *this = malloc_thing(private_curl_fetcher_t); - + this->curl = curl_easy_init(); if (this->curl == NULL) { free(this); return NULL; } - this->request_type = NULL; - + this->headers = NULL; + this->public.interface.fetch = (status_t(*)(fetcher_t*,char*,chunk_t*))fetch; this->public.interface.set_option = (bool(*)(fetcher_t*, fetcher_option_t option, ...))set_option; this->public.interface.destroy = (void (*)(fetcher_t*))destroy; - + return &this->public; } diff --git a/src/libstrongswan/plugins/curl/curl_plugin.c b/src/libstrongswan/plugins/curl/curl_plugin.c index a41c3815c..97fa07866 100644 --- a/src/libstrongswan/plugins/curl/curl_plugin.c +++ b/src/libstrongswan/plugins/curl/curl_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: curl_plugin.c 3529 2008-03-05 15:26:24Z martin $ */ #include "curl_plugin.h" diff --git a/src/libstrongswan/plugins/des/Makefile.in b/src/libstrongswan/plugins/des/Makefile.in index 415c126af..bbca6a032 100644 --- a/src/libstrongswan/plugins/des/Makefile.in +++ b/src/libstrongswan/plugins/des/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -87,6 +87,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -109,6 +110,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -120,6 +124,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -133,6 +138,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -193,6 +200,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -204,6 +212,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -221,8 +230,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -317,7 +326,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/des/des_crypter.c b/src/libstrongswan/plugins/des/des_crypter.c index b0b18a2c1..680fe8b6a 100644 --- a/src/libstrongswan/plugins/des/des_crypter.c +++ b/src/libstrongswan/plugins/des/des_crypter.c @@ -56,13 +56,11 @@ * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence * [including the GNU Public Licence.] - * - * $Id: des_crypter.c 4938 2009-03-12 18:38:13Z tobias $ */ #include "des_crypter.h" -typedef u_char des_cblock[8]; +typedef u_char des_cblock[DES_BLOCK_SIZE]; typedef struct des_ks_struct { des_cblock _; diff --git a/src/libstrongswan/plugins/des/des_plugin.c b/src/libstrongswan/plugins/des/des_plugin.c index a0d8ce07b..e16b475d4 100644 --- a/src/libstrongswan/plugins/des/des_plugin.c +++ b/src/libstrongswan/plugins/des/des_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: des_plugin.c 4887 2009-02-19 14:29:25Z tobias $ */ #include "des_plugin.h" diff --git a/src/libstrongswan/plugins/fips_prf/Makefile.in b/src/libstrongswan/plugins/fips_prf/Makefile.in index 1e53f435f..881d7a36e 100644 --- a/src/libstrongswan/plugins/fips_prf/Makefile.in +++ b/src/libstrongswan/plugins/fips_prf/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -89,6 +89,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -111,6 +112,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -122,6 +126,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -135,6 +140,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -195,6 +202,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -206,6 +214,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -223,8 +232,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -319,7 +328,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf.c b/src/libstrongswan/plugins/fips_prf/fips_prf.c index df3d130a9..be28f10bc 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: fips_prf.c 3619 2008-03-19 14:02:52Z martin $ */ #include "fips_prf.h" diff --git a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c index 60fce8632..7576e79ad 100644 --- a/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c +++ b/src/libstrongswan/plugins/fips_prf/fips_prf_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: fips_prf_plugin.c 3488 2008-02-21 15:10:02Z martin $ */ #include "fips_prf_plugin.h" diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.am b/src/libstrongswan/plugins/gcrypt/Makefile.am new file mode 100644 index 000000000..72cc409fc --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/Makefile.am @@ -0,0 +1,17 @@ + +INCLUDES = -I$(top_srcdir)/src/libstrongswan + +AM_CFLAGS = -rdynamic $(LIBGCRYPT_CFLAGS) + +plugin_LTLIBRARIES = libstrongswan-gcrypt.la + +libstrongswan_gcrypt_la_SOURCES = gcrypt_plugin.h gcrypt_plugin.c \ + gcrypt_rsa_public_key.h gcrypt_rsa_public_key.c \ + gcrypt_rsa_private_key.h gcrypt_rsa_private_key.c \ + gcrypt_dh.h gcrypt_dh.c \ + gcrypt_rng.h gcrypt_rng.c \ + gcrypt_crypter.h gcrypt_crypter.c \ + gcrypt_hasher.h gcrypt_hasher.c + +libstrongswan_gcrypt_la_LDFLAGS = -module +libstrongswan_gcrypt_la_LIBADD = $(LIBGCRYPT_LIBS) diff --git a/src/libstrongswan/plugins/gcrypt/Makefile.in b/src/libstrongswan/plugins/gcrypt/Makefile.in new file mode 100644 index 000000000..49994c593 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/Makefile.in @@ -0,0 +1,522 @@ +# Makefile.in generated by automake 1.10.2 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/libstrongswan/plugins/gcrypt +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_CLEAN_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(plugindir)" +pluginLTLIBRARIES_INSTALL = $(INSTALL) +LTLIBRARIES = $(plugin_LTLIBRARIES) +am__DEPENDENCIES_1 = +libstrongswan_gcrypt_la_DEPENDENCIES = $(am__DEPENDENCIES_1) +am_libstrongswan_gcrypt_la_OBJECTS = gcrypt_plugin.lo \ + gcrypt_rsa_public_key.lo gcrypt_rsa_private_key.lo \ + gcrypt_dh.lo gcrypt_rng.lo gcrypt_crypter.lo gcrypt_hasher.lo +libstrongswan_gcrypt_la_OBJECTS = \ + $(am_libstrongswan_gcrypt_la_OBJECTS) +libstrongswan_gcrypt_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libstrongswan_gcrypt_la_LDFLAGS) $(LDFLAGS) -o $@ +DEFAULT_INCLUDES = -I.@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(libstrongswan_gcrypt_la_SOURCES) +DIST_SOURCES = $(libstrongswan_gcrypt_la_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GPERF = @GPERF@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +confdir = @confdir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +gtk_CFLAGS = @gtk_CFLAGS@ +gtk_LIBS = @gtk_LIBS@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +ipsecdir = @ipsecdir@ +ipsecgroup = @ipsecgroup@ +ipsecuser = @ipsecuser@ +libdir = @libdir@ +libexecdir = @libexecdir@ +libstrongswan_plugins = @libstrongswan_plugins@ +linuxdir = @linuxdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +piddir = @piddir@ +plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +resolv_conf = @resolv_conf@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +simreader = @simreader@ +srcdir = @srcdir@ +strongswan_conf = @strongswan_conf@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +INCLUDES = -I$(top_srcdir)/src/libstrongswan +AM_CFLAGS = -rdynamic $(LIBGCRYPT_CFLAGS) +plugin_LTLIBRARIES = libstrongswan-gcrypt.la +libstrongswan_gcrypt_la_SOURCES = gcrypt_plugin.h gcrypt_plugin.c \ + gcrypt_rsa_public_key.h gcrypt_rsa_public_key.c \ + gcrypt_rsa_private_key.h gcrypt_rsa_private_key.c \ + gcrypt_dh.h gcrypt_dh.c \ + gcrypt_rng.h gcrypt_rng.c \ + gcrypt_crypter.h gcrypt_crypter.c \ + gcrypt_hasher.h gcrypt_hasher.c + +libstrongswan_gcrypt_la_LDFLAGS = -module +libstrongswan_gcrypt_la_LIBADD = $(LIBGCRYPT_LIBS) +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/gcrypt/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libstrongswan/plugins/gcrypt/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(plugindir)/$$f"; \ + else :; fi; \ + done + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$p'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$p"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libstrongswan-gcrypt.la: $(libstrongswan_gcrypt_la_OBJECTS) $(libstrongswan_gcrypt_la_DEPENDENCIES) + $(libstrongswan_gcrypt_la_LINK) -rpath $(plugindir) $(libstrongswan_gcrypt_la_OBJECTS) $(libstrongswan_gcrypt_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gcrypt_crypter.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gcrypt_dh.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gcrypt_hasher.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gcrypt_plugin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gcrypt_rng.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gcrypt_rsa_private_key.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gcrypt_rsa_public_key.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) +installdirs: + for dir in "$(DESTDIR)$(plugindir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-exec-am: + +install-html: install-html-am + +install-info: install-info-am + +install-man: + +install-pdf: install-pdf-am + +install-ps: install-ps-am + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-pluginLTLIBRARIES ctags distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-pluginLTLIBRARIES \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c new file mode 100644 index 000000000..f82d23185 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.c @@ -0,0 +1,252 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "gcrypt_crypter.h" + +#include <gcrypt.h> + +#include <debug.h> + +typedef struct private_gcrypt_crypter_t private_gcrypt_crypter_t; + +/** + * Private data of gcrypt_crypter_t + */ +struct private_gcrypt_crypter_t { + + /** + * Public part of this class. + */ + gcrypt_crypter_t public; + + /** + * gcrypt cipher handle + */ + gcry_cipher_hd_t h; + + /** + * gcrypt algorithm identifier + */ + int alg; +}; + +/** + * Implementation of crypter_t.decrypt. + */ +static void decrypt(private_gcrypt_crypter_t *this, chunk_t data, + chunk_t iv, chunk_t *dst) +{ + gcry_cipher_setiv(this->h, iv.ptr, iv.len); + + if (dst) + { + *dst = chunk_alloc(data.len); + gcry_cipher_decrypt(this->h, dst->ptr, dst->len, data.ptr, data.len); + } + else + { + gcry_cipher_decrypt(this->h, data.ptr, data.len, NULL, 0); + } +} + +/** + * Implementation of crypter_t.encrypt. + */ +static void encrypt(private_gcrypt_crypter_t *this, chunk_t data, + chunk_t iv, chunk_t *dst) +{ + gcry_cipher_setiv(this->h, iv.ptr, iv.len); + + if (dst) + { + *dst = chunk_alloc(data.len); + gcry_cipher_encrypt(this->h, dst->ptr, dst->len, data.ptr, data.len); + } + else + { + gcry_cipher_encrypt(this->h, data.ptr, data.len, NULL, 0); + } +} + +/** + * Implementation of crypter_t.get_block_size. + */ +static size_t get_block_size(private_gcrypt_crypter_t *this) +{ + size_t len = 0; + + gcry_cipher_algo_info(this->alg, GCRYCTL_GET_BLKLEN, NULL, &len); + return len; +} + +/** + * Implementation of crypter_t.get_key_size. + */ +static size_t get_key_size(private_gcrypt_crypter_t *this) +{ + size_t len = 0; + + gcry_cipher_algo_info(this->alg, GCRYCTL_GET_KEYLEN, NULL, &len); + return len; +} + +/** + * Implementation of crypter_t.set_key. + */ +static void set_key(private_gcrypt_crypter_t *this, chunk_t key) +{ + gcry_cipher_setkey(this->h, key.ptr, key.len); +} + +/** + * Implementation of crypter_t.destroy. + */ +static void destroy (private_gcrypt_crypter_t *this) +{ + gcry_cipher_close(this->h); + free(this); +} + +/* + * Described in header + */ +gcrypt_crypter_t *gcrypt_crypter_create(encryption_algorithm_t algo, + size_t key_size) +{ + private_gcrypt_crypter_t *this; + int gcrypt_alg; + int mode = GCRY_CIPHER_MODE_CBC; + gcry_error_t err; + + switch (algo) + { + case ENCR_DES: + gcrypt_alg = GCRY_CIPHER_DES; + break; + case ENCR_DES_ECB: + gcrypt_alg = GCRY_CIPHER_DES; + mode = GCRY_CIPHER_MODE_ECB; + break; + case ENCR_3DES: + gcrypt_alg = GCRY_CIPHER_3DES; + break; + case ENCR_IDEA: + /* currently not implemented in gcrypt */ + return NULL; + case ENCR_CAST: + gcrypt_alg = GCRY_CIPHER_CAST5; + break; + case ENCR_BLOWFISH: + if (key_size != 16) + { /* gcrypt currently supports 128 bit blowfish only */ + return NULL; + } + gcrypt_alg = GCRY_CIPHER_BLOWFISH; + break; + /* case ENCR_AES_CTR: + mode = GCRY_CIPHER_MODE_CTR; */ + /* fall */ + case ENCR_AES_CBC: + switch (key_size) + { + case 16: + gcrypt_alg = GCRY_CIPHER_AES128; + break; + case 24: + gcrypt_alg = GCRY_CIPHER_AES192; + break; + case 32: + gcrypt_alg = GCRY_CIPHER_AES256; + break; + default: + return NULL; + } + break; + /* case ENCR_CAMELLIA_CTR: + mode = GCRY_CIPHER_MODE_CTR; */ + /* fall */ + case ENCR_CAMELLIA_CBC: + switch (key_size) + { +#ifdef HAVE_GCRY_CIPHER_CAMELLIA + case 16: + gcrypt_alg = GCRY_CIPHER_CAMELLIA128; + break; + case 24: + gcrypt_alg = GCRY_CIPHER_CAMELLIA192; + break; + case 32: + gcrypt_alg = GCRY_CIPHER_CAMELLIA256; + break; +#endif /* HAVE_GCRY_CIPHER_CAMELLIA */ + default: + return NULL; + } + break; + case ENCR_SERPENT_CBC: + switch (key_size) + { + case 16: + gcrypt_alg = GCRY_CIPHER_SERPENT128; + break; + case 24: + gcrypt_alg = GCRY_CIPHER_SERPENT192; + break; + case 32: + gcrypt_alg = GCRY_CIPHER_SERPENT256; + break; + default: + return NULL; + } + break; + case ENCR_TWOFISH_CBC: + switch (key_size) + { + case 16: + gcrypt_alg = GCRY_CIPHER_TWOFISH128; + break; + case 32: + gcrypt_alg = GCRY_CIPHER_TWOFISH; + break; + default: + return NULL; + } + break; + default: + return NULL; + } + + this = malloc_thing(private_gcrypt_crypter_t); + + this->alg = gcrypt_alg; + err = gcry_cipher_open(&this->h, gcrypt_alg, mode, 0); + if (err) + { + DBG1("grcy_cipher_open(%N) failed: %s", + encryption_algorithm_names, algo, gpg_strerror(err)); + free(this); + return NULL; + } + + this->public.crypter_interface.encrypt = (void (*) (crypter_t *, chunk_t,chunk_t, chunk_t *))encrypt; + this->public.crypter_interface.decrypt = (void (*) (crypter_t *, chunk_t , chunk_t, chunk_t *))decrypt; + this->public.crypter_interface.get_block_size = (size_t (*) (crypter_t *))get_block_size; + this->public.crypter_interface.get_key_size = (size_t (*) (crypter_t *))get_key_size; + this->public.crypter_interface.set_key = (void (*) (crypter_t *,chunk_t))set_key; + this->public.crypter_interface.destroy = (void (*) (crypter_t *))destroy; + + return &this->public; +} + diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.h b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.h new file mode 100644 index 000000000..c5a5e6723 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_crypter.h @@ -0,0 +1,49 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup gcrypt_crypter gcrypt_crypter + * @{ @ingroup gcrypt_p + */ + +#ifndef GCRYPT_CRYPTER_H_ +#define GCRYPT_CRYPTER_H_ + +typedef struct gcrypt_crypter_t gcrypt_crypter_t; + +#include <crypto/crypters/crypter.h> + +/** + * Implementation of crypters using gcrypt. + */ +struct gcrypt_crypter_t { + + /** + * The crypter_t interface. + */ + crypter_t crypter_interface; +}; + +/** + * Constructor to create gcrypt_crypter_t. + * + * @param algo algorithm to implement + * @param key_size key size in bytes + * @return gcrypt_crypter_t, NULL if not supported + */ +gcrypt_crypter_t *gcrypt_crypter_create(encryption_algorithm_t algo, + size_t key_size); + +#endif /** GCRYPT_CRYPTER_H_ @}*/ diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c new file mode 100644 index 000000000..89d9f2348 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c @@ -0,0 +1,564 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <gcrypt.h> + +#include "gcrypt_dh.h" + +#include <debug.h> + +/** + * Modulus of Group 1 (MODP_768_BIT). + */ +static u_int8_t group1_modulus[] = { + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x3A,0x36,0x20,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF +}; + +/** + * Modulus of Group 2 (MODP_1024_BIT). + */ +static u_int8_t group2_modulus[] = { + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE6,0x53,0x81,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF +}; + +/** + * Modulus of Group 5 (MODP_1536_BIT). + */ +static u_int8_t group5_modulus[] = { + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x23,0x73,0x27,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF +}; +/** + * Modulus of Group 14 (MODP_2048_BIT). + */ +static u_int8_t group14_modulus[] = { + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, + 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, + 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, + 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, + 0x15,0x72,0x8E,0x5A,0x8A,0xAC,0xAA,0x68,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF +}; + +/** + * Modulus of Group 15 (MODP_3072_BIT). + */ +static u_int8_t group15_modulus[] = { + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, + 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, + 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, + 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, + 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, + 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, + 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, + 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, + 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, + 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, + 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, + 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, + 0x4B,0x82,0xD1,0x20,0xA9,0x3A,0xD2,0xCA,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF +}; + +/** + * Modulus of Group 16 (MODP_4096_BIT). + */ +static u_int8_t group16_modulus[] = { + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, + 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, + 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, + 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, + 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, + 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, + 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, + 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, + 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, + 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, + 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, + 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, + 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, + 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, + 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, + 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, + 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, + 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, + 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, + 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, + 0x4D,0xF4,0x35,0xC9,0x34,0x06,0x31,0x99,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF +}; + +/** + * Modulus of Group 17 (MODP_6144_BIT). + */ +static u_int8_t group17_modulus[] = { + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, + 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, + 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, + 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, + 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, + 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, + 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, + 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, + 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, + 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, + 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, + 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, + 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, + 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, + 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, + 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, + 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, + 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, + 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, + 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, + 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26, + 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD, + 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE, + 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18, + 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B, + 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42, + 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC, + 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6, + 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E, + 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE, + 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA, + 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0, + 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76, + 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C, + 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68, + 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6, + 0xE6,0x94,0xF9,0x1E,0x6D,0xCC,0x40,0x24,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF +}; + +/** + * Modulus of Group 18 (MODP_8192_BIT). + */ +static u_int8_t group18_modulus[] = { + 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, + 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, + 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, + 0xF4,0x4C,0x42,0xE9,0xA6,0x37,0xED,0x6B,0x0B,0xFF,0x5C,0xB6,0xF4,0x06,0xB7,0xED, + 0xEE,0x38,0x6B,0xFB,0x5A,0x89,0x9F,0xA5,0xAE,0x9F,0x24,0x11,0x7C,0x4B,0x1F,0xE6, + 0x49,0x28,0x66,0x51,0xEC,0xE4,0x5B,0x3D,0xC2,0x00,0x7C,0xB8,0xA1,0x63,0xBF,0x05, + 0x98,0xDA,0x48,0x36,0x1C,0x55,0xD3,0x9A,0x69,0x16,0x3F,0xA8,0xFD,0x24,0xCF,0x5F, + 0x83,0x65,0x5D,0x23,0xDC,0xA3,0xAD,0x96,0x1C,0x62,0xF3,0x56,0x20,0x85,0x52,0xBB, + 0x9E,0xD5,0x29,0x07,0x70,0x96,0x96,0x6D,0x67,0x0C,0x35,0x4E,0x4A,0xBC,0x98,0x04, + 0xF1,0x74,0x6C,0x08,0xCA,0x18,0x21,0x7C,0x32,0x90,0x5E,0x46,0x2E,0x36,0xCE,0x3B, + 0xE3,0x9E,0x77,0x2C,0x18,0x0E,0x86,0x03,0x9B,0x27,0x83,0xA2,0xEC,0x07,0xA2,0x8F, + 0xB5,0xC5,0x5D,0xF0,0x6F,0x4C,0x52,0xC9,0xDE,0x2B,0xCB,0xF6,0x95,0x58,0x17,0x18, + 0x39,0x95,0x49,0x7C,0xEA,0x95,0x6A,0xE5,0x15,0xD2,0x26,0x18,0x98,0xFA,0x05,0x10, + 0x15,0x72,0x8E,0x5A,0x8A,0xAA,0xC4,0x2D,0xAD,0x33,0x17,0x0D,0x04,0x50,0x7A,0x33, + 0xA8,0x55,0x21,0xAB,0xDF,0x1C,0xBA,0x64,0xEC,0xFB,0x85,0x04,0x58,0xDB,0xEF,0x0A, + 0x8A,0xEA,0x71,0x57,0x5D,0x06,0x0C,0x7D,0xB3,0x97,0x0F,0x85,0xA6,0xE1,0xE4,0xC7, + 0xAB,0xF5,0xAE,0x8C,0xDB,0x09,0x33,0xD7,0x1E,0x8C,0x94,0xE0,0x4A,0x25,0x61,0x9D, + 0xCE,0xE3,0xD2,0x26,0x1A,0xD2,0xEE,0x6B,0xF1,0x2F,0xFA,0x06,0xD9,0x8A,0x08,0x64, + 0xD8,0x76,0x02,0x73,0x3E,0xC8,0x6A,0x64,0x52,0x1F,0x2B,0x18,0x17,0x7B,0x20,0x0C, + 0xBB,0xE1,0x17,0x57,0x7A,0x61,0x5D,0x6C,0x77,0x09,0x88,0xC0,0xBA,0xD9,0x46,0xE2, + 0x08,0xE2,0x4F,0xA0,0x74,0xE5,0xAB,0x31,0x43,0xDB,0x5B,0xFC,0xE0,0xFD,0x10,0x8E, + 0x4B,0x82,0xD1,0x20,0xA9,0x21,0x08,0x01,0x1A,0x72,0x3C,0x12,0xA7,0x87,0xE6,0xD7, + 0x88,0x71,0x9A,0x10,0xBD,0xBA,0x5B,0x26,0x99,0xC3,0x27,0x18,0x6A,0xF4,0xE2,0x3C, + 0x1A,0x94,0x68,0x34,0xB6,0x15,0x0B,0xDA,0x25,0x83,0xE9,0xCA,0x2A,0xD4,0x4C,0xE8, + 0xDB,0xBB,0xC2,0xDB,0x04,0xDE,0x8E,0xF9,0x2E,0x8E,0xFC,0x14,0x1F,0xBE,0xCA,0xA6, + 0x28,0x7C,0x59,0x47,0x4E,0x6B,0xC0,0x5D,0x99,0xB2,0x96,0x4F,0xA0,0x90,0xC3,0xA2, + 0x23,0x3B,0xA1,0x86,0x51,0x5B,0xE7,0xED,0x1F,0x61,0x29,0x70,0xCE,0xE2,0xD7,0xAF, + 0xB8,0x1B,0xDD,0x76,0x21,0x70,0x48,0x1C,0xD0,0x06,0x91,0x27,0xD5,0xB0,0x5A,0xA9, + 0x93,0xB4,0xEA,0x98,0x8D,0x8F,0xDD,0xC1,0x86,0xFF,0xB7,0xDC,0x90,0xA6,0xC0,0x8F, + 0x4D,0xF4,0x35,0xC9,0x34,0x02,0x84,0x92,0x36,0xC3,0xFA,0xB4,0xD2,0x7C,0x70,0x26, + 0xC1,0xD4,0xDC,0xB2,0x60,0x26,0x46,0xDE,0xC9,0x75,0x1E,0x76,0x3D,0xBA,0x37,0xBD, + 0xF8,0xFF,0x94,0x06,0xAD,0x9E,0x53,0x0E,0xE5,0xDB,0x38,0x2F,0x41,0x30,0x01,0xAE, + 0xB0,0x6A,0x53,0xED,0x90,0x27,0xD8,0x31,0x17,0x97,0x27,0xB0,0x86,0x5A,0x89,0x18, + 0xDA,0x3E,0xDB,0xEB,0xCF,0x9B,0x14,0xED,0x44,0xCE,0x6C,0xBA,0xCE,0xD4,0xBB,0x1B, + 0xDB,0x7F,0x14,0x47,0xE6,0xCC,0x25,0x4B,0x33,0x20,0x51,0x51,0x2B,0xD7,0xAF,0x42, + 0x6F,0xB8,0xF4,0x01,0x37,0x8C,0xD2,0xBF,0x59,0x83,0xCA,0x01,0xC6,0x4B,0x92,0xEC, + 0xF0,0x32,0xEA,0x15,0xD1,0x72,0x1D,0x03,0xF4,0x82,0xD7,0xCE,0x6E,0x74,0xFE,0xF6, + 0xD5,0x5E,0x70,0x2F,0x46,0x98,0x0C,0x82,0xB5,0xA8,0x40,0x31,0x90,0x0B,0x1C,0x9E, + 0x59,0xE7,0xC9,0x7F,0xBE,0xC7,0xE8,0xF3,0x23,0xA9,0x7A,0x7E,0x36,0xCC,0x88,0xBE, + 0x0F,0x1D,0x45,0xB7,0xFF,0x58,0x5A,0xC5,0x4B,0xD4,0x07,0xB2,0x2B,0x41,0x54,0xAA, + 0xCC,0x8F,0x6D,0x7E,0xBF,0x48,0xE1,0xD8,0x14,0xCC,0x5E,0xD2,0x0F,0x80,0x37,0xE0, + 0xA7,0x97,0x15,0xEE,0xF2,0x9B,0xE3,0x28,0x06,0xA1,0xD5,0x8B,0xB7,0xC5,0xDA,0x76, + 0xF5,0x50,0xAA,0x3D,0x8A,0x1F,0xBF,0xF0,0xEB,0x19,0xCC,0xB1,0xA3,0x13,0xD5,0x5C, + 0xDA,0x56,0xC9,0xEC,0x2E,0xF2,0x96,0x32,0x38,0x7F,0xE8,0xD7,0x6E,0x3C,0x04,0x68, + 0x04,0x3E,0x8F,0x66,0x3F,0x48,0x60,0xEE,0x12,0xBF,0x2D,0x5B,0x0B,0x74,0x74,0xD6, + 0xE6,0x94,0xF9,0x1E,0x6D,0xBE,0x11,0x59,0x74,0xA3,0x92,0x6F,0x12,0xFE,0xE5,0xE4, + 0x38,0x77,0x7C,0xB6,0xA9,0x32,0xDF,0x8C,0xD8,0xBE,0xC4,0xD0,0x73,0xB9,0x31,0xBA, + 0x3B,0xC8,0x32,0xB6,0x8D,0x9D,0xD3,0x00,0x74,0x1F,0xA7,0xBF,0x8A,0xFC,0x47,0xED, + 0x25,0x76,0xF6,0x93,0x6B,0xA4,0x24,0x66,0x3A,0xAB,0x63,0x9C,0x5A,0xE4,0xF5,0x68, + 0x34,0x23,0xB4,0x74,0x2B,0xF1,0xC9,0x78,0x23,0x8F,0x16,0xCB,0xE3,0x9D,0x65,0x2D, + 0xE3,0xFD,0xB8,0xBE,0xFC,0x84,0x8A,0xD9,0x22,0x22,0x2E,0x04,0xA4,0x03,0x7C,0x07, + 0x13,0xEB,0x57,0xA8,0x1A,0x23,0xF0,0xC7,0x34,0x73,0xFC,0x64,0x6C,0xEA,0x30,0x6B, + 0x4B,0xCB,0xC8,0x86,0x2F,0x83,0x85,0xDD,0xFA,0x9D,0x4B,0x7F,0xA2,0xC0,0x87,0xE8, + 0x79,0x68,0x33,0x03,0xED,0x5B,0xDD,0x3A,0x06,0x2B,0x3C,0xF5,0xB3,0xA2,0x78,0xA6, + 0x6D,0x2A,0x13,0xF8,0x3F,0x44,0xF8,0x2D,0xDF,0x31,0x0E,0xE0,0x74,0xAB,0x6A,0x36, + 0x45,0x97,0xE8,0x99,0xA0,0x25,0x5D,0xC1,0x64,0xF3,0x1C,0xC5,0x08,0x46,0x85,0x1D, + 0xF9,0xAB,0x48,0x19,0x5D,0xED,0x7E,0xA1,0xB1,0xD5,0x10,0xBD,0x7E,0xE7,0x4D,0x73, + 0xFA,0xF3,0x6B,0xC3,0x1E,0xCF,0xA2,0x68,0x35,0x90,0x46,0xF4,0xEB,0x87,0x9F,0x92, + 0x40,0x09,0x43,0x8B,0x48,0x1C,0x6C,0xD7,0x88,0x9A,0x00,0x2E,0xD5,0xEE,0x38,0x2B, + 0xC9,0x19,0x0D,0xA6,0xFC,0x02,0x6E,0x47,0x95,0x58,0xE4,0x47,0x56,0x77,0xE9,0xAA, + 0x9E,0x30,0x50,0xE2,0x76,0x56,0x94,0xDF,0xC8,0x1F,0x56,0xE8,0x80,0xB9,0x6E,0x71, + 0x60,0xC9,0x80,0xDD,0x98,0xED,0xD3,0xDF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF, +}; + +typedef struct modulus_entry_t modulus_entry_t; + +/** + * Entry of the modulus list. + */ +struct modulus_entry_t { + /** IKEv2 DH group */ + diffie_hellman_group_t group; + /** modulus */ + chunk_t modulus; + /** optimum length of exponent in bytes */ + size_t opt_len; + /** generator */ + u_int16_t g; +}; + +/** + * All supported modulus values - optimum exponent size according to RFC 3526. + */ +static modulus_entry_t modulus_entries[] = { + {MODP_768_BIT, {group1_modulus, sizeof(group1_modulus)}, 32, 2}, + {MODP_1024_BIT, {group2_modulus, sizeof(group2_modulus)}, 32, 2}, + {MODP_1536_BIT, {group5_modulus, sizeof(group5_modulus)}, 32, 2}, + {MODP_2048_BIT, {group14_modulus, sizeof(group14_modulus)}, 48, 2}, + {MODP_3072_BIT, {group15_modulus, sizeof(group15_modulus)}, 48, 2}, + {MODP_4096_BIT, {group16_modulus, sizeof(group16_modulus)}, 64, 2}, + {MODP_6144_BIT, {group17_modulus, sizeof(group17_modulus)}, 64, 2}, + {MODP_8192_BIT, {group18_modulus, sizeof(group18_modulus)}, 64, 2}, +}; + +/** + * Lookup the modulus in modulo table + */ +static modulus_entry_t *find_entry(diffie_hellman_group_t group) +{ + int i; + + for (i = 0; i < countof(modulus_entries); i++) + { + if (modulus_entries[i].group == group) + { + return &modulus_entries[i]; + } + } + return NULL; +} + +typedef struct private_gcrypt_dh_t private_gcrypt_dh_t; + +/** + * Private data of an gcrypt_dh_t object. + */ +struct private_gcrypt_dh_t { + + /** + * Public gcrypt_dh_t interface + */ + gcrypt_dh_t public; + + /** + * Diffie Hellman group number + */ + u_int16_t group; + + /* + * Generator value + */ + gcry_mpi_t g; + + /** + * Own private value + */ + gcry_mpi_t xa; + + /** + * Own public value + */ + gcry_mpi_t ya; + + /** + * Other public value + */ + gcry_mpi_t yb; + + /** + * Shared secret + */ + gcry_mpi_t zz; + + /** + * Modulus + */ + gcry_mpi_t p; + + /** + * Modulus length. + */ + size_t p_len; +}; + +/** + * Implementation of gcrypt_dh_t.set_other_public_value. + */ +static void set_other_public_value(private_gcrypt_dh_t *this, chunk_t value) +{ + gcry_mpi_t p_min_1; + gcry_error_t err; + + if (this->yb) + { + gcry_mpi_release(this->yb); + this->yb = NULL; + } + err = gcry_mpi_scan(&this->yb, GCRYMPI_FMT_USG, value.ptr, value.len, NULL); + if (err) + { + DBG1("importing mpi yb failed: %s", gpg_strerror(err)); + return; + } + + p_min_1 = gcry_mpi_new(this->p_len * 8); + gcry_mpi_sub_ui(p_min_1, this->p, 1); + + /* check public value: + * 1. 0 or 1 is invalid as 0^a = 0 and 1^a = 1 + * 2. a public value larger or equal the modulus is invalid */ + if (gcry_mpi_cmp_ui(this->yb, 1) > 0 && + gcry_mpi_cmp(this->yb, p_min_1) < 0) + { + if (!this->zz) + { + this->zz = gcry_mpi_new(this->p_len * 8); + } + gcry_mpi_powm(this->zz, this->yb, this->xa, this->p); + } + else + { + DBG1("public DH value verification failed: y < 2 || y > p - 1 "); + } + gcry_mpi_release(p_min_1); +} + +/** + * export a gcry_mpi to an allocated chunk of len bytes + */ +static chunk_t export_mpi(gcry_mpi_t value, size_t len) +{ + chunk_t chunk; + size_t written; + + chunk = chunk_alloc(len); + gcry_mpi_print(GCRYMPI_FMT_USG, chunk.ptr, chunk.len, &written, value); + if (written < len) + { /* right-align number of written bytes in chunk */ + memmove(chunk.ptr + (len - written), chunk.ptr, written); + memset(chunk.ptr, 0, len - written); + } + return chunk; +} + +/** + * Implementation of gcrypt_dh_t.get_my_public_value. + */ +static void get_my_public_value(private_gcrypt_dh_t *this, chunk_t *value) +{ + *value = export_mpi(this->ya, this->p_len); +} + +/** + * Implementation of gcrypt_dh_t.get_shared_secret. + */ +static status_t get_shared_secret(private_gcrypt_dh_t *this, chunk_t *secret) +{ + if (!this->zz) + { + return FAILED; + } + *secret = export_mpi(this->zz, this->p_len); + return SUCCESS; +} + +/** + * Implementation of gcrypt_dh_t.get_dh_group. + */ +static diffie_hellman_group_t get_dh_group(private_gcrypt_dh_t *this) +{ + return this->group; +} + +/** + * Implementation of gcrypt_dh_t.destroy. + */ +static void destroy(private_gcrypt_dh_t *this) +{ + gcry_mpi_release(this->p); + gcry_mpi_release(this->xa); + gcry_mpi_release(this->ya); + gcry_mpi_release(this->g); + gcry_mpi_release(this->yb); + gcry_mpi_release(this->zz); + free(this); +} + +/* + * Described in header. + */ +gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group) +{ + private_gcrypt_dh_t *this; + modulus_entry_t *entry; + gcry_error_t err; + chunk_t random; + rng_t *rng; + size_t len; + + entry = find_entry(group); + if (!entry) + { + return NULL; + } + + this = malloc_thing(private_gcrypt_dh_t); + + this->public.dh.get_shared_secret = (status_t (*)(diffie_hellman_t *, chunk_t *)) get_shared_secret; + this->public.dh.set_other_public_value = (void (*)(diffie_hellman_t *, chunk_t )) set_other_public_value; + this->public.dh.get_my_public_value = (void (*)(diffie_hellman_t *, chunk_t *)) get_my_public_value; + this->public.dh.get_dh_group = (diffie_hellman_group_t (*)(diffie_hellman_t *)) get_dh_group; + this->public.dh.destroy = (void (*)(diffie_hellman_t *)) destroy; + + this->group = group; + this->p_len = entry->modulus.len; + err = gcry_mpi_scan(&this->p, GCRYMPI_FMT_USG, + entry->modulus.ptr, entry->modulus.len, NULL); + if (err) + { + DBG1("importing mpi modulus failed: %s", gpg_strerror(err)); + free(this); + return NULL; + } + if (lib->settings->get_int(lib->settings, + "libstrongswan.dh_exponent_ansi_x9_42", TRUE)) + { + len = this->p_len; + } + else + { + len = entry->opt_len; + } + + rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG); + if (rng) + { /* prefer external randomizer */ + rng->allocate_bytes(rng, len, &random); + rng->destroy(rng); + err = gcry_mpi_scan(&this->xa, GCRYMPI_FMT_USG, + random.ptr, random.len, NULL); + chunk_clear(&random); + if (err) + { + DBG1("importing mpi xa failed: %s", gpg_strerror(err)); + gcry_mpi_release(this->p); + free(this); + return NULL; + } + } + else + { /* fallback to gcrypt internal randomizer, shouldn't ever happen */ + this->xa = gcry_mpi_new(len * 8); + gcry_mpi_randomize(this->xa, len * 8, GCRY_STRONG_RANDOM); + } + if (len == this->p_len) + { + /* achieve bitsof(p)-1 by setting MSB to 0 */ + gcry_mpi_clear_bit(this->xa, len * 8 - 1); + } + + this->g = gcry_mpi_set_ui(NULL, entry->g); + this->ya = gcry_mpi_new(this->p_len * 8); + this->yb = NULL; + this->zz = NULL; + + gcry_mpi_powm(this->ya, this->g, this->xa, this->p); + + return &this->public; +} + diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.h b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.h new file mode 100644 index 000000000..dbef96ca7 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.h @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup gcrypt_dh gcrypt_dh + * @{ @ingroup gcrypt_p + */ + +#ifndef GCRYPT_DH_H_ +#define GCRYPT_DH_H_ + +typedef struct gcrypt_dh_t gcrypt_dh_t; + +#include <library.h> + +/** + * Implementation of the Diffie-Hellman algorithm using libgcrypt mpi. + */ +struct gcrypt_dh_t { + + /** + * Implements diffie_hellman_t interface. + */ + diffie_hellman_t dh; +}; + +/** + * Creates a new gcrypt_dh_t object. + * + * @param group Diffie Hellman group number to use + * @return gcrypt_dh_t object, NULL if not supported + */ +gcrypt_dh_t *gcrypt_dh_create(diffie_hellman_group_t group); + +#endif /** GCRYPT_DH_H_ @}*/ + diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c new file mode 100644 index 000000000..785ebda90 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.c @@ -0,0 +1,151 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "gcrypt_hasher.h" + +#include <debug.h> + +#include <gcrypt.h> + +typedef struct private_gcrypt_hasher_t private_gcrypt_hasher_t; + +/** + * Private data of gcrypt_hasher_t + */ +struct private_gcrypt_hasher_t { + + /** + * Public part of this class. + */ + gcrypt_hasher_t public; + + /** + * gcrypt hasher context + */ + gcry_md_hd_t hd; +}; + +/** + * Implementation of hasher_t.get_hash_size. + */ +static size_t get_hash_size(private_gcrypt_hasher_t *this) +{ + return gcry_md_get_algo_dlen(gcry_md_get_algo(this->hd)); +} + +/** + * Implementation of hasher_t.reset. + */ +static void reset(private_gcrypt_hasher_t *this) +{ + gcry_md_reset(this->hd); +} + +/** + * Implementation of hasher_t.get_hash. + */ +static void get_hash(private_gcrypt_hasher_t *this, chunk_t chunk, + u_int8_t *hash) +{ + gcry_md_write(this->hd, chunk.ptr, chunk.len); + if (hash) + { + memcpy(hash, gcry_md_read(this->hd, 0), get_hash_size(this)); + gcry_md_reset(this->hd); + } +} + +/** + * Implementation of hasher_t.allocate_hash. + */ +static void allocate_hash(private_gcrypt_hasher_t *this, chunk_t chunk, + chunk_t *hash) +{ + if (hash) + { + *hash = chunk_alloc(get_hash_size(this)); + get_hash(this, chunk, hash->ptr); + } + else + { + get_hash(this, chunk, NULL); + } +} + +/** + * Implementation of hasher_t.destroy. + */ +static void destroy (private_gcrypt_hasher_t *this) +{ + gcry_md_close(this->hd); + free(this); +} + +/* + * Described in header + */ +gcrypt_hasher_t *gcrypt_hasher_create(hash_algorithm_t algo) +{ + private_gcrypt_hasher_t *this; + int gcrypt_alg; + gcry_error_t err; + + switch (algo) + { + case HASH_MD2: + gcrypt_alg = GCRY_MD_MD2; + break; + case HASH_MD4: + gcrypt_alg = GCRY_MD_MD4; + break; + case HASH_MD5: + gcrypt_alg = GCRY_MD_MD5; + break; + case HASH_SHA1: + gcrypt_alg = GCRY_MD_SHA1; + break; + case HASH_SHA256: + gcrypt_alg = GCRY_MD_SHA256; + break; + case HASH_SHA384: + gcrypt_alg = GCRY_MD_SHA384; + break; + case HASH_SHA512: + gcrypt_alg = GCRY_MD_SHA512; + break; + default: + return NULL; + } + + this = malloc_thing(private_gcrypt_hasher_t); + + err = gcry_md_open(&this->hd, gcrypt_alg, 0); + if (err) + { + DBG1("grcy_md_open(%N) failed: %s", + hash_algorithm_names, algo, gpg_strerror(err)); + free(this); + return NULL; + } + + this->public.hasher_interface.get_hash = (void (*) (hasher_t*, chunk_t, u_int8_t*))get_hash; + this->public.hasher_interface.allocate_hash = (void (*) (hasher_t*, chunk_t, chunk_t*))allocate_hash; + this->public.hasher_interface.get_hash_size = (size_t (*) (hasher_t*))get_hash_size; + this->public.hasher_interface.reset = (void (*) (hasher_t*))reset; + this->public.hasher_interface.destroy = (void (*) (hasher_t*))destroy; + + return &this->public; +} + diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.h b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.h new file mode 100644 index 000000000..6f724fba8 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_hasher.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup gcrypt_hasher gcrypt_hasher + * @{ @ingroup gcrypt_p + */ + +#ifndef GCRYPT_HASHER_H_ +#define GCRYPT_HASHER_H_ + +typedef struct gcrypt_hasher_t gcrypt_hasher_t; + +#include <crypto/hashers/hasher.h> + +/** + * Implementation of hashers using libgcrypt. + */ +struct gcrypt_hasher_t { + + /** + * The hasher_t interface. + */ + hasher_t hasher_interface; +}; + +/** + * Constructor to create gcrypt_hasher_t. + * + * @param algo algorithm + * @return gcrypt_hasher_t, NULL if not supported + */ +gcrypt_hasher_t *gcrypt_hasher_create(hash_algorithm_t algo); + +#endif /** GCRYPT_HASHER_H_ @}*/ diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c new file mode 100644 index 000000000..547329dde --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c @@ -0,0 +1,212 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "gcrypt_plugin.h" + +#include "gcrypt_hasher.h" +#include "gcrypt_crypter.h" +#include "gcrypt_rng.h" +#include "gcrypt_dh.h" +#include "gcrypt_rsa_private_key.h" +#include "gcrypt_rsa_public_key.h" + +#include <library.h> +#include <debug.h> +#include <utils/mutex.h> + +#include <errno.h> +#include <gcrypt.h> + +typedef struct private_gcrypt_plugin_t private_gcrypt_plugin_t; + +/** + * private data of gcrypt_plugin + */ +struct private_gcrypt_plugin_t { + + /** + * public functions + */ + gcrypt_plugin_t public; +}; + +/** + * gcrypt mutex initialization wrapper + */ +static int mutex_init(void **lock) +{ + *lock = mutex_create(MUTEX_DEFAULT); + return 0; +} + +/** + * gcrypt mutex cleanup wrapper + */ +static int mutex_destroy(void **lock) +{ + mutex_t *mutex = *lock; + + mutex->destroy(mutex); + return 0; +} + +/** + * gcrypt mutex lock wrapper + */ +static int mutex_lock(void **lock) +{ + mutex_t *mutex = *lock; + + mutex->lock(mutex); + return 0; +} + +/** + * gcrypt mutex unlock wrapper + */ +static int mutex_unlock(void **lock) +{ + mutex_t *mutex = *lock; + + mutex->unlock(mutex); + return 0; +} + +/** + * gcrypt locking functions using our mutex_t + */ +static struct gcry_thread_cbs thread_functions = { + GCRY_THREAD_OPTION_USER, NULL, + mutex_init, mutex_destroy, mutex_lock, mutex_unlock, + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL +}; + +/** + * Implementation of gcrypt_plugin_t.destroy + */ +static void destroy(private_gcrypt_plugin_t *this) +{ + lib->crypto->remove_hasher(lib->crypto, + (hasher_constructor_t)gcrypt_hasher_create); + lib->crypto->remove_crypter(lib->crypto, + (crypter_constructor_t)gcrypt_crypter_create); + lib->crypto->remove_rng(lib->crypto, + (rng_constructor_t)gcrypt_rng_create); + lib->crypto->remove_dh(lib->crypto, + (dh_constructor_t)gcrypt_dh_create); + lib->creds->remove_builder(lib->creds, + (builder_constructor_t)gcrypt_rsa_private_key_builder); + lib->creds->remove_builder(lib->creds, + (builder_constructor_t)gcrypt_rsa_public_key_builder); + free(this); +} + +/* + * see header file + */ +plugin_t *plugin_create() +{ + private_gcrypt_plugin_t *this; + + gcry_control(GCRYCTL_SET_THREAD_CBS, &thread_functions); + + if (!gcry_check_version(GCRYPT_VERSION)) + { + DBG1("libgcrypt version mismatch"); + return NULL; + } + + /* we currently do not use secure memory */ + gcry_control(GCRYCTL_DISABLE_SECMEM, 0); + if (lib->settings->get_bool(lib->settings, + "libstrongswan.plugins.gcrypt.quick_random", FALSE)) + { + gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0); + } + gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); + + this = malloc_thing(private_gcrypt_plugin_t); + + this->public.plugin.destroy = (void(*)(plugin_t*))destroy; + + /* hashers */ + lib->crypto->add_hasher(lib->crypto, HASH_SHA1, + (hasher_constructor_t)gcrypt_hasher_create); + lib->crypto->add_hasher(lib->crypto, HASH_MD4, + (hasher_constructor_t)gcrypt_hasher_create); + lib->crypto->add_hasher(lib->crypto, HASH_MD5, + (hasher_constructor_t)gcrypt_hasher_create); + lib->crypto->add_hasher(lib->crypto, HASH_SHA256, + (hasher_constructor_t)gcrypt_hasher_create); + lib->crypto->add_hasher(lib->crypto, HASH_SHA384, + (hasher_constructor_t)gcrypt_hasher_create); + lib->crypto->add_hasher(lib->crypto, HASH_SHA512, + (hasher_constructor_t)gcrypt_hasher_create); + + /* crypters */ + lib->crypto->add_crypter(lib->crypto, ENCR_3DES, + (crypter_constructor_t)gcrypt_crypter_create); + lib->crypto->add_crypter(lib->crypto, ENCR_CAST, + (crypter_constructor_t)gcrypt_crypter_create); + lib->crypto->add_crypter(lib->crypto, ENCR_BLOWFISH, + (crypter_constructor_t)gcrypt_crypter_create); + lib->crypto->add_crypter(lib->crypto, ENCR_DES, + (crypter_constructor_t)gcrypt_crypter_create); + lib->crypto->add_crypter(lib->crypto, ENCR_DES_ECB, + (crypter_constructor_t)gcrypt_crypter_create); + lib->crypto->add_crypter(lib->crypto, ENCR_AES_CBC, + (crypter_constructor_t)gcrypt_crypter_create); + lib->crypto->add_crypter(lib->crypto, ENCR_CAMELLIA_CBC, + (crypter_constructor_t)gcrypt_crypter_create); + lib->crypto->add_crypter(lib->crypto, ENCR_SERPENT_CBC, + (crypter_constructor_t)gcrypt_crypter_create); + lib->crypto->add_crypter(lib->crypto, ENCR_TWOFISH_CBC, + (crypter_constructor_t)gcrypt_crypter_create); + + /* random numbers */ + lib->crypto->add_rng(lib->crypto, RNG_WEAK, + (rng_constructor_t)gcrypt_rng_create); + lib->crypto->add_rng(lib->crypto, RNG_STRONG, + (rng_constructor_t)gcrypt_rng_create); + lib->crypto->add_rng(lib->crypto, RNG_TRUE, + (rng_constructor_t)gcrypt_rng_create); + + /* diffie hellman groups, using modp */ + lib->crypto->add_dh(lib->crypto, MODP_2048_BIT, + (dh_constructor_t)gcrypt_dh_create); + lib->crypto->add_dh(lib->crypto, MODP_1536_BIT, + (dh_constructor_t)gcrypt_dh_create); + lib->crypto->add_dh(lib->crypto, MODP_3072_BIT, + (dh_constructor_t)gcrypt_dh_create); + lib->crypto->add_dh(lib->crypto, MODP_4096_BIT, + (dh_constructor_t)gcrypt_dh_create); + lib->crypto->add_dh(lib->crypto, MODP_6144_BIT, + (dh_constructor_t)gcrypt_dh_create); + lib->crypto->add_dh(lib->crypto, MODP_8192_BIT, + (dh_constructor_t)gcrypt_dh_create); + lib->crypto->add_dh(lib->crypto, MODP_1024_BIT, + (dh_constructor_t)gcrypt_dh_create); + lib->crypto->add_dh(lib->crypto, MODP_768_BIT, + (dh_constructor_t)gcrypt_dh_create); + + /* RSA */ + lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, + (builder_constructor_t)gcrypt_rsa_private_key_builder); + lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, + (builder_constructor_t)gcrypt_rsa_public_key_builder); + + return &this->public.plugin; +} + diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h new file mode 100644 index 000000000..f2247ed5c --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup gcrypt_p gcrypt + * @ingroup plugins + * + * @defgroup gcrypt_plugin gcrypt_plugin + * @{ @ingroup gcrypt_p + */ + +#ifndef GCRYPT_PLUGIN_H_ +#define GCRYPT_PLUGIN_H_ + +#include <plugins/plugin.h> + +typedef struct gcrypt_plugin_t gcrypt_plugin_t; + +/** + * Plugin implementing crypto functions via libgcrypt. + */ +struct gcrypt_plugin_t { + + /** + * implements plugin interface + */ + plugin_t plugin; +}; + +/** + * Create a gcrypt_plugin instance. + */ +plugin_t *plugin_create(); + +#endif /** GCRYPT_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rng.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rng.c new file mode 100644 index 000000000..64b4eb8d0 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rng.c @@ -0,0 +1,103 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "gcrypt_rng.h" + +#include <gcrypt.h> + +typedef struct private_gcrypt_rng_t private_gcrypt_rng_t; + +/** + * Private data of an gcrypt_rng_t object. + */ +struct private_gcrypt_rng_t { + + /** + * Public gcrypt_rng_t interface. + */ + gcrypt_rng_t public; + + /** + * RNG quality of this instance + */ + rng_quality_t quality; +}; + +/** + * Implementation of gcrypt_rng_t.get_bytes. + */ +static void get_bytes(private_gcrypt_rng_t *this, size_t bytes, + u_int8_t *buffer) +{ + switch (this->quality) + { + case RNG_WEAK: + gcry_create_nonce(buffer, bytes); + break; + case RNG_STRONG: + gcry_randomize(buffer, bytes, GCRY_STRONG_RANDOM); + break; + case RNG_TRUE: + gcry_randomize(buffer, bytes, GCRY_VERY_STRONG_RANDOM); + break; + } +} + +/** + * Implementation of gcrypt_rng_t.allocate_bytes. + */ +static void allocate_bytes(private_gcrypt_rng_t *this, size_t bytes, + chunk_t *chunk) +{ + *chunk = chunk_alloc(bytes); + get_bytes(this, chunk->len, chunk->ptr); +} + +/** + * Implementation of gcrypt_rng_t.destroy. + */ +static void destroy(private_gcrypt_rng_t *this) +{ + free(this); +} + +/* + * Described in header. + */ +gcrypt_rng_t *gcrypt_rng_create(rng_quality_t quality) +{ + private_gcrypt_rng_t *this; + + switch (quality) + { + case RNG_WEAK: + case RNG_STRONG: + case RNG_TRUE: + break; + default: + return NULL; + } + + this = malloc_thing(private_gcrypt_rng_t); + + this->public.rng.get_bytes = (void (*) (rng_t *, size_t, u_int8_t*)) get_bytes; + this->public.rng.allocate_bytes = (void (*) (rng_t *, size_t, chunk_t*)) allocate_bytes; + this->public.rng.destroy = (void (*) (rng_t *))destroy; + + this->quality = quality; + + return &this->public; +} + diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rng.h b/src/libstrongswan/plugins/gcrypt/gcrypt_rng.h new file mode 100644 index 000000000..3cfde8447 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rng.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup gcrypt_rng gcrypt_rng + * @{ @ingroup gcrypt_p + */ + +#ifndef GCRYPT_RNG_H_ +#define GCRYPT_RNG_H_ + +typedef struct gcrypt_rng_t gcrypt_rng_t; + +#include <library.h> + +/** + * rng_t implementation using libgcrypt. + */ +struct gcrypt_rng_t { + + /** + * Implements rng_t. + */ + rng_t rng; +}; + +/** + * Creates an gcrypt_rng_t instance. + * + * @param quality required quality of gcryptness + * @return created gcrypt_rng_t + */ +gcrypt_rng_t *gcrypt_rng_create(rng_quality_t quality); + +#endif /** GCRYPT_RNG_H_ @} */ diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c new file mode 100644 index 000000000..611ab2467 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.c @@ -0,0 +1,734 @@ +/* + * Copyright (C) 2005-2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <gcrypt.h> + +#include "gcrypt_rsa_private_key.h" + +#include <debug.h> +#include <asn1/oid.h> +#include <asn1/asn1.h> +#include <asn1/asn1_parser.h> + +typedef struct private_gcrypt_rsa_private_key_t private_gcrypt_rsa_private_key_t; + +/** + * Private data of a gcrypt_rsa_private_key_t object. + */ +struct private_gcrypt_rsa_private_key_t { + + /** + * Public interface + */ + gcrypt_rsa_private_key_t public; + + /** + * gcrypt S-expression representing an RSA key + */ + gcry_sexp_t key; + + /** + * Keyid formed as a SHA-1 hash of a publicKey object + */ + identification_t* keyid; + + /** + * Keyid formed as a SHA-1 hash of a publicKeyInfo object + */ + identification_t* keyid_info; + + /** + * reference count + */ + refcount_t ref; +}; + +/** + * Implemented in gcrypt_rsa_public_key.c + */ +public_key_t *gcrypt_rsa_public_key_create_from_sexp(gcry_sexp_t key); + +/** + * find a token in a S-expression + */ +chunk_t gcrypt_rsa_find_token(gcry_sexp_t sexp, char *name) +{ + gcry_sexp_t token; + chunk_t data = chunk_empty; + + token = gcry_sexp_find_token(sexp, name, 1); + if (token) + { + data.ptr = (char*)gcry_sexp_nth_data(token, 1, &data.len); + if (!data.ptr) + { + data.len = 0; + } + data = chunk_clone(data); + gcry_sexp_release(token); + } + return data; +} + +/** + * Sign a chunk of data with direct PKCS#1 encoding, no hash OID + */ +static bool sign_raw(private_gcrypt_rsa_private_key_t *this, + chunk_t data, chunk_t *signature) +{ + gcry_sexp_t in, out; + gcry_error_t err; + chunk_t em; + size_t k; + + /* EM = 0x00 || 0x01 || PS || 0x00 || T + * PS = 0xFF padding, with length to fill em + * T = data + */ + k = gcry_pk_get_nbits(this->key) / 8; + if (data.len > k - 3) + { + return FALSE; + } + em = chunk_alloc(k); + memset(em.ptr, 0xFF, em.len); + em.ptr[0] = 0x00; + em.ptr[1] = 0x01; + em.ptr[em.len - data.len - 1] = 0x00; + memcpy(em.ptr + em.len - data.len, data.ptr, data.len); + + err = gcry_sexp_build(&in, NULL, "(data(flags raw)(value %b))", + em.len, em.ptr); + chunk_free(&em); + if (err) + { + DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + return FALSE; + } + err = gcry_pk_sign(&out, in, this->key); + gcry_sexp_release(in); + if (err) + { + DBG1("creating pkcs1 signature failed: %s", gpg_strerror(err)); + return FALSE; + } + *signature = gcrypt_rsa_find_token(out, "s"); + gcry_sexp_release(out); + return !!signature->len; +} + +/** + * Sign a chunk of data using hashing and PKCS#1 encoding + */ +static bool sign_pkcs1(private_gcrypt_rsa_private_key_t *this, + hash_algorithm_t hash_algorithm, char *hash_name, + chunk_t data, chunk_t *signature) +{ + hasher_t *hasher; + chunk_t hash; + gcry_error_t err; + gcry_sexp_t in, out; + int hash_oid; + + hash_oid = hasher_algorithm_to_oid(hash_algorithm); + if (hash_oid == OID_UNKNOWN) + { + return FALSE; + } + hasher = lib->crypto->create_hasher(lib->crypto, hash_algorithm); + if (!hasher) + { + return FALSE; + } + hasher->allocate_hash(hasher, data, &hash); + hasher->destroy(hasher); + + err = gcry_sexp_build(&in, NULL, "(data(flags pkcs1)(hash %s %b))", + hash_name, hash.len, hash.ptr); + chunk_free(&hash); + if (err) + { + DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + return FALSE; + } + err = gcry_pk_sign(&out, in, this->key); + gcry_sexp_release(in); + if (err) + { + DBG1("creating pkcs1 signature failed: %s", gpg_strerror(err)); + return FALSE; + } + *signature = gcrypt_rsa_find_token(out, "s"); + gcry_sexp_release(out); + return !!signature->len; +} + +/** + * Implementation of gcrypt_rsa_private_key.destroy. + */ +static key_type_t get_type(private_gcrypt_rsa_private_key_t *this) +{ + return KEY_RSA; +} + +/** + * Implementation of gcrypt_rsa_private_key.destroy. + */ +static bool sign(private_gcrypt_rsa_private_key_t *this, signature_scheme_t scheme, + chunk_t data, chunk_t *sig) +{ + switch (scheme) + { + case SIGN_RSA_EMSA_PKCS1_NULL: + return sign_raw(this, data, sig); + case SIGN_RSA_EMSA_PKCS1_SHA1: + return sign_pkcs1(this, HASH_SHA1, "sha1", data, sig); + case SIGN_RSA_EMSA_PKCS1_SHA256: + return sign_pkcs1(this, HASH_SHA256, "sha256", data, sig); + case SIGN_RSA_EMSA_PKCS1_SHA384: + return sign_pkcs1(this, HASH_SHA384, "sha384", data, sig); + case SIGN_RSA_EMSA_PKCS1_SHA512: + return sign_pkcs1(this, HASH_SHA512, "sha512", data, sig); + case SIGN_RSA_EMSA_PKCS1_MD5: + return sign_pkcs1(this, HASH_MD5, "md5", data, sig); + default: + DBG1("signature scheme %N not supported in RSA", + signature_scheme_names, scheme); + return FALSE; + } +} + +/** + * Implementation of gcrypt_rsa_private_key.destroy. + */ +static bool decrypt(private_gcrypt_rsa_private_key_t *this, + chunk_t encrypted, chunk_t *plain) +{ + gcry_error_t err; + gcry_sexp_t in, out; + chunk_t padded; + u_char *pos = NULL;; + + err = gcry_sexp_build(&in, NULL, "(enc-val(flags)(rsa(a %b)))", + encrypted.len, encrypted.ptr); + if (err) + { + DBG1("building decryption S-expression failed: %s", gpg_strerror(err)); + return FALSE; + } + err = gcry_pk_decrypt(&out, in, this->key); + gcry_sexp_release(in); + if (err) + { + DBG1("decrypting pkcs1 data failed: %s", gpg_strerror(err)); + return FALSE; + } + padded.ptr = (u_char*)gcry_sexp_nth_data(out, 1, &padded.len); + /* result is padded, but gcrypt strips leading zero: + * 00 | 02 | RANDOM | 00 | DATA */ + if (padded.ptr && padded.len > 2 && padded.ptr[0] == 0x02) + { + pos = memchr(padded.ptr, 0x00, padded.len - 1); + if (pos) + { + pos++; + *plain = chunk_clone(chunk_create( + pos, padded.len - (pos - padded.ptr))); + } + } + gcry_sexp_release(out); + if (!pos) + { + DBG1("decrypted data has invalid pkcs1 padding"); + return FALSE; + } + return TRUE; +} + +/** + * Implementation of gcrypt_rsa_private_key.get_keysize. + */ +static size_t get_keysize(private_gcrypt_rsa_private_key_t *this) +{ + return gcry_pk_get_nbits(this->key) / 8; +} + +/** + * Implementation of gcrypt_rsa_private_key.destroy. + */ +static identification_t* get_id(private_gcrypt_rsa_private_key_t *this, + id_type_t type) +{ + switch (type) + { + case ID_PUBKEY_INFO_SHA1: + return this->keyid_info; + case ID_PUBKEY_SHA1: + return this->keyid; + default: + return NULL; + } +} + +/** + * Implementation of gcrypt_rsa_private_key.get_public_key. + */ +static public_key_t* get_public_key(private_gcrypt_rsa_private_key_t *this) +{ + return gcrypt_rsa_public_key_create_from_sexp(this->key); +} + +/** + * Implementation of gcrypt_rsa_private_key.equals. + */ +static bool equals(private_gcrypt_rsa_private_key_t *this, private_key_t *other) +{ + identification_t *keyid; + + if (&this->public.interface == other) + { + return TRUE; + } + if (other->get_type(other) != KEY_RSA) + { + return FALSE; + } + keyid = other->get_id(other, ID_PUBKEY_SHA1); + if (keyid && keyid->equals(keyid, this->keyid)) + { + return TRUE; + } + keyid = other->get_id(other, ID_PUBKEY_INFO_SHA1); + if (keyid && keyid->equals(keyid, this->keyid_info)) + { + return TRUE; + } + return FALSE; +} + +/** + * Implementation of gcrypt_rsa_private_key.belongs_to. + */ +static bool belongs_to(private_gcrypt_rsa_private_key_t *this, + public_key_t *public) +{ + identification_t *keyid; + + if (public->get_type(public) != KEY_RSA) + { + return FALSE; + } + keyid = public->get_id(public, ID_PUBKEY_SHA1); + if (keyid && keyid->equals(keyid, this->keyid)) + { + return TRUE; + } + keyid = public->get_id(public, ID_PUBKEY_INFO_SHA1); + if (keyid && keyid->equals(keyid, this->keyid_info)) + { + return TRUE; + } + return FALSE; +} + +/** + * Implementation of private_key_t.get_encoding. + */ +static chunk_t get_encoding(private_gcrypt_rsa_private_key_t *this) +{ + chunk_t cp, cq, cd, cexp1 = chunk_empty, cexp2 = chunk_empty; + gcry_mpi_t p = NULL, q = NULL, d = NULL, exp1, exp2; + gcry_error_t err; + + /* p and q are swapped, gcrypt expects p < q */ + cp = gcrypt_rsa_find_token(this->key, "q"); + cq = gcrypt_rsa_find_token(this->key, "p"); + cd = gcrypt_rsa_find_token(this->key, "d"); + + err = gcry_mpi_scan(&p, GCRYMPI_FMT_USG, cp.ptr, cp.len, NULL) + | gcry_mpi_scan(&q, GCRYMPI_FMT_USG, cq.ptr, cq.len, NULL) + | gcry_mpi_scan(&d, GCRYMPI_FMT_USG, cd.ptr, cd.len, NULL); + if (err) + { + gcry_mpi_release(p); + gcry_mpi_release(q); + gcry_mpi_release(d); + chunk_clear(&cp); + chunk_clear(&cq); + chunk_clear(&cd); + DBG1("scanning mpi for export failed: %s", gpg_strerror(err)); + return chunk_empty; + } + + gcry_mpi_sub_ui(p, p, 1); + exp1 = gcry_mpi_new(gcry_pk_get_nbits(this->key)); + gcry_mpi_mod(exp1, d, p); + gcry_mpi_release(p); + + gcry_mpi_sub_ui(q, q, 1); + exp2 = gcry_mpi_new(gcry_pk_get_nbits(this->key)); + gcry_mpi_mod(exp1, d, q); + gcry_mpi_release(q); + + err = gcry_mpi_aprint(GCRYMPI_FMT_USG, &cexp1.ptr, &cexp1.len, exp1) + | gcry_mpi_aprint(GCRYMPI_FMT_USG, &cexp2.ptr, &cexp2.len, exp2); + + gcry_mpi_release(d); + gcry_mpi_release(exp1); + gcry_mpi_release(exp2); + + if (err) + { + DBG1("printing mpi for export failed: %s", gpg_strerror(err)); + chunk_clear(&cp); + chunk_clear(&cq); + chunk_clear(&cd); + chunk_clear(&cexp1); + chunk_clear(&cexp2); + return chunk_empty; + } + + return asn1_wrap(ASN1_SEQUENCE, "cmmmmmmmm", ASN1_INTEGER_0, + asn1_integer("m", gcrypt_rsa_find_token(this->key, "n")), + asn1_integer("m", gcrypt_rsa_find_token(this->key, "e")), + asn1_integer("m", cd), + asn1_integer("m", cp), + asn1_integer("m", cq), + asn1_integer("m", cexp1), + asn1_integer("m", cexp2), + asn1_integer("m", gcrypt_rsa_find_token(this->key, "u"))); +} + +/** + * Implementation of gcrypt_rsa_private_key.get_ref. + */ +static private_key_t* get_ref(private_gcrypt_rsa_private_key_t *this) +{ + ref_get(&this->ref); + return &this->public.interface; +} + +/** + * Implementation of gcrypt_rsa_private_key.destroy. + */ +static void destroy(private_gcrypt_rsa_private_key_t *this) +{ + if (ref_put(&this->ref)) + { + DESTROY_IF(this->keyid); + DESTROY_IF(this->keyid_info); + gcry_sexp_release(this->key); + free(this); + } +} + +/** + * Internal generic constructor + */ +static private_gcrypt_rsa_private_key_t *gcrypt_rsa_private_key_create_empty() +{ + private_gcrypt_rsa_private_key_t *this = malloc_thing(private_gcrypt_rsa_private_key_t); + + this->public.interface.get_type = (key_type_t (*)(private_key_t *this))get_type; + this->public.interface.sign = (bool (*)(private_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t *signature))sign; + this->public.interface.decrypt = (bool (*)(private_key_t *this, chunk_t crypto, chunk_t *plain))decrypt; + this->public.interface.get_keysize = (size_t (*) (private_key_t *this))get_keysize; + this->public.interface.get_id = (identification_t* (*) (private_key_t *this,id_type_t))get_id; + this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key; + this->public.interface.equals = (bool (*) (private_key_t*, private_key_t*))equals; + this->public.interface.belongs_to = (bool (*) (private_key_t *this, public_key_t *public))belongs_to; + this->public.interface.get_encoding = (chunk_t(*)(private_key_t*))get_encoding; + this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref; + this->public.interface.destroy = (void (*)(private_key_t *this))destroy; + + this->key = NULL; + this->keyid = NULL; + this->keyid_info = NULL; + this->ref = 1; + + return this; +} + +/** + * build the keyids of a private/public key + */ +bool gcrypt_rsa_build_keyids(gcry_sexp_t key, identification_t **keyid, + identification_t **keyid_info) +{ + chunk_t publicKeyInfo, publicKey, hash; + hasher_t *hasher; + + hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); + if (!hasher) + { + DBG1("SHA1 hash algorithm not supported, unable to use RSA"); + return FALSE; + } + publicKey = asn1_wrap(ASN1_SEQUENCE, "mm", + asn1_integer("m", gcrypt_rsa_find_token(key, "n")), + asn1_integer("m", gcrypt_rsa_find_token(key, "e"))); + hasher->allocate_hash(hasher, publicKey, &hash); + *keyid = identification_create_from_encoding(ID_PUBKEY_SHA1, hash); + chunk_free(&hash); + + publicKeyInfo = asn1_wrap(ASN1_SEQUENCE, "cm", + asn1_algorithmIdentifier(OID_RSA_ENCRYPTION), + asn1_bitstring("m", publicKey)); + hasher->allocate_hash(hasher, publicKeyInfo, &hash); + *keyid_info = identification_create_from_encoding(ID_PUBKEY_INFO_SHA1, hash); + chunk_free(&hash); + + hasher->destroy(hasher); + chunk_free(&publicKeyInfo); + + return TRUE; +} + +/** + * Generate an RSA key of specified key size + */ +static gcrypt_rsa_private_key_t *generate(size_t key_size) +{ + private_gcrypt_rsa_private_key_t *this; + gcry_sexp_t param, key; + gcry_error_t err; + + err = gcry_sexp_build(¶m, NULL, "(genkey(rsa(nbits %d)))", key_size); + if (err) + { + DBG1("building S-expression failed: %s", gpg_strerror(err)); + return NULL; + } + + err = gcry_pk_genkey(&key, param); + gcry_sexp_release(param); + if (err) + { + DBG1("generating RSA key failed: %s", gpg_strerror(err)); + return NULL; + } + this = gcrypt_rsa_private_key_create_empty(); + this->key = key; + + if (!gcrypt_rsa_build_keyids(this->key, &this->keyid, &this->keyid_info)) + { + destroy(this); + return NULL; + } + + return &this->public; +} + +/** + * ASN.1 definition of a PKCS#1 RSA private key + */ +static const asn1Object_t privkeyObjects[] = { + { 0, "RSAPrivateKey", ASN1_SEQUENCE, ASN1_NONE }, /* 0 */ + { 1, "version", ASN1_INTEGER, ASN1_BODY }, /* 1 */ + { 1, "modulus", ASN1_INTEGER, ASN1_BODY }, /* 2 */ + { 1, "publicExponent", ASN1_INTEGER, ASN1_BODY }, /* 3 */ + { 1, "privateExponent", ASN1_INTEGER, ASN1_BODY }, /* 4 */ + { 1, "prime1", ASN1_INTEGER, ASN1_BODY }, /* 5 */ + { 1, "prime2", ASN1_INTEGER, ASN1_BODY }, /* 6 */ + { 1, "exponent1", ASN1_INTEGER, ASN1_BODY }, /* 7 */ + { 1, "exponent2", ASN1_INTEGER, ASN1_BODY }, /* 8 */ + { 1, "coefficient", ASN1_INTEGER, ASN1_BODY }, /* 9 */ + { 1, "otherPrimeInfos", ASN1_SEQUENCE, ASN1_OPT | + ASN1_LOOP }, /* 10 */ + { 2, "otherPrimeInfo", ASN1_SEQUENCE, ASN1_NONE }, /* 11 */ + { 3, "prime", ASN1_INTEGER, ASN1_BODY }, /* 12 */ + { 3, "exponent", ASN1_INTEGER, ASN1_BODY }, /* 13 */ + { 3, "coefficient", ASN1_INTEGER, ASN1_BODY }, /* 14 */ + { 1, "end opt or loop", ASN1_EOC, ASN1_END }, /* 15 */ + { 0, "exit", ASN1_EOC, ASN1_EXIT } +}; +#define PRIV_KEY_VERSION 1 +#define PRIV_KEY_MODULUS 2 +#define PRIV_KEY_PUB_EXP 3 +#define PRIV_KEY_PRIV_EXP 4 +#define PRIV_KEY_PRIME1 5 +#define PRIV_KEY_PRIME2 6 +#define PRIV_KEY_EXP1 7 +#define PRIV_KEY_EXP2 8 +#define PRIV_KEY_COEFF 9 + +/** + * load private key from a ASN1 encoded blob + */ +static gcrypt_rsa_private_key_t *load(chunk_t blob) +{ + private_gcrypt_rsa_private_key_t *this; + asn1_parser_t *parser; + chunk_t object; + int objectID ; + bool success = FALSE; + chunk_t n, e, d, u, p, q; + gcry_error_t err; + + n = e = d = u = p = q = chunk_empty; + + parser = asn1_parser_create(privkeyObjects, blob); + parser->set_flags(parser, FALSE, TRUE); + + while (parser->iterate(parser, &objectID, &object)) + { + switch (objectID) + { + case PRIV_KEY_VERSION: + if (object.len > 0 && *object.ptr != 0) + { + goto end; + } + break; + case PRIV_KEY_MODULUS: + n = object; + break; + case PRIV_KEY_PUB_EXP: + e = object; + break; + case PRIV_KEY_PRIV_EXP: + d = object; + break; + case PRIV_KEY_PRIME1: + /* p and q are swapped, as gcrypt expects p < q */ + q = object; + break; + case PRIV_KEY_PRIME2: + p = object; + break; + case PRIV_KEY_EXP1: + case PRIV_KEY_EXP2: + break; + case PRIV_KEY_COEFF: + u = object; + break; + } + } + success = parser->success(parser); + +end: + parser->destroy(parser); + + if (!success) + { + return NULL; + } + + this = gcrypt_rsa_private_key_create_empty(); + err = gcry_sexp_build(&this->key, NULL, + "(private-key(rsa(n %b)(e %b)(d %b)(p %b)(q %b)(u %b)))", + n.len, n.ptr, e.len, e.ptr, d.len, d.ptr, + p.len, p.ptr, q.len, q.ptr, u.len, u.ptr); + if (err) + { + DBG1("loading private key failed: %s", gpg_strerror(err)); + free(this); + return NULL; + } + err = gcry_pk_testkey(this->key); + if (err) + { + DBG1("private key sanity check failed: %s", gpg_strerror(err)); + destroy(this); + return NULL; + } + if (!gcrypt_rsa_build_keyids(this->key, &this->keyid, &this->keyid_info)) + { + destroy(this); + return NULL; + } + return &this->public; +} + +typedef struct private_builder_t private_builder_t; + +/** + * Builder implementation for key loading/generation + */ +struct private_builder_t { + /** implements the builder interface */ + builder_t public; + /** loaded/generated private key */ + gcrypt_rsa_private_key_t *key; +}; + +/** + * Implementation of builder_t.build + */ +static gcrypt_rsa_private_key_t *build(private_builder_t *this) +{ + gcrypt_rsa_private_key_t *key = this->key; + + free(this); + return key; +} + +/** + * Implementation of builder_t.add + */ +static void add(private_builder_t *this, builder_part_t part, ...) +{ + if (!this->key) + { + va_list args; + + switch (part) + { + case BUILD_BLOB_ASN1_DER: + { + va_start(args, part); + this->key = load(va_arg(args, chunk_t)); + va_end(args); + return; + } + case BUILD_KEY_SIZE: + { + va_start(args, part); + this->key = generate(va_arg(args, u_int)); + va_end(args); + return; + } + default: + break; + } + } + if (this->key) + { + destroy((private_gcrypt_rsa_private_key_t*)this->key); + } + builder_cancel(&this->public); +} + +/** + * Builder construction function + */ +builder_t *gcrypt_rsa_private_key_builder(key_type_t type) +{ + private_builder_t *this; + + if (type != KEY_RSA) + { + return NULL; + } + + this = malloc_thing(private_builder_t); + + this->key = NULL; + this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add; + this->public.build = (void*(*)(builder_t *this))build; + + return &this->public; +} + diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.h b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.h new file mode 100644 index 000000000..2edd7ce5d --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_private_key.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup gcrypt_rsa_private_key gcrypt_rsa_private_key + * @{ @ingroup gcrypt_p + */ + +#ifndef GCRYPT_RSA_PRIVATE_KEY_H_ +#define GCRYPT_RSA_PRIVATE_KEY_H_ + +#include <credentials/keys/private_key.h> + +typedef struct gcrypt_rsa_private_key_t gcrypt_rsa_private_key_t; + +/** + * Private_key_t implementation of RSA algorithm using libgcrypt. + */ +struct gcrypt_rsa_private_key_t { + + /** + * Implements private_key_t interface + */ + private_key_t interface; +}; + +/** + * Create the builder for a private key. + * + * @param type type of the key, must be KEY_RSA + * @return builder instance + */ +builder_t *gcrypt_rsa_private_key_builder(key_type_t type); + +#endif /** GCRYPT_RSA_PRIVATE_KEY_H_ @}*/ diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c new file mode 100644 index 000000000..8024f58a7 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.c @@ -0,0 +1,512 @@ +/* + * Copyright (C) 2005-2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <gcrypt.h> + +#include "gcrypt_rsa_public_key.h" + +#include <debug.h> +#include <asn1/oid.h> +#include <asn1/asn1.h> +#include <asn1/asn1_parser.h> +#include <asn1/pem.h> +#include <crypto/hashers/hasher.h> + +typedef struct private_gcrypt_rsa_public_key_t private_gcrypt_rsa_public_key_t; + +/** + * Private data structure with signing context. + */ +struct private_gcrypt_rsa_public_key_t { + + /** + * Public interface for this signer. + */ + gcrypt_rsa_public_key_t public; + + /** + * gcrypt S-expression representing an public RSA key + */ + gcry_sexp_t key; + + /** + * Keyid formed as a SHA-1 hash of a publicKey object + */ + identification_t* keyid; + + /** + * Keyid formed as a SHA-1 hash of a publicKeyInfo object + */ + identification_t* keyid_info; + + /** + * reference counter + */ + refcount_t ref; +}; + +/** + * Implemented in gcrypt_rsa_private_key.c + */ +chunk_t gcrypt_rsa_find_token(gcry_sexp_t sexp, char *name); +bool gcrypt_rsa_build_keyids(gcry_sexp_t key, identification_t **keyid, + identification_t **keyid_info); + +/** + * verification of a padded PKCS1 signature without an OID + */ +static bool verify_raw(private_gcrypt_rsa_public_key_t *this, + chunk_t data, chunk_t signature) +{ + gcry_sexp_t in, sig; + gcry_error_t err; + chunk_t em; + size_t k; + + /* EM = 0x00 || 0x01 || PS || 0x00 || T + * PS = 0xFF padding, with length to fill em + * T = data + */ + k = gcry_pk_get_nbits(this->key) / 8; + if (data.len > k - 3) + { + return FALSE; + } + em = chunk_alloc(k); + memset(em.ptr, 0xFF, em.len); + em.ptr[0] = 0x00; + em.ptr[1] = 0x01; + em.ptr[em.len - data.len - 1] = 0x00; + memcpy(em.ptr + em.len - data.len, data.ptr, data.len); + + err = gcry_sexp_build(&in, NULL, "(data(flags raw)(value %b))", + em.len, em.ptr); + chunk_free(&em); + if (err) + { + DBG1("building data S-expression failed: %s", gpg_strerror(err)); + return FALSE; + } + err = gcry_sexp_build(&sig, NULL, "(sig-val(rsa(s %b)))", + signature.len, signature.ptr); + if (err) + { + DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + gcry_sexp_release(in); + return FALSE; + } + err = gcry_pk_verify(sig, in, this->key); + gcry_sexp_release(in); + gcry_sexp_release(sig); + if (err) + { + DBG1("RSA signature verification failed: %s", gpg_strerror(err)); + return FALSE; + } + return TRUE; +} + +/** + * Verification of an EMSA PKCS1 signature described in PKCS#1 + */ +static bool verify_pkcs1(private_gcrypt_rsa_public_key_t *this, + hash_algorithm_t algorithm, char *hash_name, + chunk_t data, chunk_t signature) +{ + hasher_t *hasher; + chunk_t hash; + gcry_error_t err; + gcry_sexp_t in, sig; + + hasher = lib->crypto->create_hasher(lib->crypto, algorithm); + if (!hasher) + { + return FALSE; + } + hasher->allocate_hash(hasher, data, &hash); + hasher->destroy(hasher); + + err = gcry_sexp_build(&in, NULL, "(data(flags pkcs1)(hash %s %b))", + hash_name, hash.len, hash.ptr); + chunk_free(&hash); + if (err) + { + DBG1("building data S-expression failed: %s", gpg_strerror(err)); + return FALSE; + } + + err = gcry_sexp_build(&sig, NULL, "(sig-val(rsa(s %b)))", + signature.len, signature.ptr); + if (err) + { + DBG1("building signature S-expression failed: %s", gpg_strerror(err)); + gcry_sexp_release(in); + return FALSE; + } + err = gcry_pk_verify(sig, in, this->key); + gcry_sexp_release(in); + gcry_sexp_release(sig); + if (err) + { + DBG1("RSA signature verification failed: %s", gpg_strerror(err)); + return FALSE; + } + return TRUE; +} + +/** + * Implementation of public_key_t.get_type. + */ +static key_type_t get_type(private_gcrypt_rsa_public_key_t *this) +{ + return KEY_RSA; +} + +/** + * Implementation of public_key_t.verify. + */ +static bool verify(private_gcrypt_rsa_public_key_t *this, + signature_scheme_t scheme, chunk_t data, chunk_t signature) +{ + switch (scheme) + { + case SIGN_RSA_EMSA_PKCS1_NULL: + return verify_raw(this, data, signature); + case SIGN_RSA_EMSA_PKCS1_MD5: + return verify_pkcs1(this, HASH_MD5, "md5", data, signature); + case SIGN_RSA_EMSA_PKCS1_SHA1: + return verify_pkcs1(this, HASH_SHA1, "sha1", data, signature); + case SIGN_RSA_EMSA_PKCS1_SHA256: + return verify_pkcs1(this, HASH_SHA256, "sha256", data, signature); + case SIGN_RSA_EMSA_PKCS1_SHA384: + return verify_pkcs1(this, HASH_SHA384, "sha384", data, signature); + case SIGN_RSA_EMSA_PKCS1_SHA512: + return verify_pkcs1(this, HASH_SHA512, "sha512", data, signature); + default: + DBG1("signature scheme %N not supported in RSA", + signature_scheme_names, scheme); + return FALSE; + } +} + +/** + * Implementation of public_key_t.encrypt. + */ +static bool encrypt_(private_gcrypt_rsa_public_key_t *this, chunk_t plain, + chunk_t *encrypted) +{ + gcry_sexp_t in, out; + gcry_error_t err; + + /* "pkcs1" uses PKCS 1.5 (section 8.1) block type 2 encryption: + * 00 | 02 | RANDOM | 00 | DATA */ + err = gcry_sexp_build(&in, NULL, "(data(flags pkcs1)(value %b))", + plain.len, plain.ptr); + if (err) + { + DBG1("building encryption S-expression failed: %s", gpg_strerror(err)); + return FALSE; + } + err = gcry_pk_encrypt(&out, in, this->key); + gcry_sexp_release(in); + if (err) + { + DBG1("encrypting data using pkcs1 failed: %s", gpg_strerror(err)); + return FALSE; + } + *encrypted = gcrypt_rsa_find_token(out, "a"); + gcry_sexp_release(out); + return !!encrypted->len; +} + +/** + * Implementation of gcrypt_rsa_public_key.equals. + */ +static bool equals(private_gcrypt_rsa_public_key_t *this, public_key_t *other) +{ + identification_t *keyid; + + if (&this->public.interface == other) + { + return TRUE; + } + if (other->get_type(other) != KEY_RSA) + { + return FALSE; + } + keyid = other->get_id(other, ID_PUBKEY_SHA1); + if (keyid && keyid->equals(keyid, this->keyid)) + { + return TRUE; + } + keyid = other->get_id(other, ID_PUBKEY_INFO_SHA1); + if (keyid && keyid->equals(keyid, this->keyid_info)) + { + return TRUE; + } + return FALSE; +} + +/** + * Implementation of public_key_t.get_keysize. + */ +static size_t get_keysize(private_gcrypt_rsa_public_key_t *this) +{ + return gcry_pk_get_nbits(this->key) / 8; +} + +/** + * Implementation of public_key_t.get_id. + */ +static identification_t *get_id(private_gcrypt_rsa_public_key_t *this, + id_type_t type) +{ + switch (type) + { + case ID_PUBKEY_INFO_SHA1: + return this->keyid_info; + case ID_PUBKEY_SHA1: + return this->keyid; + default: + return NULL; + } +} + +/* + * Implementation of public_key_t.get_encoding. + */ +static chunk_t get_encoding(private_gcrypt_rsa_public_key_t *this) +{ + return asn1_wrap(ASN1_SEQUENCE, "mm", + asn1_integer("m", gcrypt_rsa_find_token(this->key, "n")), + asn1_integer("m", gcrypt_rsa_find_token(this->key, "e"))); +} + +/** + * Implementation of public_key_t.get_ref. + */ +static public_key_t* get_ref(private_gcrypt_rsa_public_key_t *this) +{ + ref_get(&this->ref); + return &this->public.interface; +} + +/** + * Implementation of gcrypt_rsa_public_key.destroy. + */ +static void destroy(private_gcrypt_rsa_public_key_t *this) +{ + if (ref_put(&this->ref)) + { + DESTROY_IF(this->keyid); + DESTROY_IF(this->keyid_info); + gcry_sexp_release(this->key); + free(this); + } +} + +/** + * Generic private constructor + */ +static private_gcrypt_rsa_public_key_t *gcrypt_rsa_public_key_create_empty() +{ + private_gcrypt_rsa_public_key_t *this = malloc_thing(private_gcrypt_rsa_public_key_t); + + this->public.interface.get_type = (key_type_t (*)(public_key_t *this))get_type; + this->public.interface.verify = (bool (*)(public_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t signature))verify; + this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_; + this->public.interface.equals = (bool (*) (public_key_t*, public_key_t*))equals; + this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize; + this->public.interface.get_id = (identification_t* (*) (public_key_t *this,id_type_t))get_id; + this->public.interface.get_encoding = (chunk_t(*)(public_key_t*))get_encoding; + this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref; + this->public.interface.destroy = (void (*)(public_key_t *this))destroy; + + this->key = NULL; + this->keyid = NULL; + this->keyid_info = NULL; + this->ref = 1; + + return this; +} + +/** + * Create a public key from a S-expression, used in gcrypt_rsa_private_key + */ +public_key_t *gcrypt_rsa_public_key_create_from_sexp(gcry_sexp_t key) +{ + private_gcrypt_rsa_public_key_t *this; + gcry_error_t err; + chunk_t n, e; + + this = gcrypt_rsa_public_key_create_empty(); + n = gcrypt_rsa_find_token(key, "n"); + e = gcrypt_rsa_find_token(key, "e"); + + err = gcry_sexp_build(&this->key, NULL, "(public-key(rsa(n %b)(e %b)))", + n.len, n.ptr, e.len, e.ptr); + chunk_free(&n); + chunk_free(&e); + if (err) + { + DBG1("loading public key failed: %s", gpg_strerror(err)); + free(this); + return NULL; + } + if (!gcrypt_rsa_build_keyids(this->key, &this->keyid, &this->keyid_info)) + { + destroy(this); + return NULL; + } + return &this->public.interface; +} + +/** + * ASN.1 definition of RSApublicKey + */ +static const asn1Object_t pubkeyObjects[] = { + { 0, "RSAPublicKey", ASN1_SEQUENCE, ASN1_OBJ }, /* 0 */ + { 1, "modulus", ASN1_INTEGER, ASN1_BODY }, /* 1 */ + { 1, "publicExponent", ASN1_INTEGER, ASN1_BODY }, /* 2 */ + { 0, "exit", ASN1_EOC, ASN1_EXIT } +}; +#define PUB_KEY_RSA_PUBLIC_KEY 0 +#define PUB_KEY_MODULUS 1 +#define PUB_KEY_EXPONENT 2 + +/** + * Load a public key from an ASN1 encoded blob + */ +static gcrypt_rsa_public_key_t *load(chunk_t blob) +{ + private_gcrypt_rsa_public_key_t *this; + asn1_parser_t *parser; + chunk_t object, n, e; + int objectID; + bool success = FALSE; + gcry_error_t err; + + n = e = chunk_empty; + + parser = asn1_parser_create(pubkeyObjects, blob); + while (parser->iterate(parser, &objectID, &object)) + { + switch (objectID) + { + case PUB_KEY_MODULUS: + n = object; + break; + case PUB_KEY_EXPONENT: + e = object; + break; + } + } + success = parser->success(parser); + parser->destroy(parser); + + if (!success) + { + return NULL; + } + + this = gcrypt_rsa_public_key_create_empty(); + err = gcry_sexp_build(&this->key, NULL, "(public-key(rsa(n %b)(e %b)))", + n.len, n.ptr, e.len, e.ptr); + if (err) + { + DBG1("loading public key failed: %s", gpg_strerror(err)); + free(this); + return NULL; + } + if (!gcrypt_rsa_build_keyids(this->key, &this->keyid, &this->keyid_info)) + { + destroy(this); + return NULL; + } + return &this->public; +} + +typedef struct private_builder_t private_builder_t; +/** + * Builder implementation for key loading + */ +struct private_builder_t { + /** implements the builder interface */ + builder_t public; + /** loaded public key */ + gcrypt_rsa_public_key_t *key; +}; + +/** + * Implementation of builder_t.build + */ +static gcrypt_rsa_public_key_t *build(private_builder_t *this) +{ + gcrypt_rsa_public_key_t *key = this->key; + + free(this); + return key; +} + +/** + * Implementation of builder_t.add + */ +static void add(private_builder_t *this, builder_part_t part, ...) +{ + if (!this->key) + { + va_list args; + + switch (part) + { + case BUILD_BLOB_ASN1_DER: + { + va_start(args, part); + this->key = load(va_arg(args, chunk_t)); + va_end(args); + return; + } + default: + break; + } + } + if (this->key) + { + destroy((private_gcrypt_rsa_public_key_t*)this->key); + } + builder_cancel(&this->public); +} + +/** + * Builder construction function + */ +builder_t *gcrypt_rsa_public_key_builder(key_type_t type) +{ + private_builder_t *this; + + if (type != KEY_RSA) + { + return NULL; + } + + this = malloc_thing(private_builder_t); + + this->key = NULL; + this->public.add = (void(*)(builder_t *this, builder_part_t part, ...))add; + this->public.build = (void*(*)(builder_t *this))build; + + return &this->public; +} + diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.h b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.h new file mode 100644 index 000000000..102547276 --- /dev/null +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_rsa_public_key.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup gcrypt_rsa_public_key gcrypt_rsa_public_key + * @{ @ingroup gcrypt_p + */ + +#ifndef GCRYPT_RSA_PUBLIC_KEY_H_ +#define GCRYPT_RSA_PUBLIC_KEY_H_ + +typedef struct gcrypt_rsa_public_key_t gcrypt_rsa_public_key_t; + +#include <credentials/keys/public_key.h> + +/** + * public_key_t implementation of RSA algorithm using libgcrypt. + */ +struct gcrypt_rsa_public_key_t { + + /** + * Implements the public_key_t interface + */ + public_key_t interface; +}; + +/** + * Create the builder for a public key. + * + * @param type type of the key, must be KEY_RSA + * @return builder instance + */ +builder_t *gcrypt_rsa_public_key_builder(key_type_t type); + +#endif /** GCRYPT_RSA_PUBLIC_KEY_H_ @}*/ diff --git a/src/libstrongswan/plugins/gmp/Makefile.in b/src/libstrongswan/plugins/gmp/Makefile.in index c406f3af6..a60cd998c 100644 --- a/src/libstrongswan/plugins/gmp/Makefile.in +++ b/src/libstrongswan/plugins/gmp/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -88,6 +88,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -110,6 +111,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -121,6 +125,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -134,6 +139,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -194,6 +201,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -205,6 +213,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -227,8 +236,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -325,7 +334,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c index 294fb722f..a03e83e66 100644 --- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c +++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c @@ -14,8 +14,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: gmp_diffie_hellman.c 4566 2008-11-04 13:12:11Z martin $ */ #include <gmp.h> @@ -30,7 +28,7 @@ */ static u_int8_t group1_modulus[] = { 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xC9,0x0F,0xDA,0xA2,0x21,0x68,0xC2,0x34, - 0xC4,0xC6,0x62,0x8B,0x80 ,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, + 0xC4,0xC6,0x62,0x8B,0x80,0xDC,0x1C,0xD1,0x29,0x02,0x4E,0x08,0x8A,0x67,0xCC,0x74, 0x02,0x0B,0xBE,0xA6,0x3B,0x13,0x9B,0x22,0x51,0x4A,0x08,0x79,0x8E,0x34,0x04,0xDD, 0xEF,0x95,0x19,0xB3,0xCD,0x3A,0x43,0x1B,0x30,0x2B,0x0A,0x6D,0xF2,0x5F,0x14,0x37, 0x4F,0xE1,0x35,0x6D,0x6D,0x51,0xC2,0x45,0xE4,0x85,0xB5,0x76,0x62,0x5E,0x7E,0xC6, @@ -562,7 +560,7 @@ gmp_diffie_hellman_t *gmp_diffie_hellman_create(diffie_hellman_group_t group) } ansi_x9_42 = lib->settings->get_int(lib->settings, - "charon.dh_exponent_ansi_x9_42", TRUE); + "libstrongswan.dh_exponent_ansi_x9_42", TRUE); exponent_len = (ansi_x9_42) ? this->p_len : this->opt_exponent_len; rng->allocate_bytes(rng, exponent_len, &random); rng->destroy(rng); diff --git a/src/libstrongswan/plugins/gmp/gmp_plugin.c b/src/libstrongswan/plugins/gmp/gmp_plugin.c index 7711b6d34..f6ea964c1 100644 --- a/src/libstrongswan/plugins/gmp/gmp_plugin.c +++ b/src/libstrongswan/plugins/gmp/gmp_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: gmp_plugin.c 4309 2008-08-28 11:07:57Z martin $ */ #include "gmp_plugin.h" diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c index e445dd670..cbc112762 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: gmp_rsa_private_key.c 4345 2008-09-17 08:10:48Z martin $ */ #include <gmp.h> @@ -28,6 +26,7 @@ #include <asn1/oid.h> #include <asn1/asn1.h> #include <asn1/asn1_parser.h> +#include <pgp/pgp.h> /** * Public exponent to use for key generation. @@ -112,11 +111,12 @@ struct private_gmp_rsa_private_key_t { }; /** - * shared functions, implemented in gmp_rsa_public_key.c + * Shared functions defined in gmp_rsa_public_key.c */ -bool gmp_rsa_public_key_build_id(mpz_t n, mpz_t e, identification_t **keyid, - identification_t **keyid_info); -gmp_rsa_public_key_t *gmp_rsa_public_key_create_from_n_e(mpz_t n, mpz_t e); +extern bool gmp_rsa_public_key_build_id(mpz_t n, mpz_t e, + identification_t **keyid, + identification_t **keyid_info); +extern gmp_rsa_public_key_t *gmp_rsa_public_key_create_from_n_e(mpz_t n, mpz_t e); /** * Auxiliary function overwriting private key material with zero bytes @@ -141,10 +141,10 @@ static status_t compute_prime(private_gmp_rsa_private_key_t *this, rng_t *rng; chunk_t random_bytes; - rng = lib->crypto->create_rng(lib->crypto, RNG_REAL); + rng = lib->crypto->create_rng(lib->crypto, RNG_TRUE); if (!rng) { - DBG1("no RNG of quality %N found", rng_quality_names, RNG_REAL); + DBG1("no RNG of quality %N found", rng_quality_names, RNG_TRUE); return FAILED; } @@ -217,33 +217,44 @@ static bool build_emsa_pkcs1_signature(private_gmp_rsa_private_key_t *this, hash_algorithm_t hash_algorithm, chunk_t data, chunk_t *signature) { - hasher_t *hasher; - chunk_t em, digestInfo, hash; - int hash_oid = hasher_algorithm_to_oid(hash_algorithm); - - if (hash_oid == OID_UNKNOWN) + chunk_t digestInfo = chunk_empty; + chunk_t em; + + if (hash_algorithm != HASH_UNKNOWN) { - return FALSE; + hasher_t *hasher; + chunk_t hash; + int hash_oid = hasher_algorithm_to_oid(hash_algorithm); + + if (hash_oid == OID_UNKNOWN) + { + return FALSE; + } + + hasher = lib->crypto->create_hasher(lib->crypto, hash_algorithm); + if (hasher == NULL) + { + return FALSE; + } + hasher->allocate_hash(hasher, data, &hash); + hasher->destroy(hasher); + + /* build DER-encoded digestInfo */ + digestInfo = asn1_wrap(ASN1_SEQUENCE, "cm", + asn1_algorithmIdentifier(hash_oid), + asn1_simple_object(ASN1_OCTET_STRING, hash) + ); + chunk_free(&hash); + data = digestInfo; } - /* get hasher */ - hasher = lib->crypto->create_hasher(lib->crypto, hash_algorithm); - if (hasher == NULL) + if (data.len > this->k - 3) { + free(digestInfo.ptr); + DBG1("unable to sign %d bytes using a %dbit key", data.len, this->k * 8); return FALSE; } - /* build hash */ - hasher->allocate_hash(hasher, data, &hash); - hasher->destroy(hasher); - - /* build DER-encoded digestInfo */ - digestInfo = asn1_wrap(ASN1_SEQUENCE, "cm", - asn1_algorithmIdentifier(hash_oid), - asn1_simple_object(ASN1_OCTET_STRING, hash) - ); - chunk_free(&hash); - /* build chunk to rsa-decrypt: * EM = 0x00 || 0x01 || PS || 0x00 || T. * PS = 0xFF padding, with length to fill em @@ -257,9 +268,9 @@ static bool build_emsa_pkcs1_signature(private_gmp_rsa_private_key_t *this, /* set magic bytes */ *(em.ptr) = 0x00; *(em.ptr+1) = 0x01; - *(em.ptr + em.len - digestInfo.len - 1) = 0x00; + *(em.ptr + em.len - data.len - 1) = 0x00; /* set DER-encoded hash */ - memcpy(em.ptr + em.len - digestInfo.len, digestInfo.ptr, digestInfo.len); + memcpy(em.ptr + em.len - data.len, data.ptr, data.len); /* build signature */ *signature = rsasp1(this, em); @@ -271,7 +282,7 @@ static bool build_emsa_pkcs1_signature(private_gmp_rsa_private_key_t *this, } /** - * Implementation of gmp_rsa_private_key.destroy. + * Implementation of gmp_rsa_private_key.get_type. */ static key_type_t get_type(private_gmp_rsa_private_key_t *this) { @@ -279,15 +290,15 @@ static key_type_t get_type(private_gmp_rsa_private_key_t *this) } /** - * Implementation of gmp_rsa_private_key.destroy. + * Implementation of gmp_rsa_private_key.sign. */ static bool sign(private_gmp_rsa_private_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t *signature) { switch (scheme) { - case SIGN_DEFAULT: - /* default is EMSA-PKCS1 using SHA1 */ + case SIGN_RSA_EMSA_PKCS1_NULL: + return build_emsa_pkcs1_signature(this, HASH_UNKNOWN, data, signature); case SIGN_RSA_EMSA_PKCS1_SHA1: return build_emsa_pkcs1_signature(this, HASH_SHA1, data, signature); case SIGN_RSA_EMSA_PKCS1_SHA256: @@ -306,17 +317,46 @@ static bool sign(private_gmp_rsa_private_key_t *this, signature_scheme_t scheme, } /** - * Implementation of gmp_rsa_private_key.destroy. + * Implementation of gmp_rsa_private_key.decrypt. */ -static bool decrypt(private_gmp_rsa_private_key_t *this, - chunk_t crypto, chunk_t *plain) +static bool decrypt(private_gmp_rsa_private_key_t *this, chunk_t crypto, + chunk_t *plain) { - DBG1("RSA private key decryption not implemented"); - return FALSE; + chunk_t em, stripped; + bool success = FALSE; + + /* rsa decryption using PKCS#1 RSADP */ + stripped = em = rsadp(this, crypto); + + /* PKCS#1 v1.5 8.1 encryption-block formatting (EB = 00 || 02 || PS || 00 || D) */ + + /* check for hex pattern 00 02 in decrypted message */ + if ((*stripped.ptr++ != 0x00) || (*(stripped.ptr++) != 0x02)) + { + DBG1("incorrect padding - probably wrong rsa key"); + goto end; + } + stripped.len -= 2; + + /* the plaintext data starts after first 0x00 byte */ + while (stripped.len-- > 0 && *stripped.ptr++ != 0x00) + + if (stripped.len == 0) + { + DBG1("no plaintext data"); + goto end; + } + + *plain = chunk_clone(stripped); + success = TRUE; + +end: + chunk_clear(&em); + return success; } /** - * Implementation of gmp_rsa_private_key.destroy. + * Implementation of gmp_rsa_private_key.get_keysize. */ static size_t get_keysize(private_gmp_rsa_private_key_t *this) { @@ -324,7 +364,7 @@ static size_t get_keysize(private_gmp_rsa_private_key_t *this) } /** - * Implementation of gmp_rsa_private_key.destroy. + * Implementation of gmp_rsa_private_key.get_id. */ static identification_t* get_id(private_gmp_rsa_private_key_t *this, id_type_t type) @@ -349,7 +389,35 @@ static gmp_rsa_public_key_t* get_public_key(private_gmp_rsa_private_key_t *this) } /** - * Implementation of gmp_rsa_private_key.destroy. + * Implementation of gmp_rsa_private_key.equals. + */ +static bool equals(private_gmp_rsa_private_key_t *this, private_key_t *other) +{ + identification_t *keyid; + + if (&this->public.interface == other) + { + return TRUE; + } + if (other->get_type(other) != KEY_RSA) + { + return FALSE; + } + keyid = other->get_id(other, ID_PUBKEY_SHA1); + if (keyid && keyid->equals(keyid, this->keyid)) + { + return TRUE; + } + keyid = other->get_id(other, ID_PUBKEY_INFO_SHA1); + if (keyid && keyid->equals(keyid, this->keyid_info)) + { + return TRUE; + } + return FALSE; +} + +/** + * Implementation of gmp_rsa_private_key.belongs_to. */ static bool belongs_to(private_gmp_rsa_private_key_t *this, public_key_t *public) { @@ -373,19 +441,27 @@ static bool belongs_to(private_gmp_rsa_private_key_t *this, public_key_t *public } /** - * convert a MP integer into a DER coded ASN.1 object + * Convert a MP integer into a chunk_t */ -chunk_t gmp_mpz_to_asn1(const mpz_t value) +chunk_t gmp_mpz_to_chunk(const mpz_t value) { chunk_t n; - n.len = 1 + mpz_sizeinbase(value, 2) / 8; /* size in bytes */ + n.len = 1 + mpz_sizeinbase(value, 2) / BITS_PER_BYTE; n.ptr = mpz_export(NULL, NULL, 1, n.len, 1, 0, value); if (n.ptr == NULL) { /* if we have zero in "value", gmp returns NULL */ n.len = 0; } - return asn1_wrap(ASN1_INTEGER, "m", n); + return n; +} + +/** + * Convert a MP integer into a DER coded ASN.1 object + */ +chunk_t gmp_mpz_to_asn1(const mpz_t value) +{ + return asn1_wrap(ASN1_INTEGER, "m", gmp_mpz_to_chunk(value)); } /** @@ -406,7 +482,7 @@ static chunk_t get_encoding(private_gmp_rsa_private_key_t *this) } /** - * Implementation of gmp_rsa_private_key.destroy. + * Implementation of gmp_rsa_private_key.get_ref. */ static private_gmp_rsa_private_key_t* get_ref(private_gmp_rsa_private_key_t *this) { @@ -447,14 +523,14 @@ static status_t check(private_gmp_rsa_private_key_t *this) /* PKCS#1 1.5 section 6 requires modulus to have at least 12 octets. * We actually require more (for security). */ - if (this->k < 512/8) + if (this->k < 512 / BITS_PER_BYTE) { DBG1("key shorter than 512 bits"); return FAILED; } /* we picked a max modulus size to simplify buffer allocation */ - if (this->k > 8192/8) + if (this->k > 8192 / BITS_PER_BYTE) { DBG1("key larger than 8192 bits"); return FAILED; @@ -542,16 +618,17 @@ static private_gmp_rsa_private_key_t *gmp_rsa_private_key_create_empty(void) { private_gmp_rsa_private_key_t *this = malloc_thing(private_gmp_rsa_private_key_t); - this->public.interface.get_type = (key_type_t (*)(private_key_t *this))get_type; - this->public.interface.sign = (bool (*)(private_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t *signature))sign; - this->public.interface.decrypt = (bool (*)(private_key_t *this, chunk_t crypto, chunk_t *plain))decrypt; - this->public.interface.get_keysize = (size_t (*) (private_key_t *this))get_keysize; - this->public.interface.get_id = (identification_t* (*) (private_key_t *this,id_type_t))get_id; - this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key; - this->public.interface.belongs_to = (bool (*) (private_key_t *this, public_key_t *public))belongs_to; - this->public.interface.get_encoding = (chunk_t(*)(private_key_t*))get_encoding; - this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref; - this->public.interface.destroy = (void (*)(private_key_t *this))destroy; + this->public.interface.get_type = (key_type_t (*) (private_key_t*))get_type; + this->public.interface.sign = (bool (*) (private_key_t*, signature_scheme_t, chunk_t, chunk_t*))sign; + this->public.interface.decrypt = (bool (*) (private_key_t*, chunk_t, chunk_t*))decrypt; + this->public.interface.get_keysize = (size_t (*) (private_key_t*))get_keysize; + this->public.interface.get_id = (identification_t* (*) (private_key_t*, id_type_t))get_id; + this->public.interface.get_public_key = (public_key_t* (*) (private_key_t*))get_public_key; + this->public.interface.equals = (bool (*) (private_key_t*, private_key_t*))equals; + this->public.interface.belongs_to = (bool (*) (private_key_t*, public_key_t*))belongs_to; + this->public.interface.get_encoding = (chunk_t (*) (private_key_t*))get_encoding; + this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref; + this->public.interface.destroy = (void (*) (private_key_t*))destroy; this->keyid = NULL; this->keyid_info = NULL; @@ -569,7 +646,7 @@ static gmp_rsa_private_key_t *generate(size_t key_size) mpz_t m, q1, t; private_gmp_rsa_private_key_t *this = gmp_rsa_private_key_create_empty(); - key_size = key_size / 8; + key_size = key_size / BITS_PER_BYTE; /* Get values of primes p and q */ if (compute_prime(this, key_size/2, &p) != SUCCESS) @@ -680,7 +757,7 @@ static const asn1Object_t privkeyObjects[] = { /** * load private key from a ASN1 encoded blob */ -static gmp_rsa_private_key_t *load(chunk_t blob) +static gmp_rsa_private_key_t *load_asn1_der(chunk_t blob) { asn1_parser_t *parser; chunk_t object; @@ -708,6 +785,7 @@ static gmp_rsa_private_key_t *load(chunk_t blob) case PRIV_KEY_VERSION: if (object.len > 0 && *object.ptr != 0) { + DBG1("PKCS#1 private key format is not version 1"); goto end; } break; @@ -757,13 +835,144 @@ end: destroy(this); return NULL; } + if (check(this) != SUCCESS) + { + destroy(this); + return NULL; + } + return &this->public; +} + +/** + * load private key from an OpenPGP blob coded according to section + */ +static gmp_rsa_private_key_t *load_pgp(chunk_t blob) +{ + mpz_t u; + int objectID; + chunk_t packet = blob; + private_gmp_rsa_private_key_t *this = gmp_rsa_private_key_create_empty(); + + mpz_init(this->n); + mpz_init(this->e); + mpz_init(this->p); + mpz_init(this->q); + mpz_init(this->d); + mpz_init(this->exp1); + mpz_init(this->exp2); + mpz_init(this->coeff); + + for (objectID = PRIV_KEY_MODULUS; objectID <= PRIV_KEY_COEFF; objectID++) + { + chunk_t object; + + switch (objectID) + { + case PRIV_KEY_PRIV_EXP: + { + pgp_sym_alg_t s2k; + + /* string-to-key usage */ + s2k = pgp_length(&packet, 1); + DBG2("L3 - string-to-key: %d", s2k); + + if (s2k == 255 || s2k == 254) + { + DBG1("string-to-key specifiers not supported"); + goto end; + } + DBG2(" %N", pgp_sym_alg_names, s2k); + + if (s2k != PGP_SYM_ALG_PLAIN) + { + DBG1("%N encryption not supported", pgp_sym_alg_names, s2k); + goto end; + } + break; + } + case PRIV_KEY_EXP1: + case PRIV_KEY_EXP2: + /* not contained in OpenPGP secret key payload */ + continue; + default: + break; + } + + DBG2("L3 - %s:", privkeyObjects[objectID].name); + object.len = pgp_length(&packet, 2); + + if (object.len == PGP_INVALID_LENGTH) + { + DBG1("OpenPGP length is invalid"); + goto end; + } + object.len = (object.len + 7) / BITS_PER_BYTE; + if (object.len > packet.len) + { + DBG1("OpenPGP field is too short"); + goto end; + } + object.ptr = packet.ptr; + packet.ptr += object.len; + packet.len -= object.len; + DBG4("%B", &object); + + switch (objectID) + { + case PRIV_KEY_MODULUS: + mpz_import(this->n, object.len, 1, 1, 1, 0, object.ptr); + break; + case PRIV_KEY_PUB_EXP: + mpz_import(this->e, object.len, 1, 1, 1, 0, object.ptr); + break; + case PRIV_KEY_PRIV_EXP: + mpz_import(this->d, object.len, 1, 1, 1, 0, object.ptr); + break; + case PRIV_KEY_PRIME1: + mpz_import(this->q, object.len, 1, 1, 1, 0, object.ptr); + break; + case PRIV_KEY_PRIME2: + mpz_import(this->p, object.len, 1, 1, 1, 0, object.ptr); + break; + case PRIV_KEY_COEFF: + mpz_import(this->coeff, object.len, 1, 1, 1, 0, object.ptr); + break; + } + } + + /* auxiliary variable */ + mpz_init(u); + + /* exp1 = d mod (p-1) */ + mpz_sub_ui(u, this->p, 1); + mpz_mod(this->exp1, this->d, u); + + /* exp2 = d mod (q-1) */ + mpz_sub_ui(u, this->q, 1); + mpz_mod(this->exp2, this->d, u); + + mpz_clear(u); + chunk_clear(&blob); + + this->k = (mpz_sizeinbase(this->n, 2) + 7) / BITS_PER_BYTE; + if (!gmp_rsa_public_key_build_id(this->n, this->e, + &this->keyid, &this->keyid_info)) + { + destroy(this); + return NULL; + } if (check(this) != SUCCESS) { destroy(this); return NULL; } return &this->public; + +end: + chunk_clear(&blob); + destroy(this); + return NULL; } typedef struct private_builder_t private_builder_t; @@ -804,7 +1013,15 @@ static void add(private_builder_t *this, builder_part_t part, ...) { va_start(args, part); chunk = va_arg(args, chunk_t); - this->key = load(chunk_clone(chunk)); + this->key = load_asn1_der(chunk_clone(chunk)); + va_end(args); + return; + } + case BUILD_BLOB_PGP: + { + va_start(args, part); + chunk = va_arg(args, chunk_t); + this->key = load_pgp(chunk_clone(chunk)); va_end(args); return; } diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c index 8a89849cd..1f3e3072f 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: gmp_rsa_public_key.c 4345 2008-09-17 08:10:48Z martin $ */ #include <gmp.h> @@ -30,11 +28,7 @@ #include <asn1/asn1_parser.h> #include <asn1/pem.h> #include <crypto/hashers/hasher.h> - -/** - * defined in gmp_rsa_private_key.c - */ -extern chunk_t gmp_mpz_to_asn1(const mpz_t value); +#include <pgp/pgp.h> typedef struct private_gmp_rsa_public_key_t private_gmp_rsa_public_key_t; @@ -79,6 +73,12 @@ struct private_gmp_rsa_public_key_t { }; /** + * Shared functions defined in gmp_rsa_private_key.c + */ +extern chunk_t gmp_mpz_to_chunk(const mpz_t value); +extern chunk_t gmp_mpz_to_asn1(const mpz_t value); + +/** * RSAEP algorithm specified in PKCS#1. */ static chunk_t rsaep(private_gmp_rsa_public_key_t *this, chunk_t data) @@ -140,11 +140,10 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, /* remove any preceding 0-bytes from signature */ while (signature.len && *(signature.ptr) == 0x00) { - signature.len -= 1; - signature.ptr++; + signature = chunk_skip(signature, 1); } - if (signature.len > this->k) + if (signature.len == 0 || signature.len > this->k) { return INVALID_ARG; } @@ -163,8 +162,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, { goto end; } - em.ptr += 2; - em.len -= 2; + em = chunk_skip(em, 2); /* find magic 0x00 */ while (em.len > 0) @@ -172,8 +170,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, if (*em.ptr == 0x00) { /* found magic byte, stop */ - em.ptr++; - em.len--; + em = chunk_skip(em, 1); break; } else if (*em.ptr != 0xFF) @@ -181,8 +178,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, /* bad padding, decryption failed ?!*/ goto end; } - em.ptr++; - em.len--; + em = chunk_skip(em, 1); } if (em.len == 0) @@ -191,13 +187,24 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, goto end; } - /* parse ASN.1-based digestInfo */ - { + if (algorithm == HASH_UNKNOWN) + { /* IKEv1 signatures without digestInfo */ + if (em.len != data.len) + { + DBG1("hash size in signature is %u bytes instead of %u bytes", + em.len, data.len); + goto end; + } + success = memeq(em.ptr, data.ptr, data.len); + } + else + { /* IKEv2 and X.509 certificate signatures */ asn1_parser_t *parser; chunk_t object; int objectID; hash_algorithm_t hash_algorithm = HASH_UNKNOWN; + DBG2("signature verification:"); parser = asn1_parser_create(digestInfoObjects, em); while (parser->iterate(parser, &objectID, &object)) @@ -220,8 +227,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this, parser->get_level(parser)+1, NULL); hash_algorithm = hasher_algorithm_from_oid(hash_oid); - if (hash_algorithm == HASH_UNKNOWN || - (algorithm != HASH_UNKNOWN && hash_algorithm != algorithm)) + if (hash_algorithm == HASH_UNKNOWN || hash_algorithm != algorithm) { DBG1("expected hash algorithm %N, but found %N (OID: %#B)", hash_algorithm_names, algorithm, @@ -289,7 +295,7 @@ static bool verify(private_gmp_rsa_public_key_t *this, signature_scheme_t scheme { switch (scheme) { - case SIGN_DEFAULT: /* default is EMSA-PKCS1 using included OID */ + case SIGN_RSA_EMSA_PKCS1_NULL: return verify_emsa_pkcs1_signature(this, HASH_UNKNOWN, data, signature); case SIGN_RSA_EMSA_PKCS1_MD5: return verify_emsa_pkcs1_signature(this, HASH_MD5, data, signature); @@ -308,12 +314,96 @@ static bool verify(private_gmp_rsa_public_key_t *this, signature_scheme_t scheme } } +#define MIN_PS_PADDING 8 + /** - * Implementation of public_key_t.get_keysize. + * Implementation of public_key_t.encrypt. + */ +static bool encrypt_(private_gmp_rsa_public_key_t *this, chunk_t plain, + chunk_t *crypto) +{ + chunk_t em; + u_char *pos; + int padding, i; + rng_t *rng; + + rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); + if (rng == NULL) + { + DBG1("no random generator available"); + return FALSE; + } + + /* number of pseudo-random padding octets */ + padding = this->k - plain.len - 3; + if (padding < MIN_PS_PADDING) + { + DBG1("pseudo-random padding must be at least %d octets", MIN_PS_PADDING); + return FALSE; + } + + /* padding according to PKCS#1 7.2.1 (RSAES-PKCS1-v1.5-ENCRYPT) */ + DBG2("padding %u bytes of data to the rsa modulus size of %u bytes", + plain.len, this->k); + em.len = this->k; + em.ptr = malloc(em.len); + pos = em.ptr; + *pos++ = 0x00; + *pos++ = 0x02; + + /* fill with pseudo random octets */ + rng->get_bytes(rng, padding, pos); + + /* replace zero-valued random octets */ + for (i = 0; i < padding; i++) + { + while (*pos == 0) + { + rng->get_bytes(rng, 1, pos); + } + pos++; + } + rng->destroy(rng); + + /* append the padding terminator */ + *pos++ = 0x00; + + /* now add the data */ + memcpy(pos, plain.ptr, plain.len); + DBG3("padded data before rsa encryption: %B", &em); + + /* rsa encryption using PKCS#1 RSAEP */ + *crypto = rsaep(this, em); + DBG3("rsa encrypted data: %B", crypto); + chunk_clear(&em); + return TRUE; +} + +/** + * Implementation of gmp_rsa_public_key.equals. */ -static bool encrypt(private_gmp_rsa_public_key_t *this, chunk_t crypto, chunk_t *plain) +static bool equals(private_gmp_rsa_public_key_t *this, public_key_t *other) { - DBG1("RSA public key encryption not implemented"); + identification_t *keyid; + + if (&this->public.interface == other) + { + return TRUE; + } + if (other->get_type(other) != KEY_RSA) + { + return FALSE; + } + keyid = other->get_id(other, ID_PUBKEY_SHA1); + if (keyid && keyid->equals(keyid, this->keyid)) + { + return TRUE; + } + keyid = other->get_id(other, ID_PUBKEY_INFO_SHA1); + if (keyid && keyid->equals(keyid, this->keyid_info)) + { + return TRUE; + } return FALSE; } @@ -326,6 +416,46 @@ static size_t get_keysize(private_gmp_rsa_public_key_t *this) } /** + * Build the PGP version 3 RSA key identifier from n and e using + * MD5 hashed modulus and exponent. Also used in rsa_private_key.c. + */ +static identification_t* gmp_rsa_build_pgp_v3_keyid(mpz_t n, mpz_t e) +{ + identification_t *keyid; + chunk_t modulus, mod, exponent, exp, hash; + hasher_t *hasher; + + hasher= lib->crypto->create_hasher(lib->crypto, HASH_MD5); + if (hasher == NULL) + { + DBG1("computation of PGP V3 keyid failed, no MD5 hasher is available"); + return NULL; + } + mod = modulus = gmp_mpz_to_chunk(n); + exp = exponent = gmp_mpz_to_chunk(e); + + /* remove leading zero bytes before hashing modulus and exponent */ + while (mod.len > 0 && *mod.ptr == 0x00) + { + mod.ptr++; + mod.len--; + } + while (exp.len > 0 && *exp.ptr == 0x00) + { + exp.ptr++; + exp.len--; + } + hasher->allocate_hash(hasher, mod, NULL); + hasher->allocate_hash(hasher, exp, &hash); + hasher->destroy(hasher); + keyid = identification_create_from_encoding(ID_KEY_ID, hash); + free(hash.ptr); + free(modulus.ptr); + free(exponent.ptr); + return keyid; +} + +/** * Implementation of public_key_t.get_id. */ static identification_t *get_id(private_gmp_rsa_public_key_t *this, @@ -337,6 +467,8 @@ static identification_t *get_id(private_gmp_rsa_public_key_t *this, return this->keyid_info; case ID_PUBKEY_SHA1: return this->keyid; + case ID_KEY_ID: + return gmp_rsa_build_pgp_v3_keyid(this->n, this->e); default: return NULL; } @@ -383,14 +515,15 @@ static private_gmp_rsa_public_key_t *gmp_rsa_public_key_create_empty() { private_gmp_rsa_public_key_t *this = malloc_thing(private_gmp_rsa_public_key_t); - this->public.interface.get_type = (key_type_t (*)(public_key_t *this))get_type; - this->public.interface.verify = (bool (*)(public_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t signature))verify; - this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt; - this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize; - this->public.interface.get_id = (identification_t* (*) (public_key_t *this,id_type_t))get_id; - this->public.interface.get_encoding = (chunk_t(*)(public_key_t*))get_encoding; - this->public.interface.get_ref = (public_key_t* (*)(public_key_t *this))get_ref; - this->public.interface.destroy = (void (*)(public_key_t *this))destroy; + this->public.interface.get_type = (key_type_t (*) (public_key_t*))get_type; + this->public.interface.verify = (bool (*) (public_key_t*, signature_scheme_t, chunk_t, chunk_t))verify; + this->public.interface.encrypt = (bool (*) (public_key_t*, chunk_t, chunk_t*))encrypt_; + this->public.interface.equals = (bool (*) (public_key_t*, public_key_t*))equals; + this->public.interface.get_keysize = (size_t (*) (public_key_t*))get_keysize; + this->public.interface.get_id = (identification_t* (*) (public_key_t*, id_type_t))get_id; + this->public.interface.get_encoding = (chunk_t(*) (public_key_t*))get_encoding; + this->public.interface.get_ref = (public_key_t* (*) (public_key_t *this))get_ref; + this->public.interface.destroy = (void (*) (public_key_t *this))destroy; this->keyid = NULL; this->keyid_info = NULL; @@ -445,7 +578,7 @@ gmp_rsa_public_key_t *gmp_rsa_public_key_create_from_n_e(mpz_t n, mpz_t e) mpz_init_set(this->n, n); mpz_init_set(this->e, e); - this->k = (mpz_sizeinbase(this->n, 2) + 7) / 8; + this->k = (mpz_sizeinbase(this->n, 2) + 7) / BITS_PER_BYTE; if (!gmp_rsa_public_key_build_id(this->n, this->e, &this->keyid, &this->keyid_info)) { @@ -469,9 +602,9 @@ static const asn1Object_t pubkeyObjects[] = { #define PUB_KEY_EXPONENT 2 /** - * Load a public key from an ASN1 encoded blob + * Load a public key from an ASN.1 encoded blob */ -static gmp_rsa_public_key_t *load(chunk_t blob) +static gmp_rsa_public_key_t *load_asn1_der(chunk_t blob) { asn1_parser_t *parser; chunk_t object; @@ -507,7 +640,7 @@ static gmp_rsa_public_key_t *load(chunk_t blob) return NULL; } - this->k = (mpz_sizeinbase(this->n, 2) + 7) / 8; + this->k = (mpz_sizeinbase(this->n, 2) + 7) / BITS_PER_BYTE; if (!gmp_rsa_public_key_build_id(this->n, this->e, &this->keyid, &this->keyid_info)) @@ -518,6 +651,133 @@ static gmp_rsa_public_key_t *load(chunk_t blob) return &this->public; } +/** + * Load a public key from an OpenPGP blob + */ +static gmp_rsa_public_key_t* load_pgp(chunk_t blob) +{ + int objectID; + chunk_t packet = blob; + private_gmp_rsa_public_key_t *this = gmp_rsa_public_key_create_empty(); + + mpz_init(this->n); + mpz_init(this->e); + + for (objectID = PUB_KEY_MODULUS; objectID <= PUB_KEY_EXPONENT; objectID++) + { + chunk_t object; + + DBG2("L3 - %s:", pubkeyObjects[objectID].name); + object.len = pgp_length(&packet, 2); + + if (object.len == PGP_INVALID_LENGTH) + { + DBG1("OpenPGP length is invalid"); + goto end; + } + object.len = (object.len + 7) / BITS_PER_BYTE; + if (object.len > packet.len) + { + DBG1("OpenPGP field is too short"); + goto end; + } + object.ptr = packet.ptr; + packet.ptr += object.len; + packet.len -= object.len; + DBG4("%B", &object); + + switch (objectID) + { + case PUB_KEY_MODULUS: + mpz_import(this->n, object.len, 1, 1, 1, 0, object.ptr); + break; + case PUB_KEY_EXPONENT: + mpz_import(this->e, object.len, 1, 1, 1, 0, object.ptr); + break; + } + } + + this->k = (mpz_sizeinbase(this->n, 2) + 7) / BITS_PER_BYTE; + free(blob.ptr); + + if (!gmp_rsa_public_key_build_id(this->n, this->e, + &this->keyid, &this->keyid_info)) + { + destroy(this); + return NULL; + } + return &this->public; + +end: + free(blob.ptr); + destroy(this); + return NULL; +} + +/** + * Load a public key from an RFC 3110 encoded blob + */ +static gmp_rsa_public_key_t *load_rfc_3110(chunk_t blob) +{ + chunk_t exponent, modulus; + u_char *pos = blob.ptr; + size_t len = blob.len; + private_gmp_rsa_public_key_t *this = gmp_rsa_public_key_create_empty(); + + mpz_init(this->n); + mpz_init(this->e); + + if (blob.len < 3) + { + DBG1("RFC 3110 public key blob too short for exponent length"); + goto end; + } + if (pos[0] != 0x00) + { + exponent = chunk_create(pos + 1, pos[0]); + pos++; + len--; + } + else + { + exponent = chunk_create(pos + 3, 256*pos[1] + pos[2]); + pos += 3; + len -= 3; + } + if (exponent.len > len) + { + DBG1("RFC 3110 public key blob too short for exponent"); + goto end; + } + pos += exponent.len; + len -= exponent.len; + + if (len == 0) + { + DBG1("RFC 3110 public key blob has zero length modulus"); + goto end; + } + modulus = chunk_create(pos, len); + + mpz_import(this->n, modulus.len, 1, 1, 1, 0, modulus.ptr); + mpz_import(this->e, exponent.len, 1, 1, 1, 0, exponent.ptr); + this->k = (mpz_sizeinbase(this->n, 2) + 7) / BITS_PER_BYTE; + free(blob.ptr); + + if (!gmp_rsa_public_key_build_id(this->n, this->e, + &this->keyid, &this->keyid_info)) + { + destroy(this); + return NULL; + } + return &this->public; + +end: + free(blob.ptr); + destroy(this); + return NULL; +} + typedef struct private_builder_t private_builder_t; /** * Builder implementation for key loading @@ -556,7 +816,23 @@ static void add(private_builder_t *this, builder_part_t part, ...) { va_start(args, part); chunk = va_arg(args, chunk_t); - this->key = load(chunk_clone(chunk)); + this->key = load_asn1_der(chunk_clone(chunk)); + va_end(args); + return; + } + case BUILD_BLOB_PGP: + { + va_start(args, part); + chunk = va_arg(args, chunk_t); + this->key = load_pgp(chunk_clone(chunk)); + va_end(args); + return; + } + case BUILD_BLOB_RFC_3110: + { + va_start(args, part); + chunk = va_arg(args, chunk_t); + this->key = load_rfc_3110(chunk_clone(chunk)); va_end(args); return; } diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.h b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.h index 46c8c3fd8..ed7b9429f 100644 --- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.h +++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.h @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: gmp_rsa_public_key.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/hmac/Makefile.in b/src/libstrongswan/plugins/hmac/Makefile.in index 067763049..fc36bd9fa 100644 --- a/src/libstrongswan/plugins/hmac/Makefile.in +++ b/src/libstrongswan/plugins/hmac/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -88,6 +88,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -110,6 +111,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -121,6 +125,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -134,6 +139,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -194,6 +201,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -205,6 +213,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -224,8 +233,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -322,7 +331,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/hmac/hmac.c b/src/libstrongswan/plugins/hmac/hmac.c index b2f99bdc3..6dfa02233 100644 --- a/src/libstrongswan/plugins/hmac/hmac.c +++ b/src/libstrongswan/plugins/hmac/hmac.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General hmac License * for more details. - * - * $Id: hmac.c 3488 2008-02-21 15:10:02Z martin $ */ #include <string.h> diff --git a/src/libstrongswan/plugins/hmac/hmac_plugin.c b/src/libstrongswan/plugins/hmac/hmac_plugin.c index 7a09b7a4e..aa1e994b0 100644 --- a/src/libstrongswan/plugins/hmac/hmac_plugin.c +++ b/src/libstrongswan/plugins/hmac/hmac_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: hmac_plugin.c 4997 2009-03-24 10:24:58Z martin $ */ #include "hmac_plugin.h" @@ -70,6 +68,8 @@ plugin_t *plugin_create() (signer_constructor_t)hmac_signer_create); lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_128, (signer_constructor_t)hmac_signer_create); + lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA1_160, + (signer_constructor_t)hmac_signer_create); lib->crypto->add_signer(lib->crypto, AUTH_HMAC_SHA2_256_128, (signer_constructor_t)hmac_signer_create); lib->crypto->add_signer(lib->crypto, AUTH_HMAC_MD5_96, diff --git a/src/libstrongswan/plugins/hmac/hmac_prf.c b/src/libstrongswan/plugins/hmac/hmac_prf.c index 8d843bc5a..454d40be3 100644 --- a/src/libstrongswan/plugins/hmac/hmac_prf.c +++ b/src/libstrongswan/plugins/hmac/hmac_prf.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: hmac_prf.c 3488 2008-02-21 15:10:02Z martin $ */ #include "hmac_prf.h" diff --git a/src/libstrongswan/plugins/hmac/hmac_signer.c b/src/libstrongswan/plugins/hmac/hmac_signer.c index 89cae1716..b44bc2109 100644 --- a/src/libstrongswan/plugins/hmac/hmac_signer.c +++ b/src/libstrongswan/plugins/hmac/hmac_signer.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: hmac_signer.c 4997 2009-03-24 10:24:58Z martin $ */ #include <string.h> @@ -155,6 +153,10 @@ hmac_signer_t *hmac_signer_create(integrity_algorithm_t algo) hash = HASH_SHA1; trunc = 16; break; + case AUTH_HMAC_SHA1_160: + hash = HASH_SHA1; + trunc = 20; + break; case AUTH_HMAC_MD5_96: hash = HASH_MD5; trunc = 12; diff --git a/src/libstrongswan/plugins/ldap/Makefile.in b/src/libstrongswan/plugins/ldap/Makefile.in index e0109c6e8..6eefc8546 100644 --- a/src/libstrongswan/plugins/ldap/Makefile.in +++ b/src/libstrongswan/plugins/ldap/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -87,6 +87,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -109,6 +110,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -120,6 +124,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -133,6 +138,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -193,6 +200,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -204,6 +212,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -222,8 +231,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -318,7 +327,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/ldap/ldap_fetcher.c b/src/libstrongswan/plugins/ldap/ldap_fetcher.c index 8e55b800e..b2a40219f 100644 --- a/src/libstrongswan/plugins/ldap/ldap_fetcher.c +++ b/src/libstrongswan/plugins/ldap/ldap_fetcher.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: ldap_fetcher.c 3693 2008-03-28 22:44:45Z andreas $ */ #ifndef LDAP_DEPRECATED diff --git a/src/libstrongswan/plugins/ldap/ldap_plugin.c b/src/libstrongswan/plugins/ldap/ldap_plugin.c index 0925cb395..994f3db46 100644 --- a/src/libstrongswan/plugins/ldap/ldap_plugin.c +++ b/src/libstrongswan/plugins/ldap/ldap_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: ldap_plugin.c 3529 2008-03-05 15:26:24Z martin $ */ #include "ldap_plugin.h" diff --git a/src/libstrongswan/plugins/md4/Makefile.in b/src/libstrongswan/plugins/md4/Makefile.in index 4dbe8a6c4..efdb64e90 100644 --- a/src/libstrongswan/plugins/md4/Makefile.in +++ b/src/libstrongswan/plugins/md4/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -87,6 +87,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -109,6 +110,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -120,6 +124,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -133,6 +138,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -193,6 +200,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -204,6 +212,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -221,8 +230,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -317,7 +326,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/md4/md4_hasher.c b/src/libstrongswan/plugins/md4/md4_hasher.c index 9053bc68d..3801110dc 100644 --- a/src/libstrongswan/plugins/md4/md4_hasher.c +++ b/src/libstrongswan/plugins/md4/md4_hasher.c @@ -17,8 +17,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: md4_hasher.c 4885 2009-02-19 10:16:45Z andreas $ */ #include <string.h> diff --git a/src/libstrongswan/plugins/md4/md4_plugin.c b/src/libstrongswan/plugins/md4/md4_plugin.c index df77314f7..43ae6261d 100644 --- a/src/libstrongswan/plugins/md4/md4_plugin.c +++ b/src/libstrongswan/plugins/md4/md4_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: md4_plugin.c 4885 2009-02-19 10:16:45Z andreas $ */ #include "md4_plugin.h" diff --git a/src/libstrongswan/plugins/md5/Makefile.in b/src/libstrongswan/plugins/md5/Makefile.in index a73e78b05..15c98aba4 100644 --- a/src/libstrongswan/plugins/md5/Makefile.in +++ b/src/libstrongswan/plugins/md5/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -87,6 +87,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -109,6 +110,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -120,6 +124,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -133,6 +138,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -193,6 +200,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -204,6 +212,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -221,8 +230,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -317,7 +326,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/md5/md5_hasher.c b/src/libstrongswan/plugins/md5/md5_hasher.c index 2354139bb..0ec5c073a 100644 --- a/src/libstrongswan/plugins/md5/md5_hasher.c +++ b/src/libstrongswan/plugins/md5/md5_hasher.c @@ -17,8 +17,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: md5_hasher.c 3488 2008-02-21 15:10:02Z martin $ */ #include <string.h> diff --git a/src/libstrongswan/plugins/md5/md5_plugin.c b/src/libstrongswan/plugins/md5/md5_plugin.c index c1c9a0805..b1a3b495c 100644 --- a/src/libstrongswan/plugins/md5/md5_plugin.c +++ b/src/libstrongswan/plugins/md5/md5_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: md5_plugin.c 3488 2008-02-21 15:10:02Z martin $ */ #include "md5_plugin.h" diff --git a/src/libstrongswan/plugins/mysql/Makefile.in b/src/libstrongswan/plugins/mysql/Makefile.in index 9a16662b9..26b514ad6 100644 --- a/src/libstrongswan/plugins/mysql/Makefile.in +++ b/src/libstrongswan/plugins/mysql/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -87,6 +87,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -109,6 +110,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -120,6 +124,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -133,6 +138,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -193,6 +200,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -204,6 +212,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -224,8 +233,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -320,7 +329,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/mysql/mysql_database.c b/src/libstrongswan/plugins/mysql/mysql_database.c index 01f604fef..d0d5a3d15 100644 --- a/src/libstrongswan/plugins/mysql/mysql_database.c +++ b/src/libstrongswan/plugins/mysql/mysql_database.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: mysql_database.c 4193 2008-07-21 11:13:06Z martin $ */ #define _GNU_SOURCE diff --git a/src/libstrongswan/plugins/mysql/mysql_plugin.c b/src/libstrongswan/plugins/mysql/mysql_plugin.c index 29348ac14..92914ae6d 100644 --- a/src/libstrongswan/plugins/mysql/mysql_plugin.c +++ b/src/libstrongswan/plugins/mysql/mysql_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: mysql_plugin.c 3488 2008-02-21 15:10:02Z martin $ */ #include "mysql_plugin.h" diff --git a/src/libstrongswan/plugins/openssl/Makefile.in b/src/libstrongswan/plugins/openssl/Makefile.in index 0af89d377..0ebb5acf0 100644 --- a/src/libstrongswan/plugins/openssl/Makefile.in +++ b/src/libstrongswan/plugins/openssl/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -92,6 +92,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -114,6 +115,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -125,6 +129,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -138,6 +143,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -198,6 +205,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -209,6 +217,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -237,8 +246,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -341,7 +350,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.c b/src/libstrongswan/plugins/openssl/openssl_crypter.c index 5eddeb5f9..7f48f1009 100644 --- a/src/libstrongswan/plugins/openssl/openssl_crypter.c +++ b/src/libstrongswan/plugins/openssl/openssl_crypter.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_crypter.c 4879 2009-02-18 19:41:33Z tobias $ */ #include "openssl_crypter.h" @@ -133,10 +131,12 @@ static void crypt(private_openssl_crypter_t *this, chunk_t data, } EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(&ctx); - EVP_CipherInit_ex(&ctx, this->cipher, NULL, this->key.ptr, iv.ptr, enc); - EVP_CIPHER_CTX_set_padding(&ctx, 0); /* disable padding */ + EVP_CipherInit_ex(&ctx, this->cipher, NULL, NULL, NULL, enc); + EVP_CIPHER_CTX_set_padding(&ctx, 0); /* disable padding */ + EVP_CIPHER_CTX_set_key_length(&ctx, this->key.len); + EVP_CipherInit_ex(&ctx, NULL, NULL, this->key.ptr, iv.ptr, enc); EVP_CipherUpdate(&ctx, out, &len, data.ptr, data.len); - EVP_CipherFinal_ex(&ctx, out, &len); /* since padding is disabled this does nothing */ + EVP_CipherFinal_ex(&ctx, out + len, &len); /* since padding is disabled this does nothing */ EVP_CIPHER_CTX_cleanup(&ctx); } diff --git a/src/libstrongswan/plugins/openssl/openssl_crypter.h b/src/libstrongswan/plugins/openssl/openssl_crypter.h index 4510fb7ee..e5a899418 100644 --- a/src/libstrongswan/plugins/openssl/openssl_crypter.h +++ b/src/libstrongswan/plugins/openssl/openssl_crypter.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_crypter.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c index 7c83b3dea..fe042efdc 100644 --- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_diffie_hellman.c 4639 2008-11-12 15:09:24Z martin $ */ #include <openssl/dh.h> @@ -171,7 +169,7 @@ static status_t set_modulus(private_openssl_diffie_hellman_t *this) bool ansi_x9_42; ansi_x9_42 = lib->settings->get_bool(lib->settings, - "charon.dh_exponent_ansi_x9_42", TRUE); + "libstrongswan.dh_exponent_ansi_x9_42", TRUE); for (i = 0; i < (sizeof(modulus_entries) / sizeof(modulus_entry_t)); i++) { diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h index c67ce8970..bdc153812 100644 --- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h +++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_diffie_hellman.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c index 9a89ad045..c93acb75c 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_ec_diffie_hellman.c 4566 2008-11-04 13:12:11Z martin $ */ #include <openssl/ec.h> diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.h b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.h index 6b135b36b..9d17aed57 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.h +++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_ec_diffie_hellman.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c index aeab15f26..d6b442ae9 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_ec_private_key.c 4317 2008-09-02 11:00:13Z martin $ */ #include "openssl_ec_private_key.h" @@ -130,36 +128,18 @@ static bool sig2chunk(const EC_GROUP *group, ECDSA_SIG *sig, chunk_t *chunk) * Build the signature */ static bool build_signature(private_openssl_ec_private_key_t *this, - int hash_type, chunk_t data, chunk_t *signature) + chunk_t hash, chunk_t *signature) { - chunk_t hash = chunk_empty; - ECDSA_SIG *sig; - bool ret = FALSE; - - if (!openssl_hash_chunk(hash_type, data, &hash)) - { - return FALSE; - } - - sig = ECDSA_do_sign(hash.ptr, hash.len, this->ec); + ECDSA_SIG *sig = ECDSA_do_sign(hash.ptr, hash.len, this->ec); + bool success; + if (!sig) { - goto error; - } - - if (!sig2chunk(EC_KEY_get0_group(this->ec), sig, signature)) - { - goto error; - } - - ret = TRUE; -error: - chunk_free(&hash); - if (sig) - { - ECDSA_SIG_free(sig); + return FALSE; } - return ret; + success = sig2chunk(EC_KEY_get0_group(this->ec), sig, signature); + ECDSA_SIG_free(sig); + return success; } /** @@ -176,36 +156,51 @@ static key_type_t get_type(private_openssl_ec_private_key_t *this) static bool sign(private_openssl_ec_private_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t *signature) { - EC_GROUP *req_group; - const EC_GROUP *my_group; - int hash, curve; - - if (!lookup_scheme(scheme, &hash, &curve)) - { - DBG1("signature scheme %N not supported in EC", - signature_scheme_names, scheme); - return FALSE; - } - - req_group = EC_GROUP_new_by_curve_name(curve); - if (!req_group) + bool success; + + if (scheme == SIGN_ECDSA_WITH_NULL) { - DBG1("signature scheme %N not supported in EC (required curve not supported)", - signature_scheme_names, scheme); - return FALSE; + success = build_signature(this, data, signature); } - - my_group = EC_KEY_get0_group(this->ec); - if (EC_GROUP_cmp(my_group, req_group, NULL) != 0) + else { - DBG1("signature scheme %N not supported by private key", - signature_scheme_names, scheme); - return FALSE; - } + EC_GROUP *req_group; + const EC_GROUP *my_group; + chunk_t hash = chunk_empty; + int hash_type, curve; + + if (!lookup_scheme(scheme, &hash_type, &curve)) + { + DBG1("signature scheme %N not supported in EC", + signature_scheme_names, scheme); + return FALSE; + } - EC_GROUP_free(req_group); + req_group = EC_GROUP_new_by_curve_name(curve); + if (!req_group) + { + DBG1("signature scheme %N not supported in EC (required curve not supported)", + signature_scheme_names, scheme); + return FALSE; + } - return build_signature(this, hash, data, signature); + my_group = EC_KEY_get0_group(this->ec); + if (EC_GROUP_cmp(my_group, req_group, NULL) != 0) + { + DBG1("signature scheme %N not supported by private key", + signature_scheme_names, scheme); + return FALSE; + } + EC_GROUP_free(req_group); + + if (!openssl_hash_chunk(hash_type, data, &hash)) + { + return FALSE; + } + success = build_signature(this, hash, signature); + chunk_free(&hash); + } + return success; } /** diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.h b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.h index 29588ce18..6a6f7c867 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_private_key.h +++ b/src/libstrongswan/plugins/openssl/openssl_ec_private_key.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_ec_private_key.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c index 923df3938..635a106dd 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_ec_public_key.c 4317 2008-09-02 11:00:13Z martin $ */ #include "openssl_ec_public_key.h" @@ -75,9 +73,16 @@ static bool verify_signature(private_openssl_ec_public_key_t *this, ECDSA_SIG *sig; bool valid = FALSE; - if (!openssl_hash_chunk(hash_type, data, &hash)) + if (hash_type == NID_undef) { - return FALSE; + hash = data; + } + else + { + if (!openssl_hash_chunk(hash_type, data, &hash)) + { + return FALSE; + } } sig = ECDSA_SIG_new(); @@ -90,7 +95,6 @@ static bool verify_signature(private_openssl_ec_public_key_t *this, { goto error; } - valid = (ECDSA_do_verify(hash.ptr, hash.len, sig, this->ec) == 1); error: @@ -98,7 +102,10 @@ error: { ECDSA_SIG_free(sig); } - chunk_free(&hash); + if (hash_type != NID_undef) + { + chunk_free(&hash); + } return valid; } @@ -160,6 +167,8 @@ static bool verify(private_openssl_ec_public_key_t *this, signature_scheme_t sch { switch (scheme) { + case SIGN_ECDSA_WITH_NULL: + return verify_signature(this, NID_undef, data, signature); case SIGN_ECDSA_WITH_SHA1: return verify_default_signature(this, data, signature); case SIGN_ECDSA_256: @@ -178,7 +187,7 @@ static bool verify(private_openssl_ec_public_key_t *this, signature_scheme_t sch /** * Implementation of public_key_t.get_keysize. */ -static bool encrypt(private_openssl_ec_public_key_t *this, chunk_t crypto, chunk_t *plain) +static bool encrypt_(private_openssl_ec_public_key_t *this, chunk_t crypto, chunk_t *plain) { DBG1("EC public key encryption not implemented"); return FALSE; @@ -279,7 +288,7 @@ static private_openssl_ec_public_key_t *openssl_ec_public_key_create_empty() this->public.interface.get_type = (key_type_t (*)(public_key_t *this))get_type; this->public.interface.verify = (bool (*)(public_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t signature))verify; - this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt; + this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_; this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize; this->public.interface.get_id = (identification_t* (*) (public_key_t *this,id_type_t))get_id; this->public.interface.get_encoding = (chunk_t(*)(public_key_t*))get_encoding; @@ -331,24 +340,6 @@ bool openssl_ec_public_key_build_id(EC_KEY *ec, identification_t **keyid, } /** - * Create a public key from BIGNUM values, used in openssl_ec_private_key.c - */ -openssl_ec_public_key_t *openssl_ec_public_key_create_from_private_key(EC_KEY *ec) -{ - private_openssl_ec_public_key_t *this = openssl_ec_public_key_create_empty(); - - this->ec = EC_KEY_new(); - EC_KEY_set_public_key(this->ec, EC_KEY_get0_public_key(ec)); - - if (!openssl_ec_public_key_build_id(this->ec, &this->keyid, &this->keyid_info)) - { - destroy(this); - return NULL; - } - return &this->public; -} - -/** * Load a public key from an ASN1 encoded blob */ static openssl_ec_public_key_t *load(chunk_t blob) @@ -374,6 +365,14 @@ static openssl_ec_public_key_t *load(chunk_t blob) return &this->public; } +/** + * Create a public key from BIGNUM values, used in openssl_ec_private_key.c + */ +openssl_ec_public_key_t *openssl_ec_public_key_create_from_private_key(EC_KEY *ec) +{ + return (openssl_ec_public_key_t*)load(get_encoding_full(ec)); +} + typedef struct private_builder_t private_builder_t; /** * Builder implementation for key loading diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.h b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.h index 83552d590..bdbb2fe6e 100644 --- a/src/libstrongswan/plugins/openssl/openssl_ec_public_key.h +++ b/src/libstrongswan/plugins/openssl/openssl_ec_public_key.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_ec_public_key.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/openssl/openssl_hasher.c b/src/libstrongswan/plugins/openssl/openssl_hasher.c index d344dbd51..ed3e57957 100644 --- a/src/libstrongswan/plugins/openssl/openssl_hasher.c +++ b/src/libstrongswan/plugins/openssl/openssl_hasher.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_hasher.c 4879 2009-02-18 19:41:33Z tobias $ */ #include "openssl_hasher.h" diff --git a/src/libstrongswan/plugins/openssl/openssl_hasher.h b/src/libstrongswan/plugins/openssl/openssl_hasher.h index 52699f7ff..aec5bc7dd 100644 --- a/src/libstrongswan/plugins/openssl/openssl_hasher.h +++ b/src/libstrongswan/plugins/openssl/openssl_hasher.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_hasher.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c index 725daff01..a90dff7f1 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.c +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_plugin.c 4879 2009-02-18 19:41:33Z tobias $ */ #include <openssl/conf.h> @@ -121,7 +119,7 @@ static void destroy_function(struct CRYPTO_dynlock_value *lock, */ static unsigned long id_function(void) { - return pthread_self(); + return (unsigned long)pthread_self(); } /** diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.h b/src/libstrongswan/plugins/openssl/openssl_plugin.h index a6d2a060e..9f422c9d0 100644 --- a/src/libstrongswan/plugins/openssl/openssl_plugin.h +++ b/src/libstrongswan/plugins/openssl/openssl_plugin.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_plugin.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c index 9730e0ab2..c5d4142da 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_rsa_private_key.c 4745 2008-12-03 10:12:20Z tobias $ */ #include "openssl_rsa_private_key.h" @@ -80,65 +78,75 @@ openssl_rsa_public_key_t *openssl_rsa_public_key_create_from_n_e(BIGNUM *n, BIGN * Build an EMPSA PKCS1 signature described in PKCS#1 */ static bool build_emsa_pkcs1_signature(private_openssl_rsa_private_key_t *this, - int type, chunk_t data, chunk_t *out) + int type, chunk_t data, chunk_t *sig) { bool success = FALSE; - u_char *sig = NULL; - u_int len; - const EVP_MD *hasher = EVP_get_digestbynid(type); - if (!hasher) - { - return FALSE; - } - - EVP_MD_CTX *ctx = EVP_MD_CTX_create(); - EVP_PKEY *key = EVP_PKEY_new(); - if (!ctx || !key) - { - goto error; - } - - if (!EVP_PKEY_set1_RSA(key, this->rsa)) - { - goto error; - } - - if (!EVP_SignInit_ex(ctx, hasher, NULL)) - { - goto error; - } - - if (!EVP_SignUpdate(ctx, data.ptr, data.len)) - { - goto error; - } - - sig = malloc(EVP_PKEY_size(key)); - if (EVP_SignFinal(ctx, sig, &len, key)) + + *sig = chunk_alloc(RSA_size(this->rsa)); + + if (type == NID_undef) { - out->ptr = sig; - out->len = len; - success = TRUE; + if (RSA_private_encrypt(data.len, data.ptr, sig->ptr, this->rsa, + RSA_PKCS1_PADDING) == sig->len) + { + success = TRUE; + } } else { - free(sig); - } + EVP_MD_CTX *ctx; + EVP_PKEY *key; + const EVP_MD *hasher; + u_int len; + + hasher = EVP_get_digestbynid(type); + if (!hasher) + { + return FALSE; + } + + ctx = EVP_MD_CTX_create(); + key = EVP_PKEY_new(); + if (!ctx || !key) + { + goto error; + } + if (!EVP_PKEY_set1_RSA(key, this->rsa)) + { + goto error; + } + if (!EVP_SignInit_ex(ctx, hasher, NULL)) + { + goto error; + } + if (!EVP_SignUpdate(ctx, data.ptr, data.len)) + { + goto error; + } + if (EVP_SignFinal(ctx, sig->ptr, &len, key)) + { + success = TRUE; + } error: - if (key) - { - EVP_PKEY_free(key); + if (key) + { + EVP_PKEY_free(key); + } + if (ctx) + { + EVP_MD_CTX_destroy(ctx); + } } - if (ctx) + if (!success) { - EVP_MD_CTX_destroy(ctx); + free(sig->ptr); } return success; } /** - * Implementation of openssl_rsa_private_key.destroy. + * Implementation of openssl_rsa_private_key.get_type. */ static key_type_t get_type(private_openssl_rsa_private_key_t *this) { @@ -146,15 +154,15 @@ static key_type_t get_type(private_openssl_rsa_private_key_t *this) } /** - * Implementation of openssl_rsa_private_key.destroy. + * Implementation of openssl_rsa_private_key.sign. */ static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t *signature) { switch (scheme) { - case SIGN_DEFAULT: - /* default is EMSA-PKCS1 using SHA1 */ + case SIGN_RSA_EMSA_PKCS1_NULL: + return build_emsa_pkcs1_signature(this, NID_undef, data, signature); case SIGN_RSA_EMSA_PKCS1_SHA1: return build_emsa_pkcs1_signature(this, NID_sha1, data, signature); case SIGN_RSA_EMSA_PKCS1_SHA256: @@ -173,7 +181,7 @@ static bool sign(private_openssl_rsa_private_key_t *this, signature_scheme_t sch } /** - * Implementation of openssl_rsa_private_key.destroy. + * Implementation of openssl_rsa_private_key.decrypt. */ static bool decrypt(private_openssl_rsa_private_key_t *this, chunk_t crypto, chunk_t *plain) @@ -183,7 +191,7 @@ static bool decrypt(private_openssl_rsa_private_key_t *this, } /** - * Implementation of openssl_rsa_private_key.destroy. + * Implementation of openssl_rsa_private_key.get_keysize. */ static size_t get_keysize(private_openssl_rsa_private_key_t *this) { @@ -191,7 +199,7 @@ static size_t get_keysize(private_openssl_rsa_private_key_t *this) } /** - * Implementation of openssl_rsa_private_key.destroy. + * Implementation of openssl_rsa_private_key.get_id. */ static identification_t* get_id(private_openssl_rsa_private_key_t *this, id_type_t type) @@ -208,7 +216,7 @@ static identification_t* get_id(private_openssl_rsa_private_key_t *this, } /** - * Implementation of openssl_rsa_private_key.destroy. + * Implementation of openssl_rsa_private_key.get_public_key. */ static openssl_rsa_public_key_t* get_public_key(private_openssl_rsa_private_key_t *this) { @@ -216,7 +224,35 @@ static openssl_rsa_public_key_t* get_public_key(private_openssl_rsa_private_key_ } /** - * Implementation of openssl_rsa_private_key.destroy. + * Implementation of openssl_rsa_private_key.equals. + */ +static bool equals(private_openssl_rsa_private_key_t *this, private_key_t *other) +{ + identification_t *keyid; + + if (&this->public.interface == other) + { + return TRUE; + } + if (other->get_type(other) != KEY_RSA) + { + return FALSE; + } + keyid = other->get_id(other, ID_PUBKEY_SHA1); + if (keyid && keyid->equals(keyid, this->keyid)) + { + return TRUE; + } + keyid = other->get_id(other, ID_PUBKEY_INFO_SHA1); + if (keyid && keyid->equals(keyid, this->keyid_info)) + { + return TRUE; + } + return FALSE; +} + +/** + * Implementation of openssl_rsa_private_key.belongs_to. */ static bool belongs_to(private_openssl_rsa_private_key_t *this, public_key_t *public) { @@ -255,7 +291,7 @@ static chunk_t get_encoding(private_openssl_rsa_private_key_t *this) } /** - * Implementation of openssl_rsa_private_key.destroy. + * Implementation of openssl_rsa_private_key.get_ref. */ static private_openssl_rsa_private_key_t* get_ref(private_openssl_rsa_private_key_t *this) { @@ -288,16 +324,17 @@ static private_openssl_rsa_private_key_t *openssl_rsa_private_key_create_empty(v { private_openssl_rsa_private_key_t *this = malloc_thing(private_openssl_rsa_private_key_t); - this->public.interface.get_type = (key_type_t (*)(private_key_t *this))get_type; - this->public.interface.sign = (bool (*)(private_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t *signature))sign; - this->public.interface.decrypt = (bool (*)(private_key_t *this, chunk_t crypto, chunk_t *plain))decrypt; - this->public.interface.get_keysize = (size_t (*) (private_key_t *this))get_keysize; - this->public.interface.get_id = (identification_t* (*) (private_key_t *this,id_type_t))get_id; - this->public.interface.get_public_key = (public_key_t* (*)(private_key_t *this))get_public_key; - this->public.interface.belongs_to = (bool (*) (private_key_t *this, public_key_t *public))belongs_to; - this->public.interface.get_encoding = (chunk_t(*)(private_key_t*))get_encoding; - this->public.interface.get_ref = (private_key_t* (*)(private_key_t *this))get_ref; - this->public.interface.destroy = (void (*)(private_key_t *this))destroy; + this->public.interface.get_type = (key_type_t (*) (private_key_t*))get_type; + this->public.interface.sign = (bool (*) (private_key_t*, signature_scheme_t, chunk_t, chunk_t*))sign; + this->public.interface.decrypt = (bool (*) (private_key_t*, chunk_t, chunk_t*))decrypt; + this->public.interface.get_keysize = (size_t (*) (private_key_t*))get_keysize; + this->public.interface.get_id = (identification_t* (*) (private_key_t*, id_type_t))get_id; + this->public.interface.get_public_key = (public_key_t* (*) (private_key_t*))get_public_key; + this->public.interface.equals = (bool (*) (private_key_t*, private_key_t*))equals; + this->public.interface.belongs_to = (bool (*) (private_key_t*, public_key_t*))belongs_to; + this->public.interface.get_encoding = (chunk_t(*) (private_key_t*))get_encoding; + this->public.interface.get_ref = (private_key_t* (*) (private_key_t*))get_ref; + this->public.interface.destroy = (void (*) (private_key_t*))destroy; this->engine = FALSE; this->keyid = NULL; diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.h b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.h index 05d83416c..53ec44b28 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.h +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_private_key.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_rsa_private_key.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c index 794fa8123..89912f24c 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_rsa_public_key.c 4567 2008-11-04 14:05:42Z martin $ */ #include "openssl_rsa_public_key.h" @@ -62,49 +60,65 @@ static bool verify_emsa_pkcs1_signature(private_openssl_rsa_public_key_t *this, int type, chunk_t data, chunk_t signature) { bool valid = FALSE; - const EVP_MD *hasher = EVP_get_digestbynid(type); - if (!hasher) - { - return FALSE; - } - - EVP_MD_CTX *ctx = EVP_MD_CTX_create(); - EVP_PKEY *key = EVP_PKEY_new(); - if (!ctx || !key) - { - goto error; - } - - if (!EVP_PKEY_set1_RSA(key, this->rsa)) - { - goto error; - } - - if (!EVP_VerifyInit_ex(ctx, hasher, NULL)) + int rsa_size = RSA_size(this->rsa); + + /* OpenSSL expects a signature of exactly RSA size (no leading 0x00) */ + if (signature.len > rsa_size) { - goto error; + signature = chunk_skip(signature, signature.len - rsa_size); } - - if (!EVP_VerifyUpdate(ctx, data.ptr, data.len)) + + if (type == NID_undef) { - goto error; + chunk_t hash = chunk_alloc(rsa_size); + + hash.len = RSA_public_decrypt(signature.len, signature.ptr, hash.ptr, + this->rsa, RSA_PKCS1_PADDING); + valid = chunk_equals(data, hash); + free(hash.ptr); } - - /* VerifyFinal expects a signature of exactly RSA size (no leading 0x00) */ - if (signature.len > RSA_size(this->rsa)) + else { - signature = chunk_skip(signature, signature.len - RSA_size(this->rsa)); - } - valid = (EVP_VerifyFinal(ctx, signature.ptr, signature.len, key) == 1); + EVP_MD_CTX *ctx; + EVP_PKEY *key; + const EVP_MD *hasher; + + hasher = EVP_get_digestbynid(type); + if (!hasher) + { + return FALSE; + } + + ctx = EVP_MD_CTX_create(); + key = EVP_PKEY_new(); + + if (!ctx || !key) + { + goto error; + } + if (!EVP_PKEY_set1_RSA(key, this->rsa)) + { + goto error; + } + if (!EVP_VerifyInit_ex(ctx, hasher, NULL)) + { + goto error; + } + if (!EVP_VerifyUpdate(ctx, data.ptr, data.len)) + { + goto error; + } + valid = (EVP_VerifyFinal(ctx, signature.ptr, signature.len, key) == 1); error: - if (key) - { - EVP_PKEY_free(key); - } - if (ctx) - { - EVP_MD_CTX_destroy(ctx); + if (key) + { + EVP_PKEY_free(key); + } + if (ctx) + { + EVP_MD_CTX_destroy(ctx); + } } return valid; } @@ -125,8 +139,8 @@ static bool verify(private_openssl_rsa_public_key_t *this, signature_scheme_t sc { switch (scheme) { - case SIGN_DEFAULT: - /* default is EMSA-PKCS1 using SHA1 */ + case SIGN_RSA_EMSA_PKCS1_NULL: + return verify_emsa_pkcs1_signature(this, NID_undef, data, signature); case SIGN_RSA_EMSA_PKCS1_SHA1: return verify_emsa_pkcs1_signature(this, NID_sha1, data, signature); case SIGN_RSA_EMSA_PKCS1_SHA256: @@ -147,13 +161,41 @@ static bool verify(private_openssl_rsa_public_key_t *this, signature_scheme_t sc /** * Implementation of public_key_t.get_keysize. */ -static bool encrypt(private_openssl_rsa_public_key_t *this, chunk_t crypto, chunk_t *plain) +static bool encrypt_(private_openssl_rsa_public_key_t *this, chunk_t crypto, chunk_t *plain) { DBG1("RSA public key encryption not implemented"); return FALSE; } /** + * Implementation of public_key_t.equals. + */ +static bool equals(private_openssl_rsa_public_key_t *this, public_key_t *other) +{ + identification_t *keyid; + + if (&this->public.interface == other) + { + return TRUE; + } + if (other->get_type(other) != KEY_RSA) + { + return FALSE; + } + keyid = other->get_id(other, ID_PUBKEY_SHA1); + if (keyid && keyid->equals(keyid, this->keyid)) + { + return TRUE; + } + keyid = other->get_id(other, ID_PUBKEY_INFO_SHA1); + if (keyid && keyid->equals(keyid, this->keyid_info)) + { + return TRUE; + } + return FALSE; +} + +/** * Implementation of public_key_t.get_keysize. */ static size_t get_keysize(private_openssl_rsa_public_key_t *this) @@ -263,7 +305,8 @@ static private_openssl_rsa_public_key_t *openssl_rsa_public_key_create_empty() this->public.interface.get_type = (key_type_t (*)(public_key_t *this))get_type; this->public.interface.verify = (bool (*)(public_key_t *this, signature_scheme_t scheme, chunk_t data, chunk_t signature))verify; - this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt; + this->public.interface.encrypt = (bool (*)(public_key_t *this, chunk_t crypto, chunk_t *plain))encrypt_; + this->public.interface.equals = (bool (*) (public_key_t*, public_key_t*))equals; this->public.interface.get_keysize = (size_t (*) (public_key_t *this))get_keysize; this->public.interface.get_id = (identification_t* (*) (public_key_t *this,id_type_t))get_id; this->public.interface.get_encoding = (chunk_t(*)(public_key_t*))get_encoding; diff --git a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.h b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.h index c97ba1b92..ff99ddbc5 100644 --- a/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.h +++ b/src/libstrongswan/plugins/openssl/openssl_rsa_public_key.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_rsa_public_key.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/openssl/openssl_util.c b/src/libstrongswan/plugins/openssl/openssl_util.c index 3c4f6595b..bb0c296e1 100644 --- a/src/libstrongswan/plugins/openssl/openssl_util.c +++ b/src/libstrongswan/plugins/openssl/openssl_util.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_util.c 4051 2008-06-10 09:08:27Z tobias $ */ #include "openssl_util.h" diff --git a/src/libstrongswan/plugins/openssl/openssl_util.h b/src/libstrongswan/plugins/openssl/openssl_util.h index e780e2a25..6ba1ff07b 100644 --- a/src/libstrongswan/plugins/openssl/openssl_util.h +++ b/src/libstrongswan/plugins/openssl/openssl_util.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: openssl_util.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/padlock/Makefile.in b/src/libstrongswan/plugins/padlock/Makefile.in index 290b4836d..7fe0cc198 100644 --- a/src/libstrongswan/plugins/padlock/Makefile.in +++ b/src/libstrongswan/plugins/padlock/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -89,6 +89,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -111,6 +112,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -122,6 +126,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -135,6 +140,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -195,6 +202,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -206,6 +214,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -227,8 +236,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -325,7 +334,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c index f6f9b3501..afdd85b79 100644 --- a/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c +++ b/src/libstrongswan/plugins/padlock/padlock_aes_crypter.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "padlock_aes_crypter.h" diff --git a/src/libstrongswan/plugins/padlock/padlock_plugin.c b/src/libstrongswan/plugins/padlock/padlock_plugin.c index d0b55bcd9..dddb73551 100644 --- a/src/libstrongswan/plugins/padlock/padlock_plugin.c +++ b/src/libstrongswan/plugins/padlock/padlock_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "padlock_plugin.h" @@ -159,7 +157,7 @@ plugin_t *plugin_create() if (this->features & PADLOCK_RNG_ENABLED) { - lib->crypto->add_rng(lib->crypto, RNG_REAL, + lib->crypto->add_rng(lib->crypto, RNG_TRUE, (rng_constructor_t)padlock_rng_create); lib->crypto->add_rng(lib->crypto, RNG_STRONG, (rng_constructor_t)padlock_rng_create); diff --git a/src/libstrongswan/plugins/padlock/padlock_rng.c b/src/libstrongswan/plugins/padlock/padlock_rng.c index 50d9f0c43..8a04dccfc 100644 --- a/src/libstrongswan/plugins/padlock/padlock_rng.c +++ b/src/libstrongswan/plugins/padlock/padlock_rng.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "padlock_rng.h" @@ -126,7 +124,7 @@ padlock_rng_t *padlock_rng_create(rng_quality_t quality) case RNG_STRONG: this->quality = PADLOCK_QF1; break; - case RNG_REAL: + case RNG_TRUE: this->quality = PADLOCK_QF3; break; } diff --git a/src/libstrongswan/plugins/padlock/padlock_rng.h b/src/libstrongswan/plugins/padlock/padlock_rng.h index 505f4649c..237d8fbe2 100644 --- a/src/libstrongswan/plugins/padlock/padlock_rng.h +++ b/src/libstrongswan/plugins/padlock/padlock_rng.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ /** diff --git a/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c b/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c index 4ac5ddf4d..b5a6abc64 100644 --- a/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c +++ b/src/libstrongswan/plugins/padlock/padlock_sha1_hasher.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include <string.h> diff --git a/src/libstrongswan/plugins/plugin_loader.c b/src/libstrongswan/plugins/plugin_loader.c index 6480a2760..ad5a9e240 100644 --- a/src/libstrongswan/plugins/plugin_loader.c +++ b/src/libstrongswan/plugins/plugin_loader.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: plugin_loader.c 4144 2008-07-02 08:19:43Z martin $ */ #define _GNU_SOURCE diff --git a/src/libstrongswan/plugins/pubkey/Makefile.in b/src/libstrongswan/plugins/pubkey/Makefile.in index eb5e19f08..4514424f2 100644 --- a/src/libstrongswan/plugins/pubkey/Makefile.in +++ b/src/libstrongswan/plugins/pubkey/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -89,6 +89,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -111,6 +112,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -122,6 +126,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -135,6 +140,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -195,6 +202,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -206,6 +214,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -226,8 +235,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -323,7 +332,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/pubkey/pubkey_cert.c b/src/libstrongswan/plugins/pubkey/pubkey_cert.c index 762557094..863a8a1d4 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_cert.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_cert.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "pubkey_cert.h" diff --git a/src/libstrongswan/plugins/pubkey/pubkey_cert.h b/src/libstrongswan/plugins/pubkey/pubkey_cert.h index b04824fee..394fc8b98 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_cert.h +++ b/src/libstrongswan/plugins/pubkey/pubkey_cert.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ /** diff --git a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c index dd7ac6fd1..7672e8dc1 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_plugin.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "pubkey_plugin.h" diff --git a/src/libstrongswan/plugins/pubkey/pubkey_public_key.c b/src/libstrongswan/plugins/pubkey/pubkey_public_key.c index 4b5f4aac2..6d3ae66ab 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_public_key.c +++ b/src/libstrongswan/plugins/pubkey/pubkey_public_key.c @@ -13,8 +13,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: pubkey_public_key.c 4379 2008-10-08 01:19:26Z andreas $ */ #include "pubkey_public_key.h" @@ -147,7 +145,7 @@ static void add(private_builder_t *this, builder_part_t part, ...) va_start(args, part); pem = va_arg(args, char *); blob = chunk_clone(chunk_create(pem, strlen(pem))); - if (pem_to_bin(&blob, &chunk_empty, &pgp)) + if (pem_to_bin(&blob, chunk_empty, &pgp) == SUCCESS) { this->key = pubkey_public_key_load(chunk_clone(blob)); } diff --git a/src/libstrongswan/plugins/pubkey/pubkey_public_key.h b/src/libstrongswan/plugins/pubkey/pubkey_public_key.h index 0545feeee..d3198fab2 100644 --- a/src/libstrongswan/plugins/pubkey/pubkey_public_key.h +++ b/src/libstrongswan/plugins/pubkey/pubkey_public_key.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: pubkey_public_key.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/random/Makefile.in b/src/libstrongswan/plugins/random/Makefile.in index f5e3c4cc9..0bed27468 100644 --- a/src/libstrongswan/plugins/random/Makefile.in +++ b/src/libstrongswan/plugins/random/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -88,6 +88,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -110,6 +111,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -121,6 +125,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -134,6 +139,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -194,6 +201,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -205,6 +213,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -224,8 +233,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -320,7 +329,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/random/random_plugin.c b/src/libstrongswan/plugins/random/random_plugin.c index 3eff81ee0..5f04f1d79 100644 --- a/src/libstrongswan/plugins/random/random_plugin.c +++ b/src/libstrongswan/plugins/random/random_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "random_plugin.h" @@ -54,7 +52,7 @@ plugin_t *plugin_create() lib->crypto->add_rng(lib->crypto, RNG_STRONG, (rng_constructor_t)random_rng_create); - lib->crypto->add_rng(lib->crypto, RNG_REAL, + lib->crypto->add_rng(lib->crypto, RNG_TRUE, (rng_constructor_t)random_rng_create); return &this->public.plugin; diff --git a/src/libstrongswan/plugins/random/random_rng.c b/src/libstrongswan/plugins/random/random_rng.c index 45a1b5138..22d21574e 100644 --- a/src/libstrongswan/plugins/random/random_rng.c +++ b/src/libstrongswan/plugins/random/random_rng.c @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include <string.h> @@ -114,7 +112,7 @@ random_rng_t *random_rng_create(rng_quality_t quality) this->public.rng.allocate_bytes = (void (*) (rng_t *, size_t, chunk_t*)) allocate_bytes; this->public.rng.destroy = (void (*) (rng_t *))destroy; - if (quality == RNG_REAL) + if (quality == RNG_TRUE) { this->file = DEV_RANDOM; } diff --git a/src/libstrongswan/plugins/random/random_rng.h b/src/libstrongswan/plugins/random/random_rng.h index 3426d694e..bcb9cb204 100644 --- a/src/libstrongswan/plugins/random/random_rng.h +++ b/src/libstrongswan/plugins/random/random_rng.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ /** diff --git a/src/libstrongswan/plugins/sha1/Makefile.in b/src/libstrongswan/plugins/sha1/Makefile.in index ece7381b2..c8b8905bb 100644 --- a/src/libstrongswan/plugins/sha1/Makefile.in +++ b/src/libstrongswan/plugins/sha1/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -88,6 +88,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -110,6 +111,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -121,6 +125,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -134,6 +139,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -194,6 +201,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -205,6 +213,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -224,8 +233,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -321,7 +330,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/sha1/sha1_hasher.c b/src/libstrongswan/plugins/sha1/sha1_hasher.c index ea0882cb5..ba3dd9592 100644 --- a/src/libstrongswan/plugins/sha1/sha1_hasher.c +++ b/src/libstrongswan/plugins/sha1/sha1_hasher.c @@ -15,8 +15,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: sha1_hasher.c 4308 2008-08-28 10:57:24Z martin $ */ #include <string.h> diff --git a/src/libstrongswan/plugins/sha1/sha1_plugin.c b/src/libstrongswan/plugins/sha1/sha1_plugin.c index 58f0faf56..b9eb62ac5 100644 --- a/src/libstrongswan/plugins/sha1/sha1_plugin.c +++ b/src/libstrongswan/plugins/sha1/sha1_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: sha1_plugin.c 4308 2008-08-28 10:57:24Z martin $ */ #include "sha1_plugin.h" diff --git a/src/libstrongswan/plugins/sha1/sha1_prf.c b/src/libstrongswan/plugins/sha1/sha1_prf.c index 668801caf..4a5f7c293 100644 --- a/src/libstrongswan/plugins/sha1/sha1_prf.c +++ b/src/libstrongswan/plugins/sha1/sha1_prf.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "sha1_prf.h" diff --git a/src/libstrongswan/plugins/sha2/Makefile.in b/src/libstrongswan/plugins/sha2/Makefile.in index 6b28b68a1..f37c93502 100644 --- a/src/libstrongswan/plugins/sha2/Makefile.in +++ b/src/libstrongswan/plugins/sha2/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -87,6 +87,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -109,6 +110,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -120,6 +124,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -133,6 +138,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -193,6 +200,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -204,6 +212,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -221,8 +230,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -317,7 +326,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/sha2/sha2_hasher.c b/src/libstrongswan/plugins/sha2/sha2_hasher.c index ca9c2f926..0e8811cca 100644 --- a/src/libstrongswan/plugins/sha2/sha2_hasher.c +++ b/src/libstrongswan/plugins/sha2/sha2_hasher.c @@ -14,8 +14,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: sha2_hasher.c 3488 2008-02-21 15:10:02Z martin $ */ #include <string.h> diff --git a/src/libstrongswan/plugins/sha2/sha2_plugin.c b/src/libstrongswan/plugins/sha2/sha2_plugin.c index ebb2947ef..21bc592dc 100644 --- a/src/libstrongswan/plugins/sha2/sha2_plugin.c +++ b/src/libstrongswan/plugins/sha2/sha2_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: sha2_plugin.c 3488 2008-02-21 15:10:02Z martin $ */ #include "sha2_plugin.h" diff --git a/src/libstrongswan/plugins/sqlite/Makefile.in b/src/libstrongswan/plugins/sqlite/Makefile.in index e6732a195..547548bd7 100644 --- a/src/libstrongswan/plugins/sqlite/Makefile.in +++ b/src/libstrongswan/plugins/sqlite/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -89,6 +89,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -111,6 +112,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -122,6 +126,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -135,6 +140,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -195,6 +202,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -206,6 +214,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -226,8 +235,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -322,7 +331,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/sqlite/sqlite_database.c b/src/libstrongswan/plugins/sqlite/sqlite_database.c index c8d9e5beb..ce873b714 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_database.c +++ b/src/libstrongswan/plugins/sqlite/sqlite_database.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: sqlite_database.c 4268 2008-08-21 11:58:58Z andreas $ */ #include "sqlite_database.h" diff --git a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c index 441e59a5e..bedf91e0f 100644 --- a/src/libstrongswan/plugins/sqlite/sqlite_plugin.c +++ b/src/libstrongswan/plugins/sqlite/sqlite_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: sqlite_plugin.c 3488 2008-02-21 15:10:02Z martin $ */ #include "sqlite_plugin.h" diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.am b/src/libstrongswan/plugins/test_vectors/Makefile.am new file mode 100644 index 000000000..27d17c084 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/Makefile.am @@ -0,0 +1,33 @@ + +INCLUDES = -I$(top_srcdir)/src/libstrongswan + +AM_CFLAGS = -rdynamic + +plugin_LTLIBRARIES = libstrongswan-test-vectors.la + +libstrongswan_test_vectors_la_SOURCES = \ + test_vectors_plugin.h test_vectors_plugin.c test_vectors.h \ + test_vectors/3des_cbc.c \ + test_vectors/aes_cbc.c \ + test_vectors/aes_xcbc.c \ + test_vectors/blowfish.c \ + test_vectors/camellia_cbc.c \ + test_vectors/cast.c \ + test_vectors/des.c \ + test_vectors/idea.c \ + test_vectors/null.c \ + test_vectors/rc5.c \ + test_vectors/serpent_cbc.c \ + test_vectors/twofish_cbc.c \ + test_vectors/md2.c \ + test_vectors/md4.c \ + test_vectors/md5.c \ + test_vectors/md5_hmac.c \ + test_vectors/sha1.c \ + test_vectors/sha1_hmac.c \ + test_vectors/sha2.c \ + test_vectors/sha2_hmac.c \ + test_vectors/fips_prf.c \ + test_vectors/rng.c +libstrongswan_test_vectors_la_LDFLAGS = -module + diff --git a/src/libstrongswan/plugins/test_vectors/Makefile.in b/src/libstrongswan/plugins/test_vectors/Makefile.in new file mode 100644 index 000000000..bb877620c --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/Makefile.in @@ -0,0 +1,710 @@ +# Makefile.in generated by automake 1.10.2 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/libstrongswan/plugins/test_vectors +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_CLEAN_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(plugindir)" +pluginLTLIBRARIES_INSTALL = $(INSTALL) +LTLIBRARIES = $(plugin_LTLIBRARIES) +libstrongswan_test_vectors_la_LIBADD = +am_libstrongswan_test_vectors_la_OBJECTS = test_vectors_plugin.lo \ + 3des_cbc.lo aes_cbc.lo aes_xcbc.lo blowfish.lo camellia_cbc.lo \ + cast.lo des.lo idea.lo null.lo rc5.lo serpent_cbc.lo \ + twofish_cbc.lo md2.lo md4.lo md5.lo md5_hmac.lo sha1.lo \ + sha1_hmac.lo sha2.lo sha2_hmac.lo fips_prf.lo rng.lo +libstrongswan_test_vectors_la_OBJECTS = \ + $(am_libstrongswan_test_vectors_la_OBJECTS) +libstrongswan_test_vectors_la_LINK = $(LIBTOOL) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(AM_CFLAGS) $(CFLAGS) \ + $(libstrongswan_test_vectors_la_LDFLAGS) $(LDFLAGS) -o $@ +DEFAULT_INCLUDES = -I.@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(libstrongswan_test_vectors_la_SOURCES) +DIST_SOURCES = $(libstrongswan_test_vectors_la_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GPERF = @GPERF@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +IPSEC_ROUTING_TABLE = @IPSEC_ROUTING_TABLE@ +IPSEC_ROUTING_TABLE_PRIO = @IPSEC_ROUTING_TABLE_PRIO@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LINUX_HEADERS = @LINUX_HEADERS@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +confdir = @confdir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +gtk_CFLAGS = @gtk_CFLAGS@ +gtk_LIBS = @gtk_LIBS@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +ipsecdir = @ipsecdir@ +ipsecgroup = @ipsecgroup@ +ipsecuser = @ipsecuser@ +libdir = @libdir@ +libexecdir = @libexecdir@ +libstrongswan_plugins = @libstrongswan_plugins@ +linuxdir = @linuxdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +piddir = @piddir@ +plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +resolv_conf = @resolv_conf@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +simreader = @simreader@ +srcdir = @srcdir@ +strongswan_conf = @strongswan_conf@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +INCLUDES = -I$(top_srcdir)/src/libstrongswan +AM_CFLAGS = -rdynamic +plugin_LTLIBRARIES = libstrongswan-test-vectors.la +libstrongswan_test_vectors_la_SOURCES = \ + test_vectors_plugin.h test_vectors_plugin.c test_vectors.h \ + test_vectors/3des_cbc.c \ + test_vectors/aes_cbc.c \ + test_vectors/aes_xcbc.c \ + test_vectors/blowfish.c \ + test_vectors/camellia_cbc.c \ + test_vectors/cast.c \ + test_vectors/des.c \ + test_vectors/idea.c \ + test_vectors/null.c \ + test_vectors/rc5.c \ + test_vectors/serpent_cbc.c \ + test_vectors/twofish_cbc.c \ + test_vectors/md2.c \ + test_vectors/md4.c \ + test_vectors/md5.c \ + test_vectors/md5_hmac.c \ + test_vectors/sha1.c \ + test_vectors/sha1_hmac.c \ + test_vectors/sha2.c \ + test_vectors/sha2_hmac.c \ + test_vectors/fips_prf.c \ + test_vectors/rng.c + +libstrongswan_test_vectors_la_LDFLAGS = -module +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/test_vectors/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libstrongswan/plugins/test_vectors/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(pluginLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(plugindir)/$$f"; \ + else :; fi; \ + done + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$p'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$p"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libstrongswan-test-vectors.la: $(libstrongswan_test_vectors_la_OBJECTS) $(libstrongswan_test_vectors_la_DEPENDENCIES) + $(libstrongswan_test_vectors_la_LINK) -rpath $(plugindir) $(libstrongswan_test_vectors_la_OBJECTS) $(libstrongswan_test_vectors_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/3des_cbc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes_cbc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/aes_xcbc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blowfish.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/camellia_cbc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cast.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/des.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fips_prf.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/idea.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md2.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md4.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md5.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md5_hmac.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/null.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rc5.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rng.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/serpent_cbc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha1.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha1_hmac.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha2.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sha2_hmac.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_vectors_plugin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/twofish_cbc.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +3des_cbc.lo: test_vectors/3des_cbc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT 3des_cbc.lo -MD -MP -MF $(DEPDIR)/3des_cbc.Tpo -c -o 3des_cbc.lo `test -f 'test_vectors/3des_cbc.c' || echo '$(srcdir)/'`test_vectors/3des_cbc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/3des_cbc.Tpo $(DEPDIR)/3des_cbc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/3des_cbc.c' object='3des_cbc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o 3des_cbc.lo `test -f 'test_vectors/3des_cbc.c' || echo '$(srcdir)/'`test_vectors/3des_cbc.c + +aes_cbc.lo: test_vectors/aes_cbc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_cbc.lo -MD -MP -MF $(DEPDIR)/aes_cbc.Tpo -c -o aes_cbc.lo `test -f 'test_vectors/aes_cbc.c' || echo '$(srcdir)/'`test_vectors/aes_cbc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/aes_cbc.Tpo $(DEPDIR)/aes_cbc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/aes_cbc.c' object='aes_cbc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o aes_cbc.lo `test -f 'test_vectors/aes_cbc.c' || echo '$(srcdir)/'`test_vectors/aes_cbc.c + +aes_xcbc.lo: test_vectors/aes_xcbc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT aes_xcbc.lo -MD -MP -MF $(DEPDIR)/aes_xcbc.Tpo -c -o aes_xcbc.lo `test -f 'test_vectors/aes_xcbc.c' || echo '$(srcdir)/'`test_vectors/aes_xcbc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/aes_xcbc.Tpo $(DEPDIR)/aes_xcbc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/aes_xcbc.c' object='aes_xcbc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o aes_xcbc.lo `test -f 'test_vectors/aes_xcbc.c' || echo '$(srcdir)/'`test_vectors/aes_xcbc.c + +blowfish.lo: test_vectors/blowfish.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT blowfish.lo -MD -MP -MF $(DEPDIR)/blowfish.Tpo -c -o blowfish.lo `test -f 'test_vectors/blowfish.c' || echo '$(srcdir)/'`test_vectors/blowfish.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/blowfish.Tpo $(DEPDIR)/blowfish.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/blowfish.c' object='blowfish.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o blowfish.lo `test -f 'test_vectors/blowfish.c' || echo '$(srcdir)/'`test_vectors/blowfish.c + +camellia_cbc.lo: test_vectors/camellia_cbc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT camellia_cbc.lo -MD -MP -MF $(DEPDIR)/camellia_cbc.Tpo -c -o camellia_cbc.lo `test -f 'test_vectors/camellia_cbc.c' || echo '$(srcdir)/'`test_vectors/camellia_cbc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/camellia_cbc.Tpo $(DEPDIR)/camellia_cbc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/camellia_cbc.c' object='camellia_cbc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o camellia_cbc.lo `test -f 'test_vectors/camellia_cbc.c' || echo '$(srcdir)/'`test_vectors/camellia_cbc.c + +cast.lo: test_vectors/cast.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT cast.lo -MD -MP -MF $(DEPDIR)/cast.Tpo -c -o cast.lo `test -f 'test_vectors/cast.c' || echo '$(srcdir)/'`test_vectors/cast.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/cast.Tpo $(DEPDIR)/cast.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/cast.c' object='cast.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o cast.lo `test -f 'test_vectors/cast.c' || echo '$(srcdir)/'`test_vectors/cast.c + +des.lo: test_vectors/des.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT des.lo -MD -MP -MF $(DEPDIR)/des.Tpo -c -o des.lo `test -f 'test_vectors/des.c' || echo '$(srcdir)/'`test_vectors/des.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/des.Tpo $(DEPDIR)/des.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/des.c' object='des.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o des.lo `test -f 'test_vectors/des.c' || echo '$(srcdir)/'`test_vectors/des.c + +idea.lo: test_vectors/idea.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT idea.lo -MD -MP -MF $(DEPDIR)/idea.Tpo -c -o idea.lo `test -f 'test_vectors/idea.c' || echo '$(srcdir)/'`test_vectors/idea.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/idea.Tpo $(DEPDIR)/idea.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/idea.c' object='idea.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o idea.lo `test -f 'test_vectors/idea.c' || echo '$(srcdir)/'`test_vectors/idea.c + +null.lo: test_vectors/null.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT null.lo -MD -MP -MF $(DEPDIR)/null.Tpo -c -o null.lo `test -f 'test_vectors/null.c' || echo '$(srcdir)/'`test_vectors/null.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/null.Tpo $(DEPDIR)/null.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/null.c' object='null.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o null.lo `test -f 'test_vectors/null.c' || echo '$(srcdir)/'`test_vectors/null.c + +rc5.lo: test_vectors/rc5.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rc5.lo -MD -MP -MF $(DEPDIR)/rc5.Tpo -c -o rc5.lo `test -f 'test_vectors/rc5.c' || echo '$(srcdir)/'`test_vectors/rc5.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/rc5.Tpo $(DEPDIR)/rc5.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/rc5.c' object='rc5.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rc5.lo `test -f 'test_vectors/rc5.c' || echo '$(srcdir)/'`test_vectors/rc5.c + +serpent_cbc.lo: test_vectors/serpent_cbc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT serpent_cbc.lo -MD -MP -MF $(DEPDIR)/serpent_cbc.Tpo -c -o serpent_cbc.lo `test -f 'test_vectors/serpent_cbc.c' || echo '$(srcdir)/'`test_vectors/serpent_cbc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/serpent_cbc.Tpo $(DEPDIR)/serpent_cbc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/serpent_cbc.c' object='serpent_cbc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o serpent_cbc.lo `test -f 'test_vectors/serpent_cbc.c' || echo '$(srcdir)/'`test_vectors/serpent_cbc.c + +twofish_cbc.lo: test_vectors/twofish_cbc.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT twofish_cbc.lo -MD -MP -MF $(DEPDIR)/twofish_cbc.Tpo -c -o twofish_cbc.lo `test -f 'test_vectors/twofish_cbc.c' || echo '$(srcdir)/'`test_vectors/twofish_cbc.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/twofish_cbc.Tpo $(DEPDIR)/twofish_cbc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/twofish_cbc.c' object='twofish_cbc.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o twofish_cbc.lo `test -f 'test_vectors/twofish_cbc.c' || echo '$(srcdir)/'`test_vectors/twofish_cbc.c + +md2.lo: test_vectors/md2.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT md2.lo -MD -MP -MF $(DEPDIR)/md2.Tpo -c -o md2.lo `test -f 'test_vectors/md2.c' || echo '$(srcdir)/'`test_vectors/md2.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/md2.Tpo $(DEPDIR)/md2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/md2.c' object='md2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o md2.lo `test -f 'test_vectors/md2.c' || echo '$(srcdir)/'`test_vectors/md2.c + +md4.lo: test_vectors/md4.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT md4.lo -MD -MP -MF $(DEPDIR)/md4.Tpo -c -o md4.lo `test -f 'test_vectors/md4.c' || echo '$(srcdir)/'`test_vectors/md4.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/md4.Tpo $(DEPDIR)/md4.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/md4.c' object='md4.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o md4.lo `test -f 'test_vectors/md4.c' || echo '$(srcdir)/'`test_vectors/md4.c + +md5.lo: test_vectors/md5.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT md5.lo -MD -MP -MF $(DEPDIR)/md5.Tpo -c -o md5.lo `test -f 'test_vectors/md5.c' || echo '$(srcdir)/'`test_vectors/md5.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/md5.Tpo $(DEPDIR)/md5.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/md5.c' object='md5.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o md5.lo `test -f 'test_vectors/md5.c' || echo '$(srcdir)/'`test_vectors/md5.c + +md5_hmac.lo: test_vectors/md5_hmac.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT md5_hmac.lo -MD -MP -MF $(DEPDIR)/md5_hmac.Tpo -c -o md5_hmac.lo `test -f 'test_vectors/md5_hmac.c' || echo '$(srcdir)/'`test_vectors/md5_hmac.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/md5_hmac.Tpo $(DEPDIR)/md5_hmac.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/md5_hmac.c' object='md5_hmac.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o md5_hmac.lo `test -f 'test_vectors/md5_hmac.c' || echo '$(srcdir)/'`test_vectors/md5_hmac.c + +sha1.lo: test_vectors/sha1.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha1.lo -MD -MP -MF $(DEPDIR)/sha1.Tpo -c -o sha1.lo `test -f 'test_vectors/sha1.c' || echo '$(srcdir)/'`test_vectors/sha1.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha1.Tpo $(DEPDIR)/sha1.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/sha1.c' object='sha1.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha1.lo `test -f 'test_vectors/sha1.c' || echo '$(srcdir)/'`test_vectors/sha1.c + +sha1_hmac.lo: test_vectors/sha1_hmac.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha1_hmac.lo -MD -MP -MF $(DEPDIR)/sha1_hmac.Tpo -c -o sha1_hmac.lo `test -f 'test_vectors/sha1_hmac.c' || echo '$(srcdir)/'`test_vectors/sha1_hmac.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha1_hmac.Tpo $(DEPDIR)/sha1_hmac.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/sha1_hmac.c' object='sha1_hmac.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha1_hmac.lo `test -f 'test_vectors/sha1_hmac.c' || echo '$(srcdir)/'`test_vectors/sha1_hmac.c + +sha2.lo: test_vectors/sha2.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha2.lo -MD -MP -MF $(DEPDIR)/sha2.Tpo -c -o sha2.lo `test -f 'test_vectors/sha2.c' || echo '$(srcdir)/'`test_vectors/sha2.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha2.Tpo $(DEPDIR)/sha2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/sha2.c' object='sha2.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha2.lo `test -f 'test_vectors/sha2.c' || echo '$(srcdir)/'`test_vectors/sha2.c + +sha2_hmac.lo: test_vectors/sha2_hmac.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT sha2_hmac.lo -MD -MP -MF $(DEPDIR)/sha2_hmac.Tpo -c -o sha2_hmac.lo `test -f 'test_vectors/sha2_hmac.c' || echo '$(srcdir)/'`test_vectors/sha2_hmac.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/sha2_hmac.Tpo $(DEPDIR)/sha2_hmac.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/sha2_hmac.c' object='sha2_hmac.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o sha2_hmac.lo `test -f 'test_vectors/sha2_hmac.c' || echo '$(srcdir)/'`test_vectors/sha2_hmac.c + +fips_prf.lo: test_vectors/fips_prf.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT fips_prf.lo -MD -MP -MF $(DEPDIR)/fips_prf.Tpo -c -o fips_prf.lo `test -f 'test_vectors/fips_prf.c' || echo '$(srcdir)/'`test_vectors/fips_prf.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/fips_prf.Tpo $(DEPDIR)/fips_prf.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/fips_prf.c' object='fips_prf.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o fips_prf.lo `test -f 'test_vectors/fips_prf.c' || echo '$(srcdir)/'`test_vectors/fips_prf.c + +rng.lo: test_vectors/rng.c +@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT rng.lo -MD -MP -MF $(DEPDIR)/rng.Tpo -c -o rng.lo `test -f 'test_vectors/rng.c' || echo '$(srcdir)/'`test_vectors/rng.c +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/rng.Tpo $(DEPDIR)/rng.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='test_vectors/rng.c' object='rng.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o rng.lo `test -f 'test_vectors/rng.c' || echo '$(srcdir)/'`test_vectors/rng.c + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) +installdirs: + for dir in "$(DESTDIR)$(plugindir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-exec-am: + +install-html: install-html-am + +install-info: install-info-am + +install-man: + +install-pdf: install-pdf-am + +install-ps: install-ps-am + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-pluginLTLIBRARIES ctags distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-pluginLTLIBRARIES \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors.h b/src/libstrongswan/plugins/test_vectors/test_vectors.h new file mode 100644 index 000000000..df5a9c9a8 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors.h @@ -0,0 +1,159 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +TEST_VECTOR_CRYPTER(aes_cbc1) +TEST_VECTOR_CRYPTER(aes_cbc2) +TEST_VECTOR_CRYPTER(aes_cbc3) +TEST_VECTOR_CRYPTER(aes_cbc4) +TEST_VECTOR_CRYPTER(aes_cbc5) +TEST_VECTOR_CRYPTER(aes_cbc6) +TEST_VECTOR_CRYPTER(blowfish1) +TEST_VECTOR_CRYPTER(blowfish2) +TEST_VECTOR_CRYPTER(camellia_cbc1) +TEST_VECTOR_CRYPTER(camellia_cbc2) +TEST_VECTOR_CRYPTER(camellia_cbc3) +TEST_VECTOR_CRYPTER(camellia_cbc4) +TEST_VECTOR_CRYPTER(camellia_cbc5) +TEST_VECTOR_CRYPTER(camellia_cbc6) +TEST_VECTOR_CRYPTER(cast1) +TEST_VECTOR_CRYPTER(des_cbc1) +TEST_VECTOR_CRYPTER(des_cbc2) +TEST_VECTOR_CRYPTER(des_ecb1) +TEST_VECTOR_CRYPTER(des_ecb2) +TEST_VECTOR_CRYPTER(des3_cbc1) +TEST_VECTOR_CRYPTER(des3_cbc2) +TEST_VECTOR_CRYPTER(idea1) +TEST_VECTOR_CRYPTER(idea2) +TEST_VECTOR_CRYPTER(null1) +TEST_VECTOR_CRYPTER(rc5_1) +TEST_VECTOR_CRYPTER(rc5_2) +TEST_VECTOR_CRYPTER(serpent_cbc1) +TEST_VECTOR_CRYPTER(serpent_cbc2) +TEST_VECTOR_CRYPTER(serpent_cbc3) +TEST_VECTOR_CRYPTER(serpent_cbc4) +TEST_VECTOR_CRYPTER(serpent_cbc5) +TEST_VECTOR_CRYPTER(serpent_cbc6) +TEST_VECTOR_CRYPTER(twofish_cbc1) +TEST_VECTOR_CRYPTER(twofish_cbc2) +TEST_VECTOR_CRYPTER(twofish_cbc3) + +TEST_VECTOR_SIGNER(aes_xcbc_s1) +TEST_VECTOR_SIGNER(aes_xcbc_s2) +TEST_VECTOR_SIGNER(aes_xcbc_s3) +TEST_VECTOR_SIGNER(aes_xcbc_s4) +TEST_VECTOR_SIGNER(aes_xcbc_s5) +TEST_VECTOR_SIGNER(md5_hmac_s1) +TEST_VECTOR_SIGNER(md5_hmac_s2) +TEST_VECTOR_SIGNER(md5_hmac_s3) +TEST_VECTOR_SIGNER(md5_hmac_s4) +TEST_VECTOR_SIGNER(sha1_hmac_s1) +TEST_VECTOR_SIGNER(sha1_hmac_s2) +TEST_VECTOR_SIGNER(sha1_hmac_s3) +TEST_VECTOR_SIGNER(sha1_hmac_s4) +TEST_VECTOR_SIGNER(sha1_hmac_s5) +TEST_VECTOR_SIGNER(sha1_hmac_s6) +TEST_VECTOR_SIGNER(sha256_hmac_s1) +TEST_VECTOR_SIGNER(sha256_hmac_s2) +TEST_VECTOR_SIGNER(sha256_hmac_s3) +TEST_VECTOR_SIGNER(sha384_hmac_s1) +TEST_VECTOR_SIGNER(sha384_hmac_s2) +TEST_VECTOR_SIGNER(sha384_hmac_s3) +TEST_VECTOR_SIGNER(sha512_hmac_s1) +TEST_VECTOR_SIGNER(sha512_hmac_s2) +TEST_VECTOR_SIGNER(sha512_hmac_s3) + +TEST_VECTOR_HASHER(md2_1) +TEST_VECTOR_HASHER(md2_2) +TEST_VECTOR_HASHER(md2_3) +TEST_VECTOR_HASHER(md2_4) +TEST_VECTOR_HASHER(md2_5) +TEST_VECTOR_HASHER(md2_6) +TEST_VECTOR_HASHER(md2_7) +TEST_VECTOR_HASHER(md4_1) +TEST_VECTOR_HASHER(md4_2) +TEST_VECTOR_HASHER(md4_3) +TEST_VECTOR_HASHER(md4_4) +TEST_VECTOR_HASHER(md4_5) +TEST_VECTOR_HASHER(md4_6) +TEST_VECTOR_HASHER(md4_7) +TEST_VECTOR_HASHER(md5_1) +TEST_VECTOR_HASHER(md5_2) +TEST_VECTOR_HASHER(md5_3) +TEST_VECTOR_HASHER(md5_4) +TEST_VECTOR_HASHER(md5_5) +TEST_VECTOR_HASHER(md5_6) +TEST_VECTOR_HASHER(md5_7) +TEST_VECTOR_HASHER(sha1_1) +TEST_VECTOR_HASHER(sha1_2) +TEST_VECTOR_HASHER(sha1_3) +TEST_VECTOR_HASHER(sha256_1) +TEST_VECTOR_HASHER(sha256_2) +TEST_VECTOR_HASHER(sha256_3) +TEST_VECTOR_HASHER(sha384_1) +TEST_VECTOR_HASHER(sha384_2) +TEST_VECTOR_HASHER(sha384_3) +TEST_VECTOR_HASHER(sha512_1) +TEST_VECTOR_HASHER(sha512_2) +TEST_VECTOR_HASHER(sha512_3) + +TEST_VECTOR_PRF(aes_xcbc_p1) +TEST_VECTOR_PRF(aes_xcbc_p2) +TEST_VECTOR_PRF(aes_xcbc_p3) +TEST_VECTOR_PRF(aes_xcbc_p4) +TEST_VECTOR_PRF(aes_xcbc_p5) +TEST_VECTOR_PRF(aes_xcbc_p6) +TEST_VECTOR_PRF(aes_xcbc_p7) +TEST_VECTOR_PRF(md5_hmac_p1) +TEST_VECTOR_PRF(md5_hmac_p2) +TEST_VECTOR_PRF(md5_hmac_p3) +TEST_VECTOR_PRF(md5_hmac_p4) +TEST_VECTOR_PRF(md5_hmac_p5) +TEST_VECTOR_PRF(md5_hmac_p6) +TEST_VECTOR_PRF(sha1_hmac_p1) +TEST_VECTOR_PRF(sha1_hmac_p2) +TEST_VECTOR_PRF(sha1_hmac_p3) +TEST_VECTOR_PRF(sha1_hmac_p4) +TEST_VECTOR_PRF(sha1_hmac_p5) +TEST_VECTOR_PRF(sha1_hmac_p6) +TEST_VECTOR_PRF(sha256_hmac_p1) +TEST_VECTOR_PRF(sha256_hmac_p2) +TEST_VECTOR_PRF(sha256_hmac_p3) +TEST_VECTOR_PRF(sha256_hmac_p4) +TEST_VECTOR_PRF(sha256_hmac_p5) +TEST_VECTOR_PRF(sha256_hmac_p6) +TEST_VECTOR_PRF(sha384_hmac_p1) +TEST_VECTOR_PRF(sha384_hmac_p2) +TEST_VECTOR_PRF(sha384_hmac_p3) +TEST_VECTOR_PRF(sha384_hmac_p4) +TEST_VECTOR_PRF(sha384_hmac_p5) +TEST_VECTOR_PRF(sha384_hmac_p6) +TEST_VECTOR_PRF(sha512_hmac_p1) +TEST_VECTOR_PRF(sha512_hmac_p2) +TEST_VECTOR_PRF(sha512_hmac_p3) +TEST_VECTOR_PRF(sha512_hmac_p4) +TEST_VECTOR_PRF(sha512_hmac_p5) +TEST_VECTOR_PRF(sha512_hmac_p6) +TEST_VECTOR_PRF(fips_prf_1) + +TEST_VECTOR_RNG(rng_monobit_1) +TEST_VECTOR_RNG(rng_monobit_2) +TEST_VECTOR_RNG(rng_monobit_3) +TEST_VECTOR_RNG(rng_poker_1) +TEST_VECTOR_RNG(rng_poker_2) +TEST_VECTOR_RNG(rng_poker_3) +TEST_VECTOR_RNG(rng_runs_1) +TEST_VECTOR_RNG(rng_runs_2) +TEST_VECTOR_RNG(rng_runs_3) + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/3des_cbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/3des_cbc.c new file mode 100644 index 000000000..de5658da7 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/3des_cbc.c @@ -0,0 +1,43 @@ +/* + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * Example 1 from NIST 3DES MMT + */ +crypter_test_vector_t des3_cbc1 = { + .alg = ENCR_3DES, .key_size = 24, .len = 8, + .key = "\x62\x7f\x46\x0e\x08\x10\x4a\x10" + "\x43\xcd\x26\x5d\x58\x40\xea\xf1" + "\x31\x3e\xdf\x97\xdf\x2a\x8a\x8c", + .iv = "\x8e\x29\xf7\x5e\xa7\x7e\x54\x75", + .plain = "\x32\x6a\x49\x4c\xd3\x3f\xe7\x56", + .cipher = "\xb2\x2b\x8d\x66\xde\x97\x06\x92" +}; + +/** + * Example 2 from NIST 3DES MMT + */ +crypter_test_vector_t des3_cbc2 = { + .alg = ENCR_3DES, .key_size = 24, .len = 16, + .key = "\x37\xae\x5e\xbf\x46\xdf\xf2\xdc" + "\x07\x54\xb9\x4f\x31\xcb\xb3\x85" + "\x5e\x7f\xd3\x6d\xc8\x70\xbf\xae", + .iv = "\x3d\x1d\xe3\xcc\x13\x2e\x3b\x65", + .plain = "\x84\x40\x1f\x78\xfe\x6c\x10\x87\x6d\x8e\xa2\x30\x94\xea\x53\x09", + .cipher = "\x7b\x1f\x7c\x7e\x3b\x1c\x94\x8e\xbd\x04\xa7\x5f\xfb\xa7\xd2\xf5" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_cbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_cbc.c new file mode 100644 index 000000000..26aadb444 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_cbc.c @@ -0,0 +1,113 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * Test 1 of RFC3602 + */ +crypter_test_vector_t aes_cbc1 = { + .alg = ENCR_AES_CBC, .key_size = 16, .len = 16, + .key = "\x06\xa9\x21\x40\x36\xb8\xa1\x5b\x51\x2e\x03\xd5\x34\x12\x00\x06", + .iv = "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30\xb4\x22\xda\x80\x2c\x9f\xac\x41", + .plain = "Single block msg", + .cipher = "\xe3\x53\x77\x9c\x10\x79\xae\xb8\x27\x08\x94\x2d\xbe\x77\x18\x1a" +}; + +/** + * Test 2 of RFC3602 + */ +crypter_test_vector_t aes_cbc2 = { + .alg = ENCR_AES_CBC, .key_size = 16, .len = 32, + .key = "\xc2\x86\x69\x6d\x88\x7c\x9a\xa0\x61\x1b\xbb\x3e\x20\x25\xa4\x5a", + .iv = "\x56\x2e\x17\x99\x6d\x09\x3d\x28\xdd\xb3\xba\x69\x5a\x2e\x6f\x58", + .plain = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .cipher = "\xd2\x96\xcd\x94\xc2\xcc\xcf\x8a\x3a\x86\x30\x28\xb5\xe1\xdc\x0a" + "\x75\x86\x60\x2d\x25\x3c\xff\xf9\x1b\x82\x66\xbe\xa6\xd6\x1a\xb1" +}; + +/** + * Test 3 of RFC3602 + */ +crypter_test_vector_t aes_cbc3 = { + .alg = ENCR_AES_CBC, .key_size = 16, .len = 64, + .key = "\x56\xe4\x7a\x38\xc5\x59\x89\x74\xbc\x46\x90\x3d\xba\x29\x03\x49", + .iv = "\x8c\xe8\x2e\xef\xbe\xa0\xda\x3c\x44\x69\x9e\xd7\xdb\x51\xb7\xd9", + .plain = "\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf" + "\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf" + "\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf" + "\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf", + .cipher = "\xc3\x0e\x32\xff\xed\xc0\x77\x4e\x6a\xff\x6a\xf0\x86\x9f\x71\xaa" + "\x0f\x3a\xf0\x7a\x9a\x31\xa9\xc6\x84\xdb\x20\x7e\xb0\xef\x8e\x4e" + "\x35\x90\x7a\xa6\x32\xc3\xff\xdf\x86\x8b\xb7\xb2\x9d\x3d\x46\xad" + "\x83\xce\x9f\x9a\x10\x2e\xe9\x9d\x49\xa5\x3e\x87\xf4\xc3\xda\x55" +}; + +/** + * Test F.2.1 of NIST SP 800-38A 2001 + */ +crypter_test_vector_t aes_cbc4 = { + .alg = ENCR_AES_CBC, .key_size = 16, .len = 64, + .key = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", + .iv = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .plain = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" + "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" + "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef" + "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10", + .cipher = "\x76\x49\xab\xac\x81\x19\xb2\x46\xce\xe9\x8e\x9b\x12\xe9\x19\x7d" + "\x50\x86\xcb\x9b\x50\x72\x19\xee\x95\xdb\x11\x3a\x91\x76\x78\xb2" + "\x73\xbe\xd6\xb8\xe3\xc1\x74\x3b\x71\x16\xe6\x9e\x22\x22\x95\x16" + "\x3f\xf1\xca\xa1\x68\x1f\xac\x09\x12\x0e\xca\x30\x75\x86\xe1\xa7" +}; + +/** + * Test F.2.3 of NIST SP 800-38A 2001 + */ +crypter_test_vector_t aes_cbc5 = { + .alg = ENCR_AES_CBC, .key_size = 24, .len = 64, + .key = "\x8e\x73\xb0\xf7\xda\x0e\x64\x52\xc8\x10\xf3\x2b\x80\x90\x79\xe5" + "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b", + .iv = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .plain = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" + "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" + "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef" + "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10", + .cipher = "\x4f\x02\x1d\xb2\x43\xbc\x63\x3d\x71\x78\x18\x3a\x9f\xa0\x71\xe8" + "\xb4\xd9\xad\xa9\xad\x7d\xed\xf4\xe5\xe7\x38\x76\x3f\x69\x14\x5a" + "\x57\x1b\x24\x20\x12\xfb\x7a\xe0\x7f\xa9\xba\xac\x3d\xf1\x02\xe0" + "\x08\xb0\xe2\x79\x88\x59\x88\x81\xd9\x20\xa9\xe6\x4f\x56\x15\xcd" +}; + +/** + * Test F.2.5 of NIST SP 800-38A 2001 + */ +crypter_test_vector_t aes_cbc6 = { + .alg = ENCR_AES_CBC, .key_size = 32, .len = 64, + .key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe\x2b\x73\xae\xf0\x85\x7d\x77\x81" + "\x1f\x35\x2c\x07\x3b\x61\x08\xd7\x2d\x98\x10\xa3\x09\x14\xdf\xf4", + .iv = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .plain = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" + "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" + "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef" + "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10", + .cipher = "\xf5\x8c\x4c\x04\xd6\xe5\xf1\xba\x77\x9e\xab\xfb\x5f\x7b\xfb\xd6" + "\x9c\xfc\x4e\x96\x7e\xdb\x80\x8d\x67\x9f\x77\x7b\xc6\x70\x2c\x7d" + "\x39\xf2\x33\x69\xa9\xd9\xba\xcf\xa5\x30\xe2\x63\x04\x23\x14\x61" + "\xb2\xeb\x05\xe2\xc3\x9b\xe9\xfc\xda\x6c\x19\x07\x8c\x6a\x9d\x1b" +}; + + + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/aes_xcbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_xcbc.c new file mode 100644 index 000000000..56d12f036 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/aes_xcbc.c @@ -0,0 +1,129 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * RFC 3566 Test Case #1: AES-XCBC-MAC-96 with 0-byte input + */ +signer_test_vector_t aes_xcbc_s1 = { + .alg = AUTH_AES_XCBC_96, .len = 0, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .data = "", + .mac = "\x75\xf0\x25\x1d\x52\x8a\xc0\x1c\x45\x73\xdf\xd5" +}; + +prf_test_vector_t aes_xcbc_p1 = { + .alg = PRF_AES128_XCBC, .key_size = 16, .len = 0, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .seed = "", + .out = "\x75\xf0\x25\x1d\x52\x8a\xc0\x1c\x45\x73\xdf\xd5\x84\xd7\x9f\x29" +}; + +/** + * RFC 3566 Test Case #2: AES-XCBC-MAC-96 with 3-byte input + */ +signer_test_vector_t aes_xcbc_s2 = { + .alg = AUTH_AES_XCBC_96, .len = 3, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .data = "\x00\x01\x02", + .mac = "\x5b\x37\x65\x80\xae\x2f\x19\xaf\xe7\x21\x9c\xee" +}; + +prf_test_vector_t aes_xcbc_p2 = { + .alg = PRF_AES128_XCBC, .key_size = 16, .len = 3, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .seed = "\x00\x01\x02", + .out = "\x5b\x37\x65\x80\xae\x2f\x19\xaf\xe7\x21\x9c\xee\xf1\x72\x75\x6f" +}; + +/** + * RFC 3566 Test Case #3: AES-XCBC-MAC-96 with 16-byte input + */ +signer_test_vector_t aes_xcbc_s3 = { + .alg = AUTH_AES_XCBC_96, .len = 16, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .data = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .mac = "\xd2\xa2\x46\xfa\x34\x9b\x68\xa7\x99\x98\xa4\x39" +}; + +prf_test_vector_t aes_xcbc_p3 = { + .alg = PRF_AES128_XCBC, .key_size = 16, .len = 16, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .seed = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .out = "\xd2\xa2\x46\xfa\x34\x9b\x68\xa7\x99\x98\xa4\x39\x4f\xf7\xa2\x63" +}; + +/** + * RFC 3566 Test Case #4: AES-XCBC-MAC-96 with 20-byte input + */ +signer_test_vector_t aes_xcbc_s4 = { + .alg = AUTH_AES_XCBC_96, .len = 20, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .data = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13", + .mac = "\x47\xf5\x1b\x45\x64\x96\x62\x15\xb8\x98\x5c\x63" +}; + +prf_test_vector_t aes_xcbc_p4 = { + .alg = PRF_AES128_XCBC, .key_size = 16, .len = 20, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .seed = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13", + .out = "\x47\xf5\x1b\x45\x64\x96\x62\x15\xb8\x98\x5c\x63\x05\x5e\xd3\x08" +}; + +/** + * RFC 3566 Test Case #5: AES-XCBC-MAC-96 with 32-byte input + */ +signer_test_vector_t aes_xcbc_s5 = { + .alg = AUTH_AES_XCBC_96, .len = 32, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .data = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .mac = "\xf5\x4f\x0e\xc8\xd2\xb9\xf3\xd3\x68\x07\x73\x4b" +}; + +prf_test_vector_t aes_xcbc_p5 = { + .alg = PRF_AES128_XCBC, .key_size = 16, .len = 32, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f", + .seed = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f", + .out = "\xf5\x4f\x0e\xc8\xd2\xb9\xf3\xd3\x68\x07\x73\x4b\xd5\x28\x3f\xd4" +}; + +/** + * RFC4434 Test Case: AES-XCBC-PRF-128 with 20-byte input, 10 byte key + */ +prf_test_vector_t aes_xcbc_p6 = { + .alg = PRF_AES128_XCBC, .key_size = 10, .len = 20, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09", + .seed = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13", + .out = "\x0f\xa0\x87\xaf\x7d\x86\x6e\x76\x53\x43\x4e\x60\x2f\xdd\xe8\x35" +}; + +/** + * RFC4434 Test Case: AES-XCBC-PRF-128 with 20-byte input, 18 byte key + */ +prf_test_vector_t aes_xcbc_p7 = { + .alg = PRF_AES128_XCBC, .key_size = 18, .len = 20, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\xed\xcb", + .seed = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" + "\x10\x11\x12\x13", + .out = "\x8c\xd3\xc9\x3a\xe5\x98\xa9\x80\x30\x06\xff\xb6\x7c\x40\xe9\xe4" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/blowfish.c b/src/libstrongswan/plugins/test_vectors/test_vectors/blowfish.c new file mode 100644 index 000000000..63bbb1261 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/blowfish.c @@ -0,0 +1,46 @@ +/* + * Copyright (C) 2009 Martin Willi + * Copyright (C) 2009 Andreas Steffen + * Copyright (C) JuanJo Ciarlante <jjo-ipsec@mendoza.gov.ar> + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * Test vector by Eric Young + */ +crypter_test_vector_t blowfish1 = { + .alg = ENCR_BLOWFISH, .key_size = 16, .len = 32, + .key = "\x01\x23\x45\x67\x89\xAB\xCD\xEF\xF0\xE1\xD2\xC3\xB4\xA5\x96\x87", + .iv = "\xFE\xDC\xBA\x98\x76\x54\x32\x10", + .plain = "7654321 Now is the time for \0\0\0\0", + .cipher = "\x6B\x77\xB4\xD6\x30\x06\xDE\xE6\x05\xB1\x56\xE2\x74\x03\x97\x93" + "\x58\xDE\xB9\xE7\x15\x46\x16\xD9\x59\xF1\x65\x2B\xD5\xFF\x92\xCC" +}; + +/** + * Test vector by Chilkat Software + * (www.chilkatsoft.com/p/php_blowfish.asp) + */ +crypter_test_vector_t blowfish2 = { + .alg = ENCR_BLOWFISH, .key_size = 32, .len = 48, + .key = "\x31\x32\x33\x34\x35\x36\x37\x38\x39\x30\x31\x32\x33\x34\x35\x36" + "\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50", + .iv = "\x31\x32\x33\x34\x35\x36\x37\x38", + .plain = "The quick brown fox jumped over the lazy dog\0\0\0\0", + .cipher = "\x27\x68\x55\xca\x6c\x0d\x60\xf7\xd9\x70\x82\x10\x44\x0c\x10\x72" + "\xe0\x5d\x07\x8e\x73\x3b\x34\xb4\x19\x8d\x60\x9d\xc2\xfc\xc2\xf0" + "\xc3\x09\x26\xcd\xef\x3b\x6d\x52\xba\xf6\xe3\x45\xaa\x03\xf8\x3e" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/camellia_cbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/camellia_cbc.c new file mode 100644 index 000000000..28c038878 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/camellia_cbc.c @@ -0,0 +1,91 @@ +/* + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * All testvectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/ + */ + +/** + * Camellia 128 bit: set 8, vector #0 + */ +crypter_test_vector_t camellia_cbc1 = { + .alg = ENCR_CAMELLIA_CBC, .key_size = 16, .len = 16, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x41\x0E\x33\xF3\x16\xDF\x4A\x72\xAA\x2B\xCD\x41\x14\xE2\x31\x4D", + .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" +}; + +/** + * Camellia 128 bit: set 8, vector #1 + */ +crypter_test_vector_t camellia_cbc2 = { + .alg = ENCR_CAMELLIA_CBC, .key_size = 16, .len = 16, + .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00\x95\x2C\x49\x10\x48\x81\xFF\x48", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x78\x35\x78\x66\xFD\x8B\x2C\xAE\xD4\xD1\xBB\xA3\xCF\xD5\x34\x0A", + .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84\xEA\x02\x47\x14\xAD\x5C\x4D\x84" +}; + +/** + * Camellia 192 bit: set 8, vector #0 + */ +crypter_test_vector_t camellia_cbc3 = { + .alg = ENCR_CAMELLIA_CBC, .key_size = 24, .len = 16, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" + "\x10\x11\x12\x13\x14\x15\x16\x17", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x94\x1A\xC6\x45\x3C\x3F\x48\xA1\x69\xC2\xF4\xFE\x2B\xBE\x55\x32", + .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" +}; + +/** + * Camellia 192 bit: set 8, vector #1 + */ +crypter_test_vector_t camellia_cbc4 = { + .alg = ENCR_CAMELLIA_CBC, .key_size = 24, .len = 16, + .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00\x95\x2C\x49\x10\x48\x81\xFF\x48" + "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x29\x2C\x5B\xBF\xD7\x72\xAD\x27\x95\x09\x12\x0F\x3F\x0A\xCD\x48", + .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84\xEA\x02\x47\x14\xAD\x5C\x4D\x84" +}; + +/** + * Camellia 256 bit: set 8, vector #0 + */ +crypter_test_vector_t camellia_cbc5 = { + .alg = ENCR_CAMELLIA_CBC, .key_size = 32, .len = 16, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" + "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x06\x36\x9B\x36\x08\xAE\x43\xCA\x79\xC8\x8B\xCF\x49\x7F\x67\x71", + .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" +}; + +/** + * Camellia 256 bit: set 8, vector #1 + */ +crypter_test_vector_t camellia_cbc6 = { + .alg = ENCR_CAMELLIA_CBC, .key_size = 32, .len = 16, + .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00\x95\x2C\x49\x10\x48\x81\xFF\x48" + "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00\x95\x2C\x49\x10\x48\x81\xFF\x48", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\xE6\x84\x42\x17\x16\xFC\x0B\x01\xAE\xB5\xC6\x76\x51\x20\xF9\x5F", + .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84\xEA\x02\x47\x14\xAD\x5C\x4D\x84" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/cast.c b/src/libstrongswan/plugins/test_vectors/test_vectors/cast.c new file mode 100644 index 000000000..a33a219ed --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/cast.c @@ -0,0 +1,28 @@ +/* + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * Test from RFC 2144 + */ +crypter_test_vector_t cast1 = { + .alg = ENCR_CAST, .key_size = 16, .len = 8, + .key = "\x01\x23\x45\x67\x12\x34\x56\x78\x23\x45\x67\x89\x34\x56\x78\x9A", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x01\x23\x45\x67\x89\xAB\xCD\xEF", + .cipher = "\x23\x8B\x4F\xE5\x84\x7E\x44\xB2" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/des.c b/src/libstrongswan/plugins/test_vectors/test_vectors/des.c new file mode 100644 index 000000000..80b5f1010 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/des.c @@ -0,0 +1,65 @@ +/* + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * All testvectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/ + */ + +/** + * DES 56 bit: set 8, vector #0 + */ +crypter_test_vector_t des_ecb1 = { + .alg = ENCR_DES_ECB, .key_size = 8, .len = 8, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x41\xAD\x06\x85\x48\x80\x9D\x02", + .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77" +}; + +/** + * DES 56 bit: set 8, vector #1 + */ +crypter_test_vector_t des_ecb2 = { + .alg = ENCR_DES_ECB, .key_size = 8, .len = 8, + .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\xB1\x0F\x84\x30\x97\xA0\xF9\x32", + .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84" +}; + +/** + * DES 56 bit: set 8, vector #0 + */ +crypter_test_vector_t des_cbc1 = { + .alg = ENCR_DES, .key_size = 8, .len = 8, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x41\xAD\x06\x85\x48\x80\x9D\x02", + .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77" +}; + +/** + * DES 56 bit: set 8, vector #1 + */ +crypter_test_vector_t des_cbc2 = { + .alg = ENCR_DES, .key_size = 8, .len = 8, + .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\xB1\x0F\x84\x30\x97\xA0\xF9\x32", + .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/fips_prf.c b/src/libstrongswan/plugins/test_vectors/test_vectors/fips_prf.c new file mode 100644 index 000000000..74e000419 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/fips_prf.c @@ -0,0 +1,30 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * FIPS PRF known value test + */ +prf_test_vector_t fips_prf_1 = { + .alg = PRF_FIPS_SHA1_160, .stateful = TRUE, .key_size = 20, .len = 1, + .key = "\xbd\x02\x9b\xbe\x7f\x51\x96\x0b\xcf\x9e\xdb\x2b\x61\xf0\x6f\x0f" + "\xeb\x5a\x38\xb6", + .seed = "\x00", + .out = "\x20\x70\xb3\x22\x3d\xba\x37\x2f\xde\x1c\x0f\xfc\x7b\x2e\x3b\x49" + "\x8b\x26\x06\x14\x3c\x6c\x18\xba\xcb\x0f\x6c\x55\xba\xbb\x13\x78" + "\x8e\x20\xd7\x37\xa3\x27\x51\x16" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/idea.c b/src/libstrongswan/plugins/test_vectors/test_vectors/idea.c new file mode 100644 index 000000000..4856a480f --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/idea.c @@ -0,0 +1,44 @@ +/* + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * All testvectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/ + */ + +/** + * IDEA 128 bit: set 8, vector #0 + */ +crypter_test_vector_t idea1 = { + .alg = ENCR_IDEA, .key_size = 16, .len = 8, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\xDB\x2D\x4A\x92\xAA\x68\x27\x3F", + .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77" +}; + +/** + * IDEA 128 bit: set 8, vector #1 + */ +crypter_test_vector_t idea2 = { + .alg = ENCR_IDEA, .key_size = 16, .len = 8, + .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00\x95\x2C\x49\x10\x48\x81\xFF\x48", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\xF1\x29\xA6\x60\x1E\xF6\x2A\x47", + .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84" +}; + + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/md2.c b/src/libstrongswan/plugins/test_vectors/test_vectors/md2.c new file mode 100644 index 000000000..3348e12d3 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/md2.c @@ -0,0 +1,63 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * MD2 vectors from RFC 1319 + */ +hasher_test_vector_t md2_1 = { + .alg = HASH_MD2, .len = 0, + .data = "", + .hash = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69\x27\x73" +}; + +hasher_test_vector_t md2_2 = { + .alg = HASH_MD2, .len = 1, + .data = "a", + .hash = "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0\xb5\xd1" +}; + +hasher_test_vector_t md2_3 = { + .alg = HASH_MD2, .len = 3, + .data = "abc", + .hash = "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde\xd6\xbb" +}; + +hasher_test_vector_t md2_4 = { + .alg = HASH_MD2, .len = 14, + .data = "message digest", + .hash = "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe\x06\xb0" +}; + +hasher_test_vector_t md2_5 = { + .alg = HASH_MD2, .len = 26, + .data = "abcdefghijklmnopqrstuvwxyz", + .hash = "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47\x94\x0b" +}; + +hasher_test_vector_t md2_6 = { + .alg = HASH_MD2, .len = 62, + .data = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + .hash = "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03\x38\xcd" +}; + +hasher_test_vector_t md2_7 = { + .alg = HASH_MD2, .len = 80, + .data = "1234567890123456789012345678901234567890" + "1234567890123456789012345678901234567890", + .hash = "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3\xef\xd8" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/md4.c b/src/libstrongswan/plugins/test_vectors/test_vectors/md4.c new file mode 100644 index 000000000..ef9406f5f --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/md4.c @@ -0,0 +1,63 @@ +/* + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * MD4 vectors from RFC 1320 + */ +hasher_test_vector_t md4_1 = { + .alg = HASH_MD4, .len = 0, + .data = "", + .hash = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89\xc0" +}; + +hasher_test_vector_t md4_2 = { + .alg = HASH_MD4, .len = 1, + .data = "a", + .hash = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb\x24" +}; + +hasher_test_vector_t md4_3 = { + .alg = HASH_MD4, .len = 3, + .data = "abc", + .hash = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72\x9d" +}; + +hasher_test_vector_t md4_4 = { + .alg = HASH_MD4, .len = 14, + .data = "message digest", + .hash = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01\x4b" +}; + +hasher_test_vector_t md4_5 = { + .alg = HASH_MD4, .len = 26, + .data = "abcdefghijklmnopqrstuvwxyz", + .hash = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d\xa9" +}; + +hasher_test_vector_t md4_6 = { + .alg = HASH_MD4, .len = 62, + .data = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + .hash = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0\xe4" +}; + +hasher_test_vector_t md4_7 = { + .alg = HASH_MD4, .len = 80, + .data = "1234567890123456789012345678901234567890" + "1234567890123456789012345678901234567890", + .hash = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05\x36" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/md5.c b/src/libstrongswan/plugins/test_vectors/test_vectors/md5.c new file mode 100644 index 000000000..c7b213674 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/md5.c @@ -0,0 +1,63 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * MD5 vectors from RFC1321 + */ +hasher_test_vector_t md5_1 = { + .alg = HASH_MD5, .len = 0, + .data = "", + .hash = "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42\x7e" +}; + +hasher_test_vector_t md5_2 = { + .alg = HASH_MD5, .len = 1, + .data = "a", + .hash = "\x0c\xc1\x75\xb9\xc0\xf1\xb6\xa8\x31\xc3\x99\xe2\x69\x77\x26\x61" +}; + +hasher_test_vector_t md5_3 = { + .alg = HASH_MD5, .len = 3, + .data = "abc", + .hash = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f\x72" +}; + +hasher_test_vector_t md5_4 = { + .alg = HASH_MD5, .len = 14, + .data = "message digest", + .hash = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61\xd0" +}; + +hasher_test_vector_t md5_5 = { + .alg = HASH_MD5, .len = 26, + .data = "abcdefghijklmnopqrstuvwxyz", + .hash = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1\x3b" +}; + +hasher_test_vector_t md5_6 = { + .alg = HASH_MD5, .len = 62, + .data = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + .hash = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d\x9f" +}; + +hasher_test_vector_t md5_7 = { + .alg = HASH_MD5, .len = 80, + .data = "1234567890123456789012345678901234567890" + "1234567890123456789012345678901234567890", + .hash = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6\x7a" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/md5_hmac.c b/src/libstrongswan/plugins/test_vectors/test_vectors/md5_hmac.c new file mode 100644 index 000000000..5221d530c --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/md5_hmac.c @@ -0,0 +1,112 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * MD5 hmac test vectors from RFC2202 + */ +signer_test_vector_t md5_hmac_s1 = { + .alg = AUTH_HMAC_MD5_96, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", + .data = "Hi There", + .mac = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8" +}; + +signer_test_vector_t md5_hmac_s2 = { + .alg = AUTH_HMAC_MD5_128, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", + .data = "Hi There", + .mac = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc\x9d" +}; + +prf_test_vector_t md5_hmac_p1 = { + .alg = PRF_HMAC_MD5, .key_size = 16, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", + .seed = "Hi There", + .out = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc\x9d" +}; + +prf_test_vector_t md5_hmac_p2 = { + .alg = PRF_HMAC_MD5, .key_size = 4, .len = 28, + .key = "Jefe", + .seed = "what do ya want for nothing?", + .out = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7\x38" +}; + +signer_test_vector_t md5_hmac_s3 = { + .alg = AUTH_HMAC_MD5_96, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + .data = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .mac = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33" +}; + +signer_test_vector_t md5_hmac_s4 = { + .alg = AUTH_HMAC_MD5_128, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + .data = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .mac = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3\xf6" +}; + +prf_test_vector_t md5_hmac_p3 = { + .alg = PRF_HMAC_MD5, .key_size = 16, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + .seed = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .out = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3\xf6" +}; + +prf_test_vector_t md5_hmac_p4 = { + .alg = PRF_HMAC_MD5, .key_size = 25, .len = 50, + .key = "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" + "\x11\x12\x13\x14\x15\x16\x17\x18\x19", + .seed = "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd", + .out = "\x69\x7e\xaf\x0a\xca\x3a\x3a\xea\x3a\x75\x16\x47\x46\xff\xaa\x79" +}; + +prf_test_vector_t md5_hmac_p5 = { + .alg = PRF_HMAC_MD5, .key_size = 80, .len = 54, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + .seed = "Test Using Larger Than Block-Size Key - Hash Key First", + .out = "\x6b\x1a\xb7\xfe\x4b\xd7\xbf\x8f\x0b\x62\xe6\xce\x61\xb9\xd0\xcd" +}; + +prf_test_vector_t md5_hmac_p6 = { + .alg = PRF_HMAC_MD5, .key_size = 80, .len = 73, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + .seed = "Test Using Larger Than Block-Size Key and Larger " + "Than One Block-Size Data", + .out = "\x6f\x63\x0f\xad\x67\xcd\xa0\xee\x1f\xb1\xf5\x62\xdb\x3a\xa5\x3e" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/null.c b/src/libstrongswan/plugins/test_vectors/test_vectors/null.c new file mode 100644 index 000000000..c4f5d41b3 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/null.c @@ -0,0 +1,25 @@ +/* + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +crypter_test_vector_t null1 = { + .alg = ENCR_NULL, .key_size = 0, .len = 44, + .key = "", + .iv = "", + .plain = "The quick brown fox jumped over the lazy dog", + .cipher = "The quick brown fox jumped over the lazy dog" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/rc5.c b/src/libstrongswan/plugins/test_vectors/test_vectors/rc5.c new file mode 100644 index 000000000..458f63aa9 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/rc5.c @@ -0,0 +1,44 @@ +/* + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * All testvectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/ + */ + +/** + * RC5 128 bit: set 8, vector #0 + */ +crypter_test_vector_t rc5_1 = { + .alg = ENCR_RC5, .key_size = 16, .len = 8, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x96\x95\x0D\xDA\x65\x4A\x3D\x62", + .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77" +}; + +/** + * RC5 128 bit: set 8, vector #1 + */ +crypter_test_vector_t rc5_2 = { + .alg = ENCR_RC5, .key_size = 16, .len = 8, + .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00\x95\x2C\x49\x10\x48\x81\xFF\x48", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x63\x8B\x3A\x5E\xF7\x2B\x66\x3F", + .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84" +}; + + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c new file mode 100644 index 000000000..8502df7ad --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/rng.c @@ -0,0 +1,236 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +#include <debug.h> + +/** + * Monobit test + */ +typedef struct { + int lower; + int upper; +} monobit_t; + +monobit_t monobit_all = { + .lower = 9654, + .upper = 10346 +}; + +static bool test_monobit(monobit_t *param, chunk_t data) +{ + int i, j, bits = 0; + + for (i = 0; i < data.len; i++) + { + for (j = 0; j < 8; j++) + { + if (data.ptr[i] & (1<<j)) + { + bits++; + } + } + } + DBG2(" Monobit: %d/%d bits set", bits, data.len * 8); + if (bits > param->lower && bits < param->upper) + { + return TRUE; + } + return FALSE; +} + +rng_test_vector_t rng_monobit_1 = { + RNG_WEAK, .len = 2500, + .test = (void*)test_monobit, + .user = &monobit_all +}; + +rng_test_vector_t rng_monobit_2 = { + RNG_STRONG, .len = 2500, + .test = (void*)test_monobit, + .user = &monobit_all +}; + +rng_test_vector_t rng_monobit_3 = { + RNG_TRUE, .len = 2500, + .test = (void*)test_monobit, + .user = &monobit_all +}; + +/** + * Poker test + */ +typedef struct { + double lower; + double upper; +} poker_t; + +poker_t poker_all = { + .lower = 1.03, + .upper = 57.4 +}; + +static bool test_poker(poker_t *param, chunk_t data) +{ + int i, counter[16]; + double sum = 0.0; + + memset(counter, 0, sizeof(counter)); + + for (i = 0; i < data.len; i++) + { + counter[data.ptr[i] & 0x0F]++; + counter[(data.ptr[i] & 0xF0) >> 4]++; + } + + for (i = 0; i < countof(counter); i++) + { + sum += (counter[i] * counter[i]) / 5000.0 * 16.0; + } + sum -= 5000.0; + DBG2(" Poker: %f", sum); + if (sum > param->lower && sum < param->upper) + { + return TRUE; + } + return FALSE; +} + +rng_test_vector_t rng_poker_1 = { + RNG_WEAK, .len = 2500, + .test = (void*)test_poker, + .user = &poker_all +}; + +rng_test_vector_t rng_poker_2 = { + RNG_STRONG, .len = 2500, + .test = (void*)test_poker, + .user = &poker_all +}; + +rng_test_vector_t rng_poker_3 = { + RNG_TRUE, .len = 2500, + .test = (void*)test_poker, + .user = &poker_all +}; + +/** + * Runs test + */ +typedef struct { + int longrun; + int lower[7]; + int upper[7]; +} runs_t; + +runs_t runs_all = { + .longrun = 34, + .lower = {-1, 2267, 1079, 502, 223, 90, 90}, + .upper = {-1, 2733, 1421, 748, 402, 223, 223}, +}; + +static bool test_runs(runs_t *param, chunk_t data) +{ + int i, j, zero_runs[7], one_runs[7], zero = 0, one = 0, longrun = 0; + + memset(one_runs, 0, sizeof(zero_runs)); + memset(zero_runs, 0, sizeof(one_runs)); + + for (i = 0; i < data.len; i++) + { + for (j = 0; j < 8; j++) + { + if (data.ptr[i] & (1<<j)) + { + if (one) + { + if (++one >= param->longrun) + { + longrun++; + break; + } + } + else + { + zero_runs[min(6, zero)]++; + zero = 0; + one = 1; + } + } + else + { + if (zero) + { + if (++zero >= param->longrun) + { + longrun++; + break; + } + } + else + { + one_runs[min(6, one)]++; + one = 0; + zero = 1; + } + } + } + } + + DBG2(" Runs: zero: %d/%d/%d/%d/%d/%d, one: %d/%d/%d/%d/%d/%d, " + "longruns: %d", + zero_runs[1], zero_runs[2], zero_runs[3], + zero_runs[4], zero_runs[5], zero_runs[6], + one_runs[1], one_runs[2], one_runs[3], + one_runs[4], one_runs[5], one_runs[6], + longrun); + + if (longrun) + { + return FALSE; + } + + for (i = 1; i < countof(zero_runs); i++) + { + if (zero_runs[i] <= param->lower[i] || + zero_runs[i] >= param->upper[i] || + one_runs[i] <= param->lower[i] || + one_runs[i] >= param->upper[i]) + { + return FALSE; + } + } + return TRUE; +} + +rng_test_vector_t rng_runs_1 = { + RNG_WEAK, .len = 2500, + .test = (void*)test_runs, + .user = &runs_all +}; + +rng_test_vector_t rng_runs_2 = { + RNG_STRONG, .len = 2500, + .test = (void*)test_runs, + .user = &runs_all +}; + +rng_test_vector_t rng_runs_3 = { + RNG_TRUE, .len = 2500, + .test = (void*)test_runs, + .user = &runs_all +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/serpent_cbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/serpent_cbc.c new file mode 100644 index 000000000..256a59603 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/serpent_cbc.c @@ -0,0 +1,91 @@ +/* + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * All testvectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/ + */ + +/** + * Serpent 128 bit: set 8, vector #0 + */ +crypter_test_vector_t serpent_cbc1 = { + .alg = ENCR_SERPENT_CBC, .key_size = 16, .len = 16, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x33\xB3\xDC\x87\xED\xDD\x9B\x0F\x6A\x1F\x40\x7D\x14\x91\x93\x65", + .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" +}; + +/** + * Serpent 128 bit: set 8, vector #1 + */ +crypter_test_vector_t serpent_cbc2 = { + .alg = ENCR_SERPENT_CBC, .key_size = 16, .len = 16, + .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00\x95\x2C\x49\x10\x48\x81\xFF\x48", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\xBE\xB6\xC0\x69\x39\x38\x22\xD3\xBE\x73\xFF\x30\x52\x5E\xC4\x3E", + .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84\xEA\x02\x47\x14\xAD\x5C\x4D\x84" +}; + +/** + * Serpent 192 bit: set 8, vector #0 + */ +crypter_test_vector_t serpent_cbc3 = { + .alg = ENCR_SERPENT_CBC, .key_size = 24, .len = 16, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" + "\x10\x11\x12\x13\x14\x15\x16\x17", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x45\x28\xCA\xCC\xB9\x54\xD4\x50\x65\x5E\x8C\xFD\x71\xCB\xFA\xC7", + .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" +}; + +/** + * Serpent 192 bit: set 8, vector #1 + */ +crypter_test_vector_t serpent_cbc4 = { + .alg = ENCR_SERPENT_CBC, .key_size = 24, .len = 16, + .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00\x95\x2C\x49\x10\x48\x81\xFF\x48" + "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\xE0\x20\x8B\xE2\x78\xE2\x14\x20\xC4\xB1\xB9\x74\x77\x88\xA9\x54", + .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84\xEA\x02\x47\x14\xAD\x5C\x4D\x84" +}; + +/** + * Serpent 256 bit: set 8, vector #0 + */ +crypter_test_vector_t serpent_cbc5 = { + .alg = ENCR_SERPENT_CBC, .key_size = 32, .len = 16, + .key = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F" + "\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x3D\xA4\x6F\xFA\x6F\x4D\x6F\x30\xCD\x25\x83\x33\xE5\xA6\x13\x69", + .cipher = "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" +}; + +/** + * Serpent 256 bit: set 8, vector #1 + */ +crypter_test_vector_t serpent_cbc6 = { + .alg = ENCR_SERPENT_CBC, .key_size = 32, .len = 16, + .key = "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00\x95\x2C\x49\x10\x48\x81\xFF\x48" + "\x2B\xD6\x45\x9F\x82\xC5\xB3\x00\x95\x2C\x49\x10\x48\x81\xFF\x48", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x67\x7C\x8D\xFA\xA0\x80\x71\x74\x3F\xD2\xB4\x15\xD1\xB2\x8A\xF2", + .cipher = "\xEA\x02\x47\x14\xAD\x5C\x4D\x84\xEA\x02\x47\x14\xAD\x5C\x4D\x84" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/sha1.c b/src/libstrongswan/plugins/test_vectors/test_vectors/sha1.c new file mode 100644 index 000000000..51f22716e --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/sha1.c @@ -0,0 +1,51 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * SHA-1 test vectors from "The Secure Hash Algorithm Validation System (SHAVS)" + */ +hasher_test_vector_t sha1_1 = { + .alg = HASH_SHA1, .len = 1, + .data = "\x5e", + .hash = "\x5e\x6f\x80\xa3\x4a\x97\x98\xca\xfc\x6a\x5d\xb9\x6c\xc5\x7b\xa4" + "\xc4\xdb\x59\xc2" +}; + +hasher_test_vector_t sha1_2 = { + .alg = HASH_SHA1, .len = 16, + .data = "\x9a\x7d\xfd\xf1\xec\xea\xd0\x6e\xd6\x46\xaa\x55\xfe\x75\x71\x46", + .hash = "\x82\xab\xff\x66\x05\xdb\xe1\xc1\x7d\xef\x12\xa3\x94\xfa\x22\xa8" + "\x2b\x54\x4a\x35" +}; + +hasher_test_vector_t sha1_3 = { + .alg = HASH_SHA1, .len = 163, + .data = "\xf7\x8f\x92\x14\x1b\xcd\x17\x0a\xe8\x9b\x4f\xba\x15\xa1\xd5\x9f" + "\x3f\xd8\x4d\x22\x3c\x92\x51\xbd\xac\xbb\xae\x61\xd0\x5e\xd1\x15" + "\xa0\x6a\x7c\xe1\x17\xb7\xbe\xea\xd2\x44\x21\xde\xd9\xc3\x25\x92" + "\xbd\x57\xed\xea\xe3\x9c\x39\xfa\x1f\xe8\x94\x6a\x84\xd0\xcf\x1f" + "\x7b\xee\xad\x17\x13\xe2\xe0\x95\x98\x97\x34\x7f\x67\xc8\x0b\x04" + "\x00\xc2\x09\x81\x5d\x6b\x10\xa6\x83\x83\x6f\xd5\x56\x2a\x56\xca" + "\xb1\xa2\x8e\x81\xb6\x57\x66\x54\x63\x1c\xf1\x65\x66\xb8\x6e\x3b" + "\x33\xa1\x08\xb0\x53\x07\xc0\x0a\xff\x14\xa7\x68\xed\x73\x50\x60" + "\x6a\x0f\x85\xe6\xa9\x1d\x39\x6f\x5b\x5c\xbe\x57\x7f\x9b\x38\x80" + "\x7c\x7d\x52\x3d\x6d\x79\x2f\x6e\xbc\x24\xa4\xec\xf2\xb3\xa4\x27" + "\xcd\xbb\xfb", + .hash = "\xcb\x00\x82\xc8\xf1\x97\xd2\x60\x99\x1b\xa6\xa4\x60\xe7\x6e\x20" + "\x2b\xad\x27\xb3" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/sha1_hmac.c b/src/libstrongswan/plugins/test_vectors/test_vectors/sha1_hmac.c new file mode 100644 index 000000000..8d6f66373 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/sha1_hmac.c @@ -0,0 +1,146 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * SHA1 hmac test vectors from RFC2202 + */ +signer_test_vector_t sha1_hmac_s1 = { + .alg = AUTH_HMAC_SHA1_96, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b", + .data = "Hi There", + .mac = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6" +}; + +signer_test_vector_t sha1_hmac_s2 = { + .alg = AUTH_HMAC_SHA1_128, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b", + .data = "Hi There", + .mac = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e" +}; + +signer_test_vector_t sha1_hmac_s3 = { + .alg = AUTH_HMAC_SHA1_160, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b", + .data = "Hi There", + .mac = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e" + "\xf1\x46\xbe\x00" +}; + +prf_test_vector_t sha1_hmac_p1 = { + .alg = PRF_HMAC_SHA1, .key_size = 20, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b", + .seed = "Hi There", + .out = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c\x8e" + "\xf1\x46\xbe\x00" +}; + +prf_test_vector_t sha1_hmac_p2 = { + .alg = PRF_HMAC_SHA1, .key_size = 4, .len = 28, + .key = "Jefe", + .seed = "what do ya want for nothing?", + .out = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf\x9c" + "\x25\x9a\x7c\x79" +}; + +signer_test_vector_t sha1_hmac_s4 = { + .alg = AUTH_HMAC_SHA1_96, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa", + .data = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .mac = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4" + "\x63\xf1\x75\xd3" +}; + +signer_test_vector_t sha1_hmac_s5 = { + .alg = AUTH_HMAC_SHA1_128, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa", + .data = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .mac = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f" +}; + +signer_test_vector_t sha1_hmac_s6 = { + .alg = AUTH_HMAC_SHA1_160, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa", + .data = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .mac = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f" + "\x63\xf1\x75\xd3" +}; + +prf_test_vector_t sha1_hmac_p3 = { + .alg = PRF_HMAC_SHA1, .key_size = 20, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa", + .seed = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .out = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b\x4f" + "\x63\xf1\x75\xd3" +}; + +prf_test_vector_t sha1_hmac_p4 = { + .alg = PRF_HMAC_SHA1, .key_size = 25, .len = 50, + .key = "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" + "\x11\x12\x13\x14\x15\x16\x17\x18\x19", + .seed = "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd", + .out = "\x4c\x90\x07\xf4\x02\x62\x50\xc6\xbc\x84\x14\xf9\xbf\x50\xc8\x6c" + "\x2d\x72\x35\xda" +}; + +prf_test_vector_t sha1_hmac_p5 = { + .alg = PRF_HMAC_SHA1, .key_size = 80, .len = 54, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + .seed = "Test Using Larger Than Block-Size Key - Hash Key First", + .out = "\xaa\x4a\xe5\xe1\x52\x72\xd0\x0e\x95\x70\x56\x37\xce\x8a\x3b\x55" + "\xed\x40\x21\x12" +}; + +prf_test_vector_t sha1_hmac_p6 = { + .alg = PRF_HMAC_SHA1, .key_size = 80, .len = 73, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + .seed = "Test Using Larger Than Block-Size Key and Larger " + "Than One Block-Size Data", + .out = "\xe8\xe9\x9d\x0f\x45\x23\x7d\x78\x6d\x6b\xba\xa7\x96\x5c\x78\x08" + "\xbb\xff\x1a\x91" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c b/src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c new file mode 100644 index 000000000..e2bd42240 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/sha2.c @@ -0,0 +1,136 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * SHA-256 vectors from "The Secure Hash Algorithm Validation System (SHAVS)" + */ +hasher_test_vector_t sha256_1 = { + .alg = HASH_SHA256, .len = 1, + .data = "\x19", + .hash = "\x68\xaa\x2e\x2e\xe5\xdf\xf9\x6e\x33\x55\xe6\xc7\xee\x37\x3e\x3d" + "\x6a\x4e\x17\xf7\x5f\x95\x18\xd8\x43\x70\x9c\x0c\x9b\xc3\xe3\xd4" +}; + +hasher_test_vector_t sha256_2 = { + .alg = HASH_SHA256, .len = 16, + .data = "\xe3\xd7\x25\x70\xdc\xdd\x78\x7c\xe3\x88\x7a\xb2\xcd\x68\x46\x52", + .hash = "\x17\x5e\xe6\x9b\x02\xba\x9b\x58\xe2\xb0\xa5\xfd\x13\x81\x9c\xea" + "\x57\x3f\x39\x40\xa9\x4f\x82\x51\x28\xcf\x42\x09\xbe\xab\xb4\xe8" +}; + +hasher_test_vector_t sha256_3 = { + .alg = HASH_SHA256, .len = 163, + .data = "\x83\x26\x75\x4e\x22\x77\x37\x2f\x4f\xc1\x2b\x20\x52\x7a\xfe\xf0" + "\x4d\x8a\x05\x69\x71\xb1\x1a\xd5\x71\x23\xa7\xc1\x37\x76\x00\x00" + "\xd7\xbe\xf6\xf3\xc1\xf7\xa9\x08\x3a\xa3\x9d\x81\x0d\xb3\x10\x77" + "\x7d\xab\x8b\x1e\x7f\x02\xb8\x4a\x26\xc7\x73\x32\x5f\x8b\x23\x74" + "\xde\x7a\x4b\x5a\x58\xcb\x5c\x5c\xf3\x5b\xce\xe6\xfb\x94\x6e\x5b" + "\xd6\x94\xfa\x59\x3a\x8b\xeb\x3f\x9d\x65\x92\xec\xed\xaa\x66\xca" + "\x82\xa2\x9d\x0c\x51\xbc\xf9\x33\x62\x30\xe5\xd7\x84\xe4\xc0\xa4" + "\x3f\x8d\x79\xa3\x0a\x16\x5c\xba\xbe\x45\x2b\x77\x4b\x9c\x71\x09" + "\xa9\x7d\x13\x8f\x12\x92\x28\x96\x6f\x6c\x0a\xdc\x10\x6a\xad\x5a" + "\x9f\xdd\x30\x82\x57\x69\xb2\xc6\x71\xaf\x67\x59\xdf\x28\xeb\x39" + "\x3d\x54\xd6", + .hash = "\x97\xdb\xca\x7d\xf4\x6d\x62\xc8\xa4\x22\xc9\x41\xdd\x7e\x83\x5b" + "\x8a\xd3\x36\x17\x63\xf7\xe9\xb2\xd9\x5f\x4f\x0d\xa6\xe1\xcc\xbc" +}; + +/** + * SHA-384 vectors from "The Secure Hash Algorithm Validation System (SHAVS)" + */ +hasher_test_vector_t sha384_1 = { + .alg = HASH_SHA384, .len = 1, + .data = "\xb9", + .hash = "\xbc\x80\x89\xa1\x90\x07\xc0\xb1\x41\x95\xf4\xec\xc7\x40\x94\xfe" + "\xc6\x4f\x01\xf9\x09\x29\x28\x2c\x2f\xb3\x92\x88\x15\x78\x20\x8a" + "\xd4\x66\x82\x8b\x1c\x6c\x28\x3d\x27\x22\xcf\x0a\xd1\xab\x69\x38" +}; + +hasher_test_vector_t sha384_2 = { + .alg = HASH_SHA384, .len = 16, + .data = "\xa4\x1c\x49\x77\x79\xc0\x37\x5f\xf1\x0a\x7f\x4e\x08\x59\x17\x39", + .hash = "\xc9\xa6\x84\x43\xa0\x05\x81\x22\x56\xb8\xec\x76\xb0\x05\x16\xf0" + "\xdb\xb7\x4f\xab\x26\xd6\x65\x91\x3f\x19\x4b\x6f\xfb\x0e\x91\xea" + "\x99\x67\x56\x6b\x58\x10\x9c\xbc\x67\x5c\xc2\x08\xe4\xc8\x23\xf7" +}; + +hasher_test_vector_t sha384_3 = { + .alg = HASH_SHA384, .len = 227, + .data = "\x39\x96\x69\xe2\x8f\x6b\x9c\x6d\xbc\xbb\x69\x12\xec\x10\xff\xcf" + "\x74\x79\x03\x49\xb7\xdc\x8f\xbe\x4a\x8e\x7b\x3b\x56\x21\xdb\x0f" + "\x3e\x7d\xc8\x7f\x82\x32\x64\xbb\xe4\x0d\x18\x11\xc9\xea\x20\x61" + "\xe1\xc8\x4a\xd1\x0a\x23\xfa\xc1\x72\x7e\x72\x02\xfc\x3f\x50\x42" + "\xe6\xbf\x58\xcb\xa8\xa2\x74\x6e\x1f\x64\xf9\xb9\xea\x35\x2c\x71" + "\x15\x07\x05\x3c\xf4\xe5\x33\x9d\x52\x86\x5f\x25\xcc\x22\xb5\xe8" + "\x77\x84\xa1\x2f\xc9\x61\xd6\x6c\xb6\xe8\x95\x73\x19\x9a\x2c\xe6" + "\x56\x5c\xbd\xf1\x3d\xca\x40\x38\x32\xcf\xcb\x0e\x8b\x72\x11\xe8" + "\x3a\xf3\x2a\x11\xac\x17\x92\x9f\xf1\xc0\x73\xa5\x1c\xc0\x27\xaa" + "\xed\xef\xf8\x5a\xad\x7c\x2b\x7c\x5a\x80\x3e\x24\x04\xd9\x6d\x2a" + "\x77\x35\x7b\xda\x1a\x6d\xae\xed\x17\x15\x1c\xb9\xbc\x51\x25\xa4" + "\x22\xe9\x41\xde\x0c\xa0\xfc\x50\x11\xc2\x3e\xcf\xfe\xfd\xd0\x96" + "\x76\x71\x1c\xf3\xdb\x0a\x34\x40\x72\x0e\x16\x15\xc1\xf2\x2f\xbc" + "\x3c\x72\x1d\xe5\x21\xe1\xb9\x9b\xa1\xbd\x55\x77\x40\x86\x42\x14" + "\x7e\xd0\x96", + .hash = "\x4f\x44\x0d\xb1\xe6\xed\xd2\x89\x9f\xa3\x35\xf0\x95\x15\xaa\x02" + "\x5e\xe1\x77\xa7\x9f\x4b\x4a\xaf\x38\xe4\x2b\x5c\x4d\xe6\x60\xf5" + "\xde\x8f\xb2\xa5\xb2\xfb\xd2\xa3\xcb\xff\xd2\x0c\xff\x12\x88\xc0" +}; + +/** + * SHA-512 vectors from "The Secure Hash Algorithm Validation System (SHAVS)" + */ +hasher_test_vector_t sha512_1 = { + .alg = HASH_SHA512, .len = 1, + .data = "\xd0", + .hash = "\x99\x92\x20\x29\x38\xe8\x82\xe7\x3e\x20\xf6\xb6\x9e\x68\xa0\xa7" + "\x14\x90\x90\x42\x3d\x93\xc8\x1b\xab\x3f\x21\x67\x8d\x4a\xce\xee" + "\xe5\x0e\x4e\x8c\xaf\xad\xa4\xc8\x5a\x54\xea\x83\x06\x82\x6c\x4a" + "\xd6\xe7\x4c\xec\xe9\x63\x1b\xfa\x8a\x54\x9b\x4a\xb3\xfb\xba\x15" +}; + +hasher_test_vector_t sha512_2 = { + .alg = HASH_SHA512, .len = 16, + .data = "\x8d\x4e\x3c\x0e\x38\x89\x19\x14\x91\x81\x6e\x9d\x98\xbf\xf0\xa0", + .hash = "\xcb\x0b\x67\xa4\xb8\x71\x2c\xd7\x3c\x9a\xab\xc0\xb1\x99\xe9\x26" + "\x9b\x20\x84\x4a\xfb\x75\xac\xbd\xd1\xc1\x53\xc9\x82\x89\x24\xc3" + "\xdd\xed\xaa\xfe\x66\x9c\x5f\xdd\x0b\xc6\x6f\x63\x0f\x67\x73\x98" + "\x82\x13\xeb\x1b\x16\xf5\x17\xad\x0d\xe4\xb2\xf0\xc9\x5c\x90\xf8" +}; + +hasher_test_vector_t sha512_3 = { + .alg = HASH_SHA512, .len = 227, + .data = "\xa5\x5f\x20\xc4\x11\xaa\xd1\x32\x80\x7a\x50\x2d\x65\x82\x4e\x31" + "\xa2\x30\x54\x32\xaa\x3d\x06\xd3\xe2\x82\xa8\xd8\x4e\x0d\xe1\xde" + "\x69\x74\xbf\x49\x54\x69\xfc\x7f\x33\x8f\x80\x54\xd5\x8c\x26\xc4" + "\x93\x60\xc3\xe8\x7a\xf5\x65\x23\xac\xf6\xd8\x9d\x03\xe5\x6f\xf2" + "\xf8\x68\x00\x2b\xc3\xe4\x31\xed\xc4\x4d\xf2\xf0\x22\x3d\x4b\xb3" + "\xb2\x43\x58\x6e\x1a\x7d\x92\x49\x36\x69\x4f\xcb\xba\xf8\x8d\x95" + "\x19\xe4\xeb\x50\xa6\x44\xf8\xe4\xf9\x5e\xb0\xea\x95\xbc\x44\x65" + "\xc8\x82\x1a\xac\xd2\xfe\x15\xab\x49\x81\x16\x4b\xbb\x6d\xc3\x2f" + "\x96\x90\x87\xa1\x45\xb0\xd9\xcc\x9c\x67\xc2\x2b\x76\x32\x99\x41" + "\x9c\xc4\x12\x8b\xe9\xa0\x77\xb3\xac\xe6\x34\x06\x4e\x6d\x99\x28" + "\x35\x13\xdc\x06\xe7\x51\x5d\x0d\x73\x13\x2e\x9a\x0d\xc6\xd3\xb1" + "\xf8\xb2\x46\xf1\xa9\x8a\x3f\xc7\x29\x41\xb1\xe3\xbb\x20\x98\xe8" + "\xbf\x16\xf2\x68\xd6\x4f\x0b\x0f\x47\x07\xfe\x1e\xa1\xa1\x79\x1b" + "\xa2\xf3\xc0\xc7\x58\xe5\xf5\x51\x86\x3a\x96\xc9\x49\xad\x47\xd7" + "\xfb\x40\xd2", + .hash = "\xc6\x65\xbe\xfb\x36\xda\x18\x9d\x78\x82\x2d\x10\x52\x8c\xbf\x3b" + "\x12\xb3\xee\xf7\x26\x03\x99\x09\xc1\xa1\x6a\x27\x0d\x48\x71\x93" + "\x77\x96\x6b\x95\x7a\x87\x8e\x72\x05\x84\x77\x9a\x62\x82\x5c\x18" + "\xda\x26\x41\x5e\x49\xa7\x17\x6a\x89\x4e\x75\x10\xfd\x14\x51\xf5" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/sha2_hmac.c b/src/libstrongswan/plugins/test_vectors/test_vectors/sha2_hmac.c new file mode 100644 index 000000000..536eba8f6 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/sha2_hmac.c @@ -0,0 +1,353 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * SHA-256, SHA384, SHA512 hmac test vectors from RFC 4868 + */ +prf_test_vector_t sha256_hmac_p1 = { + .alg = PRF_HMAC_SHA2_256, .key_size = 20, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b", + .seed = "Hi There", + .out = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b" + "\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7" +}; + +signer_test_vector_t sha256_hmac_s1 = { + .alg = AUTH_HMAC_SHA2_256_128, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", + .data = "Hi There", + .mac = "\x19\x8a\x60\x7e\xb4\x4b\xfb\xc6\x99\x03\xa0\xf1\xcf\x2b\xbd\xc5" +}; + +prf_test_vector_t sha384_hmac_p1 = { + .alg = PRF_HMAC_SHA2_384, .key_size = 20, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b", + .seed = "Hi There", + .out = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90\x7f" + "\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb\xc5\x9c" + "\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2\xfa\x9c\xb6" +}; + +signer_test_vector_t sha384_hmac_s1 = { + .alg = AUTH_HMAC_SHA2_384_192, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", + .data = "Hi There", + .mac = "\xb6\xa8\xd5\x63\x6f\x5c\x6a\x72\x24\xf9\x97\x7d\xcf\x7e\xe6\xc7" + "\xfb\x6d\x0c\x48\xcb\xde\xe9\x73" +}; + +prf_test_vector_t sha512_hmac_p1 = { + .alg = PRF_HMAC_SHA2_512, .key_size = 20, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b", + .seed = "Hi There", + .out = "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c\xb0" + "\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1\x7c\xde" + "\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae\xa3\xf4\xe4" + "\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20\x3a\x12\x68\x54" +}; + +signer_test_vector_t sha512_hmac_s1 = { + .alg = AUTH_HMAC_SHA2_512_256, .len = 8, + .key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", + .data = "Hi There", + .mac = "\x63\x7e\xdc\x6e\x01\xdc\xe7\xe6\x74\x2a\x99\x45\x1a\xae\x82\xdf" + "\x23\xda\x3e\x92\x43\x9e\x59\x0e\x43\xe7\x61\xb3\x3e\x91\x0f\xb8" +}; + +prf_test_vector_t sha256_hmac_p2 = { + .alg = PRF_HMAC_SHA2_256, .key_size = 4, .len = 28, + .key = "Jefe", + .seed = "what do ya want for nothing?", + .out = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75\xc7" + "\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec\x38\x43" +}; + +signer_test_vector_t sha256_hmac_s2 = { + .alg = AUTH_HMAC_SHA2_256_128, .len = 28, + .key = "JefeJefeJefeJefeJefeJefeJefeJefe", + .data = "what do ya want for nothing?", + .mac = "\x16\x7f\x92\x85\x88\xc5\xcc\x2e\xef\x8e\x30\x93\xca\xa0\xe8\x7c" +}; + +prf_test_vector_t sha384_hmac_p2 = { + .alg = PRF_HMAC_SHA2_384, .key_size = 4, .len = 28, + .key = "Jefe", + .seed = "what do ya want for nothing?", + .out = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b\x1b" + "\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22\x44\x5e" + "\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa\xb2\x16\x49" +}; + +signer_test_vector_t sha384_hmac_s2 = { + .alg = AUTH_HMAC_SHA2_384_192, .len = 28, + .key = "JefeJefeJefeJefeJefeJefeJefeJefeJefeJefeJefeJefe", + .data = "what do ya want for nothing?", + .mac = "\x2c\x73\x53\x97\x4f\x18\x42\xfd\x66\xd5\x3c\x45\x2c\xa4\x21\x22" + "\xb2\x8c\x0b\x59\x4c\xfb\x18\x4d" +}; + +prf_test_vector_t sha512_hmac_p2 = { + .alg = PRF_HMAC_SHA2_512, .key_size = 4, .len = 28, + .key = "Jefe", + .seed = "what do ya want for nothing?", + .out = "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0\xa3" + "\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25\x05\x54" + "\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8\xf0\xe6\xfd" + "\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a\x38\xbc\xe7\x37" +}; + +signer_test_vector_t sha512_hmac_s2 = { + .alg = AUTH_HMAC_SHA2_512_256, .len = 28, + .key = "JefeJefeJefeJefeJefeJefeJefeJefeJefeJefeJefeJefeJefeJefeJefeJefe", + .data = "what do ya want for nothing?", + .mac = "\xcb\x37\x09\x17\xae\x8a\x7c\xe2\x8c\xfd\x1d\x8f\x47\x05\xd6\x14" + "\x1c\x17\x3b\x2a\x93\x62\xc1\x5d\xf2\x35\xdf\xb2\x51\xb1\x54\x54" +}; + +prf_test_vector_t sha256_hmac_p3 = { + .alg = PRF_HMAC_SHA2_256, .key_size = 20, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa", + .seed = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .out = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81\xa7" + "\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5\x65\xfe" +}; + +signer_test_vector_t sha256_hmac_s3 = { + .alg = AUTH_HMAC_SHA2_256_128, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + .data = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .mac = "\xcd\xcb\x12\x20\xd1\xec\xcc\xea\x91\xe5\x3a\xba\x30\x92\xf9\x62" +}; + +prf_test_vector_t sha384_hmac_p3 = { + .alg = PRF_HMAC_SHA2_384, .key_size = 20, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa", + .seed = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .out = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8\x6f" + "\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66\x14\x4b" + "\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01\xa3\x4f\x27" +}; + +signer_test_vector_t sha384_hmac_s3 = { + .alg = AUTH_HMAC_SHA2_384_192, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + .data = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .mac = "\x80\x9f\x43\x9b\xe0\x02\x74\x32\x1d\x4a\x53\x86\x52\x16\x4b\x53" + "\x55\x4a\x50\x81\x84\xa0\xc3\x16" +}; + +prf_test_vector_t sha512_hmac_p3 = { + .alg = PRF_HMAC_SHA2_512, .key_size = 20, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa", + .seed = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .out = "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b\xe9" + "\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27\x9d\x39" + "\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e\x67\xc8\x07" + "\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59\xe1\x32\x92\xfb" +}; + +signer_test_vector_t sha512_hmac_s3 = { + .alg = AUTH_HMAC_SHA2_512_256, .len = 50, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa", + .data = "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd\xdd" + "\xdd\xdd", + .mac = "\x2e\xe7\xac\xd7\x83\x62\x4c\xa9\x39\x87\x10\xf3\xee\x05\xae\x41" + "\xb9\xf9\xb0\x51\x0c\x87\xe4\x9e\x58\x6c\xc9\xbf\x96\x17\x33\xd8" +}; + +prf_test_vector_t sha256_hmac_p4 = { + .alg = PRF_HMAC_SHA2_256, .key_size = 25, .len = 50, + .key = "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" + "\x11\x12\x13\x14\x15\x16\x17\x18\x19", + .seed = "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd", + .out = "\x82\x55\x8a\x38\x9a\x44\x3c\x0e\xa4\xcc\x81\x98\x99\xf2\x08\x3a" + "\x85\xf0\xfa\xa3\xe5\x78\xf8\x07\x7a\x2e\x3f\xf4\x67\x29\x66\x5b" +}; + +prf_test_vector_t sha384_hmac_p4 = { + .alg = PRF_HMAC_SHA2_384, .key_size = 25, .len = 50, + .key = "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" + "\x11\x12\x13\x14\x15\x16\x17\x18\x19", + .seed = "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd", + .out = "\x3e\x8a\x69\xb7\x78\x3c\x25\x85\x19\x33\xab\x62\x90\xaf\x6c\xa7" + "\x7a\x99\x81\x48\x08\x50\x00\x9c\xc5\x57\x7c\x6e\x1f\x57\x3b\x4e" + "\x68\x01\xdd\x23\xc4\xa7\xd6\x79\xcc\xf8\xa3\x86\xc6\x74\xcf\xfb" +}; + +prf_test_vector_t sha512_hmac_p4 = { + .alg = PRF_HMAC_SHA2_512, .key_size = 25, .len = 50, + .key = "\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10" + "\x11\x12\x13\x14\x15\x16\x17\x18\x19", + .seed = "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd\xcd" + "\xcd\xcd", + .out = "\xb0\xba\x46\x56\x37\x45\x8c\x69\x90\xe5\xa8\xc5\xf6\x1d\x4a\xf7" + "\xe5\x76\xd9\x7f\xf9\x4b\x87\x2d\xe7\x6f\x80\x50\x36\x1e\xe3\xdb" + "\xa9\x1c\xa5\xc1\x1a\xa2\x5e\xb4\xd6\x79\x27\x5c\xc5\x78\x80\x63" + "\xa5\xf1\x97\x41\x12\x0c\x4f\x2d\xe2\xad\xeb\xeb\x10\xa2\x98\xdd" +}; + +prf_test_vector_t sha256_hmac_p5 = { + .alg = PRF_HMAC_SHA2_256, .key_size = 131, .len = 54, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa", + .seed = "Test Using Larger Than Block-Size Key - Hash Key First", + .out = "\x60\xe4\x31\x59\x1e\xe0\xb6\x7f\x0d\x8a\x26\xaa\xcb\xf5\xb7\x7f" + "\x8e\x0b\xc6\x21\x37\x28\xc5\x14\x05\x46\x04\x0f\x0e\xe3\x7f\x54" +}; + +prf_test_vector_t sha384_hmac_p5 = { + .alg = PRF_HMAC_SHA2_384, .key_size = 131, .len = 54, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa", + .seed = "Test Using Larger Than Block-Size Key - Hash Key First", + .out = "\x4e\xce\x08\x44\x85\x81\x3e\x90\x88\xd2\xc6\x3a\x04\x1b\xc5\xb4" + "\x4f\x9e\xf1\x01\x2a\x2b\x58\x8f\x3c\xd1\x1f\x05\x03\x3a\xc4\xc6" + "\x0c\x2e\xf6\xab\x40\x30\xfe\x82\x96\x24\x8d\xf1\x63\xf4\x49\x52" +}; + +prf_test_vector_t sha512_hmac_p5 = { + .alg = PRF_HMAC_SHA2_512, .key_size = 131, .len = 54, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa", + .seed = "Test Using Larger Than Block-Size Key - Hash Key First", + .out = "\x80\xb2\x42\x63\xc7\xc1\xa3\xeb\xb7\x14\x93\xc1\xdd\x7b\xe8\xb4" + "\x9b\x46\xd1\xf4\x1b\x4a\xee\xc1\x12\x1b\x01\x37\x83\xf8\xf3\x52" + "\x6b\x56\xd0\x37\xe0\x5f\x25\x98\xbd\x0f\xd2\x21\x5d\x6a\x1e\x52" + "\x95\xe6\x4f\x73\xf6\x3f\x0a\xec\x8b\x91\x5a\x98\x5d\x78\x65\x98" +}; + +prf_test_vector_t sha256_hmac_p6 = { + .alg = PRF_HMAC_SHA2_256, .key_size = 131, .len = 152, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa", + .seed = "This is a test using a larger than block-size key and a larger " + "than block-size data. The key needs to be hashed before being " + "used by the HMAC algorithm.", + .out = "\x9b\x09\xff\xa7\x1b\x94\x2f\xcb\x27\x63\x5f\xbc\xd5\xb0\xe9\x44" + "\xbf\xdc\x63\x64\x4f\x07\x13\x93\x8a\x7f\x51\x53\x5c\x3a\x35\xe2" +}; + +prf_test_vector_t sha384_hmac_p6 = { + .alg = PRF_HMAC_SHA2_384, .key_size = 131, .len = 152, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa", + .seed = "This is a test using a larger than block-size key and a larger " + "than block-size data. The key needs to be hashed before being " + "used by the HMAC algorithm.", + .out = "\x66\x17\x17\x8e\x94\x1f\x02\x0d\x35\x1e\x2f\x25\x4e\x8f\xd3\x2c" + "\x60\x24\x20\xfe\xb0\xb8\xfb\x9a\xdc\xce\xbb\x82\x46\x1e\x99\xc5" + "\xa6\x78\xcc\x31\xe7\x99\x17\x6d\x38\x60\xe6\x11\x0c\x46\x52\x3e" +}; + +prf_test_vector_t sha512_hmac_p6 = { + .alg = PRF_HMAC_SHA2_512, .key_size = 131, .len = 152, + .key = "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa\xaa" + "\xaa\xaa\xaa", + .seed = "This is a test using a larger than block-size key and a larger " + "than block-size data. The key needs to be hashed before being " + "used by the HMAC algorithm.", + .out = "\xe3\x7b\x6a\x77\x5d\xc8\x7d\xba\xa4\xdf\xa9\xf9\x6e\x5e\x3f\xfd" + "\xde\xbd\x71\xf8\x86\x72\x89\x86\x5d\xf5\xa3\x2d\x20\xcd\xc9\x44" + "\xb6\x02\x2c\xac\x3c\x49\x82\xb1\x0d\x5e\xeb\x55\xc3\xe4\xde\x15" + "\x13\x46\x76\xfb\x6d\xe0\x44\x60\x65\xc9\x74\x40\xfa\x8c\x6a\x58" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors/twofish_cbc.c b/src/libstrongswan/plugins/test_vectors/test_vectors/twofish_cbc.c new file mode 100644 index 000000000..9c3ca20cc --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors/twofish_cbc.c @@ -0,0 +1,56 @@ +/* + * Copyright (C) 2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the Licenseor (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be usefulbut + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include <crypto/crypto_tester.h> + +/** + * All testvectors from http://www.schneier.com/code/ecb_ival.txt + */ + +/** + * Twofish 128 bit: I=49 + */ +crypter_test_vector_t twofish_cbc1 = { + .alg = ENCR_TWOFISH_CBC, .key_size = 16, .len = 16, + .key = "\xBC\xA7\x24\xA5\x45\x33\xC6\x98\x7E\x14\xAA\x82\x79\x52\xF9\x21", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x6B\x45\x92\x86\xF3\xFF\xD2\x8D\x49\xF1\x5B\x15\x81\xB0\x8E\x42", + .cipher = "\x5D\x9D\x4E\xEF\xFA\x91\x51\x57\x55\x24\xF1\x15\x81\x5A\x12\xE0" +}; + +/** + * Twofish 192 bit: I=49 + */ +crypter_test_vector_t twofish_cbc2 = { + .alg = ENCR_TWOFISH_CBC, .key_size = 24, .len = 16, + .key = "\xFB\x66\x52\x2C\x33\x2F\xCC\x4C\x04\x2A\xBE\x32\xFA\x9E\x90\x2F" + "\xDE\xA4\xF3\xDA\x75\xEC\x7A\x8E", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\xF0\xAB\x73\x30\x11\x25\xFA\x21\xEF\x70\xBE\x53\x85\xFB\x76\xB6", + .cipher = "\xE7\x54\x49\x21\x2B\xEE\xF9\xF4\xA3\x90\xBD\x86\x0A\x64\x09\x41" +}; + +/** + * Twofish 256 bit: I=49 + */ +crypter_test_vector_t twofish_cbc3 = { + .alg = ENCR_TWOFISH_CBC, .key_size = 32, .len = 16, + .key = "\x24\x8A\x7F\x35\x28\xB1\x68\xAC\xFD\xD1\x38\x6E\x3F\x51\xE3\x0C" + "\x2E\x21\x58\xBC\x3E\x5F\xC7\x14\xC1\xEE\xEC\xA0\xEA\x69\x6D\x48", + .iv = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + .plain = "\x43\x10\x58\xF4\xDB\xC7\xF7\x34\xDA\x4F\x02\xF0\x4C\xC4\xF4\x59", + .cipher = "\x37\xFE\x26\xFF\x1C\xF6\x61\x75\xF5\xDD\xF4\xC3\x3B\x97\xA2\x05" +}; + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c new file mode 100644 index 000000000..b96dc0c9a --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.c @@ -0,0 +1,142 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "test_vectors_plugin.h" + +#include <crypto/crypto_factory.h> +#include <crypto/crypto_tester.h> + +/* define symbols of all test vectors */ +#define TEST_VECTOR_CRYPTER(x) crypter_test_vector_t x; +#define TEST_VECTOR_SIGNER(x) signer_test_vector_t x; +#define TEST_VECTOR_HASHER(x) hasher_test_vector_t x; +#define TEST_VECTOR_PRF(x) prf_test_vector_t x; +#define TEST_VECTOR_RNG(x) rng_test_vector_t x; + +#include "test_vectors.h" + +#undef TEST_VECTOR_CRYPTER +#undef TEST_VECTOR_SIGNER +#undef TEST_VECTOR_HASHER +#undef TEST_VECTOR_PRF +#undef TEST_VECTOR_RNG + +#define TEST_VECTOR_CRYPTER(x) +#define TEST_VECTOR_SIGNER(x) +#define TEST_VECTOR_HASHER(x) +#define TEST_VECTOR_PRF(x) +#define TEST_VECTOR_RNG(x) + +/* create test vector arrays */ +#undef TEST_VECTOR_CRYPTER +#define TEST_VECTOR_CRYPTER(x) &x, +static crypter_test_vector_t *crypter[] = { +#include "test_vectors.h" +}; +#undef TEST_VECTOR_CRYPTER +#define TEST_VECTOR_CRYPTER(x) + +#undef TEST_VECTOR_SIGNER +#define TEST_VECTOR_SIGNER(x) &x, +static signer_test_vector_t *signer[] = { +#include "test_vectors.h" +}; +#undef TEST_VECTOR_SIGNER +#define TEST_VECTOR_SIGNER(x) + +#undef TEST_VECTOR_HASHER +#define TEST_VECTOR_HASHER(x) &x, +static hasher_test_vector_t *hasher[] = { +#include "test_vectors.h" +}; +#undef TEST_VECTOR_HASHER +#define TEST_VECTOR_HASHER(x) + +#undef TEST_VECTOR_PRF +#define TEST_VECTOR_PRF(x) &x, +static prf_test_vector_t *prf[] = { +#include "test_vectors.h" +}; +#undef TEST_VECTOR_PRF +#define TEST_VECTOR_PRF(x) + +#undef TEST_VECTOR_RNG +#define TEST_VECTOR_RNG(x) &x, +static rng_test_vector_t *rng[] = { +#include "test_vectors.h" +}; +#undef TEST_VECTOR_RNG +#define TEST_VECTOR_RNG(x) + +typedef struct private_test_vectors_plugin_t private_test_vectors_plugin_t; + +/** + * private data of test_vectors_plugin + */ +struct private_test_vectors_plugin_t { + + /** + * public functions + */ + test_vectors_plugin_t public; +}; + +/** + * Implementation of test_vectors_plugin_t.test_vectorstroy + */ +static void destroy(private_test_vectors_plugin_t *this) +{ + free(this); +} + +/* + * see header file + */ +plugin_t *plugin_create() +{ + private_test_vectors_plugin_t *this = malloc_thing(private_test_vectors_plugin_t); + int i; + + this->public.plugin.destroy = (void(*)(plugin_t*))destroy; + + for (i = 0; i < countof(crypter); i++) + { + lib->crypto->add_test_vector(lib->crypto, + ENCRYPTION_ALGORITHM, crypter[i]); + } + for (i = 0; i < countof(signer); i++) + { + lib->crypto->add_test_vector(lib->crypto, + INTEGRITY_ALGORITHM, signer[i]); + } + for (i = 0; i < countof(hasher); i++) + { + lib->crypto->add_test_vector(lib->crypto, + HASH_ALGORITHM, hasher[i]); + } + for (i = 0; i < countof(prf); i++) + { + lib->crypto->add_test_vector(lib->crypto, + PSEUDO_RANDOM_FUNCTION, prf[i]); + } + for (i = 0; i < countof(rng); i++) + { + lib->crypto->add_test_vector(lib->crypto, + RANDOM_NUMBER_GENERATOR, rng[i]); + } + + return &this->public.plugin; +} + diff --git a/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h new file mode 100644 index 000000000..9cb959c88 --- /dev/null +++ b/src/libstrongswan/plugins/test_vectors/test_vectors_plugin.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup test_vectors_p test_vectors + * @ingroup plugins + * + * @defgroup test_vectors_plugin test_vectors_plugin + * @{ @ingroup test_vectors_p + */ + +#ifndef TEST_VECTORS_PLUGIN_H_ +#define TEST_VECTORS_PLUGIN_H_ + +#include <plugins/plugin.h> + +typedef struct test_vectors_plugin_t test_vectors_plugin_t; + +/** + * Plugin providing various crypto test vectors. + */ +struct test_vectors_plugin_t { + + /** + * implements plugin interface + */ + plugin_t plugin; +}; + +/** + * Create a test_vectors_plugin instance. + */ +plugin_t *plugin_create(); + +#endif /** TEST_VECTORS_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/x509/Makefile.in b/src/libstrongswan/plugins/x509/Makefile.in index 028bbd41a..0c62ad3b3 100644 --- a/src/libstrongswan/plugins/x509/Makefile.in +++ b/src/libstrongswan/plugins/x509/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -89,6 +89,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -111,6 +112,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -122,6 +126,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -135,6 +140,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -195,6 +202,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -206,6 +214,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -230,8 +239,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -331,7 +340,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/x509/ietf_attr_list.h b/src/libstrongswan/plugins/x509/ietf_attr_list.h index 983c67d14..5807a899e 100644 --- a/src/libstrongswan/plugins/x509/ietf_attr_list.h +++ b/src/libstrongswan/plugins/x509/ietf_attr_list.h @@ -12,8 +12,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ /** diff --git a/src/libstrongswan/plugins/x509/x509_ac.c b/src/libstrongswan/plugins/x509/x509_ac.c index 2168f9bc7..638f96b44 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.c +++ b/src/libstrongswan/plugins/x509/x509_ac.c @@ -14,8 +14,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "x509_ac.h" @@ -32,6 +30,7 @@ #include <utils/identification.h> #include <utils/linked_list.h> #include <credentials/certificates/x509.h> +#include <credentials/keys/private_key.h> extern identification_t* x509_parse_authorityKeyIdentifier(chunk_t blob, int level0, chunk_t *authKeySerialNumber); @@ -780,31 +779,11 @@ static bool issued_by(private_x509_ac_t *this, certificate_t *issuer) return FALSE; } } - /* TODO: generic OID to scheme mapper? */ - switch (this->algorithm) - { - case OID_MD5_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_MD5; - break; - case OID_SHA1_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA1; - break; - case OID_SHA256_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA256; - break; - case OID_SHA384_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA384; - break; - case OID_SHA512_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA512; - break; - case OID_ECDSA_WITH_SHA1: - scheme = SIGN_ECDSA_WITH_SHA1; - break; - default: - return FALSE; - } - if (key == NULL) + + /* determine signature scheme */ + scheme = signature_scheme_from_oid(this->algorithm); + + if (scheme == SIGN_UNKNOWN || key == NULL) { return FALSE; } diff --git a/src/libstrongswan/plugins/x509/x509_ac.h b/src/libstrongswan/plugins/x509/x509_ac.h index 5df9c5f8a..958d5c57a 100644 --- a/src/libstrongswan/plugins/x509/x509_ac.h +++ b/src/libstrongswan/plugins/x509/x509_ac.h @@ -14,8 +14,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ /** diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c index 4c6b45394..6fe1809c2 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.c +++ b/src/libstrongswan/plugins/x509/x509_cert.c @@ -16,8 +16,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: x509_cert.c 4936 2009-03-12 18:07:32Z tobias $ */ #define _GNU_SOURCE @@ -37,6 +35,7 @@ #include <asn1/asn1_parser.h> #include <asn1/pem.h> #include <crypto/hashers/hasher.h> +#include <credentials/keys/private_key.h> #include <utils/linked_list.h> #include <utils/identification.h> @@ -353,7 +352,7 @@ static identification_t *parse_generalName(chunk_t blob, int level0) if (id_type != ID_ANY) { gn = identification_create_from_encoding(id_type, object); - DBG2(" '%D'", gn); + DBG2(" '%Y'", gn); goto end; } } @@ -510,9 +509,9 @@ static void parse_authorityInfoAccess(chunk_t blob, int level0, /* parsing went wrong - abort */ goto end; } - DBG2(" '%D'", id); + DBG2(" '%Y'", id); if (accessMethod == OID_OCSP && - asprintf(&uri, "%D", id) > 0) + asprintf(&uri, "%Y", id) > 0) { this->ocsp_uris->insert_last(this->ocsp_uris, uri); } @@ -619,7 +618,7 @@ static void parse_crlDistributionPoints(chunk_t blob, int level0, { char *uri; - if (asprintf(&uri, "%D", id) > 0) + if (asprintf(&uri, "%Y", id) > 0) { this->crl_uris->insert_last(this->crl_uris, uri); } @@ -714,7 +713,7 @@ static bool parse_certificate(private_x509_cert_t *this) break; case X509_OBJ_ISSUER: this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object); - DBG2(" '%D'", this->issuer); + DBG2(" '%Y'", this->issuer); break; case X509_OBJ_NOT_BEFORE: this->notBefore = asn1_parse_time(object, level); @@ -724,14 +723,13 @@ static bool parse_certificate(private_x509_cert_t *this) break; case X509_OBJ_SUBJECT: this->subject = identification_create_from_encoding(ID_DER_ASN1_DN, object); - DBG2(" '%D'", this->subject); + DBG2(" '%Y'", this->subject); break; case X509_OBJ_SUBJECT_PUBLIC_KEY_INFO: this->public_key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, BUILD_BLOB_ASN1_DER, object, BUILD_END); if (this->public_key == NULL) { - DBG1("could not create public key"); goto end; } break; @@ -911,32 +909,14 @@ static bool issued_by(private_x509_cert_t *this, certificate_t *issuer) { return FALSE; } - /* TODO: generic OID to scheme mapper? */ - switch (this->algorithm) - { - case OID_MD5_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_MD5; - break; - case OID_SHA1_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA1; - break; - case OID_SHA256_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA256; - break; - case OID_SHA384_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA384; - break; - case OID_SHA512_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA512; - break; - case OID_ECDSA_WITH_SHA1: - scheme = SIGN_ECDSA_WITH_SHA1; - break; - default: - return FALSE; - } + + /* get the public key of the issuer */ key = issuer->get_public_key(issuer); - if (key == NULL) + + /* determine signature scheme */ + scheme = signature_scheme_from_oid(this->algorithm); + + if (scheme == SIGN_UNKNOWN || key == NULL) { return FALSE; } @@ -1124,19 +1104,19 @@ static private_x509_cert_t* create_empty(void) { private_x509_cert_t *this = malloc_thing(private_x509_cert_t); - this->public.interface.interface.get_type = (certificate_type_t (*)(certificate_t *this))get_type; - this->public.interface.interface.get_subject = (identification_t* (*)(certificate_t *this))get_subject; - this->public.interface.interface.get_issuer = (identification_t* (*)(certificate_t *this))get_issuer; - this->public.interface.interface.has_subject = (id_match_t (*)(certificate_t*, identification_t *subject))has_subject; - this->public.interface.interface.has_issuer = (id_match_t (*)(certificate_t*, identification_t *issuer))has_issuer; - this->public.interface.interface.issued_by = (bool (*)(certificate_t *this, certificate_t *issuer))issued_by; - this->public.interface.interface.get_public_key = (public_key_t* (*)(certificate_t *this))get_public_key; - this->public.interface.interface.get_validity = (bool (*)(certificate_t*, time_t *when, time_t *, time_t*))get_validity; - this->public.interface.interface.is_newer = (bool (*)(certificate_t*,certificate_t*))is_newer; - this->public.interface.interface.get_encoding = (chunk_t (*)(certificate_t*))get_encoding; - this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t *other))equals; - this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t *this))get_ref; - this->public.interface.interface.destroy = (void (*)(certificate_t *this))destroy; + this->public.interface.interface.get_type = (certificate_type_t (*) (certificate_t*))get_type; + this->public.interface.interface.get_subject = (identification_t* (*) (certificate_t*))get_subject; + this->public.interface.interface.get_issuer = (identification_t* (*) (certificate_t*))get_issuer; + this->public.interface.interface.has_subject = (id_match_t (*) (certificate_t*, identification_t*))has_subject; + this->public.interface.interface.has_issuer = (id_match_t (*) (certificate_t*, identification_t*))has_issuer; + this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by; + this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key; + this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity; + this->public.interface.interface.is_newer = (bool (*) (certificate_t*,certificate_t*))is_newer; + this->public.interface.interface.get_encoding = (chunk_t (*) (certificate_t*))get_encoding; + this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals; + this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref; + this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy; this->public.interface.get_flags = (x509_flag_t (*)(x509_t*))get_flags; this->public.interface.get_serial = (chunk_t (*)(x509_t*))get_serial; this->public.interface.get_authKeyIdentifier = (identification_t* (*)(x509_t*))get_authKeyIdentifier; @@ -1178,6 +1158,7 @@ static private_x509_cert_t *create_from_chunk(chunk_t chunk) private_x509_cert_t *this = create_empty(); this->encoding = chunk; + this->parsed = TRUE; if (!parse_certificate(this)) { destroy(this); @@ -1191,17 +1172,15 @@ static private_x509_cert_t *create_from_chunk(chunk_t chunk) } hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); - if (hasher != NULL) - { - hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash); - hasher->destroy(hasher); - } - else + if (hasher == NULL) { - DBG1(" unable to create hash of certificate, SHA1 not supported"); + DBG1(" unable to create hash of certificate, SHA1 not supported"); + destroy(this); + return NULL; } + hasher->allocate_hash(hasher, this->encoding, &this->encoding_hash); + hasher->destroy(hasher); - this->parsed = TRUE; return this; } @@ -1316,7 +1295,7 @@ static bool generate(private_builder_t *this) this->cert->tbsCertificate = asn1_wrap(ASN1_SEQUENCE, "mmccmcmm", asn1_simple_object(ASN1_CONTEXT_C_0, ASN1_INTEGER_2), - asn1_simple_object(ASN1_INTEGER, this->cert->serialNumber), + asn1_integer("c", this->cert->serialNumber), asn1_algorithmIdentifier(this->cert->algorithm), issuer->get_encoding(issuer), asn1_wrap(ASN1_SEQUENCE, "mm", @@ -1352,33 +1331,22 @@ static bool generate(private_builder_t *this) static private_x509_cert_t *build(private_builder_t *this) { private_x509_cert_t *cert; - x509_flag_t flags; - if (this->cert && !this->cert->encoding.ptr) + if (this->cert) { - if (!this->sign_key || !this->cert || - !generate(this)) - { - destroy(this->cert); - free(this); - return NULL; + this->cert->flags |= this->flags; + if (!this->cert->encoding.ptr) + { /* generate a new certificate */ + if (!this->sign_key || !generate(this)) + { + destroy(this->cert); + free(this); + return NULL; + } } } cert = this->cert; - flags = this->flags; free(this); - if (cert == NULL) - { - return NULL; - } - - if ((flags & X509_CA) && !(cert->flags & X509_CA)) - { - DBG1(" ca certificate must have ca basic constraint set, discarded"); - destroy(cert); - return NULL; - } - cert->flags |= flags; return cert; } diff --git a/src/libstrongswan/plugins/x509/x509_cert.h b/src/libstrongswan/plugins/x509/x509_cert.h index 8dbd8050a..5ebe1567d 100644 --- a/src/libstrongswan/plugins/x509/x509_cert.h +++ b/src/libstrongswan/plugins/x509/x509_cert.h @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: x509_cert.h 5003 2009-03-24 17:43:01Z martin $ */ /** diff --git a/src/libstrongswan/plugins/x509/x509_crl.c b/src/libstrongswan/plugins/x509/x509_crl.c index fd14dfebd..f502668cb 100644 --- a/src/libstrongswan/plugins/x509/x509_crl.c +++ b/src/libstrongswan/plugins/x509/x509_crl.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: x509_crl.c 4936 2009-03-12 18:07:32Z tobias $ */ #include "x509_crl.h" @@ -226,7 +224,7 @@ static bool parse(private_x509_crl_t *this) break; case CRL_OBJ_ISSUER: this->issuer = identification_create_from_encoding(ID_DER_ASN1_DN, object); - DBG2(" '%D'", this->issuer); + DBG2(" '%Y'", this->issuer); break; case CRL_OBJ_THIS_UPDATE: this->thisUpdate = asn1_parse_time(object, level); @@ -436,31 +434,11 @@ static bool issued_by(private_x509_crl_t *this, certificate_t *issuer) return FALSE; } } - /* TODO: generic OID to scheme mapper? */ - switch (this->algorithm) - { - case OID_MD5_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_MD5; - break; - case OID_SHA1_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA1; - break; - case OID_SHA256_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA256; - break; - case OID_SHA384_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA384; - break; - case OID_SHA512_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA512; - break; - case OID_ECDSA_WITH_SHA1: - scheme = SIGN_ECDSA_WITH_SHA1; - break; - default: - return FALSE; - } - if (key == NULL) + + /* determine signature scheme */ + scheme = signature_scheme_from_oid(this->algorithm); + + if (scheme == SIGN_UNKNOWN || key == NULL) { return FALSE; } diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_request.c b/src/libstrongswan/plugins/x509/x509_ocsp_request.c index 7b97b990d..4020d8d95 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_request.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_request.c @@ -13,8 +13,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: x509_ocsp_request.c 4317 2008-09-02 11:00:13Z martin $ */ #include "x509_ocsp_request.h" @@ -26,6 +24,7 @@ #include <utils/linked_list.h> #include <debug.h> #include <credentials/certificates/x509.h> +#include <credentials/keys/private_key.h> #define NONCE_LEN 16 diff --git a/src/libstrongswan/plugins/x509/x509_ocsp_response.c b/src/libstrongswan/plugins/x509/x509_ocsp_response.c index 6bb59d8e6..1b3187258 100644 --- a/src/libstrongswan/plugins/x509/x509_ocsp_response.c +++ b/src/libstrongswan/plugins/x509/x509_ocsp_response.c @@ -13,8 +13,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: x509_ocsp_response.c 4936 2009-03-12 18:07:32Z tobias $ */ #include "x509_ocsp_response.h" @@ -523,12 +521,12 @@ static bool parse_basicOCSPResponse(private_x509_ocsp_response_t *this, case BASIC_RESPONSE_ID_BY_NAME: this->responderId = identification_create_from_encoding( ID_DER_ASN1_DN, object); - DBG2(" '%D'", this->responderId); + DBG2(" '%Y'", this->responderId); break; case BASIC_RESPONSE_ID_BY_KEY: this->responderId = identification_create_from_encoding( ID_PUBKEY_INFO_SHA1, object); - DBG2(" '%D'", this->responderId); + DBG2(" '%Y'", this->responderId); break; case BASIC_RESPONSE_PRODUCED_AT: this->producedAt = asn1_to_time(&object, ASN1_GENERALIZEDTIME); @@ -726,32 +724,14 @@ static bool issued_by(private_x509_ocsp_response_t *this, certificate_t *issuer) { return FALSE; } - /* TODO: generic OID to scheme mapper? */ - switch (this->signatureAlgorithm) - { - case OID_MD5_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_MD5; - break; - case OID_SHA1_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA1; - break; - case OID_SHA256_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA256; - break; - case OID_SHA384_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA384; - break; - case OID_SHA512_WITH_RSA: - scheme = SIGN_RSA_EMSA_PKCS1_SHA512; - break; - case OID_ECDSA_WITH_SHA1: - scheme = SIGN_ECDSA_WITH_SHA1; - break; - default: - return FALSE; - } + + /* get the public key of the issuer */ key = issuer->get_public_key(issuer); - if (key == NULL) + + /* determine signature scheme */ + scheme = signature_scheme_from_oid(this->signatureAlgorithm); + + if (scheme == SIGN_UNKNOWN || key == NULL) { return FALSE; } diff --git a/src/libstrongswan/plugins/x509/x509_plugin.c b/src/libstrongswan/plugins/x509/x509_plugin.c index 42768487d..9ed7f95bd 100644 --- a/src/libstrongswan/plugins/x509/x509_plugin.c +++ b/src/libstrongswan/plugins/x509/x509_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id: x509_plugin.c 3640 2008-03-21 10:52:11Z andreas $ */ #include "x509_plugin.h" diff --git a/src/libstrongswan/plugins/xcbc/Makefile.in b/src/libstrongswan/plugins/xcbc/Makefile.in index 48c6ef954..82ef55bd5 100644 --- a/src/libstrongswan/plugins/xcbc/Makefile.in +++ b/src/libstrongswan/plugins/xcbc/Makefile.in @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.10.1 from Makefile.am. +# Makefile.in generated by automake 1.10.2 from Makefile.am. # @configure_input@ # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, @@ -88,6 +88,7 @@ CPPFLAGS = @CPPFLAGS@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -110,6 +111,9 @@ LDFLAGS = @LDFLAGS@ LEX = @LEX@ LEXLIB = @LEXLIB@ LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBGCRYPT_CFLAGS = @LIBGCRYPT_CFLAGS@ +LIBGCRYPT_CONFIG = @LIBGCRYPT_CONFIG@ +LIBGCRYPT_LIBS = @LIBGCRYPT_LIBS@ LIBOBJS = @LIBOBJS@ LIBS = @LIBS@ LIBTOOL = @LIBTOOL@ @@ -121,6 +125,7 @@ MAKEINFO = @MAKEINFO@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ OBJEXT = @OBJEXT@ OTOOL = @OTOOL@ OTOOL64 = @OTOOL64@ @@ -134,6 +139,8 @@ PATH_SEPARATOR = @PATH_SEPARATOR@ PERL = @PERL@ PKG_CONFIG = @PKG_CONFIG@ RANLIB = @RANLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ @@ -194,6 +201,7 @@ oldincludedir = @oldincludedir@ pdfdir = @pdfdir@ piddir = @piddir@ plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ prefix = @prefix@ program_transform_name = @program_transform_name@ psdir = @psdir@ @@ -205,6 +213,7 @@ srcdir = @srcdir@ strongswan_conf = @strongswan_conf@ sysconfdir = @sysconfdir@ target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ xml_CFLAGS = @xml_CFLAGS@ @@ -224,8 +233,8 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ exit 1;; \ esac; \ done; \ @@ -322,7 +331,7 @@ ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) unique=`for i in $$list; do \ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ done | \ - $(AWK) '{ files[$$0] = 1; nonemtpy = 1; } \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ END { if (nonempty) { for (i in files) print i; }; }'`; \ mkid -fID $$unique tags: TAGS diff --git a/src/libstrongswan/plugins/xcbc/xcbc.c b/src/libstrongswan/plugins/xcbc/xcbc.c index ab37eca40..dd63af005 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc.c +++ b/src/libstrongswan/plugins/xcbc/xcbc.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General xcbc License * for more details. - * - * $Id: xcbc.c 3589 2008-03-13 14:14:44Z martin $ */ #include <string.h> diff --git a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c index f1501476f..25f59c650 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc_plugin.c +++ b/src/libstrongswan/plugins/xcbc/xcbc_plugin.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "xcbc_plugin.h" diff --git a/src/libstrongswan/plugins/xcbc/xcbc_prf.c b/src/libstrongswan/plugins/xcbc/xcbc_prf.c index 03056594d..a90f2d44f 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc_prf.c +++ b/src/libstrongswan/plugins/xcbc/xcbc_prf.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include "xcbc_prf.h" diff --git a/src/libstrongswan/plugins/xcbc/xcbc_signer.c b/src/libstrongswan/plugins/xcbc/xcbc_signer.c index 29eb2d25b..b394bb251 100644 --- a/src/libstrongswan/plugins/xcbc/xcbc_signer.c +++ b/src/libstrongswan/plugins/xcbc/xcbc_signer.c @@ -11,8 +11,6 @@ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. - * - * $Id$ */ #include <string.h> |